STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11279 commits 87 branches 0 tags 160 MiB
Commit graph

5446 commits

Author SHA1 Message Date
Andy Feller
cdfc12caf5 Expand logic and tests to handle edge cases 
This commit expands filepathDescendsFrom(string, string) to handle edge cases such as mixing absolute and relative paths or artifact name edge cases.

Additionally, tests for filepathDescendsFrom() and downloadrun() have been expanded to verify additional use cases.
 2024-11-22 15:26:11 -05:00
Kynan Ware
ae87caf8d6
Merge pull request #9948 from cli/kw/use-heredoc-for-several-command-docs 
Fix some multiline command documentation to use `heredoc` strings
 2024-11-22 10:11:32 -07:00
Meredith Lancaster
862786cca6 Merge branch 'trunk' into print-policy-info 2024-11-22 09:10:19 -07:00
Phill MV
6a9a1f0143 Merge branch 'trunk' into phillmv/improve-gh-at-inspect 2024-11-22 11:09:48 -05:00
Phill MV
583a3ac656 Merge branch 'trunk' into phillmv/improve-gh-at-inspect 2024-11-22 11:09:19 -05:00
Meredith Lancaster
f92d703554 pr feedback 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 15:40:15 -07:00
Meredith Lancaster
0fd09eb5ff pr feedback 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 15:30:41 -07:00
Meredith Lancaster
fed3c8142c
Update pkg/cmd/attestation/verify/attestation_integration_test.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-11-21 15:20:44 -07:00
Andy Feller
e7c5706336 Refactor download testing, simpler file descends 
This incorporates the work done by @williammartin to improve reasoning about `gh run download` behavior through testing while verifying a simpler solution to checking if a path is contained within a directory.
 2024-11-21 17:07:27 -05:00
Kynan Ware
74f13a9b4f
Apply suggestions from code review 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-11-21 13:55:35 -07:00
bagtoad
677ed2cdcf Refactor command documentation to use heredoc 2024-11-21 13:23:03 -07:00
Meredith Lancaster
27a268cf17
Merge branch 'trunk' into verify-result-processing 2024-11-21 10:07:03 -07:00
Meredith Lancaster
2d41225dd5 pr feedback 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 09:11:18 -07:00
Meredith Lancaster
28565dc1f8 remove unused test file 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 08:58:55 -07:00
Meredith Lancaster
7a271b008a undo change 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 08:58:23 -07:00
Meredith Lancaster
4d277df559 add more testing testing fixtures 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 08:43:21 -07:00
bagtoad
b5f3463b75 Improve error handling for missing executable 
Check for executable file existence using os.IsNotExist for clearer error handling
 2024-11-20 16:03:03 -07:00
Meredith Lancaster
19afe453c7 update test with new test bundle 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-20 14:53:02 -07:00
Meredith Lancaster
5601149c83 naming 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-20 13:34:40 -07:00
Meredith Lancaster
ff8844a308 update test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-20 13:22:55 -07:00
Meredith Lancaster
4671b8d66b update test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-20 12:46:06 -07:00
Meredith Lancaster
a170c91c6d experiment with table output 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-20 09:04:42 -07:00
Tyler McGoffin
83cf411556 Improve test names so there is no repetition 2024-11-19 16:08:31 -08:00
bagtoad
e5eedefd09 Assert stderr is empty in manager_test.go 2024-11-19 16:42:16 -07:00
bagtoad
83c5bf3589 Update error message wording 2024-11-19 16:42:15 -07:00
bagtoad
4b73e55fd2 Change: exit zero, still print warning to stderr 
Instead of returning `ErrExtensionExecutableNotFound` error which causes `gh` to have a non-zero exit code, catch it and print the message to stderr, returning nil. Only print the warning to stderr when there is a TTY.
 2024-11-19 16:42:15 -07:00
Meredith Lancaster
3e6861e7e1 clean up 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-19 16:28:36 -07:00
Meredith Lancaster
b5788f2523 wrap sigstore and cert ext verification into a single function 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-19 16:24:17 -07:00
Andy Feller
8da27d2c8a Second attempt to address exploit 
This builds off suggestion to reuse logic used already within `gh run download` for detecting path traversals.

This largely works but runs into an issue where detection logic doesn't handle non-separated traversal.
 2024-11-19 17:55:18 -05:00
Dalius Dobravolskas
9414930b5d
Adding option to return baseRefOid in pr view 
You need to know exact `baseRefOid` so you could show correct diff.
`baseRefName` is not enough sometimes because branch from which PR was
forked might have changes already.

Example usage:
```
gh pr view --json headRefName,headRefOid,number,baseRefName,baseRefOid,reviewDecision
```
 2024-11-19 23:50:45 +02:00
Meredith Lancaster
f48e6b56e3 verify cert extensions function should return filtered result list 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-19 14:38:28 -07:00
Meredith Lancaster
08a66f5383 wording 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-19 14:26:15 -07:00
Kynan Ware
1bc2bb8059
Improve docs on installing extensions 
Better clarify the two extension types in the `extension install` docs.

Co-authored-by: Tyler McGoffin <jtmcg@github.com>
 2024-11-18 16:45:57 -07:00
Kynan Ware
bb3b64ad06
Update language for missing extension executable 
Co-authored-by: Tyler McGoffin <jtmcg@github.com>
 2024-11-18 16:25:07 -07:00
Kynan Ware
2ec27ff9fe
Update test comments about Windows behavior 
Co-authored-by: Tyler McGoffin <jtmcg@github.com>
 2024-11-18 16:21:14 -07:00
Meredith Lancaster
a55f9a6301 Merge branch 'trunk' into print-policy-info 2024-11-18 13:57:34 -07:00
Meredith Lancaster
9177b22a21
Merge pull request #9892 from malancas/refactor-fetch-attestations 
Refactor the `getAttestations` functions
 2024-11-18 13:56:46 -07:00
Meredith Lancaster
b787a8b785 wording 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-18 13:39:06 -07:00
Meredith Lancaster
a89071c30d wording 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-18 12:25:57 -07:00
Meredith Lancaster
cfbc1c7e10 wording 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-18 12:16:12 -07:00
Meredith Lancaster
6ca5e6f18c add newlines for additional policy info 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-18 11:42:39 -07:00
Meredith Lancaster
63f37eb369 pr feedback 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-18 08:24:25 -07:00
Meredith Lancaster
30ae1388e4
Update pkg/cmd/attestation/download/download.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-11-18 08:19:41 -07:00
Meredith Lancaster
762e99d151 fix function param calls 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-18 08:19:07 -07:00
Meredith Lancaster
c518a3b1f5
Update pkg/cmd/attestation/verification/extensions.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-11-18 08:18:04 -07:00
bagtoad
c5497b4d28 Document requirements for local extensions 2024-11-17 21:01:49 -07:00
bagtoad
b575fe8ebc Warn when installing local ext with no executable 2024-11-17 21:01:49 -07:00
Andy Feller
7b91b17395 Refactor extension command testing 
This commit allows for stubbing/mocking the function used for checking update release info.  Additionally, this does a minor refactor moving from non-blocking to blocking channel.
 2024-11-17 21:59:06 -05:00
Andy Feller
0d3f7cae4e Bring extension update check in line with gh check 
This commit is a bit of refactoring to bring the extension update checking logic up to par with what is done with `gh` including creation of state file per extension and listening to env vars for disabling version checking.

This work is not complete as it does not address necessary test changes.
 2024-11-17 16:10:58 -05:00
nilvng
36eaf14857 issue #2329: improve UI/UX 
Improve the interactive PR selection UI by
- prefix the PR number with hashcode #
- perserve the text formatting (bold) upon an option is hovered
- add the PR head label

Technical changes:
- Replace \033[0m with \033[39m for maintaining text formatting
 2024-11-17 23:47:36 +11:00