search

progit / progit2

Pro Git 2nd Edition
Other
5.77k stars 1.9k forks source link

fatal: unsafe repository ('F:/GitHub/my-project' is owned by someone else) #1735

Closed Prime541 closed 2 years ago

Prime541 commented 2 years ago

General overview of your idea.

With git-2.35.2 a new blocking behavior has been introduced without any user friendly solution. fatal: unsafe repository ('F:/GitHub/my-project' is owned by someone else)

In my case we generate hundreds of repositories with random names and I don't want to prefix every git commands with the official solution. ie: git config --global --add safe.directory F:/GitHub/my-project

I would like to add some general solution to ignore, or downgrade, this 'fatal' warning, like a new environment variable: GIT_UNSAFE_IGNORE_ALL=Y

In addition, for users who would like to tune this vulnerability fix, some variables could white-list some owners and/or directories: GIT_UNSAFE_IGNORE_OWNERS=me:you:admin GIT_UNSAFE_IGNORE_GROUPS=myteam:yourteam GIT_UNSAFE_IGNORE_DIRECTORIES(and their children)=/home:/projects

What problem will this solve?

https://stackoverflow.com/questions/71849415/cannot-add-parent-directory-to-safe-directory-on-git

After updating git to v2.35.2 I'm getting the following error:

fatal: unsafe repository ('F:/GitHub/my-project' is owned by someone else) To add an exception for this directory, call:

    git config --global --add safe.directory F:/GitHub/my-project

Have you thought about other solutions?

No response

Do you want to help with this enhancement idea?

Yes

SherinBloemendaal commented 2 years ago

Indeed, it should be possible to trust a whole folder or group (globally or per user).

Lets not bike shed to long about it and just implement it.

ZaneCEO commented 2 years ago

Another idea: just add a --ignore-different-owner argument for those who really want to ignore the issue

jerryankur commented 2 years ago

--ignore-different-owner

and where to add that argument?

DoveBoy commented 2 years ago

--ignore-different-owner

How do I set it up? Can it work for global repo

rgpublic commented 2 years ago

I came here via StackOverflow. Why is this in the "progit2" issue queue? Shouldn't this be a feature request for the GIT project itself?

jnavila commented 2 years ago

@rgpublic you're completely right. It seems anyway that most people don't read the issue templates... :cry: