From: Junio C Hamano <gitster@pobox.com>
To: "brian m. carlson" <sandals@crustytoothpaste.net>
Cc: Vadim Zeitlin <vz-git@zeitlins.org>, git@vger.kernel.org
Subject: Re: Would it be possible to add an option to disable validating submodule paths?
Date: Tue, 07 Jan 2025 15:25:28 -0800 [thread overview]
Message-ID: <xmqq5xmqqk9j.fsf@gitster.g> (raw)
In-Reply-To: <Z320RGb0tqNyvvxt@tapette.crustytoothpaste.net> (brian m. carlson's message of "Tue, 7 Jan 2025 23:09:56 +0000")
"brian m. carlson" <sandals@crustytoothpaste.net> writes:
> Since this is a defense-in-depth change and it seems to have broken a
> reasonable workflow, I think adding a config option for this would be
> reasonable. We've recently had some discussions on trying to limit the
> defense-in-depth measures we implement on the security list in the
> interests of allowing better discussion and feedback on the main list
> and avoiding regressions in people's workflows, and I think your email
> lends support to that approach.
Thanks; I was writing my own response and said pretty much the same
thing as above, before I saw this message.
> I'm not presently planning to add such an option, but it shouldn't be
> too hard to add a global variable for that (or maybe something under
> struct repository) that's updated when parsing config, and then check it
> in `validate_submodule_path`. We'd need docs for that option as well,
> but that would probably be it if someone wanted to do so.
Sounds reasonable, but I wonder how this would interact with
bootstrapping. Should it be configured in ~/.gitconfig, possibly
with [includeIf] to specify the directory you'd store a bunch of
repositories you clone from outside, or something? I guess "git
clone" without "--recurse-submodules" is simple enough to be used
for bootstrapping, and then the configuration can be set at the
top-level superproject after cloning but before "submodule init".
next prev parent reply other threads:[~2025-01-07 23:25 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-07 22:00 Would it be possible to add an option to disable validating submodule paths? Vadim Zeitlin
2025-01-07 23:09 ` brian m. carlson
2025-01-07 23:25 ` Junio C Hamano [this message]
2025-01-07 23:50 ` Re[2]: " Vadim Zeitlin
2025-01-08 16:03 ` Junio C Hamano
2025-01-08 19:30 ` Re[2]: " Vadim Zeitlin
2025-07-28 23:12 ` [PATCH] submodule: Add a config option to skip path validation Vadim Zeitlin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq5xmqqk9j.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=sandals@crustytoothpaste.net \
--cc=vz-git@zeitlins.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.