mirror of
https://github.com/martinvonz/jj.git
synced 2025-01-20 11:25:34 +00:00
ded48ff6e7
I originally considered adding deny-list-based implementation, but the Windows compatibility rules are super confusing and I don't have a machine to find out possible aliases. This patch instead adds directory equivalence tests. In order to test file entity equivalence, we first need to create a file or directory of the requested name. It's harmless to create an empty .jj or .git directory, but materializing .git file or symlink can temporarily set up RCE situation. That's why new empty file is created to test the path validity. We might want to add some optimization for safe names (e.g. ASCII, not contain "git" or "jj", not contain "~", etc.) That being said, I'm not pretty sure if .git/.jj in sub directory must be checked. It's not safe to cd into the directory and run "jj", but the same thing can be said to other tools such as "cargo". Perhaps, our minimum requirement is to protect our metadata (= the root .jj and .git) directories. Despite the crate name (and internal use of std::fs::File), same_file::is_same_file() can test equivalence of directories. This is documented and tested, so I've removed my custom implementation, which was slightly simpler but lacks Windows support. |
||
|---|---|---|
| .. | ||
| examples | ||
| src | ||
| testing | ||
| tests | ||
| build.rs | ||
| Cargo.toml | ||
| docs | ||
| LICENSE | ||