chore(codemod): Added comment about ignoring CodeQL alert

mlaursen · mlaursen · commit 631d56c61493 · 2021-11-24T13:19:59.000-07:00
https://github.com/mlaursen/react-md/pull/1285/checks\?check_run_id\=4316777905
diff --git a/packages/codemod/rmd-codemod.ts b/packages/codemod/rmd-codemod.ts
@@ -128,6 +128,8 @@ async function handleAction(options: Options): Promise<void> {
   // prefix with `node` because of a bug around: "env: node\r"
   const command = `node ${jscodeshiftExecutable} ${args.join(" ")}`;
   console.log(command);
+  // react-codemod does it... so I'll ignore the security issue fo rnow.
+  // https://github.com/reactjs/react-codemod/blob/b34b92a1f0b8ad333efe5effb50d17d46d66588b/bin/cli.js
   execSync(command, { stdio: "inherit" });
 }
 

Original file line number	Diff line number	Diff line change
`@@ -128,6 +128,8 @@ async function handleAction(options: Options): Promise<void> {`
`128`	`128`	// prefix with `node` because of a bug around: "env: node\r"
`129`	`129`	const command = `node ${jscodeshiftExecutable} ${args.join(" ")}`;
`130`	`130`	`console.log(command);`
	`131`	`+ // react-codemod does it... so I'll ignore the security issue fo rnow.`
	`132`	`+ // https://github.com/reactjs/react-codemod/blob/b34b92a1f0b8ad333efe5effb50d17d46d66588b/bin/cli.js`
`131`	`133`	`execSync(command, { stdio: "inherit" });`
`132`	`134`	`}`
`133`	`135`