diff options
| author | Johannes Schindelin <johannes.schindelin@gmx.de> | 2026-03-05 15:34:48 -0800 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2026-03-06 13:52:28 -0800 |
| commit | 12f0fda905b4af3a15c125f96808e49ddbe39742 (patch) | |
| tree | 6b71e0f62297e3ecac5a9f86d751b461313bfe80 /contrib/persistent-https | |
| parent | 9ed1625a581a35d7ec2d851258cf4c7fc08c1ed7 (diff) | |
| download | git-12f0fda905b4af3a15c125f96808e49ddbe39742.tar.gz git-12f0fda905b4af3a15c125f96808e49ddbe39742.zip | |
sideband: do allow ANSI color sequences by default
The preceding two commits introduced special handling of the sideband
channel to neutralize ANSI escape sequences before sending the payload
to the terminal, and `sideband.allowControlCharacters` to override that
behavior.
However, as reported by brian m. carlson, some `pre-receive` hooks that
are actively used in practice want to color their messages and therefore
rely on the fact that Git passes them through to the terminal, even
though they have no way to determine whether the receiving side can
actually handle Escape sequences (think e.g. about the practice
recommended by Git that third-party applications wishing to use Git
functionality parse the output of Git commands).
In contrast to other ANSI escape sequences, it is highly unlikely that
coloring sequences can be essential tools in attack vectors that mislead
Git users e.g. by hiding crucial information.
Therefore we can have both: Continue to allow ANSI coloring sequences to
be passed to the terminal by default, and neutralize all other ANSI
Escape sequences.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'contrib/persistent-https')
0 files changed, 0 insertions, 0 deletions