Skip to content

Commit

Permalink
packaging: Use subprocess instead of os.popen for change log creation (
Browse files Browse the repository at this point in the history 
…#3469)

This addresses a warning from Bandit about an injection attack risk by using subprocess.Popen instead of os.popen.

---------

Co-authored-by: kpolchow <polchow.kira@gmail.com>
  • Loading branch information
@naidneelttil @kpolchow
naidneelttil and kpolchow committed Mar 21, 2024
1 parent b656141 commit edb7703
Showing 1 changed file with 16 additions and 2 deletions.
18 changes: 16 additions & 2 deletions utils/gitlog2changelog.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,32 @@
# Distributed under the terms of the GNU General Public License v2 or later

import re
import os
from textwrap import TextWrapper
import sys
import subprocess

rev_range = ""


# Define the git command and its arguments as a list
git_command = [
"git",
"log",
"--summary",
"--stat",
"--no-merges",
"--date=short",
]

if len(sys.argv) > 1:
base = sys.argv[1]
rev_range = "%s..HEAD" % base
git_command.append(rev_range)

# Execute git log with the desired command line options.
fin = os.popen("git log --summary --stat --no-merges --date=short %s" % rev_range, "r")
process = subprocess.Popen(git_command, stdout=subprocess.PIPE, encoding="utf8")
fin = process.stdout

# Create a ChangeLog file in the current directory.
fout = open("ChangeLog", "w")

Expand Down

0 comments on commit edb7703

Please sign in to comment.