On Thu, Sep 1, 2011 at 11:39, Junio C Hamano <gitster@xxxxxxxxx> wrote: > Junio C Hamano <gitster@xxxxxxxxx> writes: > >> Suggested reading: >> >> http://git-blame.blogspot.com/2011/08/how-to-inject-malicious-commit-to-git.html >> >> I am wondering if we are better off applying something along the lines of >> this patch, so that with the default configuration, users can notice if >> their upstream unexpectedly rewound their branches. >> >> It would produce >> >> [remote] >> url = git://.../git.git/ >> fetch = refs/heads/*:refs/remotes/origin/* >> >> upon cloning from my repository, and your "git fetch" will fail because >> the pu (proposed updates) branch is constantly unwinding, but that can be >> easily fixed with >> >> >> [remote] >> url = git://.../git.git/ >> fetch = refs/heads/*:refs/remotes/origin/* >> fetch = +refs/heads/pu:refs/remotes/origin/pu >> >> as the explicit refspec trumps the wildcard one. > > It appears that we have a glitch somewhere in the implementation. We > should make the explicit refspec trump the wildcarded ones. This is a great idea. :-) -- Shawn. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html