Adding debian version 1:2.30.2-1+deb11u2.debian/1%2.30.2-1+deb11u2debian

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 969 insertions, 0 deletions

diff --git a/debian/patches/CVE-2022-39253.patch b/debian/patches/CVE-2022-39253.patch
new file mode 100644
index 0000000..e481e0e
--- /dev/null
+++ b/debian/patches/CVE-2022-39253.patch
@@ -0,0 +1,969 @@
+Origin: https://github.com/git/git/commit/6f054f9fb3a501c35b55c65e547a244f14c38d56
+Origin: https://github.com/git/git/commit/7de0c306f7b758d3fb537c18c2751f6250cea7a0
+Origin: https://github.com/git/git/commit/8a96dbcb339d25ba1813632319ea4052bc586ddf
+Origin: https://github.com/git/git/commit/99f4abb8dae4c9c604e5d5cf255958bbe537b928
+Origin: https://github.com/git/git/commit/f8d510ed0b357787c8d035d64f240bd82b424dc4
+Origin: https://github.com/git/git/commit/ac7e57fa288260341bdbd5e9abcdd24eaf214740
+Origin: https://github.com/git/git/commit/225d2d50ccef4baae410a96b9dc9e3978d164826
+Origin: https://github.com/git/git/commit/0f21b8f468566b991eea60bb7bdf2fce9265e367
+Origin: https://github.com/git/git/commit/0d3beb71dad7906f576b0de9cea32164549163fe
+Origin: https://github.com/git/git/commit/f4a32a550f9d40471fb42ed1e5c8612dfe4a83b1
+Origin: https://github.com/git/git/commit/a1d4f67c12ac172f835e6d5e4e0a197075e2146b
+Reviewed-by: Aron Xu <aron@debian.org>
+Last-Updated: 2023-01-26
+
+diff --git a/Documentation/config/protocol.txt b/Documentation/config/protocol.txt
+index 756591d..7993891 100644
+--- a/Documentation/config/protocol.txt
++++ b/Documentation/config/protocol.txt
+@@ -1,10 +1,10 @@
+ protocol.allow::
+ 	If set, provide a user defined default policy for all protocols which
+ 	don't explicitly have a policy (`protocol.<name>.allow`).  By default,
+-	if unset, known-safe protocols (http, https, git, ssh, file) have a
++	if unset, known-safe protocols (http, https, git, ssh) have a
+ 	default policy of `always`, known-dangerous protocols (ext) have a
+-	default policy of `never`, and all other protocols have a default
+-	policy of `user`.  Supported policies:
++	default policy of `never`, and all other protocols (including file)
++	have a default policy of `user`.  Supported policies:
+ +
+ --
+ 
+diff --git a/builtin/clone.c b/builtin/clone.c
+index e335734..e626073 100644
+--- a/builtin/clone.c
++++ b/builtin/clone.c
+@@ -420,13 +420,11 @@ static void copy_or_link_directory(struct strbuf *src, struct strbuf *dest,
+ 	int src_len, dest_len;
+ 	struct dir_iterator *iter;
+ 	int iter_status;
+-	unsigned int flags;
+ 	struct strbuf realpath = STRBUF_INIT;
+ 
+ 	mkdir_if_missing(dest->buf, 0777);
+ 
+-	flags = DIR_ITERATOR_PEDANTIC | DIR_ITERATOR_FOLLOW_SYMLINKS;
+-	iter = dir_iterator_begin(src->buf, flags);
++	iter = dir_iterator_begin(src->buf, DIR_ITERATOR_PEDANTIC);
+ 
+ 	if (!iter)
+ 		die_errno(_("failed to start iterator over '%s'"), src->buf);
+@@ -442,6 +440,10 @@ static void copy_or_link_directory(struct strbuf *src, struct strbuf *dest,
+ 		strbuf_setlen(dest, dest_len);
+ 		strbuf_addstr(dest, iter->relative_path);
+ 
++		if (S_ISLNK(iter->st.st_mode))
++			die(_("symlink '%s' exists, refusing to clone with --local"),
++			    iter->relative_path);
++
+ 		if (S_ISDIR(iter->st.st_mode)) {
+ 			mkdir_if_missing(dest->buf, 0777);
+ 			continue;
+diff --git a/t/lib-submodule-update.sh b/t/lib-submodule-update.sh
+index 4b714e9..cc5b58b 100644
+--- a/t/lib-submodule-update.sh
++++ b/t/lib-submodule-update.sh
+@@ -196,6 +196,7 @@ test_git_directory_exists () {
+ # the submodule repo if it doesn't exist and configures the most problematic
+ # settings for diff.ignoreSubmodules.
+ prolog () {
++	test_config_global protocol.file.allow always &&
+ 	(test -d submodule_update_repo || create_lib_submodule_repo) &&
+ 	test_config_global diff.ignoreSubmodules all &&
+ 	test_config diff.ignoreSubmodules all
+diff --git a/t/t1091-sparse-checkout-builtin.sh b/t/t1091-sparse-checkout-builtin.sh
+index 84acfc4..749c8f1 100755
+--- a/t/t1091-sparse-checkout-builtin.sh
++++ b/t/t1091-sparse-checkout-builtin.sh
+@@ -449,7 +449,8 @@ test_expect_success 'interaction with submodules' '
+ 	(
+ 		cd super &&
+ 		mkdir modules &&
+-		git submodule add ../repo modules/child &&
++		git -c protocol.file.allow=always \
++			submodule add ../repo modules/child &&
+ 		git add . &&
+ 		git commit -m "add submodule" &&
+ 		git sparse-checkout init --cone &&
+diff --git a/t/t1500-rev-parse.sh b/t/t1500-rev-parse.sh
+index 408b97d..acef9fd 100755
+--- a/t/t1500-rev-parse.sh
++++ b/t/t1500-rev-parse.sh
+@@ -163,7 +163,8 @@ test_expect_success 'showing the superproject correctly' '
+ 	test_commit -C super test_commit &&
+ 	test_create_repo sub &&
+ 	test_commit -C sub test_commit &&
+-	git -C super submodule add ../sub dir/sub &&
++	git -c protocol.file.allow=always \
++		-C super submodule add ../sub dir/sub &&
+ 	echo $(pwd)/super >expect  &&
+ 	git -C super/dir/sub rev-parse --show-superproject-working-tree >out &&
+ 	test_cmp expect out &&
+diff --git a/t/t2400-worktree-add.sh b/t/t2400-worktree-add.sh
+index 5a74954..cd02f78 100755
+--- a/t/t2400-worktree-add.sh
++++ b/t/t2400-worktree-add.sh
+@@ -597,6 +597,7 @@ test_expect_success '"add" should not fail because of another bad worktree' '
+ '
+ 
+ test_expect_success '"add" with uninitialized submodule, with submodule.recurse unset' '
++	test_config_global protocol.file.allow always &&
+ 	test_create_repo submodule &&
+ 	test_commit -C submodule first &&
+ 	test_create_repo project &&
+@@ -612,6 +613,7 @@ test_expect_success '"add" with uninitialized submodule, with submodule.recurse
+ '
+ 
+ test_expect_success '"add" with initialized submodule, with submodule.recurse unset' '
++	test_config_global protocol.file.allow always &&
+ 	git -C project-clone submodule update --init &&
+ 	git -C project-clone worktree add ../project-4
+ '
+diff --git a/t/t2403-worktree-move.sh b/t/t2403-worktree-move.sh
+index a4e1a17..e8246ee 100755
+--- a/t/t2403-worktree-move.sh
++++ b/t/t2403-worktree-move.sh
+@@ -138,7 +138,8 @@ test_expect_success 'move a repo with uninitialized submodule' '
+ 	(
+ 		cd withsub &&
+ 		test_commit initial &&
+-		git submodule add "$PWD"/.git sub &&
++		git -c protocol.file.allow=always \
++			submodule add "$PWD"/.git sub &&
+ 		git commit -m withsub &&
+ 		git worktree add second HEAD &&
+ 		git worktree move second third
+@@ -148,7 +149,7 @@ test_expect_success 'move a repo with uninitialized submodule' '
+ test_expect_success 'not move a repo with initialized submodule' '
+ 	(
+ 		cd withsub &&
+-		git -C third submodule update &&
++		git -c protocol.file.allow=always -C third submodule update &&
+ 		test_must_fail git worktree move third forth
+ 	)
+ '
+@@ -227,6 +228,7 @@ test_expect_success 'remove cleans up .git/worktrees when empty' '
+ '
+ 
+ test_expect_success 'remove a repo with uninitialized submodule' '
++	test_config_global protocol.file.allow always &&
+ 	(
+ 		cd withsub &&
+ 		git worktree add to-remove HEAD &&
+@@ -235,6 +237,7 @@ test_expect_success 'remove a repo with uninitialized submodule' '
+ '
+ 
+ test_expect_success 'not remove a repo with initialized submodule' '
++	test_config_global protocol.file.allow always &&
+ 	(
+ 		cd withsub &&
+ 		git worktree add to-remove HEAD &&
+diff --git a/t/t2405-worktree-submodule.sh b/t/t2405-worktree-submodule.sh
+index e1b2bfd..51120d5 100755
+--- a/t/t2405-worktree-submodule.sh
++++ b/t/t2405-worktree-submodule.sh
+@@ -7,6 +7,7 @@ test_description='Combination of submodules and multiple worktrees'
+ base_path=$(pwd -P)
+ 
+ test_expect_success 'setup: create origin repos'  '
++	git config --global protocol.file.allow always &&
+ 	git init origin/sub &&
+ 	test_commit -C origin/sub file1 &&
+ 	git init origin/main &&
+diff --git a/t/t3200-branch.sh b/t/t3200-branch.sh
+index 3ec3e1d..631a0b5 100755
+--- a/t/t3200-branch.sh
++++ b/t/t3200-branch.sh
+@@ -279,6 +279,7 @@ test_expect_success 'deleting checked-out branch from repo that is a submodule'
+ 	git init repo1 &&
+ 	git init repo1/sub &&
+ 	test_commit -C repo1/sub x &&
++	test_config_global protocol.file.allow always &&
+ 	git -C repo1 submodule add ./sub &&
+ 	git -C repo1 commit -m "adding sub" &&
+ 
+diff --git a/t/t3420-rebase-autostash.sh b/t/t3420-rebase-autostash.sh
+index ca33173..80df13a 100755
+--- a/t/t3420-rebase-autostash.sh
++++ b/t/t3420-rebase-autostash.sh
+@@ -307,7 +307,7 @@ test_expect_success 'autostash is saved on editor failure with conflict' '
+ test_expect_success 'autostash with dirty submodules' '
+ 	test_when_finished "git reset --hard && git checkout master" &&
+ 	git checkout -b with-submodule &&
+-	git submodule add ./ sub &&
++	git -c protocol.file.allow=always submodule add ./ sub &&
+ 	test_tick &&
+ 	git commit -m add-submodule &&
+ 	echo changed >sub/file0 &&
+diff --git a/t/t3426-rebase-submodule.sh b/t/t3426-rebase-submodule.sh
+index 0ad3a07..fb21f67 100755
+--- a/t/t3426-rebase-submodule.sh
++++ b/t/t3426-rebase-submodule.sh
+@@ -47,7 +47,8 @@ test_expect_success 'rebase interactive ignores modified submodules' '
+ 	git init sub &&
+ 	git -C sub commit --allow-empty -m "Initial commit" &&
+ 	git init super &&
+-	git -C super submodule add ../sub &&
++	git -c protocol.file.allow=always \
++		-C super submodule add ../sub &&
+ 	git -C super config submodule.sub.ignore dirty &&
+ 	>super/foo &&
+ 	git -C super add foo &&
+diff --git a/t/t3512-cherry-pick-submodule.sh b/t/t3512-cherry-pick-submodule.sh
+index 6ece1d8..697bc68 100755
+--- a/t/t3512-cherry-pick-submodule.sh
++++ b/t/t3512-cherry-pick-submodule.sh
+@@ -10,6 +10,8 @@ KNOWN_FAILURE_NOFF_MERGE_ATTEMPTS_TO_MERGE_REMOVED_SUBMODULE_FILES=1
+ test_submodule_switch "cherry-pick"
+ 
+ test_expect_success 'unrelated submodule/file conflict is ignored' '
++	test_config_global protocol.file.allow always &&
++
+ 	test_create_repo sub &&
+ 
+ 	touch sub/file &&
+diff --git a/t/t3600-rm.sh b/t/t3600-rm.sh
+index efec8d1..99dab76 100755
+--- a/t/t3600-rm.sh
++++ b/t/t3600-rm.sh
+@@ -321,7 +321,7 @@ test_expect_success 'rm removes empty submodules from work tree' '
+ 
+ test_expect_success 'rm removes removed submodule from index and .gitmodules' '
+ 	git reset --hard &&
+-	git submodule update &&
++	git -c protocol.file.allow=always submodule update &&
+ 	rm -rf submod &&
+ 	git rm submod &&
+ 	git status -s -uno --ignore-submodules=none >actual &&
+@@ -627,6 +627,7 @@ cat >expect.deepmodified <<EOF
+ EOF
+ 
+ test_expect_success 'setup subsubmodule' '
++	test_config_global protocol.file.allow always &&
+ 	git reset --hard &&
+ 	git submodule update &&
+ 	(
+diff --git a/t/t3906-stash-submodule.sh b/t/t3906-stash-submodule.sh
+index a52e53d..0f7348e 100755
+--- a/t/t3906-stash-submodule.sh
++++ b/t/t3906-stash-submodule.sh
+@@ -36,7 +36,7 @@ setup_basic () {
+ 	git init main &&
+ 	(
+ 		cd main &&
+-		git submodule add ../sub &&
++		git -c protocol.file.allow=always submodule add ../sub &&
+ 		test_commit main_file
+ 	)
+ }
+diff --git a/t/t4059-diff-submodule-not-initialized.sh b/t/t4059-diff-submodule-not-initialized.sh
+index 49bca7b..d489230 100755
+--- a/t/t4059-diff-submodule-not-initialized.sh
++++ b/t/t4059-diff-submodule-not-initialized.sh
+@@ -49,7 +49,7 @@ test_expect_success 'setup - submodules' '
+ '
+ 
+ test_expect_success 'setup - git submodule add' '
+-	git submodule add ./sm2 sm1 &&
++	git -c protocol.file.allow=always submodule add ./sm2 sm1 &&
+ 	commit_file sm1 .gitmodules &&
+ 	git diff-tree -p --no-commit-id --submodule=log HEAD -- sm1 >actual &&
+ 	cat >expected <<-EOF &&
+diff --git a/t/t4060-diff-submodule-option-diff-format.sh b/t/t4060-diff-submodule-option-diff-format.sh
+index fc8229c..57b1912 100755
+--- a/t/t4060-diff-submodule-option-diff-format.sh
++++ b/t/t4060-diff-submodule-option-diff-format.sh
+@@ -759,9 +759,9 @@ test_expect_success 'diff --submodule=diff with .git file' '
+ '
+ 
+ test_expect_success 'setup nested submodule' '
+-	git submodule add -f ./sm2 &&
++	git -c protocol.file.allow=always submodule add -f ./sm2 &&
+ 	git commit -a -m "add sm2" &&
+-	git -C sm2 submodule add ../sm2 nested &&
++	git -c protocol.file.allow=always -C sm2 submodule add ../sm2 nested &&
+ 	git -C sm2 commit -a -m "nested sub" &&
+ 	head10=$(git -C sm2 rev-parse --short --verify HEAD)
+ '
+diff --git a/t/t4067-diff-partial-clone.sh b/t/t4067-diff-partial-clone.sh
+index 804f2a8..28f42a4 100755
+--- a/t/t4067-diff-partial-clone.sh
++++ b/t/t4067-diff-partial-clone.sh
+@@ -77,6 +77,7 @@ test_expect_success 'diff skips same-OID blobs' '
+ 
+ test_expect_success 'when fetching missing objects, diff skips GITLINKs' '
+ 	test_when_finished "rm -rf sub server client trace" &&
++	test_config_global protocol.file.allow always &&
+ 
+ 	test_create_repo sub &&
+ 	test_commit -C sub first &&
+diff --git a/t/t4208-log-magic-pathspec.sh b/t/t4208-log-magic-pathspec.sh
+index 6cdbe47..aeaf0d5 100755
+--- a/t/t4208-log-magic-pathspec.sh
++++ b/t/t4208-log-magic-pathspec.sh
+@@ -126,6 +126,7 @@ test_expect_success 'command line pathspec parsing for "git log"' '
+ 
+ test_expect_success 'tree_entry_interesting does not match past submodule boundaries' '
+ 	test_when_finished "rm -rf repo submodule" &&
++	test_config_global protocol.file.allow always &&
+ 	git init submodule &&
+ 	test_commit -C submodule initial &&
+ 	git init repo &&
+diff --git a/t/t5510-fetch.sh b/t/t5510-fetch.sh
+index 2013051..b60ba0f 100755
+--- a/t/t5510-fetch.sh
++++ b/t/t5510-fetch.sh
+@@ -627,6 +627,7 @@ test_expect_success 'fetch.writeCommitGraph' '
+ '
+ 
+ test_expect_success 'fetch.writeCommitGraph with submodules' '
++	test_config_global protocol.file.allow always &&
+ 	git clone dups super &&
+ 	(
+ 		cd super &&
+diff --git a/t/t5526-fetch-submodules.sh b/t/t5526-fetch-submodules.sh
+index 53d7b8e..aa04eac 100755
+--- a/t/t5526-fetch-submodules.sh
++++ b/t/t5526-fetch-submodules.sh
+@@ -35,6 +35,7 @@ add_upstream_commit() {
+ }
+ 
+ test_expect_success setup '
++	git config --global protocol.file.allow always &&
+ 	mkdir deepsubmodule &&
+ 	(
+ 		cd deepsubmodule &&
+diff --git a/t/t5545-push-options.sh b/t/t5545-push-options.sh
+index 38e6f73..77ce917 100755
+--- a/t/t5545-push-options.sh
++++ b/t/t5545-push-options.sh
+@@ -113,6 +113,7 @@ test_expect_success 'push options and submodules' '
+ 	test_commit -C parent one &&
+ 	git -C parent push --mirror up &&
+ 
++	test_config_global protocol.file.allow always &&
+ 	git -C parent submodule add ../upstream workbench &&
+ 	git -C parent/workbench remote add up ../../upstream &&
+ 	git -C parent commit -m "add submodule" &&
+diff --git a/t/t5572-pull-submodule.sh b/t/t5572-pull-submodule.sh
+index 37fd06b..9b3b4af 100755
+--- a/t/t5572-pull-submodule.sh
++++ b/t/t5572-pull-submodule.sh
+@@ -46,6 +46,10 @@ KNOWN_FAILURE_NOFF_MERGE_DOESNT_CREATE_EMPTY_SUBMODULE_DIR=1
+ KNOWN_FAILURE_NOFF_MERGE_ATTEMPTS_TO_MERGE_REMOVED_SUBMODULE_FILES=1
+ test_submodule_switch_func "git_pull_noff"
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'pull --recurse-submodule setup' '
+ 	test_create_repo child &&
+ 	test_commit -C child bar &&
+diff --git a/t/t5601-clone.sh b/t/t5601-clone.sh
+index 7df3c53..50d4821 100755
+--- a/t/t5601-clone.sh
++++ b/t/t5601-clone.sh
+@@ -738,6 +738,7 @@ test_expect_success 'batch missing blob request does not inadvertently try to fe
+ 	echo aa >server/a &&
+ 	echo bb >server/b &&
+ 	# Also add a gitlink pointing to an arbitrary repository
++	test_config_global protocol.file.allow always &&
+ 	git -C server submodule add "$(pwd)/repo_for_submodule" c &&
+ 	git -C server add a b c &&
+ 	git -C server commit -m x &&
+diff --git a/t/t5604-clone-reference.sh b/t/t5604-clone-reference.sh
+index 2f7be23..9d32f1c 100755
+--- a/t/t5604-clone-reference.sh
++++ b/t/t5604-clone-reference.sh
+@@ -300,8 +300,6 @@ test_expect_success SYMLINKS 'setup repo with manually symlinked or unknown file
+ 		ln -s ../an-object $obj &&
+ 
+ 		cd ../ &&
+-		find . -type f | sort >../../../T.objects-files.raw &&
+-		find . -type l | sort >../../../T.objects-symlinks.raw &&
+ 		echo unknown_content >unknown_file
+ 	) &&
+ 	git -C T fsck &&
+@@ -310,19 +308,27 @@ test_expect_success SYMLINKS 'setup repo with manually symlinked or unknown file
+ 
+ 
+ test_expect_success SYMLINKS 'clone repo with symlinked or unknown files at objects/' '
+-	for option in --local --no-hardlinks --shared --dissociate
++	# None of these options work when cloning locally, since T has
++	# symlinks in its `$GIT_DIR/objects` directory
++	for option in --local --no-hardlinks --dissociate
+ 	do
+-		git clone $option T T$option || return 1 &&
+-		git -C T$option fsck || return 1 &&
+-		git -C T$option rev-list --all --objects >T$option.objects &&
+-		test_cmp T.objects T$option.objects &&
+-		(
+-			cd T$option/.git/objects &&
+-			find . -type f | sort >../../../T$option.objects-files.raw &&
+-			find . -type l | sort >../../../T$option.objects-symlinks.raw
+-		)
++		test_must_fail git clone $option T T$option 2>err || return 1 &&
++		test_i18ngrep "symlink.*exists" err || return 1
+ 	done &&
+ 
++	# But `--shared` clones should still work, even when specifying
++	# a local path *and* that repository has symlinks present in its
++	# `$GIT_DIR/objects` directory.
++	git clone --shared T T--shared &&
++	git -C T--shared fsck &&
++	git -C T--shared rev-list --all --objects >T--shared.objects &&
++	test_cmp T.objects T--shared.objects &&
++	(
++		cd T--shared/.git/objects &&
++		find . -type f | sort >../../../T--shared.objects-files.raw &&
++		find . -type l | sort >../../../T--shared.objects-symlinks.raw
++	) &&
++
+ 	for raw in $(ls T*.raw)
+ 	do
+ 		sed -e "s!/../!/Y/!; s![0-9a-f]\{38,\}!Z!" -e "/commit-graph/d" \
+@@ -330,26 +336,6 @@ test_expect_success SYMLINKS 'clone repo with symlinked or unknown files at obje
+ 		sort $raw.de-sha-1 >$raw.de-sha || return 1
+ 	done &&
+ 
+-	cat >expected-files <<-EOF &&
+-	./Y/Z
+-	./Y/Z
+-	./Y/Z
+-	./a-loose-dir/Z
+-	./an-object
+-	./info/packs
+-	./pack/pack-Z.idx
+-	./pack/pack-Z.pack
+-	./packs/pack-Z.idx
+-	./packs/pack-Z.pack
+-	./unknown_file
+-	EOF
+-
+-	for option in --local --no-hardlinks --dissociate
+-	do
+-		test_cmp expected-files T$option.objects-files.raw.de-sha || return 1 &&
+-		test_must_be_empty T$option.objects-symlinks.raw.de-sha || return 1
+-	done &&
+-
+ 	echo ./info/alternates >expected-files &&
+ 	test_cmp expected-files T--shared.objects-files.raw &&
+ 	test_must_be_empty T--shared.objects-symlinks.raw
+diff --git a/t/t5614-clone-submodules-shallow.sh b/t/t5614-clone-submodules-shallow.sh
+index e4e6ea4..d361738 100755
+--- a/t/t5614-clone-submodules-shallow.sh
++++ b/t/t5614-clone-submodules-shallow.sh
+@@ -24,6 +24,7 @@ test_expect_success 'setup' '
+ 
+ test_expect_success 'nonshallow clone implies nonshallow submodule' '
+ 	test_when_finished "rm -rf super_clone" &&
++	test_config_global protocol.file.allow always &&
+ 	git clone --recurse-submodules "file://$pwd/." super_clone &&
+ 	git -C super_clone log --oneline >lines &&
+ 	test_line_count = 3 lines &&
+@@ -33,6 +34,7 @@ test_expect_success 'nonshallow clone implies nonshallow submodule' '
+ 
+ test_expect_success 'shallow clone with shallow submodule' '
+ 	test_when_finished "rm -rf super_clone" &&
++	test_config_global protocol.file.allow always &&
+ 	git clone --recurse-submodules --depth 2 --shallow-submodules "file://$pwd/." super_clone &&
+ 	git -C super_clone log --oneline >lines &&
+ 	test_line_count = 2 lines &&
+@@ -42,6 +44,7 @@ test_expect_success 'shallow clone with shallow submodule' '
+ 
+ test_expect_success 'shallow clone does not imply shallow submodule' '
+ 	test_when_finished "rm -rf super_clone" &&
++	test_config_global protocol.file.allow always &&
+ 	git clone --recurse-submodules --depth 2 "file://$pwd/." super_clone &&
+ 	git -C super_clone log --oneline >lines &&
+ 	test_line_count = 2 lines &&
+@@ -51,6 +54,7 @@ test_expect_success 'shallow clone does not imply shallow submodule' '
+ 
+ test_expect_success 'shallow clone with non shallow submodule' '
+ 	test_when_finished "rm -rf super_clone" &&
++	test_config_global protocol.file.allow always &&
+ 	git clone --recurse-submodules --depth 2 --no-shallow-submodules "file://$pwd/." super_clone &&
+ 	git -C super_clone log --oneline >lines &&
+ 	test_line_count = 2 lines &&
+@@ -60,6 +64,7 @@ test_expect_success 'shallow clone with non shallow submodule' '
+ 
+ test_expect_success 'non shallow clone with shallow submodule' '
+ 	test_when_finished "rm -rf super_clone" &&
++	test_config_global protocol.file.allow always &&
+ 	git clone --recurse-submodules --no-local --shallow-submodules "file://$pwd/." super_clone &&
+ 	git -C super_clone log --oneline >lines &&
+ 	test_line_count = 3 lines &&
+@@ -69,6 +74,7 @@ test_expect_success 'non shallow clone with shallow submodule' '
+ 
+ test_expect_success 'clone follows shallow recommendation' '
+ 	test_when_finished "rm -rf super_clone" &&
++	test_config_global protocol.file.allow always &&
+ 	git config -f .gitmodules submodule.sub.shallow true &&
+ 	git add .gitmodules &&
+ 	git commit -m "recommend shallow for sub" &&
+@@ -87,6 +93,7 @@ test_expect_success 'clone follows shallow recommendation' '
+ 
+ test_expect_success 'get unshallow recommended shallow submodule' '
+ 	test_when_finished "rm -rf super_clone" &&
++	test_config_global protocol.file.allow always &&
+ 	git clone --no-local "file://$pwd/." super_clone &&
+ 	(
+ 		cd super_clone &&
+@@ -103,6 +110,7 @@ test_expect_success 'get unshallow recommended shallow submodule' '
+ 
+ test_expect_success 'clone follows non shallow recommendation' '
+ 	test_when_finished "rm -rf super_clone" &&
++	test_config_global protocol.file.allow always &&
+ 	git config -f .gitmodules submodule.sub.shallow false &&
+ 	git add .gitmodules &&
+ 	git commit -m "recommend non shallow for sub" &&
+diff --git a/t/t5616-partial-clone.sh b/t/t5616-partial-clone.sh
+index d98c550..a6138e8 100755
+--- a/t/t5616-partial-clone.sh
++++ b/t/t5616-partial-clone.sh
+@@ -171,6 +171,8 @@ test_expect_success 'partial clone with transfer.fsckobjects=1 works with submod
+ 	test_config -C src_with_sub uploadpack.allowfilter 1 &&
+ 	test_config -C src_with_sub uploadpack.allowanysha1inwant 1 &&
+ 
++	test_config_global protocol.file.allow always &&
++
+ 	git -C src_with_sub submodule add "file://$(pwd)/submodule" mysub &&
+ 	git -C src_with_sub commit -m "commit with submodule" &&
+ 
+diff --git a/t/t5617-clone-submodules-remote.sh b/t/t5617-clone-submodules-remote.sh
+index 1a041df..0152dc0 100755
+--- a/t/t5617-clone-submodules-remote.sh
++++ b/t/t5617-clone-submodules-remote.sh
+@@ -7,6 +7,7 @@ test_description='Test cloning repos with submodules using remote-tracking branc
+ pwd=$(pwd)
+ 
+ test_expect_success 'setup' '
++	git config --global protocol.file.allow always &&
+ 	git checkout -b master &&
+ 	test_commit commit1 &&
+ 	mkdir sub &&
+diff --git a/t/t6008-rev-list-submodule.sh b/t/t6008-rev-list-submodule.sh
+index c4af9ca..a65e5f2 100755
+--- a/t/t6008-rev-list-submodule.sh
++++ b/t/t6008-rev-list-submodule.sh
+@@ -23,7 +23,7 @@ test_expect_success 'setup' '
+ 
+ 	: > super-file &&
+ 	git add super-file &&
+-	git submodule add "$(pwd)" sub &&
++	git -c protocol.file.allow=always submodule add "$(pwd)" sub &&
+ 	git symbolic-ref HEAD refs/heads/super &&
+ 	test_tick &&
+ 	git commit -m super-initial &&
+diff --git a/t/t6134-pathspec-in-submodule.sh b/t/t6134-pathspec-in-submodule.sh
+index c670668..2fde65b 100755
+--- a/t/t6134-pathspec-in-submodule.sh
++++ b/t/t6134-pathspec-in-submodule.sh
+@@ -9,7 +9,7 @@ test_expect_success 'setup a submodule' '
+ 	: >pretzel/a &&
+ 	git -C pretzel add a &&
+ 	git -C pretzel commit -m "add a file" -- a &&
+-	git submodule add ./pretzel sub &&
++	git -c protocol.file.allow=always submodule add ./pretzel sub &&
+ 	git commit -a -m "add submodule" &&
+ 	git submodule deinit --all
+ '
+diff --git a/t/t7001-mv.sh b/t/t7001-mv.sh
+index 63d5f41..6156eeb 100755
+--- a/t/t7001-mv.sh
++++ b/t/t7001-mv.sh
+@@ -307,6 +307,7 @@ test_expect_success SYMLINKS 'check moved symlink' '
+ rm -f moved symlink
+ 
+ test_expect_success 'setup submodule' '
++	test_config_global protocol.file.allow always &&
+ 	git commit -m initial &&
+ 	git reset --hard &&
+ 	git submodule add ./. sub &&
+@@ -513,6 +514,7 @@ test_expect_success 'moving a submodule in nested directories' '
+ '
+ 
+ test_expect_success 'moving nested submodules' '
++	test_config_global protocol.file.allow always &&
+ 	git commit -am "cleanup commit" &&
+ 	mkdir sub_nested_nested &&
+ 	(cd sub_nested_nested &&
+diff --git a/t/t7064-wtstatus-pv2.sh b/t/t7064-wtstatus-pv2.sh
+index 601b478..2fdb6ec 100755
+--- a/t/t7064-wtstatus-pv2.sh
++++ b/t/t7064-wtstatus-pv2.sh
+@@ -462,6 +462,7 @@ test_expect_success 'create and add submodule, submodule appears clean (A. S...)
+ 	git checkout initial-branch &&
+ 	git clone . sub_repo &&
+ 	git clone . super_repo &&
++	test_config_global protocol.file.allow always &&
+ 	(	cd super_repo &&
+ 		git submodule add ../sub_repo sub1 &&
+ 
+diff --git a/t/t7300-clean.sh b/t/t7300-clean.sh
+index cb5e34d..713f113 100755
+--- a/t/t7300-clean.sh
++++ b/t/t7300-clean.sh
+@@ -480,6 +480,7 @@ test_expect_success 'should not clean submodules' '
+ 		git init &&
+ 		test_commit msg hello.world
+ 	) &&
++	test_config_global protocol.file.allow always &&
+ 	git submodule add ./repo/.git sub1 &&
+ 	git commit -m "sub1" &&
+ 	git branch before_sub2 &&
+diff --git a/t/t7400-submodule-basic.sh b/t/t7400-submodule-basic.sh
+index fec7e02..bf1a4df 100755
+--- a/t/t7400-submodule-basic.sh
++++ b/t/t7400-submodule-basic.sh
+@@ -11,6 +11,10 @@ subcommands of git submodule.
+ 
+ . ./test-lib.sh
+ 
++test_expect_success 'setup - enable local submodules' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'submodule deinit works on empty repository' '
+ 	git submodule deinit --all
+ '
+diff --git a/t/t7403-submodule-sync.sh b/t/t7403-submodule-sync.sh
+index 0726799..3bc904b 100755
+--- a/t/t7403-submodule-sync.sh
++++ b/t/t7403-submodule-sync.sh
+@@ -11,6 +11,8 @@ These tests exercise the "git submodule sync" subcommand.
+ . ./test-lib.sh
+ 
+ test_expect_success setup '
++	git config --global protocol.file.allow always &&
++
+ 	echo file >file &&
+ 	git add file &&
+ 	test_tick &&
+diff --git a/t/t7406-submodule-update.sh b/t/t7406-submodule-update.sh
+index acb8766..328b9b7 100755
+--- a/t/t7406-submodule-update.sh
++++ b/t/t7406-submodule-update.sh
+@@ -22,6 +22,7 @@ compare_head()
+ 
+ 
+ test_expect_success 'setup a submodule tree' '
++	git config --global protocol.file.allow always &&
+ 	echo file > file &&
+ 	git add file &&
+ 	test_tick &&
+diff --git a/t/t7407-submodule-foreach.sh b/t/t7407-submodule-foreach.sh
+index 6b2aa91..a3404ac 100755
+--- a/t/t7407-submodule-foreach.sh
++++ b/t/t7407-submodule-foreach.sh
+@@ -13,6 +13,7 @@ that are currently checked out.
+ 
+ 
+ test_expect_success 'setup a submodule tree' '
++	git config --global protocol.file.allow always &&
+ 	echo file > file &&
+ 	git add file &&
+ 	test_tick &&
+diff --git a/t/t7408-submodule-reference.sh b/t/t7408-submodule-reference.sh
+index a3892f4..02feb85 100755
+--- a/t/t7408-submodule-reference.sh
++++ b/t/t7408-submodule-reference.sh
+@@ -17,6 +17,10 @@ test_alternate_is_used () {
+ 	test_cmp expect actual
+ }
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'preparing first repository' '
+ 	test_create_repo A &&
+ 	(
+diff --git a/t/t7409-submodule-detached-work-tree.sh b/t/t7409-submodule-detached-work-tree.sh
+index fc018e3..e12eed5 100755
+--- a/t/t7409-submodule-detached-work-tree.sh
++++ b/t/t7409-submodule-detached-work-tree.sh
+@@ -12,6 +12,10 @@ on detached working trees
+ TEST_NO_CREATE_REPO=1
+ . ./test-lib.sh
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'submodule on detached working tree' '
+ 	git init --bare remote &&
+ 	test_create_repo bundle1 &&
+diff --git a/t/t7411-submodule-config.sh b/t/t7411-submodule-config.sh
+index ad28e93..c583c4e 100755
+--- a/t/t7411-submodule-config.sh
++++ b/t/t7411-submodule-config.sh
+@@ -12,6 +12,9 @@ from the database and from the worktree works.
+ TEST_NO_CREATE_REPO=1
+ . ./test-lib.sh
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
+ test_expect_success 'submodule config cache setup' '
+ 	mkdir submodule &&
+ 	(cd submodule &&
+diff --git a/t/t7413-submodule-is-active.sh b/t/t7413-submodule-is-active.sh
+index c8e7e98..c8b5ac2 100755
+--- a/t/t7413-submodule-is-active.sh
++++ b/t/t7413-submodule-is-active.sh
+@@ -9,6 +9,7 @@ submodules which are "active" and interesting to the user.
+ . ./test-lib.sh
+ 
+ test_expect_success 'setup' '
++	git config --global protocol.file.allow always &&
+ 	git init sub &&
+ 	test_commit -C sub initial &&
+ 	git init super &&
+diff --git a/t/t7414-submodule-mistakes.sh b/t/t7414-submodule-mistakes.sh
+index f2e7df5..cf95603 100755
+--- a/t/t7414-submodule-mistakes.sh
++++ b/t/t7414-submodule-mistakes.sh
+@@ -30,7 +30,8 @@ test_expect_success 'no warning when updating entry' '
+ 
+ test_expect_success 'submodule add does not warn' '
+ 	test_when_finished "git rm -rf submodule .gitmodules" &&
+-	git submodule add ./embed submodule 2>stderr &&
++	git -c protocol.file.allow=always \
++		submodule add ./embed submodule 2>stderr &&
+ 	test_i18ngrep ! warning stderr
+ '
+ 
+diff --git a/t/t7415-submodule-names.sh b/t/t7415-submodule-names.sh
+index f70368b..f37456f 100755
+--- a/t/t7415-submodule-names.sh
++++ b/t/t7415-submodule-names.sh
+@@ -8,6 +8,10 @@ real-world setup that confirms we catch this in practice.
+ . ./test-lib.sh
+ . "$TEST_DIRECTORY"/lib-pack.sh
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'check names' '
+ 	cat >expect <<-\EOF &&
+ 	valid
+diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh
+index d21dc8b..3ebd985 100755
+--- a/t/t7416-submodule-dash-url.sh
++++ b/t/t7416-submodule-dash-url.sh
+@@ -3,6 +3,10 @@
+ test_description='check handling of disallowed .gitmodule urls'
+ . ./test-lib.sh
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'create submodule with protected dash in url' '
+ 	git init upstream &&
+ 	git -C upstream commit --allow-empty -m base &&
+diff --git a/t/t7417-submodule-path-url.sh b/t/t7417-submodule-path-url.sh
+index f7e7e94..b17d180 100755
+--- a/t/t7417-submodule-path-url.sh
++++ b/t/t7417-submodule-path-url.sh
+@@ -3,6 +3,10 @@
+ test_description='check handling of .gitmodule path with dash'
+ . ./test-lib.sh
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'create submodule with dash in path' '
+ 	git init upstream &&
+ 	git -C upstream commit --allow-empty -m base &&
+diff --git a/t/t7418-submodule-sparse-gitmodules.sh b/t/t7418-submodule-sparse-gitmodules.sh
+index 3f7f271..16331c3 100755
+--- a/t/t7418-submodule-sparse-gitmodules.sh
++++ b/t/t7418-submodule-sparse-gitmodules.sh
+@@ -14,6 +14,10 @@ also by committing .gitmodules and then just removing it from the filesystem.
+ 
+ . ./test-lib.sh
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'sparse checkout setup which hides .gitmodules' '
+ 	git init upstream &&
+ 	git init submodule &&
+diff --git a/t/t7419-submodule-set-branch.sh b/t/t7419-submodule-set-branch.sh
+index 3b925c3..5357093 100755
+--- a/t/t7419-submodule-set-branch.sh
++++ b/t/t7419-submodule-set-branch.sh
+@@ -12,6 +12,10 @@ as expected.
+ TEST_NO_CREATE_REPO=1
+ . ./test-lib.sh
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'submodule config cache setup' '
+ 	mkdir submodule &&
+ 	(cd submodule &&
+diff --git a/t/t7420-submodule-set-url.sh b/t/t7420-submodule-set-url.sh
+index ef0cb6e..d6bf62b 100755
+--- a/t/t7420-submodule-set-url.sh
++++ b/t/t7420-submodule-set-url.sh
+@@ -12,6 +12,10 @@ as expected.
+ TEST_NO_CREATE_REPO=1
+ . ./test-lib.sh
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'submodule config cache setup' '
+ 	mkdir submodule &&
+ 	(
+diff --git a/t/t7421-submodule-summary-add.sh b/t/t7421-submodule-summary-add.sh
+index b070f13..ce64d8b 100755
+--- a/t/t7421-submodule-summary-add.sh
++++ b/t/t7421-submodule-summary-add.sh
+@@ -12,6 +12,10 @@ while making sure to add submodules using `git submodule add` instead of
+ 
+ . ./test-lib.sh
+ 
++test_expect_success 'setup' '
++	git config --global protocol.file.allow always
++'
++
+ test_expect_success 'summary test environment setup' '
+ 	git init sm &&
+ 	test_commit -C sm "add file" file file-content file-tag &&
+diff --git a/t/t7506-status-submodule.sh b/t/t7506-status-submodule.sh
+index 3fcb447..459300c 100755
+--- a/t/t7506-status-submodule.sh
++++ b/t/t7506-status-submodule.sh
+@@ -251,6 +251,7 @@ test_expect_success 'status with merge conflict in .gitmodules' '
+ 	test_create_repo_with_commit sub1 &&
+ 	test_tick &&
+ 	test_create_repo_with_commit sub2 &&
++	test_config_global protocol.file.allow always &&
+ 	(
+ 		cd super &&
+ 		prev=$(git rev-parse HEAD) &&
+@@ -326,6 +327,7 @@ test_expect_success 'diff --submodule with merge conflict in .gitmodules' '
+ # sub2 will have an untracked file
+ # sub3 will have an untracked repository
+ test_expect_success 'setup superproject with untracked file in nested submodule' '
++	test_config_global protocol.file.allow always &&
+ 	(
+ 		cd super &&
+ 		git clean -dfx &&
+diff --git a/t/t7507-commit-verbose.sh b/t/t7507-commit-verbose.sh
+index ed2653d..bd0ae4b 100755
+--- a/t/t7507-commit-verbose.sh
++++ b/t/t7507-commit-verbose.sh
+@@ -74,6 +74,7 @@ test_expect_success 'diff in message is retained with -v' '
+ 
+ test_expect_success 'submodule log is stripped out too with -v' '
+ 	git config diff.submodule log &&
++	test_config_global protocol.file.allow always &&
+ 	git submodule add ./. sub &&
+ 	git commit -m "sub added" &&
+ 	(
+diff --git a/t/t7800-difftool.sh b/t/t7800-difftool.sh
+index a578b35..cca5069 100755
+--- a/t/t7800-difftool.sh
++++ b/t/t7800-difftool.sh
+@@ -626,6 +626,7 @@ test_expect_success 'difftool --no-symlinks detects conflict ' '
+ 
+ test_expect_success 'difftool properly honors gitlink and core.worktree' '
+ 	test_when_finished rm -rf submod/ule &&
++	test_config_global protocol.file.allow always &&
+ 	git submodule add ./. submod/ule &&
+ 	test_config -C submod/ule diff.tool checktrees &&
+ 	test_config -C submod/ule difftool.checktrees.cmd '\''
+diff --git a/t/t7814-grep-recurse-submodules.sh b/t/t7814-grep-recurse-submodules.sh
+index 828cb3b..f465c0d 100755
+--- a/t/t7814-grep-recurse-submodules.sh
++++ b/t/t7814-grep-recurse-submodules.sh
+@@ -193,6 +193,7 @@ test_expect_success !MINGW 'grep recurse submodule colon in name' '
+ 	git -C "su:b" commit -m "add fi:le" &&
+ 	test_tick &&
+ 
++	test_config_global protocol.file.allow always &&
+ 	git -C parent submodule add "../su:b" "su:b" &&
+ 	git -C parent commit -m "add submodule" &&
+ 	test_tick &&
+@@ -227,6 +228,7 @@ test_expect_success 'grep history with moved submoules' '
+ 	git -C sub commit -m "add file" &&
+ 	test_tick &&
+ 
++	test_config_global protocol.file.allow always &&
+ 	git -C parent submodule add ../sub dir/sub &&
+ 	git -C parent commit -m "add submodule" &&
+ 	test_tick &&
+@@ -271,6 +273,7 @@ test_expect_success 'grep using relative path' '
+ 	mkdir parent/src &&
+ 	echo "(1|2)d(3|4)" >parent/src/file2 &&
+ 	git -C parent add src/file2 &&
++	test_config_global protocol.file.allow always &&
+ 	git -C parent submodule add ../sub &&
+ 	git -C parent commit -m "add files and submodule" &&
+ 	test_tick &&
+@@ -313,6 +316,7 @@ test_expect_success 'grep from a subdir' '
+ 	mkdir parent/src &&
+ 	echo "(1|2)d(3|4)" >parent/src/file &&
+ 	git -C parent add src/file &&
++	test_config_global protocol.file.allow always &&
+ 	git -C parent submodule add ../sub src/sub &&
+ 	git -C parent submodule add ../sub sub &&
+ 	git -C parent commit -m "add files and submodules" &&
+diff --git a/t/t9304-fast-import-marks.sh b/t/t9304-fast-import-marks.sh
+index d4359db..73f3ca2 100755
+--- a/t/t9304-fast-import-marks.sh
++++ b/t/t9304-fast-import-marks.sh
+@@ -25,6 +25,7 @@ test_expect_success 'import with large marks file' '
+ '
+ 
+ test_expect_success 'setup dump with submodule' '
++	test_config_global protocol.file.allow always &&
+ 	git submodule add "$PWD" sub &&
+ 	git commit -m "add submodule" &&
+ 	git fast-export HEAD >dump
+diff --git a/t/t9350-fast-export.sh b/t/t9350-fast-export.sh
+index 1372842..703428f 100755
+--- a/t/t9350-fast-export.sh
++++ b/t/t9350-fast-export.sh
+@@ -265,6 +265,7 @@ test_expect_success 'signed-tags=warn-strip' '
+ 
+ test_expect_success 'setup submodule' '
+ 
++	test_config_global protocol.file.allow always &&
+ 	git checkout -f master &&
+ 	mkdir sub &&
+ 	(
+@@ -290,6 +291,7 @@ test_expect_success 'setup submodule' '
+ 
+ test_expect_success 'submodule fast-export | fast-import' '
+ 
++	test_config_global protocol.file.allow always &&
+ 	SUBENT1=$(git ls-tree master^ sub) &&
+ 	SUBENT2=$(git ls-tree master sub) &&
+ 	rm -rf new &&
+diff --git a/transport.c b/transport.c
+index 679a35e..d2e3a90 100644
+--- a/transport.c
++++ b/transport.c
+@@ -964,8 +964,7 @@ static enum protocol_allow_config get_protocol_config(const char *type)
+ 	if (!strcmp(type, "http") ||
+ 	    !strcmp(type, "https") ||
+ 	    !strcmp(type, "git") ||
+-	    !strcmp(type, "ssh") ||
+-	    !strcmp(type, "file"))
++	    !strcmp(type, "ssh"))
+ 		return PROTOCOL_ALLOW_ALWAYS;
+ 
+ 	/* known scary; err on the side of caution */