[PATCH] D117745: issue-subscriber: Fix handling of labels with spaces

Arthur O'Dwyer via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Thu Jan 20 06:00:10 PST 2022


Quuxplusone added inline comments.


================
Comment at: .github/workflows/issue-subscriber.yml:21-25
         ./github-automation.py \
           --token ${{ secrets.ISSUE_SUBSCRIBER_TOKEN }} \
           issue-subscriber \
           --issue-number ${{ github.event.issue.number }} \
+          --label-name '${{ github.event.label.name }}'
----------------
Quuxplusone wrote:
> Consider single-quoting lines 22 and 24 as well, while you're at it. (Economist's $100 bill corollary: If this technique actually //works//, you'd expect everyone to be doing it.)
The economist might be right in this case. Did you know it's legal to create a GitHub label containing `'`, e.g. `arthur's test`? Single-quotes-before-and-after is not the same thing as shell escaping. (Unless GitHub treats it the same because magic??)

Perhaps all these command-line options should be env vars instead? I don't know what the right answer is (but I bet StackOverflow does).

I'm pleased to report that https://github.com/llvm/llvm-project/runs/4876930402?check_suite_focus=true //does// helpfully blank out the secret API token with three asterisks `--token *** \` instead of showing it in plain text. That's nice. :)


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D117745/new/

https://reviews.llvm.org/D117745



More information about the llvm-commits mailing list