[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] vc-list-files-tests: Avoid OpenPGP private key operations.
From: |
Simon Josefsson |
Subject: |
[PATCH] vc-list-files-tests: Avoid OpenPGP private key operations. |
Date: |
Sun, 13 Nov 2022 11:59:55 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.2 (darwin) |
Hi. I had a background job doing 'make check' in a project that
triggered a GnuPG private key operation PIN prompt... this was
surprising to me, and the attached fix should avoid that happening. If
my PIN had been cached, this would have signed a commit behind my back
(although this would have been a harmless one). I think this behaviour
should generally be considered a bug. I wonder if there are more
examples of this hidden deep inside scripts.
/Simon
From 0ab73798b5bc703233195c1d37f96d977fc26ad8 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Sun, 13 Nov 2022 11:50:51 +0100
Subject: [PATCH] vc-list-files-tests: Avoid OpenPGP private key operations.
* tests/test-vc-list-files-git.sh (GIT_CONFIG_GLOBAL): Set it to /dev/null.
---
ChangeLog | 6 ++++++
tests/test-vc-list-files-git.sh | 7 +++++++
2 files changed, 13 insertions(+)
diff --git a/ChangeLog b/ChangeLog
index 70ece5200..d51a62a02 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2022-11-13 Simon Josefsson <simon@josefsson.org>
+
+ vc-list-files-tests: Avoid OpenPGP private key operations.
+ * tests/test-vc-list-files-git.sh (GIT_CONFIG_GLOBAL): Set it to
+ /dev/null.
+
2022-11-03 Bruno Haible <bruno@clisp.org>
dynarray: Rename to glibc-internal/dynarray.
diff --git a/tests/test-vc-list-files-git.sh b/tests/test-vc-list-files-git.sh
index 28292322a..d4e574370 100755
--- a/tests/test-vc-list-files-git.sh
+++ b/tests/test-vc-list-files-git.sh
@@ -22,6 +22,13 @@
tmpdir=vc-git-$$
GIT_DIR= GIT_WORK_TREE=; unset GIT_DIR GIT_WORK_TREE
+# Ignore local git configurations that may interact badly with
+# commands below. For example, if the user has set
+# commit.gpgsign=true in ~/.gitconfig the 'git commit' below will
+# require a OpenPGP private key operation which trigger PIN prompts
+# and unwanted hardware access on the developer's machine.
+GIT_CONFIG_GLOBAL=/dev/null; export GIT_CONFIG_GLOBAL
+
fail=1
mkdir $tmpdir && cd $tmpdir &&
# without git, skip the test
--
2.37.1 (Apple Git-137.1)
signature.asc
Description: PGP signature
- [PATCH] vc-list-files-tests: Avoid OpenPGP private key operations.,
Simon Josefsson <=