On Fri, May 19, 2017 at 11:55:34PM +0200, Dennis Kaarsemaker wrote: > > > Presumably this isn't intended behaviour? > > > > It actually is. git-submodule sets GIT_PROTOCOL_FROM_USER to 0, which > > makes git not trust any urls except http(s), git, ssh and file urls > > unless you explicitely configure git to allow it. See the > > GIT_ALLOW_PROTOCOL section in man git and the git-config section it > > links to. > > 33cfccbbf3 (submodule: allow only certain protocols for submodule > fetches, 2015-09-16) says: > [...] > But doing it this way is > simpler, and makes it much less likely that we would miss a > case. And since such protocols should be an exception > (especially because nobody who clones from them will be able > to update the submodules!), it's not likely to inconvenience > anyone in practice. Yeah, I think the use of "insteadOf" here is a good counter-example to the reasoning in that commit message. The submodule itself has a vanilla protocol, so most users wouldn't need to configure anything. But somebody who has done a blanket insteadOf now needs to explicitly allow the protocol, too. So one workaround is just adding: [protocol "persistent-https"] allow = always next to the insteadOf config. And maybe that's enough. It's a little inconvenient, but it the user has to configure something either way. And it does give you some flexibility in deciding whether submodules get access to their special remote helper. The other approach is to declare that a url rewrite resets the protocol-from-user flag to 1. IOW, since the "persistent-https" protocol comes from our local config, it's not dangerous and we should behave as if the user themselves gave it to us. That makes Elliott's case work out of the box. -Peff