Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update go version & kin-openapi #1348

Draft
wants to merge 12 commits into
base: main
Choose a base branch
from
Draft

fix: update go version & kin-openapi #1348

wants to merge 12 commits into from
+726 −622

Conversation

geffersonFerraz
Copy link
Member

What does this PR do?

How Has This Been Tested?

  • Unit Tests: Describe the unit tests you have written and their outcomes.

  • Integration Tests: Detail the integration tests performed and their results.

  • Manual Testing: Explain the manual testing process, including steps taken and evidence such as screenshots or logs.

Checklist

  • I have run Pre commit pre-commit run --all-files
  • My code follows the style guidelines of this project
  • I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works

Screenshots/Videos

@geffersonFerraz geffersonFerraz requested a review from a team as a code owner February 19, 2025 01:37
@geffersonFerraz geffersonFerraz self-assigned this Mar 7, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 13, 2025
View reviewed changes
@geffersonFerraz
Copy link
Member Author

@publi0 vou botar como WIP.
Não estou contente com estas alterações:
image

Assim que eu resolver isso, libero o PR.

@geffersonFerraz geffersonFerraz marked this pull request as draft March 13, 2025 20:57
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 14, 2025
View reviewed changes
mgc/cli/cmd/show_help.go
if value == schema_flags.ValueHelpIsRequired {
value = schema_flags.ValueVerbatimStringPrefix + value
} else if strings.HasPrefix(value, schema_flags.ValueVerbatimStringPrefix) || strings.Contains(value, "$") {
value = fmt.Sprintf("'%s'", data) // keep quotes and wrap in single, so shell doesn't replace variables

Check failure

Code scanning / CodeQL

Potentially unsafe quoting Critical

If this
JSON value
Loading
contains a single quote, it could break out of the enclosing quotes.

Copilot Autofix AI about 2 hours ago

To fix the problem, we need to ensure that any single quotes in the data are properly escaped before embedding it into a single-quoted string. This can be achieved by replacing single quotes with escaped single quotes (\'). Additionally, we should escape any existing backslashes to prevent them from interfering with the escaping of single quotes.

The best way to fix the problem without changing existing functionality is to use the strings.ReplaceAll function to escape single quotes and backslashes in the data string before embedding it into the single-quoted string.

Suggested changeset 1
mgc/cli/cmd/show_help.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/mgc/cli/cmd/show_help.go b/mgc/cli/cmd/show_help.go
--- a/mgc/cli/cmd/show_help.go
+++ b/mgc/cli/cmd/show_help.go
@@ -181,3 +181,5 @@
 			} else if strings.HasPrefix(value, schema_flags.ValueVerbatimStringPrefix) || strings.Contains(value, "$") {
-				value = fmt.Sprintf("'%s'", data) // keep quotes and wrap in single, so shell doesn't replace variables
+				escapedData := strings.ReplaceAll(string(data), `\`, `\\`)
+				escapedData = strings.ReplaceAll(escapedData, "'", "\\'")
+				value = fmt.Sprintf("'%s'", escapedData) // keep quotes and wrap in single, so shell doesn't replace variables
 			}
@@ -185,6 +187,10 @@
 		default:
-			return fmt.Sprintf("'%s'", data)
+			escapedData := strings.ReplaceAll(string(data), `\`, `\\`)
+			escapedData = strings.ReplaceAll(escapedData, "'", "\\'")
+			return fmt.Sprintf("'%s'", escapedData)
 		}
 	}
-	return fmt.Sprintf("'%s'", data)
+	escapedData := strings.ReplaceAll(string(data), `\`, `\\`)
+	escapedData = strings.ReplaceAll(escapedData, "'", "\\'")
+	return fmt.Sprintf("'%s'", escapedData)
 }
EOF
@@ -181,3 +181,5 @@
} else if strings.HasPrefix(value, schema_flags.ValueVerbatimStringPrefix) || strings.Contains(value, "$") {
value = fmt.Sprintf("'%s'", data) // keep quotes and wrap in single, so shell doesn't replace variables
escapedData := strings.ReplaceAll(string(data), `\`, `\\`)
escapedData = strings.ReplaceAll(escapedData, "'", "\\'")
value = fmt.Sprintf("'%s'", escapedData) // keep quotes and wrap in single, so shell doesn't replace variables
}
@@ -185,6 +187,10 @@
default:
return fmt.Sprintf("'%s'", data)
escapedData := strings.ReplaceAll(string(data), `\`, `\\`)
escapedData = strings.ReplaceAll(escapedData, "'", "\\'")
return fmt.Sprintf("'%s'", escapedData)
}
}
return fmt.Sprintf("'%s'", data)
escapedData := strings.ReplaceAll(string(data), `\`, `\\`)
escapedData = strings.ReplaceAll(escapedData, "'", "\\'")
return fmt.Sprintf("'%s'", escapedData)
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
mgc/cli/cmd/show_help.go
}
return
default:
return fmt.Sprintf("'%s'", data)

Check failure

Code scanning / CodeQL

Potentially unsafe quoting Critical

If this
JSON value
Loading
contains a single quote, it could break out of the enclosing quotes.

Copilot Autofix AI about 2 hours ago

To fix the problem, we need to ensure that any single quotes in the user-provided data are properly escaped before embedding them in a string. The best way to fix this is to use strings.ReplaceAll to escape single quotes and backslashes in the data string. This will prevent any premature termination of the string literal.

  • We will replace single quotes with \' and backslashes with \\ in the data string.
  • This change will be made in the getExampleFormattedValue function in the mgc/cli/cmd/show_help.go file.
Suggested changeset 1
mgc/cli/cmd/show_help.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/mgc/cli/cmd/show_help.go b/mgc/cli/cmd/show_help.go
--- a/mgc/cli/cmd/show_help.go
+++ b/mgc/cli/cmd/show_help.go
@@ -181,3 +181,5 @@
 			} else if strings.HasPrefix(value, schema_flags.ValueVerbatimStringPrefix) || strings.Contains(value, "$") {
-				value = fmt.Sprintf("'%s'", data) // keep quotes and wrap in single, so shell doesn't replace variables
+				escapedData := strings.ReplaceAll(string(data), `\`, `\\`)
+				escapedData = strings.ReplaceAll(escapedData, `'`, `\\'`)
+				value = fmt.Sprintf("'%s'", escapedData) // keep quotes and wrap in single, so shell doesn't replace variables
 			}
@@ -185,3 +187,5 @@
 		default:
-			return fmt.Sprintf("'%s'", data)
+			escapedData := strings.ReplaceAll(string(data), `\`, `\\`)
+			escapedData = strings.ReplaceAll(escapedData, `'`, `\\'`)
+			return fmt.Sprintf("'%s'", escapedData)
 		}
EOF
@@ -181,3 +181,5 @@
} else if strings.HasPrefix(value, schema_flags.ValueVerbatimStringPrefix) || strings.Contains(value, "$") {
value = fmt.Sprintf("'%s'", data) // keep quotes and wrap in single, so shell doesn't replace variables
escapedData := strings.ReplaceAll(string(data), `\`, `\\`)
escapedData = strings.ReplaceAll(escapedData, `'`, `\\'`)
value = fmt.Sprintf("'%s'", escapedData) // keep quotes and wrap in single, so shell doesn't replace variables
}
@@ -185,3 +187,5 @@
default:
return fmt.Sprintf("'%s'", data)
escapedData := strings.ReplaceAll(string(data), `\`, `\\`)
escapedData = strings.ReplaceAll(escapedData, `'`, `\\'`)
return fmt.Sprintf("'%s'", escapedData)
}
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@publi0 publi0 publi0 approved these changes

@luizcavalcanti luizcavalcanti Awaiting requested review from luizcavalcanti luizcavalcanti is a code owner automatically assigned from MagaluCloud/terraform-cli-devs

Assignees

@geffersonFerraz geffersonFerraz

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@geffersonFerraz @publi0