From 1a3b35d76924c53c2f4c98b6df092a2da869c971 Mon Sep 17 00:00:00 2001
From: Sodawyx <sodawyx@126.com>
Date: Tue, 21 Apr 2026 17:23:15 +0800
Subject: [PATCH] fix(release): mark workspace safe for git in manylinux
 containers

Inside quay.io/pypa/manylinux_2_28_* the workspace is owned by the
runner's UID but the container runs as root, so git refuses to read it
("dubious ownership"). That crashes setuptools-scm version resolution
during pip install -e . and breaks the linux-amd64 / linux-arm64 builds.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Signed-off-by: Sodawyx <sodawyx@126.com>
---
 .github/workflows/release.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 75f4ccd..a97dc60 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -108,6 +108,14 @@ jobs:
           ref: ${{ needs.verify-version.outputs.tag }}
           fetch-depth: 0  # setuptools-scm needs full history + tags
 
+      # Inside the manylinux container the workspace is owned by a different
+      # UID than root, so git refuses to read it ("dubious ownership") and
+      # setuptools-scm version resolution fails during pip install.
+      - name: Mark workspace as safe for git (container)
+        if: matrix.container != ''
+        shell: bash
+        run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
+
       # manylinux images ship multiple Pythons under /opt/python; expose one.
       - name: Configure Python (manylinux container)
         if: matrix.container != ''