From 5e82d5479da5f16d37a915de4ec55e1ac78de733 Mon Sep 17 00:00:00 2001 From: Jan Pecha Date: Thu, 21 Apr 2022 18:50:57 +0200 Subject: [PATCH] Uses --end-of-options after command options (for security reasons) --- src/Git.php | 3 +++ src/GitRepository.php | 30 ++++++++++++------------ tests/GitPhp/GitRepository.branches.phpt | 10 ++++---- tests/GitPhp/GitRepository.files.phpt | 26 ++++++++++---------- tests/GitPhp/GitRepository.remotes.phpt | 20 ++++++++-------- tests/GitPhp/GitRepository.tags.phpt | 4 ++-- 6 files changed, 48 insertions(+), 45 deletions(-) diff --git a/src/Git.php b/src/Git.php index 89f9b1f..575c7c9 100644 --- a/src/Git.php +++ b/src/Git.php @@ -46,6 +46,7 @@ public function init($directory, array $params = NULL) $this->run($directory, [ 'init', $params, + '--end-of-options', $directory ]); @@ -89,6 +90,7 @@ public function cloneRepository($url, $directory = NULL, array $params = NULL) $this->run($cwd, [ 'clone', $params, + '--end-of-options', $url, $directory ]); @@ -120,6 +122,7 @@ public function isRemoteUrlReadable($url, array $refs = NULL) '--heads', '--quiet', '--exit-code', + '--end-of-options', $url, $refs, ], [ diff --git a/src/GitRepository.php b/src/GitRepository.php index f8ec97b..e677f3e 100644 --- a/src/GitRepository.php +++ b/src/GitRepository.php @@ -52,7 +52,7 @@ public function getRepositoryPath() */ public function createTag($name, $options = NULL) { - $this->run('tag', $options, $name); + $this->run('tag', $options, '--end-of-options', $name); return $this; } @@ -86,7 +86,7 @@ public function renameTag($oldName, $newName) { // http://stackoverflow.com/a/1873932 // create new as alias to old (`git tag NEW OLD`) - $this->run('tag', $newName, $oldName); + $this->run('tag', '--end-of-options', $newName, $oldName); // delete old (`git tag -d OLD`) $this->removeTag($oldName); return $this; @@ -114,7 +114,7 @@ public function getTags() */ public function merge($branch, $options = NULL) { - $this->run('merge', $options, $branch); + $this->run('merge', $options, '--end-of-options', $branch); return $this; } @@ -131,7 +131,7 @@ public function merge($branch, $options = NULL) public function createBranch($name, $checkout = FALSE) { // git branch $name - $this->run('branch', $name); + $this->run('branch', '--end-of-options', $name); if ($checkout) { $this->checkout($name); @@ -234,7 +234,7 @@ public function getLocalBranches() */ public function checkout($name) { - $this->run('checkout', $name); + $this->run('checkout', '--end-of-options', $name); return $this; } @@ -253,7 +253,7 @@ public function removeFile($file) } foreach ($file as $item) { - $this->run('rm', $item, '-r'); + $this->run('rm', '-r', '--end-of-options', $item); } return $this; @@ -282,7 +282,7 @@ public function addFile($file) throw new GitException("The path at '$item' does not represent a valid file."); } - $this->run('add', $item); + $this->run('add', '--end-of-options', $item); } return $this; @@ -319,7 +319,7 @@ public function renameFile($file, $to = NULL) } foreach ($file as $from => $to) { - $this->run('mv', $from, $to); + $this->run('mv', '--end-of-options', $from, $to); } return $this; @@ -454,7 +454,7 @@ public function hasChanges() */ public function pull($remote = NULL, array $params = NULL) { - $this->run('pull', $remote, $params); + $this->run('pull', $params, '--end-of-options', $remote); return $this; } @@ -468,7 +468,7 @@ public function pull($remote = NULL, array $params = NULL) */ public function push($remote = NULL, array $params = NULL) { - $this->run('push', $remote, $params); + $this->run('push', $params, '--end-of-options', $remote); return $this; } @@ -482,7 +482,7 @@ public function push($remote = NULL, array $params = NULL) */ public function fetch($remote = NULL, array $params = NULL) { - $this->run('fetch', $remote, $params); + $this->run('fetch', $params, '--end-of-options', $remote); return $this; } @@ -497,7 +497,7 @@ public function fetch($remote = NULL, array $params = NULL) */ public function addRemote($name, $url, array $params = NULL) { - $this->run('remote', 'add', $params, $name, $url); + $this->run('remote', 'add', $params, '--end-of-options', $name, $url); return $this; } @@ -511,7 +511,7 @@ public function addRemote($name, $url, array $params = NULL) */ public function renameRemote($oldName, $newName) { - $this->run('remote', 'rename', $oldName, $newName); + $this->run('remote', 'rename', '--end-of-options', $oldName, $newName); return $this; } @@ -524,7 +524,7 @@ public function renameRemote($oldName, $newName) */ public function removeRemote($name) { - $this->run('remote', 'remove', $name); + $this->run('remote', 'remove', '--end-of-options', $name); return $this; } @@ -539,7 +539,7 @@ public function removeRemote($name) */ public function setRemoteUrl($name, $url, array $params = NULL) { - $this->run('remote', 'set-url', $params, $name, $url); + $this->run('remote', 'set-url', $params, '--end-of-options', $name, $url); return $this; } diff --git a/tests/GitPhp/GitRepository.branches.phpt b/tests/GitPhp/GitRepository.branches.phpt index 8088e6b..3b41d48 100644 --- a/tests/GitPhp/GitRepository.branches.phpt +++ b/tests/GitPhp/GitRepository.branches.phpt @@ -10,12 +10,12 @@ require __DIR__ . '/bootstrap.php'; $runner = new AssertRunner(__DIR__); $git = new Git($runner); -$runner->assert(['branch', 'master']); -$runner->assert(['branch', 'develop']); -$runner->assert(['checkout', 'develop']); -$runner->assert(['merge', 'feature-1']); +$runner->assert(['branch', '--end-of-options', 'master']); +$runner->assert(['branch', '--end-of-options', 'develop']); +$runner->assert(['checkout', '--end-of-options', 'develop']); +$runner->assert(['merge', '--end-of-options', 'feature-1']); $runner->assert(['branch', '-d', 'feature-1']); -$runner->assert(['checkout', 'master']); +$runner->assert(['checkout', '--end-of-options', 'master']); $repo = $git->open(__DIR__); $repo->createBranch('master'); diff --git a/tests/GitPhp/GitRepository.files.phpt b/tests/GitPhp/GitRepository.files.phpt index 5e1deac..5ab28ea 100644 --- a/tests/GitPhp/GitRepository.files.phpt +++ b/tests/GitPhp/GitRepository.files.phpt @@ -14,11 +14,11 @@ $repo = $git->open(__DIR__ . '/fixtures'); test(function () use ($repo, $runner) { $runner->resetAsserts(); - $runner->assert(['add', 'file1.txt']); - $runner->assert(['add', 'file2.txt']); - $runner->assert(['add', 'file3.txt']); - $runner->assert(['add', 'file4.txt']); - $runner->assert(['add', 'file5.txt']); + $runner->assert(['add', '--end-of-options', 'file1.txt']); + $runner->assert(['add', '--end-of-options', 'file2.txt']); + $runner->assert(['add', '--end-of-options', 'file3.txt']); + $runner->assert(['add', '--end-of-options', 'file4.txt']); + $runner->assert(['add', '--end-of-options', 'file5.txt']); $repo->addFile('file1.txt'); $repo->addFile([ @@ -38,11 +38,11 @@ test(function () use ($repo) { test(function () use ($repo, $runner) { $runner->resetAsserts(); - $runner->assert(['rm', 'file1.txt', '-r']); - $runner->assert(['rm', 'file2.txt', '-r']); - $runner->assert(['rm', 'file3.txt', '-r']); - $runner->assert(['rm', 'file4.txt', '-r']); - $runner->assert(['rm', 'file5.txt', '-r']); + $runner->assert(['rm', '-r', '--end-of-options', 'file1.txt']); + $runner->assert(['rm', '-r', '--end-of-options', 'file2.txt']); + $runner->assert(['rm', '-r', '--end-of-options', 'file3.txt']); + $runner->assert(['rm', '-r', '--end-of-options', 'file4.txt']); + $runner->assert(['rm', '-r', '--end-of-options', 'file5.txt']); $repo->removeFile('file1.txt'); $repo->removeFile([ @@ -55,9 +55,9 @@ test(function () use ($repo, $runner) { test(function () use ($repo, $runner) { $runner->resetAsserts(); - $runner->assert(['mv', 'file1.txt', 'new1.txt']); - $runner->assert(['mv', 'file2.txt', 'new2.txt']); - $runner->assert(['mv', 'file3.txt', 'new3.txt']); + $runner->assert(['mv', '--end-of-options', 'file1.txt', 'new1.txt']); + $runner->assert(['mv', '--end-of-options', 'file2.txt', 'new2.txt']); + $runner->assert(['mv', '--end-of-options', 'file3.txt', 'new3.txt']); $repo->renameFile('file1.txt', 'new1.txt'); $repo->renameFile([ diff --git a/tests/GitPhp/GitRepository.remotes.phpt b/tests/GitPhp/GitRepository.remotes.phpt index 1f090ff..d85fd58 100644 --- a/tests/GitPhp/GitRepository.remotes.phpt +++ b/tests/GitPhp/GitRepository.remotes.phpt @@ -10,17 +10,17 @@ require __DIR__ . '/bootstrap.php'; $runner = new AssertRunner(__DIR__); $git = new Git($runner); -$runner->assert(['clone', '-q', 'git@github.com:czproject/git-php.git', __DIR__]); -$runner->assert(['remote', 'add', 'origin2', 'git@github.com:czproject/git-php.git']); -$runner->assert(['remote', 'add', 'remote', 'git@github.com:czproject/git-php.git']); +$runner->assert(['clone', '-q', '--end-of-options', 'git@github.com:czproject/git-php.git', __DIR__]); +$runner->assert(['remote', 'add', '--end-of-options', 'origin2', 'git@github.com:czproject/git-php.git']); +$runner->assert(['remote', 'add', '--end-of-options', 'remote', 'git@github.com:czproject/git-php.git']); $runner->assert(['remote', 'add', [ '--mirror=push', -], 'only-push', 'test-url']); -$runner->assert(['remote', 'rename', 'remote', 'origin3']); +], '--end-of-options', 'only-push', 'test-url']); +$runner->assert(['remote', 'rename', '--end-of-options', 'remote', 'origin3']); $runner->assert(['remote', 'set-url', [ '--push', -], 'origin3', 'test-url']); -$runner->assert(['remote', 'remove', 'origin2']); +], '--end-of-options', 'origin3', 'test-url']); +$runner->assert(['remote', 'remove', '--end-of-options', 'origin2']); $repo = $git->cloneRepository('git@github.com:czproject/git-php.git', __DIR__); $repo->addRemote('origin2', 'git@github.com:czproject/git-php.git'); @@ -34,9 +34,9 @@ $repo->setRemoteUrl('origin3', 'test-url', [ ]); $repo->removeRemote('origin2'); -$runner->assert(['push', 'origin']); -$runner->assert(['fetch', 'origin']); -$runner->assert(['pull', 'origin']); +$runner->assert(['push', '--end-of-options', 'origin']); +$runner->assert(['fetch', '--end-of-options', 'origin']); +$runner->assert(['pull', '--end-of-options', 'origin']); $repo->push('origin'); $repo->fetch('origin'); $repo->pull('origin'); diff --git a/tests/GitPhp/GitRepository.tags.phpt b/tests/GitPhp/GitRepository.tags.phpt index c0eb44a..508458a 100644 --- a/tests/GitPhp/GitRepository.tags.phpt +++ b/tests/GitPhp/GitRepository.tags.phpt @@ -10,8 +10,8 @@ require __DIR__ . '/bootstrap.php'; $runner = new AssertRunner(__DIR__); $git = new Git($runner); -$runner->assert(['tag', 'v1.0.0']); -$runner->assert(['tag', 'v2.0.0', 'v1.0.0']); +$runner->assert(['tag', '--end-of-options', 'v1.0.0']); +$runner->assert(['tag', '--end-of-options', 'v2.0.0', 'v1.0.0']); $runner->assert(['tag', '-d', 'v1.0.0']); $runner->assert(['tag', '-d', 'v2.0.0']);