Re: Would a config var for --force-with-lease be useful?

From: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: "Scott Johnson" <jaywir3@gmail.com>,
	git@vger.kernel.org, "Constantin Weißer" <i7c@posteo.de>
Subject: Re: Would a config var for --force-with-lease be useful?
Date: Mon, 27 Aug 2018 22:44:00 +0200	[thread overview]
Message-ID: <87k1obee0f.fsf@evledraar.gmail.com> (raw)
In-Reply-To: <xmqqlg8rinbz.fsf@gitster-ct.c.googlers.com>

On Mon, Aug 27 2018, Junio C Hamano wrote:

[Scott, I hope you're still with us despite your recent attempt to
unsubscribe from git@ :)]

> Ævar Arnfjörð Bjarmason <avarab@gmail.com> writes:
>
>> This was after/during a long discussion starting with:
>> https://public-inbox.org/git/CACBZZX7MeX-6RHgh2Fa9+YL03mjxs8xmyE86HnVxBxjMYizcig@mail.gmail.com/
>>
>> It appears the only patch that got in from that discussion was my
>> f17d642d3b ("push: document & test --force-with-lease with multiple
>> remotes", 2017-04-19) (https://github.com/git/git/commit/f17d642d3b)
>
> Thanks for pointing at the old thread.
>
> As far as our documentation is concerned, the invitation to improve
> the situation, offered in "git push --help", is still valid:
>
>     Note that all forms other than `--force-with-lease=<refname>:<expect>`
>     that specifies the expected current value of the ref explicitly are
>     still experimental and their semantics may change as we gain experience
>     with this feature.
>
> But I do not think (and I did not think back then) there is a magic
> bullet to make the lazy force-with-lease automatically safe for
> everybody, so it may be time to declare that the lazy force-with-lease
> was a failed experiment and move on, with a patch like the one
> suggested last year in the message:
>
>    https://public-inbox.org/git/xmqq37a9fl8a.fsf_-_@gitster.mtv.corp.google.com/

With the benefit of hindsight I still agree with my counter-argument to
that in https://public-inbox.org/git/8760f4bmig.fsf@gmail.com/

I.e. making plain --force-with-lease harder to use by hiding it behind a
config option gives the user fewer options than with --force to recover.

So I think we should still recommend the longer and even safer variants
of --force-with-lease, but being guaranteed to have the SHA-1 you just
clobbered locally is *better*, and allows us to e.g. do this:

    $ git push --force-with-lease
    hint: You just clobbered <X> on <remote with <Y>. If you regret
    hint: this you can (until the object gets pruned) do:
    hint:     git push <remote> --force-with-lease=<refname>:<Y>

Or, doing the same with --force with some config option to use the
marginally safer (because at least you have a local copy)
--force-with-lease automatically.