Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / external / repo / 0458faa502e9992a4305bfbb282fbee344d505bf^! / . / project.py
commit0458faa502e9992a4305bfbb282fbee344d505bf[log] [tgz]
authorMike Frysinger <vapier@google.com>Wed Mar 10 23:35:44 2021 -0500
committerMike Frysinger <vapier@google.com>Fri Mar 12 16:31:14 2021 +0000
treea91a10bd124b06c55c3a8ca522143d810070d1a6
parent68d5d4dfe5375be53f935c8b72060a56801dda24 [diff] [blame]
manifest: allow toplevel project checkouts

Re-allow checking out projects to the top of the repo client checkout.
We add checks to prevent checking out files under .repo/ as that path
is only managed by us, and projects cannot inject content or settings
into it.

Bug: https://crbug.com/gerrit/14156
Bug: https://crbug.com/gerrit/14200
Change-Id: Id6bf9e882f5be748442b2c35bbeaee3549410b25
Reviewed-on: https://gerrit-review.googlesource.com/c/git-repo/+/299623
Reviewed-by: Michael Mortensen <mmortensen@google.com>
Tested-by: Mike Frysinger <vapier@google.com>

diff --git a/project.py b/project.py
index bc385f2..2567c57 100644
--- a/project.py
+++ b/project.py

@@ -1227,6 +1227,18 @@
     self.CleanPublishedCache(all_refs)
     revid = self.GetRevisionId(all_refs)
 
+    # Special case the root of the repo client checkout.  Make sure it doesn't
+    # contain files being checked out to dirs we don't allow.
+    if self.relpath == '.':
+      PROTECTED_PATHS = {'.repo'}
+      paths = set(self.work_git.ls_tree('-z', '--name-only', '--', revid).split('\0'))
+      bad_paths = paths & PROTECTED_PATHS
+      if bad_paths:
+        syncbuf.fail(self,
+                     'Refusing to checkout project that writes to protected '
+                     'paths: %s' % (', '.join(bad_paths),))
+        return
+
     def _doff():
       self._FastForward(revid)
       self._CopyAndLinkFiles()