When adding or updating configuration values using git-config, the values could all be observed by different processes as these are passed as arguments. In some environments all commands executed are also all logged. When the value contains secrets, this is a side effect that would be great to avoid. At GitLab we use Rugged/libgit2 to circumvent this property[1].
The following patch allows a value to be set through stdin when the user passes a `--stdin` flag. [1]: https://gitlab.com/gitlab-org/gitaly/blob/8ab5bd595984678838f3f09a96798b149e68a939/ruby/lib/gitlab/git/http_auth.rb#L14-15 Zeger-Jan van de Weg (1): Git config allows value setting from stdin Documentation/git-config.txt | 5 ++++- builtin/config.c | 23 +++++++++++++++++++++-- t/t1300-config.sh | 11 +++++++++++ 3 files changed, 36 insertions(+), 3 deletions(-) -- 2.23.0
