Skip to content

Comments

Validate wheel NAME/VERSION before use in git commands in python-release.yml#47

Merged
pmalarme merged 2 commits intofeature/add-documentation-and-copilot-instructionsfrom
copilot/sub-pr-18-again
Feb 19, 2026
Merged

Validate wheel NAME/VERSION before use in git commands in python-release.yml#47
pmalarme merged 2 commits intofeature/add-documentation-and-copilot-instructionsfrom
copilot/sub-pr-18-again

Conversation

Copy link
Contributor

Copilot AI commented Feb 19, 2026
edited
Loading

NAME and VERSION extracted from wheel filenames were flowing into git tag, git log, and shell constructs without format validation. A malformed build output or CI misconfiguration could introduce unexpected values.

Summary

Adds a format validation guard immediately after NAME/VERSION extraction in the release loop. Any wheel whose filename fields don't match the expected patterns is skipped with a ::error:: annotation rather than passed to git commands.

if [[ ! "$NAME" =~ ^[a-zA-Z0-9_-]+$ ]] || [[ ! "$VERSION" =~ ^[0-9a-zA-Z._-]+$ ]]; then
  echo "::error::Unexpected wheel name/version format in '${BASENAME}' — skipping." >&2
  continue
fi

Testing

  • Not run (why?)
  • uv run poe check
  • Other: CodeQL scan — 0 alerts

Checklist

  • Linked issue or task reference
  • Added/updated tests where relevant
  • Updated docs/README if needed
  • No secrets or sensitive data added
  • Considered backward compatibility and deployment impact

Additional context

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI mentioned this pull request Feb 19, 2026
Closed
8 tasks
@pmalarme
Add NAME/VERSION format validation in python-release.yml
3f3f6e8 
Co-authored-by: pmalarme <686568+pmalarme@users.noreply.github.com>
Copilot AI changed the title [WIP] Address feedback on documentation and copilot instructions Validate wheel NAME/VERSION before use in git commands in python-release.yml Feb 19, 2026
Copilot AI requested a review from pmalarme February 19, 2026 15:27
@pmalarme pmalarme marked this pull request as ready for review February 19, 2026 15:28
@pmalarme pmalarme merged commit 6b2208f into feature/add-documentation-and-copilot-instructions Feb 19, 2026
@pmalarme pmalarme deleted the copilot/sub-pr-18-again branch February 19, 2026 15:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pmalarme pmalarme Awaiting requested review from pmalarme

Assignees

@pmalarme pmalarme

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pmalarme