From: Jeff King <peff@peff.net>
To: Jacob Keller <jacob.keller@gmail.com>
Cc: Stefan Beller <sbeller@google.com>,
Lars Schneider <larsxschneider@gmail.com>,
Git Users <git@vger.kernel.org>
Subject: Re: [RFC] How to pass Git config command line instructions to Submodule commands?
Date: Mon, 25 Apr 2016 17:24:50 -0400 [thread overview]
Message-ID: <20160425212449.GA7636@sigill.intra.peff.net> (raw)
In-Reply-To: <CA+P7+xoaqNF+uBHVnD2QR7j-=0Hyvd-scTc_vOdV+etC0VS9jA@mail.gmail.com>
On Mon, Apr 25, 2016 at 01:59:03PM -0700, Jacob Keller wrote:
> >> However, I noticed that git config command line instructions such as
> >> "-c filter.lfs.smudge=" are not passed to Git submodule operations. Thus
> >> this does not work as expected:
> >>
> >> git -c filter.lfs.smudge= -c filter.lfs.required=false clone --recursive <url> <path>
> >
> > I have cc'd Jacob Keller, who authored origin/jk/submodule-c-credential,
> > which does work in that area (deciding which config option to pass down
> > into the submodule commands).
> >
>
> This is a tricky question. The problem is that some configurations are
> obviously not intended to go into the submodules, but determining how
> is somewhat troublesome. There was some discussion on this previous
> thread when we added support for credential options to pass through.
Right. I think it may be reasonable to pass through filter.* in the
whitelist. They are not activated without a matching .gitattributes
entry in the repository (and people would generally configure them in
their user-level ~/.gitconfig for that reason).
It does mean that somebody would be stuck who really wanted to run the
smudge filter in their local repo, but for some reason not in the
subrepos. I am trying to think of a case in which that might be
security-relevant if you didn't trust the sub-repos[1]. But I really
don't see it. The filter is arbitrary code, but that's specified by the
user; we're just feeding it possibly untrusted blobs.
-Peff
next prev parent reply other threads:[~2016-04-25 21:24 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-25 10:39 [RFC] How to pass Git config command line instructions to Submodule commands? Lars Schneider
2016-04-25 17:02 ` Stefan Beller
2016-04-25 20:59 ` Jacob Keller
2016-04-25 21:24 ` Jeff King [this message]
2016-04-25 21:27 ` Jeff King
2016-04-28 11:06 ` Lars Schneider
2016-04-28 11:25 ` Jeff King
2016-04-28 12:05 ` Jeff King
2016-04-28 12:17 ` Jeff King
2016-04-28 13:35 ` [PATCH 0/5] fixes for sanitized submodule config Jeff King
2016-04-28 13:36 ` [PATCH 1/5] t5550: fix typo in $HTTPD_URL Jeff King
2016-04-28 15:24 ` Jacob Keller
2016-04-28 15:25 ` Jeff King
2016-04-28 15:26 ` Jacob Keller
2016-04-28 13:37 ` [PATCH 2/5] t5550: break submodule config test into multiple sub-tests Jeff King
2016-04-28 15:21 ` Stefan Beller
2016-04-28 15:25 ` Jeff King
2016-04-28 15:25 ` Jacob Keller
2016-04-28 13:37 ` [PATCH 3/5] submodule: export sanitized GIT_CONFIG_PARAMETERS Jeff King
2016-04-28 15:25 ` Stefan Beller
2016-04-28 15:28 ` Jeff King
2016-04-28 15:35 ` Stefan Beller
2016-04-28 16:51 ` Johannes Schindelin
2016-04-28 15:28 ` Jacob Keller
2016-04-28 15:36 ` Jeff King
2016-04-28 15:40 ` Jacob Keller
2016-04-28 13:38 ` [PATCH 4/5] submodule--helper: move config-sanitizing to submodule.c Jeff King
2016-04-28 15:30 ` Stefan Beller
2016-04-28 15:37 ` Jeff King
2016-04-28 16:28 ` Lars Schneider
2016-04-28 13:39 ` [PATCH 5/5] submodule: use prepare_submodule_repo_env consistently Jeff King
2016-04-28 14:02 ` [PATCH 0/5] fixes for sanitized submodule config Johannes Schindelin
2016-04-28 15:56 ` Stefan Beller
2016-04-28 16:03 ` Jacob Keller
2016-04-28 12:05 ` [RFC] How to pass Git config command line instructions to Submodule commands? Lars Schneider
2016-04-28 13:40 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160425212449.GA7636@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=git@vger.kernel.org \
--cc=jacob.keller@gmail.com \
--cc=larsxschneider@gmail.com \
--cc=sbeller@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).