CI package jobs: workaround for git security fix

https://github.blog/2022-04-12-git-security-vulnerability-announced/

We could chown the build directory to our own user, but that's
relatively slow. Since we fully control the environment (relatively
speaking, we're still running on other's machines), the vulnerability
doesn't affect this particular use case.

diff --git a/.ci/package/build.sh b/.ci/package/build.sh
index 9c3748b..400d84c 100755 (executable)
--- a/.ci/package/build.sh
+++ b/.ci/package/build.sh
@@ -5,6 +5,11 @@ set -eu
 build_linux() {
   . /etc/os-release
 
+  # https://github.com/actions/checkout/issues/760
+  git config --global --add safe.directory "$PWD" || true
+  GIT_CEILING_DIRECTORIES=$PWD
+  export GIT_CEILING_DIRECTORIES
+
   case "$ID" in
   debian | ubuntu)
     bash .ci/package/deb/build.sh