summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Documentation/getting_started/gerrit_guidelines.md6
-rw-r--r--Documentation/tutorial/part2.md4
2 files changed, 7 insertions, 3 deletions
diff --git a/Documentation/getting_started/gerrit_guidelines.md b/Documentation/getting_started/gerrit_guidelines.md
index 8c91615604..68b5cc43c0 100644
--- a/Documentation/getting_started/gerrit_guidelines.md
+++ b/Documentation/getting_started/gerrit_guidelines.md
@@ -193,8 +193,10 @@ the wip flag:
* When pushing patches that are not for submission, these should be marked
as such. This can be done in the title ‘[DONOTSUBMIT]’, or can be pushed as
private changes, so that only explicitly added reviewers will see them. These
-sorts of patches are frequently posted as ideas or RFCs for the community
-to look at. To push a private change, use the command:
+sorts of patches are frequently posted as ideas or RFCs for the community to
+look at. Note that private changes can still be fetched from Gerrit by anybody
+who knows their commit ID, so don't use this for sensitive changes. To push
+a private change, use the command:
git push origin HEAD:refs/for/master%private
* Multiple push options can be combined:
diff --git a/Documentation/tutorial/part2.md b/Documentation/tutorial/part2.md
index 4ac857473d..964057e7ec 100644
--- a/Documentation/tutorial/part2.md
+++ b/Documentation/tutorial/part2.md
@@ -173,7 +173,9 @@ When you are done with your commit, run `git push` to push your commit to
coreboot.org. **Note:** To submit as a private patch, use
`git push origin HEAD:refs/for/master%private`. Submitting as a private patch
means that your commit will be on review.coreboot.org, but is only visible to
-yourself and those you add as reviewers.
+yourself and those you add as reviewers. This mode isn't perfect: Somebody who
+knows the commit ID can still fetch the change and everything it refers (e.g.
+parent commits).
This has been a quick primer on how to submit a change to Gerrit for review
using git. You may wish to review the [Gerrit code review workflow