Open nabijaczleweli opened 4 years ago
Oh great, fixing this one will require reevaluating GitBSLR's entire security model. It's currently fairly paranoid, blocking lots of safe behaviors, but finding a more accurate ruleset without risking any security holes is gonna take a while.
I'll see what I can do, but I can't promise anything.
It took this long to be reported, and I have a workaround for this usecase, so, please, by all means, no rush, and thanks for GitBSLR in general!
Consider:
After patching away this check:
Glancing at the code, it looks like some accesses are special-cased based on
.git
and derived from that, which is broken by the Interesting:tm: setup git worktrees yield.