git - Git: sistema de control de versiones

diff options

author	Jonathan Nieder <jrnieder@gmail.com>	2019-12-05 09:30:43 (GMT)
committer	Johannes Schindelin <johannes.schindelin@gmx.de>	2019-12-06 15:27:38 (GMT)
commit	bb92255ebe6bccd76227e023d6d0bc997e318ad0 (patch)
tree	d506e15c7903457a57677942a619c07e36e0509e /compat
parent	bdfef0492cada3fb36f454804796bf12c79a7136 (diff)
download	git-bb92255ebe6bccd76227e023d6d0bc997e318ad0.zip git-bb92255ebe6bccd76227e023d6d0bc997e318ad0.tar.gz git-bb92255ebe6bccd76227e023d6d0bc997e318ad0.tar.bz2

fsck: reject submodule.update = !command in .gitmodules

This allows hosting providers to detect whether they are being used to attack users using malicious 'update = !command' settings in .gitmodules. Since ac1fbbda2013 (submodule: do not copy unknown update mode from .gitmodules, 2013-12-02), in normal cases such settings have been treated as 'update = none', so forbidding them should not produce any collateral damage to legitimate uses. A quick search does not reveal any repositories making use of this construct, either. Reported-by: Joern Schneeweisz <jschneeweisz@gitlab.com> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Diffstat (limited to 'compat')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: