abapify
adt-cli
review: harden detectGithubRepo (SCP vs URL, dotted repos, shell-safe owner/repo) Addresses two bot review findings on PR #115: * Devin Review — the SCP-style regex `^[^@\s]+@([^:]+):(.+)$` falsely matched URL-form remotes that contain both `user@` and a `:port` segment, e.g. `ssh://git@github.com:22/abapify/adt-cli.git`. The port was captured as part of the path and then rejected by parseOwnerRepo, silently disabling trusted-publisher auto-detection. The SCP branch is now skipped whenever the input contains `://`, so URL-form remotes fall through to `new URL()`. * CodeRabbit — the previous shape regex `[^/]+/[^/.]+?` rejected valid GitHub repos with dots in the name (e.g. `owner/repo.name`) and accepted shell metacharacters in the owner segment. The value flows unquoted into a shell command at `plugin.ts` line ~126 (`--trust-repo=${trustRepo}`), so a strict allow-list is enforced before return: `^[A-Za-z0-9_.-]+/[A-Za-z0-9_.-]+$`. This accepts dotted repos and rejects anything that could be interpreted by a shell.
nx affected -t lint test build e2e-ci --verbose=false --parallel=3
Sign in / Sign up
Open main menu
Succeeded
CI Pipeline Execution
nx affected -t lint test build e2e-ci --verbose=false --parallel=3
Click to copy
Linux
4 CPU cores
read-write
access token used
3f27dad9
main