fix: normalize "." repo identifier to auto-detect#8
Merged
Conversation
When a user passes "." as a repo identifier (e.g., `aifr log .`,
`aifr refs .`, `aifr stash-list .`), it means "this directory" —
semantically identical to the no-argument auto-detect case. Previously,
"." was treated as an explicit filesystem path and subjected to access
control on the repo root, causing it to be denied when the auto-detect
path (empty string) would succeed for the same repo.
Fix by normalizing "." to "" at the top of openGitRepo, the single
chokepoint for all git operations. This applies consistently to all
git commands (log, refs, stash-list, rev-parse, git-config) without
touching any individual command's arg parsing.
".." and other relative paths ("./sub", "../other") remain subject
to access control since they may reference a different repository.
https://claude.ai/code/session_016QBk2VFvP92AXspnSePeLz
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
"."to""(auto-detect) inopenGitRepo, the single chokepoint for all git operationsaifr log .now behaves identically toaifr log— no access control check since the user is already in the directory".."and other relative paths are NOT normalized and remain subject to access controlBackground
When running
aifr log .the repo identifier"."was treated as an explicit filesystem path, triggering access control checks. This causedaifr log .to be denied even thoughaifr log(no argument, auto-detect) succeeded from the same directory. The fix applies to all git commands (log, refs, rev-parse, reflog, stash-list, git-config) since they all go throughopenGitRepo.Test plan
TestOpenGitRepoDotNormalization— verifies""and"."succeed, absolute path denied,".."deniedTestDotRepoConsistentAcrossCommands— verifies"."works for Refs and Log, absolute paths deniedgo test -race ./...)https://claude.ai/code/session_016QBk2VFvP92AXspnSePeLz