I've posted this as an issue on the GitHub repository for the Desktop app, but I just wanted to check if anyone else has experienced this too.
Issue summary
In the GitHub Desktop GUI, when you log off from user A, then log on with user B, the new commits you make through the Desktop GUI will be registered as having been made by user A (not B).
Steps to reproduce the issue
In your default browser, log in to GitHub.com using one account. Let's call this account "User A".
On the GitHub Desktop GUI, click on File>Options>Accounts>Sign in (to GitHub.com, not Enterprise)
A new window will pop up saying "Sign in using browser". Click on the "Continue with browser" button.
In the browser, click through the options to accept the authentication request coming from the app
If prompted by your browser, allow it open the authentication request using the GitHub Desktop GUI.
Load/clone any repository. Let's call this "Repository X".
Make some edits to "Repository X".
Using the GitHub Desktop GUI, commit the changes and push them to "Repository X"'s online repository.
Using your browser, go to GitHub.com, access "Repository X"'s online repository and check the user responsible for its most recent commit. It should be listed as "User A".
Sign out of your GitHub.com account from "User A".
Also log out from "User A"'s account on the GitHub Desktop GUI.
In your browser, log in to GitHub.com using another account. Let's call this account "User B".
Go through the same process described in steps 2, 3, 4 and 5 to log into "User B"'s account on the GitHub Desktop GUI.
Load/clone any other repository. Let's call this "Repository Y".
Make some edits to your "Repository Y".
Using the GitHub Desktop GUI, commit the changes and push them to "Repository Y"'s online repository.
Using your browser, go to GitHub.com, access "Repository Y"'s online repository and check the user responsible for its most recent commit. It should be listed as "User A".
Expected behavior
I expect the most recent commit to "Repository Y" to be registered to "User B", since the GitHub Desktop GUI was logged in to "User B" when the commits were made.
Actual behavior
Instead, "Repository Y"'s online repository will state that the most recent commit was made by "User A" , not "User B". This is likely due to some left-over authentication files that don't get cleared out when we log out of the GitHub Desktop GUI.
Extra notes and details
I'm using GitHub Desktop 2.9.6 (x64) on Windows 10.
If you can't replicate this bug, try erasing the files in the %APP_DATA%\GitHub Desktop folder (typically, C:\Users\your_username\AppData\Roaming\GitHub Desktop) before starting with Steps 1 through 17. But please back up your files before you do this!!!!
Also, be sure to actually use two separate GitHub accounts but just one Windows user.
Main question
How can I ensure that the commits I make with the GitHub Desktop app after logging off from "User A" and logging into "User B" actually get registered as having been made by "User B" (not "User A")?
My current solution
My current solution is to just delete the whole %APPDATA%\GitHub Desktop folder. But that's a huge pain because I loose ALL of the information about the repositories that are currently on my machine and have to re-add them, one by one.
The account you use to push to GitHub is not necessarily related to the information that's in your commits. GitHub associates a commit with an account by the email in the commit, which is set with user.email. Usually that value is set in the Git configuration and not by GitHub Desktop, although it's possible that you could configure GitHub Desktop to override it.
If you want to configure different user information for a particular repository, you can set user.name (which is a personal name, not a username) and user.email with git config user.email MY-EMAIL (respectively user.name) in the repository.
Note that the authentication is irrelevant here because it's completely valid to push commits to a repository that were created by someone else. The authentication information is completely different from what's in your commits, and it's the latter that matters in this case.
Related
How can I force VS Code to ask for my macOS Keychain password before each push to GitHub?
VS Code never asked for my GitHub password (via Keychain) until I pushed to GitHub and it asked before each push again.
This was working until a few hours ago when I had some issues and revoked my access and VS Code requested a new token.
Now VS Code does not ask at all for a password. Even when I remove VS Code from the Keychain whitelist, it asks for my password at program start only once and then not again, even not for pushes.
I want VS Code to request my GitHub token before each push from Keychain again.
After comparing my current macOS login Keychain with one from a Backup where everything was still working as I wanted, I found a solution:
There seem to be at least two ways of how VS Code accesses the Keychain:
Directly via OAuth. This is used when VS Code automatically requests an access token via the GitHub website. It stores the token in the Keychain with the name vscodevscode.github-authentication.
Indirectly via git-credential-osxkeychain and a personal access token that is stored in the Keychain with the name github.com.
VS Code seems to decide automatically which way it uses depending on which keys it finds in the macOS Keychain.
I have not found a way how to force VS Code to ask for the Keychain password on each push when using OAuth, but it is working via git-credential-osxkeychain now.
Solution
Request a personal access token via GitHub / Settings / Developer settings / Personal access tokens
Retreive your GitHub ID via: https://api.github.com/users/<your user name>
Open Keychain Access and create a new password item:
Keychain Item Name: https://github.com
Account Name: <your GitHub ID>
Password: <your personal access token>
Notes:
If VS Code asks for your Keychain password multiple times, try a push via command line
click on Always Allow on the request that asks to ...access key "github.com"...
click on Allow on the request that asks to ...use your confidential information stored in "github.com".
This is a complete "try and error" solution, I have not found much information about that. It would be great if someone could explain what is actually going on here. I have also not found any official information about setting up VS Code via git-credential-osxkeychain.
I guess git needs to be installed to make that work. I installed it via Homebrew
At least for me this solution works for pushing via VS Code GUI, VS Code integrated terminal and OS terminal.
Check your git config --global credential.helper: it references the program in charge of caching your credentials.
A git config --global --unset credential.helper would remove it, forcing Git to always ask for your credentials.
Ditched Windows for Mac. Now, everytime I push a commit to GitHub I don't get credited with publishing history, despite being logged in to my GitHub acc as seen with gh auth login or gh auth status.
It credits the username of what the zsh is logged in as instead of my GitHub username.
GitHub credits commits to accounts based on the email in the commits, which should be associated with the account in question. That is typically set in user.email in your Git config. If you have not set user.name, you should also set that, which should be set to a personal name, not a username, and which has no effect on authentication.
You can see what values have been set with git config --get-regex user.. You can also set one or more of these values with something like git config --global user.email somebody#example.org. You can also look at your commit logs with git log --format=full to see what's stored in them.
The information in the commits is unrelated to the authentication for pushes. It is possible to push commits created by other people with Git, and this approach is heavily used in some projects (e.g., Git itself).
I am just starting out trying to connect Xcode to Github. I keep getting this peculiar error, saying "Failed to load owners" whenever I try to create a remote repository from within Xcode under the Source Control Manager. See the error here
If I ignore the warning, the upload then fails with this error.
I cannot seem to find anything online regarding this, and I cannot for the world notice anything being wrong with my GitHub account. The account itself is also accepted by Xcode (successfully added under the Accounts pane in Preferences).
Any help will be greatly appreciated.
In your GitHub account, when you are creating a personal access token to connect your Xcode to GitHub, you have to check off repo, write:packages, and read:packages.
Shown by the image here: https://i.stack.imgur.com/NUiiC.png
Then, you should be able to create the repo without any problems! Hope this helped.
I deleted my GitHub-Profile in the XCode Preferences and setted up again. After that it worked smoothly.
After having had a chat with a kind representative from GitHub Developer Support, it seems like it in my case had to do with my old username and password credentials that was saved on my machine. I quote:
Sometimes applications can use these old credentials, even if you
replace it with the personal access token.
Credentials for git authentication are stored in the Keychain App, and
git passes these onto GitHub when pushing changes to a Repository.
I'd suggest checking in the Keychain App for any records with the name
GitHub.
If they exist, delete those and try the push again.
Git should ask you to enter your username and password and once you
re-enter them, the correct credentials should be stored in your
Keychain app for future use.
So there you have it. This in fact solved my problem. It could also have had something to do with the personal access token that might not be set up with the proper permissions. If you have the same problem as I had you could also check out the scopes on your personal access token to verify it has access to everything you need. Step 7 on the help guide below has a screenshot of what that looks like:
https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
For anyone who's looking for another way. What happened to me is that my personal access token expired, and I needed to generate a new one in Github / setting/ developer/ access token. After I generated a new one, I logged out of Github via Xcode, Logged back in and put in my new access code and cleared the issue!
When I log into packagist.org I get this message on my packages:
This package is using the legacy GitHub service and will stop being auto-updated in early 2019. Please set up the new GitHub Hook for Packagist so that it keeps working in the future.
When I visit https://packagist.org/about#how-to-update-packages the instructions seem to be more talking about how to set it up from scratch then anything.
I'm already logged in and my GitHub account is already linked (do I need to unlink it and relink it?)
When I click on https://github.com/settings/connections/applications/a059f127e1c09c04aa5a I see the "Access public information (read-only)" has a green checkbox next to it.
When I check https://packagist.org/profile/ it doesn't say that they're not automatically sync'd. What it does say is "Legacy Auto-Update, Needs Attention".
The URL suggests you trigger a manual account sync "to have Packagist try to set up hooks on your account again". I'm assuming the way you make Packagist do a manual sync is by clicking the "Update" button. I tried that to no avail.
Any ideas?
You should take a look at this issue: https://github.com/composer/packagist/issues/907 - GitHub deprecated GitHub Services, which was previously used for integration with Packagist. Packagist should switch to GitHub app when you first login to Packagist using GitHub OAuth.
If you already have connected GitHub account to Packagist account, try to logout and login using GitHub - you will be asked about permissions, which allows to automatically setup webhooks for repositories. After this everything should update automatically.
In other case you can connect GitHub account to existing Packagist account on settings page.
Right now, my command line is linked to my git account, "Account1".
I want to push to the repository owned by my other account, "Account2"
ex. Right now, when I git push I get:
remote: Permission to Account2/DesiredRepo denied to Account1.
fatal: unable to access 'https://github.com/Account2/DesiredRepo/': The requested URL returned error: 403
How can I login to my other account on cmd to push to that repository? I want something like:
git logout
git login
//Prompts login page of some sort to switch account
I haven't found any solutions so far that work well with windows.
Git has no concept of authentication, so there are no git logout and git login commands. Instead, this is implemented by the protocol used to communicate with a remote. When you installed Git on Windows, you likely accepted the default settings, which includes enabling Git Credential Manager. The first time you entered your GitHub user name and password, this tool stored them (hopefully securely) for use during future sessions. I assume it will allow you to manage your digital identities. You can read this documentation and research further how to switch accounts with this tool.
Alternatively, you can create SSH keys for each account. Add your public keys to the associated account then use the correct private key for authentication. Details are available on the GitHub help pages and documentation.