This patch makes sure that variables from the environment cannot override e.g. the Git directory to operate on. Without it, in a setting where GIT_DIR is set, pass would otherwise commit generated password files to the wrong repository.
I caught this, because fortunately the other repository had a .gitignore that would have ignored the file: ``` fishbowl~% echo $GIT_DIR /home/madduck/.config/vcsh/repo.d/zsh.git fishbowl~% pass generate test The following paths are ignored by one of your .gitignore files: .password-store/test.gpg Use -f if you really want to add them. The generated password for test is: … ``` The result was an orphan file `test.gpg` in the password-store root. Signed-off-by: martin f. krafft <[email protected]> --- src/password-store.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/password-store.sh b/src/password-store.sh index 1d119f2..d3b0432 100755 --- a/src/password-store.sh +++ b/src/password-store.sh @@ -20,6 +20,8 @@ GENERATED_LENGTH="${PASSWORD_STORE_GENERATED_LENGTH:-25}" CHARACTER_SET="${PASSWORD_STORE_CHARACTER_SET:-[:punct:][:alnum:]}" CHARACTER_SET_NO_SYMBOLS="${PASSWORD_STORE_CHARACTER_SET_NO_SYMBOLS:-[:alnum:]}" +unset GIT_DIR GIT_WORK_TREE GIT_NAMESPACE GIT_INDEX_FILE GIT_OBJECT_DIRECTORY + export GIT_CEILING_DIRECTORIES="$PREFIX/.." # -- 2.23.0.rc1 _______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
