fetchgit: Remove incomplete/unneeded isURI check.
This check spuriously fails for e.g. git@github.com:NixOS/nixpkgs.git, and even for ssh://git@github.com/NixOS/nixpkgs.git, and is made redundant by the checks git itself will do when fetching the repo. We instead pass a -- before passing the URI to git to avoid injection.
This commit is contained in:
parent
1dd29d7aeb
commit
4e58294ae6
1 changed files with 1 additions and 4 deletions
|
@ -13,9 +13,6 @@ namespace nix {
|
||||||
Path exportGit(ref<Store> store, const std::string & uri,
|
Path exportGit(ref<Store> store, const std::string & uri,
|
||||||
const std::string & ref, const std::string & rev)
|
const std::string & ref, const std::string & rev)
|
||||||
{
|
{
|
||||||
if (!isUri(uri))
|
|
||||||
throw EvalError(format("'%s' is not a valid URI") % uri);
|
|
||||||
|
|
||||||
if (rev != "") {
|
if (rev != "") {
|
||||||
std::regex revRegex("^[0-9a-fA-F]{40}$");
|
std::regex revRegex("^[0-9a-fA-F]{40}$");
|
||||||
if (!std::regex_match(rev, revRegex))
|
if (!std::regex_match(rev, revRegex))
|
||||||
|
@ -47,7 +44,7 @@ Path exportGit(ref<Store> store, const std::string & uri,
|
||||||
if (stat(localRefFile.c_str(), &st) != 0 ||
|
if (stat(localRefFile.c_str(), &st) != 0 ||
|
||||||
st.st_mtime < now - settings.tarballTtl)
|
st.st_mtime < now - settings.tarballTtl)
|
||||||
{
|
{
|
||||||
runProgram("git", true, { "-C", cacheDir, "fetch", "--force", uri, ref + ":" + localRef });
|
runProgram("git", true, { "-C", cacheDir, "fetch", "--force", "--", uri, ref + ":" + localRef });
|
||||||
|
|
||||||
struct timeval times[2];
|
struct timeval times[2];
|
||||||
times[0].tv_sec = now;
|
times[0].tv_sec = now;
|
||||||
|
|
Loading…
Reference in a new issue