🐛 URL encode user and password. Generated PAT may contain (\).

[jortel]

closes: #77

Summary by CodeRabbit

• Bug Fixes
  • Encodes special characters in usernames and passwords when saving HTTP/HTTPS credentials.
  • Prevents authentication failures and malformed credential lines caused by characters like @, :, /, and spaces.
  • Ensures stored credentials follow standards, improving reliability for pulls/pushes.
  • Enhances compatibility with credential helpers and CI/proxied environments.

[coderabbitai]

Walkthrough

The writeCreds function now URL-escapes the User and Password (using url.PathEscape) before writing http/https credential entries; all other credential-writing logic (scheme iteration, host assembly, file write, error handling, early return on missing creds) is unchanged.

Changes

Cohort / File(s)	Summary
Credential writing logic repository/git.go	Apply url.PathEscape to username and password before appending to each http/https credentials entry; no other logic changes.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant C as Caller
  participant G as writeCreds
  participant E as url.PathEscape
  participant F as File System

  C->>G: writeCreds(user, pass, host)
  alt user or pass missing
    G-->>C: return early
  else
    G->>E: PathEscape(user), PathEscape(pass)
    E-->>G: userEsc, passEsc
    loop schemes: http, https
      G->>F: Write credential entry "scheme://userEsc:passEsc@host"
      F-->>G: OK / Err
    end
    G-->>C: Result
  end

  note over G,E: New — credentials are escaped with url.PathEscape before writing

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Handle backslash in credentials for cloning (#77)	✅

Poem

I chewed the slash that hid my key,
Escaped each nibble, safe and free;
Now clones hop past the tangled vine,
Credentials tidy, checkout fine. 🐇✨

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

repository/git.go (2)

231-247: Use RFC-3986 userinfo encoding; QueryEscape is wrong here (space → '+').

net/url.QueryEscape is for query strings and turns spaces into '+', which breaks credentials containing spaces and other userinfo-reserved chars. Build the URL with url.URL + url.UserPassword() (or at least PathEscape) to guarantee correct percent-encoding for the userinfo.

Apply this diff to the loop body:

-    entry := scheme
-    entry += "://"
-    if r.Identity.User != "" {
-      entry += urllib.QueryEscape(r.Identity.User)
-      entry += ":"
-    }
-    if r.Identity.Password != "" {
-      entry += urllib.QueryEscape(r.Identity.Password)
-      entry += "@"
-    }
-    entry += url.Host
-    _, err = f.Write([]byte(entry + "\n"))
+    u := urllib.URL{
+      Scheme: scheme,
+      Host:   url.Host,
+    }
+    // Both are guaranteed non-empty due to the early return above.
+    u.User = urllib.UserPassword(r.Identity.User, r.Identity.Password)
+    entry := u.String()
+    _, err = f.Write([]byte(entry + "\n"))
     if err != nil {
       err = liberr.Wrap(
         err,
         "path",
         path)
       break
     }

---

222-229: Set .git-credentials permissions to 0600.

Credentials are sensitive; use restrictive perms instead of inheriting umask defaults.

Apply this diff:

-  f, err := os.Create(path)
+  f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0o600)

🧹 Nitpick comments (1)

repository/git.go (1)

283-307: Proxy URL builds: encode creds and honor scheme via net/url.

The proxy auth is string-concatenated without encoding and the scheme is hard-coded to http://. Build the proxy URL with url.URL + url.UserPassword() and use p.Kind for the scheme.

Apply this diff:

-  auth := ""
-  if p.Identity != nil {
-    var id *api.Identity
-    id, err = addon.Identity.Get(p.Identity.ID)
-    if err != nil {
-      return
-    }
-    auth = fmt.Sprintf(
-      "%s:%s@",
-      id.User,
-      id.Password)
-  }
-  proxy = fmt.Sprintf(
-    "http://%s%s",
-    auth,
-    p.Host)
-  if p.Port > 0 {
-    proxy = fmt.Sprintf(
-      "%s:%d",
-      proxy,
-      p.Port)
-  }
+  pu := urllib.URL{
+    Scheme: p.Kind, // "http" or "https"
+    Host:   p.Host,
+  }
+  if p.Port > 0 {
+    pu.Host = fmt.Sprintf("%s:%d", p.Host, p.Port)
+  }
+  if p.Identity != nil {
+    var id *api.Identity
+    id, err = addon.Identity.Get(p.Identity.ID)
+    if err != nil {
+      return
+    }
+    pu.User = urllib.UserPassword(id.User, id.Password)
+  }
+  proxy = pu.String()

Please verify with a proxy identity containing \ or spaces to ensure end-to-end behavior.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 382302a and 03e546d.

📒 Files selected for processing (1)

• repository/git.go (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build-and-upload-for-global-ci

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

repository/git.go (2)

222-229: Harden credentials file permissions (0600)

.git-credentials contains secrets; create it with owner-only perms to avoid accidental disclosure under permissive umasks.

Apply:

- f, err := os.Create(path)
+ f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0600)

---

293-307: Encode proxy credentials too (same bug class)

Proxy auth currently embeds raw user/password into the proxy URL. Special chars (e.g., backslash) will break and/or risk misparsing. Use url.UserPassword and build the URL.

Apply:

- auth := ""
- if p.Identity != nil {
-     var id *api.Identity
-     id, err = addon.Identity.Get(p.Identity.ID)
-     if err != nil {
-         return
-     }
-     auth = fmt.Sprintf(
-         "%s:%s@",
-         id.User,
-         id.Password)
- }
- proxy = fmt.Sprintf(
-     "http://%s%s",
-     auth,
-     p.Host)
- if p.Port > 0 {
-     proxy = fmt.Sprintf(
-         "%s:%d",
-         proxy,
-         p.Port)
- }
+ if p.Identity != nil {
+     var id *api.Identity
+     id, err = addon.Identity.Get(p.Identity.ID)
+     if err != nil {
+         return
+     }
+     u := &urllib.URL{
+         Scheme: "http",
+         Host:   p.Host,
+         User:   urllib.UserPassword(id.User, id.Password),
+     }
+     if p.Port > 0 {
+         u.Host = fmt.Sprintf("%s:%d", p.Host, p.Port)
+     }
+     proxy = u.String()
+ } else {
+     host := p.Host
+     if p.Port > 0 {
+         host = fmt.Sprintf("%s:%d", host, p.Port)
+     }
+     proxy = "http://" + host
+ }

Note: If HTTPS proxies are supported, consider setting Scheme based on p.Kind.

🧹 Nitpick comments (1)

repository/git.go (1)

235-246: Prefer building the URL with url.URL + url.UserPassword

Constructing the entry via the standard URL builder avoids manual concatenation, guarantees correct userinfo encoding, and removes redundant emptiness checks.

Apply:

- for _, scheme := range []string{
-     "https",
-     "http",
- } {
-     entry := scheme
-     entry += "://"
-     if r.Identity.User != "" {
-         entry += urllib.PathEscape(r.Identity.User)
-         entry += ":"
-     }
-     if r.Identity.Password != "" {
-         entry += urllib.PathEscape(r.Identity.Password)
-         entry += "@"
-     }
-     entry += url.Host
-     _, err = f.Write([]byte(entry + "\n"))
-     if err != nil {
-         err = liberr.Wrap(
-             err,
-             "path",
-             path)
-         break
-     }
- }
+ for _, scheme := range []string{"https", "http"} {
+     u := &urllib.URL{
+         Scheme: scheme,
+         Host:   url.Host,
+         User:   urllib.UserPassword(r.Identity.User, r.Identity.Password),
+     }
+     if _, err = f.WriteString(u.String() + "\n"); err != nil {
+         err = liberr.Wrap(err, "path", path)
+         break
+     }
+ }

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 03e546d and 7659994.

📒 Files selected for processing (1)

• repository/git.go (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: test-integration / e2e-ui-integration-tests
• GitHub Check: test-integration / e2e-api-integration-tests

🔇 Additional comments (1)

repository/git.go (1)

237-244: Correct: percent-encode user/password for .git-credentials

Using url.PathEscape on both user and password properly handles backslashes and other reserved characters. This matches Git’s expectation for percent-encoded credentials.