On Tue, Feb 07 2023, Junio C Hamano wrote: > Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx> writes: > >>> From the user's perspective, this is weirdly inconsistent with the >>> existing diff attributes, which would be more like: >>> >>> # in .gitattributes >>> *.json diff=json >>> >>> # in config >>> [diff "json"] >>> algorithm = histogram >> >> That does look more elegant. > > We use attributes to define what it is, while configurations are > used to define what to do on different things. The separation of > attributes and configuration came not from "elegance" or "security" > but from a lot more practical reasons. > > For a tracked file, the fact that it contains JSON text as payload > does not change per user who cloned the project, or per platform the > user used to do so. In-tree .gitattributes that the project > controls is a perfect way to define what it is for each file. > > On the other hand, the diff program suitable to compare two JSON > files may vary per platform (your favorite Windows program may not > be available to me) and per user (a platform may support more than > one and the choice becomes the matter of personal taste). > > The security aspect of giving users tighter control over which exact > programs are to be run by not allowing the attributes or so called > in-tree configuration mechansim is a small bonus that fell out as a > consequence. To clarify, I'm not suggesting that we ever read arbitrary parts of the "diff.<driver>.<key>" config space, but that we could whitelist one set of "diff.<driver>.<known-key>"="<known-values>". The reason to do it being that, as Jeff points out, that config mechanism is already established, and arguably more elegant. I.e. that this is a natural fit for "diff=<driver>" in .gitattributes), and that mechanism is already tied to config as Jeff's example shows. Some of your reply seems like it assumed that I was suggesting that we read "diff.algorithm" (i.e. a config setting to apply for all paths) from an in-repo .gitconfig. I wasn't suggesting that, nor that we open Pandora's box on starting a limited in-repo .gitconfig support with anything remotely to do with executing arbitrary commands (which the full "diff.<driver>.<key>" space does support).
