mirror of
https://github.com/git/git.git
synced 2024-11-27 12:03:55 +08:00
Git 2.38.1
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEE4fA2sf7nIh/HeOzvsLXohpav5ssFAmM/rwcACgkQsLXohpav 5stHpQ/9Eqd0dVwVA6FijqRr6Nsdt8ufGh4OPZUWlNoQeJbp6N1IDGydAxfzNRNC fQTqGyL0ZdvLkWZUQ5ACL+157ArJGINE1f+EjOy+MDcyClPfJpk3r4O/qftmowQk l3vnAKBqYRn5ta2+fg6a0R6Q3cH5qZsucXwvspEU+TcqMV6QAQYsbINxnO+VNCSV tmqeVO8bvNR+zsZ6p8J1EduWpgvh6XsBpr56UxnOim+XEp+nAzPOILJTbYnMx0Am HD6WO7Ws3Wp9hj6cKYjcXyNmXT0T4EOhXtIBCKaXxAjXvvX77a9dpUQNI5n91DAi HQ/viM4hhrqBfs3jtr6qnDB/c1wcCLH+1QiOlB/2TE9l4zjR25lAtv901uey4yg6 A8he9nr1eEiPN0k3vrhYE01rUi9I1arAZ9lVF28NF+JMM25F8dZc2YZbc3UHoBMZ 7ilpydBqXe43ll4/J8XRcMPQeR7++ss0ROqVN/xXnVB0UWvCYhMFleJ1KA7LHjQd XaRi9Xsiki9OTXFrr7u8QZ94RinpHPUkuGxODO7Jqo8uL5+9JIdVuNbJbzQDK8s4 aU6nfSM7clNebrjaTOeiQB8hv0/uZt6QpUQzT4Q7OBOJzO4uLbkDxChIw/sflQWB rWRb63/KOtap78DVvMJMw5OQC4hXi7lJIchgZ8hfBKKs83p5Smk= =bTdb -----END PGP SIGNATURE----- Sync with v2.38.1
This commit is contained in:
commit
9c32cfb49c
60
Documentation/RelNotes/2.30.6.txt
Normal file
60
Documentation/RelNotes/2.30.6.txt
Normal file
@ -0,0 +1,60 @@
|
||||
Git v2.30.6 Release Notes
|
||||
=========================
|
||||
|
||||
This release addresses the security issues CVE-2022-39253 and
|
||||
CVE-2022-39260.
|
||||
|
||||
Fixes since v2.30.5
|
||||
-------------------
|
||||
|
||||
* CVE-2022-39253:
|
||||
When relying on the `--local` clone optimization, Git dereferences
|
||||
symbolic links in the source repository before creating hardlinks
|
||||
(or copies) of the dereferenced link in the destination repository.
|
||||
This can lead to surprising behavior where arbitrary files are
|
||||
present in a repository's `$GIT_DIR` when cloning from a malicious
|
||||
repository.
|
||||
|
||||
Git will no longer dereference symbolic links via the `--local`
|
||||
clone mechanism, and will instead refuse to clone repositories that
|
||||
have symbolic links present in the `$GIT_DIR/objects` directory.
|
||||
|
||||
Additionally, the value of `protocol.file.allow` is changed to be
|
||||
"user" by default.
|
||||
|
||||
* CVE-2022-39260:
|
||||
An overly-long command string given to `git shell` can result in
|
||||
overflow in `split_cmdline()`, leading to arbitrary heap writes and
|
||||
remote code execution when `git shell` is exposed and the directory
|
||||
`$HOME/git-shell-commands` exists.
|
||||
|
||||
`git shell` is taught to refuse interactive commands that are
|
||||
longer than 4MiB in size. `split_cmdline()` is hardened to reject
|
||||
inputs larger than 2GiB.
|
||||
|
||||
Credit for finding CVE-2022-39253 goes to Cory Snider of Mirantis. The
|
||||
fix was authored by Taylor Blau, with help from Johannes Schindelin.
|
||||
|
||||
Credit for finding CVE-2022-39260 goes to Kevin Backhouse of GitHub.
|
||||
The fix was authored by Kevin Backhouse, Jeff King, and Taylor Blau.
|
||||
|
||||
|
||||
Jeff King (2):
|
||||
shell: add basic tests
|
||||
shell: limit size of interactive commands
|
||||
|
||||
Kevin Backhouse (1):
|
||||
alias.c: reject too-long cmdline strings in split_cmdline()
|
||||
|
||||
Taylor Blau (11):
|
||||
builtin/clone.c: disallow `--local` clones with symlinks
|
||||
t/lib-submodule-update.sh: allow local submodules
|
||||
t/t1NNN: allow local submodules
|
||||
t/2NNNN: allow local submodules
|
||||
t/t3NNN: allow local submodules
|
||||
t/t4NNN: allow local submodules
|
||||
t/t5NNN: allow local submodules
|
||||
t/t6NNN: allow local submodules
|
||||
t/t7NNN: allow local submodules
|
||||
t/t9NNN: allow local submodules
|
||||
transport: make `protocol.file.allow` be "user" by default
|
5
Documentation/RelNotes/2.31.5.txt
Normal file
5
Documentation/RelNotes/2.31.5.txt
Normal file
@ -0,0 +1,5 @@
|
||||
Git v2.31.5 Release Notes
|
||||
=========================
|
||||
|
||||
This release merges the security fix that appears in v2.30.6; see
|
||||
the release notes for that version for details.
|
5
Documentation/RelNotes/2.32.4.txt
Normal file
5
Documentation/RelNotes/2.32.4.txt
Normal file
@ -0,0 +1,5 @@
|
||||
Git v2.32.4 Release Notes
|
||||
=========================
|
||||
|
||||
This release merges the security fix that appears in v2.30.6; see
|
||||
the release notes for that version for details.
|
5
Documentation/RelNotes/2.33.5.txt
Normal file
5
Documentation/RelNotes/2.33.5.txt
Normal file
@ -0,0 +1,5 @@
|
||||
Git v2.33.5 Release Notes
|
||||
=========================
|
||||
|
||||
This release merges the security fix that appears in v2.30.6; see
|
||||
the release notes for that version for details.
|
5
Documentation/RelNotes/2.34.5.txt
Normal file
5
Documentation/RelNotes/2.34.5.txt
Normal file
@ -0,0 +1,5 @@
|
||||
Git v2.34.5 Release Notes
|
||||
=========================
|
||||
|
||||
This release merges the security fix that appears in v2.30.6; see
|
||||
the release notes for that version for details.
|
5
Documentation/RelNotes/2.35.5.txt
Normal file
5
Documentation/RelNotes/2.35.5.txt
Normal file
@ -0,0 +1,5 @@
|
||||
Git v2.35.5 Release Notes
|
||||
=========================
|
||||
|
||||
This release merges the security fix that appears in v2.30.6; see
|
||||
the release notes for that version for details.
|
5
Documentation/RelNotes/2.36.3.txt
Normal file
5
Documentation/RelNotes/2.36.3.txt
Normal file
@ -0,0 +1,5 @@
|
||||
Git v2.36.3 Release Notes
|
||||
=========================
|
||||
|
||||
This release merges the security fix that appears in v2.30.6; see
|
||||
the release notes for that version for details.
|
@ -2,11 +2,45 @@ Git 2.37.4 Release Notes
|
||||
========================
|
||||
|
||||
This primarily is to backport various fixes accumulated on the 'master'
|
||||
front since 2.37.3.
|
||||
front since 2.37.3, and also includes the same security fixes as in
|
||||
v2.30.6.
|
||||
|
||||
Fixes since v2.37.3
|
||||
-------------------
|
||||
|
||||
* CVE-2022-39253:
|
||||
When relying on the `--local` clone optimization, Git dereferences
|
||||
symbolic links in the source repository before creating hardlinks
|
||||
(or copies) of the dereferenced link in the destination repository.
|
||||
This can lead to surprising behavior where arbitrary files are
|
||||
present in a repository's `$GIT_DIR` when cloning from a malicious
|
||||
repository.
|
||||
|
||||
Git will no longer dereference symbolic links via the `--local`
|
||||
clone mechanism, and will instead refuse to clone repositories that
|
||||
have symbolic links present in the `$GIT_DIR/objects` directory.
|
||||
|
||||
Additionally, the value of `protocol.file.allow` is changed to be
|
||||
"user" by default.
|
||||
|
||||
Credit for finding CVE-2022-39253 goes to Cory Snider of Mirantis.
|
||||
The fix was authored by Taylor Blau, with help from Johannes
|
||||
Schindelin.
|
||||
|
||||
* CVE-2022-39260:
|
||||
An overly-long command string given to `git shell` can result in
|
||||
overflow in `split_cmdline()`, leading to arbitrary heap writes and
|
||||
remote code execution when `git shell` is exposed and the directory
|
||||
`$HOME/git-shell-commands` exists.
|
||||
|
||||
`git shell` is taught to refuse interactive commands that are
|
||||
longer than 4MiB in size. `split_cmdline()` is hardened to reject
|
||||
inputs larger than 2GiB.
|
||||
|
||||
Credit for finding CVE-2022-39260 goes to Kevin Backhouse of
|
||||
GitHub. The fix was authored by Kevin Backhouse, Jeff King, and
|
||||
Taylor Blau.
|
||||
|
||||
* An earlier optimization discarded a tree-object buffer that is
|
||||
still in use, which has been corrected.
|
||||
|
||||
|
5
Documentation/RelNotes/2.38.1.txt
Normal file
5
Documentation/RelNotes/2.38.1.txt
Normal file
@ -0,0 +1,5 @@
|
||||
Git v2.38.1 Release Notes
|
||||
=========================
|
||||
|
||||
This release merges the security fix that appears in v2.30.6; see
|
||||
the release notes for that version for details.
|
@ -1,10 +1,10 @@
|
||||
protocol.allow::
|
||||
If set, provide a user defined default policy for all protocols which
|
||||
don't explicitly have a policy (`protocol.<name>.allow`). By default,
|
||||
if unset, known-safe protocols (http, https, git, ssh, file) have a
|
||||
if unset, known-safe protocols (http, https, git, ssh) have a
|
||||
default policy of `always`, known-dangerous protocols (ext) have a
|
||||
default policy of `never`, and all other protocols have a default
|
||||
policy of `user`. Supported policies:
|
||||
default policy of `never`, and all other protocols (including file)
|
||||
have a default policy of `user`. Supported policies:
|
||||
+
|
||||
--
|
||||
|
||||
|
11
alias.c
11
alias.c
@ -46,14 +46,16 @@ void list_aliases(struct string_list *list)
|
||||
|
||||
#define SPLIT_CMDLINE_BAD_ENDING 1
|
||||
#define SPLIT_CMDLINE_UNCLOSED_QUOTE 2
|
||||
#define SPLIT_CMDLINE_ARGC_OVERFLOW 3
|
||||
static const char *split_cmdline_errors[] = {
|
||||
N_("cmdline ends with \\"),
|
||||
N_("unclosed quote")
|
||||
N_("unclosed quote"),
|
||||
N_("too many arguments"),
|
||||
};
|
||||
|
||||
int split_cmdline(char *cmdline, const char ***argv)
|
||||
{
|
||||
int src, dst, count = 0, size = 16;
|
||||
size_t src, dst, count = 0, size = 16;
|
||||
char quoted = 0;
|
||||
|
||||
ALLOC_ARRAY(*argv, size);
|
||||
@ -96,6 +98,11 @@ int split_cmdline(char *cmdline, const char ***argv)
|
||||
return -SPLIT_CMDLINE_UNCLOSED_QUOTE;
|
||||
}
|
||||
|
||||
if (count >= INT_MAX) {
|
||||
FREE_AND_NULL(*argv);
|
||||
return -SPLIT_CMDLINE_ARGC_OVERFLOW;
|
||||
}
|
||||
|
||||
ALLOC_GROW(*argv, count + 1, size);
|
||||
(*argv)[count] = NULL;
|
||||
|
||||
|
@ -320,13 +320,11 @@ static void copy_or_link_directory(struct strbuf *src, struct strbuf *dest,
|
||||
int src_len, dest_len;
|
||||
struct dir_iterator *iter;
|
||||
int iter_status;
|
||||
unsigned int flags;
|
||||
struct strbuf realpath = STRBUF_INIT;
|
||||
|
||||
mkdir_if_missing(dest->buf, 0777);
|
||||
|
||||
flags = DIR_ITERATOR_PEDANTIC | DIR_ITERATOR_FOLLOW_SYMLINKS;
|
||||
iter = dir_iterator_begin(src->buf, flags);
|
||||
iter = dir_iterator_begin(src->buf, DIR_ITERATOR_PEDANTIC);
|
||||
|
||||
if (!iter)
|
||||
die_errno(_("failed to start iterator over '%s'"), src->buf);
|
||||
@ -342,6 +340,10 @@ static void copy_or_link_directory(struct strbuf *src, struct strbuf *dest,
|
||||
strbuf_setlen(dest, dest_len);
|
||||
strbuf_addstr(dest, iter->relative_path);
|
||||
|
||||
if (S_ISLNK(iter->st.st_mode))
|
||||
die(_("symlink '%s' exists, refusing to clone with --local"),
|
||||
iter->relative_path);
|
||||
|
||||
if (S_ISDIR(iter->st.st_mode)) {
|
||||
mkdir_if_missing(dest->buf, 0777);
|
||||
continue;
|
||||
|
34
shell.c
34
shell.c
@ -47,6 +47,8 @@ static void cd_to_homedir(void)
|
||||
die("could not chdir to user's home directory");
|
||||
}
|
||||
|
||||
#define MAX_INTERACTIVE_COMMAND (4*1024*1024)
|
||||
|
||||
static void run_shell(void)
|
||||
{
|
||||
int done = 0;
|
||||
@ -67,22 +69,46 @@ static void run_shell(void)
|
||||
run_command_v_opt(help_argv, RUN_SILENT_EXEC_FAILURE);
|
||||
|
||||
do {
|
||||
struct strbuf line = STRBUF_INIT;
|
||||
const char *prog;
|
||||
char *full_cmd;
|
||||
char *rawargs;
|
||||
size_t len;
|
||||
char *split_args;
|
||||
const char **argv;
|
||||
int code;
|
||||
int count;
|
||||
|
||||
fprintf(stderr, "git> ");
|
||||
if (git_read_line_interactively(&line) == EOF) {
|
||||
|
||||
/*
|
||||
* Avoid using a strbuf or git_read_line_interactively() here.
|
||||
* We don't want to allocate arbitrary amounts of memory on
|
||||
* behalf of a possibly untrusted client, and we're subject to
|
||||
* OS limits on command length anyway.
|
||||
*/
|
||||
fflush(stdout);
|
||||
rawargs = xmalloc(MAX_INTERACTIVE_COMMAND);
|
||||
if (!fgets(rawargs, MAX_INTERACTIVE_COMMAND, stdin)) {
|
||||
fprintf(stderr, "\n");
|
||||
strbuf_release(&line);
|
||||
free(rawargs);
|
||||
break;
|
||||
}
|
||||
rawargs = strbuf_detach(&line, NULL);
|
||||
len = strlen(rawargs);
|
||||
|
||||
/*
|
||||
* If we truncated due to our input buffer size, reject the
|
||||
* command. That's better than running bogus input, and
|
||||
* there's a good chance it's just malicious garbage anyway.
|
||||
*/
|
||||
if (len >= MAX_INTERACTIVE_COMMAND - 1)
|
||||
die("invalid command format: input too long");
|
||||
|
||||
if (len > 0 && rawargs[len - 1] == '\n') {
|
||||
if (--len > 0 && rawargs[len - 1] == '\r')
|
||||
--len;
|
||||
rawargs[len] = '\0';
|
||||
}
|
||||
|
||||
split_args = xstrdup(rawargs);
|
||||
count = split_cmdline(split_args, &argv);
|
||||
if (count < 0) {
|
||||
|
@ -197,6 +197,7 @@ test_git_directory_exists () {
|
||||
# the submodule repo if it doesn't exist and configures the most problematic
|
||||
# settings for diff.ignoreSubmodules.
|
||||
prolog () {
|
||||
test_config_global protocol.file.allow always &&
|
||||
(test -d submodule_update_repo || create_lib_submodule_repo) &&
|
||||
test_config_global diff.ignoreSubmodules all &&
|
||||
test_config diff.ignoreSubmodules all
|
||||
|
@ -560,7 +560,8 @@ test_expect_success 'interaction with submodules' '
|
||||
(
|
||||
cd super &&
|
||||
mkdir modules &&
|
||||
git submodule add ../repo modules/child &&
|
||||
git -c protocol.file.allow=always \
|
||||
submodule add ../repo modules/child &&
|
||||
git add . &&
|
||||
git commit -m "add submodule" &&
|
||||
git sparse-checkout init --cone &&
|
||||
|
@ -1315,6 +1315,8 @@ test_expect_success 'submodule handling' '
|
||||
test_all_match git add modules &&
|
||||
test_all_match git commit -m "add modules directory" &&
|
||||
|
||||
test_config_global protocol.file.allow always &&
|
||||
|
||||
run_on_all git submodule add "$(pwd)/initial-repo" modules/sub &&
|
||||
test_all_match git commit -m "add submodule" &&
|
||||
|
||||
|
@ -226,7 +226,8 @@ test_expect_success 'showing the superproject correctly' '
|
||||
test_commit -C super test_commit &&
|
||||
test_create_repo sub &&
|
||||
test_commit -C sub test_commit &&
|
||||
git -C super submodule add ../sub dir/sub &&
|
||||
git -c protocol.file.allow=always \
|
||||
-C super submodule add ../sub dir/sub &&
|
||||
echo $(pwd)/super >expect &&
|
||||
git -C super/dir/sub rev-parse --show-superproject-working-tree >out &&
|
||||
test_cmp expect out &&
|
||||
|
@ -41,6 +41,8 @@ TEST_NO_CREATE_REPO=1
|
||||
# - m/m (file)
|
||||
#
|
||||
test_expect_success 'setup repo for checkout with various types of changes' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
|
||||
git init sub &&
|
||||
(
|
||||
cd sub &&
|
||||
@ -140,6 +142,7 @@ do
|
||||
esac
|
||||
|
||||
test_expect_success "$mode checkout on clone" '
|
||||
test_config_global protocol.file.allow always &&
|
||||
repo=various_${mode}_clone &&
|
||||
set_checkout_config $workers $threshold &&
|
||||
test_checkout_workers $expected_workers \
|
||||
|
@ -669,6 +669,7 @@ test_expect_success '"add" should not fail because of another bad worktree' '
|
||||
'
|
||||
|
||||
test_expect_success '"add" with uninitialized submodule, with submodule.recurse unset' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
test_create_repo submodule &&
|
||||
test_commit -C submodule first &&
|
||||
test_create_repo project &&
|
||||
@ -684,6 +685,7 @@ test_expect_success '"add" with uninitialized submodule, with submodule.recurse
|
||||
'
|
||||
|
||||
test_expect_success '"add" with initialized submodule, with submodule.recurse unset' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
git -C project-clone submodule update --init &&
|
||||
git -C project-clone worktree add ../project-4
|
||||
'
|
||||
|
@ -139,7 +139,8 @@ test_expect_success 'move a repo with uninitialized submodule' '
|
||||
(
|
||||
cd withsub &&
|
||||
test_commit initial &&
|
||||
git submodule add "$PWD"/.git sub &&
|
||||
git -c protocol.file.allow=always \
|
||||
submodule add "$PWD"/.git sub &&
|
||||
git commit -m withsub &&
|
||||
git worktree add second HEAD &&
|
||||
git worktree move second third
|
||||
@ -149,7 +150,7 @@ test_expect_success 'move a repo with uninitialized submodule' '
|
||||
test_expect_success 'not move a repo with initialized submodule' '
|
||||
(
|
||||
cd withsub &&
|
||||
git -C third submodule update &&
|
||||
git -c protocol.file.allow=always -C third submodule update &&
|
||||
test_must_fail git worktree move third forth
|
||||
)
|
||||
'
|
||||
@ -228,6 +229,7 @@ test_expect_success 'remove cleans up .git/worktrees when empty' '
|
||||
'
|
||||
|
||||
test_expect_success 'remove a repo with uninitialized submodule' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
(
|
||||
cd withsub &&
|
||||
git worktree add to-remove HEAD &&
|
||||
@ -236,6 +238,7 @@ test_expect_success 'remove a repo with uninitialized submodule' '
|
||||
'
|
||||
|
||||
test_expect_success 'not remove a repo with initialized submodule' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
(
|
||||
cd withsub &&
|
||||
git worktree add to-remove HEAD &&
|
||||
|
@ -10,6 +10,7 @@ export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
|
||||
base_path=$(pwd -P)
|
||||
|
||||
test_expect_success 'setup: create origin repos' '
|
||||
git config --global protocol.file.allow always &&
|
||||
git init origin/sub &&
|
||||
test_commit -C origin/sub file1 &&
|
||||
git init origin/main &&
|
||||
|
@ -306,6 +306,7 @@ test_expect_success 'deleting checked-out branch from repo that is a submodule'
|
||||
git init repo1 &&
|
||||
git init repo1/sub &&
|
||||
test_commit -C repo1/sub x &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git -C repo1 submodule add ./sub &&
|
||||
git -C repo1 commit -m "adding sub" &&
|
||||
|
||||
|
@ -793,7 +793,7 @@ test_expect_success 'submodule changes are shown irrespective of diff.submodule'
|
||||
sub_oid3=$(git -C sub-repo rev-parse HEAD) &&
|
||||
|
||||
git checkout -b main-sub topic &&
|
||||
git submodule add ./sub-repo sub &&
|
||||
git -c protocol.file.allow=always submodule add ./sub-repo sub &&
|
||||
git -C sub checkout --detach sub-first &&
|
||||
git commit -m "add sub" sub &&
|
||||
sup_oid1=$(git rev-parse --short HEAD) &&
|
||||
|
@ -28,6 +28,7 @@ test_no_branch () {
|
||||
}
|
||||
|
||||
test_expect_success 'setup superproject and submodule' '
|
||||
git config --global protocol.file.allow always &&
|
||||
mkdir test_dirs &&
|
||||
(
|
||||
cd test_dirs &&
|
||||
|
@ -310,7 +310,7 @@ test_expect_success 'autostash is saved on editor failure with conflict' '
|
||||
test_expect_success 'autostash with dirty submodules' '
|
||||
test_when_finished "git reset --hard && git checkout main" &&
|
||||
git checkout -b with-submodule &&
|
||||
git submodule add ./ sub &&
|
||||
git -c protocol.file.allow=always submodule add ./ sub &&
|
||||
test_tick &&
|
||||
git commit -m add-submodule &&
|
||||
echo changed >sub/file0 &&
|
||||
|
@ -48,7 +48,8 @@ test_expect_success 'rebase interactive ignores modified submodules' '
|
||||
git init sub &&
|
||||
git -C sub commit --allow-empty -m "Initial commit" &&
|
||||
git init super &&
|
||||
git -C super submodule add ../sub &&
|
||||
git -c protocol.file.allow=always \
|
||||
-C super submodule add ../sub &&
|
||||
git -C super config submodule.sub.ignore dirty &&
|
||||
>super/foo &&
|
||||
git -C super add foo &&
|
||||
|
@ -16,6 +16,8 @@ fi
|
||||
test_submodule_switch "cherry-pick"
|
||||
|
||||
test_expect_success 'unrelated submodule/file conflict is ignored' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
|
||||
test_create_repo sub &&
|
||||
|
||||
touch sub/file &&
|
||||
|
@ -333,7 +333,7 @@ test_expect_success 'rm removes empty submodules from work tree' '
|
||||
|
||||
test_expect_success 'rm removes removed submodule from index and .gitmodules' '
|
||||
git reset --hard &&
|
||||
git submodule update &&
|
||||
git -c protocol.file.allow=always submodule update &&
|
||||
rm -rf submod &&
|
||||
git rm submod &&
|
||||
git status -s -uno --ignore-submodules=none >actual &&
|
||||
@ -639,6 +639,7 @@ cat >expect.deepmodified <<EOF
|
||||
EOF
|
||||
|
||||
test_expect_success 'setup subsubmodule' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
git reset --hard &&
|
||||
git submodule update &&
|
||||
(
|
||||
|
@ -36,7 +36,7 @@ setup_basic () {
|
||||
git init main &&
|
||||
(
|
||||
cd main &&
|
||||
git submodule add ../sub &&
|
||||
git -c protocol.file.allow=always submodule add ../sub &&
|
||||
test_commit main_file
|
||||
)
|
||||
}
|
||||
|
@ -49,7 +49,7 @@ test_expect_success 'setup - submodules' '
|
||||
'
|
||||
|
||||
test_expect_success 'setup - git submodule add' '
|
||||
git submodule add ./sm2 sm1 &&
|
||||
git -c protocol.file.allow=always submodule add ./sm2 sm1 &&
|
||||
commit_file sm1 .gitmodules &&
|
||||
git diff-tree -p --no-commit-id --submodule=log HEAD -- sm1 >actual &&
|
||||
cat >expected <<-EOF &&
|
||||
|
@ -840,7 +840,7 @@ rm sm2
|
||||
mv sm2-bak sm2
|
||||
|
||||
test_expect_success 'setup nested submodule' '
|
||||
git -C sm2 submodule add ../sm2 nested &&
|
||||
git -c protocol.file.allow=always -C sm2 submodule add ../sm2 nested &&
|
||||
git -C sm2 commit -a -m "nested sub" &&
|
||||
head10=$(git -C sm2 rev-parse --short --verify HEAD)
|
||||
'
|
||||
|
@ -77,6 +77,7 @@ test_expect_success 'diff skips same-OID blobs' '
|
||||
|
||||
test_expect_success 'when fetching missing objects, diff skips GITLINKs' '
|
||||
test_when_finished "rm -rf sub server client trace" &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
|
||||
test_create_repo sub &&
|
||||
test_commit -C sub first &&
|
||||
|
@ -124,6 +124,7 @@ test_expect_success 'command line pathspec parsing for "git log"' '
|
||||
|
||||
test_expect_success 'tree_entry_interesting does not match past submodule boundaries' '
|
||||
test_when_finished "rm -rf repo submodule" &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git init submodule &&
|
||||
test_commit -C submodule initial &&
|
||||
git init repo &&
|
||||
|
@ -790,6 +790,7 @@ test_expect_success 'fetch.writeCommitGraph' '
|
||||
'
|
||||
|
||||
test_expect_success 'fetch.writeCommitGraph with submodules' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
git clone dups super &&
|
||||
(
|
||||
cd super &&
|
||||
|
@ -222,6 +222,7 @@ test_expect_success 'push with negotiation proceeds anyway even if negotiation f
|
||||
test_expect_success 'push with negotiation does not attempt to fetch submodules' '
|
||||
mk_empty submodule_upstream &&
|
||||
test_commit -C submodule_upstream submodule_commit &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git submodule add ./submodule_upstream submodule &&
|
||||
mk_empty testrepo &&
|
||||
git push testrepo $the_first_commit:refs/remotes/origin/first_commit &&
|
||||
|
@ -127,6 +127,7 @@ verify_fetch_result () {
|
||||
}
|
||||
|
||||
test_expect_success setup '
|
||||
git config --global protocol.file.allow always &&
|
||||
mkdir deepsubmodule &&
|
||||
(
|
||||
cd deepsubmodule &&
|
||||
|
@ -162,6 +162,8 @@ test_expect_success 'fetch --update-shallow' '
|
||||
'
|
||||
|
||||
test_expect_success 'fetch --update-shallow into a repo with submodules' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
|
||||
git init a-submodule &&
|
||||
test_commit -C a-submodule foo &&
|
||||
|
||||
@ -175,7 +177,8 @@ test_expect_success 'fetch --update-shallow into a repo with submodules' '
|
||||
test_expect_success 'fetch --update-shallow a commit that is also a shallow point into a repo with submodules' '
|
||||
test_when_finished "rm -rf repo-with-sub" &&
|
||||
git init repo-with-sub &&
|
||||
git -C repo-with-sub submodule add ../a-submodule a-submodule &&
|
||||
git -c protocol.file.allow=always -C repo-with-sub \
|
||||
submodule add ../a-submodule a-submodule &&
|
||||
git -C repo-with-sub commit -m "added submodule" &&
|
||||
|
||||
SHALLOW=$(cat shallow/.git/shallow) &&
|
||||
|
@ -119,6 +119,7 @@ test_expect_success 'push options and submodules' '
|
||||
test_commit -C parent one &&
|
||||
git -C parent push --mirror up &&
|
||||
|
||||
test_config_global protocol.file.allow always &&
|
||||
git -C parent submodule add ../upstream workbench &&
|
||||
git -C parent/workbench remote add up ../../upstream &&
|
||||
git -C parent commit -m "add submodule" &&
|
||||
|
@ -52,6 +52,10 @@ then
|
||||
fi
|
||||
test_submodule_switch_func "git_pull_noff"
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'pull --recurse-submodule setup' '
|
||||
test_create_repo child &&
|
||||
test_commit -C child bar &&
|
||||
|
@ -767,6 +767,7 @@ test_expect_success 'batch missing blob request does not inadvertently try to fe
|
||||
echo aa >server/a &&
|
||||
echo bb >server/b &&
|
||||
# Also add a gitlink pointing to an arbitrary repository
|
||||
test_config_global protocol.file.allow always &&
|
||||
git -C server submodule add "$(pwd)/repo_for_submodule" c &&
|
||||
git -C server add a b c &&
|
||||
git -C server commit -m x &&
|
||||
|
@ -303,8 +303,6 @@ test_expect_success SYMLINKS 'setup repo with manually symlinked or unknown file
|
||||
ln -s ../an-object $obj &&
|
||||
|
||||
cd ../ &&
|
||||
find . -type f | sort >../../../T.objects-files.raw &&
|
||||
find . -type l | sort >../../../T.objects-symlinks.raw &&
|
||||
echo unknown_content >unknown_file
|
||||
) &&
|
||||
git -C T fsck &&
|
||||
@ -313,19 +311,27 @@ test_expect_success SYMLINKS 'setup repo with manually symlinked or unknown file
|
||||
|
||||
|
||||
test_expect_success SYMLINKS 'clone repo with symlinked or unknown files at objects/' '
|
||||
for option in --local --no-hardlinks --shared --dissociate
|
||||
# None of these options work when cloning locally, since T has
|
||||
# symlinks in its `$GIT_DIR/objects` directory
|
||||
for option in --local --no-hardlinks --dissociate
|
||||
do
|
||||
git clone $option T T$option || return 1 &&
|
||||
git -C T$option fsck || return 1 &&
|
||||
git -C T$option rev-list --all --objects >T$option.objects &&
|
||||
test_cmp T.objects T$option.objects &&
|
||||
(
|
||||
cd T$option/.git/objects &&
|
||||
find . -type f | sort >../../../T$option.objects-files.raw &&
|
||||
find . -type l | sort >../../../T$option.objects-symlinks.raw
|
||||
)
|
||||
test_must_fail git clone $option T T$option 2>err || return 1 &&
|
||||
test_i18ngrep "symlink.*exists" err || return 1
|
||||
done &&
|
||||
|
||||
# But `--shared` clones should still work, even when specifying
|
||||
# a local path *and* that repository has symlinks present in its
|
||||
# `$GIT_DIR/objects` directory.
|
||||
git clone --shared T T--shared &&
|
||||
git -C T--shared fsck &&
|
||||
git -C T--shared rev-list --all --objects >T--shared.objects &&
|
||||
test_cmp T.objects T--shared.objects &&
|
||||
(
|
||||
cd T--shared/.git/objects &&
|
||||
find . -type f | sort >../../../T--shared.objects-files.raw &&
|
||||
find . -type l | sort >../../../T--shared.objects-symlinks.raw
|
||||
) &&
|
||||
|
||||
for raw in $(ls T*.raw)
|
||||
do
|
||||
sed -e "s!/../!/Y/!; s![0-9a-f]\{38,\}!Z!" -e "/commit-graph/d" \
|
||||
@ -333,26 +339,6 @@ test_expect_success SYMLINKS 'clone repo with symlinked or unknown files at obje
|
||||
sort $raw.de-sha-1 >$raw.de-sha || return 1
|
||||
done &&
|
||||
|
||||
cat >expected-files <<-EOF &&
|
||||
./Y/Z
|
||||
./Y/Z
|
||||
./Y/Z
|
||||
./a-loose-dir/Z
|
||||
./an-object
|
||||
./info/packs
|
||||
./pack/pack-Z.idx
|
||||
./pack/pack-Z.pack
|
||||
./packs/pack-Z.idx
|
||||
./packs/pack-Z.pack
|
||||
./unknown_file
|
||||
EOF
|
||||
|
||||
for option in --local --no-hardlinks --dissociate
|
||||
do
|
||||
test_cmp expected-files T$option.objects-files.raw.de-sha || return 1 &&
|
||||
test_must_be_empty T$option.objects-symlinks.raw.de-sha || return 1
|
||||
done &&
|
||||
|
||||
echo ./info/alternates >expected-files &&
|
||||
test_cmp expected-files T--shared.objects-files.raw &&
|
||||
test_must_be_empty T--shared.objects-symlinks.raw
|
||||
|
@ -24,6 +24,7 @@ test_expect_success 'setup' '
|
||||
|
||||
test_expect_success 'nonshallow clone implies nonshallow submodule' '
|
||||
test_when_finished "rm -rf super_clone" &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git clone --recurse-submodules "file://$pwd/." super_clone &&
|
||||
git -C super_clone log --oneline >lines &&
|
||||
test_line_count = 3 lines &&
|
||||
@ -33,6 +34,7 @@ test_expect_success 'nonshallow clone implies nonshallow submodule' '
|
||||
|
||||
test_expect_success 'shallow clone with shallow submodule' '
|
||||
test_when_finished "rm -rf super_clone" &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git clone --recurse-submodules --depth 2 --shallow-submodules "file://$pwd/." super_clone &&
|
||||
git -C super_clone log --oneline >lines &&
|
||||
test_line_count = 2 lines &&
|
||||
@ -42,6 +44,7 @@ test_expect_success 'shallow clone with shallow submodule' '
|
||||
|
||||
test_expect_success 'shallow clone does not imply shallow submodule' '
|
||||
test_when_finished "rm -rf super_clone" &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git clone --recurse-submodules --depth 2 "file://$pwd/." super_clone &&
|
||||
git -C super_clone log --oneline >lines &&
|
||||
test_line_count = 2 lines &&
|
||||
@ -51,6 +54,7 @@ test_expect_success 'shallow clone does not imply shallow submodule' '
|
||||
|
||||
test_expect_success 'shallow clone with non shallow submodule' '
|
||||
test_when_finished "rm -rf super_clone" &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git clone --recurse-submodules --depth 2 --no-shallow-submodules "file://$pwd/." super_clone &&
|
||||
git -C super_clone log --oneline >lines &&
|
||||
test_line_count = 2 lines &&
|
||||
@ -60,6 +64,7 @@ test_expect_success 'shallow clone with non shallow submodule' '
|
||||
|
||||
test_expect_success 'non shallow clone with shallow submodule' '
|
||||
test_when_finished "rm -rf super_clone" &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git clone --recurse-submodules --no-local --shallow-submodules "file://$pwd/." super_clone &&
|
||||
git -C super_clone log --oneline >lines &&
|
||||
test_line_count = 3 lines &&
|
||||
@ -69,6 +74,7 @@ test_expect_success 'non shallow clone with shallow submodule' '
|
||||
|
||||
test_expect_success 'clone follows shallow recommendation' '
|
||||
test_when_finished "rm -rf super_clone" &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git config -f .gitmodules submodule.sub.shallow true &&
|
||||
git add .gitmodules &&
|
||||
git commit -m "recommend shallow for sub" &&
|
||||
@ -87,6 +93,7 @@ test_expect_success 'clone follows shallow recommendation' '
|
||||
|
||||
test_expect_success 'get unshallow recommended shallow submodule' '
|
||||
test_when_finished "rm -rf super_clone" &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git clone --no-local "file://$pwd/." super_clone &&
|
||||
(
|
||||
cd super_clone &&
|
||||
@ -103,6 +110,7 @@ test_expect_success 'get unshallow recommended shallow submodule' '
|
||||
|
||||
test_expect_success 'clone follows non shallow recommendation' '
|
||||
test_when_finished "rm -rf super_clone" &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git config -f .gitmodules submodule.sub.shallow false &&
|
||||
git add .gitmodules &&
|
||||
git commit -m "recommend non shallow for sub" &&
|
||||
|
@ -260,6 +260,8 @@ test_expect_success 'partial clone with transfer.fsckobjects=1 works with submod
|
||||
test_config -C src_with_sub uploadpack.allowfilter 1 &&
|
||||
test_config -C src_with_sub uploadpack.allowanysha1inwant 1 &&
|
||||
|
||||
test_config_global protocol.file.allow always &&
|
||||
|
||||
git -C src_with_sub submodule add "file://$(pwd)/submodule" mysub &&
|
||||
git -C src_with_sub commit -m "commit with submodule" &&
|
||||
|
||||
|
@ -10,6 +10,7 @@ export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
|
||||
pwd=$(pwd)
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always &&
|
||||
git checkout -b main &&
|
||||
test_commit commit1 &&
|
||||
mkdir sub &&
|
||||
|
@ -27,7 +27,7 @@ test_expect_success 'setup' '
|
||||
|
||||
: > super-file &&
|
||||
git add super-file &&
|
||||
git submodule add "$(pwd)" sub &&
|
||||
git -c protocol.file.allow=always submodule add "$(pwd)" sub &&
|
||||
git symbolic-ref HEAD refs/heads/super &&
|
||||
test_tick &&
|
||||
git commit -m super-initial &&
|
||||
|
@ -10,7 +10,7 @@ test_expect_success 'setup a submodule' '
|
||||
: >pretzel/a &&
|
||||
git -C pretzel add a &&
|
||||
git -C pretzel commit -m "add a file" -- a &&
|
||||
git submodule add ./pretzel sub &&
|
||||
git -c protocol.file.allow=always submodule add ./pretzel sub &&
|
||||
git commit -a -m "add submodule" &&
|
||||
git submodule deinit --all
|
||||
'
|
||||
|
@ -324,6 +324,7 @@ test_expect_success SYMLINKS 'check moved symlink' '
|
||||
rm -f moved symlink
|
||||
|
||||
test_expect_success 'setup submodule' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
git commit -m initial &&
|
||||
git reset --hard &&
|
||||
git submodule add ./. sub &&
|
||||
@ -509,6 +510,7 @@ test_expect_success 'moving a submodule in nested directories' '
|
||||
'
|
||||
|
||||
test_expect_success 'moving nested submodules' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
git commit -am "cleanup commit" &&
|
||||
mkdir sub_nested_nested &&
|
||||
(
|
||||
|
@ -473,6 +473,7 @@ test_expect_success 'create and add submodule, submodule appears clean (A. S...)
|
||||
git checkout initial-branch &&
|
||||
git clone . sub_repo &&
|
||||
git clone . super_repo &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
( cd super_repo &&
|
||||
git submodule add ../sub_repo sub1 &&
|
||||
|
||||
|
@ -480,6 +480,7 @@ test_expect_success 'should not clean submodules' '
|
||||
git init &&
|
||||
test_commit msg hello.world
|
||||
) &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git submodule add ./repo/.git sub1 &&
|
||||
git commit -m "sub1" &&
|
||||
git branch before_sub2 &&
|
||||
|
@ -14,6 +14,10 @@ export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
|
||||
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'setup - enable local submodules' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'submodule usage: -h' '
|
||||
git submodule -h >out 2>err &&
|
||||
grep "^usage: git submodule" out &&
|
||||
|
@ -14,6 +14,8 @@ export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success setup '
|
||||
git config --global protocol.file.allow always &&
|
||||
|
||||
echo file >file &&
|
||||
git add file &&
|
||||
test_tick &&
|
||||
|
@ -25,6 +25,7 @@ compare_head()
|
||||
|
||||
|
||||
test_expect_success 'setup a submodule tree' '
|
||||
git config --global protocol.file.allow always &&
|
||||
echo file > file &&
|
||||
git add file &&
|
||||
test_tick &&
|
||||
|
@ -16,6 +16,7 @@ export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
|
||||
|
||||
|
||||
test_expect_success 'setup a submodule tree' '
|
||||
git config --global protocol.file.allow always &&
|
||||
echo file > file &&
|
||||
git add file &&
|
||||
test_tick &&
|
||||
|
@ -17,6 +17,10 @@ test_alternate_is_used () {
|
||||
test_cmp expect actual
|
||||
}
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'preparing first repository' '
|
||||
test_create_repo A &&
|
||||
(
|
||||
|
@ -15,6 +15,10 @@ export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
|
||||
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'submodule on detached working tree' '
|
||||
git init --bare remote &&
|
||||
test_create_repo bundle1 &&
|
||||
|
@ -12,6 +12,9 @@ from the database and from the worktree works.
|
||||
TEST_NO_CREATE_REPO=1
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
test_expect_success 'submodule config cache setup' '
|
||||
mkdir submodule &&
|
||||
(cd submodule &&
|
||||
|
@ -13,6 +13,7 @@ TEST_PASSES_SANITIZE_LEAK=true
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always &&
|
||||
git init sub &&
|
||||
test_commit -C sub initial &&
|
||||
git init super &&
|
||||
|
@ -32,7 +32,8 @@ test_expect_success 'no warning when updating entry' '
|
||||
|
||||
test_expect_success 'submodule add does not warn' '
|
||||
test_when_finished "git rm -rf submodule .gitmodules" &&
|
||||
git submodule add ./embed submodule 2>stderr &&
|
||||
git -c protocol.file.allow=always \
|
||||
submodule add ./embed submodule 2>stderr &&
|
||||
test_i18ngrep ! warning stderr
|
||||
'
|
||||
|
||||
|
@ -3,6 +3,10 @@
|
||||
test_description='check handling of disallowed .gitmodule urls'
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'create submodule with protected dash in url' '
|
||||
git init upstream &&
|
||||
git -C upstream commit --allow-empty -m base &&
|
||||
|
@ -6,6 +6,10 @@ export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
|
||||
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'create submodule with dash in path' '
|
||||
git init upstream &&
|
||||
git -C upstream commit --allow-empty -m base &&
|
||||
|
@ -17,6 +17,10 @@ export GIT_TEST_FATAL_REGISTER_SUBMODULE_ODB
|
||||
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'sparse checkout setup which hides .gitmodules' '
|
||||
git init upstream &&
|
||||
git init submodule &&
|
||||
|
@ -13,6 +13,10 @@ TEST_PASSES_SANITIZE_LEAK=true
|
||||
TEST_NO_CREATE_REPO=1
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'submodule config cache setup' '
|
||||
mkdir submodule &&
|
||||
(cd submodule &&
|
||||
|
@ -12,6 +12,10 @@ as expected.
|
||||
TEST_NO_CREATE_REPO=1
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'submodule config cache setup' '
|
||||
mkdir submodule &&
|
||||
(
|
||||
|
@ -12,6 +12,10 @@ while making sure to add submodules using `git submodule add` instead of
|
||||
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'summary test environment setup' '
|
||||
git init sm &&
|
||||
test_commit -C sm "add file" file file-content file-tag &&
|
||||
|
@ -15,6 +15,10 @@ Such as:
|
||||
. ./test-lib.sh
|
||||
. "$TEST_DIRECTORY"/lib-pack.sh
|
||||
|
||||
test_expect_success 'setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'check names' '
|
||||
cat >expect <<-\EOF &&
|
||||
valid
|
||||
|
@ -252,6 +252,7 @@ test_expect_success 'status with merge conflict in .gitmodules' '
|
||||
test_create_repo_with_commit sub1 &&
|
||||
test_tick &&
|
||||
test_create_repo_with_commit sub2 &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
(
|
||||
cd super &&
|
||||
prev=$(git rev-parse HEAD) &&
|
||||
@ -327,6 +328,7 @@ test_expect_success 'diff --submodule with merge conflict in .gitmodules' '
|
||||
# sub2 will have an untracked file
|
||||
# sub3 will have an untracked repository
|
||||
test_expect_success 'setup superproject with untracked file in nested submodule' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
(
|
||||
cd super &&
|
||||
git clean -dfx &&
|
||||
|
@ -76,6 +76,7 @@ test_expect_success 'diff in message is retained with -v' '
|
||||
|
||||
test_expect_success 'submodule log is stripped out too with -v' '
|
||||
git config diff.submodule log &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git submodule add ./. sub &&
|
||||
git commit -m "sub added" &&
|
||||
(
|
||||
|
@ -813,6 +813,10 @@ my_match_and_clean () {
|
||||
git -C super/dir_1/dir_2/sub clean -d -f
|
||||
}
|
||||
|
||||
test_expect_success 'submodule setup' '
|
||||
git config --global protocol.file.allow always
|
||||
'
|
||||
|
||||
test_expect_success 'submodule always visited' '
|
||||
test_when_finished "git -C super fsmonitor--daemon stop; \
|
||||
rm -rf super; \
|
||||
|
@ -636,6 +636,7 @@ test_expect_success 'difftool --no-symlinks detects conflict ' '
|
||||
|
||||
test_expect_success 'difftool properly honors gitlink and core.worktree' '
|
||||
test_when_finished rm -rf submod/ule &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git submodule add ./. submod/ule &&
|
||||
test_config -C submod/ule diff.tool checktrees &&
|
||||
test_config -C submod/ule difftool.checktrees.cmd '\''
|
||||
|
@ -197,6 +197,7 @@ test_expect_success !MINGW 'grep recurse submodule colon in name' '
|
||||
git -C "su:b" commit -m "add fi:le" &&
|
||||
test_tick &&
|
||||
|
||||
test_config_global protocol.file.allow always &&
|
||||
git -C parent submodule add "../su:b" "su:b" &&
|
||||
git -C parent commit -m "add submodule" &&
|
||||
test_tick &&
|
||||
@ -231,6 +232,7 @@ test_expect_success 'grep history with moved submoules' '
|
||||
git -C sub commit -m "add file" &&
|
||||
test_tick &&
|
||||
|
||||
test_config_global protocol.file.allow always &&
|
||||
git -C parent submodule add ../sub dir/sub &&
|
||||
git -C parent commit -m "add submodule" &&
|
||||
test_tick &&
|
||||
@ -275,6 +277,7 @@ test_expect_success 'grep using relative path' '
|
||||
mkdir parent/src &&
|
||||
echo "(1|2)d(3|4)" >parent/src/file2 &&
|
||||
git -C parent add src/file2 &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git -C parent submodule add ../sub &&
|
||||
git -C parent commit -m "add files and submodule" &&
|
||||
test_tick &&
|
||||
@ -317,6 +320,7 @@ test_expect_success 'grep from a subdir' '
|
||||
mkdir parent/src &&
|
||||
echo "(1|2)d(3|4)" >parent/src/file &&
|
||||
git -C parent add src/file &&
|
||||
test_config_global protocol.file.allow always &&
|
||||
git -C parent submodule add ../sub src/sub &&
|
||||
git -C parent submodule add ../sub sub &&
|
||||
git -C parent commit -m "add files and submodules" &&
|
||||
@ -550,6 +554,7 @@ test_expect_failure 'grep saves textconv cache in the appropriate repository' '
|
||||
|
||||
test_expect_success 'grep partially-cloned submodule' '
|
||||
# Set up clean superproject and submodule for partial cloning.
|
||||
test_config_global protocol.file.allow always &&
|
||||
git init super &&
|
||||
git init super/sub &&
|
||||
(
|
||||
|
@ -25,6 +25,7 @@ test_expect_success 'import with large marks file' '
|
||||
'
|
||||
|
||||
test_expect_success 'setup dump with submodule' '
|
||||
test_config_global protocol.file.allow always &&
|
||||
git submodule add "$PWD" sub &&
|
||||
git commit -m "add submodule" &&
|
||||
git fast-export HEAD >dump
|
||||
|
@ -268,6 +268,7 @@ test_expect_success 'signed-tags=warn-strip' '
|
||||
|
||||
test_expect_success 'setup submodule' '
|
||||
|
||||
test_config_global protocol.file.allow always &&
|
||||
git checkout -f main &&
|
||||
mkdir sub &&
|
||||
(
|
||||
@ -293,6 +294,7 @@ test_expect_success 'setup submodule' '
|
||||
|
||||
test_expect_success 'submodule fast-export | fast-import' '
|
||||
|
||||
test_config_global protocol.file.allow always &&
|
||||
SUBENT1=$(git ls-tree main^ sub) &&
|
||||
SUBENT2=$(git ls-tree main sub) &&
|
||||
rm -rf new &&
|
||||
|
37
t/t9850-shell.sh
Executable file
37
t/t9850-shell.sh
Executable file
@ -0,0 +1,37 @@
|
||||
#!/bin/sh
|
||||
|
||||
test_description='git shell tests'
|
||||
. ./test-lib.sh
|
||||
|
||||
test_expect_success 'shell allows upload-pack' '
|
||||
printf 0000 >input &&
|
||||
git upload-pack . <input >expect &&
|
||||
git shell -c "git-upload-pack $SQ.$SQ" <input >actual &&
|
||||
test_cmp expect actual
|
||||
'
|
||||
|
||||
test_expect_success 'shell forbids other commands' '
|
||||
test_must_fail git shell -c "git config foo.bar baz"
|
||||
'
|
||||
|
||||
test_expect_success 'shell forbids interactive use by default' '
|
||||
test_must_fail git shell
|
||||
'
|
||||
|
||||
test_expect_success 'shell allows interactive command' '
|
||||
mkdir git-shell-commands &&
|
||||
write_script git-shell-commands/ping <<-\EOF &&
|
||||
echo pong
|
||||
EOF
|
||||
echo pong >expect &&
|
||||
echo ping | git shell >actual &&
|
||||
test_cmp expect actual
|
||||
'
|
||||
|
||||
test_expect_success 'shell complains of overlong commands' '
|
||||
perl -e "print \"a\" x 2**12 for (0..2**19)" |
|
||||
test_must_fail git shell 2>err &&
|
||||
grep "too long" err
|
||||
'
|
||||
|
||||
test_done
|
@ -1009,8 +1009,7 @@ static enum protocol_allow_config get_protocol_config(const char *type)
|
||||
if (!strcmp(type, "http") ||
|
||||
!strcmp(type, "https") ||
|
||||
!strcmp(type, "git") ||
|
||||
!strcmp(type, "ssh") ||
|
||||
!strcmp(type, "file"))
|
||||
!strcmp(type, "ssh"))
|
||||
return PROTOCOL_ALLOW_ALWAYS;
|
||||
|
||||
/* known scary; err on the side of caution */
|
||||
|
Loading…
Reference in New Issue
Block a user