On 02/02/16 18:56, Peter Palfrader wrote: > On Tue, 02 Feb 2016, Nick Mathewson wrote: > >> The tl;dr here is: >> * By default Git doesn't verify the sha1 checksums it receives by default. >> * It doesn't look like we've got any inconsistencies in our >> repositories I use, though. That's good! >> * To turn on verification, I think you run: >> >> git config --add transfer.fsckobjects true >> git config --add fetch.fsckobjects true >> git config --add receive.fsckobjects true > > I suspect that setting things globally (in your ~/.gitconfig) > git config --global --add transfer.fsckobjects true > git config --global --add fetch.fsckobjects true > git config --global --add receive.fsckobjects true > might also work. (However, I haven't verified it.) > Tested with $ for i in transfer fetch receive; do git config --global --replace-all "$i.fsckObjects" true; done (--replace-all makes it idempotent). I wrote "fsckObjects" because it's quicker to verify - the man page for git-config says fsckObjects rather than fsckobjects and then you need to do some extra digging to assure yourself it's case-insensitive. X -- GPG: ed25519/56034877E1F87C35 GPG: rsa4096/1318EFAC5FBBDBCE git://github.com/infinity0/pubkeys.git
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev