On Tue, Jun 11, 2024 at 12:45:40PM +0000, blanet via GitGitGadget wrote: > While attempting to fix a reference negotiation bug in bundle-uri, we > identified that the fetch process lacks some crucial object validation > checks when processing bundles. The primary issues are: > > 1. In the bundle-uri scenario, object IDs were not validated before writing > bundle references. This was the root cause of the original negotiation > bug in bundle-uri and could lead to potential repository corruption. > 2. The existing "fetch.fsckObjects" and "transfer.fsckObjects" > configurations were not applied when directly fetching bundles or > fetching with bundle-uri enabled. In fact, there were no object > validation supports for unbundle. > > The first patch addresses the bundle-uri negotiation issue by removing the > REF_SKIP_OID_VERIFICATION flag when writing bundle references. > > Patches 2 through 3 extend verify_bundle_flags for bundle.c:unbundle to add > support for object validation (fsck) in fetch scenarios, mainly following > the suggestions from Junio and Patrick on the mailing list. Thanks, this version looks good to me. Patrick
Attachment:
signature.asc
Description: PGP signature
