()
| 874 | */ |
| 875 | /* eslint-disable custom-rules/no-sync-fs -- sync permission-eval check */ |
| 876 | export function isCurrentDirectoryBareGitRepo(): boolean { |
| 877 | const fs = getFsImplementation() |
| 878 | const cwd = getCwd() |
| 879 | |
| 880 | const gitPath = join(cwd, '.git') |
| 881 | try { |
| 882 | const stats = fs.statSync(gitPath) |
| 883 | if (stats.isFile()) { |
| 884 | // worktree/submodule — Git follows the gitdir reference |
| 885 | return false |
| 886 | } |
| 887 | if (stats.isDirectory()) { |
| 888 | const gitHeadPath = join(gitPath, 'HEAD') |
| 889 | try { |
| 890 | // SECURITY: check isFile(). An attacker creating .git/HEAD as a |
| 891 | // DIRECTORY would pass a bare statSync but Git's setup_git_directory |
| 892 | // rejects it (not a valid HEAD) and falls back to cwd discovery. |
| 893 | if (fs.statSync(gitHeadPath).isFile()) { |
| 894 | // normal repo — .git/HEAD valid, Git won't fall back to cwd |
| 895 | return false |
| 896 | } |
| 897 | // .git/HEAD exists but is not a regular file — fall through |
| 898 | } catch { |
| 899 | // .git exists but no HEAD — fall through to bare-repo check |
| 900 | } |
| 901 | } |
| 902 | } catch { |
| 903 | // no .git — fall through to bare-repo indicator check |
| 904 | } |
| 905 | |
| 906 | // No valid .git/HEAD found. Check if cwd has bare git repo indicators. |
| 907 | // Be cautious — flag if ANY of these exist without a valid .git reference. |
| 908 | // Per-indicator try/catch so an error on one doesn't mask another. |
| 909 | try { |
| 910 | if (fs.statSync(join(cwd, 'HEAD')).isFile()) return true |
| 911 | } catch { |
| 912 | // no HEAD |
| 913 | } |
| 914 | try { |
| 915 | if (fs.statSync(join(cwd, 'objects')).isDirectory()) return true |
| 916 | } catch { |
| 917 | // no objects/ |
| 918 | } |
| 919 | try { |
| 920 | if (fs.statSync(join(cwd, 'refs')).isDirectory()) return true |
| 921 | } catch { |
| 922 | // no refs/ |
| 923 | } |
| 924 | return false |
| 925 | } |
| 926 | /* eslint-enable custom-rules/no-sync-fs */ |
| 927 |
no test coverage detected