From: Junio C Hamano <gitster@pobox•com>
To: "Pyeron\, Jason J CTR \(US\)" <jason.j.pyeron.ctr@mail•mil>
Cc: "git\@vger.kernel.org" <git@vger•kernel.org>
Subject: Re: git bundle format
Date: Mon, 26 Nov 2012 12:38:17 -0800 [thread overview]
Message-ID: <7vvccsqeva.fsf@alter.siamese.dyndns.org> (raw)
In-Reply-To: <871B6C10EBEFE342A772D1159D13208537ABF5AB@umechphj.easf.csd.disa.mil> (Jason J. Pyeron's message of "Mon, 26 Nov 2012 19:24:54 +0000")
"Pyeron, Jason J CTR (US)" <jason.j.pyeron.ctr@mail•mil> writes:
> In this situation we should assume that the bundle does not have
> any content which is already in the public repository, that is it
> has the minimum data to make it pass a git bundle verify from the
> public repositories point of view. We would then take the bundle
> and pipe it though the "git-bundle2text" program which would
> result in a "human" inspectable format as opposed to the packed
> format[2]. The security reviewer would then see all the
> information being released and with the help of the public
> repository see how the data changes the repository.
The bundle file is a thinly wrapped packfile, with extra information
that tells what objects in the bundle are the tips of histories and
what objects the repository the bundle gets unbundled has to have.
So your "git-bundle2text" would likely to involve fetching from the
bundle and inspecting the resulting history and the working tree
files.
next prev parent reply other threads:[~2012-11-26 20:38 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-26 19:24 git bundle format Pyeron, Jason J CTR (US)
2012-11-26 19:31 ` Pyeron, Jason J CTR (US)
2012-11-26 20:20 ` Felipe Contreras
2012-11-26 20:50 ` Pyeron, Jason J CTR (US)
2012-11-26 20:56 ` Felipe Contreras
2012-11-26 20:38 ` Junio C Hamano [this message]
2012-11-26 20:53 ` Pyeron, Jason J CTR (US)
2012-11-26 20:56 ` Stephen Bash
2012-11-26 21:06 ` git bundle format [OT] Pyeron, Jason J CTR (US)
2012-11-26 21:31 ` Stephen Bash
2012-11-26 23:08 ` git bundle format Andrew Ardill
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7vvccsqeva.fsf@alter.siamese.dyndns.org \
--to=gitster@pobox$(echo .)com \
--cc=git@vger$(echo .)kernel.org \
--cc=jason.j.pyeron.ctr@mail$(echo .)mil \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox