On Thu, Jan 07, 2016 at 10:00:07AM -0800, Junio C Hamano wrote: > Richard Maw <richard.maw@xxxxxxxxxxxxxxx> writes: > > This is inconvenient for us, > > as we were explicitly using refspecs which didn't force the fetch, > > since we were using the "non fast-forward update" errors > > to detect whether upstream force pushed important refs > > which could be a sign of tampering. > > > > While the client doesn't have enough information > > the server has those commits. > > Would it make sense for the server to be able to tell the client > > "trust me, that commit is a descendant of the previous one"? > > It does not in our security model, as you do not blindly trust the > other side, whether you are a "client" or a "server". Fair enough. I didn't know whether Git passed responsibility for that to the transport layer. Would a mode for fetch to also include the commit chain without the trees fit the security model? -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html