Gemfury will soon update authentication behavior for Repo-URLs
with basic auth. We have recommended authenticating with a blank password
https://TOKEN:@repo...), and such authentication will continue to work unaffected.
However, behavior for non-empty passwords will change.
Your Repo-URL authentication may soon begin to fail.
We’ve seen requests to your repo having a non-empty password. Until now, the password has been ignored, however, this will soon change. Please remove passwords from your Repo-URLs and let us know, so that we can proceed with our upgrades.
Your repository URL may be as follows:
and you should change it to:
You can also use the common form with username and password. Be sure that the username matches the owner of the token, not the repository account:
Exception for backward compatibility
(Updated: February 3, 2020) As an alternative for this deprecated use-case,
we suggest using credentials
TOKEN:TOKEN where the username and password are
the same. We will continue to support this through and after the transition to
allow continuity for those customers whose tooling doesn’t allow non-blank