fix: Push-Operationen von Credential-Skip ausgenommen + bessere Fehlermeldungen

Push-Operationen benötigen IMMER Authentifizierung, auch bei öffentlichen Repos:

1. Push.cs erweitert:
   - Prüft ob Credentials vorhanden sind
   - Zeigt hilfreiche Fehlermeldung mit Anleitung für PAT/SSH Setup
   - Erklärt warum Push Authentifizierung braucht

2. Command.cs angepasst:
   - Push-Operationen werden NIE als 'public operation' behandelt
   - SkipCredentials wird für Push explizit deaktiviert
   - isPushOperation Check verhindert Credential-Skip bei Push

3. Remote URL auf SSH umgestellt:
   - origin nutzt jetzt git@github.com:Iniationware/sourcegit.git
   - SSH ist die empfohlene Methode für Push-Operationen
   - Umgeht das GitHub HTTPS Password-Verbot

Wichtig: GitHub erlaubt seit 2021 keine Passwort-Authentifizierung über HTTPS.
Man muss entweder Personal Access Tokens (PAT) oder SSH-Keys verwenden.

Author: biancode

src/Commands/Command.cs

@@ -177,10 +177,11 @@ protected ProcessStartInfo CreateGitStartInfo(bool redirect)
             // Get self executable file for SSH askpass
             var selfExecFile = Process.GetCurrentProcess().MainModule!.FileName;
 
-            // Check if this is a public repository operation
-            var isPublicOperation = SkipCredentials || (Args != null && 
+            // Check if this is a public repository operation (but NOT push)
+            var isPush = Args != null && Args.Contains("push ");
+            var isPublicOperation = !isPush && (SkipCredentials || (Args != null && 
                 (Args.Contains("github.com") || Args.Contains("gitlab.com") || 
-                 Args.Contains("bitbucket.org") || Args.Contains("gitee.com")));
+                 Args.Contains("bitbucket.org") || Args.Contains("gitee.com"))));
 
             if (!isPublicOperation)
             {
@@ -224,27 +225,33 @@ protected ProcessStartInfo CreateGitStartInfo(bool redirect)
             // Check for operations that typically don't need credentials on public repos
             if (Args != null)
             {
-                // Check if this is a read-only operation on GitHub/GitLab
-                var isReadOperation = Args.Contains("fetch") || Args.Contains("pull") || 
-                                     Args.Contains("ls-remote") || Args.Contains("clone") ||
-                                     Args.Contains("remote -v") || Args.Contains("remote get-url");
+                // IMPORTANT: Push operations ALWAYS need credentials, even for public repos
+                var isPushOperation = Args.Contains("push ");
 
-                // Check if URL contains public Git hosts
-                var hasPublicHost = Args.Contains("github.com") || Args.Contains("gitlab.com") || 
-                                   Args.Contains("bitbucket.org") || Args.Contains("gitee.com");
-                
-                // If it's a read operation on a public host, disable credentials
-                if (isReadOperation && hasPublicHost)
-                {
-                    isPublicRepo = true;
-                    needsCredentials = false;
-                }
-                
-                // Also check for HTTPS URLs which are typically public
-                if (Args.Contains("https://github.com") || Args.Contains("https://gitlab.com"))
+                if (!isPushOperation)
                 {
-                    isPublicRepo = true;
-                    needsCredentials = false;
+                    // Check if this is a read-only operation on GitHub/GitLab
+                    var isReadOperation = Args.Contains("fetch") || Args.Contains("pull") || 
+                                         Args.Contains("ls-remote") || Args.Contains("clone") ||
+                                         Args.Contains("remote -v") || Args.Contains("remote get-url");
+                    
+                    // Check if URL contains public Git hosts
+                    var hasPublicHost = Args.Contains("github.com") || Args.Contains("gitlab.com") || 
+                                       Args.Contains("bitbucket.org") || Args.Contains("gitee.com");
+                    
+                    // If it's a read operation on a public host, disable credentials
+                    if (isReadOperation && hasPublicHost)
+                    {
+                        isPublicRepo = true;
+                        needsCredentials = false;
+                    }
+                    
+                    // Also check for HTTPS URLs which are typically public (but NOT for push)
+                    if (Args.Contains("https://github.com") || Args.Contains("https://gitlab.com"))
+                    {
+                        isPublicRepo = true;
+                        needsCredentials = false;
+                    }
                 }
             }
 

src/Commands/Push.cs

@@ -40,7 +40,46 @@ public Push(string repo, string remote, string refname, bool isDelete)
 
         public async Task<bool> RunAsync()
         {
+            // Check if remote URL is a public repository
+            var remoteUrl = await new Config(WorkingDirectory).GetAsync($"remote.{_remote}.url").ConfigureAwait(false);
+            
+            // Push ALWAYS requires authentication, even for public repos
+            // This is by design - you can read from public repos without auth,
+            // but writing always requires proper credentials
+            if (!string.IsNullOrEmpty(remoteUrl) && remoteUrl.StartsWith("https://"))
+            {
+                // Check if user is trying to push to a public host without proper setup
+                if (remoteUrl.Contains("github.com") || remoteUrl.Contains("gitlab.com"))
+                {
+                    // Note: We still need credentials for push, but we can provide a better error message
+                    RaiseError = true;
+                    
+                    // Check if we have stored credentials or SSH key
+                    var hasCredentials = !string.IsNullOrEmpty(Native.OS.CredentialHelper);
+                    var sshKey = await new Config(WorkingDirectory).GetAsync($"remote.{_remote}.sshkey").ConfigureAwait(false);
+                    
+                    if (!hasCredentials && string.IsNullOrEmpty(sshKey))
+                    {
+                        // Provide helpful message about push requirements
+                        App.RaiseException(Context, 
+                            $"Push to {remoteUrl} requires authentication.\n\n" +
+                            "Even though the repository is public, pushing changes always requires proper credentials.\n\n" +
+                            "Options:\n" +
+                            "1. Set up a Personal Access Token (recommended for HTTPS)\n" +
+                            "2. Configure SSH keys (recommended for SSH URLs)\n" +
+                            "3. Use Git Credential Manager\n\n" +
+                            "For GitHub: Create a token at Settings → Developer settings → Personal access tokens\n" +
+                            "For GitLab: Create a token at Settings → Access Tokens");
+                        return false;
+                    }
+                }
+            }
+            
             SSHKey = await new Config(WorkingDirectory).GetAsync($"remote.{_remote}.sshkey").ConfigureAwait(false);
+            
+            // Don't skip credentials for push - it always needs auth
+            SkipCredentials = false;
+            
             return await ExecAsync().ConfigureAwait(false);
         }