refs: reject ref updates while GIT_QUARANTINE_PATH is set
As documented in git-receive-pack(1), updating a ref from within the pre-receive hook is dangerous and can corrupt your repo. This patch forbids ref updates entirely during the hook to make it harder for adventurous hook writers to shoot themselves in the foot. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Jeff King
committed by
Junio C Hamano
Junio C Hamano
parent
eaeed077a6
commit
d8f4481c4f
@ -33,4 +33,15 @@ test_expect_success 'rejected objects are removed' '
|
||||
test_cmp expect actual
|
||||
'
|
||||
|
||||
test_expect_success 'updating a ref from quarantine is forbidden' '
|
||||
git init --bare update.git &&
|
||||
write_script update.git/hooks/pre-receive <<-\EOF &&
|
||||
read old new refname
|
||||
git update-ref refs/heads/unrelated $new
|
||||
exit 1
|
||||
EOF
|
||||
test_must_fail git push update.git HEAD &&
|
||||
git -C update.git fsck
|
||||
'
|
||||
|
||||
test_done
|
||||
|
||||
Reference in New Issue
Block a user