From: Junio C Hamano <gitster@pobox.com>
To: Christian Couder <christian.couder@gmail.com>
Cc: git@vger.kernel.org, Patrick Steinhardt <ps@pks.im>,
Taylor Blau <me@ttaylorr.com>,
Karthik Nayak <karthik.188@gmail.com>,
Elijah Newren <newren@gmail.com>,
Christian Couder <chriscool@tuxfamily.org>
Subject: Re: [PATCH 14/16] promisor-remote: trust known remotes matching acceptFromServerUrl
Date: Tue, 31 Mar 2026 15:03:27 -0700 [thread overview]
Message-ID: <xmqq341fy7v4.fsf@gitster.g> (raw)
In-Reply-To: <CAP8UFD2vAK_khTkJMP4QBfhYA5iYVW5sfB3i-vnzhf71BvwQ=w@mail.gmail.com> (Christian Couder's message of "Fri, 27 Mar 2026 13:17:59 +0100")
Christian Couder <christian.couder@gmail.com> writes:
>> Between the first sentence and the second one, I think there needs
>> to be an explanation on what "trusted" means in this context. Is it
>> trusted so that the URL can feed random configuration variable=value
>> pairs for the client to blindly apply? Or is it trusted to do very
>> limited things that other remotes can do, and if so what are these
>> limited things? Without knowing that, the end-users cannot assess
>> the security implications of setting this option.
>
> Yeah, in the current version, the following is used, which is more explicit:
> ...
Do you mean by "the current version", the one you are preparing as
an updated iteration?
If so, let me mark the topic to be expecting a reroll. From the
reviews by Patrick, I am not sure if I should also add the usual
"(hopefully small and final)" in this case, not just yet, though.
Thanks.
next prev parent reply other threads:[~2026-03-31 22:03 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-23 8:05 [PATCH 00/16] Auto-configure advertised remotes via URL whitelist Christian Couder
2026-03-23 8:05 ` [PATCH 01/16] promisor-remote: try accepted remotes before others in get_direct() Christian Couder
2026-03-26 12:20 ` Patrick Steinhardt
2026-04-02 6:34 ` Christian Couder
2026-03-23 8:05 ` [PATCH 02/16] urlmatch: change 'allow_globs' arg to bool Christian Couder
2026-03-23 8:05 ` [PATCH 03/16] urlmatch: add url_is_valid_pattern() helper Christian Couder
2026-03-26 12:20 ` Patrick Steinhardt
2026-04-27 12:42 ` Christian Couder
2026-03-23 8:05 ` [PATCH 04/16] promisor-remote: clarify that a remote is ignored Christian Couder
2026-03-26 12:20 ` Patrick Steinhardt
2026-04-02 7:03 ` Christian Couder
2026-03-23 8:05 ` [PATCH 05/16] promisor-remote: refactor has_control_char() Christian Couder
2026-03-23 8:05 ` [PATCH 06/16] promisor-remote: refactor accept_from_server() Christian Couder
2026-03-23 8:05 ` [PATCH 07/16] promisor-remote: keep accepted promisor_info structs alive Christian Couder
2026-03-26 12:21 ` Patrick Steinhardt
2026-03-23 8:05 ` [PATCH 08/16] promisor-remote: remove the 'accepted' strvec Christian Couder
2026-03-26 12:21 ` Patrick Steinhardt
2026-04-02 6:59 ` Christian Couder
2026-03-23 8:05 ` [PATCH 09/16] promisor-remote: add 'local_name' to 'struct promisor_info' Christian Couder
2026-03-26 12:21 ` Patrick Steinhardt
2026-04-27 12:42 ` Christian Couder
2026-03-23 8:05 ` [PATCH 10/16] promisor-remote: pass config entry to all_fields_match() directly Christian Couder
2026-03-26 12:21 ` Patrick Steinhardt
2026-04-02 6:35 ` Christian Couder
2026-03-23 8:05 ` [PATCH 11/16] promisor-remote: refactor should_accept_remote() control flow Christian Couder
2026-03-26 12:21 ` Patrick Steinhardt
2026-04-02 6:55 ` Christian Couder
2026-03-23 8:05 ` [PATCH 12/16] t5710: use proper file:// URIs for absolute paths Christian Couder
2026-03-26 12:21 ` Patrick Steinhardt
2026-04-02 6:36 ` Christian Couder
2026-03-23 8:05 ` [PATCH 13/16] promisor-remote: introduce promisor.acceptFromServerUrl Christian Couder
2026-03-26 12:21 ` Patrick Steinhardt
2026-04-27 12:44 ` Christian Couder
2026-03-23 8:05 ` [PATCH 14/16] promisor-remote: trust known remotes matching acceptFromServerUrl Christian Couder
2026-03-23 18:54 ` Junio C Hamano
2026-03-23 23:47 ` Junio C Hamano
2026-03-27 12:17 ` Christian Couder
2026-03-31 22:03 ` Junio C Hamano [this message]
2026-04-01 5:41 ` Christian Couder
2026-03-26 12:21 ` Patrick Steinhardt
2026-04-27 12:45 ` Christian Couder
2026-03-23 8:05 ` [PATCH 15/16] promisor-remote: auto-configure unknown remotes Christian Couder
2026-03-26 12:21 ` Patrick Steinhardt
2026-04-27 12:44 ` Christian Couder
2026-03-23 8:05 ` [PATCH 16/16] doc: promisor: improve acceptFromServer entry Christian Couder
2026-03-26 12:21 ` [PATCH 00/16] Auto-configure advertised remotes via URL whitelist Patrick Steinhardt
2026-04-02 6:41 ` Christian Couder
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq341fy7v4.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=chriscool@tuxfamily.org \
--cc=christian.couder@gmail.com \
--cc=git@vger.kernel.org \
--cc=karthik.188@gmail.com \
--cc=me@ttaylorr.com \
--cc=newren@gmail.com \
--cc=ps@pks.im \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.