CI: Make parents of PATH directories world-unwritable

2025-01-14 11:26:25 +09:00 · 2025-01-14 11:26:25 +09:00 · d74e9ef712
commit d74e9ef712
parent 8891890bff
1 changed files with 9 additions and 2 deletions
--- a/.github/actions/setup/directories/action.yml
+++ b/.github/actions/setup/directories/action.yml
@ -140,8 +140,15 @@ runs:
      run: |
        sudo chmod -R go-w /usr/share
        chmod -v go-w $HOME $HOME/.config || :
-        SAVE_IFS="$IFS" IFS=:; set $PATH; dirs=() IFS="$SAVE_IFS"
-        for d do [ ! -d "$d" ] || dirs+=("$d"); done
+        declare -a dirs # -A is not supported by old bash, e.g. macos
+        SAVE_IFS="$IFS" IFS=:; set $PATH
+        for d do
+          while [ -d "$d" ]; do
+            case "$IFS${dirs[*]}$IFS" in *"$IFS$d$IFS"*) ;; *) dirs+=("$d");; esac
+            d="${d%/*}"
+          done
+        done
+        IFS="$SAVE_IFS"
        sudo chmod -v go-w "${dirs[@]}" || :

    - if: inputs.dummy-files == 'true'