Request For Review of 24c63d0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi
I pushed again (2bcf140..24c63d0) and the hook is still broken. In
24c63d0 I have added a sub resolve_pkg_path in Util, that I intend to
use to resolve paths inside packages (e.g. inside checks).
Hench, it needs to resolve paths correctly (to the extend possible)
and without "escaping" the package root (to avoid another series of
CVEs). Therefore I was hoping you would dedicate a bit of time to
review the commit and the sub itself.
I have added a set of regression tests for it in t/scripts/Util/path.t
and by all means feel free to add another interesting test case.
~Niels
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJN2R8OAAoJEAVLu599gGRCPwwP/iPKba5/QUHVTzVTBNbvkzKQ
lKFq++iY4TTHwC1RMWPc7TkFu6q7sWGw6ed+1mWKlVpljyhh/zg2kBWFPgmPvovM
VHRlYHJ8IbDTTR0wwkjxUPk2OzmQoCt6zCXHT/Qek/255nMCKEd44JSWjyi7GIgj
afnZnkW8OGi4x6tMuSGKdwd5hJgVf1ihU98SLvTZ5f4va/77q8Huipdzf1VAWeU2
jOBgluJOz5v2F4q0BmQrGzkenjetHejNDwX5SV9+VhlQthKkdHQ208gvtlMc6Csm
EnfNLJ18Fi1Dy4qEPjor5/S7La1lMYT7NMsrQ9+OIB29lQvO0L1DCQlnhNVwEqk+
yluAKR9wkF8FulK5pehxNhEy/5zh10AaM21ZYANXfuK55ZizEvVa75g671fia2fP
8UWPgw7CUpxUaz218ZWYrPgPRHmCNX+rFx6fUcB0C0TLtPW2EWBtDQnWZRr+T7ax
M7l1+EyVSbuuKWphukGsr0zZQyUyOCK60LLikyYGDLnBhoO9eLIBX6kY2bojMkRM
k/mM4QWxp2ar37WCqsrxKINOmya7b/jRDNcoMgzV9qkBRyvcr0OgwZOeERhrdqxf
2yp8yWIKLGj/njMDBIOmOVDyfCm04w9iaDUxsqm5xl/lPVgr68bv4Mtt2ZKIJhLy
MThq9UDPntjILfxEi3et
=9Azl
-----END PGP SIGNATURE-----
Reply to: