diff options
| author | Junio C Hamano <gitster@pobox.com> | 2017-04-26 19:21:51 -0700 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2017-04-26 19:21:51 -0700 |
| commit | beca34013bc0864f462092d897371034e5e76810 (patch) | |
| tree | 4caf7e3a0c5c71fda031f7dad119560744a714ae /git-push.html | |
| parent | e25cc817fa321686ae71fda302e172bf9ca8f04a (diff) | |
| download | git-htmldocs-beca34013bc0864f462092d897371034e5e76810.tar.gz | |
Autogenerated HTML docs for v2.13.0-rc1
Diffstat (limited to 'git-push.html')
| -rw-r--r-- | git-push.html | 43 |
1 files changed, 42 insertions, 1 deletions
diff --git a/git-push.html b/git-push.html index 94874f4b6..b0af68494 100644 --- a/git-push.html +++ b/git-push.html @@ -1030,6 +1030,47 @@ still experimental and their semantics may change as we gain experience with this feature.</p></div>
<div class="paragraph"><p>"--no-force-with-lease" will cancel all the previous --force-with-lease on the
command line.</p></div>
+<div class="paragraph"><p>A general note on safety: supplying this option without an expected
+value, i.e. as <code>--force-with-lease</code> or <code>--force-with-lease=<refname></code>
+interacts very badly with anything that implicitly runs <code>git fetch</code> on
+the remote to be pushed to in the background, e.g. <code>git fetch origin</code>
+on your repository in a cronjob.</p></div>
+<div class="paragraph"><p>The protection it offers over <code>--force</code> is ensuring that subsequent
+changes your work wasn’t based on aren’t clobbered, but this is
+trivially defeated if some background process is updating refs in the
+background. We don’t have anything except the remote tracking info to
+go by as a heuristic for refs you’re expected to have seen & are
+willing to clobber.</p></div>
+<div class="paragraph"><p>If your editor or some other system is running <code>git fetch</code> in the
+background for you a way to mitigate this is to simply set up another
+remote:</p></div>
+<div class="literalblock">
+<div class="content">
+<pre><code>git remote add origin-push $(git config remote.origin.url)
+git fetch origin-push</code></pre>
+</div></div>
+<div class="paragraph"><p>Now when the background process runs <code>git fetch origin</code> the references
+on <code>origin-push</code> won’t be updated, and thus commands like:</p></div>
+<div class="literalblock">
+<div class="content">
+<pre><code>git push --force-with-lease origin-push</code></pre>
+</div></div>
+<div class="paragraph"><p>Will fail unless you manually run <code>git fetch origin-push</code>. This method
+is of course entirely defeated by something that runs <code>git fetch
+--all</code>, in that case you’d need to either disable it or do something
+more tedious like:</p></div>
+<div class="literalblock">
+<div class="content">
+<pre><code>git fetch # update 'master' from remote
+git tag base master # mark our base point
+git rebase -i master # rewrite some commits
+git push --force-with-lease=master:base master:master</code></pre>
+</div></div>
+<div class="paragraph"><p>I.e. create a <code>base</code> tag for versions of the upstream code that you’ve
+seen and are willing to overwrite, then rewrite history, and finally
+force push changes to <code>master</code> if the remote version is still at
+<code>base</code>, regardless of what your local <code>remotes/origin/master</code> has been
+updated to in the background.</p></div>
</dd>
<dt class="hdlist1">
-f
@@ -1831,7 +1872,7 @@ As in #1, the attacker chooses an object ID X to steal. The victim sends <div id="footnotes"><hr /></div>
<div id="footer">
<div id="footer-text">
-Last updated 2017-02-15 15:17:51 PST
+Last updated 2017-04-26 19:19:22 PDT
</div>
</div>
</body>
|