From: Shawn Pearce <spearce@spearce.org>
To: Jeff King <peff@peff.net>
Cc: Jonathan Tan <jonathantanmy@google.com>, git <git@vger.kernel.org>
Subject: Re: [PATCH] fetch-pack: always allow fetching of literal SHA1s
Date: Tue, 9 May 2017 21:57:20 -0700 [thread overview]
Message-ID: <CAJo=hJuaPhxQwD+DdMcP_21j61KR_GY=P+tHrYScgzZFrtemEA@mail.gmail.com> (raw)
In-Reply-To: <20170510043343.mgb7heqzu2etcgvf@sigill.intra.peff.net>
On Tue, May 9, 2017 at 9:33 PM, Jeff King <peff@peff.net> wrote:
> On Tue, May 09, 2017 at 09:22:11PM -0700, Shawn Pearce wrote:
>
>> > Hmm. That makes sense generally, as the request should succeed. But it
>> > seems like we're creating a client that will sometimes succeed and
>> > sometimes fail, and the reasoning will be somewhat opaque to the user.
>> > I have a feeling I'm missing some context on when you'd expect this to
>> > kick in.
>>
>> Specifically, someone I know was looking at building an application
>> that is passed only a SHA-1 for the tip of a ref on a popular hosting
>> site[1]. They wanted to run `git fetch URL SHA1`, but this failed
>> because the site doesn't have upload.allowtipsha1inwant enabled.
>> However the SHA1 was clearly in the output of git ls-remote.
>
> OK. So this is basically a case where we expect that the user knows what
> they're doing.
>
>> For various reasons they expected this to work, because it works
>> against other sites that do have upload.allowtipsha1inwant enabled.
>> And I personally just expected it to work because the fetch client
>> accepts SHA-1s, and the wire protocol uses "want SHA1" not "want ref",
>> and the SHA-1 passed on the command line was currently in the
>> advertisement when the connection opened, so its certainly something
>> the server is currently willing to serve.
>
> Right, makes sense. I wondered if GitHub should be turning on
> allowTipSHA1InWant, but it really doesn't make sense to. We _do_ hide
> some internal refs[1], and they're things that users wouldn't want to
> fetch. The problem for your case really is just on the client side, and
> this patch fixes it.
>
> Some of this context might be useful in the commit message.
>
> -Peff
>
> [1] The reachability checks from upload-pack don't actually do much on
> GitHub, because you can generally access the objects via the API or
> the web site anyway. So I'm not really opposed to turning on
> allowTipSHA1InWant if it would be useful for users, but after
> Jonathan's patch I don't see how it would be.
Right, I agree. That is why we proposed this patch to the client,
rather than a support request with GitHub to change server
configuration. :)
next prev parent reply other threads:[~2017-05-10 4:57 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-09 18:20 [PATCH] fetch-pack: always allow fetching of literal SHA1s Jonathan Tan
2017-05-09 22:16 ` Jeff King
2017-05-10 4:22 ` Shawn Pearce
2017-05-10 4:33 ` Jeff King
2017-05-10 4:46 ` Mike Hommey
2017-05-10 17:50 ` Ævar Arnfjörð Bjarmason
2017-05-10 18:20 ` Jonathan Nieder
2017-05-10 18:48 ` Martin Fick
2017-05-10 18:54 ` Jonathan Nieder
2017-05-10 4:57 ` Shawn Pearce [this message]
2017-05-10 17:00 ` Jonathan Nieder
2017-05-10 18:55 ` Sebastian Schuberth
2017-05-11 9:59 ` Jeff King
2017-05-11 19:03 ` Jonathan Nieder
2017-05-11 21:04 ` Jeff King
2017-05-10 16:44 ` [PATCH v2] " Jonathan Tan
2017-05-10 18:01 ` Jonathan Nieder
2017-05-10 22:11 ` [PATCH v3] " Jonathan Tan
2017-05-10 23:22 ` Jonathan Nieder
2017-05-11 9:46 ` Jeff King
2017-05-11 17:51 ` Jonathan Tan
2017-05-11 20:52 ` Jeff King
2017-05-11 10:05 ` Jeff King
2017-05-11 17:00 ` Brandon Williams
2017-05-13 9:29 ` Jeff King
2017-05-11 21:14 ` [PATCH v4] " Jonathan Tan
2017-05-11 21:35 ` Jonathan Nieder
2017-05-11 21:59 ` Jeff King
2017-05-11 22:30 ` [PATCH v5] " Jonathan Tan
2017-05-11 22:46 ` Jonathan Nieder
2017-05-12 2:59 ` Jeff King
2017-05-12 6:01 ` Junio C Hamano
2017-05-12 7:59 ` Jeff King
2017-05-12 8:14 ` Jeff King
2017-05-12 18:00 ` Jonathan Tan
2017-05-13 8:30 ` Jeff King
2017-05-12 18:09 ` Jonathan Tan
2017-05-12 19:06 ` Jonathan Nieder
2017-05-12 3:06 ` Jeff King
2017-05-12 20:45 ` Jonathan Tan
2017-05-12 20:46 ` [PATCH v6] " Jonathan Tan
2017-05-12 22:28 ` Jonathan Nieder
2017-05-13 8:36 ` Jeff King
2017-05-15 1:26 ` Junio C Hamano
2017-05-15 17:32 ` [PATCH v7] " Jonathan Tan
2017-05-15 17:46 ` Jonathan Nieder
2017-05-15 22:10 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJo=hJuaPhxQwD+DdMcP_21j61KR_GY=P+tHrYScgzZFrtemEA@mail.gmail.com' \
--to=spearce@spearce.org \
--cc=git@vger.kernel.org \
--cc=jonathantanmy@google.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).