Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(cli): Don’t use backticks to unbreak zsh compdef #108

Merged
merged 1 commit into from
Oct 28, 2020
Merged

fix(cli): Don’t use backticks to unbreak zsh compdef #108

merged 1 commit into from
Oct 28, 2020

Conversation

d125q
Copy link
Contributor

@d125q d125q commented Oct 28, 2020

Currently, the generated zsh compdef contains something along the
lines of

(( $+functions[_fontship_commands] )) ||
_fontship_commands() {
    local commands; commands=(
        "make:Build specified target(s) with `make`" \
"setup:Configure a font project repository" \
"status:Show status information about setup, configuration, and build state" \
"help:Prints this message or the help of the given subcommand(s)" \
    )
    _describe -t commands 'fontship commands' commands "$@"
}

I.e., it performs command substitution on ‘make’, which in the best
case fails with something along the lines of “make: *** No targets
specified and no makefile found. Stop.” and in the worst case ends up
running ‘make’ for you.

This issue should probably be brought up to clap-rs/clap so that it is
made to use single quotes instead of double quotes and escape
everything correctly.

For now, this commit fixes the issue by using “smart quotes” instead
of backticks.

@d125q
fix(cli): Don’t use backticks to unbreak zsh compdef
28020b9 
Currently, the generated zsh compdef contains something along the
lines of

```zsh
(( $+functions[_fontship_commands] )) ||
_fontship_commands() {
    local commands; commands=(
        "make:Build specified target(s) with `make`" \
"setup:Configure a font project repository" \
"status:Show status information about setup, configuration, and build state" \
"help:Prints this message or the help of the given subcommand(s)" \
    )
    _describe -t commands 'fontship commands' commands "$@"
}
```

I.e., it performs command substitution on ‘make’, which in the best
case fails with something along the lines of “make: *** No targets
specified and no makefile found.  Stop.” and in the worst case ends up
running ‘make’ for you.

This issue should probably be brought up to clap-rs/clap so that it is
made to use single quotes instead of double quotes and escape
everything correctly.

For now, this commit fixes the issue by using “smart quotes” instead
of backticks.
@alerque
Copy link
Member

alerque commented Oct 28, 2020
edited
Loading

Wow good catch. Yes this is something that should be reported is reported upstream in Clap, it shouldn't be generating dangerous executable code!

@alerque alerque mentioned this pull request Oct 28, 2020
Open
@alerque alerque added the bug Something isn't working label Oct 28, 2020
@alerque alerque merged commit 50c9a53 into theleagueof:master Oct 28, 2020
@epage epage mentioned this pull request Dec 6, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@d125q @alerque