Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement logic to guard against checkout of branch in the case of a duplicate branch and tag #3567

Closed
redshiftzero opened this issue Jun 25, 2018 · 1 comment · Fixed by #3568
Closed

Implement logic to guard against checkout of branch in the case of a duplicate branch and tag #3567

redshiftzero opened this issue Jun 25, 2018 · 1 comment · Fixed by #3568
Assignees
@redshiftzero
Labels
bug security
Milestone
0.8

Comments

@redshiftzero
Copy link
Contributor

Description

We distribute code to workstations via checkout of a signed git tag. If there is a branch with the same as the tag, then the tag will verify, but when we actually git checkout <tag name> then the branch, not the tag, will be checked out.

Short term

As a guard, implement logic to verify there is no duplicate tag and branch prior to checkout.

Long term

We should stop distributing code in this way and implement #3502
@redshiftzero redshiftzero added this to the 0.8 milestone Jun 25, 2018
@redshiftzero
Copy link
Contributor Author

redshiftzero commented Jun 25, 2018
edited
Loading

@eloquence had a very good suggestion here (idea shared privately):

I'm curious if git show-ref --heads --verify 0.x.0 may be an alternative to parsing stdout. It returns error code 0 if a branch with this name exists, and non-zero otherwise.

This is a good solution

This was referenced Jun 25, 2018
Merged
Open
@redshiftzero redshiftzero self-assigned this Jun 26, 2018
@eloquence eloquence mentioned this issue Jun 26, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@redshiftzero redshiftzero

Labels
bug security
Projects
None yet
Milestone
0.8
1 participant
@redshiftzero