* G?bor Szeder <szeder@xxxxxxxxxx> [2014-04-24 23:10:10 +0430]: > > I'd like to see this patch eyeballed by those who have been involved > > in the script (shortlog and blame tells me they are SZEDER and > > Simon, CC'ed), so that we can hopefully merge it by the time -rc1 is > > tagged. > > I think this is a sensible thing to do. However, for now I can only check the patch on my phone, hence I can't say any more (e.g. acked or reviewed by) than that, unfortunately. Ditto for me, though I've gone so far as to try it (it works for me). At the time I wrote the patch I honestly forgot to think about the security implications and from the description, this is closing a hole. There are situations where you're not in control of a branch name (though tbh, I think you'd have to be in an automated situation to check out a branch that is basically a command to hack your system, a human would probably figure it too cumbersome, or too fishy) > > > > + # not needed anymore; keep user's > > > + # environment clean > > > + unset __git_ps1_upstream_name > > > + fi > > We already have a lot of stuff in the user's environment beginning with __git, so I don't think the unset is necessary. If people rely on the string being set in their scripts, it can be bad to remove it. But if it's new in this patch, I don't see the need to keep it. Cruft is bad IMO. Cheers Simon -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html