Page MenuHomePhabricator
Differential D14986

Enforce sensible, unique clone/checkout names for repositories
ClosedPublic
Actions

Authored by epriestley on Jan 10 2016, 7:18 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Jun 11, 1:19 PM
Unknown Object (File)
Mon, Jun 2, 2:21 AM
Unknown Object (File)
May 27 2025, 12:15 PM
Unknown Object (File)
May 7 2025, 9:50 PM
Unknown Object (File)
May 2 2025, 4:42 PM
Unknown Object (File)
Apr 30 2025, 5:29 AM
Unknown Object (File)
Apr 23 2025, 7:13 PM
Unknown Object (File)
Apr 5 2025, 5:43 PM
View All Files
Subscribers
None

Details

Reviewers
chad
Maniphest Tasks
T7938: Do not allow users to enter things like "/" or ".." in the "Clone/Checkout" field in repositories
Commits
Restricted Diffusion Commit
rP0b3d10c3da91: Enforce sensible, unique clone/checkout names for repositories
Summary

Fixes T7938.

  • Primarily, users can currently shoot themselves in the foot by putting ../../etc/passwd and other similar nonsense in these fields (this is not dangerous, but also does not work). Require sensible names.
  • Enforce uniqueness so these names can be used in URIs and as identifiers in the future.
  • (This doesn't start actually using them for anything fancy yet.)
Test Plan
  • Gave several repositories clone names: a valid name, two duplicate names, an invalid, name, some with no names.
  • Ran migrations.
  • Got clean conversion for valid names, appropriate errors for invalid/duplicate names.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley updated this revision to Diff 36205.Jan 10 2016, 7:18 PM
epriestley retitled this revision from to Enforce sensible, unique clone/checkout names for repositories.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: chad.
epriestley added a task: T7938: Do not allow users to enter things like "/" or ".." in the "Clone/Checkout" field in repositories.
epriestley updated this object.Jan 10 2016, 7:18 PM
epriestley updated this object.
epriestley mentioned this in T10115: Upgrading: Unique, Sensible Repository Slugs.Jan 10 2016, 7:27 PM
chad accepted this revision.Jan 11 2016, 1:08 AM
chad edited edge metadata.

Nice tests!

This revision is now accepted and ready to land.Jan 11 2016, 1:08 AM
Closed by commit rP0b3d10c3da91: Enforce sensible, unique clone/checkout names for repositories (authored by epriestley, committed by epriestley). · Explain WhyJan 11 2016, 10:06 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
resources/
sql/
autopatches/
5 lines
49 lines
src/
applications/
diffusion/
controller/
21 lines
2 lines
repository/
editor/
71 lines
query/
13 lines
storage/
89 lines
__tests__/
64 lines

Diff 36208

View Options

resources/sql/autopatches/20160110.repo.01.slug.sql

Loading...
View Options

resources/sql/autopatches/20160110.repo.02.slug.php

Loading...
View Options

src/applications/diffusion/controller/DiffusionRepositoryEditBasicController.php

Loading...
View Options

src/applications/diffusion/controller/DiffusionRepositoryEditMainController.php

Loading...
View Options

src/applications/repository/editor/PhabricatorRepositoryEditor.php

Loading...
View Options

src/applications/repository/query/PhabricatorRepositoryQuery.php

Loading...
View Options

src/applications/repository/storage/PhabricatorRepository.php

Loading...
View Options

src/applications/repository/storage/__tests__/PhabricatorRepositoryTestCase.php

Loading...
Phabricator · Built by Phacility