From: Junio C Hamano <gitster@pobox.com>
To: pvutov@imap.cc
Cc: git@vger.kernel.org
Subject: Re: [PATCH] doc: remove mentions of .gitmodules !command syntax
Date: Wed, 12 Jul 2023 09:40:24 -0700 [thread overview]
Message-ID: <xmqqleflt75z.fsf@gitster.g> (raw)
In-Reply-To: <20230712160216.855054-1-pvutov@imap.cc> (pvutov@imap.cc's message of "Wed, 12 Jul 2023 18:02:03 +0200")
pvutov@imap.cc writes:
> From: Petar Vutov <pvutov@imap.cc>
>
> To mitigate CVE-2019-19604, the capability to configure
> `git submodule update` to execute custom commands was
> removed in v2.20.2.
>
> The git-submodule documentation still mentions the now-unsupported
> syntax, which is misleading.
>
> Remove the leftover documentation.
The change during v2.20.2 timeperiod you have in mind may be
e904deb8 (submodule: reject submodule.update = !command in
.gitmodules, 2019-12-05). The key phrase is "in .gitmodules"
as it did not forbid writing update command in the configuration.
The pre-context lines of your patch (see below) say that the 'custom
command' option and 'none' option are only available via the
`submodule.<name>.update` configuration variable. IOW, this part of
the documentation does not talk about the .gitmodules file---it
talks about what you can say in the configuration file (which is
under your local control).
I think the existing text that came from fc01a5d2 (submodule update
documentation: don't repeat ourselves, 2016-12-27) may be
misleading, and may has room for improvement, but I do not think it
is wrong per-se. If we remove it, there is nowhere else that teaches
users !cmd can be set in their configuration files, or is there?
Thanks.
> Signed-off-by: Petar Vutov <pvutov@imap.cc>
> ---
> Documentation/git-submodule.txt | 6 ------
> 1 file changed, 6 deletions(-)
>
> diff --git a/Documentation/git-submodule.txt b/Documentation/git-submodule.txt
> index 4d3ab6b9f9..b40ac72f75 100644
> --- a/Documentation/git-submodule.txt
> +++ b/Documentation/git-submodule.txt
> @@ -163,12 +163,6 @@ checked out in the submodule.
> The following 'update' procedures are only available via the
> `submodule.<name>.update` configuration variable:
>
> - custom command;; arbitrary shell command that takes a single
> - argument (the sha1 of the commit recorded in the
> - superproject) is executed. When `submodule.<name>.update`
> - is set to '!command', the remainder after the exclamation mark
> - is the custom command.
> -
> none;; the submodule is not updated.
>
> If the submodule is not yet initialized, and you just want to use the
next prev parent reply other threads:[~2023-07-12 16:40 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-12 16:02 [PATCH] doc: remove mentions of .gitmodules !command syntax pvutov
2023-07-12 16:40 ` Junio C Hamano [this message]
2023-07-12 17:30 ` Petar Vutov
2023-07-12 17:54 ` Junio C Hamano
2023-07-12 18:48 ` Petar Vutov
2023-07-12 20:33 ` Junio C Hamano
2023-07-13 19:20 ` Petar Vutov
2023-07-13 19:33 ` Junio C Hamano
2023-07-13 19:33 ` [PATCH v3 1/1] docs: highlight that .gitmodules does not support !command pvutov
2023-07-13 19:38 ` Junio C Hamano
2023-07-13 19:46 ` Petar Vutov
2023-07-13 19:55 ` Junio C Hamano
2023-07-13 20:34 ` Petar Vutov
2023-07-13 20:55 ` Junio C Hamano
2023-07-13 21:37 ` Junio C Hamano
2023-07-13 21:47 ` Petar Vutov
2023-07-13 22:28 ` Junio C Hamano
2023-07-14 22:03 ` Petar Vutov
2023-07-25 18:17 ` Junio C Hamano
2023-07-25 21:22 ` [PATCH v5] doc: " pvutov
2023-07-25 21:56 ` Junio C Hamano
2023-07-13 20:34 ` [PATCH v4] docs: " pvutov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqleflt75z.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=pvutov@imap.cc \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.