For example, this program
#!/bin/sh
die() { echo die called with $1; exit 1; } >&2
die foo
die bar
will print *both* those messages!
I honestly don't care if this is posix or not, but it is BRAIN DEAD for
the ">&2" to change the meaning from {} to ()
Oh and the grep thing is even worse.
echo foo | grep ^/
works fine in an interactive shell but in a script it attempts to
*execute* "/", complains, while simultaneously complaining about usage
of grep.
It's almost like it's treating ^ like |
(and in one other place it needs to be defined earlier)
I never caught this because in my testing those error conditions --
caused by lack of afc3a06 -- never came up.
apparently people run it from cron, so this causes a silly one-line
email saying just "Already on master"
thanks to shruggar on #git for pointing out to me that it is quite safe
to use --quiet and will not lose any actual error messages :)
SECURITY NOTE: if you deleted or renamed a pubkey file after 5fd9328
went in (April 12th), please:
- upgrade asap, then
- go to your latest gitolite-admin clone and "git push -f"
Otherwise this is not urgent.
5fd9328 (and its minor successor 813a2a9) were about preventing the
gitolite admin from sneaking in files to src/ and hooks/ into
$GL_ADMINDIR. It seemed easy enough to do this by converting the
path-less checkout to a with-paths checkout, but this has caused a worse
problem -- deleting a keydir/foo.pub now no longer has an effect; the
file still hangs around in the work tree.
Ouch! (and thanks to teukka for noticing)
We now do this check as a separate step, so the checkout can revert to
being path-less.
This is a pretty big hole, really. Only the fact that Eli called it an
"accidental feature" helped catch it :)
Notes on the code:
An explicit list of paths -- maybe just "conf", "keydir", and "local" --
would have been easier, but this isn't too bad, I think.