@@ -18,18 +18,15 @@ func main() {
1818 return
1919 }
2020
21- // Change any ssh or git url arguments to https
22- for i , arg := range os .Args {
23- os .Args [i ] = Scrub (arg )
21+ if IsRewriteAllowed (os .Args [1 :]) {
22+ // Change any ssh or git url arguments to https
23+ for i , arg := range os .Args [1 :] {
24+ os .Args [i ] = Scrub (arg )
25+ }
2426 }
2527
2628 // Run the scrubbed git command
27- var cmd * exec.Cmd
28- if len (os .Args ) == 1 {
29- cmd = exec .Command (os .Args [0 ])
30- } else {
31- cmd = exec .Command (os .Args [0 ], os .Args [1 :]... )
32- }
29+ cmd := exec .Command (os .Args [0 ], os .Args [1 :]... )
3330 cmd .Stderr = os .Stderr
3431 cmd .Stdout = os .Stdout
3532 err := cmd .Run ()
@@ -39,6 +36,26 @@ func main() {
3936 }
4037}
4138
39+ var allowedCommands = []string {"clone" , "fetch" }
40+
41+ // IsRewriteAllowed returns true if it is safe to rewrite arguments. Some commands
42+ // such as config would break if rewritten, like when using insteadOf.
43+ func IsRewriteAllowed (args []string ) bool {
44+ for _ , arg := range args {
45+ if strings .HasPrefix (arg , "-" ) {
46+ continue
47+ }
48+ for _ , allowed := range allowedCommands {
49+ if arg == allowed {
50+ return true
51+ }
52+ }
53+ return false
54+ }
55+ return false
56+ }
57+
58+ // FindGit finds the second git executable on the path, the first being this one.
4259func FindGit (envPath string ) string {
4360 paths := strings .Split (envPath , string (os .PathListSeparator ))
4461 var shimPath string
@@ -68,6 +85,7 @@ func FindGit(envPath string) string {
6885
6986var scpUrl = regexp .MustCompile (`^(?P<user>\S+?)@(?P<host>[a-zA-Z\d-]+(\.[a-zA-Z\d-]+)+\.?):(?P<path>.*?/.*?)$` )
7087
88+ // Scrub rewrites arguments that look like URLs to have the HTTPS protocol.
7189func Scrub (argument string ) string {
7290 u , err := url .ParseRequestURI (argument )
7391 if err == nil && u .Scheme != "" {
0 commit comments