[DNM] Support safe.bareRepository=explicit for .gitconfig #8106
Conversation
|
The PR is only a POC for adding the support. [Help wanted] And I think we need to figure out the following issue before merging. Technic challenge:When user has opt-in this security feature, we need to add Set GIT_DIR env for git commandIf we set it case by case, it is the same as adding So we are talking about set it "globally" for the whole repo. One way is modifying Git.environmentBlock when a repo start git operation and restore it when it ends. The problem is I don't know if we have concurrent git operation for multi repo/dependency. And the documentation states that "modification is not thread safe, designed for testing only" Pass --git-dir to every git commandGenerally speaking, most git operation will call But the problem is the way we detetmine if a repo is a bare one is through a getter function which will also call ``GitRepository/callGit`. Even we do not call Other tasks/todo:
|
Kyle-Ye
requested review from
bnbarham,
MaxDesiatov,
jakepetroules,
francescomikulis,
xedin,
dschaefer2,
shawnhyam,
bripeticca,
plemarquand and
owenv
as code owners
Kyle-Ye
changed the title
Close #8068
Motivation:
Git has add
safe.bareRepository=explicitto opt-in mitigations for buried bare repos attack since2.38.0.Also some Git GUI app(SourceTree) is enforcing the new rule which breaking the building system including SwiftPM here.
See https://github.com/justinsteven/advisories/blob/main/2022_git_buried_bare_repos_and_fsmonitor_various_abuses.md
for detail.
Modifications:
Add
--git-direxplicitly for bareRepo.Result:
When
safe.bareRepository=explicitis enabled globally on .gitconfig. SwiftPM resolve dependency successfully.Steps to verify
SPMBareTest.zip
git config set safe.bareRepository explicit --global.SPMBareTest.zipand unzip it.cd SPMBareTest && swift package resolve.Context
Other package manager system tracking the issue:
safe.bareRepository explicitGit config composer/composer#11855