From: Jeff King <peff@peff.net>
To: Michael Haggerty <mhagger@alum.mit.edu>
Cc: Jay Soffian <jaysoffian@gmail.com>,
Junio C Hamano <gitster@pobox.com>,
git discussion list <git@vger.kernel.org>,
Jakub Narebski <jnareb@gmail.com>
Subject: Re: How to use git attributes to configure server-side checks?
Date: Mon, 26 Sep 2011 07:05:52 -0400 [thread overview]
Message-ID: <20110926110552.GA20796@sigill.intra.peff.net> (raw)
In-Reply-To: <4E7DB916.6010606@alum.mit.edu>
On Sat, Sep 24, 2011 at 01:03:50PM +0200, Michael Haggerty wrote:
> > But once you've verified that the config looks OK and turned this option
> > on, how do you protect yourself from malicious config entering the repo
> > through a fetch?
>
> For most software projects, the user does
>
> git pull
> make
>
> daily. There is nothing that a nasty .gitconfig can do that can't be
> done more easily by a nasty Makefile (or anything else in the build
> process). The moment I pull from Junio's repository and run a build
> without having personally done a full code review first, I've given
> Junio complete pownership of my account. For projects in which I invest
> such trust, "core.useTreeConfig=true" would be a convenience that does
> not appreciably increase my risk.
True. I think it would be nice for their to be a less risky option, too,
though. Which was part of the motivation in my earlier proposal for
specifying a ref that contains config. Then you can ignore it, track
your own local config which is derived from upstream, or do the easy but
dangerous thing of just using the remote tracking ref directly.
> There are obviously config options that should not be versioned. These
> should not be stored in the tree. (Perhaps they should be stored in
> another branch, as you suggested.) But there's no need to prevent
> people from versioning *any* config options just because they shouldn't
> version *all* of them.
Do you have an example of a config option whose old value should be
respected when looking at an old version? In general, the split between
attributes and config was meant to split what is tied to a specific
version, and what should apply to all versions. We may not have followed
that in all cases, but if so, the right solution may actually be
migrating the functionality into .gitattributes.
> While we are on the topic of config settings, I have often thought that
> it would be nice for git's default settings to be set via a
> well-commented config file, installed along with git, rather than via
> values compiled into the code. This file and Documentation/config.txt
> could be generated from a single source file as part of the build
> process.
I think that can be a nice piece of documentation, but there may be some
complications. I seem to recall that there may be one or two options
whose builtin values cannot be replicated via config (i.e., the "unset"
state means something). But I may be misremembering.
However, I'm not sure what you mean by "rather than via values compiled
into the code". Would you somehow generate code that sets the default
according to your master file? Would git fail to start if the file is
missing? Or if a specific config option is missing? How would you track
that?
-Peff
next prev parent reply other threads:[~2011-09-26 11:06 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-21 19:32 How to use git attributes to configure server-side checks? Michael Haggerty
2011-09-21 20:02 ` Jay Soffian
2011-09-21 20:17 ` Junio C Hamano
2011-09-22 8:28 ` Michael Haggerty
2011-09-22 15:41 ` Jay Soffian
2011-09-22 17:13 ` Jeff King
2011-09-22 18:41 ` Jay Soffian
2011-09-22 19:22 ` Junio C Hamano
2011-09-22 20:58 ` Jeff King
2011-09-22 21:04 ` Jeff King
2011-09-23 10:06 ` Michael Haggerty
2011-09-23 19:33 ` Jeff King
2011-09-23 19:40 ` Junio C Hamano
2011-09-23 19:44 ` Jeff King
2011-09-24 6:05 ` Michael Haggerty
2011-09-24 6:15 ` Jeff King
2011-09-24 11:03 ` Michael Haggerty
2011-09-26 4:09 ` Junio C Hamano
2011-09-26 4:28 ` Michael Haggerty
2011-09-26 11:05 ` Jeff King [this message]
2011-09-26 14:14 ` Jakub Narebski
2011-09-26 15:11 ` Michael Haggerty
2011-09-22 17:26 ` Junio C Hamano
2011-09-23 8:35 ` Michael Haggerty
2011-09-23 12:49 ` Stephen Bash
2011-09-23 13:31 ` Michael Haggerty
2011-09-22 22:54 ` Jakub Narebski
2011-09-23 10:38 ` Michael Haggerty
2012-02-17 18:42 ` Michael Haggerty
2012-02-17 19:26 ` Junio C Hamano
2012-02-17 19:59 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110926110552.GA20796@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jaysoffian@gmail.com \
--cc=jnareb@gmail.com \
--cc=mhagger@alum.mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).