Junio C Hamano <gitster@xxxxxxxxx> writes: > Suggested reading: > > http://git-blame.blogspot.com/2011/08/how-to-inject-malicious-commit-to-git.html > > I am wondering if we are better off applying something along the lines of > this patch, so that with the default configuration, users can notice if > their upstream unexpectedly rewound their branches. > > It would produce > > [remote] > url = git://.../git.git/ > fetch = refs/heads/*:refs/remotes/origin/* > > upon cloning from my repository, and your "git fetch" will fail because > the pu (proposed updates) branch is constantly unwinding, but that can be > easily fixed with > > > [remote] > url = git://.../git.git/ > fetch = refs/heads/*:refs/remotes/origin/* > fetch = +refs/heads/pu:refs/remotes/origin/pu > > as the explicit refspec trumps the wildcard one. It appears that we have a glitch somewhere in the implementation. We should make the explicit refspec trump the wildcarded ones. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html