From: Junio C Hamano <gitster@pobox.com>
To: Josh Steadmon <steadmon@google.com>
Cc: git@vger.kernel.org, chooglen@google.com
Subject: Re: [PATCH v3] setup: trace bare repository setups
Date: Fri, 05 May 2023 15:30:38 -0700 [thread overview]
Message-ID: <xmqqa5yicsxd.fsf@gitster.g> (raw)
In-Reply-To: <e98be8e7f703fc741e06d9208545abc8c24d1a4a.1682962110.git.steadmon@google.com> (Josh Steadmon's message of "Mon, 1 May 2023 10:30:37 -0700")
Josh Steadmon <steadmon@google.com> writes:
> From: Glen Choo <chooglen@google.com>
>
> safe.bareRepository=explicit is a safer default mode of operation, since
> it guards against the embedded bare repository attack [1]. Most end
> users don't use bare repositories directly, so they should be able to
> set safe.bareRepository=explicit, with the expectation that they can
> reenable bare repositories by specifying GIT_DIR or --git-dir.
>
> However, the user might use a tool that invokes Git on bare repositories
> without setting GIT_DIR (e.g. "go mod" will clone bare repositories
> [2]), so even if a user wanted to use safe.bareRepository=explicit, it
> wouldn't be feasible until their tools learned to set GIT_DIR.
>
> To make this transition easier, add a trace message to note when we
> attempt to set up a bare repository without setting GIT_DIR. This allows
> users and tool developers to audit which of their tools are problematic
> and report/fix the issue. When they are sufficiently confident, they
> would switch over to "safe.bareRepository=explicit".
>
> Note that this uses trace2_data_string(), which isn't supported by the
> "normal" GIT_TRACE2 target, only _EVENT or _PERF.
>
> [1] https://lore.kernel.org/git/kl6lsfqpygsj.fsf@chooglen-macbookpro.roam.corp.google.com/
> [2] https://go.dev/ref/mod
>
> Signed-off-by: Glen Choo <chooglen@google.com>
> Signed-off-by: Josh Steadmon <steadmon@google.com>
> ---
> I'm sending a lightly-adapted version of Glen's tracing patch because
> Glen will be on vacation next week and we'd like to get this upstream
> ASAP.
>
> Changes in V3: added a test_unconfig test case for safe.bareRepository
> Changes in V2: cleaned up test-style issues.
Thanks. We saw no interest on the list in reviewing this patch
further, it seems, but I didn't see anything glaringly wrong, see
no reason not to merge it, and this should help noticing potential
issues by $corp folks, I would presume, so let's merge it as-is.
next prev parent reply other threads:[~2023-05-05 22:30 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-27 22:32 [PATCH] setup: trace bare repository setups Josh Steadmon
2023-04-27 22:54 ` Junio C Hamano
2023-04-28 16:54 ` Josh Steadmon
2023-04-28 17:01 ` Josh Steadmon
2023-04-28 20:26 ` Junio C Hamano
2023-05-01 17:20 ` Josh Steadmon
2023-05-08 22:19 ` Glen Choo
2023-04-27 23:36 ` Glen Choo
2023-04-28 16:48 ` Josh Steadmon
2023-04-28 17:22 ` [PATCH v2] " Josh Steadmon
2023-04-28 18:37 ` Glen Choo
2023-05-01 17:22 ` Josh Steadmon
2023-05-01 17:30 ` [PATCH v3] " Josh Steadmon
2023-05-05 22:30 ` Junio C Hamano [this message]
2023-05-08 22:31 ` Taylor Blau
2023-05-10 23:29 ` Josh Steadmon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqa5yicsxd.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=chooglen@google.com \
--cc=git@vger.kernel.org \
--cc=steadmon@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.