Introducing Git protocol version 2 (opens in new tab)

AdmiralAsshat7y ago

Thanks, that really helps.

As an open-source advocate, my first thought was, "Why the hell is Google releasing a version of a protocol that Linus Torvalds wrote?"

Without that context, it would be like Google throwing up an announcement, "Introducing Google's Linux Kernel 5.0!"

skywhopper7y ago

Yeah, that was my reaction, and it made me sad that Google has so eroded my trust over the decades that I was turned off at seeing an announcement implying they are deeply involved in core open source tools. I mean, who else but companies swimming in cash can truly deeply support this stuff, and for the most part, the people working on these tools really do care about the open source community. But Google's reputation is so tarnished that my gut reaction is at odds with my rational one, and that's a sad thing to realize.

fiatjaf7y ago

That may seen odd, but it could happen in a open-source world: multiple parties releasing different versions of the same piece of software and calling it the same.

Ceezy7y ago

Same here. I was like, "If there are about to drop 3 versions at the same time like angular, I need to you use SVN ASAP".

Retroity7y ago

Non-Mobile link for those on desktop: https://en.wikipedia.org/wiki/Junio_Hamano

Cynddl7y ago

The mobile version of Wikipedia works perfectly fine in a browser. I personally prefer it for readability.

https://opensource.google.com/projects/list/featured

biohax20157y ago

Fun fact: if you google “git blame” it returns his wikipedia entry.

ojosilva7y ago

Alright, I was wondering why this was published on the Google Opensource website. I had no idea. Yet, the Git project itself has not been published under their umbrella.

willnorris7y ago

We currently only list project that are or were primarily developed by Google. We decided to include projects that started at Google and were since donated to foundations, such as Kubernetes.

But we aren't yet including projects where we are just heavy contributors, but they're not "Google projects". That includes Linux, git, LLVM, and a host of others. We do want to recognize them in our project directory, but want to make sure that they are distinguished from Google projects so that we're not implying something that is accurate.

avar7y ago

One of the places it's hosted at is https://kernel.googlesource.com/pub/scm/git/git

See the list of URLs at https://public-inbox.org/git/xmqqindt6g1r.fsf@gitster.mtv.co...

simias7y ago

Let that be a reminder to all the coders out there: if you ever design a protocol or file format to communicate between machines always remember to add a version field or some other way to allow for updates and revisions later without breaking everything. Having a way to specify extensions in a backward-compatible way is nice too.

cesarb7y ago

> if you ever design a protocol or file format to communicate between machines always remember to add a version field or some other way to allow for updates and revisions later without breaking everything

Also, somehow make sure no servers, clients, or third-party middleboxes break when the version field is incremented. The TLS protocol designers had to give up on the version field; it's now going to forever be stuck at "TLS 1.2", since too much would break otherwise.

icebraining7y ago

It's an universal truth: if you want to keep something from jamming up, you need to exercise it. It's true for the human body, for machine parts and for protocol features.

nneonneo7y ago

Per the TLS 1.3 RFC:

> In previous versions of TLS, this field was used for version negotiation and represented the highest version number supported by the client. Experience has shown that many servers do not properly implement version negotiation, leading to "version intolerance" in which the server rejects an otherwise acceptable ClientHello with a version number higher than it supports. In TLS 1.3, the client indicates its version preferences in the "supported_versions" extension (Section 4.2.1) and the legacy_version field MUST be set to 0x0303, which is the version number for TLS 1.2. (See Appendix D for details about backward compatibility.)

It's really too bad that the version field can't be used as a version field anymore, but thankfully the "extension" format is pretty flexible in that regard.

apple4ever7y ago

In my opinion, they should break things that misuse the version field. Then maybe the makers will learn to develop properly.

CGamesPlay7y ago

What would break? Are you saying a TLS 1.3 client would not be able to connect to a TLS 1.2 server because the version request would cause the server to reject the client?

https://tools.ietf.org/html/draft-ietf-dnsop-no-response-iss...

Too7y ago

I'm mostly surprised they solved a critical server bug on the client side and by introducing even more hacks into the protocol. I mean, who in their right mind would run a public git server with this super easy to exploit DOS bug:

    Unfortunately due to a bug introduced in 2006 we aren't
    able to place any extra arguments (separated by NULs) other
    than the host because otherwise the parsing of those
     arguments would enter an infinite loop.

I'm not sure if entering an infinite loop means what i think it does in this context but that's almost CVE worthy and they should release a fix and mark that version as obsolete as ever and never have to make their clients cater to it any more.

bronson7y ago

It's been fixed for almost a decade. You're asking for a retroactive CVE?

You can read about their fix by clicking the next link in the article.

bluejekyll7y ago

DNS has no version field. I'm torn as to the choice here. On the one hand, DNS is backwards compatible with everything.

EDNS is the only way to extend the protocol now, which is basically just adding additional Records to the Message that are designated as Extended DNS records, and treated specially.

jburgess7777y ago

The IETF is working on a document which describes many reasons why DNS may stop working. EDNS related issue are in section 3.2:

2] https://tools.ietf.org/html/draft-ietf-dnsop-session-signal

oripring7y ago

The message header hasn't been fully exhausted yet. Beyond the spare bit[1] in the header there is unassigned OPCODE values which can be used to bend the format in new ways[2].

1] It was briefly used experimentally if I recall

avar7y ago

The specification of the v2 protocol is here: https://github.com/git/git/blob/master/Documentation/technic...

One of the more exciting things is that it can now be extended to arbitrary new over-the-wire commands. So e.g. "git grep" could be made to execute over the network if that's more efficient in some cases.

This will also allow for making things that now use side-transports part of the protocol itself if it made sense. E.g. the custom commands LFS and git-annex implement, and even more advanced things like shipping things like the new commit graph already generated from the server to the client.

xorcist7y ago

If you are to link to a git repo, don't link to some unoffical mirror. That would just confuse search engines.

The specificiation of the v2 protocol is here: https://git.kernel.org/pub/scm/git/git.git/tree/Documentatio...

(There are a couple of repos listed as official mirrors, such as the googlesource.com one, but the one you linked to isn't one of them.)

avar7y ago

The repository I linked to is official. See https://public-inbox.org/git/xmqqindt6g1r.fsf@gitster.mtv.co...

What list are you referring to? If it doesn't list the one on GitHub it needs to be fixed.

[1] https://github.com/git-lfs/git-lfs/wiki/Implementations

Someone12347y ago

Too bad they didn't make Git LFS part of Version 2[0]. Most vendors[2] support LFS already but because it isn't required, some still lack it and its support cannot be assumed.

[0] https://git-lfs.github.com/

icebraining7y ago

I say that's LFS' fault. Why do you even need a custom server? It should just be able to use any ol' file server or S3-API compatible service, and do everything on the client side.

I find git-annex a much better solution, it's a shame everyone went with LFS.

rspeer7y ago

My experience with git-annex is that it seems heavily designed for individuals and not for projects. The places it looks for files are often just a computer you were once developing on, and it sometimes expects you to go find that computer. It never forgets about any crazy place your files have been.

It was very hard to use in asymmetric cases where different people have different credentials, such as where one person has access to a computer and others don't, or where a couple of core developers have authenticated R/W access to a file server or an S3 bucket and everyone else just has HTTP.

xorcist7y ago

What kind of changes to the wire protocol would help git-lfs? It seems to have no specific dependencies on protocol features.

If standard git ever implements shallow blob fetching, it would preferrably make git-lfs obsolete rather than help it.

eridius7y ago

Requiring Git-LFS support would be rather problematic for anyone who self-hosts git repos over SSH.

Someone12347y ago

They'd just stick to Protocol 1

_ikke_7y ago

Git LFS is not part of core-git, but an extension built and maintained by github, and the code lives outside of the git tree, so it cannot be a required part of the protocol.

Someone12347y ago

> Git LFS is not part of core-git

I know, that's what I am suggesting should change in version 2.0. It is a widely supported popular extension that solves a major pain point for Git, most vendors have adopted it.

New things can absolutely be required as part of a new protocol version, in fact this blog post lists several new things that will be new in 2.0 and beyond.

The analogy I'd use is HTTP/2 and SPDY. SPDY started out as a Google produced extension to HTTP, gained popularity, and was then standardized/merged into the HTTP/2 standard. All I am suggesting is Git LFS receive the same treatment.

See https://github.com/git/git/blob/master/Documentation/Submitt...

49bc7y ago

I wouldn't be so sure. They said one of the motivations was to "unblocking the path to more wire protocol improvements in the future".

xenomachina7y ago

> but because it is required

Just to confirm, but you meant "because it is not required", right?

Someone12347y ago

Right. Edited.

lsiebert7y ago

I'm a very (very) minor contributor to git.

If you are at all interested in hacking on Git, it's not that difficult. Knowing C and portable shell scripting for writing tests are the big things.

One sticking point, you need to submit patches to the mailing list, you can't just do a github pull request.

I still see github pull requests rather frequently, even though they have never been allowed. All discussion AND patches go through the mailing list, much like the linux kernel.

pm2157y ago

It's unfortunate that github doesn't let a project disable the on-website UI for pull request submission; as it is it's easy for somebody to end up wasting their time trying to submit a change that way. (QEMU has that issue too.)

ImJasonH7y ago

Totally agree! I made nopullrequests.com to help solve this.

[1] https://public-inbox.org/git/CAJo=hJtZ_8H6+kXPpZcRCbJi3LPuuF...

newscracker7y ago

Sometime in the far future, someone will write an interesting story about how a double null byte came into existence in the git request protocol, and it will be amusing and interesting to look back. As the saying goes, hindsight is always 20/20. I'm glad that they found ways to maintain backward compatibility, at only a minor cost to understanding things.

Confiks7y ago

It's quite a comedy that this feature has not been implemented for at least 6 years, solely because the raw git:// protocol's parameter handling was severely broken, and feature detection by disconnecting and retrying [1] was ultimately deemed far too dirty.

cpburns20097y ago

Wait, why was this posted by Google? I thought Git was made by Linus Torvalds.

hk__27y ago

Git was created by Linus Torvalds, but out of the 50k+ commits on the repo, only 250 or so are from him, with only 14 in the past 6 years. [1]

[1] https://github.com/git/git/graphs/contributors?from=2012-03-...

sdesol7y ago

Here is a more detailed analysis, which shows all contributors:

https://public.gitsense.com/insight/github?r=git/git#b%3Dgit...

These are contributions by Linus:

https://public.gitsense.com/insight/github?r=git/git#b%3Dgit...

and as you can see, his contributions, really tapered off after 2010, while contributions from Hamano remained steady from 2008 to present date, as shown below:

https://public.gitsense.com/insight/github?r=git/git#b%3Dgit....

Semaphor7y ago

> Linus Torvalds said in 2012 that one of his own biggest successes was recognizing how good a developer Hamano was on Git, and trusting him to maintain it.

tgummerer7y ago

It's because a Google employee implemented protocol v2, and wrote a post about it.

euyyn7y ago

Opensource though.

rwmj7y ago

Is there a git protocol variant that allows the client to avoid downloading objects that it already has stored locally in another repository or cache?

For example: I have the Linux kernel already cloned in some directory. I clone a second repo which has the Linux kernel as a submodule. Can I clone the second repo straightforwardly without having to download Linux a second time? (Well yes, but only by manual intervention before doing the git submodule update - it'd be nice if objects could be shared in a cache across also repos somehow).

Boulth7y ago

Have you seen alternates? https://stackoverflow.com/questions/36123655/what-is-the-git...

nothrabannosir7y ago

You could literally link the two object directories?

I just tried this and it seems to work:

  git clone git://github.com/git/git
  mkdir git2
  cd git2
  git init
  cd .git/
  rm -rf objects
  ln -s ../../git/.git
  cd ../
  git remote add origin git://github.com/git/git
  git fetch # returned without downloading anything
  git checkout master
  ls # etc.

If you seriously want to use this, you'll probably want to hard link the contents, instead. But iirc git clone from local disk already does that, for you?

In short: clone your local copy and taking it from there?

falsedan7y ago

You can also use alternates:

  echo ../../../git/.git/objects >> git2/.git/objects/info/alternates

or use the original as a reference:

  git clone --reference git git://github.com/git/git git2

This sets up the alternates for you.

wereHamster7y ago

There's git command for that: https://git-scm.com/docs/git-worktree

Bjartr7y ago

Maybe this project could work for you?

https://github.com/jonasmalacofilho/git-cache-http-server

andrewaylett7y ago

I'm assuming from your comment that you're already aware of --reference but it doesn't completely meet your needs? The only other thing I can think of would be to use the 'insteadOf' configuration to tell Git to use your local clone instead of the remote one. Search 'git help config' for 'url.<base>.insteadOf'.

buckminster7y ago

AIUI, the git ssh protocol is just the git protocol tunnelled through ssh. So why do they need different mechanisms for signalling V2?

_wmd7y ago

Deploying Git over SSH entails locking the precise command line executable by the public key you use to authenticate. Locking SSH SendEnv down is mandatory too, otherwise thousands of people would have shell access to GitHub.com!

This isn't even theoretical, there was an environment-related bug not 5 years ago involving Git. At least BitBucket was impacted, I think GitHub were patched before it was announced

simias7y ago

I don't think that answers the parent's question, if the update was in the git protocol itself (encapsulated in the SSH session) then you wouldn't have to change anything at the SSH level.

As you point out selectively allowing a new environment variable could open a can of worms for shared hosts like github if they mess up their implementation.

xyzzyz7y ago

Because if you tunnel through ssh, you can signal v2 using ssh mechanism of setting environment variables. If you don't tunnel, you don't have this option. This is clearly described in the article.

deathanatos7y ago

I think what the person you're replying to is asking is why not, in the case of ssh, use the signaling in the git protocol, since it will be there anyways. That is, if you don't tunnel, you must signal w/ the git protocol. If you do tunnel, why use a different mechanism, since the signal in the git protocol must be there?

I think that this is because the SSH protocol isn't just encapsulating the Git protocol directly (the initial assumption of ssh "just" encapsulating the git protocol is not fully correct), and one of the parts that differs is this particular part. (Since on the git protocol side, we need to select a "service":

> a single packet-line which includes the requested service (git-upload-pack for fetches and git-receive-pack for pushes)

which in SSH would be done not by transmitting that packet-line but by instructing SSH to run that particular executable.

> This is clearly described in the article.

It really isn't, IMO; if you don't have precise knowledge of the protocols involved, I don't think anything in the article particularly spells this out.

buckminster7y ago

Yes, but once you've updated the git protocol, ssh support comes for free. Having one mechanism is simpler than having two. And as your sibling notes, setting env vars from ssh has disadvantages. So why bother?

Boulth7y ago

> Server-side filtering of references

I wonder if this will be somehow exposed by git daemon. It could be used for easy per ref access controls.

For example Git Switch [0] that uses Macaroons had to clone the repository to implement per ref ACL.

[0]: https://github.com/rescrv/gitswitch

ksec7y ago

I thought google uses hg, have they switched over to git as well?

seabrookmx7y ago

For all the "big" Google projects they use a proprietary system called piper.

I think all their open-source stuff (Angular, GoLang, Android) uses git (and sometimes Gerrit).

Although given Google's scale, I'm sure there's some teams/projects that use Mercurial.

ngoldbaum7y ago

In fact, developers are allowed to use whichever VCS tool they want on their local machine (or on the online coding in the cloud CitC environment). Some opt to use hg. The canonical repo is in piper though, so the hg commits or git commits get converted before they land.

kardianos7y ago

Gerrit is a review server that uses git. In fact, Gerrit now stores the majority of information in git itself for all the information it uses.

So for Google external projects, they use git.

> Although given Google's scale, I'm sure there's some teams/projects that use Mercurial.

I doubt it. Their tooling is probably pretty specific, and now that code.google.com has shut down, they probably don't have any review servers that support it.

pjmlp7y ago

Go started on Mercurial and then eventually moved into Git.

[1] https://sourceforge.net/projects/sourcepuller/

hartator7y ago

Is Git a Google project now?

jkaplowitz7y ago

No, but many of the core contributors are employed by Google and spend time on it as part of their day job (with Google's knowledge and permission). This post straddles both the open source part of their jobs and the "Git deployment at Google" part.

s2g7y ago

BRB switching to Mercurial

Ericson23147y ago

This is disgusting. So little forsight in the past... At least the outcome of quite useful.

jonknee7y ago

Ah yes, how disgusting that the developers of this free software that I've done nothing for except use for years made an unfortunate decision a decade ago.

needz7y ago

IIRC, they were in a serious time crunch when they drafted/made git. I can't remember the whole story...

tytso7y ago

At the time Linus was the sole author/contributor of git, and he needed a replacement for BitKeeper in a hurry. BitKeeper had been made unavailable for Linux kernel development because the proprietor of BitKeeper was really unhappy that Tridge had reverse engineered the protocol and created an open-source client[1] which could talk to the Bitkeeper server. Linus created the first version of git sufficient to do a kernel commit in ten days[2].

[2] https://www.linuxfoundation.org/blog/10-years-of-git-an-inte...

(As Tridge tells the story[3], he telnet'ed to the bk port and typed "help" so it wasn't that much of a reverse engineering effort. :-)

[3] https://lwn.net/Articles/132938/

jimmy17y ago

And really, like other famous software that people love to heap shade w.r.t how awful it is focusing only on it's warts instead of the immense productivity realized as a result, git really does have some nice parts and it was the best option for a while. The fundamental concepts of git is really not that hard to understand -- it's fundamental architectural model is event sourcing, and it's fundamental data structure is a DAG. Those are pretty good choices.

I personally have stuck to kind of basic git usages (call it "Git: The Good Parts" if you will), and have never had the problems people claim to have with git. It just has always worked, and it has always been there for me.

mc427y ago

I thought Linus Torvalds was almost wholly responsible for the initial development of git? Even so, everything, especially software, is easier in hindsight....

https://git-scm.com/book/en/v2/Getting-Started-A-Short-Histo...

ktsmith7y ago

Using BitKeeper as the SCM for the Linux kernel always seemed like a bad idea and when issues between the company and the community peaked git was created.

wereHamster7y ago

s/they/he/. It was Linus himself who alone created git, within a few weeks (two or three). At first it was just a handful of shell scripts, but it was self-hosting pretty early on.

s2g7y ago

oh neat, and it's on a google blog.

That's great. Another subtle reminder that this ad company has way too much control.

GauntletWizard7y ago

Interesting that they took to the Google blog to announce this; is there a corresponding LKML post?

jkaplowitz7y ago

Why LKML? Despite Git's origins from and use by the Linux project, it isn't especially tied to it now.

LKML would presumably be the place for Linux to announce when they adopt this.

The Google open source blog is among the several credible options for this post, since Google employs much of the core Git team, and this post discusses their experience deploying Git protocol v2 at Google.

As noted in the blog text, it's not in a released version of Git yet, just Git master branch. So maybe it'll appear on a dedicated Git announcement list, if any, once that happens.

joatmon-snoo7y ago

Junio posts on the list when there's a new release, e.g. https://public-inbox.org/git/xmqqwoxw6kkk.fsf@gitster-ct.c.g...

It seems that https://groups.google.com/forum/#!forum/git-packagers is the closest thing to a formal announcement list that there is.

Analemma_7y ago

> support for v2 was recently merged to Git's master branch and is expected to be part of Git 2.18

Not yet, but presumably there will be a post like this: https://lkml.org/lkml/2018/4/2/425 when it is released. It is strange that the Google Blog is the first place to announce it through.

tgummerer7y ago

As mentioned in another comment, protocol v2 was implemented by a Google employee, and they decided to write a blog post about it. This is not an official git announcement.

u801e7y ago

I found a mention of it in a "what's cooking" post on the git mailing list (Message-ID <xmqqvabm6csb.fsf@gitster-ct.c.googlers.com>). But I can't find a direct link on gmane.com right now.

gpvos7y ago

Git didn't have a proper version number or extensibility field in its protocol? That's quite a bit of hubris.

zeroxfe7y ago

Or, more likely, an oversight.

gpvos7y ago

Hmm, I haven't designed very many data formats or wire protocols, and I won't claim I got it right any of those times, but I included some kind of extension possibility every time.

[1] https://en.m.wikipedia.org/wiki/Junio_Hamano

j / k navigate · click thread line to collapse

163 comments

oneeyedpigeon7y ago

The current (and pretty much only, ever, despite Linus having been the creator) maintainer of git is a google employee [1], in case anyone else was wondering.

chrisseldo7y ago

>"Linus Torvalds said in 2012 that one of his own biggest successes was recognizing how good a developer Hamano was on Git, and trusting him to maintain it."

kumarharsh7y ago

I came across this email from Linus announcing the handover: https://lwn.net/Articles/145123/

It's interesting how the first ever git project itself was looking for new maintainer almost as soon as it was created.

vga8057y ago

wow! what an accolade

AdmiralAsshat7y ago

Thanks, that really helps.

As an open-source advocate, my first thought was, "Why the hell is Google releasing a version of a protocol that Linus Torvalds wrote?"

Without that context, it would be like Google throwing up an announcement, "Introducing Google's Linux Kernel 5.0!"

skywhopper7y ago

fiatjaf7y ago

That may seen odd, but it could happen in a open-source world: multiple parties releasing different versions of the same piece of software and calling it the same.

Ceezy7y ago

Same here. I was like, "If there are about to drop 3 versions at the same time like angular, I need to you use SVN ASAP".

Retroity7y ago

Non-Mobile link for those on desktop: https://en.wikipedia.org/wiki/Junio_Hamano

Cynddl7y ago

The mobile version of Wikipedia works perfectly fine in a browser. I personally prefer it for readability.

https://opensource.google.com/projects/list/featured

biohax20157y ago

Fun fact: if you google “git blame” it returns his wikipedia entry.

ojosilva7y ago

Alright, I was wondering why this was published on the Google Opensource website. I had no idea. Yet, the Git project itself has not been published under their umbrella.

willnorris7y ago

We currently only list project that are or were primarily developed by Google. We decided to include projects that started at Google and were since donated to foundations, such as Kubernetes.

avar7y ago

One of the places it's hosted at is https://kernel.googlesource.com/pub/scm/git/git

See the list of URLs at https://public-inbox.org/git/xmqqindt6g1r.fsf@gitster.mtv.co...

simias7y ago

cesarb7y ago

icebraining7y ago

It's an universal truth: if you want to keep something from jamming up, you need to exercise it. It's true for the human body, for machine parts and for protocol features.

nneonneo7y ago

Per the TLS 1.3 RFC:

It's really too bad that the version field can't be used as a version field anymore, but thankfully the "extension" format is pretty flexible in that regard.

apple4ever7y ago

In my opinion, they should break things that misuse the version field. Then maybe the makers will learn to develop properly.

CGamesPlay7y ago

What would break? Are you saying a TLS 1.3 client would not be able to connect to a TLS 1.2 server because the version request would cause the server to reject the client?

https://tools.ietf.org/html/draft-ietf-dnsop-no-response-iss...

Too7y ago

    Unfortunately due to a bug introduced in 2006 we aren't
    able to place any extra arguments (separated by NULs) other
    than the host because otherwise the parsing of those
     arguments would enter an infinite loop.

bronson7y ago

It's been fixed for almost a decade. You're asking for a retroactive CVE?

You can read about their fix by clicking the next link in the article.

bluejekyll7y ago

DNS has no version field. I'm torn as to the choice here. On the one hand, DNS is backwards compatible with everything.

EDNS is the only way to extend the protocol now, which is basically just adding additional Records to the Message that are designated as Extended DNS records, and treated specially.

jburgess7777y ago

The IETF is working on a document which describes many reasons why DNS may stop working. EDNS related issue are in section 3.2:

2] https://tools.ietf.org/html/draft-ietf-dnsop-session-signal

oripring7y ago

The message header hasn't been fully exhausted yet. Beyond the spare bit[1] in the header there is unassigned OPCODE values which can be used to bend the format in new ways[2].

1] It was briefly used experimentally if I recall

avar7y ago

The specification of the v2 protocol is here: https://github.com/git/git/blob/master/Documentation/technic...

xorcist7y ago

If you are to link to a git repo, don't link to some unoffical mirror. That would just confuse search engines.

The specificiation of the v2 protocol is here: https://git.kernel.org/pub/scm/git/git.git/tree/Documentatio...

(There are a couple of repos listed as official mirrors, such as the googlesource.com one, but the one you linked to isn't one of them.)

avar7y ago

The repository I linked to is official. See https://public-inbox.org/git/xmqqindt6g1r.fsf@gitster.mtv.co...

What list are you referring to? If it doesn't list the one on GitHub it needs to be fixed.

[1] https://github.com/git-lfs/git-lfs/wiki/Implementations

Someone12347y ago

Too bad they didn't make Git LFS part of Version 2[0]. Most vendors[2] support LFS already but because it isn't required, some still lack it and its support cannot be assumed.

[0] https://git-lfs.github.com/

icebraining7y ago

I say that's LFS' fault. Why do you even need a custom server? It should just be able to use any ol' file server or S3-API compatible service, and do everything on the client side.

I find git-annex a much better solution, it's a shame everyone went with LFS.

rspeer7y ago

xorcist7y ago

What kind of changes to the wire protocol would help git-lfs? It seems to have no specific dependencies on protocol features.

If standard git ever implements shallow blob fetching, it would preferrably make git-lfs obsolete rather than help it.

eridius7y ago

Requiring Git-LFS support would be rather problematic for anyone who self-hosts git repos over SSH.

Someone12347y ago

They'd just stick to Protocol 1

_ikke_7y ago

Git LFS is not part of core-git, but an extension built and maintained by github, and the code lives outside of the git tree, so it cannot be a required part of the protocol.

Someone12347y ago

> Git LFS is not part of core-git

I know, that's what I am suggesting should change in version 2.0. It is a widely supported popular extension that solves a major pain point for Git, most vendors have adopted it.

New things can absolutely be required as part of a new protocol version, in fact this blog post lists several new things that will be new in 2.0 and beyond.

See https://github.com/git/git/blob/master/Documentation/Submitt...

49bc7y ago

I wouldn't be so sure. They said one of the motivations was to "unblocking the path to more wire protocol improvements in the future".

xenomachina7y ago

> but because it is required

Just to confirm, but you meant "because it is not required", right?

Someone12347y ago

Right. Edited.

lsiebert7y ago

I'm a very (very) minor contributor to git.

If you are at all interested in hacking on Git, it's not that difficult. Knowing C and portable shell scripting for writing tests are the big things.

One sticking point, you need to submit patches to the mailing list, you can't just do a github pull request.

I still see github pull requests rather frequently, even though they have never been allowed. All discussion AND patches go through the mailing list, much like the linux kernel.

pm2157y ago

ImJasonH7y ago

Totally agree! I made nopullrequests.com to help solve this.

[1] https://public-inbox.org/git/CAJo=hJtZ_8H6+kXPpZcRCbJi3LPuuF...

newscracker7y ago

Confiks7y ago

cpburns20097y ago

Wait, why was this posted by Google? I thought Git was made by Linus Torvalds.

hk__27y ago

Git was created by Linus Torvalds, but out of the 50k+ commits on the repo, only 250 or so are from him, with only 14 in the past 6 years. [1]

[1] https://github.com/git/git/graphs/contributors?from=2012-03-...

sdesol7y ago

Here is a more detailed analysis, which shows all contributors:

https://public.gitsense.com/insight/github?r=git/git#b%3Dgit...

These are contributions by Linus:

https://public.gitsense.com/insight/github?r=git/git#b%3Dgit...

and as you can see, his contributions, really tapered off after 2010, while contributions from Hamano remained steady from 2008 to present date, as shown below:

https://public.gitsense.com/insight/github?r=git/git#b%3Dgit....

Semaphor7y ago

> Linus Torvalds said in 2012 that one of his own biggest successes was recognizing how good a developer Hamano was on Git, and trusting him to maintain it.

tgummerer7y ago

It's because a Google employee implemented protocol v2, and wrote a post about it.

euyyn7y ago

Opensource though.

rwmj7y ago

Is there a git protocol variant that allows the client to avoid downloading objects that it already has stored locally in another repository or cache?

Boulth7y ago

Have you seen alternates? https://stackoverflow.com/questions/36123655/what-is-the-git...

nothrabannosir7y ago

You could literally link the two object directories?

I just tried this and it seems to work:

  git clone git://github.com/git/git
  mkdir git2
  cd git2
  git init
  cd .git/
  rm -rf objects
  ln -s ../../git/.git
  cd ../
  git remote add origin git://github.com/git/git
  git fetch # returned without downloading anything
  git checkout master
  ls # etc.

If you seriously want to use this, you'll probably want to hard link the contents, instead. But iirc git clone from local disk already does that, for you?

In short: clone your local copy and taking it from there?

falsedan7y ago

You can also use alternates:

  echo ../../../git/.git/objects >> git2/.git/objects/info/alternates

or use the original as a reference:

  git clone --reference git git://github.com/git/git git2

This sets up the alternates for you.

wereHamster7y ago

There's git command for that: https://git-scm.com/docs/git-worktree

Bjartr7y ago

Maybe this project could work for you?

https://github.com/jonasmalacofilho/git-cache-http-server

andrewaylett7y ago

buckminster7y ago

AIUI, the git ssh protocol is just the git protocol tunnelled through ssh. So why do they need different mechanisms for signalling V2?

_wmd7y ago

This isn't even theoretical, there was an environment-related bug not 5 years ago involving Git. At least BitBucket was impacted, I think GitHub were patched before it was announced

simias7y ago

I don't think that answers the parent's question, if the update was in the git protocol itself (encapsulated in the SSH session) then you wouldn't have to change anything at the SSH level.

As you point out selectively allowing a new environment variable could open a can of worms for shared hosts like github if they mess up their implementation.

xyzzyz7y ago

Because if you tunnel through ssh, you can signal v2 using ssh mechanism of setting environment variables. If you don't tunnel, you don't have this option. This is clearly described in the article.

deathanatos7y ago

> a single packet-line which includes the requested service (git-upload-pack for fetches and git-receive-pack for pushes)

which in SSH would be done not by transmitting that packet-line but by instructing SSH to run that particular executable.

> This is clearly described in the article.

It really isn't, IMO; if you don't have precise knowledge of the protocols involved, I don't think anything in the article particularly spells this out.

buckminster7y ago

Boulth7y ago

> Server-side filtering of references

I wonder if this will be somehow exposed by git daemon. It could be used for easy per ref access controls.

For example Git Switch [0] that uses Macaroons had to clone the repository to implement per ref ACL.

[0]: https://github.com/rescrv/gitswitch

ksec7y ago

I thought google uses hg, have they switched over to git as well?

seabrookmx7y ago

For all the "big" Google projects they use a proprietary system called piper.

I think all their open-source stuff (Angular, GoLang, Android) uses git (and sometimes Gerrit).

Although given Google's scale, I'm sure there's some teams/projects that use Mercurial.

ngoldbaum7y ago

kardianos7y ago

Gerrit is a review server that uses git. In fact, Gerrit now stores the majority of information in git itself for all the information it uses.

So for Google external projects, they use git.

> Although given Google's scale, I'm sure there's some teams/projects that use Mercurial.

I doubt it. Their tooling is probably pretty specific, and now that code.google.com has shut down, they probably don't have any review servers that support it.

pjmlp7y ago

Go started on Mercurial and then eventually moved into Git.

[1] https://sourceforge.net/projects/sourcepuller/

hartator7y ago

Is Git a Google project now?

jkaplowitz7y ago

s2g7y ago

BRB switching to Mercurial

Ericson23147y ago

This is disgusting. So little forsight in the past... At least the outcome of quite useful.

jonknee7y ago

Ah yes, how disgusting that the developers of this free software that I've done nothing for except use for years made an unfortunate decision a decade ago.

needz7y ago

IIRC, they were in a serious time crunch when they drafted/made git. I can't remember the whole story...

tytso7y ago

[2] https://www.linuxfoundation.org/blog/10-years-of-git-an-inte...

(As Tridge tells the story[3], he telnet'ed to the bk port and typed "help" so it wasn't that much of a reverse engineering effort. :-)

[3] https://lwn.net/Articles/132938/

jimmy17y ago

mc427y ago

I thought Linus Torvalds was almost wholly responsible for the initial development of git? Even so, everything, especially software, is easier in hindsight....

https://git-scm.com/book/en/v2/Getting-Started-A-Short-Histo...

ktsmith7y ago

Using BitKeeper as the SCM for the Linux kernel always seemed like a bad idea and when issues between the company and the community peaked git was created.

wereHamster7y ago

s/they/he/. It was Linus himself who alone created git, within a few weeks (two or three). At first it was just a handful of shell scripts, but it was self-hosting pretty early on.

s2g7y ago

oh neat, and it's on a google blog.

That's great. Another subtle reminder that this ad company has way too much control.

GauntletWizard7y ago

Interesting that they took to the Google blog to announce this; is there a corresponding LKML post?

jkaplowitz7y ago

Why LKML? Despite Git's origins from and use by the Linux project, it isn't especially tied to it now.

LKML would presumably be the place for Linux to announce when they adopt this.

As noted in the blog text, it's not in a released version of Git yet, just Git master branch. So maybe it'll appear on a dedicated Git announcement list, if any, once that happens.

joatmon-snoo7y ago

Junio posts on the list when there's a new release, e.g. https://public-inbox.org/git/xmqqwoxw6kkk.fsf@gitster-ct.c.g...

It seems that https://groups.google.com/forum/#!forum/git-packagers is the closest thing to a formal announcement list that there is.

Analemma_7y ago

> support for v2 was recently merged to Git's master branch and is expected to be part of Git 2.18

Not yet, but presumably there will be a post like this: https://lkml.org/lkml/2018/4/2/425 when it is released. It is strange that the Google Blog is the first place to announce it through.

tgummerer7y ago

As mentioned in another comment, protocol v2 was implemented by a Google employee, and they decided to write a blog post about it. This is not an official git announcement.

u801e7y ago

I found a mention of it in a "what's cooking" post on the git mailing list (Message-ID <xmqqvabm6csb.fsf@gitster-ct.c.googlers.com>). But I can't find a direct link on gmane.com right now.

gpvos7y ago

Git didn't have a proper version number or extensibility field in its protocol? That's quite a bit of hubris.

zeroxfe7y ago

Or, more likely, an oversight.

gpvos7y ago

Hmm, I haven't designed very many data formats or wire protocols, and I won't claim I got it right any of those times, but I included some kind of extension possibility every time.