From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: Johannes Schindelin <Johannes.Schindelin@gmx.de>,
Johannes Schindelin via GitGitGadget <gitgitgadget@gmail.com>,
git@vger.kernel.org,
"brian m. carlson" <sandals@crustytoothpaste.net>
Subject: Re: [PATCH v2 5/8] hook(clone protections): add escape hatch
Date: Sat, 18 May 2024 18:15:12 -0700 [thread overview]
Message-ID: <xmqqed9yob4v.fsf@gitster.g> (raw)
In-Reply-To: <20240518211224.GA1574761@coredump.intra.peff.net> (Jeff King's message of "Sat, 18 May 2024 17:12:24 -0400")
Jeff King <peff@peff.net> writes:
> But it sounds like we're throwing away our usual release-engineering
> practices (where the usual practice for a regression is "revert it, it
> can happen in the next cycle") in favor of a security fix. Again, for a
> vulnerability fix, that makes sense. But for layered defense, I find it
> less compelling.
I find it a lot less compelling, too.
It unfortunately involves about the same amount of conflict
management to do the (partial) revert for all these maintenance
tracks as it would then later take a "fix in the next cycle" for all
these tracks, which made me feel somewhat hesitant.
But considering that we are not talking about lifting vulnerability
fix, it may make sense to do the (partial) revert all the way down
to 2.39 track but do the "fix in the next cycle" only for 2.45 and
later (or even in 2.46 only, without even aiming to touch 2.45
track).
Thanks for a dose of sanity.
next prev parent reply other threads:[~2024-05-19 1:15 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-17 23:15 [PATCH 0/8] Various fixes for v2.45.1 and friends Johannes Schindelin via GitGitGadget
2024-05-17 23:15 ` [PATCH 1/8] hook: plug a new memory leak Johannes Schindelin via GitGitGadget
2024-05-17 23:15 ` [PATCH 2/8] init: use the correct path of the templates directory again Johannes Schindelin via GitGitGadget
2024-05-17 23:15 ` [PATCH 3/8] Revert "core.hooksPath: add some protection while cloning" Johannes Schindelin via GitGitGadget
2024-05-17 23:15 ` [PATCH 4/8] tests: verify that `clone -c core.hooksPath=/dev/null` works again Johannes Schindelin via GitGitGadget
2024-05-18 0:10 ` Junio C Hamano
2024-05-18 18:58 ` Johannes Schindelin
2024-05-17 23:15 ` [PATCH 5/8] hook(clone protections): add escape hatch Johannes Schindelin via GitGitGadget
2024-05-18 0:21 ` Junio C Hamano
2024-05-17 23:15 ` [PATCH 6/8] hooks(clone protections): special-case current Git LFS hooks Johannes Schindelin via GitGitGadget
2024-05-18 0:20 ` Junio C Hamano
2024-05-17 23:15 ` [PATCH 7/8] hooks(clone protections): simplify templates hooks validation Johannes Schindelin via GitGitGadget
2024-05-17 23:15 ` [PATCH 8/8] Revert "Add a helper function to compare file contents" Johannes Schindelin via GitGitGadget
2024-05-17 23:52 ` [PATCH 0/8] Various fixes for v2.45.1 and friends Junio C Hamano
2024-05-18 0:02 ` Johannes Schindelin
2024-05-18 10:32 ` [PATCH v2 " Johannes Schindelin via GitGitGadget
2024-05-18 10:32 ` [PATCH v2 1/8] hook: plug a new memory leak Johannes Schindelin via GitGitGadget
2024-05-18 10:32 ` [PATCH v2 2/8] init: use the correct path of the templates directory again Johannes Schindelin via GitGitGadget
2024-05-18 10:32 ` [PATCH v2 3/8] Revert "core.hooksPath: add some protection while cloning" Johannes Schindelin via GitGitGadget
2024-05-18 10:32 ` [PATCH v2 4/8] tests: verify that `clone -c core.hooksPath=/dev/null` works again Johannes Schindelin via GitGitGadget
2024-05-18 10:32 ` [PATCH v2 5/8] hook(clone protections): add escape hatch Johannes Schindelin via GitGitGadget
2024-05-18 18:14 ` Jeff King
2024-05-18 18:54 ` Junio C Hamano
2024-05-18 19:35 ` Jeff King
2024-05-18 19:37 ` Johannes Schindelin
2024-05-18 19:32 ` Johannes Schindelin
2024-05-18 19:47 ` Jeff King
2024-05-18 20:06 ` Johannes Schindelin
2024-05-18 21:12 ` Jeff King
2024-05-19 1:15 ` Junio C Hamano [this message]
2024-05-20 16:05 ` Johannes Schindelin
2024-05-20 18:18 ` Junio C Hamano
2024-05-20 19:38 ` Johannes Schindelin
2024-05-20 20:07 ` Junio C Hamano
2024-05-20 21:03 ` Johannes Schindelin
2024-05-18 10:32 ` [PATCH v2 6/8] hooks(clone protections): special-case current Git LFS hooks Johannes Schindelin via GitGitGadget
2024-05-18 10:32 ` [PATCH v2 7/8] hooks(clone protections): simplify templates hooks validation Johannes Schindelin via GitGitGadget
2024-05-18 10:32 ` [PATCH v2 8/8] Revert "Add a helper function to compare file contents" Johannes Schindelin via GitGitGadget
2024-05-18 17:07 ` [PATCH v2 0/8] Various fixes for v2.45.1 and friends Junio C Hamano
2024-05-18 19:22 ` Johannes Schindelin
2024-05-18 20:13 ` Johannes Schindelin
2024-05-20 20:21 ` [PATCH v3 0/6] " Johannes Schindelin via GitGitGadget
2024-05-20 20:22 ` [PATCH v3 1/6] hook: plug a new memory leak Johannes Schindelin via GitGitGadget
2024-05-20 20:22 ` [PATCH v3 2/6] init: use the correct path of the templates directory again Johannes Schindelin via GitGitGadget
2024-05-20 20:22 ` [PATCH v3 3/6] Revert "core.hooksPath: add some protection while cloning" Johannes Schindelin via GitGitGadget
2024-05-20 20:22 ` [PATCH v3 4/6] tests: verify that `clone -c core.hooksPath=/dev/null` works again Johannes Schindelin via GitGitGadget
2024-05-20 20:22 ` [PATCH v3 5/6] clone: drop the protections where hooks aren't run Johannes Schindelin via GitGitGadget
2024-05-20 20:22 ` [PATCH v3 6/6] Revert "Add a helper function to compare file contents" Johannes Schindelin via GitGitGadget
2024-05-20 23:56 ` [PATCH v3 0/6] Various fixes for v2.45.1 and friends Junio C Hamano
2024-05-21 5:33 ` Junio C Hamano
2024-05-21 18:14 ` Junio C Hamano
2024-05-21 22:33 ` brian m. carlson
2024-05-21 22:40 ` Junio C Hamano
2024-05-21 23:04 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqed9yob4v.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=peff@peff.net \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).