SYNOPSIS
git-upload-pack [--[no-]strict] [--timeout=<n>] [--stateless-rpc] [--advertise-refs] <directory>
DESCRIPTION
Invoked by git fetch-pack, learns what objects the other side is missing, and sends them after packing.
This command is usually not invoked directly by the end user. The UI for the protocol is on the git fetch-pack side, and the program pair is meant to be used to pull updates from a remote repository. For push operations, see git send-pack.
OPTIONS
- --[no-]strict
-
Do not try <directory>/.git/ if <directory> is no Git directory.
- --timeout=<n>
-
Interrupt transfer after <n> seconds of inactivity.
- --stateless-rpc
-
Perform only a single read-write cycle with stdin and stdout. This fits with the HTTP POST request processing model where a program may read the request, write a response, and must exit.
- --advertise-refs
-
Only the initial ref advertisement is output, and the program exits immediately. This fits with the HTTP GET request model, where no request content is received but a response must be produced.
- <directory>
-
The repository to sync from.
ENVIRONMENT
-
GIT_NO_LAZY_FETCH
-
When cloning or fetching from a partial repository (i.e., one itself cloned with
--filter
), the server-sideupload-pack
may need to fetch extra objects from its upstream in order to complete the request. By default,upload-pack
will refuse to perform such a lazy fetch, becausegit fetch
may run arbitrary commands specified in configuration and hooks of the source repository (andupload-pack
tries to be safe to run even in untrusted.git
directories).This is implemented by having
upload-pack
internally set theGIT_NO_LAZY_FETCH
variable to1
. If you want to override it (because you are fetching from a partial clone, and you are sure you trust it), you can explicitly setGIT_NO_LAZY_FETCH
to0
.
SECURITY
Most Git commands should not be run in an untrusted .git
directory
(see the section SECURITY
in git(1)). upload-pack
tries to
avoid any dangerous configuration options or hooks from the repository
it’s serving, making it safe to clone an untrusted directory and run
commands on the resulting clone.
For an extra level of safety, you may be able to run upload-pack
as an
alternate user. The details will be platform dependent, but on many
systems you can run:
git clone --no-local --upload-pack='sudo -u nobody git-upload-pack' ...
SEE ALSO
GIT
Part of the git(1) suite