fix: username in scp-like url is no longer percent-encoded (#2056) #2060
Conversation
…abs#2056) Since Git doesn't percent-decode characters in scp-like URL, we shouldn't encode username at all. https://github.com/git/git/blob/v2.50.0/connect.c#L1081 I've split write_to() function to clarify that any non-path components that should be separated by ":" cannot be serialized in alternative form. I've made it fall back to the URL syntax if password or port number was set. Maybe we can also check if the user or host includes ":", but I'm not sure how much foolproof we should add here.
|
Thanks so much, I am loving the refactoring and the tests for the additional logic improvements. Since I dug into the baseline test a little bit I noticed that we are still not parsing everything that Git can correctly. If the baseline could be brought to greater compatibility, maybe then it's just another small step to assure we can serialize everything correctly as well. Maybe something for @rickprice - taking many small steps would lead to a positive outcome here. |
However, these don't show any differences as we already parsed these correctly, while the recent changes have been about serialization.
|
I can go over the git tests and ensure ours cover the same points if that
helps?
At ActiveState I did a lot of CVE remediation, and ensuring all the tests
existed and passed was one of the things that was needed.
Frederick
…On Wed, Jun 25, 2025 at 11:29 PM Sebastian Thiel ***@***.***> wrote:
*Byron* left a comment (GitoxideLabs/gitoxide#2060)
<#2060 (comment)>
Thanks so much, I am loving the refactoring *and* the tests for the
additional logic improvements.
Since I dug into the baseline test a little bit I noticed that we are
still not parsing everything that Git can correctly. If the baseline could
be brought to greater compatibility, maybe then it's just another small
step to assure we can serialize everything correctly as well. Maybe
something for @rickprice <https://github.com/rickprice> - taking many
small steps would lead to a positive outcome here.
—
Reply to this email directly, view it on GitHub
<#2060 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAHXNTVYIMI7G5RM674TU3T3FNSHXAVCNFSM6AAAAACACC3WN6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTAMBWHEYTMNBXGI>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
Thanks for offering! However, I don't think there were new tests added to the URL related Git test-suite, and I believe there is a lot to work on before trying to find more. The baseline tests have over 100 failures right now, i.e. Git parsing URLs that we can't parse or parse incorrectly. Thus, in |
|
Okay, I will try running the tests and see if I can start fixing things. For the moment, that is what I will focus on to try and help the project out. |
Since Git doesn't percent-decode characters in scp-like URL, we shouldn't encode username at all.
https://github.com/git/git/blob/v2.50.0/connect.c#L1081
I've split write_to() function to clarify that any non-path components that should be separated by ":" cannot be serialized in alternative form. I've made it fall back to the URL syntax if password or port number was set. Maybe we can also check if the user or host includes ":", but I'm not sure how much foolproof we should add here.