It's been a couple of months since I submitted v2 of this. This takes into account all the feedback in the previous thread (https://public-inbox.org/git/20180525192811.25680-1-avarab@xxxxxxxxx/). To recap, this series is mainly about implementing fetch.fsck.<msg-id>, so you can turn on transfer.fsckObjects=true and still allow "fetch" to fetch a whitelist of repos. I wrote this because I turned transfer.fsckObjects=true on internally while the .gitmodules security issue was still under embargo, but then found that we couldn't clone various repos with historical issues anymore. It's now 10 patches instead of 5. I rolled the spiritual successor of https://public-inbox.org/git/20180529211950.26896-1-avarab@xxxxxxxxx/ into this series (as documentation, not tests), and noticed many more things along the way that were already broken or not tested for. Three of those come after the "fetch.fsck.*" implementation, not because they rely on that new feature, but because now fetch.fsck.* is one of the three modes (along with fsck and receive) that we'd like to test. Ævar Arnfjörð Bjarmason (10): receive.fsck.<msg-id> tests: remove dead code config doc: don't describe *.fetchObjects twice config doc: unify the description of fsck.* and receive.fsck.* config doc: elaborate on what transfer.fsckObjects does config doc: elaborate on fetch.fsckObjects security transfer.fsckObjects tests: untangle confusing setup fetch: implement fetch.fsck.* fsck: test & document {fetch,receive}.fsck.* config fallback fsck: add stress tests for fsck.skipList fsck: test and document unknown fsck.<msg-id> values Documentation/config.txt | 138 ++++++++++++++++++++++++-------- fetch-pack.c | 32 +++++++- t/t5504-fetch-receive-strict.sh | 126 ++++++++++++++++++++++++++++- 3 files changed, 255 insertions(+), 41 deletions(-) -- 2.18.0.345.g5c9ce644c3
