[llvm] Avoid exposing unknown git repositories (PR #105220)
Tulio Magno Quites Machado Filho via llvm-commits
llvm-commits at lists.llvm.org
Thu Aug 29 05:30:14 PDT 2024
================
@@ -39,8 +39,14 @@ function(get_source_info path revision repository)
OUTPUT_VARIABLE git_output
ERROR_QUIET)
if(git_result EQUAL 0)
- string(STRIP "${git_output}" git_output)
- set(${repository} ${git_output} PARENT_SCOPE)
+ # Avoid exposing sensitive data, e.g. usernames, passwords and
+ # private URLs.
+ string(FIND "${git_output}" "github.com/llvm/llvm-project" git_upstream)
+ if(git_upstream GREATER_EQUAL 0)
+ set(${repository} "https://github.com/llvm/llvm-project" PARENT_SCOPE)
+ else()
+ set(${repository} "forked repository" PARENT_SCOPE)
----------------
tuliom wrote:
Done.
https://github.com/llvm/llvm-project/pull/105220
More information about the llvm-commits
mailing list