Context
_git_only_path_dirty is used by git_update_repo to allow updates when tracked changes are limited to an allowed repo-relative path. For rename status lines, it currently strips the source side and checks only the destination path.
Failure Scenario
git mv src/outside.txt shared/outside.txt
_git_only_path_dirty shared # currently returns success
git status --porcelain reports R src/outside.txt -> shared/outside.txt. The helper checks only shared/outside.txt, so a rename from outside the allowed boundary into the allowed path passes.
Scope
- Parse porcelain rename paths so both source and destination are checked against the allowed path.
- Preserve existing behavior for normal modified files and nested allowed paths.
- Add BATS coverage for outside-to-inside, inside-to-outside, and inside-to-inside renames if practical.
Acceptance Criteria
- Renames pass only when both source and destination are inside the allowed path boundary.
- Sibling prefix protection remains intact.
./tests/validate.sh passes.
Validation
Context
_git_only_path_dirtyis used bygit_update_repoto allow updates when tracked changes are limited to an allowed repo-relative path. For rename status lines, it currently strips the source side and checks only the destination path.Failure Scenario
git mv src/outside.txt shared/outside.txt _git_only_path_dirty shared # currently returns successgit status --porcelainreportsR src/outside.txt -> shared/outside.txt. The helper checks onlyshared/outside.txt, so a rename from outside the allowed boundary into the allowed path passes.Scope
Acceptance Criteria
./tests/validate.shpasses.Validation
./tests/validate.sh