From: Emily Shaffer <emilyshaffer@google.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: git@vger.kernel.org
Subject: Re: [PATCH v4 10/15] bugreport: add config values from safelist
Date: Thu, 23 Jan 2020 19:29:05 -0800 [thread overview]
Message-ID: <20200124032905.GA37541@google.com> (raw)
In-Reply-To: <xmqqfthij1ac.fsf@gitster-ct.c.googlers.com>
On Tue, Dec 17, 2019 at 09:43:23AM -0800, Junio C Hamano wrote:
> Emily Shaffer <emilyshaffer@google.com> writes:
>
> >> But that is too simple-minded. If we wanted to safelist foo.*.bar,
> >> where '*' can be anything, walking on the list of safe variables
> >> would not work. We must have a hash table that knows "foo.*.bar" is
> >> allowed, and while walking all the configuration keys, when we see
> >> foo.a.bar, we consult "foo.*.bar" as well as "foo.a.bar" to see if
> >> it is whitelisted, or something like that.
> >
> > ...unless we want to use wildcards like you suggest.
> >
> > But I'm not sure it's a good idea. I envision someone writing another
> > Git add-on, which offers someone to specify "user.password" ...
>
> Wildcarding the leaf level of two (or for that matter three) level
> names like "user.*" in your example is of course a nonsense way to
> use the safelist. But think about three-level names where the
> second level is designed to be used for user-supplied token to give
> things of similar nature a name the user can use to distinguish
> things. If remote.origin.url is worth reporting, wouldn't
> remote.upstream.url also be? Shouldn't remote.*.url be the way to
> say "the URL field for each and every remote is a safe thing to
> report" in the safelist?
Bah, somehow this mail slipped through the cracks for me.
When you put it that way, I see how it can be useful. Although I admit
to fatigue on this patchset and now I'm hesitant about feature creep. :)
I'm going to send the reroll for v5 as I have it, not having seen this
mail, and think more about how I'd approach wildcarding in the middle
like this. I want to take a look at the other configs which use a middle
level as a user token and try to reason about whether we ought to be
collecting them. I'll hope to report back sooner (or later).
- Emily
next prev parent reply other threads:[~2020-01-24 3:29 UTC|newest]
Thread overview: 273+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-13 0:42 [PATCH v4 00/15] add git-bugreport tool Emily Shaffer
2019-12-13 0:42 ` [PATCH v4 01/15] bugreport: add tool to generate debugging info Emily Shaffer
2019-12-13 0:42 ` [PATCH v4 02/15] help: move list_config_help to builtin/help Emily Shaffer
2019-12-13 20:51 ` Junio C Hamano
2019-12-16 21:36 ` Emily Shaffer
2019-12-16 22:19 ` Junio C Hamano
2019-12-16 22:34 ` Emily Shaffer
2019-12-13 0:43 ` [PATCH v4 03/15] bugreport: gather git version and build info Emily Shaffer
2019-12-13 21:06 ` Junio C Hamano
2019-12-20 1:46 ` Emily Shaffer
2019-12-17 18:45 ` Johannes Schindelin
2019-12-17 20:34 ` Junio C Hamano
2019-12-20 1:25 ` Emily Shaffer
2019-12-13 0:43 ` [PATCH v4 04/15] help: add shell-path to --build-options Emily Shaffer
2019-12-13 0:43 ` [PATCH v4 05/15] bugreport: add uname info Emily Shaffer
2019-12-13 21:12 ` Junio C Hamano
2020-01-10 2:05 ` Aaron Schrab
2019-12-13 0:43 ` [PATCH v4 06/15] bugreport: add glibc version Emily Shaffer
2019-12-13 21:18 ` Junio C Hamano
2019-12-16 22:39 ` Emily Shaffer
2019-12-13 0:43 ` [PATCH v4 07/15] bugreport: add curl version Emily Shaffer
2019-12-13 21:27 ` Junio C Hamano
2019-12-16 22:49 ` Emily Shaffer
2019-12-17 18:47 ` Johannes Schindelin
2019-12-13 0:43 ` [PATCH v4 08/15] bugreport: include user interactive shell Emily Shaffer
2019-12-13 21:38 ` Junio C Hamano
2019-12-13 0:43 ` [PATCH v4 09/15] bugreport: generate config safelist based on docs Emily Shaffer
2019-12-13 22:57 ` Junio C Hamano
2019-12-16 23:01 ` Emily Shaffer
2019-12-17 0:41 ` Emily Shaffer
2019-12-15 20:17 ` Johannes Schindelin
2019-12-16 22:52 ` Emily Shaffer
2019-12-17 18:38 ` Johannes Schindelin
2019-12-13 0:43 ` [PATCH v4 10/15] bugreport: add config values from safelist Emily Shaffer
2019-12-13 21:45 ` Junio C Hamano
2019-12-16 23:40 ` Emily Shaffer
2019-12-17 17:43 ` Junio C Hamano
2020-01-24 3:29 ` Emily Shaffer [this message]
2019-12-29 20:17 ` Johannes Schindelin
2019-12-13 0:43 ` [PATCH v4 11/15] bugreport: collect list of populated hooks Emily Shaffer
2019-12-13 21:47 ` Junio C Hamano
2019-12-16 23:51 ` Emily Shaffer
2019-12-13 0:43 ` [PATCH v4 12/15] bugreport: count loose objects Emily Shaffer
2019-12-13 21:51 ` Junio C Hamano
2019-12-16 23:54 ` Emily Shaffer
2019-12-13 0:43 ` [PATCH v4 13/15] bugreport: add packed object summary Emily Shaffer
2019-12-13 21:56 ` Junio C Hamano
2019-12-16 23:56 ` Emily Shaffer
2019-12-13 0:43 ` [PATCH v4 14/15] bugreport: list contents of $OBJDIR/info Emily Shaffer
2019-12-13 0:43 ` [PATCH v4 15/15] bugreport: summarize contents of alternates file Emily Shaffer
2020-01-24 3:34 ` [PATCH v5 00/15] add git-bugreport tool emilyshaffer
2020-01-24 3:34 ` [PATCH v5 01/15] bugreport: add tool to generate debugging info emilyshaffer
2020-01-30 22:18 ` Martin Ågren
2020-02-04 22:00 ` Emily Shaffer
2020-01-24 3:34 ` [PATCH v5 02/15] help: move list_config_help to builtin/help emilyshaffer
2020-01-30 22:19 ` Martin Ågren
2020-02-04 0:53 ` Emily Shaffer
2020-01-24 3:34 ` [PATCH v5 03/15] bugreport: gather git version and build info emilyshaffer
2020-01-30 22:19 ` Martin Ågren
2020-02-04 22:21 ` Emily Shaffer
2020-01-24 3:34 ` [PATCH v5 04/15] help: add shell-path to --build-options emilyshaffer
2020-01-30 22:21 ` Martin Ågren
2020-01-24 3:34 ` [PATCH v5 05/15] bugreport: add uname info emilyshaffer
2020-01-24 3:34 ` [PATCH v5 06/15] bugreport: add compiler info emilyshaffer
2020-01-30 22:21 ` Martin Ågren
2020-02-04 22:51 ` Emily Shaffer
2020-02-05 19:47 ` Martin Ågren
2020-01-24 3:34 ` [PATCH v5 07/15] bugreport: add curl version emilyshaffer
2020-01-30 22:27 ` Martin Ågren
2020-02-04 22:54 ` Emily Shaffer
2020-01-24 3:34 ` [PATCH v5 08/15] bugreport: include user interactive shell emilyshaffer
2020-01-30 22:28 ` Martin Ågren
2020-02-04 23:16 ` Emily Shaffer
2020-02-05 20:06 ` Junio C Hamano
2020-02-05 20:14 ` Martin Ågren
2020-01-24 3:34 ` [PATCH v5 09/15] bugreport: generate config safelist based on docs emilyshaffer
2020-01-30 22:34 ` Martin Ågren
2020-02-05 0:44 ` Emily Shaffer
2020-02-05 19:53 ` Martin Ågren
2020-01-31 21:20 ` Martin Ågren
2020-02-05 0:30 ` Emily Shaffer
2020-02-05 0:52 ` Emily Shaffer
2020-01-24 3:34 ` [PATCH v5 10/15] bugreport: add config values from safelist emilyshaffer
2020-01-30 22:36 ` Martin Ågren
2020-02-05 1:34 ` Emily Shaffer
2020-01-31 21:25 ` Martin Ågren
2020-02-05 2:31 ` Emily Shaffer
2020-02-05 20:12 ` Martin Ågren
2020-01-24 3:34 ` [PATCH v5 11/15] bugreport: collect list of populated hooks emilyshaffer
2020-02-04 18:44 ` Junio C Hamano
2020-02-05 2:48 ` Emily Shaffer
2020-02-05 3:00 ` Emily Shaffer
2020-01-24 3:34 ` [PATCH v5 12/15] bugreport: count loose objects emilyshaffer
2020-02-04 18:48 ` Junio C Hamano
2020-02-05 2:50 ` Emily Shaffer
2020-01-24 3:34 ` [PATCH v5 13/15] bugreport: add packed object summary emilyshaffer
2020-02-04 19:00 ` Junio C Hamano
2020-02-05 3:15 ` Emily Shaffer
2020-02-04 19:03 ` Junio C Hamano
2020-02-05 3:09 ` Emily Shaffer
2020-01-24 3:34 ` [PATCH v5 14/15] bugreport: list contents of $OBJDIR/info emilyshaffer
2020-01-24 3:34 ` [PATCH v5 15/15] bugreport: summarize contents of alternates file emilyshaffer
2020-01-24 3:38 ` [PATCH v5 00/15] add git-bugreport tool Emily Shaffer
2020-01-28 23:04 ` Jonathan Tan
2020-01-28 23:26 ` Emily Shaffer
2020-01-30 22:15 ` Martin Ågren
2020-02-04 0:07 ` Emily Shaffer
2020-02-06 0:40 ` [PATCH v6 " Emily Shaffer
2020-02-06 0:40 ` [PATCH v6 01/15] help: move list_config_help to builtin/help Emily Shaffer
2020-02-06 1:35 ` Danh Doan
2020-02-13 22:58 ` Emily Shaffer
2020-02-13 23:07 ` Eric Sunshine
2020-02-13 23:24 ` Junio C Hamano
2020-02-13 23:29 ` Eric Sunshine
2020-02-14 1:20 ` Emily Shaffer
2020-02-06 0:40 ` [PATCH v6 02/15] help: add shell-path to --build-options Emily Shaffer
2020-02-06 0:40 ` [PATCH v6 03/15] bugreport: add tool to generate debugging info Emily Shaffer
2020-02-07 14:18 ` SZEDER Gábor
2020-02-07 18:51 ` Junio C Hamano
2020-02-11 22:40 ` Emily Shaffer
2020-02-07 14:54 ` SZEDER Gábor
2020-02-12 18:06 ` Junio C Hamano
2020-02-12 22:36 ` Emily Shaffer
2020-02-06 0:40 ` [PATCH v6 04/15] bugreport: gather git version and build info Emily Shaffer
2020-02-06 0:40 ` [PATCH v6 05/15] bugreport: add uname info Emily Shaffer
2020-02-06 0:40 ` [PATCH v6 06/15] bugreport: add compiler info Emily Shaffer
2020-02-06 0:41 ` [PATCH v6 07/15] bugreport: add git-remote-https version Emily Shaffer
2020-02-06 0:41 ` [PATCH v6 08/15] bugreport: include user interactive shell Emily Shaffer
2020-02-06 0:41 ` [PATCH v6 09/15] bugreport: generate config safelist based on docs Emily Shaffer
2020-02-07 15:30 ` SZEDER Gábor
2020-02-13 23:14 ` Emily Shaffer
2020-02-06 0:41 ` [PATCH v6 10/15] bugreport: add config values from safelist Emily Shaffer
2020-02-07 14:47 ` SZEDER Gábor
2020-02-07 15:08 ` SZEDER Gábor
2020-02-07 16:24 ` Eric Sunshine
2020-02-07 16:51 ` Andreas Schwab
2020-02-13 22:02 ` Emily Shaffer
2020-02-06 0:41 ` [PATCH v6 11/15] bugreport: collect list of populated hooks Emily Shaffer
2020-02-06 0:41 ` [PATCH v6 12/15] bugreport: count loose objects Emily Shaffer
2020-02-06 0:41 ` [PATCH v6 13/15] bugreport: add packed object summary Emily Shaffer
2020-02-06 0:41 ` [PATCH v6 14/15] bugreport: list contents of $OBJDIR/info Emily Shaffer
2020-02-06 0:41 ` [PATCH v6 15/15] bugreport: summarize contents of alternates file Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 00/15] add git-bugreport tool Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 01/15] help: move list_config_help to builtin/help Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 02/15] help: add shell-path to --build-options Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 03/15] bugreport: add tool to generate debugging info Emily Shaffer
2020-02-14 17:25 ` Junio C Hamano
2020-02-15 1:57 ` Emily Shaffer
2020-02-15 18:24 ` Junio C Hamano
2020-02-18 23:46 ` Emily Shaffer
2020-02-18 23:56 ` Emily Shaffer
2020-02-19 23:15 ` Emily Shaffer
2020-02-19 23:24 ` Junio C Hamano
2020-02-19 14:18 ` Johannes Schindelin
2020-02-19 16:55 ` Junio C Hamano
2020-02-19 21:52 ` Emily Shaffer
2020-02-19 22:09 ` Junio C Hamano
2020-02-19 23:06 ` Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 04/15] bugreport: gather git version and build info Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 05/15] bugreport: add uname info Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 06/15] bugreport: add compiler info Emily Shaffer
2020-02-19 14:23 ` Johannes Schindelin
2020-02-19 22:45 ` Emily Shaffer
2020-02-20 22:33 ` Johannes Schindelin
2020-02-20 23:33 ` Emily Shaffer
2020-02-21 15:22 ` Johannes Schindelin
2020-02-22 0:04 ` Emily Shaffer
2020-02-24 2:55 ` Junio C Hamano
2020-02-14 1:53 ` [PATCH v7 07/15] bugreport: add git-remote-https version Emily Shaffer
2020-02-19 14:28 ` Johannes Schindelin
2020-02-19 22:28 ` Emily Shaffer
2020-02-19 22:33 ` Junio C Hamano
2020-02-20 22:33 ` Johannes Schindelin
2020-02-14 1:53 ` [PATCH v7 08/15] bugreport: include user interactive shell Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 09/15] bugreport: generate config safelist based on docs Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 10/15] bugreport: add config values from safelist Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 11/15] bugreport: collect list of populated hooks Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 12/15] bugreport: count loose objects Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 13/15] bugreport: add packed object summary Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 14/15] bugreport: list contents of $OBJDIR/info Emily Shaffer
2020-02-14 17:04 ` Junio C Hamano
2020-02-18 23:59 ` Emily Shaffer
2020-02-14 1:53 ` [PATCH v7 15/15] bugreport: summarize contents of alternates file Emily Shaffer
2020-02-14 17:32 ` [PATCH v7 00/15] add git-bugreport tool Junio C Hamano
2020-02-14 22:00 ` Emily Shaffer
2020-02-14 22:30 ` Junio C Hamano
2020-02-20 1:58 ` [PATCH v8 " Emily Shaffer
2020-02-20 1:58 ` [PATCH v8 01/15] help: move list_config_help to builtin/help Emily Shaffer
2020-02-20 1:58 ` [PATCH v8 02/15] help: add shell-path to --build-options Emily Shaffer
2020-02-20 19:03 ` Junio C Hamano
2020-02-20 21:15 ` Emily Shaffer
2020-02-20 1:58 ` [PATCH v8 03/15] bugreport: add tool to generate debugging info Emily Shaffer
2020-02-20 19:33 ` Junio C Hamano
2020-02-20 22:33 ` Emily Shaffer
2020-02-26 16:12 ` Johannes Schindelin
2020-02-20 1:58 ` [PATCH v8 04/15] bugreport: gather git version and build info Emily Shaffer
2020-02-20 20:07 ` Junio C Hamano
2020-02-20 23:03 ` Emily Shaffer
2020-02-20 23:18 ` Junio C Hamano
2020-02-20 1:58 ` [PATCH v8 05/15] bugreport: add uname info Emily Shaffer
2020-02-20 20:12 ` Junio C Hamano
2020-02-20 23:20 ` Emily Shaffer
2020-02-20 1:58 ` [PATCH v8 06/15] bugreport: add compiler info Emily Shaffer
2020-02-20 2:49 ` Danh Doan
2020-02-20 23:23 ` Emily Shaffer
2020-02-20 20:23 ` Junio C Hamano
2020-02-21 0:26 ` Junio C Hamano
2020-02-20 1:58 ` [PATCH v8 07/15] bugreport: add git-remote-https version Emily Shaffer
2020-02-20 20:35 ` Junio C Hamano
2020-02-20 23:28 ` Emily Shaffer
2020-02-21 3:44 ` Junio C Hamano
2020-02-25 22:08 ` Emily Shaffer
2020-02-25 22:26 ` Junio C Hamano
2020-02-25 23:29 ` Emily Shaffer
2020-02-25 23:29 ` Junio C Hamano
2020-02-25 23:55 ` Emily Shaffer
2020-02-20 1:58 ` [PATCH v8 08/15] bugreport: include user interactive shell Emily Shaffer
2020-02-20 1:58 ` [PATCH v8 09/15] bugreport: generate config safelist based on docs Emily Shaffer
2020-02-20 20:40 ` Junio C Hamano
2020-02-26 16:13 ` Johannes Schindelin
2020-02-26 16:49 ` Junio C Hamano
2020-02-20 1:58 ` [PATCH v8 10/15] bugreport: add config values from safelist Emily Shaffer
2020-02-20 20:47 ` Junio C Hamano
2020-02-20 1:58 ` [PATCH v8 11/15] bugreport: collect list of populated hooks Emily Shaffer
2020-02-20 20:58 ` Junio C Hamano
2020-02-25 23:19 ` Emily Shaffer
2020-02-20 1:58 ` [PATCH v8 12/15] bugreport: count loose objects Emily Shaffer
2020-02-20 21:04 ` Junio C Hamano
2020-02-25 23:22 ` Emily Shaffer
2020-02-25 23:26 ` Emily Shaffer
2020-02-20 1:58 ` [PATCH v8 13/15] bugreport: add packed object summary Emily Shaffer
2020-02-20 22:04 ` Junio C Hamano
2020-02-25 23:58 ` Emily Shaffer
2020-02-20 1:58 ` [PATCH v8 14/15] bugreport: list contents of $OBJDIR/info Emily Shaffer
2020-02-20 22:18 ` Junio C Hamano
2020-02-20 1:58 ` [PATCH v8 15/15] bugreport: summarize contents of alternates file Emily Shaffer
2020-02-20 14:08 ` Johannes Schindelin
2020-02-20 22:22 ` Junio C Hamano
2020-03-02 23:03 ` [PATCH v9 0/5] add git-bugreport tool Emily Shaffer
2020-03-02 23:03 ` [PATCH v9 1/5] help: move list_config_help to builtin/help Emily Shaffer
2020-03-02 23:03 ` [PATCH v9 2/5] bugreport: add tool to generate debugging info Emily Shaffer
2020-03-03 14:18 ` Johannes Schindelin
2020-03-04 21:35 ` Johannes Schindelin
2020-03-05 23:34 ` Jeff Hostetler
2020-03-06 13:57 ` Johannes Schindelin
2020-03-06 18:25 ` Junio C Hamano
2020-03-06 18:08 ` Junio C Hamano
2020-03-06 18:58 ` Jeff Hostetler
2020-03-08 22:24 ` Johannes Schindelin
2020-03-09 14:59 ` Junio C Hamano
2020-03-09 19:17 ` Johannes Schindelin
2020-03-09 19:47 ` Junio C Hamano
2020-03-10 11:42 ` Johannes Schindelin
2020-03-10 18:37 ` Junio C Hamano
2020-03-10 22:08 ` Johannes Schindelin
2020-03-19 21:39 ` Emily Shaffer
2020-03-20 0:28 ` Junio C Hamano
2020-03-20 15:35 ` Johannes Schindelin
2020-03-23 18:52 ` Emily Shaffer
2020-03-20 15:42 ` Johannes Schindelin
2020-03-23 18:50 ` Emily Shaffer
2020-03-20 17:43 ` Junio C Hamano
2020-03-20 22:38 ` Johannes Schindelin
2020-03-20 22:47 ` Junio C Hamano
2020-03-21 10:53 ` Johannes Schindelin
2020-03-02 23:03 ` [PATCH v9 3/5] bugreport: gather git version and build info Emily Shaffer
2020-03-23 21:20 ` Junio C Hamano
2020-03-02 23:03 ` [PATCH v9 4/5] bugreport: add uname info Emily Shaffer
2020-03-02 23:04 ` [PATCH v9 5/5] bugreport: add compiler info Emily Shaffer
2020-03-03 11:46 ` Danh Doan
2020-03-03 14:07 ` Junio C Hamano
2020-03-04 21:39 ` Johannes Schindelin
2020-03-23 21:27 ` Emily Shaffer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200124032905.GA37541@google.com \
--to=emilyshaffer@google.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.