summaryrefslogtreecommitdiff
path: root/submodule.c
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2016-05-04 21:22:19 -0400
committerJunio C Hamano <gitster@pobox.com>2016-05-06 12:54:27 -0700
commit89044baa8b8a14b48e78a42ebdc43cfcd144ce28 (patch)
tree007d5ef2fc99a223bf9245a3f78b062bc68d9930 /submodule.c
parentc12e8656700be6084aec49df66447e701fda1ecf (diff)
downloadgit-89044baa8b8a14b48e78a42ebdc43cfcd144ce28.tar.gz
submodule: stop sanitizing config optionsjk/submodule-c-credential
The point of having a whitelist of command-line config options to pass to submodules was two-fold: 1. It prevented obvious nonsense like using core.worktree for multiple repos. 2. It could prevent surprise when the user did not mean for the options to leak to the submodules (e.g., http.sslverify=false). For case 1, the answer is mostly "if it hurts, don't do that". For case 2, we can note that any such example has a matching inverted surprise (e.g., a user who meant http.sslverify=true to apply everywhere, but it didn't). So this whitelist is probably not giving us any benefit, and is already creating a hassle as people propose things to put on it. Let's just drop it entirely. Note that we still need to keep a special code path for "prepare the submodule environment", because we still have to take care to pass through $GIT_CONFIG_PARAMETERS (and block the rest of the repo-specific environment variables). We can do this easily from within the submodule shell script, which lets us drop the submodule--helper option entirely (and it's OK to do so because as a "--" program, it is entirely a private implementation detail). Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'submodule.c')
-rw-r--r--submodule.c39
1 files changed, 1 insertions, 38 deletions
diff --git a/submodule.c b/submodule.c
index c18ab9b397..d598881114 100644
--- a/submodule.c
+++ b/submodule.c
@@ -1098,50 +1098,13 @@ void connect_work_tree_and_git_dir(const char *work_tree, const char *git_dir)
strbuf_release(&rel_path);
free((void *)real_work_tree);
}
-/*
- * Rules to sanitize configuration variables that are Ok to be passed into
- * submodule operations from the parent project using "-c". Should only
- * include keys which are both (a) safe and (b) necessary for proper
- * operation.
- */
-static int submodule_config_ok(const char *var)
-{
- if (starts_with(var, "credential."))
- return 1;
- return 0;
-}
-
-int sanitize_submodule_config(const char *var, const char *value, void *data)
-{
- struct strbuf *out = data;
-
- if (submodule_config_ok(var)) {
- if (out->len)
- strbuf_addch(out, ' ');
-
- if (value)
- sq_quotef(out, "%s=%s", var, value);
- else
- sq_quote_buf(out, var);
- }
-
- return 0;
-}
void prepare_submodule_repo_env(struct argv_array *out)
{
const char * const *var;
for (var = local_repo_env; *var; var++) {
- if (!strcmp(*var, CONFIG_DATA_ENVIRONMENT)) {
- struct strbuf sanitized_config = STRBUF_INIT;
- git_config_from_parameters(sanitize_submodule_config,
- &sanitized_config);
- argv_array_pushf(out, "%s=%s", *var, sanitized_config.buf);
- strbuf_release(&sanitized_config);
- } else {
+ if (strcmp(*var, CONFIG_DATA_ENVIRONMENT))
argv_array_push(out, *var);
- }
}
-
}