summaryrefslogtreecommitdiff
path: root/.github
diff options
context:
space:
mode:
Diffstat (limited to '.github')
-rw-r--r--.github/workflows/bootstrap.yml32
1 files changed, 32 insertions, 0 deletions
diff --git a/.github/workflows/bootstrap.yml b/.github/workflows/bootstrap.yml
index 27cdf170f1..4af7abb278 100644
--- a/.github/workflows/bootstrap.yml
+++ b/.github/workflows/bootstrap.yml
@@ -61,6 +61,14 @@ jobs:
bzip2 curl file g++ gcc gfortran git gnupg2 gzip \
make patch unzip xz-utils python3 python3-dev tree \
cmake bison
+ - name: Work around CVE-2022-24765
+ run: |
+ # Apparently Ubuntu patched git v2.25.1 with a security patch that introduces
+ # a breaking behavior. See:
+ # - https://github.blog/2022-04-12-git-security-vulnerability-announced/
+ # - https://github.com/actions/checkout/issues/760
+ # - http://changelogs.ubuntu.com/changelogs/pool/main/g/git/git_2.25.1-1ubuntu3.3/changelog
+ git config --global --add safe.directory /__w/spack/spack
- uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # @v2
- name: Setup repo and non-root user
run: |
@@ -90,6 +98,14 @@ jobs:
apt-get install -y \
bzip2 curl file g++ gcc gfortran git gnupg2 gzip \
make patch unzip xz-utils python3 python3-dev tree
+ - name: Work around CVE-2022-24765
+ run: |
+ # Apparently Ubuntu patched git v2.25.1 with a security patch that introduces
+ # a breaking behavior. See:
+ # - https://github.blog/2022-04-12-git-security-vulnerability-announced/
+ # - https://github.com/actions/checkout/issues/760
+ # - http://changelogs.ubuntu.com/changelogs/pool/main/g/git/git_2.25.1-1ubuntu3.3/changelog
+ git config --global --add safe.directory /__w/spack/spack
- uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # @v2
- name: Setup repo and non-root user
run: |
@@ -202,6 +218,14 @@ jobs:
apt-get install -y \
bzip2 curl file g++ gcc patchelf gfortran git gzip \
make patch unzip xz-utils python3 python3-dev tree
+ - name: Work around CVE-2022-24765
+ run: |
+ # Apparently Ubuntu patched git v2.25.1 with a security patch that introduces
+ # a breaking behavior. See:
+ # - https://github.blog/2022-04-12-git-security-vulnerability-announced/
+ # - https://github.com/actions/checkout/issues/760
+ # - http://changelogs.ubuntu.com/changelogs/pool/main/g/git/git_2.25.1-1ubuntu3.3/changelog
+ git config --global --add safe.directory /__w/spack/spack
- uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
- name: Setup repo and non-root user
run: |
@@ -231,6 +255,14 @@ jobs:
bzip2 curl file g++ gcc patchelf gfortran git gzip \
make patch unzip xz-utils python3 python3-dev tree \
gawk
+ - name: Work around CVE-2022-24765
+ run: |
+ # Apparently Ubuntu patched git v2.25.1 with a security patch that introduces
+ # a breaking behavior. See:
+ # - https://github.blog/2022-04-12-git-security-vulnerability-announced/
+ # - https://github.com/actions/checkout/issues/760
+ # - http://changelogs.ubuntu.com/changelogs/pool/main/g/git/git_2.25.1-1ubuntu3.3/changelog
+ git config --global --add safe.directory /__w/spack/spack
- uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
- name: Setup repo and non-root user
run: |