diff mbox series

[2/2] Revert "core.hooksPath: add some protection while cloning"

Message ID 20240514181641.150112-3-sandals@crustytoothpaste.net (mailing list archive)
State New
Headers show
Series Revert defense-in-depth patches breaking Git LFS | expand

Commit Message

brian m. carlson May 14, 2024, 6:16 p.m. UTC 
From: "brian m. carlson" <bk2204@github.com>

The original commit breaks Git LFS, which installs hooks when it is
invoked during the smudge process as part of checkout.  This is required
to install a post-checkout hook that causes files which are set as
lockable (which are typically large binary assets that cannot be merged)
to be read-only unless they've been locked.  In addition, Git LFS
requires the pre-push hook to be installed so that LFS objects can be
pushed as part of the invocation of git push.

Without the ability to install these hooks, the locking functionality
would not work until the user invoked Git LFS again and did a completely
new checkout with all files changed, since Git LFS optimizes for only
changed files.  In addition, an invocation of git push might not push
anything LFS files all to the remote, potentially causing data loss.

Note that this affects all clone operations with a repository with Git
LFS files in it, even if they are configured not to smudge data by
default, so it breaks all automated clones (which will see "die" called)
without the relevant environment variable specified.

Revert this change to restore functionality.

This reverts commit 20f3588efc6cbcae5bbaabf65ee12df87b51a9ea.

Signed-off-by: brian m. carlson <bk2204@github.com>
---
 config.c        | 13 +------------
 t/t1800-hook.sh | 15 ---------------
 2 files changed, 1 insertion(+), 27 deletions(-)
diff mbox series

Patch

diff --git a/config.c b/config.c
index 77a0fd2d80..ae3652b08f 100644
--- a/config.c
+++ b/config.c
@@ -1416,19 +1416,8 @@  static int git_default_core_config(const char *var, const char *value,
 	if (!strcmp(var, "core.attributesfile"))
 		return git_config_pathname(&git_attributes_file, var, value);
 
-	if (!strcmp(var, "core.hookspath")) {
-		if (ctx->kvi && ctx->kvi->scope == CONFIG_SCOPE_LOCAL &&
-		    git_env_bool("GIT_CLONE_PROTECTION_ACTIVE", 0))
-			die(_("active `core.hooksPath` found in the local "
-			      "repository config:\n\t%s\nFor security "
-			      "reasons, this is disallowed by default.\nIf "
-			      "this is intentional and the hook should "
-			      "actually be run, please\nrun the command "
-			      "again with "
-			      "`GIT_CLONE_PROTECTION_ACTIVE=false`"),
-			    value);
+	if (!strcmp(var, "core.hookspath"))
 		return git_config_pathname(&git_hooks_path, var, value);
-	}
 
 	if (!strcmp(var, "core.bare")) {
 		is_bare_repository_cfg = git_config_bool(var, value);
diff --git a/t/t1800-hook.sh b/t/t1800-hook.sh
index 1894ebeb0e..8b0234cf2d 100755
--- a/t/t1800-hook.sh
+++ b/t/t1800-hook.sh
@@ -185,19 +185,4 @@  test_expect_success 'stdin to hooks' '
 	test_cmp expect actual
 '
 
-test_expect_success 'clone protections' '
-	test_config core.hooksPath "$(pwd)/my-hooks" &&
-	mkdir -p my-hooks &&
-	write_script my-hooks/test-hook <<-\EOF &&
-	echo Hook ran $1
-	EOF
-
-	git hook run test-hook 2>err &&
-	test_grep "Hook ran" err &&
-	test_must_fail env GIT_CLONE_PROTECTION_ACTIVE=true \
-		git hook run test-hook 2>err &&
-	test_grep "active .core.hooksPath" err &&
-	test_grep ! "Hook ran" err
-'
-
 test_done