Answer

This seems to be related to this announcement of a vulnerability: https://github.blog/2022-04-12-git-security-vulnerability-announced/

I think it has less to do with your email, and more with the owner of the directories on your filesystem. Is the user you're currently logged in with also the owner of the folder? How about the parent folder? Also, are you invoking git from within the repository directory? The update is only a few hours old, so I guess things are still in flux.

For now, as the message from git suggests, execute

git config --global --add safe.directory F:/GitHub/my-project

and make sure you are calling git from within F:/GitHub/my-project for now.

EDIT: As we found out in the comments below, the owner of the parent of the directory containing the .git folder (the git repository) is the issue.
Cloning the project anew is a platform independent way to make sure you are the owner.

Sidenote

I ran into the same problem using flutter on Linux, which on my distro was installed in /opt/flutter. I am not working as root, thus I run into the same problem. Running git config --global --add safe.directory /opt/flutter did indeed fix the problem for me.

Longer edit: Clarification

Going through the post about the vulnerability again after a good night's sleep, I think a bit of clarification is in order. I'll leave the rest of the answer as is.
Lets look at the following simple directory structure.

/home/
├─ tommy/
│  ├─ .git/
│  ├─ rental_space/
│  │  ├─ mary/
│  │  │  ├─ projects/
│  │  │  │  ├─ phone_app/
│  │  │  │  │  ├─ .git/
│  │  ├─ anthony/

In this case, the user tommy owns his own directory under /home, but (for some reason) rents out space to other users, in this case mary and anthony.
If mary, by mistake, where to execute git in her directory, but outside of her phone_app project, then old git would go up the directory tree to search a .git repository. The first it finds is the one from /home/tommy/.git. This is a security risk, because another user, in this case anyone that can act as tommy, can affect mary's execution of git and possibly cause trouble.
From Git v2.35.2 and onward, the traversal will stop as soon as the directory entered belongs to a user other than mary. Say mary executed git in /home/tommy/rental_space/mary/projects, then git will check in projects, but find no .git. It will go up one directory, check in mary, but again find no .git. Then it will again go up, but rental_space belongs to tommy, not mary. The new git version will stop here and print the message we saw in the question.
Adding the directory /home/tommy/rental_space to the safe.directory variable would allow git to proceed but is, as explained, a security risk.

I used a Linux-like directory structure here, but the same is true on Windows.

As @derpda said, it's related to a Git security vulnerability that has been fixed.

On Linux, at least, you can fix the problem by ensuring that the parent folder of the Git repository is owned by you. There isn't any need to add the safe.directory configuration setting if you can set the folder ownership appropriately.

If you need different ownership (e.g., working on a service that runs as a different user), then add your folder to the multi-value safe.directory configuration setting:

git config --global --add safe.directory /path/to/project

I found the same issue on Windows after upgrading to version 2.35.2.windows.1.

I was able to fix it by taking ownership of the folder containing the .git folder and all the files in it.

This is the command assuming you already are in the repository folder:

takeown.exe /f . /r

Note: if you have multiple repository folders inside a work folder, you may want to take ownership of the work folder and its subfolders recursively. It takes more time to execute, but you only need to do this once.

The command would look like this under cmd.exe:

takeown.exe /f C:\Users\%USERNAME%\Work /r

Or like this under powershell.exe or pwsh.exe:

takeown.exe /f $HOME\Work /r

On windows, I use this

git config --global --add safe.directory *

or

git config --global --replace-all safe.directory *

Adding this here since it seems no-one else has, and it helped me. You can set this system-wide by running as root with --system instead of --global, eg:

sudo git config --system --add safe.directory '*'

For (mainly) Visual Studio 2022 users:

This is my setup:

• Git version 2.36.0.windows.1
• Mounted SMB network share from my NAS \\MyNas\User as X:\
• The remote branch was cloned into a directory on X:\.
• My NAS and PC are not in the same domain.
• My IDE: Visual Studio 2022 Enterprise 17.2.0 Preview 4.0 (latest)

The issue so far:

Since my NAS and PC are not in the same domain, I cannot set my PC user as the owner of the NAS directory.

When opening the repository in Visual Studio, this error showed up in the console:

Opening Repository:
X:\Repo
Git failed with a fatal error.
fatal: unsafe repository ('//MyNas/User/Repo' is owned by someone else)
To add an exception for this directory, call:

    git config --global --add safe.directory '%(prefix)///MyNas/User/Repo'

After long testing:

The issue was the portable Git installation of Visual Studio, which had the version 2.35.2. Visual Studio, even when the component "Git for Windows" was unchecked, still used its own Git-installation instead of my global Git installation.

The solution:

1. Add the repository directory as a safe directory with the recommended command:

   git config --global --add safe.directory '%(prefix)///MyNAS/User/Repo'
   
   # Or just trust any directory (not really recommended)
   git config --global --add safe.directory *
   

2. Update the Git-Version which Visual Studio uses. (I just took the files from the global Git installation located in C:\Program Files\Git\mingw64\bin and pasted them to C:\Program Files\Microsoft Visual Studio\2022\Preview\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer\Git\mingw64\bin)

Maybe an alternative of copy/pasting files, would be to make Visual Studio use the global installation of Git, like described in this Stack Overflow question: Configure Visual Studio to use system-installed Git.exe.
Note: I have not tested this alternative, since I already overwrote the Git files in my Visual Studio installation directory.

Key notes:

• Latest Git version (2.36.0) supports safe/trusted directories.
• Make sure your IDE is using the latest version of Git.

I had a local repository at my Windows PC mapped to a network folder:

n:\folder

This points to

\windows-server\folder\working-folder

When I tried to do

n:\folder> git status

there came this known error:

fatal: unsafe repository ('//windows-server/folder/working-folder' is owned by someone else) To add an exception for this directory, call:

    git config --global --add safe.directory '%(prefix)///windows-server/folder/working-folder'

To change file permissions was not possible in my case. So I tried

git config --global --add safe.directory '%(prefix)///windows-server/folder/working-folder'

but this did not work. I had to remove the ''!

Solution:

git config --global --add safe.directory %(prefix)///windows-server/folder/working-folder

For those working on an NTFS mounted file system (probably a shared data drive with Windows), you can edit your mount options in /etc/fstab by appending defaults,uid=1000,gid=1000 to it. This is as by default; you can't permanently change the owner of .git in NTFS. These options will make everything owned by your current user (rather than by root).

For Ubuntu 20.xx Users Fix - 2022 UPDATE:

Updating Git with this PPA provides the latest stable upstream Git version fixed this issue.

sudo add-apt-repository ppa:git-core/ppa

sudo apt update

sudo apt install git

Ref: https://git-scm.com/download/linux

It happened to me, because I'd reinstalled my Windows system, and the owner of some repository folders are the old user in the former install. So Git won't let you use those folders directly.

You can check this by Properties → Security → Advanced → Owner. If the current owner is something like "S-1-blah-blah", then you encountered the same problem as me.

If you are sure you are the real owner of those folders, you can just use the takeown command:

cd F:/GitHub/
takeown /f *

The /r switch does not seem to be required for my case.

In Termux on Android, you have to add the actual git repo, not the parent directory.

git config --global --add safe.directory /storage/emulated/0/src/go2null-dotfiles

You can also disable the check.

git config --global --add safe.directory '*'

It seems Git 2.46.0 brings a new feature to fix exactly this problem.

Excerpt from the release notes:

The safe.directory configuration knob has been updated to optionally allow leading path matches.

Excerpt from the git config reference documentation:

Giving a directory with /* appended to it will allow access to all repositories under the named directory.

I run Visual Studio sometimes as Administrator and sometimes as a normal user. This leads to the problem.

Symptoms 1

In Visual Studio - when opening a local folder - it seems as if the code is no longer added to source control.

Opening a solution in Visual Studio 2019: The above messages appear in the Git output window for each project. Opening a solution in Visual Studio 2022: It just says One or more errors occurred..

Symptoms 2

When opening a normal command prompt in the parent folder of .git executing git log shows the message

fatal: unsafe repository ('C:/GIT/MyProject' is owned by someone else)
To add an exception for this directory, call:

    git config --global --add safe.directory C:/GIT/MyProject

There are no errors when executing any command in an Administrator command prompt.

Solution

Change the owner of the MyProject folder to the normal user. Afterwards everything works fine as normal user and also as Administrator.

On Ubuntu 20.04 (Focal Fossa) and Laravel Forge (user isolation):

I tried updating Git to 2.36 as recommended in previous answers, but this did not work. I tried the GitHub solution:

git config --global --add safe.directory GIT/MyProject

and also as recommended in a previous answer:

git config --global --add safe.directory '*'

None of these worked for me.

The only thing that worked was ensuring that the ownership of the parent directory and the project directory where folder .git is located has the same owner as explained by Tc Blaize.

I recently had the same problem, because I had to reinstall windows and copied the repository from the old system's drive.

A look at the security settings of the folders made clear that the "old users" id (the previous windows system) was set. Because the old user is unknown in the new system the dialog only showed the SID of the user.

Right click on folder -> Properties -> Security -> Advanced

After I changed the ownership to my actual user everything works fine again.

Don't forget to check the "Replace owner on subcontainers and objects". Otherwise only the acutal folder (git repo folder) will have the new ownership.

In my case, on an Ubuntu 20.04.4 system (Focal Fossa), the project folder had the ownership set to the application user, e.g., www-data:www-data, but the .git folder when initiated had its ownership set to root:root.

To fix this issue, I changed the ownership on my project folder to root:root so as to match its contents (including the .git folder). Then all Git actions started working as normal.

As a part of automation, our scenario involved invoking one script multiple times and we don't know the workspace upfront.

So, in our case, git config --global --add safe.directory * created multiple entries in ~/.gitconfig.

git config --global --replace-all safe.directory '*' helped us ensuring no duplicate entries.

I'm running Windows 11 and WSL and I was getting this error in Sourcetree. I made two mistakes initially -- running the command from WSL, and using quotes as Sourcetree suggested. Once I ran it from cmd at C:\Users\alyssa, and without quotes, it was putting the correct syntax in the correct .gitconfig file:

C:\Users\alyssa\.gitconfig:

[safe]
    directory = %(prefix)///wsl.localhost/Ubuntu/home/alyssa/my-repo

On Windows, when you create a folder from an elevated prompt, it gets the owner set to the Administrators group.

Then inside it, when you clone the repository using a non-elevated prompt, it gets you as an owner. It is enough to trigger a new Git validation.

Not only the safe.directory configuration knob has been updated to optionally allow leading path, as mentioned in Attila Csipak's answer, but Git 2.47 (Q4 2024), batch 5 normalizes that path:

See commit ee0be85, commit dc0edbb, commit 7f547c9, commit 1048aa8 (30 Jul 2024) by Junio C Hamano (gitster).
^{(Merged by Junio C Hamano -- gitster -- in commit 0ed3dde, 15 Aug 2024)}

safe.directory: normalize the configured path

^{Suggested-by: Phillip Wood
Helped-by: Jeff King}

The pathname of a repository comes from getcwd() and it could be a path aliased via symbolic links, e.g., the real directory may be /home/u/repository, but a symbolic link /home/u/repo may point at it, and the clone request may come as "git clone"^(man) file:///home/u/repo/

A request to check if /home/u/repository is safe would be rejected if the safe.directory configuration allows /home/u/repo/ but not its alias /home/u/repository/.
Normalize the paths configured for the safe.directory configuration variable before comparing them with the path being checked.

Two and a half things to note, compared to the previous step to normalize the actual path of the suspected repository, are:

• A configured safe.directory may be coming from .gitignore in the home directory that may be shared across machines.
  The path meant to match with an entry may not necessarily exist on all of such machines, so not being able to convert them to real path on this machine is not a condition that is worthy of warning. Hence, we ignore a path that cannot be converted to a real path.
• A configured safe.directory is essentially a random string that user throws at us, written completely unrelated to the directory the current process happens to be in.
  Hence it makes little sense to give a non-absolute path.
  Hence we ignore any non-absolute paths, except for ".".
• The safe.directory set to "." was once advertised on the list as a valid workaround for the regression caused by the overly tight safe.directory check introduced in 2.45.1; we treat it to mean "if we are at the top level of a repository, it is OK".
  (cf. mailing-list discussion).

For a network folder, git version 2.45.2.windows.1 tells me

To add an exception for this directory, call:
    
    git config --global --add safe.directory '%(prefix)///server/share/dir'

but this doesn't make the folder safe.

Replacing the single quotes with double quotes or, since there are no whitespaces, omitting the quotes fully, made it work.

The wildcard mentioned here doesn't work.

For Windows make sure your path is correct case

In case this helps anyone else. I found that I had used the wrong case for the drive letter. The git command needs to be copied verbatim including case. This means no trailing slash and identical case for every character.

I was using a Git UI client which displayed a message box with the command, so I couldn't copy paste. The first time I added I used Git Bash auto-complete for the file path and this used the wrong case.

I recommend checking the .gitconfig file after running the command to check it was added correctly.

Example:

fatal: unsafe repository ('F:/GitHub/my-project' is owned by someone else) To add an exception for this directory, call:

git config --global --add safe.directory F:/GitHub/my-project

Not correct:

git config --global --add safe.directory f:/GitHub/my-project

Not correct:

git config --global --add safe.directory F:/github/my-project

Not correct:

git config --global --add safe.directory F:/GitHub/my-project/

Correct:

git config --global --add safe.directory F:/GitHub/my-project

OK. To add more to the soup in previous answers where the directories either aren't owned or are outside the user's home directory, a little bit of PowerShell, and I'm sure someone can translate this to Bash, can add the directories to the safe list.

The below was written on Windows, but on Linux, remove the "-replace '\','/'" as it would break anything with spaces in the path.

(ls D:\PowerShell\ParentFolder\ -Directory).FullName -replace '\\','/' | %{git config --global --add safe.directory $_}

This issue occurs after the Ubuntu auto package update. After checking the updates in log file, /var/log/apt/history.log, I found two Git packages updated and after that update date mess with Phabricator occurred.

git
git-man

I used the below two commands to check the previous version in the cache and installed the old version.

apt-cache policy git:amd64

Output:

git:
  Installed: (none)
  Candidate: 1:2.17.1-1ubuntu0.10
  Version table:
     1:2.17.1-1ubuntu0.10 500
        500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
        500 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages
        100 /var/lib/dpkg/status
     ***1:2.17.0-1ubuntu1*** 500
        500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages

sudo apt-get install git=1:2.17.0-1ubuntu1
apt-cache policy git-man:amd64

Output:

git-man:
  Installed: 1:2.17.1-1ubuntu0.10
  Candidate: 1:2.17.1-1ubuntu0.10
  Version table:
*** 1:2.17.1-1ubuntu0.10 500
        500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
        500 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages
        100 /var/lib/dpkg/status
     1:2.17.0-1ubuntu1 500
        500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages

sudo apt-get install git-man=1:2.17.0-1ubuntu1

git config --global --add safe.directory '*' //star meal all

you can create all directory is safe.

In my case, I just copy the message, write sudo, and then paste the message. After pressing the Enter button, the issue has gone.

For example:

sudo git config --global --add safe.directory your-path

'your-path' = as shown in the message

We have fixed this issue by fixing the .git/objects permissions. We were actually unable to add files without sudo because of the bad permissions.