From bd98ef572df3ed89e9aa0c414a0c622b58659b64 Mon Sep 17 00:00:00 2001
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Mon, 2 Nov 2020 11:50:18 +0000
Subject: bitbake: fetch2/git: Document that we won't support passwords in git
 urls

This keeps coming up, document why we don't do this and the alternatives.

(Bitbake rev: aded964eed4ce5a725ed1ab477efabc86b1aa481)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 bitbake/lib/bb/fetch2/git.py | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'bitbake')

diff --git a/bitbake/lib/bb/fetch2/git.py b/bitbake/lib/bb/fetch2/git.py
index b97967b487..490d57fbbf 100644
--- a/bitbake/lib/bb/fetch2/git.py
+++ b/bitbake/lib/bb/fetch2/git.py
@@ -595,6 +595,11 @@ class Git(FetchMethod):
         """
         Return the repository URL
         """
+        # Note that we do not support passwords directly in the git urls. There are several
+        # reasons. SRC_URI can be written out to things like buildhistory and people don't
+        # want to leak passwords like that. Its also all too easy to share metadata without 
+        # removing the password. ssh keys, ~/.netrc and ~/.ssh/config files can be used as
+        # alternatives so we will not take patches adding password support here.
         if ud.user:
             username = ud.user + '@'
         else:
-- 
cgit v1.2.3-54-g00ecf