Google Git
Sign in
gerrit / git-repo / e6a202f790daaf204513b8c53b824fcc246f9972
commite6a202f790daaf204513b8c53b824fcc246f9972[log] [tgz]
authorMike Frysinger <vapier@google.com>Fri Aug 02 15:57:57 2019 -0400
committerMike Frysinger <vapier@google.com>Tue Feb 04 20:34:23 2020 +0000
tree6907f26e5a17a7b39f62e401b895088f1c178540
parent04122b7261319dae3abcaf0eb63af7ed937dc463 [diff]
project: add basic path checks for <copyfile> & <linkfile>

Reject paths in <copyfile> & <linkfile> that try to use symlinks or
non-file or non-dirs.

We don't fully validate <linkfile> when src is a glob as it's a bit
complicated -- any component in the src could be the glob.  We make
sure the destination is a directory, and that any paths in that dir
are created as symlinks.  So while this can be used to read any path,
it can't be abused to write to any paths.

Bug: https://crbug.com/gerrit/11218
Change-Id: I68b6d789b5ca4e43f569e75e8b293b3e13d3224b
Reviewed-on: https://gerrit-review.googlesource.com/c/git-repo/+/233074
Tested-by: Mike Frysinger <vapier@google.com>
Reviewed-by: Mike Frysinger <vapier@google.com>
Reviewed-by: Michael Mortensen <mmortensen@google.com>
3 files changed
tree: 6907f26e5a17a7b39f62e401b895088f1c178540
  1. docs/
  2. hooks/
  3. subcmds/
  4. tests/
  5. .flake8
  6. .gitattributes
  7. .gitignore
  8. .mailmap
  9. .project
  10. .pydevproject
  11. color.py
  12. command.py
  13. editor.py
  14. error.py
  15. event_log.py
  16. git_command.py
  17. git_config.py
  18. git_refs.py
  19. git_ssh
  20. gitc_utils.py
  21. LICENSE
  22. main.py
  23. MANIFEST.in
  24. manifest_xml.py
  25. pager.py
  26. platform_utils.py
  27. platform_utils_win32.py
  28. progress.py
  29. project.py
  30. pyversion.py
  31. README.md
  32. repo
  33. repo_trace.py
  34. run_tests
  35. setup.py
  36. SUBMITTING_PATCHES.md
  37. tox.ini
  38. wrapper.py
README.md

repo

Repo is a tool built on top of Git. Repo helps manage many Git repositories, does the uploads to revision control systems, and automates parts of the development workflow. Repo is not meant to replace Git, only to make it easier to work with Git. The repo command is an executable Python script that you can put anywhere in your path.

Install

Many distros include repo, so you might be able to install from there.

# Debian/Ubuntu.
$ sudo apt-get install repo

# Gentoo.
$ sudo emerge dev-vcs/repo

You can install it manually as well as it's a single script.

$ mkdir -p ~/.bin
$ PATH="${HOME}/.bin:${PATH}"
$ curl https://storage.googleapis.com/git-repo-downloads/repo > ~/.bin/repo
$ chmod a+rx ~/.bin/repo