Just (Sameas u') -> u'
Nothing -> cu
case (lookupName c, findType c) of
- -- Avoid auto-enabling when the name contains a
- -- control character, because git does not avoid
- -- displaying control characters in the name of a
- -- remote, and an attacker could leverage
- -- autoenabling it as part of an attack.
- (Just name, Right t) | safeOutput name == name -> do
+ (Just name, Right t) -> checkcanenable u name $ do
showSideAction $ UnquotedString $ "Auto enabling special remote " ++ name
dummycfg <- liftIO dummyRemoteGitConfig
tryNonAsync (setup t (AutoEnable c) (Just u) Nothing c dummycfg) >>= \case
getcu r = fromMaybe
(Remote.uuid r)
(remoteAnnexConfigUUID (Remote.gitconfig r))
+ checkcanenable u name cont
+ -- Avoid auto-enabling when the name contains a control
+ -- character, because git does not avoid displaying control
+ -- characters in the name of a remote, and an attacker could
+ -- leverage autoenabling it as part of an attack.
+ | safeOutput name /= name = return ()
+ | otherwise = do
+ rs <- remoteList' False
+ case filter (\rmt -> Remote.name rmt == name) rs of
+ (rmt:_) | Remote.uuid rmt /= u -> warning $
+ UnquotedString $ "Cannot auto enable special remote "
+ ++ name ++ " because there is another remote with the same name."
+ _ -> cont
autoEnableable :: Annex (M.Map UUID RemoteConfig)
autoEnableable = do
to be explicitly set.
* info: Added --show option to pick which parts of the info to calculate
and display.
+ * Improve behavior when there are special remotes configured with
+ autoenable=yes with names that conflict with other remotes.
* Bump aws build dependency to 0.24.1.
* stack.yaml: Update to lts-24.2.
subject="""comment 3"""
date="2025-08-14T14:03:08Z"
content="""
-Beyond a warning, it would be possible two autoenable both, but use a new
-name for the second one.
+Beyond a warning, it would be possible to autoenable both, but use a new
+name for the second one. Although that could lead to its own problems.
It occurs to me that it's also possible for autoenable of a special remote
to overwrite/change the git config of a regular git remote that has the
--- /dev/null
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 4"""
+ date="2025-08-14T14:58:11Z"
+ content="""
+I've added a warning in these cases, and it will avoid autoenabling a special
+remote when there is already a remote with the same name.
+
+In the case of two special remotes with the same name that are both set to
+autoenable, it's essentially random which gets enabled first and so "wins".
+
+Decided against autoenabling it with a different name, because: a) There's
+the potential that the name it comes up with is actually the name of
+another special remote that is also due to be autoenabled. b) It seems like
+potentially confusing behavior for there to be a remote with a different
+name than that usually used for a particular special remote.
+"""]]
projects / git-annex.git / commitdiff