[wp-meta] [Making WordPress.org] #7415: Consider blocking plugin submissions containing .git folders (among others?)
Making WordPress.org
noreply at wordpress.org
Fri Jan 19 03:07:33 UTC 2024
#7415: Consider blocking plugin submissions containing .git folders (among
others?)
---------------------------+---------------------
Reporter: JustinSainton | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone:
Component: General | Resolution:
Keywords: |
---------------------------+---------------------
Comment (by dd32):
Just noting, Plugin Check (hereby referred to as PC) does include a check
for this: https://github.com/WordPress/plugin-
check/blob/trunk/includes/Checker/Checks/File_Type_Check.php
Until such a time that PC blocks uploads (rather than just running on
uploads), adding a "Lite" version of that check into the upload process on
the directory seems reasonable to me - Especially for the highly common
cases of `.git` and `.svn` which can often contain details we ''don't want
to know'' and the plugin author most likely did not realise they were
submitting it.
It doesn't need to be as complete as PCs check.
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/7415#comment:1>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list