Revision c8f64781c8b3d44ecb57d14fbffcdbf063583812 authored by Johannes Schindelin on 20 May 2024, 20:22:03 UTC, committed by Junio C Hamano on 21 May 2024, 19:33:08 UTC
As part of the protections added in Git v2.45.1 and friends, repository-local `core.hooksPath` settings are no longer allowed, as a defense-in-depth mechanism to prevent future Git vulnerabilities to raise to critical level if those vulnerabilities inadvertently allow the repository-local config to be written. What the added protection did not anticipate is that such a repository-local `core.hooksPath` can not only be used to point to maliciously-placed scripts in the current worktree, but also to _prevent_ hooks from being called altogether. We just reverted the `core.hooksPath` protections, based on the Git maintainer's recommendation in https://lore.kernel.org/git/xmqq4jaxvm8z.fsf@gitster.g/ to address this concern as well as related ones. Let's make sure that we won't regress while trying to protect the clone operation further. Reported-by: Brooke Kuhlmann <brooke@alchemists.io> Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
1 parent 75631a3
resolve-undo.h
#ifndef RESOLVE_UNDO_H
#define RESOLVE_UNDO_H
#include "cache.h"
struct resolve_undo_info {
unsigned int mode[3];
struct object_id oid[3];
};
void record_resolve_undo(struct index_state *, struct cache_entry *);
void resolve_undo_write(struct strbuf *, struct string_list *);
struct string_list *resolve_undo_read(const char *, unsigned long);
void resolve_undo_clear_index(struct index_state *);
int unmerge_index_entry_at(struct index_state *, int);
void unmerge_index(struct index_state *, const struct pathspec *);
void unmerge_marked_index(struct index_state *);
#endif
Computing file changes ...