-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow to set fetch options in .lfsconfig #4111
Comments
Hey, I don't know how other folks on @git-lfs/core, but my personal preference is to strictly limit the keys in the In general, I prefer not to add to the keys here because they have such a huge security problem potential. But, having said that, perhaps you could convince one of the other core team members to review and merge a PR that added these to the allowlist and documentation, and if so, I wouldn't stand in the way. I may just be overly cautious about security. |
Hi, Overall, I think we shouldn't prevent legitimate use-cases (in this case the desire to provide sensible defaults for a specific use-case) in order to shield users from inconveniences caused by maliciously repository owners. As long as the keys are generally safe, which the fetch options are, I'd argue for a liberal approach. This goes directly to the intends of Git LFS, the usage should be for end-users. By not allowing these customization to be set by an expert for the entire repository, it actually becomes more complicated for end-users. I'm a C++ dev, so I might be biased, since we make it a point to allow users to shoot themselves in the |
I have added a pull request which adds the mentioned keys and and updates documentation. |
There hasn't been any new comments in almost a month. I would still be interested to get this working tho. Our current workaround is to add an |
As @jungstar said, adding large data to the HEAD would have the same result, so what is the point ? |
At the end of config/git_fetcher.go there is a list of safe keys which limit what can be read from
.lfsconfig
. Some of the fetch options likelfs.fetchinclude/exclude
are marked as safe, while others are not.I agree that some settings are not safe, however, there are others that are but are disabled regardless.
Namely, the remaining fetch settings:
In my case, we have a team of testers which switch regularly between branches. Without specifying
--recent
or settinglfs.fetchrecentalways
you quickly end up onbranchA
wanting to switch tobranchB
but lfs files are missing while recent commits have been received viagit pull
onbranchA
. Now a working network connection is required to switch branches and access required lfs files onbranchB
We want to specify sensible defaults for our testers without setting these properties locally.
But whatever the use-case, I think these settings can be considered safe and there shouldn't be a reason to exclude them even if the use-case seems limited.
The text was updated successfully, but these errors were encountered: