The recent defense-in-depth patches to restrict hooks while cloning broke Git LFS because it installs necessary hooks when it is invoked by Git's smudge filter. This means that currently, anyone with Git LFS installed who attempts to clone a repository with at least one LFS file will see a message like the following (fictitious example): ---- $ git clone https://github.com/octocat/xyzzy.git Cloning into 'pull-bug'... remote: Enumerating objects: 1275, done. remote: Counting objects: 100% (343/343), done. remote: Compressing objects: 100% (136/136), done. remote: Total 1275 (delta 221), reused 327 (delta 206), pack-reused 932 Receiving objects: 100% (1275/1275), 290.78 KiB | 2.88 MiB/s, done. Resolving deltas: 100% (226/226), done. Filtering content: 100% (504/504), 1.86 KiB | 0 bytes/s, done. fatal: active `post-checkout` hook found during `git clone`: /home/octocat/xyzzy/.git/hooks/post-checkout For security reasons, this is disallowed by default. If this is intentional and the hook should actually be run, please run the command again with `GIT_CLONE_PROTECTION_ACTIVE=false` warning: Clone succeeded, but checkout failed. You can inspect what was checked out with 'git status' and retry with 'git restore --source=HEAD :/' ---- This causes most CI systems to be broken in such a case, as well as a confusing message for the user. It's not really possible to avoid the need to install the hooks at this location because the post-checkout hook must be ready during the checkout that's part of the clone in order to properly adjust permissions on files. Thus, we'll need to revert the changes to restrict hooks while cloning, which this series does. brian m. carlson (2): Revert "clone: prevent hooks from running during a clone" Revert "core.hooksPath: add some protection while cloning" builtin/clone.c | 5 ----- config.c | 13 +----------- hook.c | 32 ------------------------------ t/t1800-hook.sh | 15 -------------- t/t5601-clone.sh | 51 ------------------------------------------------ 5 files changed, 1 insertion(+), 115 deletions(-)
