On Thu, Oct 13, 2022 at 05:43:47PM +0000, Glen Choo via GitGitGadget wrote: > From: Glen Choo <chooglen@xxxxxxxxxx> > > Protected config is implemented by reading a fixed set of paths, > which ignores config [include]-s. Replace this implementation with a > call to config_with_options(), which handles [include]-s and saves us > from duplicating the logic of 1) identifying which paths to read and 2) > reading command line config. FWIW, this left me scratching my head for a moment, as I thought it was advocating reading includes from unsafe sources (which, since they can specify arbitrary paths, can cause various bits of mischief). But looking at the patch, you mean that when reading potentially-unsafe sources, we'll skip the unsafe ones (like .git/config) entirely, but we fail to respect includes in the safe ones (like ~/.gitconfig)? That makes sense. -Peff
