mirror of
https://github.com/git/git.git
synced 2026-02-13 11:21:10 +00:00
268d5bc2b2
The "git push --signed" protocol extension did not limit what the "nonce" that is a server-chosen string can contain or how long it can be, which was unnecessarily lax. Limit both the length and the alphabet to a reasonably small space that can still have enough entropy. * jc/push-cert: push --signed: tighten what the receiving end can ask to sign
13 KiB
13 KiB