On Wed, Jan 11, 2012 at 06:46:56PM -0800, Junio C Hamano wrote: > Carlos Martín Nieto <cmn@xxxxxxxx> writes: > > > The tightening done in (ee27ca4a: archive: don't let remote clients > > get unreachable commits, 2011-11-17) went too far and disallowed > > HEAD:Documentation as it would try to find "HEAD:Documentation" as a > > ref. > > I do not think it went too far. Actually we discussed this exact issue > when the topic was cooking, and saw no objections. The commit in question > itself advertises this restriction. I think you and I discussed it off list (I originally took this off-list because the original issue did have some security implications). So I don't think people necessarily had a chance to object. > Why are we loosening it now? I do not see a compelling reason to do so. I see it the opposite way. People are clearly using the "$ref:$path" syntax. So why would we restrict them from doing so? There are no security implications (i.e., they could always just grab $ref and extract $path themselves). In my view, ee27ca4a was over-eager in its restrictions because I wanted it to be simple and close the hole. Now we can take our time adding more code to loosen it. -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html