[PATCH] vc-list-files-tests: Avoid OpenPGP private key operations.

bug-gnulib

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] vc-list-files-tests: Avoid OpenPGP private key operations.

From:	Simon Josefsson
Subject:	[PATCH] vc-list-files-tests: Avoid OpenPGP private key operations.
Date:	Sun, 13 Nov 2022 11:59:55 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/28.2 (darwin)

Hi.  I had a background job doing 'make check' in a project that
triggered a GnuPG private key operation PIN prompt... this was
surprising to me, and the attached fix should avoid that happening.  If
my PIN had been cached, this would have signed a commit behind my back
(although this would have been a harmless one).  I think this behaviour
should generally be considered a bug.  I wonder if there are more
examples of this hidden deep inside scripts.

/Simon

From 0ab73798b5bc703233195c1d37f96d977fc26ad8 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Sun, 13 Nov 2022 11:50:51 +0100
Subject: [PATCH] vc-list-files-tests: Avoid OpenPGP private key operations.

* tests/test-vc-list-files-git.sh (GIT_CONFIG_GLOBAL): Set it to /dev/null.
---
 ChangeLog                       | 6 ++++++
 tests/test-vc-list-files-git.sh | 7 +++++++
 2 files changed, 13 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 70ece5200..d51a62a02 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2022-11-13  Simon Josefsson  <simon@josefsson.org>
+
+       vc-list-files-tests: Avoid OpenPGP private key operations.
+       * tests/test-vc-list-files-git.sh (GIT_CONFIG_GLOBAL): Set it to
+       /dev/null.
+
 2022-11-03  Bruno Haible  <bruno@clisp.org>
 
        dynarray: Rename to glibc-internal/dynarray.
diff --git a/tests/test-vc-list-files-git.sh b/tests/test-vc-list-files-git.sh
index 28292322a..d4e574370 100755
--- a/tests/test-vc-list-files-git.sh
+++ b/tests/test-vc-list-files-git.sh
@@ -22,6 +22,13 @@
 tmpdir=vc-git-$$
 GIT_DIR= GIT_WORK_TREE=; unset GIT_DIR GIT_WORK_TREE
 
+# Ignore local git configurations that may interact badly with
+# commands below.  For example, if the user has set
+# commit.gpgsign=true in ~/.gitconfig the 'git commit' below will
+# require a OpenPGP private key operation which trigger PIN prompts
+# and unwanted hardware access on the developer's machine.
+GIT_CONFIG_GLOBAL=/dev/null; export GIT_CONFIG_GLOBAL
+
 fail=1
 mkdir $tmpdir && cd $tmpdir &&
   # without git, skip the test
-- 
2.37.1 (Apple Git-137.1)

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] vc-list-files-tests: Avoid OpenPGP private key operations., Simon Josefsson <=
- Re: [PATCH] vc-list-files-tests: Avoid OpenPGP private key operations., Paul Eggert, 2022/11/13
- Re: [PATCH] vc-list-files-tests: Avoid OpenPGP private key operations., Jim Meyering, 2022/11/13

Prev by Date: Re: How can Autoconf help with the transition to stricter compilation defaults?
Next by Date: Re: [PATCH] vc-list-files-tests: Avoid OpenPGP private key operations.
Previous by thread: Re: On time64 and Large File Support
Next by thread: Re: [PATCH] vc-list-files-tests: Avoid OpenPGP private key operations.
Index(es):
- Date
- Thread