Thread (12 messages) 12 messages, 5 authors, 2025-09-15

Re: [DISCUSS] validation on git config user.email

From: usharerose <hidden>
Date: 2025-09-12 18:03:10

On Fri, Sep 12, 2025 at 11:39 PM Thomas Guyot [off-list ref] wrote:
To add to the other valid responses, email is something that can be
validated by hooks server-side to enforce not only proper formatting but
also valid users are being used, ex. validating against an LDAP directory.

This is much better that validating it at the command level (although
IIRC git-comit does warn about possibly unset/invalid email addresses).
In addition, unless git starts enforcing stricter rules on the commit
message format (which would be a breaking change), nothing else can
prevent someone from constructing commits with invalid emails, so checks
by git-commit alone can't be strictly enforceable.

Furthermore, imported commits from other SCMs may have odd user
name/email and it may be desirable to keep then in their original
formats rather than turning them into fake email addresses.
Thanks for your detailed reply, Thomas. I've understood the scenarios
you mentioned.

My intention behind the original question was not to suggest adding
the feature of validation for email legitimacy, but rather to inquire
about and understand the rationale behind the initial design decision
to forgo strict validation when the user identity feature (user.email)
was implemented.

So, are the use cases above mentioned more of a case of "exploiting a perceived
backdoor that later became justified" or "a thoughtfully made design
decision from the beginning"?
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help