Skip to content

Commit 5e82d54

Browse files
janpechajanpecha
committed
Uses --end-of-options after command options (for security reasons)
1 parent b00d8dd commit 5e82d54

File tree

6 files changed

+48
-45
lines changed

6 files changed

+48
-45
lines changed

src/Git.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@ public function init($directory, array $params = NULL)
4646
$this->run($directory, [
4747
'init',
4848
$params,
49+
'--end-of-options',
4950
$directory
5051
]);
5152

@@ -89,6 +90,7 @@ public function cloneRepository($url, $directory = NULL, array $params = NULL)
8990
$this->run($cwd, [
9091
'clone',
9192
$params,
93+
'--end-of-options',
9294
$url,
9395
$directory
9496
]);
@@ -120,6 +122,7 @@ public function isRemoteUrlReadable($url, array $refs = NULL)
120122
'--heads',
121123
'--quiet',
122124
'--exit-code',
125+
'--end-of-options',
123126
$url,
124127
$refs,
125128
], [

src/GitRepository.php

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ public function getRepositoryPath()
5252
*/
5353
public function createTag($name, $options = NULL)
5454
{
55-
$this->run('tag', $options, $name);
55+
$this->run('tag', $options, '--end-of-options', $name);
5656
return $this;
5757
}
5858

@@ -86,7 +86,7 @@ public function renameTag($oldName, $newName)
8686
{
8787
// http://stackoverflow.com/a/1873932
8888
// create new as alias to old (`git tag NEW OLD`)
89-
$this->run('tag', $newName, $oldName);
89+
$this->run('tag', '--end-of-options', $newName, $oldName);
9090
// delete old (`git tag -d OLD`)
9191
$this->removeTag($oldName);
9292
return $this;
@@ -114,7 +114,7 @@ public function getTags()
114114
*/
115115
public function merge($branch, $options = NULL)
116116
{
117-
$this->run('merge', $options, $branch);
117+
$this->run('merge', $options, '--end-of-options', $branch);
118118
return $this;
119119
}
120120

@@ -131,7 +131,7 @@ public function merge($branch, $options = NULL)
131131
public function createBranch($name, $checkout = FALSE)
132132
{
133133
// git branch $name
134-
$this->run('branch', $name);
134+
$this->run('branch', '--end-of-options', $name);
135135

136136
if ($checkout) {
137137
$this->checkout($name);
@@ -234,7 +234,7 @@ public function getLocalBranches()
234234
*/
235235
public function checkout($name)
236236
{
237-
$this->run('checkout', $name);
237+
$this->run('checkout', '--end-of-options', $name);
238238
return $this;
239239
}
240240

@@ -253,7 +253,7 @@ public function removeFile($file)
253253
}
254254

255255
foreach ($file as $item) {
256-
$this->run('rm', $item, '-r');
256+
$this->run('rm', '-r', '--end-of-options', $item);
257257
}
258258

259259
return $this;
@@ -282,7 +282,7 @@ public function addFile($file)
282282
throw new GitException("The path at '$item' does not represent a valid file.");
283283
}
284284

285-
$this->run('add', $item);
285+
$this->run('add', '--end-of-options', $item);
286286
}
287287

288288
return $this;
@@ -319,7 +319,7 @@ public function renameFile($file, $to = NULL)
319319
}
320320

321321
foreach ($file as $from => $to) {
322-
$this->run('mv', $from, $to);
322+
$this->run('mv', '--end-of-options', $from, $to);
323323
}
324324

325325
return $this;
@@ -454,7 +454,7 @@ public function hasChanges()
454454
*/
455455
public function pull($remote = NULL, array $params = NULL)
456456
{
457-
$this->run('pull', $remote, $params);
457+
$this->run('pull', $params, '--end-of-options', $remote);
458458
return $this;
459459
}
460460

@@ -468,7 +468,7 @@ public function pull($remote = NULL, array $params = NULL)
468468
*/
469469
public function push($remote = NULL, array $params = NULL)
470470
{
471-
$this->run('push', $remote, $params);
471+
$this->run('push', $params, '--end-of-options', $remote);
472472
return $this;
473473
}
474474

@@ -482,7 +482,7 @@ public function push($remote = NULL, array $params = NULL)
482482
*/
483483
public function fetch($remote = NULL, array $params = NULL)
484484
{
485-
$this->run('fetch', $remote, $params);
485+
$this->run('fetch', $params, '--end-of-options', $remote);
486486
return $this;
487487
}
488488

@@ -497,7 +497,7 @@ public function fetch($remote = NULL, array $params = NULL)
497497
*/
498498
public function addRemote($name, $url, array $params = NULL)
499499
{
500-
$this->run('remote', 'add', $params, $name, $url);
500+
$this->run('remote', 'add', $params, '--end-of-options', $name, $url);
501501
return $this;
502502
}
503503

@@ -511,7 +511,7 @@ public function addRemote($name, $url, array $params = NULL)
511511
*/
512512
public function renameRemote($oldName, $newName)
513513
{
514-
$this->run('remote', 'rename', $oldName, $newName);
514+
$this->run('remote', 'rename', '--end-of-options', $oldName, $newName);
515515
return $this;
516516
}
517517

@@ -524,7 +524,7 @@ public function renameRemote($oldName, $newName)
524524
*/
525525
public function removeRemote($name)
526526
{
527-
$this->run('remote', 'remove', $name);
527+
$this->run('remote', 'remove', '--end-of-options', $name);
528528
return $this;
529529
}
530530

@@ -539,7 +539,7 @@ public function removeRemote($name)
539539
*/
540540
public function setRemoteUrl($name, $url, array $params = NULL)
541541
{
542-
$this->run('remote', 'set-url', $params, $name, $url);
542+
$this->run('remote', 'set-url', $params, '--end-of-options', $name, $url);
543543
return $this;
544544
}
545545

tests/GitPhp/GitRepository.branches.phpt

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -10,12 +10,12 @@ require __DIR__ . '/bootstrap.php';
1010
$runner = new AssertRunner(__DIR__);
1111
$git = new Git($runner);
1212

13-
$runner->assert(['branch', 'master']);
14-
$runner->assert(['branch', 'develop']);
15-
$runner->assert(['checkout', 'develop']);
16-
$runner->assert(['merge', 'feature-1']);
13+
$runner->assert(['branch', '--end-of-options', 'master']);
14+
$runner->assert(['branch', '--end-of-options', 'develop']);
15+
$runner->assert(['checkout', '--end-of-options', 'develop']);
16+
$runner->assert(['merge', '--end-of-options', 'feature-1']);
1717
$runner->assert(['branch', '-d', 'feature-1']);
18-
$runner->assert(['checkout', 'master']);
18+
$runner->assert(['checkout', '--end-of-options', 'master']);
1919

2020
$repo = $git->open(__DIR__);
2121
$repo->createBranch('master');

tests/GitPhp/GitRepository.files.phpt

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -14,11 +14,11 @@ $repo = $git->open(__DIR__ . '/fixtures');
1414

1515
test(function () use ($repo, $runner) {
1616
$runner->resetAsserts();
17-
$runner->assert(['add', 'file1.txt']);
18-
$runner->assert(['add', 'file2.txt']);
19-
$runner->assert(['add', 'file3.txt']);
20-
$runner->assert(['add', 'file4.txt']);
21-
$runner->assert(['add', 'file5.txt']);
17+
$runner->assert(['add', '--end-of-options', 'file1.txt']);
18+
$runner->assert(['add', '--end-of-options', 'file2.txt']);
19+
$runner->assert(['add', '--end-of-options', 'file3.txt']);
20+
$runner->assert(['add', '--end-of-options', 'file4.txt']);
21+
$runner->assert(['add', '--end-of-options', 'file5.txt']);
2222

2323
$repo->addFile('file1.txt');
2424
$repo->addFile([
@@ -38,11 +38,11 @@ test(function () use ($repo) {
3838

3939
test(function () use ($repo, $runner) {
4040
$runner->resetAsserts();
41-
$runner->assert(['rm', 'file1.txt', '-r']);
42-
$runner->assert(['rm', 'file2.txt', '-r']);
43-
$runner->assert(['rm', 'file3.txt', '-r']);
44-
$runner->assert(['rm', 'file4.txt', '-r']);
45-
$runner->assert(['rm', 'file5.txt', '-r']);
41+
$runner->assert(['rm', '-r', '--end-of-options', 'file1.txt']);
42+
$runner->assert(['rm', '-r', '--end-of-options', 'file2.txt']);
43+
$runner->assert(['rm', '-r', '--end-of-options', 'file3.txt']);
44+
$runner->assert(['rm', '-r', '--end-of-options', 'file4.txt']);
45+
$runner->assert(['rm', '-r', '--end-of-options', 'file5.txt']);
4646

4747
$repo->removeFile('file1.txt');
4848
$repo->removeFile([
@@ -55,9 +55,9 @@ test(function () use ($repo, $runner) {
5555

5656
test(function () use ($repo, $runner) {
5757
$runner->resetAsserts();
58-
$runner->assert(['mv', 'file1.txt', 'new1.txt']);
59-
$runner->assert(['mv', 'file2.txt', 'new2.txt']);
60-
$runner->assert(['mv', 'file3.txt', 'new3.txt']);
58+
$runner->assert(['mv', '--end-of-options', 'file1.txt', 'new1.txt']);
59+
$runner->assert(['mv', '--end-of-options', 'file2.txt', 'new2.txt']);
60+
$runner->assert(['mv', '--end-of-options', 'file3.txt', 'new3.txt']);
6161

6262
$repo->renameFile('file1.txt', 'new1.txt');
6363
$repo->renameFile([

tests/GitPhp/GitRepository.remotes.phpt

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -10,17 +10,17 @@ require __DIR__ . '/bootstrap.php';
1010
$runner = new AssertRunner(__DIR__);
1111
$git = new Git($runner);
1212

13-
$runner->assert(['clone', '-q', 'git@github.com:czproject/git-php.git', __DIR__]);
14-
$runner->assert(['remote', 'add', 'origin2', 'git@github.com:czproject/git-php.git']);
15-
$runner->assert(['remote', 'add', 'remote', 'git@github.com:czproject/git-php.git']);
13+
$runner->assert(['clone', '-q', '--end-of-options', 'git@github.com:czproject/git-php.git', __DIR__]);
14+
$runner->assert(['remote', 'add', '--end-of-options', 'origin2', 'git@github.com:czproject/git-php.git']);
15+
$runner->assert(['remote', 'add', '--end-of-options', 'remote', 'git@github.com:czproject/git-php.git']);
1616
$runner->assert(['remote', 'add', [
1717
'--mirror=push',
18-
], 'only-push', 'test-url']);
19-
$runner->assert(['remote', 'rename', 'remote', 'origin3']);
18+
], '--end-of-options', 'only-push', 'test-url']);
19+
$runner->assert(['remote', 'rename', '--end-of-options', 'remote', 'origin3']);
2020
$runner->assert(['remote', 'set-url', [
2121
'--push',
22-
], 'origin3', 'test-url']);
23-
$runner->assert(['remote', 'remove', 'origin2']);
22+
], '--end-of-options', 'origin3', 'test-url']);
23+
$runner->assert(['remote', 'remove', '--end-of-options', 'origin2']);
2424

2525
$repo = $git->cloneRepository('git@github.com:czproject/git-php.git', __DIR__);
2626
$repo->addRemote('origin2', 'git@github.com:czproject/git-php.git');
@@ -34,9 +34,9 @@ $repo->setRemoteUrl('origin3', 'test-url', [
3434
]);
3535
$repo->removeRemote('origin2');
3636

37-
$runner->assert(['push', 'origin']);
38-
$runner->assert(['fetch', 'origin']);
39-
$runner->assert(['pull', 'origin']);
37+
$runner->assert(['push', '--end-of-options', 'origin']);
38+
$runner->assert(['fetch', '--end-of-options', 'origin']);
39+
$runner->assert(['pull', '--end-of-options', 'origin']);
4040
$repo->push('origin');
4141
$repo->fetch('origin');
4242
$repo->pull('origin');

tests/GitPhp/GitRepository.tags.phpt

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,8 @@ require __DIR__ . '/bootstrap.php';
1010
$runner = new AssertRunner(__DIR__);
1111
$git = new Git($runner);
1212

13-
$runner->assert(['tag', 'v1.0.0']);
14-
$runner->assert(['tag', 'v2.0.0', 'v1.0.0']);
13+
$runner->assert(['tag', '--end-of-options', 'v1.0.0']);
14+
$runner->assert(['tag', '--end-of-options', 'v2.0.0', 'v1.0.0']);
1515
$runner->assert(['tag', '-d', 'v1.0.0']);
1616
$runner->assert(['tag', '-d', 'v2.0.0']);
1717

0 commit comments

Comments
 (0)