Issue Summary

When Fisheye is installed on Windows with Git 2.35.2 or newer versions, new commits and branches in Git are not visible in Fisheye. This issue occurs due to a security update in Git, as detailed in Error "fatal: unsafe repository" occurs when accessing a repository. Currently Fisheye supports Git up to Git 2.35.1, it will be helpful if Fisheye supports a version above Git 2.35.1 as this will enable customers avoid the effect of the CVE on previous versions of Git.

Expected Results

New changes in a Git repository should be visible in Fisheye when using Git version Git 2.35.2 or newer.

Actual Results

Changes made in Git repositories are not visible in Fisheye. During incremental indexing of a Git repo the warning below is thrown in the atlassian-fisheye.log file:

2022-08-12 00:22:46,288 WARN  [IncrPing3 repo ] fisheye IndexingPingRequest-doRequest - Exception during Fisheye Incremental Indexing of repo (repo): com.cenqua.fisheye.config.ConfigException: com.atlassian.fisheye.dvcs.handler.DvcsProcessException: Error while communicating with VCS: fatal: detected dubious ownership in repository at 'D:/Crucible/data/var/cache/repo/clone'
    To add an exception for this directory, call:
    
    	git config --global --add safe.directory D:/Crucible/data/var/cache/repo/clone
    
    Set the environment variable GIT_TEST_DEBUG_UNSAFE_DIRECTORIES=true and run
    again for more information.

Workaround

There are two workarounds available:

1) Downgrade Git to a version before 2.35.2. And to protect against the vulnerability in Git versions prior to 2.35.2:

Create the folder .git on all drives where Git commands are run, and remove read/write access from those folders:
mkdir \.git icacls \.git /inheritance:r

2) Alternatively, define or extend GIT_CEILING_DIRECTORIES to cover the parent directory of the user profile, e.g. C:\Users if the user profile is located in C:\Users\my-user-name.