diff options
author | Patrick Steinhardt <ps@pks.im> | 2021-01-12 13:27:14 +0100 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2021-01-15 13:03:45 -0800 |
commit | d8d77153eafdb0fc334e827976f09e4bdff26b58 (patch) | |
tree | 9ad261640d42b1c2e5cf36830f6c797e711ee547 /builtin/update-ref.c | |
parent | environment: make `getenv_safe()` a public function (diff) | |
download | tgif-d8d77153eafdb0fc334e827976f09e4bdff26b58.tar.xz |
config: allow specifying config entries via envvar pairs
While we currently have the `GIT_CONFIG_PARAMETERS` environment variable
which can be used to pass runtime configuration data to git processes,
it's an internal implementation detail and not supposed to be used by
end users.
Next to being for internal use only, this way of passing config entries
has a major downside: the config keys need to be parsed as they contain
both key and value in a single variable. As such, it is left to the user
to escape any potentially harmful characters in the value, which is
quite hard to do if values are controlled by a third party.
This commit thus adds a new way of adding config entries via the
environment which gets rid of this shortcoming. If the user passes the
`GIT_CONFIG_COUNT=$n` environment variable, Git will parse environment
variable pairs `GIT_CONFIG_KEY_$i` and `GIT_CONFIG_VALUE_$i` for each
`i` in `[0,n)`.
While the same can be achieved with `git -c <name>=<value>`, one may
wish to not do so for potentially sensitive information. E.g. if one
wants to set `http.extraHeader` to contain an authentication token,
doing so via `-c` would trivially leak those credentials via e.g. ps(1),
which typically also shows command arguments.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'builtin/update-ref.c')
0 files changed, 0 insertions, 0 deletions