Skip to content

fix: add git worktree support in PrepareRepo #4690

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
andoniaf wants to merge 2 commits into
base: main
Choose a base branch
from
Open

fix: add git worktree support in PrepareRepo #4690

andoniaf wants to merge 2 commits into from

Conversation

@andoniaf
Copy link

@andoniaf andoniaf commented Jan 23, 2026

Description:

Fixes #4553 - TruffleHog fails when scanning git worktrees with error "failed to read index file: .../.git/index: not a directory".

Root Cause:
In git worktrees, .git is a file containing a gitdir: <path> reference, not a directory. The PrepareRepo() function assumed .git was always a directory when copying the index file.

Solution:
Added resolveGitDir() helper function that:

  1. Detects if .git is a file or directory
  2. If it's a file (worktree), parses the gitdir: reference
  3. Returns the actual git directory path

This allows TruffleHog to correctly scan staged changes in git worktrees.

Checklist:

  • Tests passing (make test-community)?
  • Lint passing (make lint)?

@andoniaf
fix: add git worktree support for local file:// scanning
ccee83c 
Fixes trufflesecurity#4553

The issue was introduced in v3.90.10 by PR trufflesecurity#4502 which added local git
config sanitization. When scanning a local file:// repository, the code
copies the git index file to support staged changes scanning. However,
it assumed .git is always a directory.

In git worktrees, .git is a file containing a "gitdir: <path>" reference
to the actual git directory location. This caused the error:
"failed to read index file: open .../.git/index: not a directory"

This commit adds a resolveGitDir() helper function that:
- Checks if .git is a file or directory
- If it's a file (worktree), parses the gitdir reference
- Returns the resolved path to the actual git directory

The PrepareRepo() function now uses this helper to correctly locate
the index file in both regular repositories and worktrees.
@andoniaf
fix: handle errcheck lint warning in git test
6642697 
Explicitly discard the error return value from os.RemoveAll in deferred
cleanup to satisfy the errcheck linter.
@andoniaf andoniaf requested a review from a team January 23, 2026 11:08
@andoniaf andoniaf requested a review from a team as a code owner January 23, 2026 11:08
@andoniaf
Copy link
Author

andoniaf commented Jan 23, 2026

Testing locally

Screenshot 2026-01-23 at 12 11 45

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3.90.10: git worktree fails with "failed to read index file: .../.git/index: not a directory"

1 participant

@andoniaf