Re: [PATCH v3 04/35] upload-pack: convert to a builtin
From: Jonathan Nieder <hidden>
Date: 2018-02-22 21:33:00
From: Jonathan Nieder <hidden>
Date: 2018-02-22 21:33:00
Jeff King wrote:
The current property is that it's safe to fetch from an untrusted repository, even over ssh. If we're keeping that for protocol v1, we'd want it to apply to protocol v2, as well.
Ah, this is what I had been missing (the non-ssh case). I see your point. I think we need to fix the pager config issue and add some clarifying documentation to git.c so that people know what to look out for. Keep in mind that git upload-archive (a read-only command, just like git upload-pack) also already has the same issues. Thanks, Jonathan