[pacman-dev] [PATCH 2/2] makepkg: check if $dir is a local clone of the right git repo
Before this patch, makepkg does not check if $dir is a local clone of the right repo. For example, git fetch would be run even if $dir is not a local bare clone of a git repo in present in source(), but a subdir of a checked-out one. That means makepkg can potentially fetch from a completely unrelated remote and update completely unrelated dirs/files. This patch adds a check to make sure we are fetching from the right remote. Signed-off-by: Mohammad Alsaleh <msal@i2pmail.org> --- scripts/makepkg.sh.in | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 6c0e821..7ec523c 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -404,8 +404,14 @@ download_git() { exit 1 fi elif (( ! HOLDVER )); then - msg2 "$(gettext "Updating %s %s repo...")" "${repo}" "git" cd_safe "$dir" + # Make sure we are fetching the right repo + if [[ "$url" != "$(git config --get remote.origin.url)" ]] ; then + error "$(gettext "%s is not a clone of %s")" "$dir" "$url" + plain "$(gettext "Aborting...")" + exit 1 + fi + msg2 "$(gettext "Updating %s %s repo...")" "${repo}" "git" if ! git fetch --all -p; then # only warn on failure to allow offline builds warning "$(gettext "Failure while updating %s %s repo")" "${repo}" "git" -- 1.7.11.4
On 12/08/12 10:24, Mohammad Alsaleh wrote:
Before this patch, makepkg does not check if $dir is a local clone of the right repo.
For example, git fetch would be run even if $dir is not a local bare clone of a git repo in present in source(), but a subdir of a checked-out one. That means makepkg can potentially fetch from a completely unrelated remote and update completely unrelated dirs/files.
This patch adds a check to make sure we are fetching from the right remote.
Signed-off-by: Mohammad Alsaleh <msal@i2pmail.org>
Looks good. Can we also do something like this for svn and hg?
--- scripts/makepkg.sh.in | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 6c0e821..7ec523c 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -404,8 +404,14 @@ download_git() { exit 1 fi elif (( ! HOLDVER )); then - msg2 "$(gettext "Updating %s %s repo...")" "${repo}" "git" cd_safe "$dir" + # Make sure we are fetching the right repo + if [[ "$url" != "$(git config --get remote.origin.url)" ]] ; then + error "$(gettext "%s is not a clone of %s")" "$dir" "$url" + plain "$(gettext "Aborting...")" + exit 1 + fi + msg2 "$(gettext "Updating %s %s repo...")" "${repo}" "git" if ! git fetch --all -p; then # only warn on failure to allow offline builds warning "$(gettext "Failure while updating %s %s repo")" "${repo}" "git"
participants (2)
-
Allan McRae
-
Mohammad Alsaleh