Skip to content

Resolve ambiguous references for archive metadata

Vasilii Iakliushin requested to merge 823-fix-commit-id-for-archives into master

What does this MR do and why?

Contributes to #381815 (closed)

See details about the merge request process: #381815 (comment 1335460665)

Problem

It's possible to fetch archives for hidden references if user creates a tag/branch name that matches the reference.

Solution

Apply git logic to identify the priority of resolving the reference.

How to set up and validate locally

  1. Enable feature flag Feature.enable(:resolve_ambiguous_archives)
  2. Follow reproduction steps: #381815 (closed)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to https://gitlab.com/gitlab-org/security/gitlab/-/issues/877

Edited by Vasilii Iakliushin

Merge request reports

Loading