Use addenv to ensure git commands don't leak env variables

README.md

@@ -10,8 +10,7 @@ your packages!
 
 GitCommand provides a Git binary via
 [Git_jll](https://github.com/JuliaBinaryWrappers/Git_jll.jl).
-Git_jll uses the Pkg Artifacts system, and therefore Git_jll and GitCommand
-require at least Julia 1.3.
+The latest version of GitCommand requires at least Julia 1.6.
 
 GitCommand is intended to work on any platform that supports Julia,
 including (but not limited to) Windows, macOS, Linux, and FreeBSD.
@@ -21,9 +20,7 @@ including (but not limited to) Windows, macOS, Linux, and FreeBSD.
 ```julia
 julia> using GitCommand
 
-julia> git() do git
-           run(`$git clone https://github.com/JuliaRegistries/General`)
-       end
+julia> run(`$(git()) clone https://github.com/JuliaRegistries/General`)
 ```
 
 ## Git REPL mode

src/git.jl

@@ -3,12 +3,7 @@ function _git_cmd(str::AbstractString;
                   adjust_LIBPATH::Bool = true)
     git_path, env_mapping = _env_mapping(; adjust_PATH = adjust_PATH,
                                            adjust_LIBPATH = adjust_LIBPATH)
-    new_env = copy(ENV)
-    for p in env_mapping
-        new_env[p[1]] = p[2]
-    end
-    new_cmd = Cmd(`$(git_path) $(split(str))`; env = new_env)
-    return new_cmd
+    return addenv(`$(git_path) $(split(str))`, env_mapping)
 end
 
 macro git_cmd(ex)
@@ -25,12 +20,16 @@ function _gitrepl_parser(repl_input::AbstractString)
     end
 end
 
+function git(;
+             adjust_PATH::Bool = true,
+             adjust_LIBPATH::Bool = true)
+    git_path, env_mapping = _env_mapping(; adjust_PATH, adjust_LIBPATH)
+    return addenv(`$(git_path)`, env_mapping...)
+end
+
+# This function should be deprecated, it's kept only for backward-compatibility
 function git(f::Function;
              adjust_PATH::Bool = true,
              adjust_LIBPATH::Bool = true)
-    git_path, env_mapping = _env_mapping(; adjust_PATH = adjust_PATH,
-                                           adjust_LIBPATH = adjust_LIBPATH)
-    return withenv(env_mapping...) do
-        return f(git_path)
-    end
+    return f(git(; adjust_PATH, adjust_LIBPATH))
 end

test/runtests.jl

@@ -1,5 +1,12 @@
 using GitCommand
 using Test
+using JLLWrappers
+
+get_env(env) = get(ENV, env, nothing)
+const orig_libpath = get_env(JLLWrappers.LIBPATH_env)
+const orig_execpath = get_env("GIT_EXEC_PATH")
+const orig_cainfo = get_env("GIT_SSL_CAINFO")
+const orig_templatedir = get_env("GIT_TEMPLATE_DIR")
 
 include("test-utils.jl")
 
@@ -10,6 +17,14 @@ include("test-utils.jl")
         @test GitCommand._separator() == ':'
     end
 
+    with_temp_dir() do tmp_dir
+        @test !isdir("GitCommand.jl")
+        @test !isfile(joinpath("GitCommand.jl", "Project.toml"))
+        run(`$(git()) clone https://github.com/JuliaVersionControl/GitCommand.jl`)
+        @test isdir("GitCommand.jl")
+        @test isfile(joinpath("GitCommand.jl", "Project.toml"))
+    end
+
     with_temp_dir() do tmp_dir
         @test !isdir("GitCommand.jl")
         @test !isfile(joinpath("GitCommand.jl", "Project.toml"))
@@ -46,3 +61,11 @@ include("test-utils.jl")
         @test isfile(joinpath("GitCommand.jl", "Project.toml"))
     end
 end
+
+@testset "Safety" begin
+    # Make sure `git` commands don't leak environment variables
+    @test orig_libpath == get_env(JLLWrappers.LIBPATH_env)
+    @test orig_execpath == get_env("GIT_EXEC_PATH")
+    @test orig_cainfo == get_env("GIT_SSL_CAINFO")
+    @test orig_templatedir == get_env("GIT_TEMPLATE_DIR")
+end