On Mon, Dec 17, 2012 at 12:35:54PM +0100, Toralf Förster wrote:
often the output is requested in help forums - and a
git config -l | wgetpaste exposes parameters like sendmail.smtppass -
so hide those variables in the output (if not explicitly wanted) would
makes sense, or ?
But if we change
At 10:04 -0500 20 Dec 2012, Jeff King p...@peff.net wrote:
The problem seems to be that people are giving bad advice to tell
people to post git config -l output without looking at. Maybe we
could help them with a git config --share-config option that dumps
all config, but sanitizes the output.
On 12/20/2012 04:04 PM, Jeff King wrote:
On Mon, Dec 17, 2012 at 12:35:54PM +0100, Toralf Förster wrote:
often the output is requested in help forums - and a
git config -l | wgetpaste exposes parameters like sendmail.smtppass -
so hide those variables in the output (if not explicitly wanted)
On Thu, Dec 20, 2012 at 10:49:15AM -0500, Aaron Schrab wrote:
At 10:04 -0500 20 Dec 2012, Jeff King p...@peff.net wrote:
The problem seems to be that people are giving bad advice to tell
people to post git config -l output without looking at. Maybe we
could help them with a git config
On Thu, Dec 20, 2012 at 04:51:37PM +0100, Michael Haggerty wrote:
The problem seems to be that people are giving bad advice to tell people
to post git config -l output without looking at. Maybe we could help
them with a git config --share-config option that dumps all config,
but sanitizes
yep - understood
On 12/20/2012 04:49 PM, Aaron Schrab wrote:
At 10:04 -0500 20 Dec 2012, Jeff King p...@peff.net wrote:
The problem seems to be that people are giving bad advice to tell
people to post git config -l output without looking at. Maybe we
could help them with a git config
Jeff King p...@peff.net writes:
Yeah. Thanks for a dose of sanity. I was really trying not to say the
given advice is bad, and we cannot help those people. But I think you
are right; the only sensible path is for the user to inspect the output
before posting it.
True.
--
To unsubscribe from
Michael Haggerty mhag...@alum.mit.edu writes:
I think the problem is yet another step earlier: why do we build tools
that encourage people to store passwords in plaintext in a configuration
file that is by default world-readable?
True. This particular one mentioned in the thread predates
On 21 December 2012 02:49, Aaron Schrab aa...@schrab.com wrote:
Tools outside of the core git tree may add support for new config keys which
are meant to contain sensitive information, and there would be no way for
`git config` to know about those.
I understand that we've come down mostly on
often the output is requested in help forums - and a
git config -l | wgetpaste exposes parameters like sendmail.smtppass -
so hide those variables in the output (if not explicitly wanted) would
makes sense, or ?
--
MfG/Sincerely
Toralf Förster
pgp finger print: 7B1A 07F4 EC82 0F90 D4C2 8936 872A
10 matches
Mail list logo