On Wed, Dec 28, 2022 at 09:42:39AM -0500, rsbecker@xxxxxxxxxxxxx wrote: > > > >-----Original Message----- > >From: Junio C Hamano <jch2355@xxxxxxxxx> On Behalf Of Junio C Hamano > On December 27, 2022 10:34 PM, Junio C Hamano wrote: > ><rsbecker@xxxxxxxxxxxxx> writes: > > > >> As of 2.39.0, I am now getting fatal: transport 'file' not allowed > >> when performing a submodule add after a clone -l. The simple reproduce > >> of this > >> is: > >> ... > >> This happens for any submodule add on the same system. Some online > >> research indicates that there was a security patch to git causing > >> this, but I can't find it. This does not seem correct to me or how this > improves > >security. > >> Help please - this is causing some of my workflows to break. > > > >Thanks for reporting, Randall. > > > >This suspiciously sounds like what a1d4f67c (transport: make > `protocol.file.allow` > >be "user" by default, 2022-07-29) is doing deliberately. Taylor, does this > look like a > >corner case the 2.30.6 updates forgot to consider? > > I have tried using 'git config --local protocol.file.allow always' and/or > 'git config --local protocol.allow always' to get past this, without > success. I couldn't reproduce the symptom you described. Indeed, the behavior of not allowing local-submodules to be cloned without explicitly opting in via the `protocol.file.allow` configuration is intentional. The patch Junio mentioned, a1d4f67c12 (transport: make `protocol.file.allow` be "user" by default, 2022-07-29) has some examples of why this behavior was changed in the 2.30.6 update. If you run either `git config --global protocol.file.allow always`, or replace your last submodule add with: $ git -c protocol.file.allow=always submodule add /path/to/subsrc.git it should work as expected. Thanks, Taylor
