git clone --depth=20 $url; git checkout $hash How to verify that I have the contents I think I have - given that I trust my local git executable? Would it be enough to also store the git log --pretty=format:%T $hash value and check that only? %T is the root tree hash. Does git checkout verify the file tree checksum when receiving all blob objects from a server? Then verifying that %T didn't change should be enough to enable me fetching sources and trust them without running git fsck which would fetch all history. Marc Weber -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html