New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
setup: warn if extensions exist on old format #674
setup: warn if extensions exist on old format #674
Conversation
/submit |
Submitted as pull.674.git.1594668051847.gitgitgadget@gmail.com |
On the Git mailing list, Taylor Blau wrote (reply to this):
|
On the Git mailing list, Junio C Hamano wrote (reply to this):
|
On the Git mailing list, Derrick Stolee wrote (reply to this):
|
On the Git mailing list, Junio C Hamano wrote (reply to this):
|
5192050
to
9e89cc3
Compare
On the Git mailing list, Junio C Hamano wrote (reply to this):
|
On the Git mailing list, Derrick Stolee wrote (reply to this):
|
On the Git mailing list, Junio C Hamano wrote (reply to this):
|
Prior to 14c7fa2 (check_repository_format_gently(): refuse extensions for old repositories, 2020-06-05), Git was honoring configured extensions, even if core.repositoryFormatVersion was 0 (or unset). This was incorrect, and is now fixed. The issue now is that users who relied on that previously bad behavior will upgrade to the next version of Git and suddently be in a bad situation. In particular, users of the 'git sparse-checkout' command will rely on the extensions.worktreeConfig for the core.sparseCheckout and core.sparseCheckoutCone config options. Without that extension, these users will suddenly have repositories stop acting like a sparse repo. What is worse is that a user will be confronted with the following error if they try to run 'git sparse-checkout init' again: warning: unable to upgrade repository format from 0 to 1 This is because the logic in 14c7fa2 refuses to upgrae repos when the version is unset but extensions exist. One possible way to alert a user of this issue is to warn them when Git notices an extension exists, but core.repositoryFormatVersion is not a correct value. However, - it requires the end-user to read, understand and execute the manual upgrade - it encourages to follow the same procedure blindly, making the protection even less useful Let's instead keep failing hard without teaching how to bypass the repository protection, but allow upgrading even when only the worktreeconfig extension exists in an old repository, which is likely to be set by a broke version of Git that did not update the repository version when setting the extension. This change of behavior is made visible by testing how 'git sparse-checkout init' behaves to upgrade the repository format version even if the extension.worktreeConfig is already set. This would previously fail without a clear way forward. Signed-off-by: Junio C Hamano <gitster@pobox.com> Signed-off-by: Derrick Stolee <dstolee@microsoft.com>
When any `extensions.*` setting is configured, we newly ignore it unless `core.repositoryFormatVersion` is set to a positive value. This might be quite surprising, e.g. when calling `git config --worktree [...]` elicits a warning that it requires `extensions.worktreeConfig = true` when that setting _is_ configured (but ignored because `core.repositoryFormatVersion` is unset). Let's warn about this situation specifically, especially because there might be already setups out there that configured a sparse worktree using Git v2.27.0 (which does set `extensions.worktreeConfig` but not `core.repositoryFormatVersion`) and users might want to work in those setups with Git v2.28.0, too. This warning is specifically placed inside an existing error message for 'git config --worktree' that already fails if the repository format version is not 1. Reported-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Derrick Stolee <dstolee@microsoft.com>
9e89cc3
to
e11e973
Compare
/submit |
Submitted as pull.674.v2.git.1594690017.gitgitgadget@gmail.com |
On the Git mailing list, Jonathan Nieder wrote (reply to this):
|
On the Git mailing list, Junio C Hamano wrote (reply to this):
|
@@ -1042,8 +1042,8 @@ struct repository_format { | |||
int worktree_config; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On the Git mailing list, Johannes Schindelin wrote (reply to this):
Hi Stolee,
On Tue, 14 Jul 2020, Derrick Stolee via GitGitGadget wrote:
> This is because the logic in 14c7fa269e4 refuses to upgrae repos when
> the version is unset but extensions exist.
s/upgrae/upgrade/
The rest looks good to me.
Thank you for working on this,
Dscho
> One possible way to alert a user of this issue is to warn them when Git
> notices an extension exists, but core.repositoryFormatVersion is not a
> correct value. However,
>
> - it requires the end-user to read, understand and execute the
> manual upgrade
>
> - it encourages to follow the same procedure blindly, making the
> protection even less useful
>
> Let's instead keep failing hard without teaching how to bypass the
> repository protection, but allow upgrading even when only the
> worktreeconfig extension exists in an old repository, which is
> likely to be set by a broke version of Git that did not update the
> repository version when setting the extension.
>
> This change of behavior is made visible by testing how 'git
> sparse-checkout init' behaves to upgrade the repository format version
> even if the extension.worktreeConfig is already set. This would
> previously fail without a clear way forward.
>
> Signed-off-by: Junio C Hamano <gitster@pobox.com>
> Signed-off-by: Derrick Stolee <dstolee@microsoft.com>
> ---
> cache.h | 2 +-
> setup.c | 12 ++++++++----
> t/t1091-sparse-checkout-builtin.sh | 12 ++++++++++++
> 3 files changed, 21 insertions(+), 5 deletions(-)
>
> diff --git a/cache.h b/cache.h
> index e5885cc9ea..8ff46857f6 100644
> --- a/cache.h
> +++ b/cache.h
> @@ -1042,8 +1042,8 @@ struct repository_format {
> int worktree_config;
> int is_bare;
> int hash_algo;
> - int has_extensions;
> char *work_tree;
> + int has_unallowed_extensions;
> struct string_list unknown_extensions;
> };
>
> diff --git a/setup.c b/setup.c
> index eb066db6d8..65270440a9 100644
> --- a/setup.c
> +++ b/setup.c
> @@ -455,12 +455,13 @@ static int check_repo_format(const char *var, const char *value, void *vdata)
> if (strcmp(var, "core.repositoryformatversion") == 0)
> data->version = git_config_int(var, value);
> else if (skip_prefix(var, "extensions.", &ext)) {
> - data->has_extensions = 1;
> /*
> * record any known extensions here; otherwise,
> * we fall through to recording it as unknown, and
> * check_repository_format will complain
> */
> + int is_unallowed_extension = 1;
> +
> if (!strcmp(ext, "noop"))
> ;
> else if (!strcmp(ext, "preciousobjects"))
> @@ -469,10 +470,13 @@ static int check_repo_format(const char *var, const char *value, void *vdata)
> if (!value)
> return config_error_nonbool(var);
> data->partial_clone = xstrdup(value);
> - } else if (!strcmp(ext, "worktreeconfig"))
> + } else if (!strcmp(ext, "worktreeconfig")) {
> data->worktree_config = git_config_bool(var, value);
> - else
> + is_unallowed_extension = 0;
> + } else
> string_list_append(&data->unknown_extensions, ext);
> +
> + data->has_unallowed_extensions |= is_unallowed_extension;
> }
>
> return read_worktree_config(var, value, vdata);
> @@ -560,7 +564,7 @@ int upgrade_repository_format(int target_version)
> return 0;
>
> if (verify_repository_format(&repo_fmt, &err) < 0 ||
> - (!repo_fmt.version && repo_fmt.has_extensions)) {
> + (!repo_fmt.version && repo_fmt.has_unallowed_extensions)) {
> warning("unable to upgrade repository format from %d to %d: %s",
> repo_fmt.version, target_version, err.buf);
> strbuf_release(&err);
> diff --git a/t/t1091-sparse-checkout-builtin.sh b/t/t1091-sparse-checkout-builtin.sh
> index 88cdde255c..6e339c7c8e 100755
> --- a/t/t1091-sparse-checkout-builtin.sh
> +++ b/t/t1091-sparse-checkout-builtin.sh
> @@ -68,6 +68,18 @@ test_expect_success 'git sparse-checkout init' '
> check_files repo a
> '
>
> +test_expect_success 'git sparse-checkout works if repository format is wrong' '
> + test_when_finished git -C repo config core.repositoryFormatVersion 1 &&
> + git -C repo config --unset core.repositoryFormatVersion &&
> + git -C repo sparse-checkout init &&
> + git -C repo config core.repositoryFormatVersion >actual &&
> + echo 1 >expect &&
> + git -C repo config core.repositoryFormatVersion 0 &&
> + git -C repo sparse-checkout init &&
> + git -C repo config core.repositoryFormatVersion >actual &&
> + test_cmp expect actual
> +'
> +
> test_expect_success 'git sparse-checkout list after init' '
> git -C repo sparse-checkout list >actual &&
> cat >expect <<-\EOF &&
> --
> gitgitgadget
>
>
On the Git mailing list, Johannes Schindelin wrote (reply to this):
|
This branch is now known as |
This patch series was integrated into seen via git@9e39591. |
This patch series was integrated into seen via git@1eeb0d5. |
This patch series was integrated into seen via git@5eb075c. |
This patch series was integrated into seen via git@adac119. |
This patch series was integrated into seen via git@f037a78. |
This patch series was integrated into seen via git@4f97083. |
This is dropped in favor of other patches. |
This is based on xl/upgrade-repo-format.
Thanks, Taylor and Junio for jumping in with helpful review.
Updates in v2:
My initial patch is essentially dropped in its entirety, with Junio's patch here instead. I added an extra test and kept some of my commit message.
A second patch has joined the fray, hopefully answering the concerned raise by Johannes [1].
[1] https://lore.kernel.org/git/pull.675.git.1594677321039.gitgitgadget@gmail.com/
Thanks,
-Stolee
Cc: newren@gmail.com, delphij@google.com, peff@peff.net, johannes.schindelin@gmx.de, me@ttaylorr.com