[PATCH] D117745: issue-subscriber: Fix handling of labels with spaces
Arthur O'Dwyer via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Jan 20 06:00:10 PST 2022
Quuxplusone added inline comments.
================
Comment at: .github/workflows/issue-subscriber.yml:21-25
./github-automation.py \
--token ${{ secrets.ISSUE_SUBSCRIBER_TOKEN }} \
issue-subscriber \
--issue-number ${{ github.event.issue.number }} \
+ --label-name '${{ github.event.label.name }}'
----------------
Quuxplusone wrote:
> Consider single-quoting lines 22 and 24 as well, while you're at it. (Economist's $100 bill corollary: If this technique actually //works//, you'd expect everyone to be doing it.)
The economist might be right in this case. Did you know it's legal to create a GitHub label containing `'`, e.g. `arthur's test`? Single-quotes-before-and-after is not the same thing as shell escaping. (Unless GitHub treats it the same because magic??)
Perhaps all these command-line options should be env vars instead? I don't know what the right answer is (but I bet StackOverflow does).
I'm pleased to report that https://github.com/llvm/llvm-project/runs/4876930402?check_suite_focus=true //does// helpfully blank out the secret API token with three asterisks `--token *** \` instead of showing it in plain text. That's nice. :)
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D117745/new/
https://reviews.llvm.org/D117745
More information about the llvm-commits
mailing list