fix(compliance-audit): replace echo|grep -q pipes with here-strings in detect_ecosystems#249
Conversation
echo "$tree" | grep -q exits early on first match (grep -q), closing the read end of the pipe before echo finishes writing when $tree is large. This causes SIGPIPE / "write error: Broken pipe". Replace all 8 occurrences with grep -qE ... <<< "$tree" which feeds the string directly to grep's stdin without a subprocess pipe. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
|
Warning Rate limit exceeded
You’ve run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (1)
📝 WalkthroughWalkthroughThe ChangesEcosystem Detection Refactoring
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request refactors the detect_ecosystems function in scripts/compliance-audit.sh to use Bash here-strings instead of piping echo to grep, which is a more efficient way to process the file tree variable. The review feedback suggests improving the robustness of the GitHub Actions detection by updating the regular expression to support both .yml and .yaml file extensions.
There was a problem hiding this comment.
Pull request overview
This PR updates detect_ecosystems() in scripts/compliance-audit.sh to avoid SIGPIPE/“Broken pipe” noise caused by echo "$tree" | grep -qE ... when scanning very large repository trees, by switching those checks to grep ... <<< "$tree".
Changes:
- Replaced 8 instances of
echo "$tree" | grep -qE ...withgrep -qE ... <<< "$tree"insidedetect_ecosystems(). - Preserved existing ecosystem-detection regexes and behavior while eliminating the pipe that can trigger
echowrite errors.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
|
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Problem
detect_ecosystems()inscripts/compliance-audit.shuses the pattern:When
$treeis large (repos with many files),grep -qexits immediately after the first match, closing the read end of the pipe. Theechosubprocess is still writing and receives SIGPIPE, producing:Fix
Replace all 8
echo "$tree" | grep -qEcalls with bash here-strings:A here-string feeds the variable directly to
grep's stdin with no subprocess pipe — no SIGPIPE is possible regardless of the size of$tree.Affected lines
package.json(npm)pnpm-lock.yaml(pnpm)go.mod(go)Cargo.toml(rust)pyproject.toml/requirements.txt(python)*.tf(terraform).github/workflows/*.yml(github-actions) ← reported error_bmad(-output)?/(bmad-method) ← reported errorSummary by CodeRabbit