From: Jeff King <peff@peff.net>
To: Junio C Hamano <gitster@pobox.com>
Cc: git@vger.kernel.org, Michael Haggerty <mhagger@alum.mit.edu>
Subject: Re: [PATCH 2/5] refs: introduce a "ref paranoia" flag
Date: Thu, 19 Mar 2015 17:51:14 -0400 [thread overview]
Message-ID: <20150319215114.GB8680@peff.net> (raw)
In-Reply-To: <xmqqpp84hdxg.fsf@gitster.dls.corp.google.com>
On Thu, Mar 19, 2015 at 02:31:39PM -0700, Junio C Hamano wrote:
> > We do have to have this variable cross some process boundaries. Only
> > "repack" knows whether to turn on paranoia, but "pack-objects" is the
> > one that must act on it.
> >
> > Or is there something else I'm missing?
>
> In general, I do not like the pattern of program A setting an
> environment only because it wants to tell program B it spawns
> something, because we cannot tell program B that the environment
> should be dropped when it calls something else (e.g. user defined
> hooks, merge drivers, textconvs, etc.) to prevent end user
> invocation of Git commands from honoring it. Setting GIT_DIR or
> GIT_WORK_TREE and having to know when to drop them is not very
> pleasant, for example.
>
> I think the use of this pattern is OK in this codepath in which
> repack calls pack-objects, and I think I can be persuaded to buy an
> argument that there is no harm, or it may even be a good thing, to
> run such an end-user program under paranoia mode, if pack-objects
> wants to spawn one.
Ah, I see. Yeah, I consider that to be a _feature_ for REF_PARANOIA
here. If you are running receive-pack under REF_PARANOIA, for example,
you would want your pre-receive hooks to use the same rules as the rest
of receive-pack.
If there is a misfeature, it is that we turn on REF_PARANOIA
automatically behind the user's back in some cases, which could surprise
them if we call through to custom code. But as you note, I think this
code path is OK, because we don't spawn anything else from pack-objects
(and if we did, arguably it is OK because our caller told us we are
doing something dangerous; but we would have to evaluate that
case-by-case, I would think).
-Peff
next prev parent reply other threads:[~2015-03-19 21:51 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-17 7:27 [PATCH 0/5] not making corruption worse Jeff King
2015-03-17 7:28 ` [PATCH 1/5] t5312: test object deletion code paths in a corrupted repository Jeff King
2015-03-17 18:34 ` Johannes Sixt
2015-03-17 18:55 ` Jeff King
2015-03-18 20:42 ` Johannes Sixt
2015-03-19 20:04 ` Junio C Hamano
2015-03-19 20:51 ` Jeff King
2015-03-19 21:23 ` Junio C Hamano
2015-03-19 21:47 ` Jeff King
2015-03-19 21:49 ` Junio C Hamano
2015-03-19 21:52 ` Jeff King
2015-03-20 1:16 ` Eric Sunshine
2015-03-20 1:32 ` Jeff King
2015-03-20 1:37 ` Eric Sunshine
2015-03-20 2:08 ` test &&-chain lint (was: [PATCH 1/5] t5312: test object deletion code paths in a corrupted repository) Jeff King
2015-03-20 2:25 ` Jeff King
2015-03-20 5:10 ` Jeff King
2015-03-20 7:18 ` Eric Sunshine
2015-03-20 6:51 ` test &&-chain lint Junio C Hamano
2015-03-20 17:04 ` Junio C Hamano
2015-03-20 17:24 ` Jeff King
2015-03-20 17:34 ` Junio C Hamano
2015-03-20 17:59 ` Jeff King
2015-03-17 7:29 ` [PATCH 2/5] refs: introduce a "ref paranoia" flag Jeff King
2015-03-19 20:13 ` Junio C Hamano
2015-03-19 21:00 ` Jeff King
2015-03-19 21:31 ` Junio C Hamano
2015-03-19 21:51 ` Jeff King [this message]
2015-03-17 7:30 ` [PATCH 3/5] prune: turn on ref_paranoia flag Jeff King
2015-03-17 7:31 ` [PATCH 4/5] repack: turn on "ref paranoia" when doing a destructive repack Jeff King
2015-03-17 7:31 ` [PATCH 5/5] refs.c: drop curate_packed_refs Jeff King
2015-03-20 1:27 ` Eric Sunshine
2015-03-17 7:37 ` [PATCH 0/5] not making corruption worse Jeff King
2015-03-17 22:54 ` Junio C Hamano
2015-03-18 10:21 ` Jeff King
2015-03-20 18:42 ` [PATCH v2 " Jeff King
2015-03-20 18:43 ` [PATCH v2 1/5] t5312: test object deletion code paths in a corrupted repository Jeff King
2015-03-20 18:43 ` [PATCH v2 2/5] refs: introduce a "ref paranoia" flag Jeff King
2015-03-20 18:43 ` [PATCH v2 3/5] prune: turn on ref_paranoia flag Jeff King
2015-03-20 18:43 ` [PATCH v2 4/5] repack: turn on "ref paranoia" when doing a destructive repack Jeff King
2015-03-20 18:43 ` [PATCH v2 5/5] refs.c: drop curate_packed_refs Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150319215114.GB8680@peff.net \
--to=peff@peff.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=mhagger@alum.mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).