On Windows, the current working directory is searched for a matching executable before the rest of the user's path.
This causes a potential issue where running git appraise from within a directory that has an executable file matching the command git will cause that (untrusted) file to be invoked instead of the expected git executable when git-appraise attempts to shell out to git.
This change prevents that by using the new execabs package instead of os/exec. With this change, that scenario would cause git appraise to report an error rather than invoking the wrong git binary.
On Windows, the current working directory is searched for a matching executable before the rest of the user's path.
This causes a potential issue where running
git appraise
from within a directory that has an executable file matching the commandgit
will cause that (untrusted) file to be invoked instead of the expectedgit
executable whengit-appraise
attempts to shell out togit
.This change prevents that by using the new
execabs
package instead ofos/exec
. With this change, that scenario would causegit appraise
to report an error rather than invoking the wronggit
binary.More background on the related issue here