Checkout" field in repositories
Closed, ResolvedPublic
Actions

Assigned To

None

Authored By

	xujinzheng
	Apr 26 2015, 5:49 AM

Description

The clone/checkout field is used to name the directory a repository is checked out into, so it must only have acceptable directory names. For example, "test" and "platform-test" are fine, but "platform/test" and "platform/../../../../etc/passwd" are not. We currently allow users to enter unsuitable values into this field.

Original Report

My project name is test, before I set the repo config of Clone/Checkout, everything works well, but while I changed the config Clone/Checkout into platform/test, then git clone from http will failure.

correct:
git clone ssh://git@xxx.com:10222/diffusion/T/platform/test.git

failed:
git clone https://xxx.com/diffusion/T/platform/test.git

fatal: repository ' https://xxx.com/diffusion/T/platform/test.git/' not found

Revisions and Commits

rP Phabricator
	D14986	rP0b3d10c3da91 Enforce sensible, unique clone/checkout names for repositories

Related Objects
Search...

Status	Assigned	Task
Open	None	T13285 Service failures in JIRA can cascade into service failures in Phabricator
Resolved	epriestley	T5378 Phabricator full task URLs for that instance do not provide hover/popup text (like T1234 does)
Open	epriestley	T13291 Implement a "{src ...}" rule in Remarkup for referencing source files in Diffusion
Resolved	epriestley	T9720 Provide a way to link to Diffusion files
Resolved	bluehawk	T4694 I think callsigns are ugly
Resolved	epriestley	T9287 Working with many repositories
Resolved	epriestley	T4245 Make repository URIs slightly prettier
Resolved	None	T7938 Do not allow users to enter things like "/" or ".." in the "Clone/Checkout" field in repositories

Event Timeline

xujinzheng created this task.Apr 26 2015, 5:49 AM

xujinzheng raised the priority of this task from to Needs Triage.

xujinzheng updated the task description. (Show Details)

xujinzheng added a project: Phabricator.

xujinzheng added a subscriber: xujinzheng.

chad edited projects, added Diffusion; removed Phabricator.Apr 26 2015, 2:12 PM

See also T4245.

epriestley moved this task from Backlog to vNext on the Diffusion board.Oct 20 2015, 2:05 PM

epriestley added a parent task: T4245: Make repository URIs slightly prettier.Jan 5 2016, 1:25 PM

cburroughs added a subscriber: cburroughs.Jan 5 2016, 1:27 PM

For reference, this repository name input:

a bcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890-=!@#$%^&*()_+`~,./<>?;':"[]{}\|

Silently produces a repository with this name on GitHub:

a-bcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890--_-.-

eadler added a project: Restricted Project.Jan 9 2016, 1:03 AM

eadler moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

epriestley added a revision: D14986: Enforce sensible, unique clone/checkout names for repositories.Jan 10 2016, 7:18 PM

epriestley mentioned this in T10115: Upgrading: Unique, Sensible Repository Slugs.Jan 10 2016, 7:27 PM

epriestley closed this task as Resolved by committing rP0b3d10c3da91: Enforce sensible, unique clone/checkout names for repositories.Jan 11 2016, 10:06 AM

epriestley added a commit: rP0b3d10c3da91: Enforce sensible, unique clone/checkout names for repositories.

Do not allow users to enter things like "/" or ".." in the "Clone/Checkout" field in repositoriesClosed, ResolvedPublicActions

Description

Revisions and Commits

Related ObjectsSearch...

Event Timeline

Do not allow users to enter things like "/" or ".." in the "Clone/Checkout" field in repositories
Closed, ResolvedPublic
Actions

Related Objects
Search...