| commit | 0f85c4a30b072a26d74af8bbf63cc8f6a5dfc1b8 | |
| author | Derrick Stolee <derrickstolee@github.com> | |
| Wed, 13 Apr 2022 15:32:31 +0000 (13 15:32 +0000) | ||
| committer | Junio C Hamano <gitster@pobox.com> | |
| Wed, 13 Apr 2022 19:42:51 +0000 (13 12:42 -0700) | ||
| tree | 8bbeb9a92eefc50631e226f50681c0a726b4c62e | treesnapshot (tar.gz zip) |
| parent | bb50ec3cc300eeff3aba7a2bea145aabdb477d31 | commitdiff |
setup: opt-out of check with safe.directory=*
With the addition of the safe.directory in 8959555ce
(setup_git_directory(): add an owner check for the top-level directory,
2022-03-02) released in v2.35.2, we are receiving feedback from a
variety of users about the feature.
Some users have a very large list of shared repositories and find it
cumbersome to add this config for every one of them.
In a more difficult case, certain workflows involve running Git commands
within containers. The container boundary prevents any global or system
config from communicating `safe.directory` values from the host into the
container. Further, the container almost always runs as a different user
than the owner of the directory in the host.
To simplify the reactions necessary for these users, extend the
definition of the safe.directory config value to include a possible '*'
value. This value implies that all directories are safe, providing a
single setting to opt-out of this protection.
Note that an empty assignment of safe.directory clears all previous
values, and this is already the case with the "if (!value || !*value)"
condition.
Signed-off-by: Derrick Stolee <derrickstolee@github.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
With the addition of the safe.directory in 8959555ce
(setup_git_directory(): add an owner check for the top-level directory,
2022-03-02) released in v2.35.2, we are receiving feedback from a
variety of users about the feature.
Some users have a very large list of shared repositories and find it
cumbersome to add this config for every one of them.
In a more difficult case, certain workflows involve running Git commands
within containers. The container boundary prevents any global or system
config from communicating `safe.directory` values from the host into the
container. Further, the container almost always runs as a different user
than the owner of the directory in the host.
To simplify the reactions necessary for these users, extend the
definition of the safe.directory config value to include a possible '*'
value. This value implies that all directories are safe, providing a
single setting to opt-out of this protection.
Note that an empty assignment of safe.directory clears all previous
values, and this is already the case with the "if (!value || !*value)"
condition.
Signed-off-by: Derrick Stolee <derrickstolee@github.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| Documentation/config/safe.txt | diffblobblamehistory | |
| setup.c | diffblobblamehistory | |
| t/t0033-safe-directory.sh | diffblobblamehistory |