Hi Chris,

this reads like the central password-safe storage Tobias proposed earlier in this thread. That storage can be in the file system anyway or use a dedicated interface to the VM to wipe its contents from the object space. I would rather not hard-code it to always rely on file-system access though. :-) Squeak runs without even having access to .changes file.

Best,
Marcel
Am 10.06.2020 03:26:40 schrieb Chris Muller <asqueaker at gmail.com>:
Hi Marcel,

We should remove MCHttpRepository>>'user' and 'password' instVars entirely, and simply stick with #userAndPasswordFromSettingsDo:.

When they select 'edit repository info' function of the Repository menu, it should update the prefs file.

We should not store id's and passwords in the image.

Best,
  Chris

On Fri, Jun 5, 2020 at 9:27 AM Marcel Taeumel <marcel.taeumel at hpi.de [mailto:marcel.taeumel at hpi.de]> wrote:

Hi all!

How to update MCHttpRepository >> #clearCredentials?

clearCredentials
user ifNotNil: [user atAllPut: $x].
password ifNotNil: [password atAllPut: $x].
user := password := String empty

Make those strings not be read-only?

Best,
Marcel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/squeak-dev/attachments/20200610/eb8cd1e8/attachment.html>