ignore .github and .phan folders, fixed path check

Signed-off-by: Andy Miller <rhuk@mac.com>
This commit is contained in:
Andy Miller
2025-11-05 23:23:18 +00:00
parent be20cf2e2c
commit 4d31bbb43a
2 changed files with 16 additions and 2 deletions

8
.gitattributes vendored Normal file
View File

@@ -0,0 +1,8 @@
# Exclude development and CI/CD files from release archives
/.github export-ignore
/.phan export-ignore
/tests export-ignore
/codeception.yml export-ignore
/.travis.yml export-ignore
/.dependencies export-ignore
/.editorconfig export-ignore

View File

@@ -84,6 +84,8 @@ class SafeUpgradeService
'tmp',
'cache',
'user',
'.github',
'.phan',
];
/** @var callable|null */
private $progressCallback = null;
@@ -913,10 +915,14 @@ class SafeUpgradeService
$stage = $packagePath . '/' . $relative;
// Only delete from staging area, NEVER from live installation
if (strpos($stage, $this->rootPath . DIRECTORY_SEPARATOR) === 0) {
// Check if stage path is directly under root (e.g., /home/grav/user)
// but allow subdirectories (e.g., /home/grav/tmp/.../package/user)
$realStage = realpath(dirname($stage));
$realRoot = realpath($this->rootPath);
if ($realStage === $realRoot) {
throw new RuntimeException(
'SAFETY VIOLATION: Attempted to delete directory from live installation during hydration. ' .
'Stage path appears to be within live root. This should never happen.'
'Stage path appears to be directly in live root. This should never happen.'
);
}