Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

git-checkout: Allow tags to matched annotated tag SHAs, don't allow #686

Merged
merged 1 commit into from
Sep 18, 2023
Merged

git-checkout: Allow tags to matched annotated tag SHAs, don't allow #686

merged 1 commit into from
Sep 18, 2023

Conversation

wlynch
Copy link
Member

@wlynch wlynch commented Sep 15, 2023
edited
Loading

fuzzy matching of refs.

Previously, we were somewhat loose with allowed revisions - the branch check for origin/foo could technically match a tag named origin/foo, and vice-versa for tag names. This changes the behavior to use rev-parse --verify to guarantee that we are looking up by the intended branch/tag name.

This also looses the allowed revisions for tags to allow the true SHA for an annotated tag. Previously we only allowed the unpeeled values and would reject the true SHA.

Fixes #685

@wlynch wlynch requested a review from a team as a code owner September 15, 2023 21:34
@wlynch wlynch requested review from kaniini and removed request for a team September 15, 2023 21:34
@wlynch wlynch force-pushed the git-annotated-tag branch 5 times, most recently from dd2cc03 to 50e48ec Compare September 15, 2023 22:15
@wlynch
git-checkout: Allow tags to matched annotated tag SHAs, don't allow
ae0c7e9 
fuzzy matching of refs.

Previously, we were somewhat loose with allowed revisions - the branch
check for origin/foo could technically match a tag named origin/foo, and
vice-versa for tag names. This changes the behavior to use rev-parse
--verify to guarantee that we are looking up by the intended branch/tag
name.

This also looses the allowed revisions for tags to allow the true SHA for an
annotated tag. Previously we only allowed the unpeeled values and would
reject the true SHA.

Signed-off-by: Billy Lynch <billy@chainguard.dev>
@Elizafox
Copy link
Contributor

LGTM. I'll let someone else review it before merging.

@Elizafox Elizafox merged commit ece87ea into chainguard-dev:main Sep 18, 2023
26 checks passed
@Porkepix Porkepix mentioned this pull request Oct 6, 2023
Merged
@lpcalisi lpcalisi mentioned this pull request May 15, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Elizafox Elizafox Elizafox approved these changes

@kaniini kaniini Awaiting requested review from kaniini kaniini was automatically assigned from chainguard-dev/images-maintainers

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

git-checkout rejects real tag SHA of annotated tag
2 participants
@wlynch @Elizafox