[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Recommend these .gitconfig settings for git integrity.
|
From: |
Karl Fogel |
|
Subject: |
Recommend these .gitconfig settings for git integrity. |
|
Date: |
Sun, 31 Jan 2016 14:22:02 -0600 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.0.90 (gnu/linux) |
I've just added these settings to my ~/.gitconfig. Based on some recent
reports, it might be a good idea for all of us to do the same:
[transfer]
fsckObjects = true
[fetch]
fsckObjects = true
[receive]
fsckObjects = true
Summary:
Although git communicates object ID by content-addressable hashes (thus in
theory ensuring integrity), git apparently doesn't always bother to actually
*check* the hashes, e.g., when receiving objects from remote repositories.
Enabling the above settings causes git to notice if someone ships you a bogus
object, which seems like, er, a win. You might be worried about a slowdown in
some git operations, since content would now be checked against a hash, but
according to those who've enabled the settings there's no noticeable slowdown
in practice.
So, based on the discussion in the thread below, there are good reasons for
everyone to enable these settings, and no reason not to. (I was kind of
surprised they weren't turned on by default in git, actually.)
See this post & thread for more details:
From: Eric Myhre
Subject: git integrity
To: binary-transparency (Google Group)
Message-ID: <address@hidden>
Date: Fri, 29 Jan 2016 11:15:39 -0800
https://groups.google.com/forum/#!topic/binary-transparency/f-BI4o8HZW0
See also these bug tickets mentioned by DKG in the thread:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813157
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743227
If we have consensus here, I could add this recommendation to the 'CONTRIBUTE'
file in the Emacs tree; I'll wait to see what the followup is before doing
that, however.
Best regards,
-Karl
- Recommend these .gitconfig settings for git integrity.,
Karl Fogel <=