High-risk tools in Jj
6 of the 55 tools in Jj are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
bookmark-forgetExecuteForget a bookmark in a Jujutsu (jj) repository without marking it as a deletion to be pushed. Parameters: names (Names of bookmarks to forget), repoPath (Optional path to repo r...
-
config-unsetExecuteUnset a config option in a Jujutsu (jj) repository. Removes from either user or repo config file. Parameters: name (Name of config option to unset), user (Optional flag to unset...
-
editExecuteSets the specified revision as the working-copy revision in a Jujutsu (jj) repository. Note: it is generally recommended to instead use
-
file-untrackExecuteStop tracking specified paths in the working copy of a Jujutsu (jj) repository. The paths must already be ignored via .gitignore or other ignore rules. Parameters: paths (Paths ...
-
operation-undoExecuteCreate a new operation that undoes an earlier operation in a Jujutsu (jj) repository. Applies the inverse of the specified operation. Parameters: operation (Operation to undo, d...
-
rebaseExecuteRebase one or more revisions onto a different parent revision in a Jujutsu (jj) repository. Commonly used to move changes to a new base or to clean up commit history. Parameters...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.