From: Derrick Stolee <derrickstolee@github.com>
To: Junio C Hamano <gitster@pobox.com>,
Derrick Stolee via GitGitGadget <gitgitgadget@gmail.com>
Cc: git@vger.kernel.org, peff@peff.net, me@ttaylorr.com,
avarab@gmail.com, christian.couder@gmail.com,
johannes.schindelin@gmx.de, jrnieder@gmail.com,
"brian m. carlson" <sandals@crustytoothpaste.net>,
Robert Coup <robert.coup@koordinates.com>
Subject: Re: [PATCH v2] urlmatch: create fetch.credentialsInUrl config
Date: Tue, 31 May 2022 09:32:45 -0400 [thread overview]
Message-ID: <a9f1f310-ef48-b5f5-39ae-ca45ae48038d@github.com> (raw)
In-Reply-To: <xmqqilpnyiwe.fsf@gitster.g>
On 5/29/2022 8:16 PM, Junio C Hamano wrote:
> "Derrick Stolee via GitGitGadget" <gitgitgadget@gmail.com> writes:
>
>> Create a new "fetch.credentialsInUrl" config option and teach Git to
>> warn or die when seeing a URL with this kind of information. The warning
>> anonymizes the sensitive information of the URL to be clear about the
>> issue.
>>
>> This change currently defaults the behavior to "allow" which does
>> nothing with these URLs. We can consider changing this behavior to
>> "warn" by default if we wish. At that time, we may want to add some
>> advice about setting fetch.credentialsInUrl=ignore for users who still
>> want to follow this pattern (and not receive the warning).
>
> Can we make this die in a bit more controlled way?
>
> e.g. https://github.com/git/git/runs/6646450422 seems to show that
> depending on the timing, the call to die() on the "git clone" side
> may cause us stop reading early enough to kill the other side with
> SIGPIPE. The nicely prepared warning message seems to be lost.
Thanks for pointing this out. It took a while for me to reproduce
this with --stress, but I can get it to happen on my machine.
Investigating now.
Thanks,
-Stolee
next prev parent reply other threads:[~2022-05-31 13:32 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-23 18:04 [PATCH] urlmatch: create fetch.credentialsInUrl config Derrick Stolee via GitGitGadget
2022-05-23 19:06 ` Junio C Hamano
2022-05-23 20:31 ` Derrick Stolee
2022-05-23 21:14 ` Junio C Hamano
2022-05-24 11:46 ` Johannes Schindelin
2022-05-24 20:14 ` Derrick Stolee
2022-05-23 20:37 ` Junio C Hamano
2022-05-24 11:51 ` Johannes Schindelin
2022-05-24 8:18 ` Ævar Arnfjörð Bjarmason
2022-05-24 13:50 ` Derrick Stolee
2022-05-24 21:01 ` Ævar Arnfjörð Bjarmason
2022-05-25 14:03 ` Derrick Stolee
2022-05-24 11:42 ` Johannes Schindelin
2022-05-24 20:16 ` Derrick Stolee
2022-05-27 13:27 ` [PATCH v2] " Derrick Stolee via GitGitGadget
2022-05-27 14:22 ` Ævar Arnfjörð Bjarmason
2022-05-27 14:43 ` Derrick Stolee
2022-05-27 18:09 ` Junio C Hamano
2022-05-27 18:40 ` Junio C Hamano
2022-05-30 0:16 ` Junio C Hamano
2022-05-31 13:32 ` Derrick Stolee [this message]
2022-06-01 1:16 ` [PATCH v3 0/2] fetch: " Derrick Stolee via GitGitGadget
2022-06-01 1:16 ` [PATCH v3 1/2] remote: " Derrick Stolee via GitGitGadget
2022-06-01 19:19 ` Ævar Arnfjörð Bjarmason
2022-06-02 13:38 ` Derrick Stolee
2022-06-01 1:16 ` [PATCH v3 2/2] usage: add warn_once() helper for repeated warnings Derrick Stolee via GitGitGadget
2022-06-01 12:29 ` Ævar Arnfjörð Bjarmason
2022-06-01 18:42 ` Derrick Stolee
2022-06-01 19:33 ` Ævar Arnfjörð Bjarmason
2022-06-02 13:43 ` Derrick Stolee
2022-06-01 20:21 ` Junio C Hamano
2022-06-02 14:24 ` Derrick Stolee
2022-06-02 17:53 ` Junio C Hamano
2022-06-01 20:40 ` Junio C Hamano
2022-06-02 17:20 ` [PATCH v4] remote: create fetch.credentialsInUrl config Derrick Stolee via GitGitGadget
2022-06-02 21:20 ` Junio C Hamano
2022-06-03 12:54 ` Derrick Stolee
2022-06-06 15:37 ` Junio C Hamano
2022-06-06 14:36 ` [PATCH v5] " Derrick Stolee via GitGitGadget
2022-06-06 16:34 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a9f1f310-ef48-b5f5-39ae-ca45ae48038d@github.com \
--to=derrickstolee@github.com \
--cc=avarab@gmail.com \
--cc=christian.couder@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=gitster@pobox.com \
--cc=johannes.schindelin@gmx.de \
--cc=jrnieder@gmail.com \
--cc=me@ttaylorr.com \
--cc=peff@peff.net \
--cc=robert.coup@koordinates.com \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.