From: Taylor Blau <me@ttaylorr.com>
To: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Cc: Junio C Hamano <gitster@pobox.com>,
Philip Oakley <philipoakley@iee.email>,
Guy Maurel <guy.j@maurel.de>,
git@vger.kernel.org
Subject: Re: a problem with git describe
Date: Tue, 26 Apr 2022 11:50:01 -0400 [thread overview]
Message-ID: <YmgUqbawbHGRTNBD@nand.local> (raw)
In-Reply-To: <nycvar.QRO.7.76.6.2204261730210.355@tvgsbejvaqbjf.bet>
On Tue, Apr 26, 2022 at 05:41:36PM +0200, Johannes Schindelin wrote:
> This idea to disable "just the unsafe parts" has come up before, and I do
> not really like it. It would change Git's behavior in inconsistent,
> hard-to-explain ways. For example, we would have to disable clean/smudge
> filters, which would then break, say, Git LFS.
I share your sentiment on the "don't read the unsafe parts" bit.
I think replacing our behavior from 2.35.2 from "bail on every execution
of Git in an unowned directory not listed in safe.directory" to "emit a
warning and don't read config/hooks in an unowned [...]" is a little
friendlier in the sense that it would avoid breaking too many workflows
without opening us up to the attack described and mitigate by that
release.
A warning is definitely appropriate to tell users when we are and aren't
reading config. I strongly dislike "read some parts of config and not
others" though, since it seems (a) even harder to explain and
inconsistent than this, and (b) extremely error prone and fragile in the
sense that we are unlikely to completely enumerate every possible config
-> execution path in git-config(1).
Thanks,
Taylor
next prev parent reply other threads:[~2022-04-26 15:50 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-23 9:12 a problem with git describe Guy Maurel
2022-04-23 11:27 ` Philip Oakley
2022-04-23 16:09 ` Junio C Hamano
2022-04-23 23:44 ` Junio C Hamano
2022-04-25 2:01 ` Carlo Marcelo Arenas Belón
2022-04-25 5:05 ` SZEDER Gábor
2022-04-25 6:03 ` Carlo Marcelo Arenas Belón
2022-04-25 6:39 ` Junio C Hamano
2022-04-25 7:02 ` Carlo Marcelo Arenas Belón
2022-04-25 8:40 ` Carlo Marcelo Arenas Belón
2022-04-25 15:11 ` Guy Maurel
2022-04-26 15:43 ` Johannes Schindelin
2022-04-26 15:56 ` rsbecker
2022-04-26 16:35 ` Carlo Arenas
2022-04-26 16:46 ` Junio C Hamano
2022-04-26 17:15 ` Carlo Arenas
2022-04-26 15:45 ` Johannes Schindelin
2022-04-26 16:25 ` Junio C Hamano
2022-04-26 1:52 ` Taylor Blau
2022-04-26 15:41 ` Johannes Schindelin
2022-04-26 15:50 ` Taylor Blau [this message]
2022-04-26 15:30 ` Johannes Schindelin
2022-04-26 15:36 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YmgUqbawbHGRTNBD@nand.local \
--to=me@ttaylorr.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=guy.j@maurel.de \
--cc=philipoakley@iee.email \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.