See linkgit:git-update-index[1]. `keep` by default.
core.checkStat::
- Determines which stat fields to match between the index
- and work tree. The user can set this to 'default' or
- 'minimal'. Default (or explicitly 'default'), is to check
- all fields, including the sub-second part of mtime and ctime.
+ When missing or is set to `default`, many fields in the stat
+ structure are checked to detect if a file has been modified
+ since Git looked at it. When this configuration variable is
+ set to `minimal`, sub-second part of mtime and ctime, the
+ uid and gid of the owner of the file, the inode number (and
+ the device number, if Git was compiled to use it), are
+ excluded from the check among these fields, leaving only the
+ whole-second part of mtime (and ctime, if `core.trustCtime`
+ is set) and the filesize to be checked.
++
+There are implementations of Git that do not leave usable values in
+some fields (e.g. JGit); by excluding these fields from the
+comparison, the `minimal` mode may help interoperability when the
+same repository is used by these other systems at the same time.
core.quotePath::
Commands that output paths (e.g. 'ls-files', 'diff'), will
This setting defaults to "refs/notes/commits", and it can be overridden by
the `GIT_NOTES_REF` environment variable. See linkgit:git-notes[1].
-gc.commitGraph::
- If true, then gc will rewrite the commit-graph file when
- linkgit:git-gc[1] is run. When using linkgit:git-gc[1]
- '--auto' the commit-graph will be updated if housekeeping is
- required. Default is false. See linkgit:git-commit-graph[1]
- for details.
+core.commitGraph::
+ If true, then git will read the commit-graph file (if it exists)
+ to parse the graph structure of commits. Defaults to false. See
+ linkgit:git-commit-graph[1] for more information.
core.useReplaceRefs::
If set to `false`, behave as if the `--no-replace-objects`
Tells 'git apply' how to handle whitespaces, in the same way
as the `--whitespace` option. See linkgit:git-apply[1].
-blame.showRoot::
- Do not treat root commits as boundaries in linkgit:git-blame[1].
- This option defaults to false.
-
blame.blankBoundary::
Show blank commit object name for boundary commits in
linkgit:git-blame[1]. This option defaults to false.
-blame.showEmail::
- Show the author email instead of author name in linkgit:git-blame[1].
- This option defaults to false.
+blame.coloring::
+ This determines the coloring scheme to be applied to blame
+ output. It can be 'repeatedLines', 'highlightRecent',
+ or 'none' which is the default.
blame.date::
Specifies the format used to output dates in linkgit:git-blame[1].
If unset the iso format is used. For supported values,
see the discussion of the `--date` option at linkgit:git-log[1].
+blame.showEmail::
+ Show the author email instead of author name in linkgit:git-blame[1].
+ This option defaults to false.
+
+blame.showRoot::
+ Do not treat root commits as boundaries in linkgit:git-blame[1].
+ This option defaults to false.
+
branch.autoSetupMerge::
Tells 'git branch' and 'git checkout' to set up new branches
so that linkgit:git-pull[1] will appropriately merge from the
branch to track another branch.
This option defaults to never.
+branch.sort::
+ This variable controls the sort ordering of branches when displayed by
+ linkgit:git-branch[1]. Without the "--sort=<value>" option provided, the
+ value of this variable will be used as the default.
+ See linkgit:git-for-each-ref[1] field names for valid values.
+
branch.<name>.remote::
When on branch <name>, it tells 'git fetch' and 'git push'
which remote to fetch from/push to. The remote to push to
color.advice.hint::
Use customized color for hints.
+color.blame.highlightRecent::
+ This can be used to color the metadata of a blame line depending
+ on age of the line.
++
+This setting should be set to a comma-separated list of color and date settings,
+starting and ending with a color, the dates should be set from oldest to newest.
+The metadata will be colored given the colors if the the line was introduced
+before the given timestamp, overwriting older timestamped colors.
++
+Instead of an absolute timestamp relative timestamps work as well, e.g.
+2.weeks.ago is valid to address anything older than 2 weeks.
++
+It defaults to 'blue,12 month ago,white,1 month ago,red', which colors
+everything older than one year blue, recent changes between one month and
+one year old are kept white, and lines introduced within the last month are
+colored red.
+
+color.blame.repeatedLines::
+ Use the customized color for the part of git-blame output that
+ is repeated meta information per line (such as commit id,
+ author name, date and timezone). Defaults to cyan.
+
color.branch::
A boolean to enable/disable color in the output of
linkgit:git-branch[1]. May be set to `always`,
'git-diff-{asterisk}' plumbing commands. Can be overridden on the
command line with the `--color[=<when>]` option.
-diff.colorMoved::
- If set to either a valid `<mode>` or a true value, moved lines
- in a diff are colored differently, for details of valid modes
- see '--color-moved' in linkgit:git-diff[1]. If simply set to
- true the default color mode will be used. When set to false,
- moved lines are not colored.
-
-diff.colorMovedWS::
- When moved lines are colored using e.g. the `diff.colorMoved` setting,
- this option controls the `<mode>` how spaces are treated
- for details of valid modes see '--color-moved-ws' in linkgit:git-diff[1].
-
color.diff.<slot>::
Use customized color for diff colorization. `<slot>` specifies
which part of the patch to use the specified color, and is one
(highlighting whitespace errors), `oldMoved` (deleted lines),
`newMoved` (added lines), `oldMovedDimmed`, `oldMovedAlternative`,
`oldMovedAlternativeDimmed`, `newMovedDimmed`, `newMovedAlternative`
- and `newMovedAlternativeDimmed` (See the '<mode>'
- setting of '--color-moved' in linkgit:git-diff[1] for details).
+ `newMovedAlternativeDimmed` (See the '<mode>'
+ setting of '--color-moved' in linkgit:git-diff[1] for details),
+ `contextDimmed`, `oldDimmed`, `newDimmed`, `contextBold`,
+ `oldBold`, and `newBold` (see linkgit:git-range-diff[1] for details).
color.decorate.<slot>::
Use customized color for 'git log --decorate' output. `<slot>` is one
color.push.error::
Use customized color for push errors.
+color.remote::
+ If set, keywords at the start of the line are highlighted. The
+ keywords are "error", "warning", "hint" and "success", and are
+ matched case-insensitively. May be set to `always`, `false` (or
+ `never`) or `auto` (or `true`). If unset, then the value of
+ `color.ui` is used (`auto` by default).
+
+color.remote.<slot>::
+ Use customized color for each remote keyword. `<slot>` may be
+ `hint`, `warning`, `success` or `error` which match the
+ corresponding keyword.
+
color.showBranch::
A boolean to enable/disable color in the output of
linkgit:git-show-branch[1]. May be set to `always`,
status short-format), or
`unmerged` (files which have unmerged changes).
-color.blame.repeatedLines::
- Use the customized color for the part of git-blame output that
- is repeated meta information per line (such as commit id,
- author name, date and timezone). Defaults to cyan.
-
-color.blame.highlightRecent::
- This can be used to color the metadata of a blame line depending
- on age of the line.
-+
-This setting should be set to a comma-separated list of color and date settings,
-starting and ending with a color, the dates should be set from oldest to newest.
-The metadata will be colored given the colors if the the line was introduced
-before the given timestamp, overwriting older timestamped colors.
-+
-Instead of an absolute timestamp relative timestamps work as well, e.g.
-2.weeks.ago is valid to address anything older than 2 weeks.
-+
-It defaults to 'blue,12 month ago,white,1 month ago,red', which colors
-everything older than one year blue, recent changes between one month and
-one year old are kept white, and lines introduced within the last month are
-colored red.
-
-blame.coloring::
- This determines the coloring scheme to be applied to blame
- output. It can be 'repeatedLines', 'highlightRecent',
- or 'none' which is the default.
-
color.transport::
A boolean to enable/disable color when pushes are rejected. May be
set to `always`, `false` (or `never`) or `auto` (or `true`), in which
operation complete faster, especially on slow filesystems. If
not set, the value of `transfer.unpackLimit` is used instead.
-fetch.recurseSubmodules::
- This option can be either set to a boolean value or to 'on-demand'.
- Setting it to a boolean changes the behavior of fetch and pull to
- unconditionally recurse into submodules when set to true or to not
- recurse at all when set to false. When set to 'on-demand' (the default
- value), fetch and pull will only recurse into a populated submodule
- when its superproject retrieves a commit that updates the submodule's
- reference.
-
-fetch.fsckObjects::
- If it is set to true, git-fetch-pack will check all fetched
- objects. It will abort in the case of a malformed object or a
- broken link. The result of an abort are only dangling objects.
- Defaults to false. If not set, the value of `transfer.fsckObjects`
- is used instead.
-
-fetch.unpackLimit::
- If the number of objects fetched over the Git native
- transfer is below this
- limit, then the objects will be unpacked into loose object
- files. However if the number of received objects equals or
- exceeds this limit then the received pack will be stored as
- a pack, after adding any missing delta bases. Storing the
- pack from a push can make the push operation complete faster,
- especially on slow filesystems. If not set, the value of
- `transfer.unpackLimit` is used instead.
+include::fetch-config.txt[]
-fetch.prune::
- If true, fetch will automatically behave as if the `--prune`
- option was given on the command line. See also `remote.<name>.prune`
- and the PRUNING section of linkgit:git-fetch[1].
-
-fetch.pruneTags::
- If true, fetch will automatically behave as if the
- `refs/tags/*:refs/tags/*` refspec was provided when pruning,
- if not set already. This allows for setting both this option
- and `fetch.prune` to maintain a 1=1 mapping to upstream
- refs. See also `remote.<name>.pruneTags` and the PRUNING
- section of linkgit:git-fetch[1].
-
-fetch.output::
- Control how ref update status is printed. Valid values are
- `full` and `compact`. Default value is `full`. See section
- OUTPUT in linkgit:git-fetch[1] for detail.
-
-fetch.negotiationAlgorithm::
- Control how information about the commits in the local repository is
- sent when negotiating the contents of the packfile to be sent by the
- server. Set to "skipping" to use an algorithm that skips commits in an
- effort to converge faster, but may result in a larger-than-necessary
- packfile; any other value instructs Git to use the default algorithm
- that never skips commits (unless the server has acknowledged it or one
- of its descendants).
-
-format.attach::
- Enable multipart/mixed attachments as the default for
- 'format-patch'. The value can also be a double quoted string
- which will enable attachments as the default and set the
- value as the boundary. See the --attach option in
- linkgit:git-format-patch[1].
-
-format.from::
- Provides the default value for the `--from` option to format-patch.
- Accepts a boolean value, or a name and email address. If false,
- format-patch defaults to `--no-from`, using commit authors directly in
- the "From:" field of patch mails. If true, format-patch defaults to
- `--from`, using your committer identity in the "From:" field of patch
- mails and including a "From:" field in the body of the patch mail if
- different. If set to a non-boolean value, format-patch uses that
- value instead of your committer identity. Defaults to false.
-
-format.numbered::
- A boolean which can enable or disable sequence numbers in patch
- subjects. It defaults to "auto" which enables it only if there
- is more than one patch. It can be enabled or disabled for all
- messages by setting it to "true" or "false". See --numbered
- option in linkgit:git-format-patch[1].
-
-format.headers::
- Additional email headers to include in a patch to be submitted
- by mail. See linkgit:git-format-patch[1].
-
-format.to::
-format.cc::
- Additional recipients to include in a patch to be submitted
- by mail. See the --to and --cc options in
- linkgit:git-format-patch[1].
-
-format.subjectPrefix::
- The default for format-patch is to output files with the '[PATCH]'
- subject prefix. Use this variable to change that prefix.
-
-format.signature::
- The default for format-patch is to output a signature containing
- the Git version number. Use this variable to change that default.
- Set this variable to the empty string ("") to suppress
- signature generation.
-
-format.signatureFile::
- Works just like format.signature except the contents of the
- file specified by this variable will be used as the signature.
-
-format.suffix::
- The default for format-patch is to output files with the suffix
- `.patch`. Use this variable to change that suffix (make sure to
- include the dot if you want it).
-
-format.pretty::
- The default pretty format for log/show/whatchanged command,
- See linkgit:git-log[1], linkgit:git-show[1],
- linkgit:git-whatchanged[1].
-
-format.thread::
- The default threading style for 'git format-patch'. Can be
- a boolean value, or `shallow` or `deep`. `shallow` threading
- makes every mail a reply to the head of the series,
- where the head is chosen from the cover letter, the
- `--in-reply-to`, and the first patch mail, in this order.
- `deep` threading makes every mail a reply to the previous one.
- A true boolean value is the same as `shallow`, and a false
- value disables threading.
-
-format.signOff::
- A boolean value which lets you enable the `-s/--signoff` option of
- format-patch by default. *Note:* Adding the Signed-off-by: line to a
- patch should be a conscious act and means that you certify you have
- the rights to submit this work under the same open source license.
- Please see the 'SubmittingPatches' document for further discussion.
-
-format.coverLetter::
- A boolean that controls whether to generate a cover-letter when
- format-patch is invoked, but in addition can be set to "auto", to
- generate a cover-letter only when there's more than one patch.
-
-format.outputDirectory::
- Set a custom directory to store the resulting files instead of the
- current working directory.
-
-format.useAutoBase::
- A boolean value which lets you enable the `--base=auto` option of
- format-patch by default.
+include::format-config.txt[]
filter.<driver>.clean::
The command which is used to convert the content of a worktree
linkgit:gitattributes[5] for details.
fsck.<msg-id>::
- Allows overriding the message type (error, warn or ignore) of a
- specific message ID such as `missingEmail`.
-+
-For convenience, fsck prefixes the error/warning with the message ID,
-e.g. "missingEmail: invalid author/committer line - missing email" means
-that setting `fsck.missingEmail = ignore` will hide that issue.
-+
-This feature is intended to support working with legacy repositories
-which cannot be repaired without disruptive changes.
+ During fsck git may find issues with legacy data which
+ wouldn't be generated by current versions of git, and which
+ wouldn't be sent over the wire if `transfer.fsckObjects` was
+ set. This feature is intended to support working with legacy
+ repositories containing such data.
++
+Setting `fsck.<msg-id>` will be picked up by linkgit:git-fsck[1], but
+to accept pushes of such data set `receive.fsck.<msg-id>` instead, or
+to clone or fetch it set `fetch.fsck.<msg-id>`.
++
+The rest of the documentation discusses `fsck.*` for brevity, but the
+same applies for the corresponding `receive.fsck.*` and
+`fetch.<msg-id>.*`. variables.
++
+Unlike variables like `color.ui` and `core.editor` the
+`receive.fsck.<msg-id>` and `fetch.fsck.<msg-id>` variables will not
+fall back on the `fsck.<msg-id>` configuration if they aren't set. To
+uniformly configure the same fsck settings in different circumstances
+all three of them they must all set to the same values.
++
+When `fsck.<msg-id>` is set, errors can be switched to warnings and
+vice versa by configuring the `fsck.<msg-id>` setting where the
+`<msg-id>` is the fsck message ID and the value is one of `error`,
+`warn` or `ignore`. For convenience, fsck prefixes the error/warning
+with the message ID, e.g. "missingEmail: invalid author/committer line
+- missing email" means that setting `fsck.missingEmail = ignore` will
+hide that issue.
++
+In general, it is better to enumerate existing objects with problems
+with `fsck.skipList`, instead of listing the kind of breakages these
+problematic objects share to be ignored, as doing the latter will
+allow new instances of the same breakages go unnoticed.
++
+Setting an unknown `fsck.<msg-id>` value will cause fsck to die, but
+doing the same for `receive.fsck.<msg-id>` and `fetch.fsck.<msg-id>`
+will only cause git to warn.
fsck.skipList::
The path to a sorted list of object names (i.e. one SHA-1 per
should be accepted despite early commits containing errors that
can be safely ignored such as invalid committer email addresses.
Note: corrupt objects cannot be skipped with this setting.
++
+Like `fsck.<msg-id>` this variable has corresponding
+`receive.fsck.skipList` and `fetch.fsck.skipList` variants.
++
+Unlike variables like `color.ui` and `core.editor` the
+`receive.fsck.skipList` and `fetch.fsck.skipList` variables will not
+fall back on the `fsck.skipList` configuration if they aren't set. To
+uniformly configure the same fsck settings in different circumstances
+all three of them they must all set to the same values.
gc.aggressiveDepth::
The depth parameter used in the delta compression
will be repacked. After this the number of packs should go below
gc.autoPackLimit and gc.bigPackThreshold should be respected again.
+gc.writeCommitGraph::
+ If true, then gc will rewrite the commit-graph file when
+ linkgit:git-gc[1] is run. When using linkgit:git-gc[1]
+ '--auto' the commit-graph will be updated if housekeeping is
+ required. Default is false. See linkgit:git-commit-graph[1]
+ for details.
+
gc.logExpiry::
If the file gc.log exists, then `git gc --auto` won't run
unless that file is more than 'gc.logExpiry' old. Default is
You can also use more human-readable "1.month.ago", etc.
The default is 15 days. See linkgit:git-rerere[1].
-gitcvs.commitMsgAnnotation::
- Append this string to each commit message. Set to empty string
- to disable this feature. Defaults to "via git-CVS emulator".
-
-gitcvs.enabled::
- Whether the CVS server interface is enabled for this repository.
- See linkgit:git-cvsserver[1].
-
-gitcvs.logFile::
- Path to a log file where the CVS server interface well... logs
- various stuff. See linkgit:git-cvsserver[1].
-
-gitcvs.usecrlfattr::
- If true, the server will look up the end-of-line conversion
- attributes for files to determine the `-k` modes to use. If
- the attributes force Git to treat a file as text,
- the `-k` mode will be left blank so CVS clients will
- treat it as text. If they suppress text conversion, the file
- will be set with '-kb' mode, which suppresses any newline munging
- the client might otherwise do. If the attributes do not allow
- the file type to be determined, then `gitcvs.allBinary` is
- used. See linkgit:gitattributes[5].
-
-gitcvs.allBinary::
- This is used if `gitcvs.usecrlfattr` does not resolve
- the correct '-kb' mode to use. If true, all
- unresolved files are sent to the client in
- mode '-kb'. This causes the client to treat them
- as binary files, which suppresses any newline munging it
- otherwise might do. Alternatively, if it is set to "guess",
- then the contents of the file are examined to decide if
- it is binary, similar to `core.autocrlf`.
-
-gitcvs.dbName::
- Database used by git-cvsserver to cache revision information
- derived from the Git repository. The exact meaning depends on the
- used database driver, for SQLite (which is the default driver) this
- is a filename. Supports variable substitution (see
- linkgit:git-cvsserver[1] for details). May not contain semicolons (`;`).
- Default: '%Ggitcvs.%m.sqlite'
-
-gitcvs.dbDriver::
- Used Perl DBI driver. You can specify any available driver
- for this here, but it might not work. git-cvsserver is tested
- with 'DBD::SQLite', reported to work with 'DBD::Pg', and
- reported *not* to work with 'DBD::mysql'. Experimental feature.
- May not contain double colons (`:`). Default: 'SQLite'.
- See linkgit:git-cvsserver[1].
-
-gitcvs.dbUser, gitcvs.dbPass::
- Database user and password. Only useful if setting `gitcvs.dbDriver`,
- since SQLite has no concept of database users and/or passwords.
- 'gitcvs.dbUser' supports variable substitution (see
- linkgit:git-cvsserver[1] for details).
-
-gitcvs.dbTableNamePrefix::
- Database table name prefix. Prepended to the names of any
- database tables used, allowing a single database to be used
- for several repositories. Supports variable substitution (see
- linkgit:git-cvsserver[1] for details). Any non-alphabetic
- characters will be replaced with underscores.
-
-All gitcvs variables except for `gitcvs.usecrlfattr` and
-`gitcvs.allBinary` can also be specified as
-'gitcvs.<access_method>.<varname>' (where 'access_method'
-is one of "ext" and "pserver") to make them apply only for the given
-access method.
+include::gitcvs-config.txt[]
gitweb.category::
gitweb.description::
be used as a legacy synonym for `gpg.openpgp.program`. The default
value for `gpg.x509.program` is "gpgsm".
-gui.commitMsgWidth::
- Defines how wide the commit message window is in the
- linkgit:git-gui[1]. "75" is the default.
-
-gui.diffContext::
- Specifies how many context lines should be used in calls to diff
- made by the linkgit:git-gui[1]. The default is "5".
-
-gui.displayUntracked::
- Determines if linkgit:git-gui[1] shows untracked files
- in the file list. The default is "true".
-
-gui.encoding::
- Specifies the default encoding to use for displaying of
- file contents in linkgit:git-gui[1] and linkgit:gitk[1].
- It can be overridden by setting the 'encoding' attribute
- for relevant files (see linkgit:gitattributes[5]).
- If this option is not set, the tools default to the
- locale encoding.
-
-gui.matchTrackingBranch::
- Determines if new branches created with linkgit:git-gui[1] should
- default to tracking remote branches with matching names or
- not. Default: "false".
-
-gui.newBranchTemplate::
- Is used as suggested name when creating new branches using the
- linkgit:git-gui[1].
-
-gui.pruneDuringFetch::
- "true" if linkgit:git-gui[1] should prune remote-tracking branches when
- performing a fetch. The default value is "false".
-
-gui.trustmtime::
- Determines if linkgit:git-gui[1] should trust the file modification
- timestamp or not. By default the timestamps are not trusted.
-
-gui.spellingDictionary::
- Specifies the dictionary used for spell checking commit messages in
- the linkgit:git-gui[1]. When set to "none" spell checking is turned
- off.
-
-gui.fastCopyBlame::
- If true, 'git gui blame' uses `-C` instead of `-C -C` for original
- location detection. It makes blame significantly faster on huge
- repositories at the expense of less thorough copy detection.
-
-gui.copyBlameThreshold::
- Specifies the threshold to use in 'git gui blame' original location
- detection, measured in alphanumeric characters. See the
- linkgit:git-blame[1] manual for more information on copy detection.
-
-gui.blamehistoryctx::
- Specifies the radius of history context in days to show in
- linkgit:gitk[1] for the selected commit, when the `Show History
- Context` menu item is invoked from 'git gui blame'. If this
- variable is set to zero, the whole history is shown.
+include::gui-config.txt[]
guitool.<name>.cmd::
Specifies the shell command line to execute when the corresponding item
--
-pull.ff::
- By default, Git does not create an extra merge commit when merging
- a commit that is a descendant of the current commit. Instead, the
- tip of the current branch is fast-forwarded. When set to `false`,
- this variable tells Git to create an extra merge commit in such
- a case (equivalent to giving the `--no-ff` option from the command
- line). When set to `only`, only such fast-forward merges are
- allowed (equivalent to giving the `--ff-only` option from the
- command line). This setting overrides `merge.ff` when pulling.
-
-pull.rebase::
- When true, rebase branches on top of the fetched branch, instead
- of merging the default branch from the default remote when "git
- pull" is run. See "branch.<name>.rebase" for setting this on a
- per-branch basis.
-+
-When `merges`, pass the `--rebase-merges` option to 'git rebase'
-so that the local merge commits are included in the rebase (see
-linkgit:git-rebase[1] for details).
-+
-When preserve, also pass `--preserve-merges` along to 'git rebase'
-so that locally committed merge commits will not be flattened
-by running 'git pull'.
-+
-When the value is `interactive`, the rebase is run in interactive mode.
-+
-*NOTE*: this is a possibly dangerous operation; do *not* use
-it unless you understand the implications (see linkgit:git-rebase[1]
-for details).
-
-pull.octopus::
- The default merge strategy to use when pulling multiple branches
- at once.
-
-pull.twohead::
- The default merge strategy to use when pulling a single branch.
+include::pull-config.txt[]
push.default::
Defines the action `git push` should take if no refspec is
receive.fsckObjects::
If it is set to true, git-receive-pack will check all received
- objects. It will abort in the case of a malformed object or a
- broken link. The result of an abort are only dangling objects.
- Defaults to false. If not set, the value of `transfer.fsckObjects`
- is used instead.
+ objects. See `transfer.fsckObjects` for what's checked.
+ Defaults to false. If not set, the value of
+ `transfer.fsckObjects` is used instead.
receive.fsck.<msg-id>::
- When `receive.fsckObjects` is set to true, errors can be switched
- to warnings and vice versa by configuring the `receive.fsck.<msg-id>`
- setting where the `<msg-id>` is the fsck message ID and the value
- is one of `error`, `warn` or `ignore`. For convenience, fsck prefixes
- the error/warning with the message ID, e.g. "missingEmail: invalid
- author/committer line - missing email" means that setting
- `receive.fsck.missingEmail = ignore` will hide that issue.
-+
-This feature is intended to support working with legacy repositories
-which would not pass pushing when `receive.fsckObjects = true`, allowing
-the host to accept repositories with certain known issues but still catch
-other issues.
+ Acts like `fsck.<msg-id>`, but is used by
+ linkgit:git-receive-pack[1] instead of
+ linkgit:git-fsck[1]. See the `fsck.<msg-id>` documentation for
+ details.
receive.fsck.skipList::
- The path to a sorted list of object names (i.e. one SHA-1 per
- line) that are known to be broken in a non-fatal way and should
- be ignored. This feature is useful when an established project
- should be accepted despite early commits containing errors that
- can be safely ignored such as invalid committer email addresses.
- Note: corrupt objects cannot be skipped with this setting.
+ Acts like `fsck.skipList`, but is used by
+ linkgit:git-receive-pack[1] instead of
+ linkgit:git-fsck[1]. See the `fsck.skipList` documentation for
+ details.
receive.keepAlive::
After receiving the pack from the client, `receive-pack` may
Seconds wait before reconnecting to smtp server.
See also the `--relogin-delay` option of linkgit:git-send-email[1].
-showbranch.default::
+showBranch.default::
The default set of branches for linkgit:git-show-branch[1].
See linkgit:git-show-branch[1].
When `fetch.fsckObjects` or `receive.fsckObjects` are
not set, the value of this variable is used instead.
Defaults to false.
++
+When set, the fetch or receive will abort in the case of a malformed
+object or a link to a nonexistent object. In addition, various other
+issues are checked for, including legacy issues (see `fsck.<msg-id>`),
+and potential security issues like the existence of a `.GIT` directory
+or a malicious `.gitmodules` file (see the release notes for v2.2.1
+and v2.17.1 for details). Other sanity and security checks may be
+added in future releases.
++
+On the receiving side, failing fsckObjects will make those objects
+unreachable, see "QUARANTINE ENVIRONMENT" in
+linkgit:git-receive-pack[1]. On the fetch side, malformed objects will
+instead be left unreferenced in the repository.
++
+Due to the non-quarantine nature of the `fetch.fsckObjects`
+implementation it can not be relied upon to leave the object store
+clean like `receive.fsckObjects` can.
++
+As objects are unpacked they're written to the object store, so there
+can be cases where malicious objects get introduced even though the
+"fetch" failed, only to have a subsequent "fetch" succeed because only
+new incoming objects are checked, not those that have already been
+written to the object store. That difference in behavior should not be
+relied upon. In the future, such objects may be quarantined for
+"fetch" as well.
++
+For now, the paranoid need to find some way to emulate the quarantine
+environment if they'd like the same protection as "push". E.g. in the
+case of an internal mirror do the mirroring in two steps, one to fetch
+the untrusted objects, and then do a second "push" (which will use the
+quarantine) to another internal repo, and have internal clients
+consume this pushed-to repository, or embargo internal fetches and
+only allow them once a full "fsck" has run (and no new fetches have
+happened in the meantime).
transfer.hideRefs::
String(s) `receive-pack` and `upload-pack` use to decide which