Behavior for Repo-URLs with basic-auth passwords

Gemfury will soon update authentication behavior for Repo-URLs with basic auth. We have recommended authenticating with username & password (ie. https://USER:TOKEN@repo...), and such authentication will continue to work unaffected. However, behavior for non-empty passwords will change.

Your Repo-URL authentication may soon begin to fail.

We’ve seen requests to your repo having a non-empty password. Until now, the password has been ignored, however, this will soon change. Please remove passwords from your Repo-URLs and let us know, so that we can proceed with our upgrades.

For example

Your repository URL may be as follows:

https://TOKEN:NOTBLANK@repo.fury.io/ACCOUNT

and you should change it to:

https://USER:TOKEN@repo.fury.io/ACCOUNT

Be sure that the username matches the owner of the token, not the repository account.