Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: handle map in workflows #1438

Merged
merged 4 commits into from
Dec 3, 2022
Merged

fix: handle map in workflows #1438

merged 4 commits into from
Dec 3, 2022

Conversation

cbrzn
Copy link
Contributor

@cbrzn cbrzn commented Dec 1, 2022
edited
Loading

closes: #1429

github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 1, 2022
View reviewed changes
packages/cli/src/lib/helpers/workflow-validator.ts
`cue vet -d ${selector} ${validateScriptPath} ${jsonOutput}`,
logger
);
const args = [selector, validateScriptPath, jsonOutput];

Check warning

Code scanning / CodeQL

Unsafe shell command constructed from library input

This array element which depends on [library input](1) is later used in a [shell command](2).
packages/cli/src/lib/helpers/workflow-validator.ts
`cue vet -d ${selector} ${validateScriptPath} ${jsonOutput}`,
logger
);
const args = [selector, validateScriptPath, jsonOutput];

Check warning

Code scanning / CodeQL

Unsafe shell command constructed from library input

This array element which depends on [library input](1) is later used in a [shell command](2).
packages/cli/src/lib/helpers/workflow-validator.ts
`cue vet -d ${selector} ${validateScriptPath} ${jsonOutput}`,
logger
);
const args = [selector, validateScriptPath, jsonOutput];

Check warning

Code scanning / CodeQL

Unsafe shell command constructed from library input

This array element which depends on [library input](1) is later used in a [shell command](2).
packages/cli/src/lib/helpers/workflow-validator.ts
logger
);
const args = [selector, validateScriptPath, jsonOutput];
const { stderr } = runCommandSync(`cue vet -d ${args.join(" ")}`, logger);

Check warning

Code scanning / CodeQL

Unsafe shell command constructed from library input

This string concatenation which depends on [library input](1) is later used in a [shell command](2). This string concatenation which depends on [library input](3) is later used in a [shell command](2).
@lgtm-com
Copy link

lgtm-com bot commented Dec 1, 2022

This pull request introduces 3 alerts and fixes 2 when merging 65122c6 into 7ff0c19 - view on LGTM.com

new alerts:

  • 3 for Unsafe shell command constructed from library input

fixed alerts:

  • 2 for Unsafe shell command constructed from library input

Heads-up: LGTM.com's PR analysis will be disabled on the 5th of December, and LGTM.com will be shut down ⏻ completely on the 16th of December 2022. Please enable GitHub code scanning, which uses the same CodeQL engine ⚙️ that powers LGTM.com. For more information, please check out our post on the GitHub blog.

@dOrgJelli dOrgJelli merged commit a91e100 into origin-dev Dec 3, 2022
@dOrgJelli dOrgJelli deleted the fix/map-return-in-workflows branch April 10, 2023 17:01
@dOrgJelli dOrgJelli mentioned this pull request Apr 14, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dOrgJelli dOrgJelli dOrgJelli approved these changes

@krisbitney krisbitney Awaiting requested review from krisbitney

@namesty namesty Awaiting requested review from namesty namesty is a code owner

@nerfZael nerfZael Awaiting requested review from nerfZael

@Niraj-Kamdar Niraj-Kamdar Awaiting requested review from Niraj-Kamdar

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Map should be converted to object when used in workflow
2 participants
@cbrzn @dOrgJelli