Why git:// instead of git@ for cloning github repositories?

[Zach Moazeni]

I'm cleaning up the Gemfile on a project of ours by converting a lot of git: '...' to github: '...'.

Strangely though, I had an issue with private github gems and using github: '...' syntax. The reason being that github doesn't allow URLs in this format for private repositories: "git clone git://github.com/foo/bar.git". It has to be either https or "git clone g...@github.com:foo/bar.git".

Here is the relevant line of code https://github.com/bundler/bundler/blob/master/lib/bundler/dsl.rb#L232

So before I submit a pull request, I'm wondering. Is there a reason to use "git://" over "git@" syntax?

Thanks,

-Zach

[Tim Moore]

The "g...@github.com" style clones over SSH, which requires you to have a GitHub account with an SSH public key configured. This is less friendly for Bundler users that don't use GitHub themselves, and might cause trouble on servers during deployment.

IMO the best option for Bundler would be to default to HTTPS syntax for the "github" shortcut. That should work on all repos, allow cloning public repos by non-GitHub users, and avoid any issues with proxies and firewalls.

-- Tim

[André Arko]

If HTTPS works like things do now but allows cloning private repos, that would be awesome. But (IIRC) HTTPS can't use SSH keys to authenticate against private repos, so that would cause (say) cap deploy to attempt to prompt for github credentials during the deploy process, which seems… less than optimal.

--
You received this message because you are subscribed to the Google Groups "ruby-bundler" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ruby-bundler...@googlegroups.com.
To post to this group, send email to ruby-b...@googlegroups.com.
Visit this group at http://groups.google.com/group/ruby-bundler?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

[Tim Moore]

That's a good point. Recent versions of git can cache HTTP credentials, but I'm not sure what would happen if it didn't have cached credentials. I don't think it would be worse than the current situation: it would probably just fail.

In any case, the best advice is probably that if you have a private repo, it's a good idea to specify the protocol explicitly by using the 'git' key instead of 'github' in your Gemfile.

-- Tim

--
You received this message because you are subscribed to a topic in the Google Groups "ruby-bundler" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ruby-bundler/plUFBY6CkjA/unsubscribe?hl=en.
To unsubscribe from this group and all its topics, send an email to ruby-bundler...@googlegroups.com.