Am 01.03.21 um 18:54 schrieb Junio C Hamano: > René Scharfe. <l.s.r@xxxxxx> writes: > >> Am 17.02.21 um 19:31 schrieb Jeff King: >>> On Sun, Feb 14, 2021 at 11:10:57AM +0100, René Scharfe. wrote: >>> >>>> Allow restricting the tags used by the placeholder %(describe) with the >>>> options match and exclude. E.g. the following command describes the >>>> current commit using official version tags, without those for release >>>> candidates: >>>> >>>> $ git log -1 --format='%(describe:match=v[0-9]*,exclude=*rc*)' >>> >>> An interesting side effect of this series is that it allows remote users >>> asking for archives to fill in this data, too (by using export-subst >>> placeholders). That includes servers allowing "git archive --remote", >>> but also services like GitHub that will run git-archive on behalf of >>> clients. >>> >>> I wonder what avenues for mischief this provides. Certainly using extra >>> CPU to run git-describe. >> >> A repository can contain millions of files, each file can contain >> millions of $Format:...$ sequences and each of them can contain millions >> of %(describe) placeholders. Each of them could have different match or >> exclude args to prevent caching. Allowing a single request to cause >> trillions of calls of git describe sounds excessive. Let's limit this. > > An invocation of "git archive" would have to deal with a single > commit, no? I wonder if it is a more fruitful direction to go to > teach format_subst() to "cache" the mapping from <placeholders> to > <resulting-string> and reuse. Yes, git archive only works on a single commit. Caching cannot help against a DoS attack using describe placeholders with different match or exclude arguments. René
