Normalize and validate a repo-relative path from git output.
(p: str)
| 189 | |
| 190 | |
| 191 | def _normalize_relpath(p: str) -> str: |
| 192 | """Normalize and validate a repo-relative path from git output.""" |
| 193 | if "\x00" in p: |
| 194 | raise ValueError("NUL byte in path") |
| 195 | p = p.strip().replace("\\", "/") |
| 196 | if not p: |
| 197 | raise ValueError("Empty path") |
| 198 | if p.startswith("/") or re.match(r"^[A-Za-z]:/", p): |
| 199 | raise ValueError(f"Absolute path not allowed: {p}") |
| 200 | parts = [x for x in p.split("/") if x not in ("", ".")] |
| 201 | if any(x == ".." for x in parts): |
| 202 | raise ValueError(f"Path traversal not allowed: {p}") |
| 203 | return "/".join(parts) |
| 204 | |
| 205 | |
| 206 | def _empty_tree(repo: Path) -> str: |
no test coverage detected