Re: [PATCH 4/8] tests: verify that `clone -c core.hooksPath=/dev/null` works again

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Junio,

On Fri, 17 May 2024, Junio C Hamano wrote:

> "Johannes Schindelin via GitGitGadget" <gitgitgadget@xxxxxxxxx>
> writes:
>
> > What the added protection did not anticipate is that such a
> > repository-local `core.hooksPath` can not only be used to point to
> > maliciously-placed scripts in the current worktree, but also to
> > _prevent_ hooks from being called altogether.
> > ...
> > diff --git a/t/t1350-config-hooks-path.sh b/t/t1350-config-hooks-path.sh
> > index f6dc83e2aab..1eae346a6e3 100755
> > --- a/t/t1350-config-hooks-path.sh
> > +++ b/t/t1350-config-hooks-path.sh
> > @@ -41,4 +41,8 @@ test_expect_success 'git rev-parse --git-path hooks' '
> >  	test .git/custom-hooks/abc = "$(cat actual)"
> >  '
> >
> > +test_expect_success 'core.hooksPath=/dev/null' '
> > +	git clone -c core.hooksPath=/dev/null . no-templates
> > +'
>
> Is it sufficient that the command exits with 0?  I am wondering if
> we want to verify that the resulting repository looks like it
> should, e.g., with
>
>     v=$(git -C no-templates config --local --get core.hookspath) &&
>     test "$v" = /dev/null
>
> or something silly like that.

I've added that, but would like to stress that the regression was _not_
that the `core.hooksPath` setting was missing from the local config. I've
added it because the implied suggestion is valid that we'll want to ensure
that the test case passes for the _correct_ reason ;-)

Ciao,
Johannes





[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux