From 96535dc39f2751824eca0391a34518587e19a785 Mon Sep 17 00:00:00 2001 From: Massimiliano Culpo Date: Mon, 9 May 2022 11:11:03 +0200 Subject: CI: fix bootstrapping on Fedora (#30559) Fedora updated git, so we need to apply, again, the workaround for CVE-2022-24765 --- .github/workflows/bootstrap.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/bootstrap.yml b/.github/workflows/bootstrap.yml index 493295b624..bcea53c7c7 100644 --- a/.github/workflows/bootstrap.yml +++ b/.github/workflows/bootstrap.yml @@ -29,7 +29,13 @@ jobs: bzip2 curl file gcc-c++ gcc gcc-gfortran git gnupg2 gzip \ make patch unzip which xz python3 python3-devel tree \ cmake bison bison-devel libstdc++-static - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # @v2 + - name: Work around CVE-2022-24765 + run: | + # See: + # - https://github.blog/2022-04-12-git-security-vulnerability-announced/ + # - https://github.com/actions/checkout/issues/760 + git config --global --add safe.directory /__w/spack/spack + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # @v2 - name: Setup repo and non-root user run: | git --version -- cgit v1.2.3-70-g09d2