We enabled https://phabricator.wikimedia.org/config/edit/diffusion.allow-http-auth/ in April 2014 (prior to deploying Phabricator to production) for reasons I do not remember in T123#1763.
We are getting rid of all and any code repos canonically hosted in Phabricator in T191182: Migrate active repositories in Phabricator Differential to GitLab.
I propose that we should stop offering to git clone repos via http as
- all code repos on Phabricator will be only mirrors of other places (which are free to offer non-encrypted protocols for cloning)
- https is offered (and broken ssh, see T347408: Do not expose dead git-ssh.wikimedia.org service as repo Clone URLs (defined in diffusion.ssh-host setting) for that issue) for those who want to clone from Phabricator for some reason.
- I'd expect any code that pulls or pushes for mirroring to use https or ssh in 2023 and not rely on http (in K13, K18, K19, K32)?
- it clutters the sometimes huge list of URIs offered when browsing a Diffusion repo in a web browser and clicking the " Clone" button (see parent task)