From 9fa81a88279f2e4be11992a0bc313210b62ae08f Mon Sep 17 00:00:00 2001 From: Emily Shaffer Date: Wed, 26 Apr 2023 14:51:31 -0700 Subject: [PATCH] cmd/go/internal/modfetch/codehost: explicitly specify GIT_DIR When Git has safe.bareRepository=explicit set, operations on bare Git repositories will fail unless --git-dir or GIT_DIR is set. The rest of the time, specifying the gitdir makes repository discovery at the beginning of a Git command ever-so-slightly faster. So, there is no downside to ensuring that users with this stricter security config set can still use 'go mod' commands easily. See https://lore.kernel.org/git/pull.1261.v8.git.git.1657834081.gitgitgadget@gmail.com/ for a more detailed description of security concerns around embedded bare repositories without an explicitly specified GIT_DIR. Change-Id: I01c1d97a79fdab12c2b5532caf84eb7760f96b18 Reviewed-on: https://go-review.googlesource.com/c/go/+/489915 Reviewed-by: Bryan Mills Auto-Submit: Bryan Mills TryBot-Result: Gopher Robot Run-TryBot: Bryan Mills --- src/cmd/go/internal/modfetch/codehost/codehost.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/cmd/go/internal/modfetch/codehost/codehost.go b/src/cmd/go/internal/modfetch/codehost/codehost.go index 3a6e55e9a3..7e763bee99 100644 --- a/src/cmd/go/internal/modfetch/codehost/codehost.go +++ b/src/cmd/go/internal/modfetch/codehost/codehost.go @@ -377,6 +377,8 @@ func RunWithStdin(dir string, stdin io.Reader, cmdline ...any) ([]byte, error) { c.Stdin = stdin c.Stderr = &stderr c.Stdout = &stdout + // For Git commands, manually supply GIT_DIR so Git works with safe.bareRepository=explicit set. Noop for other commands. + c.Env = append(c.Environ(), "GIT_DIR="+dir) err := c.Run() if err != nil { err = &RunError{Cmd: strings.Join(cmd, " ") + " in " + dir, Stderr: stderr.Bytes(), Err: err} -- 2.48.1