From: Glen Choo <chooglen@google.com>
To: Elijah Newren <newren@gmail.com>,
Jonathan Tan <jonathantanmy@google.com>
Cc: Git Mailing List <git@vger.kernel.org>,
Junio C Hamano <gitster@pobox.com>,
Derrick Stolee <stolee@gmail.com>,
Johannes Schindelin <Johannes.Schindelin@gmx.de>
Subject: Re: [PATCH v7 0/2] Conditional config includes based on remote URL
Date: Tue, 28 Dec 2021 15:13:07 -0800 [thread overview]
Message-ID: <kl6lee5w5nng.fsf@chooglen-macbookpro.roam.corp.google.com> (raw)
In-Reply-To: <CABPp-BFLNqLuJ8o_6YZDYgd=Ft+wc9EjBPX+RRzwAdASKSW2bw@mail.gmail.com>
Elijah Newren <newren@gmail.com> writes:
> But can I back up and comment on a bigger picture item?
>
> This mechanism requires somehow getting additional files to the user
> separately; projects that span companies (git.git, linux.git, etc.)
> won't likely be able to make use of this.
>
> Scalar also has a mechanism for providing potentially large blocks of
> pre-vetted configuration for users. It does so as part of a new
> top-level command. And it does so with a very opinionated set of
> values that are not configurable. Thus, while I'd like to use it,
> they use a configuration option that would break things badly at my
> $DAYJOB. (Too many gradle plugins using jgit, which doesn't
> understand index.version=4 and will blow up with a very suboptimal
> error message when they see it.) And, it's very specific to scalar;
> we probably don't want to add a new toplevel command everytime someone
> wants common configuration to be easily grabbed by some user.
>
> It would be nice if we could find some more generic solution.
> Granted, I can't think of any, and I don't think this comment should
> block this particular series (nor the scalar one), but I am worrying a
> little bit that we're getting multiple completely different solutions
> for the same general problem, and each brings caveats big enough to
> preclude many (most?) potential users. I don't know what to do about
> that, especially since configuration that is too easy to propagate
> comes with big security problems, but I wanted to at least raise the
> issue and hope others have good ideas. If nothing else, I want to
> raise awareness to avoid proliferation of similar
> pre-vetted-configuration-deployment mechanisms. I'm CC'ing a couple
> scalar folks as well for that point.
Yes, that's an accurate description. To reiterate what Jonathan said in
his first cover letter [1], the primary motivation is that we want to be
able to 'suggest' hooks to users. There was an RFC for this
'remote-suggested hooks feature' (docs [2], RFC implementation [3]) but
it ultimately stalled due to security concerns I believe (this was
before I joined the team, so I'm not the most familiar with this).
It might be worth re-reading those threads since they tread on pretty
much the same ground of shipping pre-vetted config (this is directed at
me too, since I haven't read through those in detail). I've also been
told that we're (aka Google) still looking for feedback on [2], so feel
free to share any thoughts on that thread too.
[1] https://lore.kernel.org/git/cover.1634077795.git.jonathantanmy@google.com
[2] https://lore.kernel.org/git/pull.908.v4.git.1620241892929.gitgitgadget@gmail.com/
[3] https://lore.kernel.org/git/cover.1623881977.git.jonathantanmy@google.com/
next prev parent reply other threads:[~2021-12-28 23:15 UTC|newest]
Thread overview: 87+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-12 22:57 [RFC PATCH 0/2] Conditional config includes based on remote URL Jonathan Tan
2021-10-12 22:57 ` [RFC PATCH 1/2] config: make git_config_include() static Jonathan Tan
2021-10-12 23:07 ` Jeff King
2021-10-12 23:26 ` Junio C Hamano
2021-10-13 8:26 ` Ævar Arnfjörð Bjarmason
2021-10-13 17:00 ` Junio C Hamano
2021-10-13 18:13 ` Jonathan Tan
2021-10-12 22:57 ` [RFC PATCH 2/2] config: include file if remote URL matches a glob Jonathan Tan
2021-10-12 23:30 ` Jeff King
2021-10-13 18:33 ` Jonathan Tan
2021-10-27 11:40 ` Jeff King
2021-10-27 17:23 ` Jonathan Tan
2021-10-12 23:48 ` Junio C Hamano
2021-10-13 19:52 ` Jonathan Tan
2021-10-13 0:46 ` [RFC PATCH 0/2] Conditional config includes based on remote URL brian m. carlson
2021-10-13 18:17 ` Jonathan Tan
2021-10-18 20:48 ` Jonathan Tan
2021-10-22 3:12 ` Emily Shaffer
2021-10-27 11:55 ` Jeff King
2021-10-27 17:52 ` Jonathan Tan
2021-10-27 20:32 ` Jeff King
2021-10-25 13:03 ` Ævar Arnfjörð Bjarmason
2021-10-25 18:53 ` Jonathan Tan
2021-10-26 10:12 ` Ævar Arnfjörð Bjarmason
2021-10-29 17:31 ` [WIP v2 " Jonathan Tan
2021-10-29 17:31 ` [WIP v2 1/2] config: make git_config_include() static Jonathan Tan
2021-11-05 19:45 ` Emily Shaffer
2021-10-29 17:31 ` [WIP v2 2/2] config: include file if remote URL matches a glob Jonathan Tan
2021-11-05 20:24 ` Emily Shaffer
2021-11-06 4:41 ` Ævar Arnfjörð Bjarmason
2021-11-09 0:25 ` Jonathan Tan
2021-11-09 0:22 ` Jonathan Tan
2021-11-16 0:00 ` [PATCH v3 0/2] Conditional config includes based on remote URL Jonathan Tan
2021-11-16 0:00 ` [PATCH v3 1/2] config: make git_config_include() static Jonathan Tan
2021-11-16 0:00 ` [PATCH v3 2/2] config: include file if remote URL matches a glob Jonathan Tan
2021-11-22 22:59 ` Glen Choo
2021-11-29 17:53 ` Jonathan Tan
2021-11-23 1:22 ` Junio C Hamano
2021-11-29 18:18 ` Jonathan Tan
2021-12-01 18:51 ` Junio C Hamano
2021-12-02 23:14 ` Jonathan Tan
2021-11-23 1:27 ` Ævar Arnfjörð Bjarmason
2021-11-29 18:33 ` Jonathan Tan
2021-11-29 20:50 ` Ævar Arnfjörð Bjarmason
2021-11-29 20:23 ` [PATCH v4 0/2] Conditional config includes based on remote URL Jonathan Tan
2021-11-29 20:23 ` [PATCH v4 1/2] config: make git_config_include() static Jonathan Tan
2021-11-29 20:23 ` [PATCH v4 2/2] config: include file if remote URL matches a glob Jonathan Tan
2021-12-02 6:57 ` Junio C Hamano
2021-12-02 17:41 ` Jonathan Tan
2021-11-29 20:48 ` [PATCH v4 0/2] Conditional config includes based on remote URL Ævar Arnfjörð Bjarmason
2021-11-30 7:51 ` Junio C Hamano
2021-12-02 23:31 ` [PATCH v5 " Jonathan Tan
2021-12-02 23:31 ` [PATCH v5 1/2] config: make git_config_include() static Jonathan Tan
2021-12-02 23:31 ` [PATCH v5 2/2] config: include file if remote URL matches a glob Jonathan Tan
2021-12-06 22:32 ` Glen Choo
2021-12-07 17:53 ` Jonathan Tan
2021-12-06 18:57 ` [PATCH v5 0/2] Conditional config includes based on remote URL Ævar Arnfjörð Bjarmason
2021-12-07 17:46 ` Jonathan Tan
2021-12-07 17:56 ` Ævar Arnfjörð Bjarmason
2021-12-07 18:52 ` Jonathan Tan
2021-12-07 23:23 ` [PATCH v6 " Jonathan Tan
2021-12-07 23:23 ` [PATCH v6 1/2] config: make git_config_include() static Jonathan Tan
2021-12-07 23:23 ` [PATCH v6 2/2] config: include file if remote URL matches a glob Jonathan Tan
2021-12-08 19:19 ` Glen Choo
2021-12-09 22:16 ` Jonathan Tan
2021-12-08 19:55 ` Glen Choo
2021-12-09 22:39 ` Jonathan Tan
2021-12-09 23:33 ` Glen Choo
2021-12-13 23:35 ` Jonathan Tan
2021-12-10 21:45 ` Junio C Hamano
2021-12-13 23:37 ` Jonathan Tan
2021-12-14 21:31 ` [PATCH v7 0/2] Conditional config includes based on remote URL Jonathan Tan
2021-12-14 21:31 ` [PATCH v7 1/2] config: make git_config_include() static Jonathan Tan
2021-12-14 21:31 ` [PATCH v7 2/2] config: include file if remote URL matches a glob Jonathan Tan
2021-12-16 21:54 ` Glen Choo
2021-12-28 0:55 ` Elijah Newren
2022-01-10 18:58 ` Jonathan Tan
2021-12-16 21:57 ` [PATCH v7 0/2] Conditional config includes based on remote URL Glen Choo
2021-12-28 1:13 ` Elijah Newren
2021-12-28 23:13 ` Glen Choo [this message]
2022-01-10 19:22 ` Jonathan Tan
2022-01-10 20:17 ` Elijah Newren
2022-01-25 13:26 ` Scalar vs JGit, was " Johannes Schindelin
2022-01-18 17:47 ` [PATCH v8 " Jonathan Tan
2022-01-18 17:47 ` [PATCH v8 1/2] config: make git_config_include() static Jonathan Tan
2022-01-18 17:47 ` [PATCH v8 2/2] config: include file if remote URL matches a glob Jonathan Tan
2022-01-18 20:54 ` [PATCH v8 0/2] Conditional config includes based on remote URL Elijah Newren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=kl6lee5w5nng.fsf@chooglen-macbookpro.roam.corp.google.com \
--to=chooglen@google.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jonathantanmy@google.com \
--cc=newren@gmail.com \
--cc=stolee@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).