Skip to content

Commit f7c491e

Browse files
committed
Fix: validate commit hashes before executing them | closes #24
1 parent 8b456ac commit f7c491e

File tree

2 files changed

+14
-0
lines changed

2 files changed

+14
-0
lines changed

Diff for: __tests__/test.spec.ts

+9
Original file line numberDiff line numberDiff line change
@@ -93,3 +93,12 @@ test('no git repo', () => {
9393

9494
expect(latestInfo).toEqual({});
9595
});
96+
97+
test('ignore invalid commits | #24', () => {
98+
const latestInfo = gitCommitInfo({
99+
cwd: path.join(fixtures, 'merge'),
100+
commit: '82442c2405804d7aa44e7bedbc0b93bb17707626 || touch ci ||',
101+
});
102+
103+
expect(latestInfo.error).toBeInstanceOf(Error);
104+
});

Diff for: index.ts

+5
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ export interface GitCommitInfoResult {
2020
}
2121

2222
const regex = /\s+([\s\S]*)/g; // matches everything after the first whitespace
23+
const hashRegex = /^[0-9a-f]{7,40}$/;
2324

2425
const gitCommitInfo = (options: GitCommitInfoOptions = {}): GitCommitInfoResult => {
2526
const {
@@ -29,6 +30,10 @@ const gitCommitInfo = (options: GitCommitInfoOptions = {}): GitCommitInfoResult
2930
const thisCommit = commit || '';
3031
const thisPath = path.resolve(cwd);
3132

33+
if ((thisCommit && !(new RegExp(hashRegex).test(thisCommit)))) {
34+
return { error: new Error('Not a valid commit hash') };
35+
}
36+
3237
if (!isGit(thisPath)) {
3338
return {};
3439
}

0 commit comments

Comments
 (0)