Description
https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/
It's unclear to me what the best course of action is. Some thoughts:
-
We already use the OAuth flow to authenticate with the GitHub API with
wflow_use_github()when creating a new GitHub repository. But this is a one-time operation, and the token is purposefully immediately discarded (so that there is no security leak). If we updatewflow_git_push()/wflow_git_pull()to use the OAuth flow, this would get tedious. And for security reasons, I don't really want workflowr to venture into managing tokens. -
git2r has a work-in-progress PR WIP: Use the credentials package ropensci/git2r#422 to use the credentials package. This would enable git2r to access the same PAT used by command-line Git. This would be convenient, but we'd still need a way for users to create the PAT in the first place. Many workflowr users are first-time Git users, so we can't assume they already have a PAT available. The usethis package has an entire vignette on GitHub authentication. Their current instructions are 1) create a PAT with
usethis::create_github_token()(unfortunately this is a manual step, it only opens the browser to the page), 2) save the PAT to the Git credentials store withgitcreds::gitcreds_set(). I wish this could be more automated, but I'm not sure if that is possible (or advisable).