fetchgit: Remove incomplete/unneeded isURI check.

This check spuriously fails for e.g. git@github.com:NixOS/nixpkgs.git, and even for ssh://git@github.com/NixOS/nixpkgs.git, and is made redundant by the checks git itself will do when fetching the repo. We instead pass a -- before passing the URI to git to avoid injection.
author: Shea Levy <shea@shealevy.com> 2017-10-16T16·56-0400
committer: Shea Levy <shea@shealevy.com> 2017-10-16T18·35-0400
commit: 4e58294ae62075fae1a2e82e1f62f627c2a0bd80 (patch)
tree: db2c90e2456b56edaca2487ac5eeb4d118e96b13 /src
parent: 1dd29d7aebae706f3e90a18bbfae727f2ed03c70 (diff)
1 files changed, 1 insertions, 4 deletions
diff --git a/src/libexpr/primops/fetchgit.cc b/src/libexpr/primops/fetchgit.cc
index e16c8235378d..545954f58430 100644
--- a/src/libexpr/primops/fetchgit.cc
+++ b/src/libexpr/primops/fetchgit.cc
@@ -13,9 +13,6 @@ namespace nix {
 Path exportGit(ref<Store> store, const std::string & uri,
     const std::string & ref, const std::string & rev)
 {
-    if (!isUri(uri))
-        throw EvalError(format("'%s' is not a valid URI") % uri);
-
     if (rev != "") {
         std::regex revRegex("^[0-9a-fA-F]{40}$");
         if (!std::regex_match(rev, revRegex))
@@ -47,7 +44,7 @@ Path exportGit(ref<Store> store, const std::string & uri,
     if (stat(localRefFile.c_str(), &st) != 0 ||
         st.st_mtime < now - settings.tarballTtl)
     {
-        runProgram("git", true, { "-C", cacheDir, "fetch", "--force", uri, ref + ":" + localRef });
+        runProgram("git", true, { "-C", cacheDir, "fetch", "--force", "--", uri, ref + ":" + localRef });
 
         struct timeval times[2];
         times[0].tv_sec = now;
author	Shea Levy <shea@shealevy.com>	2017-10-16T16·56-0400
committer	Shea Levy <shea@shealevy.com>	2017-10-16T18·35-0400
commit	4e58294ae62075fae1a2e82e1f62f627c2a0bd80 (patch)
tree	db2c90e2456b56edaca2487ac5eeb4d118e96b13 /src
parent	1dd29d7aebae706f3e90a18bbfae727f2ed03c70 (diff)