On 30 April 2013 18:58, John Szakmeister <john@xxxxxxxxxxxxxxx> wrote: > On Tue, Apr 30, 2013 at 1:05 PM, Matthieu Moy > <Matthieu.Moy@xxxxxxxxxxxxxxx> wrote: >> Junio C Hamano <gitster@xxxxxxxxx> writes: >> >>> By the way, these options are _not_ about "showing merge commits >>> that introduce code", and they do not help your kind of "security". >>> As I repeatedly said, you would need "-p -m" for that. >> >> Actually, while defaulting to --cc may be convenient, it would indeed >> increase the security risk: currently, "git log -p" shows nothing for >> merges, so it's rather clear that _everything_ is omitted. With --cc, >> the user would see a diff, and could hardly guess that not everything is >> shown without reading the doc very carefully. > > I don't believe it's that clear. I bet people assume there's nothing > to show, and unless you dig in and discover that `-p` doesn't include > merges. In git 1.8.2, `git help log` doesn't seem to make any mention > of `-p` not showing a diff for merges. > > Just to see, I asked several people around here whether they knew `-p` > didn't show diffs for merges, and they were all surprised that diffs > were being omitted for merge commits. Is there no way to fix --cc to work even in the edge cases? John -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html