Skip to main content
Use the sandbox.git methods to run common git operations inside a sandbox.

Authentication and Identity

Passing credentials inline

For private repositories over HTTP(S), pass username and password (token) directly to commands that need authentication. A username is required whenever you pass a password/token.

Credential helper (authenticate once)

To avoid passing credentials on each command, store them in the git credential helper inside the sandbox using dangerouslyAuthenticate() / dangerously_authenticate().
Stores credentials on disk inside the sandbox. Any process or agent with access to the sandbox can read them. Use only when you understand the risk.

Keep credentials in the remote URL

By default, credentials are stripped from the remote URL after cloning. To keep credentials in the remote URL (stored in .git/config), set dangerouslyStoreCredentials / dangerously_store_credentials.
Storing credentials in the remote URL persists them in the repo config. Any process or agent with access to the sandbox can read them. Only use this when required.

Configure git identity

Set the git author name and email for commits. Configure globally or per-repository.

Clone a repository

See Authentication and Identity for how to authenticate with private repositories.

Check status and branches

status() returns a structured object with branch, ahead/behind, and file status details. branches() returns the branch list and the current branch.

Create and manage branches

Stage and commit

Pull and push

See Authentication and Identity for how to authenticate with private repositories.

Manage remotes

Git config

Set and get git configuration values. See Configure git identity for configuring the commit author.