From 29974b4fba683ee3a2f7643d34f1606a789afaf2 Mon Sep 17 00:00:00 2001
From: Yuvi Panda <yuvipanda@gmail.com>
Date: Tue, 7 Aug 2018 17:57:19 -0700
Subject: [PATCH] Recommend using '**' to encrypt entire directories

gitattributes now supports '**' to mean 'entire subtree'.
Using '*' instead of '**' is an easy mistake to make with pretty
bad consequences. Hopefully this added emphasis will make
it less likely users make the mistake.
---
 README.md | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index d24517a..dd5730e 100644
--- a/README.md
+++ b/README.md
@@ -31,6 +31,7 @@ Specify files to encrypt by creating a .gitattributes file:
 
     secretfile filter=git-crypt diff=git-crypt
     *.key filter=git-crypt diff=git-crypt
+    secretdir/** filter=git-crypt diff=git-crypt
 
 Like a .gitignore file, it can match wildcards and should be checked into
 the repository.  See below for more information about .gitattributes.
@@ -150,14 +151,9 @@ specifying merely a directory (e.g. `/dir/`) is *not* sufficient to
 encrypt all files beneath it.
 
 Also note that the pattern `dir/*` does not match files under
-sub-directories of dir/.  To encrypt an entire sub-tree dir/, place the
-following in dir/.gitattributes:
+sub-directories of dir/.  To encrypt an entire sub-tree dir/, use `dir/**`:
 
-    * filter=git-crypt diff=git-crypt
-    .gitattributes !filter !diff
-
-The second pattern is essential for ensuring that .gitattributes itself
-is not encrypted.
+    /dir/** filter=git-crypt diff=git-crypt
 
 Mailing Lists
 -------------