When using SSH URI's for git Hydro continuously tries to authenticate against remote

On my Mac I use a tool called Secretive for managing my SSH keys. It notifies me when an application attempts to use the SSH keys it stores and I can choose to either permit the application to use the key or not. When using Hydro in a repository where I have the remote set to an SSH source, Hydro continuously attempts to authenticate against the remote repository and so I continuously get notifications that something is attempting to use my SSH keys whenever I cd into a local repository where the remote is an SSH source. It's super annoying. But also, I would rather that my shell prompt not connect to my private SSH repositories in the background all the time.

I fixed the issue by removing all references to the _hydro_git_info function in conf.d/hydro.fish. So something in the _hydro_git_info function is causing the issue. I don't really care what because I don't really need the extra git tracking.

Hydro runs git fetch in the background, so that must be it. Normally, when you pull or push, how do you avoid getting that notification? Maybe there's a flag we can pass to git to make it shut up.

@jorgebucaran I want the notification when I git push/pull so that way I can approve the use of my SSH key. The way the application works is it asks for approval anytime the SSH key is going to be used. Which I like because I don't want to have to ssh-add the key to my agent on each session and leave the key available for use without approval.

Sorry for the delay in getting back :P

So, what do you suggest we do? Hydro needs to fetch stuff in the background in order to create the git prompt, which I'm not interested in changing (removing).

I have two thoughts:

Add a config option to easily disable the git checking functionality for a user like me (I would understand not making this the default behavior, though)
Hydro checks every time I cd or ls while in a git directory -- idk how feasible this is but maybe reduce how often it checks with the remote? i.e. only check when in the root directory of a git repo?

An option to disable the git prompt makes sense (or just disable fetching), but I'd really prefer to find a way to continue fetching in the background without annoying you so that you can enjoy Hydro the way it is.

Is there a way to silence Secretive programmatically that Hydro could use? Just a thought.

Unfortunately, the whole purpose of Secretive is to prompt you to manually approve each use of your SSH keys. So even if I could suppress Secretive prompts, it would defeat the purpose of having Secretive in the first place, I might as well just use ssh-agent and unlock my keys each session.

I don't love the idea of leaving my keys unlocked per session. I like having to approve each use so that way any program (malicious or not) won't be able to use my SSH keys in the background without my permission/awareness.

I never seemed to have this problem with Mono, which seemed to be git aware. Was it because it didn't check the status of the remote repo?

But yeah, I can't think of a way to check in with the remote repository without leaving your SSH keys decrypted. And I really love the way Hydro looks as my prompt. I know my use of Hydro would greatly benefit from having a config option to disable checking with the remote repo.

Maybe I should just fork and disable the functionality? I can understand how my use-case is probably niche and not really something to "fix" -- rather just a difference in workflows.

I never seemed to have this problem with Mono, which seemed to be git aware. Was it because it didn't check the status of the remote repo?

Yes.

I know my use of Hydro would greatly benefit from having a config option to disable checking with the remote repo.

An option to disable fetching is fine. You can always git fetch manually to download your remote so that Hydro can display the ahead/behind part of the git prompt.

Something like this would go in your config.fish as:

set --global hydro_git_fetch_disable

...or set once in the command line as a universal variable.

Could you confirm that the issue is here? (Just comment out that line).

hydro/conf.d/hydro.fish

Line 81 in e95b97e

test \$step = fetch && command git fetch --no-tags 2>/dev/null

@jorgebucaran, I can confirm that commenting out that line does fix the issue for me.

I may have spoken prematurely. Commenting out that line seemed to fix the issue whenever I just ls or cd while in a git repository, but when I edit files with vim sometimes it will check the remote status. It seems relatively inconsistent so idk when it happens.

@heywoodlh Do you know what git operations cause Secretive to act out?

git fetch
~~git symbolic-ref --short HEAD~~
~~git diff-index --quiet HEAD~~
~~git ls-files --others --exclude-standard~~
~~git rev-list --count --left-right @{upstream}...@~~

From that list it seems like git fetch is the only one that prompts for use of SSH keys.

I've noticed it prompts consistently after I edit my config.fish file in my .dotfiles repository.

I will be honest, though. I actually don't mind if it prompts every once in a while to check in with the remote. After editing a file, that seems pretty reasonable. But it'd probably be good to have consistent behavior across the board.

@heywoodlh Thanks for the info. I'll add an option to suppress git fetch in the background. This is simply used to pull the remote so that git rev-list --count --left-right @{upstream}...@ can give us how many commits ahead or behind we are of our upstream.

Background git fetch is now behind the hydro_fetch boolean variable (see flags) . The default value is false, so you don't have to do anything. To enable auto-fetching again:

set --global hydro_fetch true