crackerjack 0.33.5__py3-none-any.whl → 0.33.7__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of crackerjack might be problematic. Click here for more details.

Files changed (6) hide show
  1. crackerjack/services/secure_subprocess.py +17 -1
  2. {crackerjack-0.33.5.dist-info → crackerjack-0.33.7.dist-info}/METADATA +1 -1
  3. {crackerjack-0.33.5.dist-info → crackerjack-0.33.7.dist-info}/RECORD +6 -6
  4. {crackerjack-0.33.5.dist-info → crackerjack-0.33.7.dist-info}/WHEEL +0 -0
  5. {crackerjack-0.33.5.dist-info → crackerjack-0.33.7.dist-info}/entry_points.txt +0 -0
  6. {crackerjack-0.33.5.dist-info → crackerjack-0.33.7.dist-info}/licenses/LICENSE +0 -0
crackerjack/services/secure_subprocess.py CHANGED
@@ -87,7 +87,7 @@ class SecureSubprocessExecutor:
87
87
  self.security_logger = get_security_logger()
88
88
 
89
89
  self.dangerous_patterns = [
90
- r"[;&|`$(){}[\]<>*?~]",
90
+ r"[;&|`$()[\]<>*?~]",
91
91
  r"\.\./",
92
92
  r"\$\{.*\}",
93
93
  r"`.*`",
@@ -96,6 +96,16 @@ class SecureSubprocessExecutor:
96
96
  r"<\s*/",
97
97
  ]
98
98
 
99
+ # Git reference patterns that should be allowed despite containing special chars
100
+ self.allowed_git_patterns = [
101
+ r"^@\{u\}\.\.HEAD$", # upstream..HEAD
102
+ r"^@\{upstream\}\.\.HEAD$", # upstream..HEAD (long form)
103
+ r"^HEAD\.\.@\{u\}$", # HEAD..upstream
104
+ r"^HEAD\.\.@\{upstream\}$", # HEAD..upstream (long form)
105
+ r"^@\{[0-9]+\}$", # reflog references like @{1}
106
+ r"^@\{[0-9]+ (minute|hour|day|week|month|year)s? ago\}$", # time references
107
+ ]
108
+
99
109
  self.dangerous_env_vars = {
100
110
  "LD_PRELOAD",
101
111
  "DYLD_INSERT_LIBRARIES",
@@ -316,6 +326,12 @@ class SecureSubprocessExecutor:
316
326
  return validated_command, issues
317
327
 
318
328
  def _has_dangerous_patterns(self, arg: str, index: int, issues: list[str]) -> bool:
329
+ # First check if this is an allowed git pattern
330
+ for git_pattern in self.allowed_git_patterns:
331
+ if re.match(git_pattern, arg):
332
+ return False # It's an allowed git pattern, don't flag as dangerous
333
+
334
+ # Check for dangerous patterns
319
335
  for pattern in self.dangerous_patterns:
320
336
  if re.search(pattern, arg):
321
337
  issues.append(
{crackerjack-0.33.5.dist-info → crackerjack-0.33.7.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: crackerjack
3
- Version: 0.33.5
3
+ Version: 0.33.7
4
4
  Summary: Crackerjack Python project management tool
5
5
  Project-URL: documentation, https://github.com/lesleslie/crackerjack
6
6
  Project-URL: homepage, https://github.com/lesleslie/crackerjack
{crackerjack-0.33.5.dist-info → crackerjack-0.33.7.dist-info}/RECORD RENAMED
@@ -199,7 +199,7 @@ crackerjack/services/regex_patterns.py,sha256=iis9gSzXZtnX14lODGfSUsf7bcCRTw7rdS
199
199
  crackerjack/services/regex_utils.py,sha256=e7AD59_L-T5-oOxzqsGgrLd94uxRE9aKnwasZkohwI8,14966
200
200
  crackerjack/services/secure_path_utils.py,sha256=aHsLwxDch42DidPYtTL_ko40g2rhbXDLnRhcx2LlGk8,16688
201
201
  crackerjack/services/secure_status_formatter.py,sha256=yhwNtzvvQVcuHsNOTNZMzlqIMQT9zx-lzAtq9LuSDuk,14121
202
- crackerjack/services/secure_subprocess.py,sha256=UAXyRgus-PJ4nOfSq9m_Ji8xmni4Hyl7uHmPsJwoQrQ,17308
202
+ crackerjack/services/secure_subprocess.py,sha256=iGXdIUjYZ_ocxwo8OJSmOFJvdmOFXSvluNNgJvU3hFQ,18114
203
203
  crackerjack/services/security.py,sha256=plgIz-B8oYN_mpF4NYrqHnT7TRcsp4jr0-YlV9WgD5o,7298
204
204
  crackerjack/services/security_logger.py,sha256=_hQUQZekiafpIKyULgVxrQHrwPpTKv89jNf-XWqaAhg,16780
205
205
  crackerjack/services/server_manager.py,sha256=IQ0oUFEEMZTxI8csecIJzkCSMESE5KIkYqPxa56tvUw,11399
@@ -222,8 +222,8 @@ crackerjack/slash_commands/status.md,sha256=U3qqppVLtIIm2lEiMYaKagaHYLI9UplL7OH1
222
222
  crackerjack/tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
223
223
  crackerjack/tools/validate_input_validator_patterns.py,sha256=NN7smYlXWrHLQXTb-81gRam2vjW-cJav92f1klPA0qA,8234
224
224
  crackerjack/tools/validate_regex_patterns.py,sha256=y2pAp2BzfSC_3XYMIKGMpQFwwwDidPy3k2Y2almOy74,5811
225
- crackerjack-0.33.5.dist-info/METADATA,sha256=fiWKF7JjyVGqGGtVk2v-JvYCJh1rbCk6bzzMMgt7RzY,37942
226
- crackerjack-0.33.5.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
227
- crackerjack-0.33.5.dist-info/entry_points.txt,sha256=AJKNft0WXm9xoGUJ3Trl-iXHOWxRAYbagQiza3AILr4,57
228
- crackerjack-0.33.5.dist-info/licenses/LICENSE,sha256=fDt371P6_6sCu7RyqiZH_AhT1LdN3sN1zjBtqEhDYCk,1531
229
- crackerjack-0.33.5.dist-info/RECORD,,
225
+ crackerjack-0.33.7.dist-info/METADATA,sha256=X0D9FDvXqelaJi-6QudA6DoXlK07W2N-AcFiSJwDXAI,37942
226
+ crackerjack-0.33.7.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
227
+ crackerjack-0.33.7.dist-info/entry_points.txt,sha256=AJKNft0WXm9xoGUJ3Trl-iXHOWxRAYbagQiza3AILr4,57
228
+ crackerjack-0.33.7.dist-info/licenses/LICENSE,sha256=fDt371P6_6sCu7RyqiZH_AhT1LdN3sN1zjBtqEhDYCk,1531
229
+ crackerjack-0.33.7.dist-info/RECORD,,