ahuston-0/hydra
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

replace all system() shell invocation with safer non-shell alternative

Browse Source
This commit is contained in:
Jörg Thalheim
2025-08-05 23:28:51 +02:00
committed by ahuston-0
parent a63ed33f9c
commit 6138de486c
6 changed files with 23 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/lib/Hydra/Plugin/GithubRefs.pm
View File

@@ -10,6 +10,7 @@ use Hydra::Helper::CatalystUtils;
use Hydra::Helper::Nix;
use File::Temp;
use POSIX qw(strftime);
use IPC::Run qw(run);
=head1 NAME
@@ -115,7 +116,7 @@ sub fetchInput {
open(my $fh, ">", $filename) or die "Cannot open $filename for writing: $!";
print $fh encode_json \%refs;
close $fh;
system("jq -S . < $filename > $tempdir/github-refs-sorted.json");
run(["jq", "-S", "."], '<', $filename, '>', "$tempdir/github-refs-sorted.json") or die "jq command failed: $?";
my $storePath = addToStore("$tempdir/github-refs-sorted.json");
my $timestamp = time;
return { storePath => $storePath, revision => strftime "%Y%m%d%H%M%S", gmtime($timestamp) };