Skip to content

Commit changes without Sandbox deployment #314

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Oct 30, 2025
Merged

Commit changes without Sandbox deployment #314

merged 5 commits into from
Oct 30, 2025

Conversation

@aruntyagiTutu
Copy link
Contributor

@aruntyagiTutu aruntyagiTutu commented Oct 28, 2025

What
Compute add/modify/delete via Git, handle deletes from HEAD, map to SDR, commit, return commit SHA with push instructions.
Why
Make committing independent of deployment and avoid manual git errors.
Tests
No-changes error; happy path with commit SHA.
Impact
No breaking changes.

@salesforce-cla
Copy link

salesforce-cla bot commented Oct 28, 2025

Thanks for the contribution! Before we can merge this, we need @aruntyagiTutu to sign the Salesforce Inc. Contributor License Agreement.

cristiand391
cristiand391 reviewed Oct 29, 2025
View reviewed changes
packages/mcp-provider-devops/src/commitLiteWorkItem.ts
}

// Create commit
execFileSync('git', ['commit', '-m', commitMessage], { cwd: workingDir, encoding: 'utf8' });
Copy link
Member

@cristiand391 cristiand391 Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this commitMesage the same tool parameter from commit_devops_center_work_item?

Copy link
Contributor Author

@aruntyagiTutu aruntyagiTutu Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. Commit message is passed via ['-m', commitMessage], so it won’t be treated as flags.

Copy link
Member

@cristiand391 cristiand391 Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I meant that commitMessage as a tool param is populated by an LLM, so would this count as passing unsanitized LLM input to a shell exec call?

Copy link
Member

@cristiand391 cristiand391 Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

update:

execFileSync is spawning the git bin and bypassing the shell middle step so we are fine here.

cristiand391
cristiand391 requested changes Oct 29, 2025
View reviewed changes
Copy link
Member

@cristiand391 cristiand391 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

left a question about a possible insecure shell exec

@cristiand391 cristiand391 merged commit 4f7761b into salesforcecli:main Oct 30, 2025
24 of 27 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@manandey manandey manandey approved these changes

@cristiand391 cristiand391 cristiand391 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aruntyagiTutu @manandey @cristiand391