ruby-changes:74122

https://git.ruby-lang.org/ruby.git/commit/?id=dae843f6b7

From dae843f6b7502f921a7e66f39e3714a39d860181 Mon Sep 17 00:00:00 2001
From: Hiroshi SHIBATA <hsbt@r...>
Date: Wed, 19 Oct 2022 19:40:00 +0900
Subject: Bypass git submodule add/update with git config
 protocol.file.allow=always option.

Co-authored-by: Nobuyoshi Nakada <nobu@r...>
---
 test/rubygems/test_gem_source_git.rb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/test/rubygems/test_gem_source_git.rb b/test/rubygems/test_gem_source_git.rb
index 5702da0597..c3b324771f 100644
--- a/test/rubygems/test_gem_source_git.rb
+++ b/test/rubygems/test_gem_source_git.rb
@@ -63,6 +63,11 @@ class TestGemSourceGit < Gem::TestCase https://github.com/ruby/ruby/blob/trunk/test/rubygems/test_gem_source_git.rb#L63
   end
 
   def test_checkout_submodules
+    # We need to allow to checkout submodules with file:// protocol
+    # CVE-2022-39253
+    # https://lore.kernel.org/lkml/xmqq4jw1uku5.fsf@g.../
+    system(@git, *%W"config --global protocol.file.allow always")
+
     source = Gem::Source::Git.new @name, @repository, "master", true
 
     git_gem "b"
-- 
cgit v1.2.3


--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/