[wp-meta] [Making WordPress.org] #7415: Consider blocking plugin submissions containing .git folders (among others?)

Making WordPress.org noreply at wordpress.org
Fri Jan 19 03:07:33 UTC 2024


#7415: Consider blocking plugin submissions containing .git folders (among
others?)
---------------------------+---------------------
 Reporter:  JustinSainton  |       Owner:  (none)
     Type:  defect (bug)   |      Status:  new
 Priority:  normal         |   Milestone:
Component:  General        |  Resolution:
 Keywords:                 |
---------------------------+---------------------

Comment (by dd32):

 Just noting, Plugin Check (hereby referred to as PC) does include a check
 for this: https://github.com/WordPress/plugin-
 check/blob/trunk/includes/Checker/Checks/File_Type_Check.php

 Until such a time that PC blocks uploads (rather than just running on
 uploads), adding a "Lite" version of that check into the upload process on
 the directory seems reasonable to me - Especially for the highly common
 cases of `.git` and `.svn` which can often contain details we ''don't want
 to know'' and the plugin author most likely did not realise they were
 submitting it.

 It doesn't need to be as complete as PCs check.

-- 
Ticket URL: <https://meta.trac.wordpress.org/ticket/7415#comment:1>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org


More information about the wp-meta mailing list