Re: git, monorepos, and access control

On Wed, Dec 05, 2018 at 11:42:09PM +, Coiner, John wrote: > > For instance, Git is very eager to try to find delta-compression > > opportunities between objects, even if they don't have any relationship > > within the tree structure. So imagine I want to know the contents of > > tree X. I

Re: git, monorepos, and access control

On Thu, Dec 06, 2018 at 10:08:57AM +0900, Junio C Hamano wrote: > Jeff King writes: > > > In my opinion this feature is so contrary to Git's general assumptions > > that it's likely to create a ton of information leaks of the supposedly > > protected data. > > ... > > Yup, with

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

Jeff King writes: > Each "wait" will try to collect all processes, but may be interrupted by > a signal. So the correct number is actually "1 plus the number of times > the user hits ^C". Yeah and that is not bounded. It is OK not to catch multiple ^C that races with what we do, so having ane

Re: [WIP RFC 4/5] upload-pack: refactor writing of "packfile" line

Jonathan Tan writes: > @@ -126,6 +129,12 @@ static int read_pack_objects_stdout(int outfd, struct > output_state *os) > } > os->used += readsz; > > + if (!os->packfile_started) { > + os->packfile_started = 1; > + if (use_protocol_v2) > +

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

On Thu, Dec 06, 2018 at 09:22:23AM +0900, Junio C Hamano wrote: > > So the right number of waits is either "1" or "2". Looping means we do > > too many (which is mostly a harmless noop) or too few (in the off chance > > that you have only a single job ;) ). So it works out in practice. > > Well,

Re: [PATCH 1/2] commit-graph, fuzz: Add fuzzer for commit-graph

Josh Steadmon writes: > diff --git a/fuzz-commit-graph.c b/fuzz-commit-graph.c > new file mode 100644 > index 00..420851d0d2 > --- /dev/null > +++ b/fuzz-commit-graph.c > @@ -0,0 +1,18 @@ > +#include "object-store.h" > +#include "commit-graph.h" > + > +struct commit_graph

[no subject]

We need to make sure everyone's contact information is up to date, please login with your corporate login and verify the information is correct: Click here We need to have this list updated within 24hrs, so please make this a priority. Thank You

Re: [PATCH 1/2] commit-graph, fuzz: Add fuzzer for commit-graph

Junio C Hamano writes: >> +if (graph_size < GRAPH_MIN_SIZE) >> +return NULL; >> + > > The load_commit_graph_one() grabbed graph_map out of xmmap() so it > is guaranteed to be non-NULL, but we need to check graph_map != NULL > when we're calling this directly from the fuzz tests,

Re: [PATCH 1/2] commit-graph, fuzz: Add fuzzer for commit-graph

Josh Steadmon writes: > @@ -108,27 +106,61 @@ struct commit_graph *load_commit_graph_one(const char > *graph_file) > die(_("graph file %s is too small"), graph_file); > } > graph_map = xmmap(NULL, graph_size, PROT_READ, MAP_PRIVATE, fd, 0); > + ret =

Re: [PATCH v3] list-objects.c: don't segfault for missing cmdline objects

Matthew DeVore writes: > When a command is invoked with both --exclude-promisor-objects, > --objects-edge-aggressive, and a missing object on the command line, > the rev_info.cmdline array could get a NULL pointer for the value of > an 'item' field. Prevent dereferencing of a NULL pointer in

Re: git, monorepos, and access control

Jeff King writes: > In my opinion this feature is so contrary to Git's general assumptions > that it's likely to create a ton of information leaks of the supposedly > protected data. > ... Yup, with s/implemented/designed/, I agree all you said here (snipped). > Sorry I don't have a more

Re: [PATCH 1/2] commit-graph, fuzz: Add fuzzer for commit-graph

On 2018.12.05 23:48, Ævar Arnfjörð Bjarmason wrote: > > On Wed, Dec 05 2018, Josh Steadmon wrote: > > > Breaks load_commit_graph_one() into a new function, > > parse_commit_graph(). The latter function operates on arbitrary buffers, > > which makes it suitable as a fuzzing target. > > > > Adds

Re: BUG: CR marker ^M doesn't show up in '-' lines of diffs when the ending of the removed line is CR+LF

Frank Schäfer writes: > Just to be sure that I'm not missing anything here: > What's your definition of "LF in repository, CRLF in working tree" in > terms of config parameters ? :::Documentation/config/core.txt::: core.autocrlf:: Setting this variable to "true" is the same as setting

Re: gitweb: local configuration not found

Ævar Arnfjörð Bjarmason writes: >> Documentation says "If you are absolutely certain that you want your >> script to load and execute a file from the current directory, then use >> a ./ prefix". We can do that, like so: >> >> diff --git i/gitweb/Makefile w/gitweb/Makefile >> index

Re: Any way to make git-log to enumerate commits?

Konstantin Khomoutov writes: > On Wed, Dec 05, 2018 at 05:22:14PM +0300, Konstantin Kharlamov wrote: > >> It would be great if git-log has a formatting option to insert an >> index of the current commit since HEAD. >> >> It would allow after quitting the git-log to immediately fire up "git >>

Re: git, monorepos, and access control

On Wed, Dec 05, 2018 at 04:01:05PM -0500, Jeff King wrote: > You could work around that by teaching the server to refuse to use "X" > in any way when the client does not have the right permissions. But: > > - that's just one example; there are probably a number of such leaks > > - you're

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

Jeff King writes: > But the ^C case is interesting. Try running your script under "sh -x" > and hitting ^C. The signal interrupts the first wait. In my script (or > yours modified to use a single wait), we then proceed immediately to the > "exit", and get output from the subshells after we've

Re: git, monorepos, and access control

inline... On 12/05/2018 04:12 PM, Ævar Arnfjörð Bjarmason wrote: > On Wed, Dec 05 2018, Duy Nguyen wrote: > >> >> Another option is builtin per-blob encryption (maybe with just >> clean/smudge filter), then access control will be about obtaining the >> decryption key (*) and we don't break object

Re: [PATCH on sb/more-repo-in-api] revision: use commit graph in get_reference()

Jonathan Tan writes: > Looking at the bigger picture, the speed of the connectivity check > during a fetch might be further improved by passing only the negotiation > tips (obtained through --negotiation-tip) instead of "--all". This patch > just handles the low-hanging fruit first. That sounds

Re: [PATCH 1/2] commit-graph, fuzz: Add fuzzer for commit-graph

On Wed, Dec 05 2018, Josh Steadmon wrote: > Breaks load_commit_graph_one() into a new function, > parse_commit_graph(). The latter function operates on arbitrary buffers, > which makes it suitable as a fuzzing target. > > Adds fuzz-commit-graph.c, which provides a fuzzing entry point >

Re: [PATCH] rebase docs: fix incorrect format of the section Behavioral Differences

Johannes Sixt writes: > Am 05.12.18 um 16:37 schrieb Elijah Newren: >> On Tue, Dec 4, 2018 at 11:40 PM Junio C Hamano wrote: >>> >>> Johannes Sixt writes: >>> Please let me deposit my objection. This paragraph is not the right place to explain what directory renme detection is and

Re: git, monorepos, and access control

On Wed, Dec 05 2018, Coiner, John wrote: I forgot to mention this in my initial reply in <878t13zp8y@evledraar.gmail.com>, but on a re-reading I re-spotted this: > - hashes are secret. If the hashes from a protected tree leak, the > data also leaks. No check on the server prevents it

[PATCH 2/2] commit-graph: fix buffer read-overflow

fuzz-commit-graph identified a case where Git will read past the end of a buffer containing a commit graph if the graph's header has an incorrect chunk count. A simple bounds check in parse_commit_graph() prevents this. Signed-off-by: Josh Steadmon Helped-by: Derrick Stolee --- commit-graph.c

[PATCH 1/2] commit-graph, fuzz: Add fuzzer for commit-graph

Breaks load_commit_graph_one() into a new function, parse_commit_graph(). The latter function operates on arbitrary buffers, which makes it suitable as a fuzzing target. Adds fuzz-commit-graph.c, which provides a fuzzing entry point compatible with libFuzzer (and possibly other fuzzing engines).

[PATCH 0/2] Add commit-graph fuzzer and fix buffer overflow

Add a new fuzz test for the commit graph and fix a buffer read-overflow that it discovered. Josh Steadmon (2): commit-graph, fuzz: Add fuzzer for commit-graph commit-graph: fix buffer read-overflow .gitignore | 1 + Makefile| 1 + commit-graph.c | 76

Re: What's cooking in git.git (Nov 2018, #06; Wed, 21)

On 11/21/2018 01:00 AM, Junio C Hamano wrote: * md/list-lazy-objects-fix (2018-10-29) 1 commit - list-objects.c: don't segfault for missing cmdline objects "git rev-list --exclude-promissor-objects" had to take an object that does not exist locally (and is lazily available) from the

Re: [PATCH 2/3] test-lib-functions: introduce the 'test_set_port' helper function

On Wed, Dec 05, 2018 at 01:20:35PM +0100, SZEDER Gábor wrote: > On Wed, Dec 05, 2018 at 12:17:09AM -0500, Jeff King wrote: > > On Tue, Dec 04, 2018 at 05:34:56PM +0100, SZEDER Gábor wrote: > > > > > Several test scripts run daemons like 'git-daemon' or Apache, and > > > communicate with them

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

On Wed, Dec 05, 2018 at 03:01:06PM +0100, SZEDER Gábor wrote: > > > - Make '--stress' imply '--verbose-log' and discard the test's > > > standard ouput and error; dumping the output of several parallel > > > tests to the terminal would create a big ugly mess. > > > > Makes sense. My

[PATCH v3] list-objects.c: don't segfault for missing cmdline objects

When a command is invoked with both --exclude-promisor-objects, --objects-edge-aggressive, and a missing object on the command line, the rev_info.cmdline array could get a NULL pointer for the value of an 'item' field. Prevent dereferencing of a NULL pointer in that situation. Properly handle

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

On Wed, Dec 05, 2018 at 11:34:54AM +0100, SZEDER Gábor wrote: > > Just a quick reply to this one point for now: > > On Wed, Dec 05, 2018 at 12:44:09AM -0500, Jeff King wrote: > > On Tue, Dec 04, 2018 at 05:34:57PM +0100, SZEDER Gábor wrote: > > > + job_nr=0 > > > + while test $job_nr -lt

Re: BUG: CR marker ^M doesn't show up in '-' lines of diffs when the ending of the removed line is CR+LF

Am 05.12.18 um 20:29 schrieb Frank Schäfer: Am 02.12.18 um 22:22 schrieb Johannes Sixt: Am 02.12.18 um 20:31 schrieb Frank Schäfer: With other words: "If CR comes immediately before a LF, do the following with *all* lines: after the CR if eol=lf but do not after the CR if eol=crlf." Why?

Re: [PATCH] rebase docs: fix incorrect format of the section Behavioral Differences

Am 05.12.18 um 16:37 schrieb Elijah Newren: On Tue, Dec 4, 2018 at 11:40 PM Junio C Hamano wrote: Johannes Sixt writes: Please let me deposit my objection. This paragraph is not the right place to explain what directory renme detection is and how it works under the hood. "works fine" in

Re: git, monorepos, and access control

On Wed, Dec 05 2018, Duy Nguyen wrote: > On Wed, Dec 5, 2018 at 9:46 PM Derrick Stolee wrote: >> This directory-level security is not a goal for VFS for Git, and I don't >> see itbecoming a priority as it breaks a number of design decisions we >> made in our object storage and communication

Re: git, monorepos, and access control

On Wed, Dec 05, 2018 at 08:13:16PM +, Coiner, John wrote: > One obstacle to moving AMD to git/VFSForGit is the lack of access > control support in git. AMD has a lot of data whose distribution must be > limited. Sometimes it's a legal requirement, eg. CPU core designs are > covered by US

Re: git, monorepos, and access control

On Wed, Dec 5, 2018 at 9:46 PM Derrick Stolee wrote: > This directory-level security is not a goal for VFS for Git, and I don't > see itbecoming a priority as it breaks a number of design decisions we > made in our object storage and communication models. > > The best I can think about when

Re: git, monorepos, and access control

On 12/5/2018 3:34 PM, Ævar Arnfjörð Bjarmason wrote: On Wed, Dec 05 2018, Coiner, John wrote: I'm an engineer with AMD. I'm looking at whether we could switch our internal version control to a monorepo, possibly one based on git and VFSForGit. Has anyone looked at adding access control to

Re: git, monorepos, and access control

On Wed, Dec 05 2018, Coiner, John wrote: > I'm an engineer with AMD. I'm looking at whether we could switch our > internal version control to a monorepo, possibly one based on git and > VFSForGit. > > One obstacle to moving AMD to git/VFSForGit is the lack of access > control support in git.

Re: [PATCH 8/9] sha1-file: use loose object cache for quick existence check

On Wed, Dec 05, 2018 at 07:41:44PM +0100, René Scharfe wrote: > > If we start to convert those, there's a > > little bit of a rabbit hole, but it's actually not too bad. > > You don't need to crawl in just for quick_has_loose(), but eventually > everything has to be converted. It seems a bit

git, monorepos, and access control

Hi, I'm an engineer with AMD. I'm looking at whether we could switch our internal version control to a monorepo, possibly one based on git and VFSForGit. One obstacle to moving AMD to git/VFSForGit is the lack of access control support in git. AMD has a lot of data whose distribution must be

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

On Wed, Dec 05 2018, SZEDER Gábor wrote: > On Wed, Dec 05, 2018 at 03:01:41PM +0100, Ævar Arnfjörð Bjarmason wrote: >> >> decide to stress test in advance, since we'd either flock() the trash >> >> dir, or just mktemp(1)-it. >> > >> > While 'mktemp' seems to be more portable than 'flock', it

Re: BUG: CR marker ^M doesn't show up in '-' lines of diffs when the ending of the removed line is CR+LF

Am 03.12.18 um 02:15 schrieb Junio C Hamano: > Frank Schäfer writes: > >> Hi Junio, >> >> Am 29.11.18 um 03:11 schrieb Junio C Hamano: >> [...] >>> This was misspoken a bit. Let's revise it to >>> >>> When producing a colored output (not limited to whitespace >>> error coloring of diff

Re: BUG: CR marker ^M doesn't show up in '-' lines of diffs when the ending of the removed line is CR+LF

Am 02.12.18 um 22:22 schrieb Johannes Sixt: > Am 02.12.18 um 20:31 schrieb Frank Schäfer: >> With other words: >> "If CR comes immediately before a LF, do the following with *all* lines: >> after the CR if eol=lf but do not after the CR if >> eol=crlf." > > Why? It is the pager's duty to

Re: gitweb: local configuration not found

On Wed, Dec 05 2018, Jonathan Nieder wrote: > Martin Mares wrote[1]: > >> After upgrade to Stretch, gitweb no longer finds the configuration file >> "gitweb_config.perl" in the current directory. However, "man gitweb" still >> mentions this as one of the possible locations of the config file

Re: [PATCH 8/9] sha1-file: use loose object cache for quick existence check

Am 05.12.2018 um 09:15 schrieb Jeff King: > On Wed, Dec 05, 2018 at 01:51:36AM -0500, Jeff King wrote: > >>> This >>> function is easily converted to struct object_id, though, as its single >>> caller can pass one on -- this makes the copy unnecessary. >> >> If you mean modifying

gitweb: local configuration not found

Martin Mares wrote[1]: > After upgrade to Stretch, gitweb no longer finds the configuration file > "gitweb_config.perl" in the current directory. However, "man gitweb" still > mentions this as one of the possible locations of the config file (and > indeed a useful one when using multiple

Re: [RFC] cherry-pick notes to find out cherry-picks from the origin

Hello, Jeff. On Thu, Nov 15, 2018 at 09:40:44AM -0500, Jeff King wrote: > Sorry for the slow reply. This was on my to-look-at pile, but for > some reason I accidentally put in my done pile. No worries and sorry about my late reply too. Things were a bit hectic. > > * A new built-in command

Re: Any way to make git-log to enumerate commits?

On Dez 05 2018, Elijah Newren wrote: > Or, just use name-rev so it works with non-linear histories too: > > git log | git name-rev --refs=$(git symbolic-ref HEAD) --stdin | less That wouldn't work for a detached HEAD, though, and you need to use --no-abbrev. Andreas. -- Andreas Schwab,

Re: [PATCH] rebase docs: fix incorrect format of the section Behavioral Differences

On Tue, Dec 4, 2018 at 11:40 PM Junio C Hamano wrote: > > Johannes Sixt writes: > > > Please let me deposit my objection. This paragraph is not the right > > place to explain what directory renme detection is and how it works > > under the hood. "works fine" in the original text is the right

Re: Any way to make git-log to enumerate commits?

On Wed, Dec 5, 2018 at 6:56 AM Konstantin Khomoutov wrote: > > On Wed, Dec 05, 2018 at 05:22:14PM +0300, Konstantin Kharlamov wrote: > > > It would be great if git-log has a formatting option to insert an > > index of the current commit since HEAD. > > > > It would allow after quitting the

Re: Any way to make git-log to enumerate commits?

On Wed, Dec 05, 2018 at 05:22:14PM +0300, Konstantin Kharlamov wrote: > It would be great if git-log has a formatting option to insert an > index of the current commit since HEAD. > > It would allow after quitting the git-log to immediately fire up "git > rebase -i HEAD~index" instead of "git

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

On Wed, Dec 05, 2018 at 03:01:41PM +0100, Ævar Arnfjörð Bjarmason wrote: > >> decide to stress test in advance, since we'd either flock() the trash > >> dir, or just mktemp(1)-it. > > > > While 'mktemp' seems to be more portable than 'flock', it doesn't seem > > to be portable enough; at least

Any way to make git-log to enumerate commits?

It would be great if git-log has a formatting option to insert an index of the current commit since HEAD. It would allow after quitting the git-log to immediately fire up "git rebase -i HEAD~index" instead of "git rebase -i go-copy-paste-this-long-number-id".

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

On Wed, Dec 05 2018, SZEDER Gábor wrote: > On Tue, Dec 04, 2018 at 07:11:08PM +0100, Ævar Arnfjörð Bjarmason wrote: >> It's a frequent annoyance of mine in the test suite that I'm >> e.g. running t*.sh with some parallel "prove" in one screen, and then I >> run tABCD*.sh manually, and get

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

On Wed, Dec 05, 2018 at 12:44:09AM -0500, Jeff King wrote: > On Tue, Dec 04, 2018 at 05:34:57PM +0100, SZEDER Gábor wrote: > > > To prevent the several parallel invocations of the same test from > > interfering with each other: > > > > - Include the parallel job's number in the name of the

Re: [PATCH 2/3] test-lib-functions: introduce the 'test_set_port' helper function

On Wed, Dec 05, 2018 at 12:17:09AM -0500, Jeff King wrote: > On Tue, Dec 04, 2018 at 05:34:56PM +0100, SZEDER Gábor wrote: > > > Several test scripts run daemons like 'git-daemon' or Apache, and > > communicate with them through TCP sockets. To have unique ports where > > these daemons are

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

On Tue, Dec 04, 2018 at 07:11:08PM +0100, Ævar Arnfjörð Bjarmason wrote: > It's a frequent annoyance of mine in the test suite that I'm > e.g. running t*.sh with some parallel "prove" in one screen, and then I > run tABCD*.sh manually, and get unlucky because they use the same trash > dir, and

Re: [RFC PATCH 3/3] test-lib: add the '--stress' option to run a test repeatedly under load

Just a quick reply to this one point for now: On Wed, Dec 05, 2018 at 12:44:09AM -0500, Jeff King wrote: > On Tue, Dec 04, 2018 at 05:34:57PM +0100, SZEDER Gábor wrote: > > + job_nr=0 > > + while test $job_nr -lt "$job_count" > > + do > > + wait > > + job_nr=$(($job_nr

Re: [PATCH 8/9] sha1-file: use loose object cache for quick existence check

On Wed, Dec 05, 2018 at 01:51:36AM -0500, Jeff King wrote: > > This > > function is easily converted to struct object_id, though, as its single > > caller can pass one on -- this makes the copy unnecessary. > > If you mean modifying sha1_loose_object_info() to take an oid, then > sure, I agree