Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/review: Support custom git remote helpers #17299

Closed
wlynch opened this issue Sep 30, 2016 · 4 comments
Closed

x/review: Support custom git remote helpers #17299

wlynch opened this issue Sep 30, 2016 · 4 comments
Labels
NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Unreleased

Comments

@wlynch
Copy link
Contributor

wlynch commented Sep 30, 2016

What version of Go are you using (go version)?

go version go1.7.1 linux/amd64

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOOS="linux"

What did you do?

go get a package that belonged to a repository that used a custom git remote helper.

What did you expect to see?

The repo was successfully fetched.

What did you see instead?

"cannot download, uses insecure protocol"

Proposal

vcs.go is opinionated about what schemes are considered secure. If you are using a git remote helper, tools like go get will return an error because it thinks it is insecure. Passing --insecure allows the repo to be successfully fetched, but this isn't ideal because then all fetches that are pulled in from go get will allow insecure schemes.

We should let vcs.go be aware of the GIT_ALLOW_PROTOCOL environment variable to override the list of secure schemes for git fetches.

Other tools like git-codereview that are affected by similar issues should also be updated.

I'm happy to work on this.
@gopherbot
Copy link
Contributor

CL https://golang.org/cl/30135 mentions this issue.

gopherbot pushed a commit that referenced this issue Oct 3, 2016
@wlynch @ianlancetaylor
cmd/go: add support for GIT_ALLOW_PROTOCOL
55620a0 
Allows users to override the default secure protocol list by setting the
GIT_ALLOW_PROTOCOL environment variable.

Addresses #17299 for vcs.go.

Change-Id: If575861d2b1b04b59029fed7e5d12b49690af50a
Reviewed-on: https://go-review.googlesource.com/30135
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
@quentinmit quentinmit added the NeedsFix The path to resolution is known, but the work has not been done. label Oct 3, 2016
@quentinmit quentinmit added this to the Go1.8 milestone Oct 3, 2016
@quentinmit
Copy link
Contributor

@wlynch Does your commit resolve this issue?

@wlynch
Copy link
Contributor Author

wlynch commented Oct 3, 2016

With respect to golang/go, this should be resolved. I'll open a new issue in golang/review to track the changes needed for git-codereview.

@wlynch wlynch closed this as completed Oct 3, 2016
@wlynch
Copy link
Contributor Author

wlynch commented Oct 3, 2016

Issues are shared between golang/go and golang/review. Reopening to track the changes to golang/review.

I'm also fine with owning this change.

@wlynch wlynch reopened this Oct 3, 2016
@quentinmit quentinmit changed the title cmd/go: Support custom git remote helpers x/review: Support custom git remote helpers Oct 3, 2016
@quentinmit quentinmit modified the milestones: Unreleased, Go1.8 Oct 3, 2016
@rsc rsc unassigned wlynch Jun 23, 2022
@oakad oakad mentioned this issue Aug 11, 2022
Closed
@seankhliao seankhliao closed this as not planned Won't fix, can't repro, duplicate, stale Dec 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
4 participants
@quentinmit @wlynch @gopherbot @seankhliao