On Thu, Aug 15, 2019 at 10:15:24AM -0400, Derrick Stolee wrote:

> >  - Do we want to advertise the Git mailing list for bug reports?
> 
> That is possible. Isn't there another mailing list for git users?

I know there's an IRC channel for Git users, I dunno about mailing list.
I'm worried that places I name as points of contact will grow stale,
although I suppose #git on freenode isn't really going anywhere, for
example. (But as a counterexample, I hope that nobody sends something
like this to #git-devel, which seems to have a lower population than
this mailing list.)

> 
> I could see a patch added on top of this for git-for-windows/git that
> changes the instructions to create issues on GitHub.

Indeed; I imagine we'd probably like to patch it to ask for bugs in our
bug tracker.

> 
> >  - Which config options should we filter to avoid accidentally receiving
> >    credentials?
> 
> The remote URLs are pretty sensitive. Not only do users sometimes put 
> passwords
> or PATs into their URLs, the literal name of the repo could be a secret.

Now here's where I start to wonder. We often debug internally by asking
for the remote URL and replicating the issue there, which is why I
mentioned it explicitly in the commit message. But I hadn't considered
folks including the password in the URL.

Well, I suppose anybody can keep a local patch to change the config
filter pattern. I'll try to make it easy to spot and modify.

[snip]

> At first I was alarmed by "What? another shell script?" but this command 
> should
> prioritize flexibility and extensibility over speed. Running multiple 
> processes
> shouldn't be too taxing for what we are trying to do here.

If shell scripts are entirely deprecated I can convert it, but doing it
in C seemed like overkill when I really just wanted "what are all the
commands we would ask the user to run and tell us the output?". I
figured also that it would be a little more immune to bitrot to output
the contents of porcelain commands here.

> > +   echo "[Git Config]"
> > +   # TODO: Pass this through grep -v to avoid users sending us their 
> > credentials.
> > +   git config --show-origin --list
> > +   echo
> 
> Config options to consider stripping out:
> 
>       *url*
>       *pass* (anything "password" but also "sendmail.smtppass")

Done, thanks.

> 
> > +   echo "[Configured Hooks]"
> > +   find "$GIT_DIR/hooks/" -type f | grep -v "\.sample$" | 
> > print_filenames_and_content
> > +   echo
> 
> Remove the sample hooks, but focus on the others. Will this look like garbage 
> if a hook
> is a binary file?

Yeah, I'm sure it will. I'll add a check to
print_filenames_and_content() so it can tell us if there is a hook
installed there, even if we can't see the content.

> 
> > +
> > +   echo "[Git Logs]"
> > +   find "$GIT_DIR/logs" -type f | print_filenames_and_content
> > +   echo
> 
> As mentioned before, I've sometimes found it helpful to know the data shape 
> for the object
> store. Having a few extra steps such as the following could be nice:
> 
>       echo "[Loose Objects]"
>       for objdir in $(find "$GIT_DIR/objects/??" -type d)
>       do
>               echo "$objdir: $(ls $objdir | wc -l)"
`echo "$objdir: $(ls $objdir | wc -l) objects`
I'll add context so we don't need to have the bugreport script memorized
in order to read a bugreport :)
>       done
>       echo
> 
>       echo "[Pack Data]"
>       ls -l "$GIT_DIR/objects/pack"
>       echo
> 
>       echo "[Object Info Data]"
>       ls -lR "$GIT_DIR/objects/info"
>       echo
> 
>       echo "[Alternates File]"
>       echo "========"
>       cat "$GIT_DIR/objects/info/alternates"
>       echo
> 
> That last one will collect information on the commit-graph file, even if it 
> is an
> incremental file.

Thanks Stolee, these are awesome and exactly the kind of feedback I was
hoping for.

> 
> I think this is a great start, and I'll take some time later to try it out.
> 
> Thanks,
> -Stolee

Awesome. I'm excited to hear how it goes.

 - Emily

Reply via email to