From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 40579158020 for ; Sun, 13 Nov 2022 22:34:27 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 734D5E0858; Sun, 13 Nov 2022 22:34:26 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 3FF5EE0858 for ; Sun, 13 Nov 2022 22:34:26 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 2F03C340DFC for ; Sun, 13 Nov 2022 22:34:25 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 87C40738 for ; Sun, 13 Nov 2022 22:34:23 +0000 (UTC) From: "Marek Szuba" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Marek Szuba" Message-ID: <1668378856.96238e309ddbd3f6aca08d59c9db543a67be67c9.marecki@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: dev-vcs/pre-commit/, dev-vcs/pre-commit/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: dev-vcs/pre-commit/files/pre-commit-2.20.0-tests_git_file_transport.patch dev-vcs/pre-commit/pre-commit-2.20.0-r1.ebuild X-VCS-Directories: dev-vcs/pre-commit/ dev-vcs/pre-commit/files/ X-VCS-Committer: marecki X-VCS-Committer-Name: Marek Szuba X-VCS-Revision: 96238e309ddbd3f6aca08d59c9db543a67be67c9 X-VCS-Branch: master Date: Sun, 13 Nov 2022 22:34:23 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 0a68cd6f-8ea5-4492-bf9c-26b3e166328e X-Archives-Hash: 5cab4f156ee52491771cdeccd7c2f7ff commit: 96238e309ddbd3f6aca08d59c9db543a67be67c9 Author: Marek Szuba gentoo org> AuthorDate: Sun Nov 13 22:26:10 2022 +0000 Commit: Marek Szuba gentoo org> CommitDate: Sun Nov 13 22:34:16 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=96238e30 dev-vcs/pre-commit: allow the tests to use the 'file' transport Needed for the test suite to work against git versions including the fix for CVE-2022-39253. Should be harmless enough even if upstream gets compromised and publishes a tarball containing malicious symlinks, unless someone makes a serious effort to grant Portage a lot of unnecessary privileges. Closes: https://bugs.gentoo.org/878781 Signed-off-by: Marek Szuba gentoo.org> ...re-commit-2.20.0-tests_git_file_transport.patch | 44 ++++++++++++++++++++++ dev-vcs/pre-commit/pre-commit-2.20.0-r1.ebuild | 1 + 2 files changed, 45 insertions(+) diff --git a/dev-vcs/pre-commit/files/pre-commit-2.20.0-tests_git_file_transport.patch b/dev-vcs/pre-commit/files/pre-commit-2.20.0-tests_git_file_transport.patch new file mode 100644 index 000000000000..9845e1311da5 --- /dev/null +++ b/dev-vcs/pre-commit/files/pre-commit-2.20.0-tests_git_file_transport.patch @@ -0,0 +1,44 @@ +--- a/tests/commands/install_uninstall_test.py ++++ b/tests/commands/install_uninstall_test.py +@@ -176,7 +176,7 @@ + def test_install_in_submodule_and_run(tempdir_factory, store): + src_path = make_consuming_repo(tempdir_factory, 'script_hooks_repo') + parent_path = git_dir(tempdir_factory) +- cmd_output('git', 'submodule', 'add', src_path, 'sub', cwd=parent_path) ++ cmd_output('git', '-c', 'protocol.file.allow=always', 'submodule', 'add', src_path, 'sub', cwd=parent_path) + git_commit(cwd=parent_path) + + sub_pth = os.path.join(parent_path, 'sub') +--- a/tests/conftest.py ++++ b/tests/conftest.py +@@ -90,7 +90,7 @@ + git_dir_1 = git_dir(tempdir_factory) + git_dir_2 = git_dir(tempdir_factory) + git_commit(msg=in_conflicting_submodule.__name__, cwd=git_dir_2) +- cmd_output('git', 'submodule', 'add', git_dir_2, 'sub', cwd=git_dir_1) ++ cmd_output('git', '-c', 'protocol.file.allow=always', 'submodule', 'add', git_dir_2, 'sub', cwd=git_dir_1) + with cwd(os.path.join(git_dir_1, 'sub')): + _make_conflict() + yield +--- a/tests/repository_test.py ++++ b/tests/repository_test.py +@@ -443,7 +443,7 @@ + repo.join('main.go').write(main_go) + cmd_output('git', '-C', str(repo), 'init', '.') + cmd_output('git', '-C', str(repo), 'add', '.') +- cmd_output('git', '-C', str(repo), 'submodule', 'add', str(sub), 'sub') ++ cmd_output('git', '-C', str(repo), '-c', 'protocol.file.allow=always', 'submodule', 'add', str(sub), 'sub') + git.commit(str(repo)) + + config = make_config_from_repo(str(repo)) +--- a/tests/staged_files_only_test.py ++++ b/tests/staged_files_only_test.py +@@ -207,7 +207,7 @@ + cmd_output('git', 'add', 'bar') + git_commit() + cmd_output( +- 'git', 'submodule', 'add', repo_with_commits.path, 'sub', ++ 'git', '-c', 'protocol.file.allow=always', 'submodule', 'add', repo_with_commits.path, 'sub', + ) + checkout_submodule(repo_with_commits.rev1) + cmd_output('git', 'add', 'sub') diff --git a/dev-vcs/pre-commit/pre-commit-2.20.0-r1.ebuild b/dev-vcs/pre-commit/pre-commit-2.20.0-r1.ebuild index 5c803594ede5..0661c9a15854 100644 --- a/dev-vcs/pre-commit/pre-commit-2.20.0-r1.ebuild +++ b/dev-vcs/pre-commit/pre-commit-2.20.0-r1.ebuild @@ -35,6 +35,7 @@ BDEPEND="test? ( PATCHES=( "${FILESDIR}"/${PN}-2.20.0-no_toml.patch + "${FILESDIR}"/${PN}-2.20.0-tests_git_file_transport.patch ) DOCS=( CHANGELOG.md CONTRIBUTING.md README.md )