On Thu, Apr 05 2018, Olaf Hering wrote:

[Changed subject]

> My ~/.gitconfig looks like this, because all cloned repositories require 
> these settings:
> [sendemail]
>         from = Olaf Hering <o...@aepfle.de>
>         envelopesender = o...@aepfle.de
>         chainreplyto = false
>         ccover = yes
>         smtpencryption = tls
>         smtpdomain = sender
>         smtppass = smtppass
>         smtpAuth = PLAIN
>         smtpserver = smtp.strato.de
>         smtpuser = smtpuser
>         confirm = always
>         assume8bitEncoding = yes
>         transferEncoding = 8bit
>
> Now there is that one repo that requires this:
>
> [sendemail]
>         from = Olaf Hering <a@b.c>
>         envelopesender = a@b.c
>         smtpserver = otherhost
>
> That "otherhost" does just plain oldstyle unencrypted SMTP.
>
> How do I undo the global sendemail settings for that one repo?
> Setting the knobs to empty strings does not help:
> Command unknown: 'AUTH' at /usr/lib/git/git-send-email line 1455.
>
> It seems the global smtpuser is causing the error.

There isn't any way to do this, the only way out is the hack of using
conditional includes and placing this repository in some special
location.

In general it would be very nice if git learned to conditionally pay
attention to config from various places, I've been meaning to work on
this but haven't figured out a good syntax for it (suggestions
welcome!). Things I'd like to do:

1) Set some config in e.g. ~/.gitconfig saying that I want to ignore
   everything from /etc/gitconfig, or in /some/repo/.git/config saying I
   want to ignore ~/.gitconfig but not /etc/gitconfig.

2) Ditto #1 but more granular, e.g. for your use-case saying you're OK
   with grabbing ~/.gitconfig, but you'd like to ignore all sendemail.*
   values from there, or say in your local .git/config that you'd like
   to ignore all previously set sendemail.* no matter where it came
   from.

3) Ability to re-arrange the config priority, right now it's hardcoded
   that we look at /etc/gitconfig, then ~/.gitconfig then your
   .git/config. You can add a config for ~/work with the conditional
   includes, but it would be nice (just as a general thing) to also
   re-arrange things so /etc/gitconfig gets parsed last or whatever.

   I don't really have a use-case for that, but adding such priorities
   would be simple once we had support for #1 and #2, just some
   "priority" integer you could override for each file, and we'd set
   default values for them, e.g. 10 for /etc/gitconfig, 20 for
   ~/.gitconfig, 40 for .git/config etc.

For any of this to work we'd need to re-arrange the config code so that
we'd fully parse all the config files first, and consider any such
"ignore the thing before me" rules in each file, and then make a second
pass over the config data

The ulterior motive I want this for is to eventually support some
facility where we can safely load a .gitconfig from clone repos, since
once we have this for other reasons (and as noted above, it would be
useful for that in its own right) we can load .gitconfig from some
untrusted source, because we're going to be able to say that we only
trust the repo's .gitconfig to set sendemail.to or whatever, but nothing
else.

Previous ramblings from me on this subject:
https://public-inbox.org/git/87zi6eakkt....@evledraar.gmail.com/

So maybe something like this in a .git/config

    # Reject all previous such [config] overrides, by default we'd add
    # them (as default in git config)
    [config]
    reject = *
    [config "system"]
    priority = 50
    reject = *
    accept = sendmail.*
    [config "global"]
    reject = *
    accept = sendmail.*

And eventually have git itself mark up each config option on some scale
of least harmful (sendmail.to & friends) to most harmful (executing
shell aliases), and:

    # Remote maintained untrusted config
    [config "repo"]
    acceptLevel = least-harmful

Or whatever toggle to include some default policy shipped with
git. Actually we could just do that with more generally with config
includes if we learned some syntax for including some templates shipped
with git itself.

Reply via email to