fix(framework/tools): eval injection, broken JSON, tmpfile leak (#549)
This commit was merged in pull request #549.
This commit is contained in:
@@ -98,27 +98,32 @@ case "$PLATFORM" in
|
||||
;;
|
||||
gitea)
|
||||
# tea issue edit syntax
|
||||
REPO_ARGS=$(get_gitea_repo_args) || {
|
||||
echo "Error: Could not resolve Gitea repo/login args for remote host" >&2
|
||||
REPO_SLUG=$(get_repo_slug) || {
|
||||
echo "Error: Could not resolve Gitea repo slug from remote" >&2
|
||||
exit 1
|
||||
}
|
||||
CMD="tea issue edit $ISSUE $REPO_ARGS"
|
||||
REPO_LOGIN=$(get_gitea_login) || {
|
||||
echo "Error: Could not resolve Gitea login for remote host" >&2
|
||||
exit 1
|
||||
}
|
||||
REPO_ARGS=(--repo "$REPO_SLUG" --login "$REPO_LOGIN")
|
||||
CMD=(tea issue edit "$ISSUE" "${REPO_ARGS[@]}")
|
||||
NEEDS_EDIT=false
|
||||
|
||||
if [[ -n "$ASSIGNEE" ]]; then
|
||||
# tea uses --assignees flag
|
||||
CMD="$CMD --assignees \"$ASSIGNEE\""
|
||||
CMD+=(--assignees "$ASSIGNEE")
|
||||
NEEDS_EDIT=true
|
||||
fi
|
||||
if [[ -n "$LABELS" ]]; then
|
||||
# tea uses --labels flag (replaces existing)
|
||||
CMD="$CMD --labels \"$LABELS\""
|
||||
CMD+=(--labels "$LABELS")
|
||||
NEEDS_EDIT=true
|
||||
fi
|
||||
if [[ -n "$MILESTONE" ]]; then
|
||||
MILESTONE_ID=$(tea milestones list $REPO_ARGS 2>/dev/null | grep -E "^\s*[0-9]+" | grep "$MILESTONE" | awk '{print $1}' | head -1)
|
||||
MILESTONE_ID=$(tea milestones list "${REPO_ARGS[@]}" 2>/dev/null | grep -E "^\s*[0-9]+" | grep "$MILESTONE" | awk '{print $1}' | head -1)
|
||||
if [[ -n "$MILESTONE_ID" ]]; then
|
||||
CMD="$CMD --milestone $MILESTONE_ID"
|
||||
CMD+=(--milestone "$MILESTONE_ID")
|
||||
NEEDS_EDIT=true
|
||||
else
|
||||
echo "Warning: Could not find milestone '$MILESTONE'" >&2
|
||||
@@ -126,7 +131,7 @@ case "$PLATFORM" in
|
||||
fi
|
||||
|
||||
if [[ "$NEEDS_EDIT" == true ]]; then
|
||||
eval "$CMD"
|
||||
"${CMD[@]}"
|
||||
echo "Issue #$ISSUE updated successfully"
|
||||
else
|
||||
echo "No changes specified"
|
||||
|
||||
Reference in New Issue
Block a user