New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Anonymize URLs in the reflog #797
Conversation
To me this should be a per-new-repo option, or if that's not enabled a per-commit-enabled-user option for those new repos, not a new behavior forced on all users after a client upgrade, to elect their commits get anonymized or not. For some the current behavior IS a feature, I'd think, not a bug. |
You misunderstand. This is about the reflog. And about avoiding to write secrets to reflogs. |
/submit |
On the Git mailing list, Jeff King wrote (reply to this):
|
On the Git mailing list, Junio C Hamano wrote (reply to this):
|
This branch is now known as |
This patch series was integrated into pu via 9f4681d. |
This patch series was integrated into pu via 64cc9df. |
Even if we strongly discourage putting credentials into the URLs passed via the command-line, there _is_ support for that, and users _do_ do that. Let's scrub them before writing them to the reflog. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
11c0d47
to
933a735
Compare
This patch series was integrated into pu via 4d21865. |
/submit |
On the Git mailing list, Junio C Hamano wrote (reply to this):
|
This patch series was integrated into pu via 93e9c45. |
This patch series was integrated into pu via 9321da6. |
This patch series was integrated into pu via 3228781. |
This patch series was integrated into pu via 406df49. |
This patch series was integrated into next via 2901ff9. |
This patch series was integrated into pu via 7238482. |
This patch series was integrated into pu via 524caf8. |
This patch series was integrated into next via 524caf8. |
This patch series was integrated into master via 524caf8. |
Closed via 524caf8. |
This came up in an internal audit, but we do not consider this to be a big deal: the reflog is local and not really shared with anybody.
Changes since v1:
die()
to the last armdisplay_repo
(allocated bytransport_anonymize_url()
)