mirrors/brew
1
0
Fork 0
mirror of https://github.com/Homebrew/brew.git synced 2025-07-14 16:09:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

bin/brew: add all GITHUB_* vars to env allowlist

Browse Source 
See #15441.
This commit is contained in:
Carlo Cabrera 2023-05-17 15:58:27 +08:00
parent 6f7f8eaf81
commit b65f08700d
No known key found for this signature in database
GPG Key ID: C74D447FC549A1D0
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
bin/brew
View File

@ -155,8 +155,6 @@ FILTERED_ENV=()
ENV_VAR_NAMES=( ENV_VAR_NAMES=(
HOME SHELL PATH TERM TERMINFO TERMINFO_DIRS COLUMNS DISPLAY LOGNAME USER CI SSH_AUTH_SOCK SUDO_ASKPASS HOME SHELL PATH TERM TERMINFO TERMINFO_DIRS COLUMNS DISPLAY LOGNAME USER CI SSH_AUTH_SOCK SUDO_ASKPASS
http_proxy https_proxy ftp_proxy no_proxy all_proxy HTTPS_PROXY FTP_PROXY ALL_PROXY http_proxy https_proxy ftp_proxy no_proxy all_proxy HTTPS_PROXY FTP_PROXY ALL_PROXY
GITHUB_ACTIONS GITHUB_WORKSPACE GITHUB_ACTIONS_HOMEBREW_SELF_HOSTED GITHUB_EVENT_NAME GITHUB_EVENT_PATH GITHUB_STEP_SUMMARY
GITHUB_REPOSITORY GITHUB_RUN_ID GITHUB_RUN_ATTEMPT GITHUB_SHA GITHUB_HEAD_REF GITHUB_BASE_REF GITHUB_REF GITHUB_OUTPUT
) )
# Filter all but the specific variables. # Filter all but the specific variables.
for VAR in "${ENV_VAR_NAMES[@]}" "${!HOMEBREW_@}" for VAR in "${ENV_VAR_NAMES[@]}" "${!HOMEBREW_@}"
@ -166,6 +164,19 @@ do
FILTERED_ENV+=("${VAR}=${!VAR}") FILTERED_ENV+=("${VAR}=${!VAR}")
done done
if [[ -n "${CI:-}" ]]
then
for VAR in "${!GITHUB_@}"
do
# Skip if variable value is empty.
[[ -z "${!VAR:-}" ]] && continue
# Skip variables that look like tokens.
[[ "${VAR}" = *TOKEN* ]] && continue
FILTERED_ENV+=("${VAR}=${!VAR}")
done
fi
unset VAR ENV_VAR_NAMES unset VAR ENV_VAR_NAMES
exec /usr/bin/env -i "${FILTERED_ENV[@]}" /bin/bash "${HOMEBREW_LIBRARY}/Homebrew/brew.sh" "$@" exec /usr/bin/env -i "${FILTERED_ENV[@]}" /bin/bash "${HOMEBREW_LIBRARY}/Homebrew/brew.sh" "$@"