Re: manual option --inline --no-attach override required for format.attachg

git@vger.kernel.org mailing list mirror (one of many)
 help / color / mirror / code / Atom feed

From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: unlisted-recipients:; (no To-header on input)
Cc: git@vger.kernel.org
Subject: Re: manual option --inline --no-attach override required for format.attachg
Date: Thu, 16 Feb 2023 01:29:45 +0000	[thread overview]
Message-ID: <Y+2HCa5kqfVZ0Coq@tapette.crustytoothpaste.net> (raw)
In-Reply-To: <20230215215112.62559-1-Brian.Inglis@Shaw.ca>

[-- Attachment #1: Type: text/plain, Size: 1085 bytes --]

On 2023-02-15 at 21:51:13, Brian Inglis wrote:
> Anything else you want to add:
> initially found format.attach set in /etc/gitconfig and no way to override
> would be great if linux-man maintainer could set repo config format.inline format.attach=no

I think Junio has responded to the rest of this and is more familiar
with it than I am, but we don't allow repository configuration to be
shipped in the repo.  That's because in general configuration can
contain programs or shell commands and thus execute arbitrary code, so
doing so would be a security problem.

Experiences with Vim modelines have shown that embedding configuration,
even when highly restricted, can be the cause of lots of security
vulnerabilities, and we've seen this with config used by submodules in
the past.  For that and many other reasons, including the fact that
users may not care what upstream's preferred settings are, it's
extremely unlikely that we'll add any automatic way to ship
configuration in the repository.
-- 
brian m. carlson (he/him or they/them)
Toronto, Ontario, CA

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 263 bytes --]

     prev parent reply	other threads:[~2023-02-16  1:29 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-02-15 21:51 manual option --inline --no-attach override required for format.attach Brian Inglis
2023-02-15 22:21 ` Junio C Hamano
2023-02-17 22:12   ` Brian Inglis
2023-02-16  1:29 ` brian m. carlson [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: http://vger.kernel.org/majordomo-info.html

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Y+2HCa5kqfVZ0Coq@tapette.crustytoothpaste.net \
    --to=sandals@crustytoothpaste.net \
    --cc=git@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://80x24.org/mirrors/git.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).