Michael Stapelberg ๐Ÿง๐Ÿน๐Ÿ˜บFeb 6

PSA: Did you know that itโ€™s **unsafe** to put code diffs into your commit messages?

Like https://github.com/i3/i3/pull/6564 for example

Such diffs will be applied by patch(1) (also git-am(1)) as part of the code change!

This is how a sleep(1) made it into i3 4.25-2 in Debian unstable.

Show threadDecaturNatureFeb 6
@zekjur is this a GitHub feature? Or something Debian developers set up? Or something in Git itself?
Show threadJason OrendorffFeb 6
@DecaturNature I think this must be a git-am thing. Absolutely wild.
Show threadJason Orendorff

@DecaturNature to be clear: github doesn't apply patches to your code.* The way `git push` works is not based on patches. That is, as the level of surprise in the original post suggests, not how any of this works.

But `patch` and `git-am` do take arbitrary text input and apply it as a patch, and patches are not a good data format. `patch` for sure can be tricked.

*see next message

Feb 6 at 2:56pmWeb
Show threadJason OrendorffFeb 6

@DecaturNature Exception: github does apply patches in case of rebase/merge, but those are patches specifically generated by diffing trees, never patches provided by users (much less commit messages).

I'm not sure we even do that using any kind of custom code - probably we just use git.

I'm a GitHub employee.

To quibble with the framing of the original: the unsafe behavior is using `patch` to apply patches - good reminder to be super careful doing that. yow

Show threadDecaturNatureFeb 6
@jorendorff Thanks for the explanation. I'm not a very sophisticated git user and have not encountered these features. I'll be wary if and when I do.