Validate credentials

[pavkout]

Summary

• Adds a validateCredentials method to the GitHub and GitLab provider implementations that hits the provider's GET /user REST API endpoint — a lightweight, authoritative check that reliably returns HTTP 401 for revoked tokens or uninstalled GitHub Apps (unlike the git wire protocol, which can succeed anonymously on public repos).
• Adds an optional validateCredentials method to the GitRemoteProvider interface, with a fallback to fetchRemoteBranches for providers that don't implement it.
• Exposes a new validateGitRepositoryCredentials IPC handler in git-service.ts that looks up the stored credential for a project/workspace and delegates to the appropriate validation strategy.
• Adds a git.validate-credentials route and a useGitValidateCredentialsFetcher hook so the UI can trigger credential validation on demand.
• Credentials are also validated eagerly on loadGitRepository (after GitVCS.init()) to surface revoked tokens as HTTP 4xx errors, which triggers the existing re-auth banner logic.

Test plan

• Connect a project to a GitHub/GitLab repo with a valid token — confirm no error is shown.
• Revoke the token (or uninstall the GitHub App) and reload the project — confirm the re-auth banner appears.
• Verify that a project linked to a public GitHub repo with a revoked token still shows the re-auth hint (regression case for the wire-protocol false-positive).
• Confirm the fallback path works for non-GitHub/GitLab providers (e.g. manual PAT credentials).

[Copilot]

Pull request overview

This PR introduces an explicit “validate current Git credentials” flow to better detect revoked/invalid OAuth tokens (notably for GitHub where anonymous git access can still succeed on public repos), and wires that validation into the project settings UI and Electron IPC.

Changes:

• Add an optional validateCredentials() capability to git remote providers and implement it for GitHub and GitLab via GET /user.
• Add a new /git/validate-credentials client loader route + fetcher hook, backed by a new git.validateGitRepositoryCredentials IPC endpoint in the main process.
• Update the project settings form to call the validation fetcher and use its errors to drive the OAuth re-auth banner / hide author email selection when auth errors are present.

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
packages/insomnia/src/ui/components/project/project-settings-form.tsx	Switches from loading repo data to calling the new credential-validation fetcher and uses returned errors in the Git auth banner UI.
packages/insomnia/src/sync/git/providers/types.ts	Extends the provider interface with optional validateCredentials().
packages/insomnia/src/sync/git/providers/gitlab.ts	Implements credential validation against GitLab’s GET /user.
packages/insomnia/src/sync/git/providers/github.ts	Implements credential validation against GitHub’s GET /user.
packages/insomnia/src/routes/git.validate-credentials.tsx	Adds a new route + fetcher hook for validating credentials from the renderer.
packages/insomnia/src/main/ipc/electron.ts	Adds a new IPC channel type for credential validation.
packages/insomnia/src/main/git-service.ts	Adds the main-process validation implementation and registers the IPC handler; also validates credentials during loadGitRepository init.
packages/insomnia/src/entry.preload.ts	Exposes the new validation API on window.main.git.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[aikido-pr-checks]

!credentialsValidationErrors treats empty arrays as errors, so successful validation with [] hides the email UI paths unexpectedly.

Details

✨ AI Reasoning
​The new credential-validation checks use boolean negation on an errors collection instead of checking whether it contains entries. When validation succeeds and returns an empty list, the condition still evaluates as if an error exists, so the branch that should show author email data is skipped. This creates a deterministic mismatch between successful validation and UI behavior.

🔧 How do I fix it?
Trace execution paths carefully. Ensure precondition checks happen before using values, validate ranges before checking impossible conditions, and don't check for states that the code has already ruled out.

_{Reply @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info}