You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
See #118 for background. We tried to use multimailhook.refFilterInclusionRegex option, and had gitolite barf about suspicious chars in option value (a regex). So, we had to adjust UNSAFE_PATT setting in gitolite.rc (see patch below). Again, maybe worth mentioned that in gitolite.rc (just mention that UNSAFE_PATT may need to be adjusted in that file to give user a direction, and let them research and decide what would be "safe" setting for them).
gitolite.rc: Override and make more liberal UNSAFE_PATT.
UNSAFE_PATT appears to be used to validate "config" directives in
gitolite.conf file (i.e. entries to be added to .git/config of
gitolite-managed repos). This changes is similar REMOTE_COMMAND_PATT
override applied previously. Specific cause is the need to specify a
regex for git-multimail hook.
diff --git a/per-service/git-servers/roles/gitolite/templates/gitolite.rc b/per-service/git-servers/roles/gitolite/templates/gitolite.rc
index 1e74588..d7406e1 100644
--- a/per-service/git-servers/roles/gitolite/templates/gitolite.rc
+++ b/per-service/git-servers/roles/gitolite/templates/gitolite.rc
@@ -190,6 +190,7 @@
# Allow single quote appear in gitolite commands, useful e.g. with "desc"
# command.
$REMOTE_COMMAND_PATT = qr(^[-0-9a-zA-Z._\@/+ :,\%=']*$);
+$UNSAFE_PATT = qr([`~#\&;<>]);
# ------------------------------------------------------------------------------
# per perl rules, this should be the last line in such a file:
The text was updated successfully, but these errors were encountered:
I'm not a gitolite user (I've installed to test git-multimail, but that's all), so I may not be the best person to write the doc. I'll try a patch, but feel free to submit a PR to improve it.
Fixesgit-multimail#119.
The documentation is kept short and is purposely not sufficient for the
user to set UNSAFE_PATT, as I do not want people to blindly apply an
unsafe reciepe. Instead, add a link to the official documentation of
UNSAFE_PATT which explains the safety implications better than we would
do here.
Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr>
See #118 for background. We tried to use multimailhook.refFilterInclusionRegex option, and had gitolite barf about suspicious chars in option value (a regex). So, we had to adjust UNSAFE_PATT setting in gitolite.rc (see patch below). Again, maybe worth mentioned that in gitolite.rc (just mention that UNSAFE_PATT may need to be adjusted in that file to give user a direction, and let them research and decide what would be "safe" setting for them).
The text was updated successfully, but these errors were encountered: