From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS31976 209.132.180.0/23 X-Spam-Status: No, score=-3.8 required=3.0 tests=AWL,BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by dcvr.yhbt.net (Postfix) with ESMTP id 7CEDD1F466 for ; Mon, 27 Jan 2020 16:59:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725955AbgA0Q7R (ORCPT ); Mon, 27 Jan 2020 11:59:17 -0500 Received: from mail-wr1-f66.google.com ([209.85.221.66]:37393 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725893AbgA0Q7R (ORCPT ); Mon, 27 Jan 2020 11:59:17 -0500 Received: by mail-wr1-f66.google.com with SMTP id w15so12279564wru.4 for ; Mon, 27 Jan 2020 08:59:15 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4V+180VurbbOjZCq6OH85b+alrQrue604R2IdWfooKo=; b=KfZXukLKTZJYmqOGa3bJULLNGfdUP/DR6pPmy6Q2wEn06/n+GfiV6q3L4NwMILJ/1p WwPlKOssBRWzIz4NUcVkfM/Z3d6DEIVzpykb2IbMOBUWt6kzZhjcvZKkbFspNaFBFhMh 2ybYzGLPT5zFpfzo55DPO4bVGCUmObVURnpD7I7ud4TlV73S0F7JuQB8tfH5I55y3pP/ Pj14u3Nx0L5q1XFWniUXaOTxjvOXVnXSs+xWWV2OSZxCNFTqsMijIp31hwoBdr/6NxJQ rAHIMjNpuSQoQ8SE2dqOZNhVF9bjRPBDzPyvv/9zdhOqPnbqg8PqfBDZRKVHUYQpzaTo yf5w== X-Gm-Message-State: APjAAAUZhkMPdH7aPxUB7mDBhvLAfPcYlUl0doCj8OtmJ7qkc5cvkLna RqqOJXRz8fqDAtoPKckvwyZi7DKR3KQsYW0QNbmIGH3X X-Google-Smtp-Source: APXvYqyghuZb4LPF+9uKBzeV3EQfT2MxOkBCFSPzh+nNanIxiSOEGe8PxVDRnF2NCurggm2Mwnfy+xvLCuP4vmIUQB0= X-Received: by 2002:a5d:5752:: with SMTP id q18mr9700943wrw.277.1580144354858; Mon, 27 Jan 2020 08:59:14 -0800 (PST) MIME-Version: 1.0 References: <20200127100933.10765-1-git@zjvandeweg.nl> <20200127100933.10765-2-git@zjvandeweg.nl> In-Reply-To: <20200127100933.10765-2-git@zjvandeweg.nl> From: Eric Sunshine Date: Mon, 27 Jan 2020 11:59:03 -0500 Message-ID: Subject: Re: [PATCH v2 1/1] config: learn the --stdin option for instructions To: Zeger-Jan van de Weg Cc: Git List Content-Type: text/plain; charset="UTF-8" Sender: git-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org On Mon, Jan 27, 2020 at 5:17 AM Zeger-Jan van de Weg wrote: > When setting values in the git config, the value is part of the > arguments for execution. This potentially leaks the value through > logging, or other programs like `ps`. > > Add the `--stdin` option that reads from stdin for instructions to set > and unset values to hide them from prying eyes. The instructions are based > on the `update-ref` DSL, and accept the set and unset commands. > > Signed-off-by: Zeger-Jan van de Weg > --- > diff --git a/Documentation/git-config.txt b/Documentation/git-config.txt > @@ -259,6 +264,30 @@ Valid ``'s include: > +STDIN > +----- > + > +With `--stdin`, config reads instructions from standard input and performs > +all modifications in sequence. > + > +Specify commands of the form: > + > + set SP SP > + unset SP If you follow the precedent of the git-update-ref documentation, these should be: set SP SP LF unset SP LF I'm not sure we really need to be calling the value "newvalue" (I guess you picked that up from git-update-ref.txt). "value" should be fine, thus: set SP SP LF unset SP LF > +Alternatively, use `-z` or `--null` to specify in NUL-terminated format, without > +quoting: > + > + set SP NULL > + unset SP A few comments: First, this is talking about the NUL character, not a NULL pointer, so: s/NULL/NUL/ Second, this doesn't give any indication about how the lines should be terminated. It should instead be written as: set SP NUL NUL unset SP NUL Third, importantly, unlike git-update-ref from which this DSL takes inspiration and in which "refs" might have oddball names for which NUL-termination makes sense, it's hard to imagine a case in which a configuration key would be so strange as to warrant NUL-termination. This observation suggests a simpler DSL in which only is NUL-terminated: set SP SP NUL unset SP LF (The proposed code changes in config.c would need adjustment, as well, to implement this revised DSL.) > diff --git a/t/t1300-config.sh b/t/t1300-config.sh > @@ -380,6 +380,66 @@ test_expect_success '--add' ' > +test_expect_success '--stdin works on no input' ' > + echo -n "" | git config --stdin > +' `echo -n` is not portable. If you want no input at all, either grab it from /dev/null: git config --stdin +test_expect_success '--stdin with --null flag' ' > + echo -ne "set bar.baz\0false" | git config --stdin --null && > + Git config --get bar.baz >output && > + echo false >expect && > + test_cmp expect output > +' Likewise, non-portable use of `echo -n` and `echo "...\0...". Use `printf` instead: printf "set bar.baz\0false" | git config --stdin --null && (But note that this isn't even testing NUL-termination of .)