Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
push --signed: tighten what the receiving end can ask to sign
Instead of blindly trusting the receiving side to give us a sensible nonce to sign, limit the length (max 256 bytes) and the alphabet (alnum and a few selected punctuations, enough to encode in base64) that can be used in nonce. Signed-off-by: Junio C Hamano <gitster@pobox.com>
- Loading branch information