e904deb89d
Sinceac1fbbda20
(submodule: do not copy unknown update mode from .gitmodules, 2013-12-02), Git has been careful to avoid copying [submodule "foo"] update = !run an arbitrary scary command from .gitmodules to a repository's local config, copying in the setting 'update = none' instead. The gitmodules(5) manpage documents the intention: The !command form is intentionally ignored here for security reasons Unfortunately, starting with v2.20.0-rc0 (which integratedee69b2a9
(submodule--helper: introduce new update-module-mode helper, 2018-08-13, first released in v2.20.0-rc0)), there are scenarios where we *don't* ignore it: if the config store contains no submodule.foo.update setting, the submodule-config API falls back to reading .gitmodules and the repository-supplied !command gets run after all. This was part of a general change over time in submodule support to read more directly from .gitmodules, since unlike .git/config it allows a project to change values between branches and over time (while still allowing .git/config to override things). But it was never intended to apply to this kind of dangerous configuration. The behavior change was not advertised in ee69b2a9's commit message and was missed in review. Let's take the opportunity to make the protection more robust, even in Git versions that are technically not affected: instead of quietly converting 'update = !command' to 'update = none', noisily treat it as an error. Allowing the setting but treating it as meaning something else was just confusing; users are better served by seeing the error sooner. Forbidding the construct makes the semantics simpler and means we can check for it in fsck (in a separate patch). As a result, the submodule-config API cannot read this value from .gitmodules under any circumstance, and we can declare with confidence For security reasons, the '!command' form is not accepted here. Reported-by: Joern Schneeweisz <jschneeweisz@gitlab.com> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
124 lines
4.3 KiB
Plaintext
124 lines
4.3 KiB
Plaintext
gitmodules(5)
|
|
=============
|
|
|
|
NAME
|
|
----
|
|
gitmodules - defining submodule properties
|
|
|
|
SYNOPSIS
|
|
--------
|
|
$GIT_WORK_DIR/.gitmodules
|
|
|
|
|
|
DESCRIPTION
|
|
-----------
|
|
|
|
The `.gitmodules` file, located in the top-level directory of a Git
|
|
working tree, is a text file with a syntax matching the requirements
|
|
of linkgit:git-config[1].
|
|
|
|
The file contains one subsection per submodule, and the subsection value
|
|
is the name of the submodule. The name is set to the path where the
|
|
submodule has been added unless it was customized with the `--name`
|
|
option of 'git submodule add'. Each submodule section also contains the
|
|
following required keys:
|
|
|
|
submodule.<name>.path::
|
|
Defines the path, relative to the top-level directory of the Git
|
|
working tree, where the submodule is expected to be checked out.
|
|
The path name must not end with a `/`. All submodule paths must
|
|
be unique within the .gitmodules file.
|
|
|
|
submodule.<name>.url::
|
|
Defines a URL from which the submodule repository can be cloned.
|
|
This may be either an absolute URL ready to be passed to
|
|
linkgit:git-clone[1] or (if it begins with ./ or ../) a location
|
|
relative to the superproject's origin repository.
|
|
|
|
In addition, there are a number of optional keys:
|
|
|
|
submodule.<name>.update::
|
|
Defines the default update procedure for the named submodule,
|
|
i.e. how the submodule is updated by "git submodule update"
|
|
command in the superproject. This is only used by `git
|
|
submodule init` to initialize the configuration variable of
|
|
the same name. Allowed values here are 'checkout', 'rebase',
|
|
'merge' or 'none'. See description of 'update' command in
|
|
linkgit:git-submodule[1] for their meaning. For security
|
|
reasons, the '!command' form is not accepted here.
|
|
|
|
submodule.<name>.branch::
|
|
A remote branch name for tracking updates in the upstream submodule.
|
|
If the option is not specified, it defaults to 'master'. A special
|
|
value of `.` is used to indicate that the name of the branch in the
|
|
submodule should be the same name as the current branch in the
|
|
current repository. See the `--remote` documentation in
|
|
linkgit:git-submodule[1] for details.
|
|
|
|
submodule.<name>.fetchRecurseSubmodules::
|
|
This option can be used to control recursive fetching of this
|
|
submodule. If this option is also present in the submodules entry in
|
|
.git/config of the superproject, the setting there will override the
|
|
one found in .gitmodules.
|
|
Both settings can be overridden on the command line by using the
|
|
"--[no-]recurse-submodules" option to "git fetch" and "git pull".
|
|
|
|
submodule.<name>.ignore::
|
|
Defines under what circumstances "git status" and the diff family show
|
|
a submodule as modified. The following values are supported:
|
|
|
|
all;; The submodule will never be considered modified (but will
|
|
nonetheless show up in the output of status and commit when it has
|
|
been staged).
|
|
|
|
dirty;; All changes to the submodule's work tree will be ignored, only
|
|
committed differences between the HEAD of the submodule and its
|
|
recorded state in the superproject are taken into account.
|
|
|
|
untracked;; Only untracked files in submodules will be ignored.
|
|
Committed differences and modifications to tracked files will show
|
|
up.
|
|
|
|
none;; No modifiations to submodules are ignored, all of committed
|
|
differences, and modifications to tracked and untracked files are
|
|
shown. This is the default option.
|
|
|
|
If this option is also present in the submodules entry in .git/config
|
|
of the superproject, the setting there will override the one found in
|
|
.gitmodules.
|
|
Both settings can be overridden on the command line by using the
|
|
"--ignore-submodule" option. The 'git submodule' commands are not
|
|
affected by this setting.
|
|
|
|
submodule.<name>.shallow::
|
|
When set to true, a clone of this submodule will be performed as a
|
|
shallow clone (with a history depth of 1) unless the user explicitly
|
|
asks for a non-shallow clone.
|
|
|
|
|
|
EXAMPLES
|
|
--------
|
|
|
|
Consider the following .gitmodules file:
|
|
|
|
[submodule "libfoo"]
|
|
path = include/foo
|
|
url = git://foo.com/git/lib.git
|
|
|
|
[submodule "libbar"]
|
|
path = include/bar
|
|
url = git://bar.com/git/lib.git
|
|
|
|
|
|
This defines two submodules, `libfoo` and `libbar`. These are expected to
|
|
be checked out in the paths 'include/foo' and 'include/bar', and for both
|
|
submodules a URL is specified which can be used for cloning the submodules.
|
|
|
|
SEE ALSO
|
|
--------
|
|
linkgit:git-submodule[1] linkgit:git-config[1]
|
|
|
|
GIT
|
|
---
|
|
Part of the linkgit:git[1] suite
|