Mike Hommey <mh@xxxxxxxxxxxx> writes: > Running `git ls-remote $helper::$url` crashes when run outside a git > repo and the helper uses the import feature. > > Here is a minimal reproducer: > ``` > $ cat > git-remote-foo <<EOF > #!/bin/sh > echo import > echo refspec '*:*' > EOF > $ chmod +x git-remote-foo > $ PATH=$PWD:$PATH git ls-remote foo::bar > ``` > > The crash happens in parse_refspec in refspec.c, on a deref of the_hash_algo, > because the_hash_also is not set anymore at that point since c8aed5e8da. Thanks for a report, Mike. Patrick, we have expected reports like this when we did c8aed5e8 (repository: stop setting SHA1 as the default object hash, 2024-05-07), so it is not very surprising. In general, I think any command that is designed to be usable outside a repository should continue to fall back and use SHA-1, at least for now. A command like ls-remote _might_ want to do even better by waiting until it has a chance to inspect what the other side said before setting the hash-algo, or even better is to make it work without having any concrete value in the hash-algo. After all, when SHA-256 repositories become common out in the world, you should be able to say ls-remote against them from your SHA-1 repository and the fact that the hash-algo is read from local repository and set to SHA-1 should *not* negatively affect our ability to receive the ls-remote response from SHA-256 repositories. But that are all for longer term future. At least assuming SHA-1 like we have always done should be better than the current situation. Thanks.
