diff options
Diffstat (limited to 'Documentation/config/transfer.txt')
| -rw-r--r-- | Documentation/config/transfer.txt | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/Documentation/config/transfer.txt b/Documentation/config/transfer.txt index 7ed917f..f1ce50f 100644 --- a/Documentation/config/transfer.txt +++ b/Documentation/config/transfer.txt @@ -7,13 +7,13 @@ transfer.credentialsInUrl:: and any other direct use of the configured URL. + Note that this is currently limited to detecting credentials in -`remote.<name>.url` configuration, it won't detect credentials in +`remote.<name>.url` configuration; it won't detect credentials in `remote.<name>.pushurl` configuration. + You might want to enable this to prevent inadvertent credentials exposure, e.g. because: + -* The OS or system where you're running git may not provide way way or +* The OS or system where you're running git may not provide a way or otherwise allow you to configure the permissions of the configuration file where the username and/or password are stored. * Even if it does, having such data stored "at rest" might expose you @@ -21,12 +21,12 @@ exposure, e.g. because: system. * The git programs will pass the full URL to one another as arguments on the command-line, meaning the credentials will be exposed to other - users on OS's or systems that allow other users to see the full + unprivileged users on systems that allow them to see the full process list of other users. On linux the "hidepid" setting documented in procfs(5) allows for configuring this behavior. + If such concerns don't apply to you then you probably don't need to be -concerned about credentials exposure due to storing that sensitive +concerned about credentials exposure due to storing sensitive data in git's configuration files. If you do want to use this, set `transfer.credentialsInUrl` to one of these values: + @@ -115,3 +115,13 @@ transfer.unpackLimit:: transfer.advertiseSID:: Boolean. When true, client and server processes will advertise their unique session IDs to their remote counterpart. Defaults to false. + +transfer.bundleURI:: + When `true`, local `git clone` commands will request bundle + information from the remote server (if advertised) and download + bundles before continuing the clone through the Git protocol. + Defaults to `false`. + +transfer.advertiseObjectInfo:: + When `true`, the `object-info` capability is advertised by + servers. Defaults to false. |