From: Junio C Hamano <gitster@pobox.com>
To: Jonathan Nieder <jrnieder@gmail.com>
Cc: John Tapsell <johnflux@gmail.com>,
Simon Ruderich <simon@ruderich.org>,
Git List <git@vger.kernel.org>, Tay Ray Chuan <rctay89@gmail.com>
Subject: Re: git log -p unexpected behaviour - security risk?
Date: Sun, 21 Apr 2013 11:25:44 -0700 [thread overview]
Message-ID: <7vzjwru4ev.fsf@alter.siamese.dyndns.org> (raw)
In-Reply-To: <20130421102150.GJ10429@elie.Belkin> (Jonathan Nieder's message of "Sun, 21 Apr 2013 03:21:50 -0700")
Jonathan Nieder <jrnieder@gmail.com> writes:
> That's why if you want to review the code you are pulling in as a
> whole, it is worthwhile to do
>
> git diff HEAD...FETCH_HEAD
>
> That is how you ask "What code changes does FETCH_HEAD introduce?"
> before putting your stamp of approval on them by merging and pushing
> out the result.
And the only way to retroactively review that a merge C did not do
anything funly is to check "git diff C^1 C", assuming that you
already trust C^1, the state before you performed the merge.
Incidentally, this works for non-merge commits just as well.
"git log -m -p" is not the default because most of the time people
are not interested in seeing what it shows over "--cc" or "-c". It
is a repetition of what you would get from individual patches on the
side branch merged that you will later see in the traversal of that
command. "--cc/-c" gives a representation for tricky merge cases
where people could likely have made a mistake, or had correctly
resolved semantic conflicts (e.g. one side renames a function, the
other side adds a callsite, the merge result renames the function
new caller calls).
For the purpose of a "merge audit" John seems to want, the only way
is to wade through "log -m -p" output.
prev parent reply other threads:[~2013-04-21 18:25 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-11 10:36 git log -p unexpected behaviour - security risk? John Tapsell
2013-04-11 15:19 ` Tay Ray Chuan
2013-04-20 14:00 ` Simon Ruderich
2013-04-21 7:26 ` Junio C Hamano
2013-04-21 8:56 ` John Tapsell
2013-04-21 10:21 ` Jonathan Nieder
2013-04-21 13:46 ` John Tapsell
2013-04-21 15:56 ` Thomas Rast
2013-04-21 16:09 ` Jonathan Nieder
2013-04-21 18:42 ` Junio C Hamano
2013-04-30 10:09 ` John Szakmeister
2013-04-30 16:37 ` Junio C Hamano
2013-04-30 16:47 ` John Szakmeister
2013-04-30 17:05 ` Matthieu Moy
2013-04-30 17:58 ` John Szakmeister
2013-04-30 19:31 ` John Tapsell
2013-04-30 19:44 ` git log -p unexpected behaviour Junio C Hamano
2013-04-30 20:12 ` John Tapsell
2013-04-30 20:38 ` Junio C Hamano
2013-05-01 7:23 ` John Tapsell
2013-04-30 11:48 ` git log -p unexpected behaviour - security risk? shawn wilson
2013-04-21 18:25 ` Junio C Hamano [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7vzjwru4ev.fsf@alter.siamese.dyndns.org \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=johnflux@gmail.com \
--cc=jrnieder@gmail.com \
--cc=rctay89@gmail.com \
--cc=simon@ruderich.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).