Skip to content

GitLab Next

    • GitLab: the DevOps platform
    • Explore GitLab
    • Install GitLab
    • How GitLab compares
    • Get started
    • GitLab docs
    • GitLab Learn
  • Pricing
  • Talk to an expert
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
    • Menu
    Projects Groups Snippets
  • Get a free trial
  • Sign up
  • Login
  • Sign in / Register
  • GitLab GitLab
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 42,950
    • Issues 42,950
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 1,385
    • Merge requests 1,385
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
    • Test Cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages & Registries
    • Packages & Registries
    • Package Registry
    • Container Registry
    • Infrastructure Registry
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar

GitLab 15.0 is launching on May 22! This version brings many exciting improvements, but also removes deprecated features and introduces breaking changes that may impact your workflow. To see what is being deprecated and removed, please visit Breaking changes in 15.0 and Deprecations.

  • GitLab.org
  • GitLabGitLab
  • Issues
  • #27828
Closed
Open
Created Apr 03, 2019 by James Ramsay (ex-GitLab)@jramsay-gitlab🔴Contributor

Re-enable Git protocol v2

Problem to solve

The Git wire protocol version 1 is not bandwidth efficient when large numbers of refs exist on the server, and are therfore advertised. This can significantly increase the data transferred from the server to the client for small operations.

Early versions of Git supporting protocol v2 had an issue where hidden refs were not respected https://gitlab.com/gitlab-org/gitlab-ce/issues/55769, creating performance and security problems. GitLab disabled support for protocol v2.

Further details

The security issue has since been resolved in Git 2.21.0

  • The v2 upload-pack protocol implementation failed to honor hidden-ref configuration, which has been corrected. (merge e20b4192a3 jk/proto-v2-hidden-refs-fix later to maint).

https://github.com/git/git/blob/master/Documentation/RelNotes/2.21.0.txt#L293-L295

Proposal

Add a feature flag to control support for protocol v2 for Git versions 2.21.0 and above.

A feature flag is necessary in case further security issues are identified in the new protocol.

Links / references

Edited Aug 05, 2019 by James Ramsay (ex-GitLab)
Assignee
Assign to
Time tracking