[v11.0/forgejo] fix: use credentials helpers for git clones (#9069)

**Backport**: https://codeberg.org/forgejo/forgejo/pulls/9067 When performing a `git clone` that requires credentials, they are temporarily stored in files and used with [Git credential](https://git-scm.com/docs/gitcredentials/2.50.0#_requesting_credentials). They were previously included in the URL that were readable by a user with shell access to the host running the Forgejo instance when, for instance, they ask for the list of process (`ps`). Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/9069 Reviewed-by: 0ko <0ko@noreply.codeberg.org>
2025-10-10 19:32:02 +00:00 · 2025-08-30 18:57:49 +02:00 · 2025-08-30 18:57:49 +02:00 · 73bd2e922a
commit 73bd2e922a
parent 8bbfcfc213
7 changed files with 289 additions and 15 deletions
--- a/tests/integration/codeowner_test.go
+++ b/tests/integration/codeowner_test.go
@ -48,6 +48,7 @@ func TestCodeOwner(t *testing.T) {
 		cloneURL, _ := url.Parse(r)
 		cloneURL.User = url.UserPassword("user2", userPassword)
 		require.NoError(t, git.CloneWithArgs(t.Context(), nil, cloneURL.String(), dstPath, git.CloneRepoOptions{}))
+		doGitSetRemoteURL(dstPath, "origin", cloneURL)(t)

 		t.Run("Normal", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()