On Wed, Aug 07, 2019 at 04:17:49AM +, brian m. carlson wrote:
> > I think if we at least choose the left-most "--" as the official
> > end-of-options then they can't inject an option (they can only inject a
> > rev as a path). I guess that's the same as with --end-of-options. But it
> > someho
On Tue, Aug 06, 2019 at 08:14:59PM +0200, SZEDER Gábor wrote:
> On Tue, Aug 06, 2019 at 01:38:17PM -0400, Jeff King wrote:
> > Nothing about "--" is changed by my series; it will still stop option
> > interpretation in rev-list and in other commands. But as before,
> > rev-list (and other Git comm
On Wed, Aug 07, 2019 at 04:17:49AM +, brian m. carlson wrote:
> On 2019-08-06 at 23:43:20, Jeff King wrote:
> > On Tue, Aug 06, 2019 at 10:58:53PM +, brian m. carlson wrote:
> > > Sorry, I hadn't had a chance to look at this series in depth, but I was
> > > wondering: could we not just acce
On 2019-08-06 at 23:43:20, Jeff King wrote:
> On Tue, Aug 06, 2019 at 10:58:53PM +, brian m. carlson wrote:
> > Sorry, I hadn't had a chance to look at this series in depth, but I was
> > wondering: could we not just accept two separate "--" arguments, and if
> > there are two of them, interpre
On Tue, Aug 06, 2019 at 10:58:53PM +, brian m. carlson wrote:
> On 2019-08-06 at 14:38:30, Jeff King wrote:
> > It's hard for scripted uses of rev-list, etc, to avoid option injection
> > from untrusted arguments, because revision arguments must come before
> > any "--" separator. I.e.:
> >
>
On 2019-08-06 at 14:38:30, Jeff King wrote:
> It's hard for scripted uses of rev-list, etc, to avoid option injection
> from untrusted arguments, because revision arguments must come before
> any "--" separator. I.e.:
>
> git rev-list "$revision" -- "$path"
>
> might mistake "$revision" for an
On Tue, Aug 06, 2019 at 01:38:17PM -0400, Jeff King wrote:
> Nothing about "--" is changed by my series; it will still stop option
> interpretation in rev-list and in other commands. But as before,
> rev-list (and other Git commands that use the revision.c parser) use it
> to separate revisions and
On August 6, 2019 1:38 PM, Jeff King wrote:
> To: Randall S. Becker
> Cc: 'Junio C Hamano' ; git@vger.kernel.org
> Subject: Re: [PATCH 0/3] --end-of-options marker
>
> On Tue, Aug 06, 2019 at 12:36:26PM -0400, Randall S. Becker wrote:
>
> > > > This s
On Tue, Aug 06, 2019 at 12:36:26PM -0400, Randall S. Becker wrote:
> > > This series provides an alternative to "--" to stop option parsing
> > > without indicating that further arguments are pathspecs.
>
> Would this offer the opportunity to, in the long term, supply options to
> external diff e
On Tue, Aug 06, 2019 at 09:24:38AM -0700, Junio C Hamano wrote:
> Jeff King writes:
>
> > It's hard for scripted uses of rev-list, etc, to avoid option injection
> > from untrusted arguments, because revision arguments must come before
> > any "--" separator. I.e.:
> >
> > git rev-list "$revis
On August 6, 2019 12:25 PM, Junio wrote:
> Jeff King writes:
>
> > It's hard for scripted uses of rev-list, etc, to avoid option
> > injection from untrusted arguments, because revision arguments must
> > come before any "--" separator. I.e.:
> >
> > git rev-list "$revision" -- "$path"
> >
> >
Jeff King writes:
> It's hard for scripted uses of rev-list, etc, to avoid option injection
> from untrusted arguments, because revision arguments must come before
> any "--" separator. I.e.:
>
> git rev-list "$revision" -- "$path"
>
> might mistake "$revision" for an option (with rev-list, tha
12 matches
Mail list logo
