GitHub Desktop is one of those terrible applications that I still have to use occasionally, much to my regret. I can’t tell you if a five-year-old or a cat coded it, but this application with relatively straightforward functionality has more bugs than Florida.
Sometime in the spring of 2022, GitHub was alerted to a couple of particularly egregious security holes in its desktop app. The gods of coding lept into action and replaced the old bugs with new ones. Since then, GitHub Desktop users have been haunted by idiotic and redundant error messages and other problems impeding their workflow.
GitHub tried to fix its earlier fixes but failed. Get a load of this release note from July’s version 3.0.5:
This issue was introduced in April’s release, then “fixed,” then brought back, and then GitHub gave up, having been defeated by its own patch.
Enter the workarounds. If, like me, you have lots and lots of local repos, the command below will find them and add them to the “safe” list. Unfortunately, the .gitconfigsyntax does not support wildcards, otherwise, this scripting nonsense would not have been necessary.
dirname $(find I:/GitHub -name .git -type d -prune) | while read line; do sed -r -i $"/\[safe\]/a directory = $line" ~/.gitconfig done
Just replace I:/GitHub with whatever parent path containing your repos. And then there is the issue of GitHub Desktop overwriting your .gitconfig with nonsense. This is also new. You can try protecting the file by making it read-only (chattr -r ~/.gitconfig), but this may not work. I suggest just making a backup copy.
The other redundant and very annoying “warning” is the infamous “Untrusted server” popup that greets you every time you launch GitHub Desktop and then throughout your sessions at random intervals.
The “attackers” are most definitely not trying to steal your data. The far more likely cause is that one of the repos in your collection is located on a server that cannot be reached from your current network. For example, I see this error on my work laptop when not connected to the company VPN.
Unfortunately, I don’t know what to do about this one.
Experienced Unix/Linux System Administrator with 20-year background in Systems Analysis, Problem Resolution and Engineering Application Support in a large distributed Unix and Windows server environment. Strong problem determination skills. Good knowledge of networking, remote diagnostic techniques, firewalls and network security. Extensive experience with engineering application and database servers, high-availability systems, high-performance computing clusters, and process automation.
