Be smarter about when to use git+https and when to use git+ssh for hosted git repos

Question

Be smarter about when to use git+https and when to use git+ssh for hosted git repos

Opened this issue 4 years ago · 3 comments

isaacs commented 4 years ago

Tracking issue: npm/cli#2610 (comment)

Answer 1 · 2021-03-08T21:00:43.000Z

Plan: https://docs.google.com/spreadsheets/d/1C3aOFtUeanUoFOJQFRGqfL5j6jRiIBYBKEMCacoom0w/edit?usp=sharing

fail CDN fast, no exponential backoff retrying, fixes GitLab
save same sort of thing to package-lock and package.json (but with sha in package-lock, with ref in package.json)
tell git+ssh to accept new keys, but fail on changed keys
principle: CDN is suggested by git+https working for rev-list
don't try to clone over a strategy that failed rev-list (except as a final fallback)
priority: CDN as long as git+https hasn't failed yet. then what the user told us, unless we saw that fail on rev-list, in which case the other one, then whichever one we haven't tried yet
never send auth to CDN
track all CDN failures by user/project in pacote.Git (static/module-local list)
track all rev-list strategies by user/project in pacote.Git (static/module-local list)

Answer 2 · 2021-10-22T12:46:03.000Z

Please help me I also have the same problem.

Answer 3 · 2021-10-24T18:30:43.000Z

@majidkhan12 This isn't an appropriate comment for an open source repository. We're all waiting for this to be fixed, and I'm sure the developers have a lot of different priorities. Saying you also have the problem doesn't help anyone and spams all subscribers to the issue.