On Wed, 19 Aug 2020 15:16:19 -0400 "Randall S. Becker" wrote: > On August 19, 2020 2:48 PM, Lukas Straub wrote: > > To: Junio C Hamano > > Cc: git ; Elijah Newren ; > > Brandon Williams ; Johannes Schindelin > > ; Jeff King > > Subject: Re: [RFC PATCH 0/2] Allow adding .git files and directories > > > > On Wed, 19 Aug 2020 11:03:30 -0700 > > Junio C Hamano wrote: > > > > > Lukas Straub writes: > > > > > > > These patches allow this and work well in a quick test. Of course > > > > some tests fail because with this the handling of nested git repos > > changed. > > > > > > In other words, this breaks the workflow existing users rely on, > > > right? I do not know if such a behaviour ever needs to exist even as > > > an opt-in feature, but it definitely feels wrong to make the behaviour > > > these patches introduce the default. > > > > Well, the current behavior is that nested repos (that are not submodules) > are > > completely ignored and none of the files within can be added. So the old > > behavior can be restored with .gitignore. The same goes for files/dirs > named > > .git. > > > > Of course I don't know what the current policy for behavioral changes in > git > > is, but I see that there have been such changes in the past. > > I honestly am concerned about a repeat of things like > https://nvd.nist.gov/vuln/detail/CVE-2019-19604 (the submodule update > problem). This change in behaviour is of serious concern from a risk > standpoint. To be blunt, I don't think users on my platform will move to a > version of git that supports this by default. As discussed I will make it opt-in via git-config. I hope this resolves your concerns. Regards, Lukas Straub > Sincerely, > Randall > > -- Brief whoami: > NonStop developer since approximately 211288444200000000 > UNIX developer since approximately 421664400 > -- In my real life, I talk too much. > > >