From: Brandon Williams <bmwill@google.com>
To: Jeff King <peff@peff.net>
Cc: Jonathan Tan <jonathantanmy@google.com>,
git@vger.kernel.org, jrnieder@gmail.com, spearce@spearce.org
Subject: Re: [PATCH v3] fetch-pack: always allow fetching of literal SHA1s
Date: Thu, 11 May 2017 10:00:50 -0700 [thread overview]
Message-ID: <20170511170050.GA83655@google.com> (raw)
In-Reply-To: <20170511100553.ptyazchujgdfxotl@sigill.intra.peff.net>
On 05/11, Jeff King wrote:
> On Wed, May 10, 2017 at 03:11:57PM -0700, Jonathan Tan wrote:
>
> > fetch-pack, when fetching a literal SHA-1 from a server that is not
> > configured with uploadpack.allowtipsha1inwant (or similar), always
> > returns an error message of the form "Server does not allow request for
> > unadvertised object %s". However, it is sometimes the case that such
> > object is advertised. This situation would occur, for example, if a user
> > or a script was provided a SHA-1 instead of a branch or tag name for
> > fetching, and wanted to invoke "git fetch" or "git fetch-pack" using
> > that SHA-1.
> >
> > Teach fetch-pack to also check the SHA-1s of the refs in the received
> > ref advertisement if a literal SHA-1 was given by the user.
>
> Stepping back a bit, what does this mean for a world where we implement
> protocol extensions to let the client specify a set of refspecs to limit
> the advertisement?
>
> If we give the server our usual set of fetch refspecs, then we might
> fail to fulfill a request that would have been advertised outside of
> that set. And the behavior is confusing and non-transparent to the user.
> I don't think that really makes sense, though; the advertisement we ask
> for from the server should include only the bits we're interested in for
> _this_ fetch.
>
> If we tell the server "we are interested in abcd1234", then it's not
> going to find any matching ref by name, obviously. So should servers
> then treat 40-hex names in the incoming refspecs as a request to show
> any names which have a matching sha1? That works against any server-side
> optimizations to avoid looking at the complete set of refs, but it would
> only have to kick in when the user actually specified a single SHA-1
> (and even then only when allowAnySHA1 isn't on). So that's probably
> workable.
>
> None of this is your problem now either way; the advertisement-limiting
> extension is still vaporware, albeit one we've discussed a lot. I just
> wanted to make sure we weren't painting ourselves into any corners. And
> I think this case could probably be handled.
I can't remember, is there any reason why it is still vaporware? As in
what is holding us back from doing the advertisement-limiting (or doing
away with the initial ref advertisement)?
--
Brandon Williams
next prev parent reply other threads:[~2017-05-11 17:01 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-09 18:20 [PATCH] fetch-pack: always allow fetching of literal SHA1s Jonathan Tan
2017-05-09 22:16 ` Jeff King
2017-05-10 4:22 ` Shawn Pearce
2017-05-10 4:33 ` Jeff King
2017-05-10 4:46 ` Mike Hommey
2017-05-10 17:50 ` Ævar Arnfjörð Bjarmason
2017-05-10 18:20 ` Jonathan Nieder
2017-05-10 18:48 ` Martin Fick
2017-05-10 18:54 ` Jonathan Nieder
2017-05-10 4:57 ` Shawn Pearce
2017-05-10 17:00 ` Jonathan Nieder
2017-05-10 18:55 ` Sebastian Schuberth
2017-05-11 9:59 ` Jeff King
2017-05-11 19:03 ` Jonathan Nieder
2017-05-11 21:04 ` Jeff King
2017-05-10 16:44 ` [PATCH v2] " Jonathan Tan
2017-05-10 18:01 ` Jonathan Nieder
2017-05-10 22:11 ` [PATCH v3] " Jonathan Tan
2017-05-10 23:22 ` Jonathan Nieder
2017-05-11 9:46 ` Jeff King
2017-05-11 17:51 ` Jonathan Tan
2017-05-11 20:52 ` Jeff King
2017-05-11 10:05 ` Jeff King
2017-05-11 17:00 ` Brandon Williams [this message]
2017-05-13 9:29 ` Jeff King
2017-05-11 21:14 ` [PATCH v4] " Jonathan Tan
2017-05-11 21:35 ` Jonathan Nieder
2017-05-11 21:59 ` Jeff King
2017-05-11 22:30 ` [PATCH v5] " Jonathan Tan
2017-05-11 22:46 ` Jonathan Nieder
2017-05-12 2:59 ` Jeff King
2017-05-12 6:01 ` Junio C Hamano
2017-05-12 7:59 ` Jeff King
2017-05-12 8:14 ` Jeff King
2017-05-12 18:00 ` Jonathan Tan
2017-05-13 8:30 ` Jeff King
2017-05-12 18:09 ` Jonathan Tan
2017-05-12 19:06 ` Jonathan Nieder
2017-05-12 3:06 ` Jeff King
2017-05-12 20:45 ` Jonathan Tan
2017-05-12 20:46 ` [PATCH v6] " Jonathan Tan
2017-05-12 22:28 ` Jonathan Nieder
2017-05-13 8:36 ` Jeff King
2017-05-15 1:26 ` Junio C Hamano
2017-05-15 17:32 ` [PATCH v7] " Jonathan Tan
2017-05-15 17:46 ` Jonathan Nieder
2017-05-15 22:10 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170511170050.GA83655@google.com \
--to=bmwill@google.com \
--cc=git@vger.kernel.org \
--cc=jonathantanmy@google.com \
--cc=jrnieder@gmail.com \
--cc=peff@peff.net \
--cc=spearce@spearce.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).