Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Maybe it's intended? If you specify a directory for something in your git config it sounds reasonable to assume you trust it.

That said, if it is intended, I'm surprised there isn't a comment mentioning that because it certainly looks like a bug.



I considered that too... but not sure. There's also the fact that it'll reset is_safe to 0 on each config line... which is likely not intended. Seems like a rushed patch. Unless I'm seriously misunderstanding how that read_very_early_config function works (it calls the cb for each key-value pair in the config, I'm assuming).


It does. In fact every time that function is called it completely reparses all the config files. That seems like a really weird choice to me, since there are dozens of functions that do this to check individual settings, but I guess in practice it’s not really that slow.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: