| commit | d739f0b17f1e857b3493362e6c286adeb3c2a459 | |
| author | Kyle J. McKay <mackyle@gmail.com> | |
| Thu, 22 Feb 2018 02:35:21 +0000 (21 18:35 -0800) | ||
| committer | Kyle J. McKay <mackyle@gmail.com> | |
| Thu, 22 Feb 2018 02:35:21 +0000 (21 18:35 -0800) | ||
| tree | 73e78571a3d3395d3172d922c8be0a1a86c6b050 | treesnapshot (tar.gz zip) |
| parent | 05aa5823a0a06a2b3895156f8cc2d1d530e9d9aa | commitdiff |
fetch: hide the stash
Hide the "stash" ref(s) from remote fetch clients when possible.
Git will not allow single-level refs (e.g. "refs/stash") to be
pushed in the first place. The only way one could end up in a
Girocco repository is when linked working trees (or, gasp, non-bare
Girocco repositories) are in use or a non-clean mirror fetch retrieves
such a ref.
But for the "git log --walk-reflogs" facility to actually work as
designed, a copy of the ref log file for the ref in question must
be available. There's no mechanism available for a remote to fetch
a ref log. Even though Girocco will now attempt to retain anything
reachable solely via a ref log entry, there's just no mechanism for
remotes to use any of the server's ref logs.
Therefore, attempt to hide known "stash" refs by default to avoid
confusing remote clients. They would only ever be fetched by a
full "mirror" clone anyway and would otherwise bloat the primary
pack and virtual bundle unnecessarily.
Unless the new "obscure" configuration item has been set to a true
value, omit any existing "stash" refs from the primary pack (and
therefore the virtual bundle too). They WILL be included in the
secondary pack so nothing will get lost for local linked working
tree users. Always do this regardless of Git version.
In addition tell Git to "hide" those refs from remote fetchers when
possible. Since Git 1.8.2 it's possible to "hide" them from remote
fetchers over the "git:" and "ssh:" protocols. However, due to an
unfortunate Git bug that was not fixed until Git 2.3.5 it's unsafe
to attempt to hide them from smart "http:/https:" fetchers before
Git version 2.3.5 as it can result in fetches actually failing.
It's only the server's Git version that matters for "hide" support.
These refs cannot be hidden from non-smart HTTP fetchers or any
other non-smart mechanism that may be provided (i.e. rsync/ftp/etc.)
as those mechanisms use the $gitdir/info/refs file which does NOT
exclude them.
This "hiding" should not be considered secure (see the "SECURITY"
section of `git help namespaces` for details), but rather an
efficiency and "cleanliness" change.
A determined pursuer is bound to find a way to your stash even with
this change, but everyone else will appreciate the cleanup.
Signed-off-by: Kyle J. McKay <mackyle@gmail.com>
Hide the "stash" ref(s) from remote fetch clients when possible.
Git will not allow single-level refs (e.g. "refs/stash") to be
pushed in the first place. The only way one could end up in a
Girocco repository is when linked working trees (or, gasp, non-bare
Girocco repositories) are in use or a non-clean mirror fetch retrieves
such a ref.
But for the "git log --walk-reflogs" facility to actually work as
designed, a copy of the ref log file for the ref in question must
be available. There's no mechanism available for a remote to fetch
a ref log. Even though Girocco will now attempt to retain anything
reachable solely via a ref log entry, there's just no mechanism for
remotes to use any of the server's ref logs.
Therefore, attempt to hide known "stash" refs by default to avoid
confusing remote clients. They would only ever be fetched by a
full "mirror" clone anyway and would otherwise bloat the primary
pack and virtual bundle unnecessarily.
Unless the new "obscure" configuration item has been set to a true
value, omit any existing "stash" refs from the primary pack (and
therefore the virtual bundle too). They WILL be included in the
secondary pack so nothing will get lost for local linked working
tree users. Always do this regardless of Git version.
In addition tell Git to "hide" those refs from remote fetchers when
possible. Since Git 1.8.2 it's possible to "hide" them from remote
fetchers over the "git:" and "ssh:" protocols. However, due to an
unfortunate Git bug that was not fixed until Git 2.3.5 it's unsafe
to attempt to hide them from smart "http:/https:" fetchers before
Git version 2.3.5 as it can result in fetches actually failing.
It's only the server's Git version that matters for "hide" support.
These refs cannot be hidden from non-smart HTTP fetchers or any
other non-smart mechanism that may be provided (i.e. rsync/ftp/etc.)
as those mechanisms use the $gitdir/info/refs file which does NOT
exclude them.
This "hiding" should not be considered secure (see the "SECURITY"
section of `git help namespaces` for details), but rather an
efficiency and "cleanliness" change.
A determined pursuer is bound to find a way to your stash even with
this change, but everyone else will appreciate the cleanup.
Signed-off-by: Kyle J. McKay <mackyle@gmail.com>