Re: [PATCH v3 04/35] upload-pack: convert to a builtin
From: Jeff King <hidden>
Date: 2018-02-22 20:21:58
On Thu, Feb 22, 2018 at 03:19:40PM -0500, Jeff King wrote:
quoted
To be clear, which of the following are you (most) worried about? 1. being invoked with --help and spawning a pager 2. receiving and acting on options between 'git' and 'upload-pack' 3. repository discovery 4. pager config 5. alias discovery 6. increased code surface / unknown threatsMy immediate concern is (4). But my greater concern is that people who work on git.c should not have to worry about accidentally violating this principle when they add a new feature or config option. In other words, it seems like an accident waiting to happen. I'd be more amenable to it if there was some compelling reason for it to be a builtin, but I don't see one listed in the commit message. I see only "let's make it easier to share the code", which AFAICT is equally served by just lib-ifying the code and calling it from the standalone upload-pack.c.
By the way, any decision here would presumably need to be extended to git-serve, etc. The current property is that it's safe to fetch from an untrusted repository, even over ssh. If we're keeping that for protocol v1, we'd want it to apply to protocol v2, as well. -Peff