From 642584312c277c9978612e0a7c870da4417d9046 Mon Sep 17 00:00:00 2001 From: Jan Krag Date: Fri, 26 Apr 2024 10:23:48 +0200 Subject: [PATCH 1/3] Add note to submodules kata about security workaround As mentioned in #347, there is a new restriction in Git since 2.38.1 which means that we can only run this kata by temporarily loosening the security restrictions. Until we find a better solution, this at least adds a note with instructions. --- submodules/README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/submodules/README.md b/submodules/README.md index b5432d40..03b205ef 100644 --- a/submodules/README.md +++ b/submodules/README.md @@ -5,6 +5,14 @@ This allows you to grab source changes directly, as well as _pushing_ them back. ## Setup +> NOTE: +> Unfortunately for us, 2.38.1 introduces a change (due to CVE-2022-39253) that disables git submodule add using the file protocol. +> as the setup script for this exercise relies on cloning a local repository, it will only work if you specifically allow this before running the script. +> `git config --global protocol.file.allow always` +> +> If you want to remove this "openening" afterwards, you should wait until you are done with the whole exercise, and then run: +> `git config --global --unset protocol.file.allow` + 1. Run `source setup.sh` (or `.\setup.ps1` in PowerShell) > NOTE: If running setup.sh on windows, you can run into problems by sourcing the setup script. Instead, run `./setup.sh`, and the folders would be created correctly. From b61c91ce6ed1d27037890c07c4cb372f246f2424 Mon Sep 17 00:00:00 2001 From: Jan Krag Date: Fri, 26 Apr 2024 10:30:39 +0200 Subject: [PATCH 2/3] Update submodules/README.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- submodules/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/README.md b/submodules/README.md index 03b205ef..04aee7df 100644 --- a/submodules/README.md +++ b/submodules/README.md @@ -10,7 +10,7 @@ This allows you to grab source changes directly, as well as _pushing_ them back. > as the setup script for this exercise relies on cloning a local repository, it will only work if you specifically allow this before running the script. > `git config --global protocol.file.allow always` > -> If you want to remove this "openening" afterwards, you should wait until you are done with the whole exercise, and then run: +> If you want to remove this "opening" afterward, you should wait until you are done with the whole exercise, and then run: > `git config --global --unset protocol.file.allow` 1. Run `source setup.sh` (or `.\setup.ps1` in PowerShell) From 14810d53c95bcdc0bd06c3983eb0743185ce196f Mon Sep 17 00:00:00 2001 From: Jan Krag Date: Fri, 26 Apr 2024 10:31:25 +0200 Subject: [PATCH 3/3] Update submodules/README.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- submodules/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/README.md b/submodules/README.md index 04aee7df..037a3af8 100644 --- a/submodules/README.md +++ b/submodules/README.md @@ -15,7 +15,7 @@ This allows you to grab source changes directly, as well as _pushing_ them back. 1. Run `source setup.sh` (or `.\setup.ps1` in PowerShell) -> NOTE: If running setup.sh on windows, you can run into problems by sourcing the setup script. Instead, run `./setup.sh`, and the folders would be created correctly. +> NOTE: If running setup.sh on Windows, you can run into problems by sourcing the setup script. Instead, run `./setup.sh`, and the folders would be created correctly. ## The task