diff options
| -rw-r--r-- | AUTHORS | 1 | ||||
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | VERSION | 2 | ||||
| -rw-r--r-- | git/cmd.py | 4 | ||||
| m--------- | git/ext/gitdb | 0 | ||||
| -rw-r--r-- | git/objects/submodule/base.py | 10 | ||||
| -rw-r--r-- | git/remote.py | 1 | ||||
| -rw-r--r-- | git/repo/base.py | 28 | ||||
| -rw-r--r-- | git/test/test_docs.py | 4 | ||||
| -rw-r--r-- | git/util.py | 10 |
10 files changed, 41 insertions, 21 deletions
@@ -19,5 +19,6 @@ Contributors are: -Timothy B. Hartman <tbhartman _at_ gmail.com> -Konstantin Popov <konstantin.popov.89 _at_ yandex.ru> -Peter Jones <pjones _at_ redhat.com> +-Alexis Horgix Chotard Portions derived from other open source works and are clearly marked. @@ -14,5 +14,5 @@ release: clean force_release: clean git push --tags - python setup.py sdist bdist_wheel + python3 setup.py sdist bdist_wheel twine upload -s -i byronimo@gmail.com dist/* @@ -1 +1 @@ -2.1.5 +2.1.6 @@ -31,7 +31,7 @@ from git.compat import ( ) from git.exc import CommandError from git.odict import OrderedDict -from git.util import is_cygwin_git, cygpath +from git.util import is_cygwin_git, cygpath, expand_path from .exc import ( GitCommandError, @@ -405,7 +405,7 @@ class Git(LazyMixin): It is meant to be the working tree directory if available, or the .git directory in case of bare repositories.""" super(Git, self).__init__() - self._working_dir = working_dir + self._working_dir = expand_path(working_dir) self._git_options = () self._persistent_git_options = [] diff --git a/git/ext/gitdb b/git/ext/gitdb -Subproject 38866bc7c4956170c681a62c4508f934ac82646 +Subproject c0fd43b5ff8c356fcf9cdebbbbd1803a502b465 diff --git a/git/objects/submodule/base.py b/git/objects/submodule/base.py index e3912d88..a6b4caed 100644 --- a/git/objects/submodule/base.py +++ b/git/objects/submodule/base.py @@ -123,12 +123,12 @@ class Submodule(IndexObject, Iterable, Traversable): reader = self.config_reader() # default submodule values try: - self.path = reader.get_value('path') + self.path = reader.get('path') except cp.NoSectionError: raise ValueError("This submodule instance does not exist anymore in '%s' file" % osp.join(self.repo.working_tree_dir, '.gitmodules')) # end - self._url = reader.get_value('url') + self._url = reader.get('url') # git-python extension values - optional self._branch_path = reader.get_value(self.k_head_option, git.Head.to_full_path(self.k_head_default)) elif attr == '_name': @@ -1168,11 +1168,11 @@ class Submodule(IndexObject, Iterable, Traversable): for sms in parser.sections(): n = sm_name(sms) - p = parser.get_value(sms, 'path') - u = parser.get_value(sms, 'url') + p = parser.get(sms, 'path') + u = parser.get(sms, 'url') b = cls.k_head_default if parser.has_option(sms, cls.k_head_option): - b = str(parser.get_value(sms, cls.k_head_option)) + b = str(parser.get(sms, cls.k_head_option)) # END handle optional information # get the binsha diff --git a/git/remote.py b/git/remote.py index 29c7ed92..ff72e268 100644 --- a/git/remote.py +++ b/git/remote.py @@ -38,6 +38,7 @@ from .refs import ( log = logging.getLogger('git.remote') +log.addHandler(logging.NullHandler()) __all__ = ('RemoteProgress', 'PushInfo', 'FetchInfo', 'Remote') diff --git a/git/repo/base.py b/git/repo/base.py index d607deee..d3bdc983 100644 --- a/git/repo/base.py +++ b/git/repo/base.py @@ -9,6 +9,7 @@ import logging import os import re import sys +import warnings from git.cmd import ( Git, @@ -29,7 +30,7 @@ from git.index import IndexFile from git.objects import Submodule, RootModule, Commit from git.refs import HEAD, Head, Reference, TagReference from git.remote import Remote, add_progress, to_progress_instance -from git.util import Actor, finalize_process, decygpath, hex_to_bin +from git.util import Actor, finalize_process, decygpath, hex_to_bin, expand_path import os.path as osp from .fun import rev_parse, is_git_dir, find_submodule_git_dir, touch, find_worktree_git_dir @@ -50,10 +51,6 @@ BlameEntry = namedtuple('BlameEntry', ['commit', 'linenos', 'orig_path', 'orig_l __all__ = ('Repo',) -def _expand_path(p): - return osp.normpath(osp.abspath(osp.expandvars(osp.expanduser(p)))) - - class Repo(object): """Represents a git repository and allows you to query references, gather commit information, generate diffs, create and clone repositories query @@ -91,7 +88,7 @@ class Repo(object): # Subclasses may easily bring in their own custom types by placing a constructor or type here GitCommandWrapperType = Git - def __init__(self, path=None, odbt=DefaultDBType, search_parent_directories=False): + def __init__(self, path=None, odbt=DefaultDBType, search_parent_directories=False, expand_vars=True): """Create a new Repo instance :param path: @@ -117,12 +114,18 @@ class Repo(object): :raise InvalidGitRepositoryError: :raise NoSuchPathError: :return: git.Repo """ + epath = path or os.getenv('GIT_DIR') if not epath: epath = os.getcwd() if Git.is_cygwin(): epath = decygpath(epath) - epath = _expand_path(epath or path or os.getcwd()) + + epath = epath or path or os.getcwd() + if expand_vars and ("%" in epath or "$" in epath): + warnings.warn("The use of environment variables in paths is deprecated" + + "\nfor security reasons and may be removed in the future!!") + epath = expand_path(epath, expand_vars) if not os.path.exists(epath): raise NoSuchPathError(epath) @@ -149,7 +152,7 @@ class Repo(object): sm_gitpath = find_worktree_git_dir(dotgit) if sm_gitpath is not None: - self.git_dir = _expand_path(sm_gitpath) + self.git_dir = expand_path(sm_gitpath, expand_vars) self._working_tree_dir = curpath break @@ -858,7 +861,7 @@ class Repo(object): return blames @classmethod - def init(cls, path=None, mkdir=True, odbt=DefaultDBType, **kwargs): + def init(cls, path=None, mkdir=True, odbt=DefaultDBType, expand_vars=True, **kwargs): """Initialize a git repository at the given path if specified :param path: @@ -876,12 +879,17 @@ class Repo(object): the directory containing the database objects, i.e. .git/objects. It will be used to access all object data + :param expand_vars: + if specified, environment variables will not be escaped. This + can lead to information disclosure, allowing attackers to + access the contents of environment variables + :parm kwargs: keyword arguments serving as additional options to the git-init command :return: ``git.Repo`` (the newly created repo)""" if path: - path = _expand_path(path) + path = expand_path(path, expand_vars) if mkdir and path and not osp.exists(path): os.makedirs(path, 0o755) diff --git a/git/test/test_docs.py b/git/test/test_docs.py index cbbd9447..1ba3f482 100644 --- a/git/test/test_docs.py +++ b/git/test/test_docs.py @@ -289,9 +289,9 @@ class Tutorials(TestBase): assert len(headcommit.hexsha) == 40 assert len(headcommit.parents) > 0 assert headcommit.tree.type == 'tree' - assert headcommit.author.name == 'Sebastian Thiel' + assert len(headcommit.author.name) != 0 assert isinstance(headcommit.authored_date, int) - assert headcommit.committer.name == 'Sebastian Thiel' + assert len(headcommit.committer.name) != 0 assert isinstance(headcommit.committed_date, int) assert headcommit.message != '' # ![14-test_references_and_objects] diff --git a/git/util.py b/git/util.py index 5553a0aa..5baeee91 100644 --- a/git/util.py +++ b/git/util.py @@ -340,6 +340,16 @@ def finalize_process(proc, **kwargs): ## TODO: No close proc-streams?? proc.wait(**kwargs) + +def expand_path(p, expand_vars=True): + try: + p = osp.expanduser(p) + if expand_vars: + p = osp.expandvars(p) + return osp.normpath(osp.abspath(p)) + except: + return None + #} END utilities #{ Classes |