This is an automated email from the ASF dual-hosted git repository. arm pushed a commit to branch arm in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
commit 4ca6056d412371350d13dc132700a4bef0fa171c Author: Alastair McFarlane <[email protected]> AuthorDate: Tue Feb 24 10:37:24 2026 +0000 #720 - Ensure paths are relative to the revision path. --- atr/storage/writers/release.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/atr/storage/writers/release.py b/atr/storage/writers/release.py index b9970e81..d05b80d4 100644 --- a/atr/storage/writers/release.py +++ b/atr/storage/writers/release.py @@ -186,6 +186,10 @@ class CommitteeParticipant(FoundationCommitter): # Path to delete within the new revision directory path_in_new_revision = path / rel_path_to_delete + # Make sure the requested path is relative to the actual path + resolved = await asyncio.to_thread(path_in_new_revision.resolve) + resolved.relative_to(await asyncio.to_thread(path.resolve)) + # Check that the file exists in the new revision if not await aiofiles.os.path.exists(path_in_new_revision): # This indicates a potential severe issue with hard linking or logic @@ -216,6 +220,11 @@ class CommitteeParticipant(FoundationCommitter): async def modify(path: pathlib.Path, _old_rev: sql.Revision | None) -> None: # Uses new_revision_number for logging only path_in_new_revision = path / rel_path + + # Make sure the requested path is relative to the actual path + resolved = await asyncio.to_thread(path_in_new_revision.resolve) + resolved.relative_to(await asyncio.to_thread(path.resolve)) + hash_path_rel = rel_path.name + ".sha512" hash_path_in_new_revision = path / rel_path.parent / hash_path_rel --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
