Block insecure non-multi options in clone/clone_from · gitpython-developers/GitPython@5c59e0d

@@ -282,6 +282,17 @@ def test_clone_unsafe_options(self, rw_repo):

282282rw_repo.clone(tmp_dir, multi_options=[unsafe_option])283283assert not tmp_file.exists()284284285+unsafe_options = [286+ {"upload-pack": f"touch {tmp_file}"},287+ {"u": f"touch {tmp_file}"},288+ {"config": "protocol.ext.allow=always"},289+ {"c": "protocol.ext.allow=always"},290+ ]291+for unsafe_option in unsafe_options:292+with self.assertRaises(UnsafeOptionError):293+rw_repo.clone(tmp_dir, **unsafe_option)294+assert not tmp_file.exists()295+285296@with_rw_repo("HEAD")286297def test_clone_unsafe_options_allowed(self, rw_repo):287298with tempfile.TemporaryDirectory() as tdir:

@@ -341,6 +352,17 @@ def test_clone_from_unsafe_options(self, rw_repo):

341352Repo.clone_from(rw_repo.working_dir, tmp_dir, multi_options=[unsafe_option])342353assert not tmp_file.exists()343354355+unsafe_options = [356+ {"upload-pack": f"touch {tmp_file}"},357+ {"u": f"touch {tmp_file}"},358+ {"config": "protocol.ext.allow=always"},359+ {"c": "protocol.ext.allow=always"},360+ ]361+for unsafe_option in unsafe_options:362+with self.assertRaises(UnsafeOptionError):363+Repo.clone_from(rw_repo.working_dir, tmp_dir, **unsafe_option)364+assert not tmp_file.exists()365+344366@with_rw_repo("HEAD")345367def test_clone_from_unsafe_options_allowed(self, rw_repo):346368with tempfile.TemporaryDirectory() as tdir:

@@ -1410,4 +1432,4 @@ def test_ignored_raises_error_w_symlink(self):

14101432os.symlink(tmp_dir / "target", tmp_dir / "symlink")1411143314121434with pytest.raises(GitCommandError):1413-temp_repo.ignored(tmp_dir / "symlink/file.txt")1435+temp_repo.ignored(tmp_dir / "symlink/file.txt")