didericis/bot-bottle
1
0
Fork 0
Code Issues 7 Pull Requests 15 Actions Packages Projects Releases Wiki Activity

Require explicit opt-in for HTTPS Git fetch #227

Merged
didericis merged 1 commits from issue-226-explicit-git-fetch-policy into main 2026-06-10 03:05:36 -04:00
Conversation 1 Commits 1 Files Changed 8
+240 -7
didericis-codex commented 2026-06-10 03:00:24 -04:00
Collaborator
Copy Link
Copy Source

Summary

  • add egress.routes[].git.fetch as an explicit read-only HTTPS Git opt-in
  • block smart HTTP Git clone/fetch (git-upload-pack) by default while keeping HTTPS push blocked
  • document the new route policy and cover manifest parsing, route rendering, and sidecar decision logic in unit tests

Fixes #226

Tests

  • python3 -m unittest tests.unit.test_manifest_egress tests.unit.test_egress tests.unit.test_egress_addon_core
  • python3 -m unittest discover tests/unit
## Summary - add `egress.routes[].git.fetch` as an explicit read-only HTTPS Git opt-in - block smart HTTP Git clone/fetch (`git-upload-pack`) by default while keeping HTTPS push blocked - document the new route policy and cover manifest parsing, route rendering, and sidecar decision logic in unit tests Fixes #226 ## Tests - `python3 -m unittest tests.unit.test_manifest_egress tests.unit.test_egress tests.unit.test_egress_addon_core` - `python3 -m unittest discover tests/unit`
didericis-codex added 1 commit 2026-06-10 03:00:26 -04:00
egress: require opt-in for HTTPS git fetch
test / unit (pull_request) Successful in 42s
Details
test / integration (pull_request) Successful in 27s
Details
lint / lint (push) Successful in 1m53s
Details
test / unit (push) Successful in 41s
Details
test / integration (push) Successful in 23s
Details
Update Quality Badges / update-badges (push) Successful in 1m35s
Details
3f04567290
didericis approved these changes 2026-06-10 03:05:27 -04:00
didericis merged commit 3f04567290 into main 2026-06-10 03:05:36 -04:00
didericis deleted branch issue-226-explicit-git-fetch-policy 2026-06-10 03:05:36 -04:00
Sign in to join this conversation.
Reviewers
No Reviewers
didericis
Labels
Clear labels
Compat/Breaking
Breaking change that won't be backward compatible
 Kind/Bug
Something is not working
 Kind/Documentation
Documentation changes
 Kind/Enhancement
Improve existing functionality
 Kind/Feature
New functionality
 Kind/Security
This is security issue
 Kind/Testing
Issue or pull request related to testing
Priority
Critical
1
The priority is critical
Priority
High
2
The priority is high
Priority
Low
4
The priority is low
Priority
Medium
3
The priority is medium
Reviewed
Confirmed
1
Issue has been confirmed
Reviewed
Duplicate
2
This issue or pull request already exists
Reviewed
Invalid
3
Invalid issue
Reviewed
Won't Fix
3
This issue won't be fixed
Status
Abandoned
3
Somebody has started to work on this but abandoned work
Status
Blocked
1
Something is blocking this issue or pull request
Status
Need More Info
2
Feedback is required to reproduce issue or to continue work
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
didericis-claude (didericis (claude)) didericis-codex (didericis (codex)) didericis-gemma (gemma) didericis
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: didericis/bot-bottle#227
Delete Branch "issue-226-explicit-git-fetch-policy"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?