On Fri, Sep 30, 2016 at 9:35 PM, Jeff King <p...@peff.net> wrote:
> I've mentioned before on the list that GitHub "quarantines" objects
> while the pre-receive hook runs. Here are the patches to implement
Great! Thanks for upstreaming these patches!
I wonder if the patch you sent in:
is still useful or not.
> The basic problem is that as-is, index-pack admits pushed objects into
> the main object database immediately, before the pre-receive hook runs.
> It _has_ to, since the hook needs to be able to actually look at the
> objects. However, this means that if the pre-receive hook rejects the
> push, we still end up with the objects in the repository. We can't just
> delete them as temporary files, because we don't know what other
> processes might have started referencing them.
> The solution here is to push into a "quarantine" directory that is
> accessible only to pre-receive, check_connected(), etc, and only
> move the objects into the main object database after we've finished
> those basic checks.
I guess if we fail the receive-pack because the pack is bigger than
receive.maxInputSize, then the "quarantine" directory will also be
removed, so the part of the pack that we received before failing the
receive-pack will be deleted.
> These two patches set that up by letting index-pack and pre-receive
> know that quarantine path and use it to store arbitrary files that
> _don't_ get migrated to the main object database (i.e., the log file
> mentioned above).
It would be nice to have a diffstat for the whole series.