Skip to content

Commit d81d4d1

Browse files
ldezldez
committed
review: sanitize and comment
1 parent ef8d7a4 commit d81d4d1

File tree

2 files changed

+70
-4
lines changed

2 files changed

+70
-4
lines changed

pkg/commands/internal/builder.go

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ import (
1010
"runtime"
1111
"strings"
1212
"time"
13+
"unicode"
1314

1415
"github.com/golangci/golangci-lint/pkg/logutils"
1516
)
@@ -84,9 +85,9 @@ func (b Builder) Build(ctx context.Context) error {
8485
}
8586

8687
func (b Builder) clone(ctx context.Context) error {
87-
//nolint:gosec
88+
//nolint:gosec // the variable is sanitized.
8889
cmd := exec.CommandContext(ctx,
89-
"git", "clone", "--branch", b.cfg.Version,
90+
"git", "clone", "--branch", sanitizeVersion(b.cfg.Version),
9091
"--single-branch", "--depth", "1", "-c advice.detachedHead=false", "-q",
9192
"https://github.com/golangci/golangci-lint.git",
9293
)
@@ -141,12 +142,12 @@ func (b Builder) goModTidy(ctx context.Context) error {
141142
}
142143

143144
func (b Builder) goBuild(ctx context.Context, binaryName string) error {
144-
//nolint:gosec
145+
//nolint:gosec // the variable is sanitized.
145146
cmd := exec.CommandContext(ctx, "go", "build",
146147
"-ldflags",
147148
fmt.Sprintf(
148149
"-s -w -X 'main.version=%s-mygcl' -X 'main.date=%s'",
149-
b.cfg.Version, time.Now().UTC().String(),
150+
sanitizeVersion(b.cfg.Version), time.Now().UTC().String(),
150151
),
151152
"-o", binaryName,
152153
"./cmd/golangci-lint",
@@ -208,3 +209,11 @@ func (b Builder) getBinaryName() string {
208209

209210
return name
210211
}
212+
213+
func sanitizeVersion(v string) string {
214+
fn := func(c rune) bool {
215+
return !(unicode.IsLetter(c) || unicode.IsNumber(c) || c == '.' || c == '/')
216+
}
217+
218+
return strings.Join(strings.FieldsFunc(v, fn), "")
219+
}

pkg/commands/internal/builder_test.go

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
package internal
2+
3+
import (
4+
"testing"
5+
6+
"github.com/stretchr/testify/assert"
7+
)
8+
9+
func Test_sanitizeVersion(t *testing.T) {
10+
testCases := []struct {
11+
desc string
12+
input string
13+
expected string
14+
}{
15+
{
16+
desc: "ampersand",
17+
input: " te&st",
18+
expected: "test",
19+
},
20+
{
21+
desc: "pipe",
22+
input: " te|st",
23+
expected: "test",
24+
},
25+
{
26+
desc: "version",
27+
input: "v1.2.3",
28+
expected: "v1.2.3",
29+
},
30+
{
31+
desc: "branch",
32+
input: "feat/test",
33+
expected: "feat/test",
34+
},
35+
{
36+
desc: "branch",
37+
input: "value --key",
38+
expected: "valuekey",
39+
},
40+
{
41+
desc: "hash",
42+
input: "cd8b1177",
43+
expected: "cd8b1177",
44+
},
45+
}
46+
47+
for _, test := range testCases {
48+
test := test
49+
t.Run(test.desc, func(t *testing.T) {
50+
t.Parallel()
51+
52+
v := sanitizeVersion(test.input)
53+
54+
assert.Equal(t, test.expected, v)
55+
})
56+
}
57+
}

0 commit comments

Comments
 (0)