On Thu, Apr 28, 2016 at 02:19:37PM +0200, Johannes Schindelin wrote: > > Should we consider just white-listing all of "http.*"? > > > > That would help other cases which have come up, like: > > > > http://thread.gmane.org/gmane.comp.version-control.git/264840 > > > > which wants to turn off http.sslverify. That would mean it turns off for > > every submodule, too, but if you want to be choosy about your http > > variables, you should be using the "http.$URL.sslverify" form, to only > > affect specific servers (whether they are in submodules or not). > > I considered that, and thought that it might be dangerous, what with me > not vetting carefully which http.* variables are safe to pass on to the > submodules' update and which are not. BTW, just in case you or anybody else ends up playing around with this and finds your tests do not work as expected: the config pass-through feature is somewhat broken for anything except cloning. I just posted some fixes in: http://thread.gmane.org/gmane.comp.version-control.git/292466/focus=292875 -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html