On Fri, May 30, 2014 at 7:07 AM, Jeff King <peff@xxxxxxxx> wrote: > But then we're just trusting that the "trust me" flag on disk is > correct. Why not just trust that packed-refs is correct in the first > place? I missed one thing in the first reply: because packed-refs is a plain text file, the user could be tempted to edit it manually (I know I did a few times for fast rename) and so it could not be trusted. If we ignore this (and I think we can, it's not like we encourage people to edit files in $GIT_DIR), then #3 and #4 are as good as #2. > > IOW, consider this progression of changes: > > 1. Check refname format when we read packed-refs (the current > behavior). > > 2. Keep a separate file "packed-refs.stat" with stat information. If > the packed-refs file matches that stat information, do not bother > checking refname formats. > > 3. Put a flag in "packed-refs" that says "trust me, I'm valid". Check > the refnames when it is generated. > > 4. Realize that we already check the refnames when we write it out. > Don't bother writing "trust me, I'm valid"; readers can assume that > it is. > > What is the scenario that option (2) protects against that options (3) > and (4) do not? -- Duy -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html