From: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
To: git@vger.kernel.org
Cc: "Junio C Hamano" <gitster@pobox.com>,
"Johannes Schindelin" <Johannes.Schindelin@gmx.de>,
"Jeff King" <peff@peff.net>,
"Eric Sunshine" <sunshine@sunshineco.com>,
"Christian Couder" <christian.couder@gmail.com>,
"Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Subject: [PATCH v3 04/10] config doc: elaborate on what transfer.fsckObjects does
Date: Fri, 27 Jul 2018 14:37:14 +0000 [thread overview]
Message-ID: <20180727143720.14948-5-avarab@gmail.com> (raw)
In-Reply-To: <20180525192811.25680-1-avarab@gmail.com>
The existing documentation led the user to believe that all we were
doing were basic reachability sanity checks, but that hasn't been true
for a very long time. Update the description to match reality, and
note the caveat that there's a quarantine for accepting pushes, but
not for fetching.
Also mention that the fsck checks for security issues, which was my
initial motivation for writing this fetch.fsck.* series.
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
Documentation/config.txt | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/Documentation/config.txt b/Documentation/config.txt
index 8d08250a5b..291b4f3c57 100644
--- a/Documentation/config.txt
+++ b/Documentation/config.txt
@@ -3397,8 +3397,17 @@ transfer.fsckObjects::
Defaults to false.
+
When set, the fetch or receive will abort in the case of a malformed
-object or a broken link. The result of an abort are only dangling
-objects.
+object or a link to a nonexistent object. In addition, various other
+issues are checked for, including legacy issues (see `fsck.<msg-id>`),
+and potential security issues like the existence of a `.GIT` directory
+or a malicious `.gitmodules` file (see the release notes for v2.2.1
+and v2.17.1 for details). Other sanity and security checks may be
+added in future releases.
++
+On the receiving side, failing fsckObjects will make those objects
+unreachable, see "QUARANTINE ENVIRONMENT" in
+linkgit:git-receive-pack[1]. On the fetch side, malformed objects will
+instead be left unreferenced in the repository.
transfer.hideRefs::
String(s) `receive-pack` and `upload-pack` use to decide which
--
2.18.0.345.g5c9ce644c3
next prev parent reply other threads:[~2018-07-27 14:37 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-24 15:25 BUG: No way to set fsck.<msg-id> when cloning Ævar Arnfjörð Bjarmason
2018-05-24 15:58 ` Kevin Daudt
2018-05-24 17:04 ` Ævar Arnfjörð Bjarmason
2018-05-24 19:02 ` Jeff King
2018-05-24 19:35 ` [PATCH 0/4] fsck: doc fixes & fetch.fsck.* implementation Ævar Arnfjörð Bjarmason
2018-05-25 19:28 ` [PATCH v2 0/5] " Ævar Arnfjörð Bjarmason
2018-07-27 14:37 ` [PATCH v3 00/10] " Ævar Arnfjörð Bjarmason
2018-07-30 22:13 ` SZEDER Gábor
2018-07-27 14:37 ` [PATCH v3 01/10] receive.fsck.<msg-id> tests: remove dead code Ævar Arnfjörð Bjarmason
2018-07-27 19:11 ` Junio C Hamano
2018-07-27 19:45 ` Ævar Arnfjörð Bjarmason
2018-07-27 22:19 ` Junio C Hamano
2018-07-27 14:37 ` [PATCH v3 02/10] config doc: don't describe *.fetchObjects twice Ævar Arnfjörð Bjarmason
2018-07-27 19:19 ` Junio C Hamano
2018-07-27 14:37 ` [PATCH v3 03/10] config doc: unify the description of fsck.* and receive.fsck.* Ævar Arnfjörð Bjarmason
2018-07-27 19:29 ` Junio C Hamano
2018-07-27 14:37 ` Ævar Arnfjörð Bjarmason [this message]
2018-07-27 19:41 ` [PATCH v3 04/10] config doc: elaborate on what transfer.fsckObjects does Junio C Hamano
2018-07-27 14:37 ` [PATCH v3 05/10] config doc: elaborate on fetch.fsckObjects security Ævar Arnfjörð Bjarmason
2018-07-27 19:45 ` Junio C Hamano
2018-07-28 14:09 ` Ævar Arnfjörð Bjarmason
2018-07-27 14:37 ` [PATCH v3 06/10] transfer.fsckObjects tests: untangle confusing setup Ævar Arnfjörð Bjarmason
2018-07-27 14:37 ` [PATCH v3 07/10] fetch: implement fetch.fsck.* Ævar Arnfjörð Bjarmason
2018-07-27 20:18 ` Junio C Hamano
2018-07-27 21:08 ` Junio C Hamano
2018-07-30 14:58 ` Duy Nguyen
2018-07-30 15:06 ` Ævar Arnfjörð Bjarmason
2018-07-27 14:37 ` [PATCH v3 08/10] fsck: test & document {fetch,receive}.fsck.* config fallback Ævar Arnfjörð Bjarmason
2018-07-27 21:28 ` Junio C Hamano
2018-07-27 14:37 ` [PATCH v3 09/10] fsck: add stress tests for fsck.skipList Ævar Arnfjörð Bjarmason
2018-07-27 14:37 ` [PATCH v3 10/10] fsck: test and document unknown fsck.<msg-id> values Ævar Arnfjörð Bjarmason
2018-07-27 19:50 ` Ævar Arnfjörð Bjarmason
2018-07-27 21:43 ` Junio C Hamano
2018-07-28 13:55 ` Ævar Arnfjörð Bjarmason
2018-07-30 14:47 ` Junio C Hamano
2018-05-25 19:28 ` [PATCH v2 1/5] config doc: don't describe *.fetchObjects twice Ævar Arnfjörð Bjarmason
2018-05-25 21:07 ` Eric Sunshine
2018-05-25 19:28 ` [PATCH v2 2/5] config doc: unify the description of fsck.* and receive.fsck.* Ævar Arnfjörð Bjarmason
2018-05-25 21:16 ` Eric Sunshine
2018-05-28 9:45 ` Junio C Hamano
2018-05-28 16:44 ` Ævar Arnfjörð Bjarmason
2018-05-30 3:05 ` Junio C Hamano
2018-05-30 3:39 ` Junio C Hamano
2018-05-31 7:20 ` Ævar Arnfjörð Bjarmason
2018-06-01 0:11 ` Junio C Hamano
2018-05-25 19:28 ` [PATCH v2 3/5] config doc: elaborate on what transfer.fsckObjects does Ævar Arnfjörð Bjarmason
2018-05-25 21:19 ` Eric Sunshine
2018-05-25 19:28 ` [PATCH v2 4/5] config doc: mention future aspirations for transfer.fsckObjects Ævar Arnfjörð Bjarmason
2018-05-25 20:33 ` Christian Couder
2018-05-25 19:28 ` [PATCH v2 5/5] fetch: implement fetch.fsck.* Ævar Arnfjörð Bjarmason
2018-05-30 3:47 ` Junio C Hamano
2018-05-31 7:23 ` Ævar Arnfjörð Bjarmason
2018-05-28 9:48 ` [PATCH 0/4] fsck: doc fixes & fetch.fsck.* implementation Junio C Hamano
2018-05-24 19:35 ` [PATCH 1/4] config doc: don't describe *.fetchObjects twice Ævar Arnfjörð Bjarmason
2018-05-25 3:18 ` Junio C Hamano
2018-05-24 19:35 ` [PATCH 2/4] config doc: unify the description of fsck.* and receive.fsck.* Ævar Arnfjörð Bjarmason
2018-05-24 19:53 ` Eric Sunshine
2018-05-24 20:12 ` Ævar Arnfjörð Bjarmason
2018-05-24 22:49 ` Eric Sunshine
2018-05-25 2:07 ` Junio C Hamano
2018-05-24 19:35 ` [PATCH 3/4] config doc: elaborate on what transfer.fsckObjects does Ævar Arnfjörð Bjarmason
2018-05-24 20:15 ` Eric Sunshine
2018-05-25 3:22 ` Junio C Hamano
2018-05-31 7:32 ` Ævar Arnfjörð Bjarmason
2018-05-24 19:35 ` [PATCH 4/4] fetch: implement fetch.fsck.* Ævar Arnfjörð Bjarmason
2018-05-25 4:09 ` Junio C Hamano
2018-05-24 17:04 ` BUG: No way to set fsck.<msg-id> when cloning Jeff King
2018-05-24 20:48 ` Thomas Braun
2018-05-25 7:36 ` Ævar Arnfjörð Bjarmason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180727143720.14948-5-avarab@gmail.com \
--to=avarab@gmail.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=christian.couder@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
--cc=sunshine@sunshineco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.