Skip to content

fix: disable sparse checkout cone mode to prevent root file leaks#89

Open
abnegate wants to merge 2 commits intomainfrom
fix-sparse-cone
Open

fix: disable sparse checkout cone mode to prevent root file leaks#89
abnegate wants to merge 2 commits intomainfrom
fix-sparse-cone

Conversation

@abnegate
Copy link
Copy Markdown
Member

@abnegate abnegate commented Apr 10, 2026

Summary

  • Git 2.37+ defaults to cone mode for sparse checkout, which always includes root-level files alongside the specified subdirectory
  • This causes VCS function deployments with a non-root providerRootDirectory to include root-level files (e.g. build.gradle.kts, package.json) that can break function builds
  • Affected since Appwrite 1.5.0 (ships Git 2.43.0), including Cloud (1.9.0 ships Git 2.52.0)
  • Fix: set core.sparseCheckoutCone false before writing the sparse-checkout pattern

Test plan

  • Existing testGenerateCloneCommand* tests pass (pattern * clones everything regardless of cone mode)
  • VCS deployment with nested providerRootDirectory no longer includes root-level files

@greptile-apps
Copy link
Copy Markdown

greptile-apps bot commented Apr 10, 2026
edited
Loading

Greptile Summary

This PR fixes a regression in Git 2.37+ where cone mode for sparse checkout became the default, causing root-level files to always be included alongside the specified providerRootDirectory. The fix inserts git config core.sparseCheckoutCone false into the command sequence before the sparse-checkout pattern is written, but only when the target is a subdirectory (not the wildcard * pattern).

Confidence Score: 5/5

Safe to merge — targeted, minimal fix with no side effects on the wildcard (*) code path.

The change is small and surgical: one new boolean derived from an already-escaped variable, one conditional config command, and a cosmetic refactor of the array build. The $isSubdirectory comparison is correct ($rootDirectory is already escaped, so comparing against escapeshellarg('*') is the right approach). Cone mode is only disabled when it would actually cause a problem (specific subdirectory path), leaving the * path unaffected. No P1 or P0 findings.

No files require special attention.

Important Files Changed

Filename Overview
src/VCS/Adapter/Git/GitHub.php Adds core.sparseCheckoutCone false before writing the sparse-checkout pattern when a specific subdirectory is targeted, preventing Git 2.37+ cone-mode defaults from pulling in root-level files.

Reviews (2): Last reviewed commit: "(fix): only disable cone mode for subdir..." | Re-trigger Greptile

@abnegate abnegate added the test Enables E2E tests in CI/CD label Apr 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

test Enables E2E tests in CI/CD

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@abnegate