Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: use readFileSync and JSON.parse instead of require in probot-receive #1891

Merged
merged 1 commit into from Nov 13, 2023
Merged

fix: use readFileSync and JSON.parse instead of require in probot-receive #1891

merged 1 commit into from Nov 13, 2023

Conversation

Uzlopak
Copy link
Collaborator

@Uzlopak Uzlopak commented Nov 11, 2023
edited

I guess you could actually load arbitrary code into probot receive cli command.

@Uzlopak Uzlopak requested a review from a team as a code owner November 11, 2023 01:24
@AaronDewes
Copy link
Member

You could, but I don't think it's an issue, maybe some people even want to generate the payload with JS here.

@Uzlopak
Copy link
Collaborator Author

Uzlopak commented Nov 11, 2023

@AaronDewes
Interesting aspect. We could also agree on documenting it accordingly, that a js file can also be used to generate the payload dynamically.

@AaronDewes
Copy link
Member

@gr2m What's your opinion on this?

@gr2m
Copy link
Contributor

gr2m commented Nov 12, 2023

You could, but I don't think it's an issue, maybe some people even want to generate the payload with JS here.

That was never an intended use. I'd go ahead with this change, if someone shows up complaining that we broke their use case, we can discuss it then. It's a problem when it's a problem

@gr2m gr2m changed the title chore: use readFileSync and JSON.parse instead of require in probot-receive fix: use readFileSync and JSON.parse instead of require in probot-receive Nov 12, 2023
@Uzlopak Uzlopak mentioned this pull request Nov 12, 2023
Merged
@Uzlopak
Copy link
Collaborator Author

Uzlopak commented Nov 12, 2023

@gr2m

Just for clarification: you want feedback by @AaronDewes before you merge, or is there something to do by me?

@gr2m
Copy link
Contributor

gr2m commented Nov 12, 2023
edited

I'd like to wait to get @AaronDewes' approval for only supporting JSON moving forward.

Is this a blocker?

@Uzlopak
Copy link
Collaborator Author

Uzlopak commented Nov 12, 2023

Not a blocker. Just better to be clear what the next steps are ;)

@AaronDewes AaronDewes merged commit 3219a98 into probot:beta Nov 13, 2023
8 checks passed
@github-actions GitHub Actions
Copy link

🎉 This PR is included in version 13.0.0-beta.6 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gr2m gr2m gr2m approved these changes

Assignees
No one assigned
Labels
released on @beta
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Uzlopak @AaronDewes @gr2m