On 11/03, Jeff King wrote: > > So this seems like a reasonable direction to me. It obviously needs > documentation and tests. Arguably there should be a fallback "allow" > value when a protocol is not mentioned in the config so that you could > convert the default from "user" to "never" if you wanted your config to > specify a pure whitelist. Yes I agree there should probably be a fallback value of 'never' maybe? What you currently have preserves the behavior of what git does now, if we did instead have a fallback of 'never' it would break current users who don't already use GIT_ALLOW_PROTOCOL (well only if they use crazy protocols). We could ease into it though and start with default to allow and then transition to a true whitelist sometime after this change has been made? > > Without that, I think we'd want to keep GIT_ALLOW_PROTOCOL for the truly > paranoid (though we should keep it indefinitely either way for backwards > compatibility). > > Do you have interest in picking this up and running with it? Yep! Thanks for the help in shaping this. -- Brandon Williams