Use the sandbox.git methods to run common git operations inside a sandbox.
Authentication and Identity
Passing credentials inline
For private repositories over HTTP(S), pass username and password (token) directly to commands that need authentication. A username is required whenever you pass a password/token.
Credential helper (authenticate once)
To avoid passing credentials on each command, store them in the git credential helper inside the sandbox using dangerouslyAuthenticate() / dangerously_authenticate().
Stores credentials on disk inside the sandbox. Any process or agent with access to the sandbox can read them. Use only when you understand the risk.
Keep credentials in the remote URL
By default, credentials are stripped from the remote URL after cloning. To keep credentials in the remote URL (stored in .git/config), set dangerouslyStoreCredentials / dangerously_store_credentials.
Storing credentials in the remote URL persists them in the repo config. Any process or agent with access to the sandbox can read them. Only use this when required.
Set the git author name and email for commits. Configure globally or per-repository.
Clone a repository
See Authentication and Identity for how to authenticate with private repositories.
Check status and branches
status() returns a structured object with branch, ahead/behind, and file status details. branches() returns the branch list and the current branch.
Create and manage branches
Stage and commit
Pull and push
See Authentication and Identity for how to authenticate with private repositories.
Manage remotes
Git config
Set and get git configuration values. See Configure git identity for configuring the commit author.