commit | e6a202f790daaf204513b8c53b824fcc246f9972 | [log] [tgz] |
---|---|---|
author | Mike Frysinger <vapier@google.com> | Fri Aug 02 15:57:57 2019 -0400 |
committer | Mike Frysinger <vapier@google.com> | Tue Feb 04 20:34:23 2020 +0000 |
tree | 6907f26e5a17a7b39f62e401b895088f1c178540 | |
parent | 04122b7261319dae3abcaf0eb63af7ed937dc463 [diff] |
project: add basic path checks for <copyfile> & <linkfile> Reject paths in <copyfile> & <linkfile> that try to use symlinks or non-file or non-dirs. We don't fully validate <linkfile> when src is a glob as it's a bit complicated -- any component in the src could be the glob. We make sure the destination is a directory, and that any paths in that dir are created as symlinks. So while this can be used to read any path, it can't be abused to write to any paths. Bug: https://crbug.com/gerrit/11218 Change-Id: I68b6d789b5ca4e43f569e75e8b293b3e13d3224b Reviewed-on: https://gerrit-review.googlesource.com/c/git-repo/+/233074 Tested-by: Mike Frysinger <vapier@google.com> Reviewed-by: Mike Frysinger <vapier@google.com> Reviewed-by: Michael Mortensen <mmortensen@google.com>
Repo is a tool built on top of Git. Repo helps manage many Git repositories, does the uploads to revision control systems, and automates parts of the development workflow. Repo is not meant to replace Git, only to make it easier to work with Git. The repo command is an executable Python script that you can put anywhere in your path.
Many distros include repo, so you might be able to install from there.
# Debian/Ubuntu. $ sudo apt-get install repo # Gentoo. $ sudo emerge dev-vcs/repo
You can install it manually as well as it's a single script.
$ mkdir -p ~/.bin $ PATH="${HOME}/.bin:${PATH}" $ curl https://storage.googleapis.com/git-repo-downloads/repo > ~/.bin/repo $ chmod a+rx ~/.bin/repo