On Thu, Nov 10, 2022 at 04:10:22PM +0100, Johannes Schindelin wrote: > Hi Peff, > > On Mon, 17 Oct 2022, Jeff King wrote: > > > [... talking about safe.directory ...] > > > > But curiously this still does not pass after your patch, because we seem > > to actually open the repository! I think this is because the C code > > allows an explicit GIT_DIR to override the safe-directory checks. > > Yes, I remember that this was something we discussed at some length during > the embargo: what to do with the explicitly-specified `GIT_DIR` when > verifying the ownership, and my recollection is that we asserted that > setting `GIT_DIR` qualifies for "they know what they're doing" (in > particular when it is done in a script, not interactively). Thanks for confirming. I'm not sure if you read the rest of the thread, but the bug turned out to be in Git.pm, which sets GIT_DIR without knowing what it's doing. :) We ended up with 20da61f25f (Git.pm: trust rev-parse to find bare repositories, 2022-10-22) as the fix. -Peff
