workspace-tools 0.18.3 → 0.18.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.json +16 -1
- package/CHANGELOG.md +10 -2
- package/lib/git.js +2 -2
- package/package.json +1 -1
package/CHANGELOG.json
CHANGED
|
@@ -2,7 +2,22 @@
|
|
|
2
2
|
"name": "workspace-tools",
|
|
3
3
|
"entries": [
|
|
4
4
|
{
|
|
5
|
-
"date": "
|
|
5
|
+
"date": "Wed, 20 Apr 2022 16:48:59 GMT",
|
|
6
|
+
"tag": "workspace-tools_v0.18.4",
|
|
7
|
+
"version": "0.18.4",
|
|
8
|
+
"comments": {
|
|
9
|
+
"patch": [
|
|
10
|
+
{
|
|
11
|
+
"author": "kchau@microsoft.com",
|
|
12
|
+
"package": "workspace-tools",
|
|
13
|
+
"comment": "fixes a potential security issue where fetch --upload-pack can allow for command injection",
|
|
14
|
+
"commit": "9bc7e65ce497f87e1f363fd47b8f802f3d3cd978"
|
|
15
|
+
}
|
|
16
|
+
]
|
|
17
|
+
}
|
|
18
|
+
},
|
|
19
|
+
{
|
|
20
|
+
"date": "Sat, 09 Apr 2022 15:51:14 GMT",
|
|
6
21
|
"tag": "workspace-tools_v0.18.3",
|
|
7
22
|
"version": "0.18.3",
|
|
8
23
|
"comments": {
|
package/CHANGELOG.md
CHANGED
|
@@ -1,12 +1,20 @@
|
|
|
1
1
|
# Change Log - workspace-tools
|
|
2
2
|
|
|
3
|
-
This log was last generated on
|
|
3
|
+
This log was last generated on Wed, 20 Apr 2022 16:48:59 GMT and should not be manually modified.
|
|
4
4
|
|
|
5
5
|
<!-- Start content -->
|
|
6
6
|
|
|
7
|
+
## 0.18.4
|
|
8
|
+
|
|
9
|
+
Wed, 20 Apr 2022 16:48:59 GMT
|
|
10
|
+
|
|
11
|
+
### Patches
|
|
12
|
+
|
|
13
|
+
- fixes a potential security issue where fetch --upload-pack can allow for command injection (kchau@microsoft.com)
|
|
14
|
+
|
|
7
15
|
## 0.18.3
|
|
8
16
|
|
|
9
|
-
Sat, 09 Apr 2022 15:51:
|
|
17
|
+
Sat, 09 Apr 2022 15:51:14 GMT
|
|
10
18
|
|
|
11
19
|
### Patches
|
|
12
20
|
|
package/lib/git.js
CHANGED
|
@@ -104,14 +104,14 @@ function getUntrackedChanges(cwd) {
|
|
|
104
104
|
}
|
|
105
105
|
exports.getUntrackedChanges = getUntrackedChanges;
|
|
106
106
|
function fetchRemote(remote, cwd) {
|
|
107
|
-
const results = git(["fetch", remote], { cwd });
|
|
107
|
+
const results = git(["fetch", "--", remote], { cwd });
|
|
108
108
|
if (!results.success) {
|
|
109
109
|
throw gitError(`Cannot fetch remote: ${remote}`);
|
|
110
110
|
}
|
|
111
111
|
}
|
|
112
112
|
exports.fetchRemote = fetchRemote;
|
|
113
113
|
function fetchRemoteBranch(remote, remoteBranch, cwd) {
|
|
114
|
-
const results = git(["fetch", remote, remoteBranch], { cwd });
|
|
114
|
+
const results = git(["fetch", "--", remote, remoteBranch], { cwd });
|
|
115
115
|
if (!results.success) {
|
|
116
116
|
throw gitError(`Cannot fetch remote: ${remote} ${remoteBranch}`);
|
|
117
117
|
}
|