git: improve file path validation in add operation

Add validation to ensure file paths are within repository boundaries before staging. This prevents potential issues with relative paths and improves overall robustness of the git_add function.
2026-04-17 21:54:05 +02:00 · 2025-12-29 15:33:42 -08:00
parent dcb47d2d94
commit 3269185eb7
1 changed files with 8 additions and 0 deletions
--- a/src/git/src/mcp_server_git/server.py
+++ b/src/git/src/mcp_server_git/server.py
@@ -132,6 +132,14 @@ def git_add(repo: git.Repo, files: list[str]) -> str:
    if files == ["."]:
        repo.git.add(".")
    else:
+        # Validate paths are within repository before adding
+        for file in files:
+            try:
+                repo.git.check_attr('-a', file)
+            except git.exc.GitCommandError as e:
+                if 'outside repository' in str(e):
+                    raise ValueError(f"Path '{file}' is outside repository")
+                raise
        repo.index.add(files)
    return "Files staged successfully"