|
|
|
|
|
|
by avar
4133 days ago
|
|
|
Of course you can't run "git pull --i-really-want-everything", you're the remote attacker this feature is meant to protect against! The use-case for this is that you're pushing to some shared hosting like GitHub where you can overwrite and delete refs, but you can't force a gc. You don't want someone to scour your Git commit announcements and see "oops, deleted password!" and go and fetch the deleted SHA1. |
|
|