TILLFORGE · REPOSITORIES

Standard git, from any editor, zero plugin.

GA

TillForge speaks standard smart-HTTP and SSH, so every editor’s built-in git works out of the box. Create a repo, clone it over HTTPS with a tfp_ token or over SSH with a registered key, and browse code, history, and blame from the CLI or the dashboard.

01Create

Create a repository

A repo has a slug, a protected default branch, and a visibility of private, internal, or public. Secret scanning is on from the first push — you don’t turn it on.

bash
# Create a repo (default branch seeded protected + secret-scanned).
tilldev forge repos create --name acme-api \
  --slug acme-api \
  --visibility private        # private | internal | public
tilldev forge repos ls
tilldev forge repos get acme-api

Repos are also created for you on first push: if you push to a repo path that doesn’t exist yet and you’re authorized, TillForge seeds it with a protected default branch so the very first commit is already covered.

02Clone URL

The clone URL shapes

Two remote shapes reach the same repo. The git node is its own host, git.tilldev.dev — separate from the dashboard — so a control-plane outage never blocks a clone or push.

TransportRemote URLAuthenticates with
HTTPShttps://git.tilldev.dev/<org>/<repo>.gitA tfp_ token as the password
SSHssh://git@git.tilldev.dev:2222/<org>/<repo>.gitA registered SSH key
HTTPS is the primary transport
HTTPS is the recommended default — it rides port 443 through every proxy, is editor-native, and gets central token lifecycle (expiry, per-repo scopes, MFA-at-mint, revoke-on-offboard). SSH is fully supported with its own key lifecycle controls; pick whichever your team already uses.
03HTTPS

Clone and push over HTTPS

The tfp_ token is your password. Any git client will prompt for it; a credential helper can cache it. Read scope clones and fetches; write scope pushes.

bash
# HTTPS — the token is the password. Works in every editor.
git clone https://git.tilldev.dev/<org>/<repo>.git
#   Username: your TillDev email  (or the literal 'x-access-token')
#   Password: a tfp_ token with read (clone) or write (push) scope

# First push of a brand-new local repo:
git init -b main
git remote add origin https://git.tilldev.dev/<org>/<repo>.git
git add . && git commit -m "first commit"
git push -u origin main
04SSH

Clone and push over SSH

Register a public key, then use the ssh:// remote. The same push arrives at the same boundary — secret-reject, branch policy, and author checks all apply identically, whichever transport you use. Keys are fingerprinted, scoped, and expire by policy (no long-lived keys); manage them under Access & tokens.

bash
# SSH — register a public key first (keys expire by policy).
tilldev forge keys add <repo> --name laptop \
  --key "ssh-ed25519 AAAA… you@host" --scope write --expires 90

git clone ssh://git@git.tilldev.dev:2222/<org>/<repo>.git
git push origin main
05Browse

Browse code, history, and blame

You don’t have to clone to read. The CLI and dashboard expose the tree, file contents, commit log, refs, and line-level blame — every --rev is resolved to a commit before anything runs.

bash
# Browse without cloning — the same reads the dashboard uses.
tilldev forge tree acme-api --rev main --path src
tilldev forge blob acme-api --path src/index.ts --rev main
tilldev forge log  acme-api --rev main --limit 20
tilldev forge refs acme-api                 # branches + tags
tilldev forge blame acme-api --path src/index.ts

The dashboard renders the same reads as a repo browser: file tree, README, the commit graph, refs, and blame — plus the open PRs, live findings, and crash correlation for the repo.


Next: Access & tokens for how tfp_ tokens, SSH keys, and roles work, or Branch protection for what the boundary enforces. Back to the TillForge overview.