anthropics/claude-plugins-official
1
0
Fork 0
mirror of https://github.com/anthropics/claude-plugins-official.git synced 2026-06-15 15:16:05 -03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2101 from anthropics/fix-2099-quotepath-global

Browse Source 
security-guidance: move core.quotePath=false to GIT_CMD globally (#2099 followup)
This commit is contained in:
Mohamed Hegazy 2026-05-30 20:07:06 -07:00 committed by GitHub
commit 2a822c0787
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 28 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/security-guidance/hooks/diffstate.py
View File

@ -355,9 +355,9 @@ def _list_untracked(cwd):
the holdouts.""" the holdouts."""
try: try:
repo = _git_toplevel(cwd) or cwd repo = _git_toplevel(cwd) or cwd
# core.quotePath=false comes from GIT_CMD globally (see gitutil.py).
r = subprocess.run( r = subprocess.run(
[*GIT_CMD, "-c", "core.quotePath=false", "ls-files", [*GIT_CMD, "ls-files", "--others", "--exclude-standard", "-z"],
"--others", "--exclude-standard", "-z"],
cwd=repo, capture_output=True, timeout=15, cwd=repo, capture_output=True, timeout=15,
) )
if r.returncode != 0: if r.returncode != 0:

38
plugins/security-guidance/hooks/gitutil.py
View File

@ -26,6 +26,17 @@ GIT_CMD = [
"git", "git",
"-c", "core.fsmonitor=false", "-c", "core.fsmonitor=false",
"-c", "core.hooksPath=/dev/null", "-c", "core.hooksPath=/dev/null",
# core.quotePath=false: emit raw UTF-8 in path-emitting commands instead
# of C-quoting non-ASCII bytes (default `"\\303\\201vila/..."` vs
# `Ávila/...`). Downstream parsers — both ours (parse_diff_into_files,
# extract_file_paths_from_diff) and Python stdlib (os.path.isabs,
# os.path.join) — expect raw paths and silently drop / mishandle the
# quoted form. Adding the flag globally to GIT_CMD covers every
# subprocess.run site that uses the splat — diff feeders, rev-parse
# path queries (--show-toplevel, --git-dir, --git-common-dir),
# reflog %gs subjects, ls-files, status, etc. — without per-site
# flag duplication. See #2082, #2099.
"-c", "core.quotePath=false",
] ]
@ -222,15 +233,12 @@ def _git_diff_range(repo_root, base, head="HEAD"):
them reviewed otherwise unreviewed commits get permanently silenced. them reviewed otherwise unreviewed commits get permanently silenced.
""" """
try: try:
# core.quotePath=false makes git emit raw UTF-8 in `diff --git a/... b/...` # GIT_CMD globally passes core.quotePath=false (see definition) so
# headers instead of C-quoting non-ASCII path bytes (`"a/\303\201vila/..."` # non-ASCII paths in `diff --git a/... b/...` headers come through as
# vs `a/Ávila/...`). The downstream `re.match(r'^a/(.+?) b/(.+)$', ...)` # raw UTF-8, not C-quoted. Required by the downstream
# in parse_diff_into_files / extract_file_paths_from_diff matches the # parse_diff_into_files / extract_file_paths_from_diff regex.
# raw form only — quoted headers slip past and the entire file is
# silently dropped from review. See #2082 (sibling of #2056 / #2075).
r = subprocess.run( r = subprocess.run(
[*GIT_CMD, "-c", "core.quotePath=false", [*GIT_CMD, "diff", "-p", "--no-color", "--no-ext-diff", base, head],
"diff", "-p", "--no-color", "--no-ext-diff", base, head],
cwd=repo_root, capture_output=True, timeout=30, cwd=repo_root, capture_output=True, timeout=30,
) )
if r.returncode != 0: if r.returncode != 0:
@ -355,8 +363,9 @@ def _git_name_only(cwd, base, include_untracked=False):
# result.stdout=None, and propagate AttributeError out of the helper. # result.stdout=None, and propagate AttributeError out of the helper.
# Same fix shape as diffstate._list_untracked. See #2056. # Same fix shape as diffstate._list_untracked. See #2056.
def _run(env): def _run(env):
# core.quotePath=false comes from GIT_CMD globally (see definition).
result = subprocess.run( result = subprocess.run(
[*GIT_CMD, "-c", "core.quotePath=false", "diff", "--name-only", "-z", base], [*GIT_CMD, "diff", "--name-only", "-z", base],
cwd=cwd, capture_output=True, timeout=30, cwd=cwd, capture_output=True, timeout=30,
env=env, env=env,
) )
@ -393,9 +402,9 @@ def _git_status_porcelain(cwd):
# sibling helpers — a non-ASCII path in the worktree would otherwise # sibling helpers — a non-ASCII path in the worktree would otherwise
# crash the cp1252 reader thread on Windows. See #2056. # crash the cp1252 reader thread on Windows. See #2056.
try: try:
# core.quotePath=false comes from GIT_CMD globally (see definition).
r = subprocess.run( r = subprocess.run(
[*GIT_CMD, "-c", "core.quotePath=false", "status", [*GIT_CMD, "status", "--porcelain=v1", "-uall", "-z"],
"--porcelain=v1", "-uall", "-z"],
cwd=cwd, capture_output=True, timeout=30, cwd=cwd, capture_output=True, timeout=30,
) )
if r.returncode != 0: if r.returncode != 0:
@ -471,11 +480,8 @@ def get_git_diff(cwd, baseline_sha, full_context=False, paths=None, untracked_pa
# change exists to fix. # change exists to fix.
return "" return ""
# core.quotePath=false: emit raw UTF-8 in `diff --git a/... b/...` headers # core.quotePath=false comes from GIT_CMD globally (see definition).
# so non-ASCII paths aren't C-quoted past the downstream parse_diff_into_files cmd = [*GIT_CMD, "diff", "--no-color", "--no-ext-diff", baseline_sha] + (["--unified=99999"] if full_context else []) + pathspec
# regex. See #2082 (sibling of #2056 / #2075).
cmd = [*GIT_CMD, "-c", "core.quotePath=false",
"diff", "--no-color", "--no-ext-diff", baseline_sha] + (["--unified=99999"] if full_context else []) + pathspec
try: try:
with _temp_index(cwd, untracked_paths) as env: with _temp_index(cwd, untracked_paths) as env:
# env is None when no index could be found (bare repo / not a # env is None when no index could be found (bare repo / not a

8
plugins/security-guidance/hooks/security_reminder_hook.py
View File

@ -1197,18 +1197,18 @@ def handle_commit_review_posttooluse(input_data):
# core.quotePath=false: emit raw UTF-8 in `diff --git a/... b/...` # core.quotePath=false: emit raw UTF-8 in `diff --git a/... b/...`
# headers so non-ASCII paths aren't C-quoted past the downstream # headers so non-ASCII paths aren't C-quoted past the downstream
# parse_diff_into_files regex (sibling of #2056 / #2075). See #2082. # parse_diff_into_files regex (sibling of #2056 / #2075). See #2082.
# core.quotePath=false comes from GIT_CMD globally (see gitutil.py).
if pre_amend_sha: if pre_amend_sha:
# Delta review: pre-amend → post-amend. `git diff` (not show) # Delta review: pre-amend → post-amend. `git diff` (not show)
# so the output is a pure unified diff with no commit header. # so the output is a pure unified diff with no commit header.
result = subprocess.run( result = subprocess.run(
[*GIT_CMD, "-c", "core.quotePath=false", [*GIT_CMD, "diff", "--no-color", "--no-ext-diff",
"diff", "--no-color", "--no-ext-diff", pre_amend_sha, sha, "--"], pre_amend_sha, sha, "--"],
cwd=repo_root, capture_output=True, timeout=15 cwd=repo_root, capture_output=True, timeout=15
) )
else: else:
result = subprocess.run( result = subprocess.run(
[*GIT_CMD, "-c", "core.quotePath=false", [*GIT_CMD, "show", "-p", "--no-color", "--no-ext-diff", sha, "--"],
"show", "-p", "--no-color", "--no-ext-diff", sha, "--"],
cwd=repo_root, capture_output=True, timeout=15 cwd=repo_root, capture_output=True, timeout=15
) )
except (subprocess.TimeoutExpired, FileNotFoundError, OSError) as e: except (subprocess.TimeoutExpired, FileNotFoundError, OSError) as e: