)]}'
{
  "commit": "49e268e23e313e8c6b009cd8ebbbaae4316cf6cc",
  "tree": "db82b939fb76d4c36784610011f8b48ebff5a0c2",
  "parents": [
    "224c7d70fa14ed44d8e7e3ce1e165e05b7b23725"
  ],
  "author": {
    "name": "Johannes Schindelin via GitGitGadget",
    "email": "gitgitgadget@gmail.com",
    "time": "Thu Jan 09 13:30:34 2020 +0000"
  },
  "committer": {
    "name": "Junio C Hamano",
    "email": "gitster@pobox.com",
    "time": "Fri Jan 10 12:29:07 2020 -0800"
  },
  "message": "mingw: safeguard better against backslashes in file names\n\nIn 224c7d70fa1 (mingw: only test index entries for backslashes, not tree\nentries, 2019-12-31), we relaxed the check for backslashes in tree\nentries to check only index entries.\n\nHowever, the code change was incorrect: it was added to\n`add_index_entry_with_check()`, not to `add_index_entry()`, so under\ncertain circumstances it was possible to side-step the protection.\n\nBesides, the description of that commit purported that all index entries\nwould be checked when in fact they were only checked when being added to\nthe index (there are code paths that do not do that, constructing\n\"transient\" index entries).\n\nIn any case, it was pointed out in one insightful review at\nhttps://github.com/git-for-windows/git/pull/2437#issuecomment-566771835\nthat it would be a much better idea to teach `verify_path()` to perform\nthe check for a backslash. This is safer, even if it comes with two\nnotable drawbacks:\n\n- `verify_path()` cannot say _what_ is wrong with the path, therefore\n  the user will no longer be told that there was a backslash in the\n  path, only that the path was invalid.\n\n- The `git apply` command also calls the `verify_path()` function, and\n  might have been able to handle Windows-style paths (i.e. with\n  backslashes instead of forward slashes). This will no longer be\n  possible unless the user (temporarily) sets `core.protectNTFS\u003dfalse`.\n\nNote that `git add \u003cwindows-path\u003e` will _still_ work because\n`normalize_path_copy_len()` will convert the backslashes to forward\nslashes before hitting the code path that creates an index entry.\n\nThe clear advantage is that `verify_path()`\u0027s purpose is to check the\nvalidity of the file name, therefore we naturally tap into all the code\npaths that need safeguarding, also implicitly into future code paths.\n\nThe benefits of that approach outweigh the downsides, so let\u0027s move the\ncheck from `add_index_entry_with_check()` to `verify_path()`.\n\nSigned-off-by: Johannes Schindelin \u003cjohannes.schindelin@gmx.de\u003e\nSigned-off-by: Junio C Hamano \u003cgitster@pobox.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "5baf652a5476946b1c56dc59d262d51b6dd8fa59",
      "old_mode": 33188,
      "old_path": "read-cache.c",
      "new_id": "f9c8f1948af7605606e43855e76c1699537e2a4e",
      "new_mode": 33188,
      "new_path": "read-cache.c"
    },
    {
      "type": "modify",
      "old_id": "7ae0dc8ff47ee763089284784e6acdbbdbdb4625",
      "old_mode": 33261,
      "old_path": "t/t7415-submodule-names.sh",
      "new_id": "f70368bc2e9d42cc578ed4b46edac324bd1dddf1",
      "new_mode": 33261,
      "new_path": "t/t7415-submodule-names.sh"
    }
  ]
}