Mercurial > hg
view tests/test-check-code.t @ 29051:a56296f55a5e stable 3.8.1
convert: pass absolute paths to git (SEC)
Fixes CVE-2016-3105 (1/1).
Previously, it was possible for the repository path passed to git-ls-remote
to be misinterpreted as a URL.
Always passing an absolute path to git is a simple way to avoid this.
| author | Blake Burkhart <bburky@bburky.com> |
|---|---|
| date | Wed, 06 Apr 2016 22:57:46 -0500 |
| parents | 045cdf47851a |
| children | 3c9066ed557c |
line wrap: on
line source
#require test-repo $ check_code="$TESTDIR"/../contrib/check-code.py $ cd "$TESTDIR"/.. New errors are not allowed. Warnings are strongly discouraged. (The writing "no-che?k-code" is for not skipping this file when checking.) $ hg locate | sed 's-\\-/-g' | > xargs "$check_code" --warnings --per-file=0 || false Skipping hgext/fsmonitor/pywatchman/__init__.py it has no-che?k-code (glob) Skipping hgext/fsmonitor/pywatchman/bser.c it has no-che?k-code (glob) Skipping hgext/fsmonitor/pywatchman/capabilities.py it has no-che?k-code (glob) Skipping hgext/fsmonitor/pywatchman/msc_stdint.h it has no-che?k-code (glob) Skipping hgext/fsmonitor/pywatchman/pybser.py it has no-che?k-code (glob) Skipping i18n/polib.py it has no-che?k-code (glob) Skipping mercurial/httpclient/__init__.py it has no-che?k-code (glob) Skipping mercurial/httpclient/_readers.py it has no-che?k-code (glob) Skipping mercurial/httpclient/socketutil.py it has no-che?k-code (glob)