Home Explore Blog CI



git
15th chunk of `Documentation/git.adoc`
818505827beb7a1335471ce67ac90eb4f97aecf86eee008d000000010000089f
 the SHA-1 name of the most
recent commit (or "head") of a branch under development.  SHA-1 names of
tags of interest are stored under `refs/tags/`.  A symbolic ref named
`HEAD` contains the name of the currently checked-out branch.

The index file is initialized with a list of all paths and, for each
path, a blob object and a set of attributes.  The blob object represents
the contents of the file as of the head of the current branch.  The
attributes (last modified time, size, etc.) are taken from the
corresponding file in the working tree.  Subsequent changes to the
working tree can be found by comparing these attributes.  The index may
be updated with new content, and new commits may be created from the
content stored in the index.

The index is also capable of storing multiple entries (called "stages")
for a given pathname.  These stages are used to hold the various
unmerged version of a file when a merge is in progress.

SECURITY
--------

Some configuration options and hook files may cause Git to run arbitrary
shell commands. Because configuration and hooks are not copied using
`git clone`, it is generally safe to clone remote repositories with
untrusted content, inspect them with `git log`, and so on.

However, it is not safe to run Git commands in a `.git` directory (or
the working tree that surrounds it) when that `.git` directory itself
comes from an untrusted source. The commands in its config and hooks
are executed in the usual way.

By default, Git will refuse to run when the repository is owned by
someone other than the user running the command. See the entry for
`safe.directory` in linkgit:git-config[1]. While this can help protect
you in a multi-user environment, note that you can also acquire
untrusted repositories that are owned by you (for example, if you
extract a zip file or tarball from an untrusted source). In such cases,
you'd need to "sanitize" the untrusted repository first.

If you have an untrusted `.git` directory, you should first clone it
with `git clone --no-local` to obtain a clean copy. Git does restrict
the set of options and hooks that will be run by `upload-pack`, which
handles the server side of a clone or fetch, but beware that the
Title: Git Index and Security Considerations
Summary
This section describes the Git index file, its capabilities, and how it stores file information, as well as security considerations when working with untrusted Git repositories, including the risks of running arbitrary shell commands and the importance of sanitizing untrusted repositories before use.