swiftlang / swift-package-manager

The Package Manager for the Swift Programming Language
Apache License 2.0
9.74k stars 1.34k forks source link

Git config setting `safe.bareRepository=explicit` can break dependency resolution #8068

Open valentary opened 1 week ago

valentary commented 1 week ago

Is it reproducible with SwiftPM command-line tools: swift build, swift test, swift package etc?

Description

A recent software update from Sourcetree added or modified the safe.bareRepository=explicit configuration option to git.

This interfers with the package resolution, it seems to only involve our private packages on github.

The packages refuse to resolve and we get error like saying it cannot fetch revision (see below)

Expected behavior

% swift package resolve
Fetching git@github.com:<MyOrg>/<MyDependencyPackage>.git
Fetched git@github.com:<MyOrg>/<MyDependencyPackage>.git from cache (5.32s)
Creating working copy for git@github.com:<MyOrg>/<MyDependencyPackage>.git
Working copy of git@github.com:<MyOrg>/<MyDependencyPackage>.git resolved at <BranchName> (f96e2ec)

Actual behavior

% swift package resolve
Fetching git@github.com:<MyOrg>/<MyDependencyPackage>.git
Fetched git@github.com:<MyOrg>/<MyDependencyPackage>.git from cache (5.32s)
error: Couldn’t get revision ‘<A Commit Hash>^{commit}’:
    fatal: cannot use bare repository '/Users/<myuserdir>/Repos/Fixes/<MyPackage>/.build/repositories/<MyDependencyPackage>-ad20a496' (safe.bareRepository is 'explicit') in git@github.com:<MyOrg>/<MyDependencyPackage>.git

Steps to reproduce

A Package with a dependency to a private github repo In the CLI

  1. git config --global --replace safe.bareRepository explicit
  2. swift package resolve

Swift Package Manager version/commit hash

Swift Package Manager - Swift 6.0.0-dev

Swift & OS version (output of swift --version ; uname -a)

swift-driver version: 1.115 Apple Swift version 6.0 (swiftlang-6.0.0.9.10 clang-1600.0.26.2)
Target: arm64-apple-macosx15.0
Darwin rlee-MacBook-Pro 24.0.0 Darwin Kernel Version 24.0.0: Tue Sep 24 23:37:36 PDT 2024; root:xnu-11215.1.12~1/RELEASE_ARM64_T6020 arm64
valentary commented 1 week ago

It seems it was an update in sourcetree that caused the issue : https://jira.atlassian.com/browse/SRCTREEWIN-14483

valentary commented 1 week ago

But it's also default behaviour now in git : https://github.com/git/git/commit/e35f202b4503256db148ad61487fe13aa75960f2