It depends on the context. If it's an URL that is easy to guess and reflects user-created content, your system is leaking information about their users if it returns 403. The example that comes to mind is GitHub returning 404s for both nonexisting and private repos when the authenticated user doesn't have access to it.
implementation without design
and to just send “Bad request” when it’s a good request - does not make sense
That's when you use a 5xx status, then. The client doesn't care how many other services you reach out to in order to fulfill their request. A 5xx code also covers failures in other parts of the system.
A 2xx means success to its requester. If you have an error in step 6 out of 13 that breaks the resource action, you shouldn't be returning a success.
You might argue what to return and what kind of information to include in the response (like tracking numbers), but it shouldn't be a 2xx and I don't see how a misleading 200 would be more helpful than a 400 bad request.
That's not what HTTP errors are about, HTTP is a high level application protocol and its errors are supposed to be around access to resources, the underlying QUIC or TCP will handle most lower level networking nuances.
Also, 5xx errors are not about incorrect inputs, that's 4xx.
Why can you not run git on the server? If it's a credential thing, you can forward it through the SSH connection.
Well, GUIs are even more distro-specific, so it's either generalisability or user-friendliness. It doesn't mean that guis don't have the option.
still more real than thoughts and prayers
hey, at least it's not a 200 with { "error": "Bad request" }
damn, are we already there? The only place I saw ads in an elevator was in cyberpunk 2077
heheh
ah wait, this is not the onion
https://github.com/TimefoldAI/timefold-solver