From: Jeff King <peff@peff.net>
To: git@vger.kernel.org
Cc: "Junio C Hamano" <gitster@pobox.com>,
"Ævar Arnfjörð Bjarmason" <avarab@gmail.com>,
"Eric Sunshine" <sunshine@sunshineco.com>
Subject: [PATCH v2 0/9] leftover bits from symlinked gitattributes, etc topics
Date: Mon, 3 May 2021 16:42:24 -0400 [thread overview]
Message-ID: <YJBgMP9eXq31INyN@coredump.intra.peff.net> (raw)
In-Reply-To: <YI12hK4X/gfl3u29@coredump.intra.peff.net>
On Sat, May 01, 2021 at 11:40:52AM -0400, Jeff King wrote:
> A while back, I had a topic[1] that treated symlinked .gitattributes
> (and .gitignore and .mailmap) the same as .gitmodules: forbidding them
> in the index, complaining about them via fsck, etc.
>
> In the end, we decided not to do that[2], and instead just open the
> files with O_NOFOLLOW instead. As I said in that thread, we could
> salvage some of the cleanups, fsck checks, and docs from the original
> topic. So here that is. (The new topic is in master but not yet
> released; so while this is not strictly a bug-fix for an existing topic,
> it would be good to get especially the doc improvements into the same
> release).
Here's a re-roll with two small fixes: dropping the test_i18ngrep that
Ævar noticed, and taking Eric's wording suggestion for the docs.
I didn't take Ævar's suggestion to expand the line-wrapping fixes
further. I don't mind that happening, but I'd prefer doing it as a
separate series.
Range-diff (a little hard to read because the one-line change in the
tests percolates through several commits, and the two-word changes in
the docs caused rewrapping):
1: c91ce2ed34 = 1: c91ce2ed34 t7415: remove out-dated comment about translation
2: 99fe934110 = 2: 99fe934110 fsck_tree(): fix shadowed variable
3: 9695e4370c = 3: 9695e4370c fsck_tree(): wrap some long lines
4: 2cf9839145 = 4: 2cf9839145 t7415: rename to expand scope
5: ad18686096 ! 5: 1664953e71 t7450: test verify_path() handling of gitmodules
@@ t/t7450-bad-git-dotfiles.sh: test_expect_success 'fsck detects symlinked .gitmod
+test_expect_success 'refuse to load symlinked .gitmodules into index' '
+ test_must_fail git -C symlink read-tree $tree 2>err &&
-+ test_i18ngrep "invalid path.*gitmodules" err &&
++ grep "invalid path.*gitmodules" err &&
+ git -C symlink ls-files >out &&
+ test_must_be_empty out
+'
6: 9691fb8d5c ! 6: 41000ce022 t7450: test .gitmodules symlink matching against obscured names
@@ t/t7450-bad-git-dotfiles.sh: test_expect_success 'index-pack --strict works for
-
-test_expect_success 'refuse to load symlinked .gitmodules into index' '
- test_must_fail git -C symlink read-tree $tree 2>err &&
-- test_i18ngrep "invalid path.*gitmodules" err &&
+- grep "invalid path.*gitmodules" err &&
- git -C symlink ls-files >out &&
- test_must_be_empty out
-'
@@ t/t7450-bad-git-dotfiles.sh: test_expect_success 'index-pack --strict works for
+ -c core.protectntfs \
+ -c core.protecthfs \
+ read-tree $tree 2>err &&
-+ test_i18ngrep "invalid path.*$name" err &&
++ grep "invalid path.*$name" err &&
+ git -C $dir ls-files -s >out &&
+ test_must_be_empty out
+ '
7: 670705dca2 = 7: 58efbbbbb6 t0060: test ntfs/hfs-obscured dotfiles
8: 422162a7ae = 8: aeff66bf1e fsck: warn about symlinked dotfiles we'll open with O_NOFOLLOW
9: f1b226ca4f ! 9: a8f9255d9b docs: document symlink restrictions for dot-files
@@ Documentation/gitattributes.txt: to:
+NOTES
+-----
+
-+Note that Git does not follow symbolic links when accessing a
-+`.gitattributes` file in the working tree. This keeps behavior
-+consistent when the file is accessed from the index or a tree versus
-+from the filesystem.
++Git does not follow symbolic links when accessing a `.gitattributes`
++file in the working tree. This keeps behavior consistent when the file
++is accessed from the index or a tree versus from the filesystem.
EXAMPLES
--------
@@ Documentation/gitignore.txt: not tracked by Git remain untracked.
To stop tracking a file that is currently tracked, use
'git rm --cached'.
-+Note that Git does not follow symbolic links when accessing a
-+`.gitignore` file in the working tree. This keeps behavior consistent
-+when the file is accessed from the index or a tree versus from the
-+filesystem.
++Git does not follow symbolic links when accessing a `.gitignore` file in
++the working tree. This keeps behavior consistent when the file is
++accessed from the index or a tree versus from the filesystem.
+
EXAMPLES
--------
@@ Documentation/gitmailmap.txt: this would also match the 'Commit Name <commit@
+NOTES
+-----
+
-+Note that Git does not follow symbolic links when accessing a `.mailmap`
-+file in the working tree. This keeps behavior consistent when the file
-+is accessed from the index or a tree versus from the filesystem.
++Git does not follow symbolic links when accessing a `.mailmap` file in
++the working tree. This keeps behavior consistent when the file is
++accessed from the index or a tree versus from the filesystem.
+
EXAMPLES
--------
@@ Documentation/gitmodules.txt: submodule.<name>.shallow::
+NOTES
+-----
+
-+Note that Git does not allow the `.gitmodules` file within a working
-+tree to be a symbolic link, and will refuse to check out such a tree
-+entry. This keeps behavior consistent when the file is accessed from the
-+index or a tree versus from the filesystem, and helps Git reliably
-+enforce security checks of the file contents.
++Git does not allow the `.gitmodules` file within a working tree to be a
++symbolic link, and will refuse to check out such a tree entry. This
++keeps behavior consistent when the file is accessed from the index or a
++tree versus from the filesystem, and helps Git reliably enforce security
++checks of the file contents.
EXAMPLES
--------
[1/9]: t7415: remove out-dated comment about translation
[2/9]: fsck_tree(): fix shadowed variable
[3/9]: fsck_tree(): wrap some long lines
[4/9]: t7415: rename to expand scope
[5/9]: t7450: test verify_path() handling of gitmodules
[6/9]: t7450: test .gitmodules symlink matching against obscured names
[7/9]: t0060: test ntfs/hfs-obscured dotfiles
[8/9]: fsck: warn about symlinked dotfiles we'll open with O_NOFOLLOW
[9/9]: docs: document symlink restrictions for dot-files
Documentation/gitattributes.txt | 6 +
Documentation/gitignore.txt | 4 +
Documentation/gitmailmap.txt | 7 ++
Documentation/gitmodules.txt | 8 ++
cache.h | 1 +
fsck.c | 84 ++++++++++---
fsck.h | 3 +
path.c | 5 +
t/helper/test-path-utils.c | 46 +++++--
t/t0060-path-utils.sh | 30 +++++
...ule-names.sh => t7450-bad-git-dotfiles.sh} | 116 +++++++++++++-----
utf8.c | 5 +
utf8.h | 1 +
13 files changed, 255 insertions(+), 61 deletions(-)
rename t/{t7415-submodule-names.sh => t7450-bad-git-dotfiles.sh} (70%)
-Peff
next prev parent reply other threads:[~2021-05-03 20:42 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-01 15:40 [PATCH 0/9] leftover bits from symlinked gitattributes, etc topics Jeff King
2021-05-01 15:41 ` [PATCH 1/9] t7415: remove out-dated comment about translation Jeff King
2021-05-03 9:46 ` Ævar Arnfjörð Bjarmason
2021-05-03 20:29 ` Jeff King
2021-05-01 15:41 ` [PATCH 2/9] fsck_tree(): fix shadowed variable Jeff King
2021-05-03 11:15 ` Ævar Arnfjörð Bjarmason
2021-05-03 20:13 ` Jeff King
2021-05-04 10:10 ` Ævar Arnfjörð Bjarmason
2021-05-01 15:41 ` [PATCH 3/9] fsck_tree(): wrap some long lines Jeff King
2021-05-03 11:22 ` Ævar Arnfjörð Bjarmason
2021-05-03 20:23 ` Jeff King
2021-05-01 15:42 ` [PATCH 4/9] t7415: rename to expand scope Jeff King
2021-05-01 15:42 ` [PATCH 5/9] t7450: test verify_path() handling of gitmodules Jeff King
2021-05-01 18:55 ` Eric Sunshine
2021-05-01 19:03 ` Eric Sunshine
2021-05-03 19:39 ` Jeff King
2021-05-03 10:12 ` Ævar Arnfjörð Bjarmason
2021-05-03 20:32 ` Jeff King
2021-05-01 15:42 ` [PATCH 6/9] t7450: test .gitmodules symlink matching against obscured names Jeff King
2021-05-01 15:42 ` [PATCH 7/9] t0060: test ntfs/hfs-obscured dotfiles Jeff King
2021-05-01 15:43 ` [PATCH 8/9] fsck: warn about symlinked dotfiles we'll open with O_NOFOLLOW Jeff King
2021-05-01 15:43 ` [PATCH 9/9] docs: document symlink restrictions for dot-files Jeff King
2021-05-01 19:16 ` Eric Sunshine
2021-05-03 20:33 ` Jeff King
2021-05-03 5:36 ` [PATCH 0/9] leftover bits from symlinked gitattributes, etc topics Junio C Hamano
2021-05-03 20:42 ` Jeff King [this message]
2021-05-03 20:43 ` [PATCH v2 1/9] t7415: remove out-dated comment about translation Jeff King
2021-05-03 20:43 ` [PATCH v2 2/9] fsck_tree(): fix shadowed variable Jeff King
2021-05-03 20:43 ` [PATCH v2 3/9] fsck_tree(): wrap some long lines Jeff King
2021-05-03 20:43 ` [PATCH v2 4/9] t7415: rename to expand scope Jeff King
2021-05-03 20:43 ` [PATCH v2 5/9] t7450: test verify_path() handling of gitmodules Jeff King
2021-05-03 20:43 ` [PATCH v2 6/9] t7450: test .gitmodules symlink matching against obscured names Jeff King
2021-05-03 20:43 ` [PATCH v2 7/9] t0060: test ntfs/hfs-obscured dotfiles Jeff King
2021-05-03 20:43 ` [PATCH v2 8/9] fsck: warn about symlinked dotfiles we'll open with O_NOFOLLOW Jeff King
2021-05-03 20:43 ` [PATCH v2 9/9] docs: document symlink restrictions for dot-files Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YJBgMP9eXq31INyN@coredump.intra.peff.net \
--to=peff@peff.net \
--cc=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=sunshine@sunshineco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).