commit | 631f6f1d47cc51a46c8ab48ea1178ea04cff0b8a | [log] [tgz] |
---|---|---|
author | Junio C Hamano <gitster@pobox.com> | Mon Apr 27 12:23:47 2015 -0700 |
committer | Junio C Hamano <gitster@pobox.com> | Mon Apr 27 12:23:50 2015 -0700 |
tree | b2ecf2c3862aa8328f036c6882c2c851ed781cba | |
parent | ba63bfaa59ee41bd679286a594cc643b5a53c48d [diff] | |
parent | afcb6ee30acf17f4e0338c49fbab301131abfbba [diff] |
Merge branch 'jc/push-cert' into maint The "git push --signed" protocol extension did not limit what the "nonce" that is a server-chosen string can contain or how long it can be, which was unnecessarily lax. Limit both the length and the alphabet to a reasonably small space that can still have enough entropy. * jc/push-cert: push --signed: tighten what the receiving end can ask to sign