On Thu, Aug 15, 2019 at 10:15:24AM -0400, Derrick Stolee wrote: > > - Do we want to advertise the Git mailing list for bug reports? > > That is possible. Isn't there another mailing list for git users? I know there's an IRC channel for Git users, I dunno about mailing list. I'm worried that places I name as points of contact will grow stale, although I suppose #git on freenode isn't really going anywhere, for example. (But as a counterexample, I hope that nobody sends something like this to #git-devel, which seems to have a lower population than this mailing list.) > > I could see a patch added on top of this for git-for-windows/git that > changes the instructions to create issues on GitHub. Indeed; I imagine we'd probably like to patch it to ask for bugs in our bug tracker. > > > - Which config options should we filter to avoid accidentally receiving > > credentials? > > The remote URLs are pretty sensitive. Not only do users sometimes put passwords > or PATs into their URLs, the literal name of the repo could be a secret. Now here's where I start to wonder. We often debug internally by asking for the remote URL and replicating the issue there, which is why I mentioned it explicitly in the commit message. But I hadn't considered folks including the password in the URL. Well, I suppose anybody can keep a local patch to change the config filter pattern. I'll try to make it easy to spot and modify. [snip] > At first I was alarmed by "What? another shell script?" but this command should > prioritize flexibility and extensibility over speed. Running multiple processes > shouldn't be too taxing for what we are trying to do here. If shell scripts are entirely deprecated I can convert it, but doing it in C seemed like overkill when I really just wanted "what are all the commands we would ask the user to run and tell us the output?". I figured also that it would be a little more immune to bitrot to output the contents of porcelain commands here. > > + echo "[Git Config]" > > + # TODO: Pass this through grep -v to avoid users sending us their credentials. > > + git config --show-origin --list > > + echo > > Config options to consider stripping out: > > *url* > *pass* (anything "password" but also "sendmail.smtppass") Done, thanks. > > > + echo "[Configured Hooks]" > > + find "$GIT_DIR/hooks/" -type f | grep -v "\.sample$" | print_filenames_and_content > > + echo > > Remove the sample hooks, but focus on the others. Will this look like garbage if a hook > is a binary file? Yeah, I'm sure it will. I'll add a check to print_filenames_and_content() so it can tell us if there is a hook installed there, even if we can't see the content. > > > + > > + echo "[Git Logs]" > > + find "$GIT_DIR/logs" -type f | print_filenames_and_content > > + echo > > As mentioned before, I've sometimes found it helpful to know the data shape for the object > store. Having a few extra steps such as the following could be nice: > > echo "[Loose Objects]" > for objdir in $(find "$GIT_DIR/objects/??" -type d) > do > echo "$objdir: $(ls $objdir | wc -l)" `echo "$objdir: $(ls $objdir | wc -l) objects` I'll add context so we don't need to have the bugreport script memorized in order to read a bugreport :) > done > echo > > echo "[Pack Data]" > ls -l "$GIT_DIR/objects/pack" > echo > > echo "[Object Info Data]" > ls -lR "$GIT_DIR/objects/info" > echo > > echo "[Alternates File]" > echo "========" > cat "$GIT_DIR/objects/info/alternates" > echo > > That last one will collect information on the commit-graph file, even if it is an > incremental file. Thanks Stolee, these are awesome and exactly the kind of feedback I was hoping for. > > I think this is a great start, and I'll take some time later to try it out. > > Thanks, > -Stolee Awesome. I'm excited to hear how it goes. - Emily
