(tooling-trusted-releases) branch arm updated: Ensure paths are relative to the revision path. Closes #720.

Tue, 24 Feb 2026 02:37:58 -0800 

This is an automated email from the ASF dual-hosted git repository.

arm pushed a commit to branch arm
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git


The following commit(s) were added to refs/heads/arm by this push:
     new e7b73d88 Ensure paths are relative to the revision path. Closes #720.
e7b73d88 is described below

commit e7b73d88dcd5ecb15554ed6dcd66f16a23e5a1df
Author: Alastair McFarlane <[email protected]>
AuthorDate: Tue Feb 24 10:37:24 2026 +0000

    Ensure paths are relative to the revision path. Closes #720.
---
 atr/storage/writers/release.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/atr/storage/writers/release.py b/atr/storage/writers/release.py
index b9970e81..d05b80d4 100644
--- a/atr/storage/writers/release.py
+++ b/atr/storage/writers/release.py
@@ -186,6 +186,10 @@ class CommitteeParticipant(FoundationCommitter):
             # Path to delete within the new revision directory
             path_in_new_revision = path / rel_path_to_delete
 
+            # Make sure the requested path is relative to the actual path
+            resolved = await asyncio.to_thread(path_in_new_revision.resolve)
+            resolved.relative_to(await asyncio.to_thread(path.resolve))
+
             # Check that the file exists in the new revision
             if not await aiofiles.os.path.exists(path_in_new_revision):
                 # This indicates a potential severe issue with hard linking or 
logic
@@ -216,6 +220,11 @@ class CommitteeParticipant(FoundationCommitter):
         async def modify(path: pathlib.Path, _old_rev: sql.Revision | None) -> 
None:
             # Uses new_revision_number for logging only
             path_in_new_revision = path / rel_path
+
+            # Make sure the requested path is relative to the actual path
+            resolved = await asyncio.to_thread(path_in_new_revision.resolve)
+            resolved.relative_to(await asyncio.to_thread(path.resolve))
+
             hash_path_rel = rel_path.name + ".sha512"
             hash_path_in_new_revision = path / rel_path.parent / hash_path_rel
 


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to