You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dolphinscheduler.apache.org by GitBox <gi...@apache.org> on 2022/11/16 01:56:05 UTC

[GitHub] [dolphinscheduler] ruanwenjun opened a new pull request, #12913: Script cannot contains ''' in params (#12067)

ruanwenjun opened a new pull request, #12913:
URL: https://github.com/apache/dolphinscheduler/pull/12913

   (cherry picked from commit cb4ef54a0e7d3bbfa83c244afcc5d2a518cc34c2)
   
   <!--Thanks very much for contributing to Apache DolphinScheduler. Please review https://dolphinscheduler.apache.org/en-us/community/development/pull-request.html before opening a pull request.-->
   
   ## Purpose of the pull request
   
   <!--(For example: This pull request adds checkstyle plugin).-->
   
   ## Brief change log
   
   <!--*(for example:)*
   - *Add maven-checkstyle-plugin to root pom.xml*
   -->
   
   ## Verify this pull request
   
   <!--*(Please pick either of the following options)*-->
   
   This pull request is code cleanup without any test coverage.
   
   *(or)*
   
   This pull request is already covered by existing tests, such as *(please describe tests)*.
   
   (or)
   
   This change added tests and can be verified as follows:
   
   <!--*(example:)*
   - *Added dolphinscheduler-dao tests for end-to-end.*
   - *Added CronUtilsTest to verify the change.*
   - *Manually verified the change by testing locally.* -->
   
   (or)
   
   If your pull request contain incompatible change, you should also add it to `docs/docs/en/guide/upgrede/incompatible.md`
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


[GitHub] [dolphinscheduler] codecov-commenter commented on pull request #12913: Script cannot contains ''' in params (#12067)

Posted by GitBox <gi...@apache.org>.
codecov-commenter commented on PR #12913:
URL: https://github.com/apache/dolphinscheduler/pull/12913#issuecomment-1316188162

   # [Codecov](https://codecov.io/gh/apache/dolphinscheduler/pull/12913?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
   > :exclamation: No coverage uploaded for pull request base (`3.0.2-prepare@920ccb1`). [Click here to learn what that means](https://docs.codecov.io/docs/error-reference?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#section-missing-base-commit).
   > The diff coverage is `n/a`.
   
   > :exclamation: Current head a5ff568 differs from pull request most recent head 02f1aad. Consider uploading reports for the commit 02f1aad to get more accurate results
   
   ```diff
   @@               Coverage Diff                @@
   ##             3.0.2-prepare   #12913   +/-   ##
   ================================================
     Coverage                 ?   40.32%           
     Complexity               ?     4638           
   ================================================
     Files                    ?      888           
     Lines                    ?    35230           
     Branches                 ?     3894           
   ================================================
     Hits                     ?    14207           
     Misses                   ?    19634           
     Partials                 ?     1389           
   ```
   
   
   
   :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


[GitHub] [dolphinscheduler] ruanwenjun merged pull request #12913: Script cannot contains ''' in params (#12067)

Posted by GitBox <gi...@apache.org>.
ruanwenjun merged PR #12913:
URL: https://github.com/apache/dolphinscheduler/pull/12913


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #12913: Script cannot contains ''' in params (#12067)

Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #12913:
URL: https://github.com/apache/dolphinscheduler/pull/12913#issuecomment-1316197978

   SonarCloud Quality Gate failed.&nbsp; &nbsp; [![Quality Gate failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png 'Quality Gate failed')](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=12913)
   
   [![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png 'Bug')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=BUG) [![D](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/D-16px.png 'D')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=BUG) [11 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=BUG)  
   [![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png 'Vulnerability')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=VULNERABILITY) [![B](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/B-16px.png 'B')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=VULNERABILITY) [5 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=VULNERABILITY)  
   [![Security Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png 'Security Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=SECURITY_HOTSPOT) [![E](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/E-16px.png 'E')](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=SECURITY_HOTSPOT) [4 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=SECURITY_HOTSPOT)  
   [![Code Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png 'Code Smell')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=CODE_SMELL) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=CODE_SMELL) [580 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=CODE_SMELL)
   
   [![40.1%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/40-16px.png '40.1%')](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=12913&metric=new_coverage&view=list) [40.1% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=12913&metric=new_coverage&view=list)  
   [![7.4%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/10-16px.png '7.4%')](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=12913&metric=new_duplicated_lines_density&view=list) [7.4% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=12913&metric=new_duplicated_lines_density&view=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #12913: Script cannot contains ''' in params (#12067)

Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #12913:
URL: https://github.com/apache/dolphinscheduler/pull/12913#issuecomment-1316197403

   SonarCloud Quality Gate failed.&nbsp; &nbsp; [![Quality Gate failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png 'Quality Gate failed')](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=12913)
   
   [![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png 'Bug')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=BUG) [![D](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/D-16px.png 'D')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=BUG) [11 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=BUG)  
   [![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png 'Vulnerability')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=VULNERABILITY) [![B](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/B-16px.png 'B')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=VULNERABILITY) [5 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=VULNERABILITY)  
   [![Security Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png 'Security Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=SECURITY_HOTSPOT) [![E](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/E-16px.png 'E')](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=SECURITY_HOTSPOT) [4 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=SECURITY_HOTSPOT)  
   [![Code Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png 'Code Smell')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=CODE_SMELL) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=CODE_SMELL) [580 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=12913&resolved=false&types=CODE_SMELL)
   
   [![40.1%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/40-16px.png '40.1%')](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=12913&metric=new_coverage&view=list) [40.1% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=12913&metric=new_coverage&view=list)  
   [![7.4%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/10-16px.png '7.4%')](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=12913&metric=new_duplicated_lines_density&view=list) [7.4% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=12913&metric=new_duplicated_lines_density&view=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


[GitHub] [dolphinscheduler] ruanwenjun commented on pull request #12913: Script cannot contains ''' in params (#12067)

Posted by GitBox <gi...@apache.org>.
ruanwenjun commented on PR #12913:
URL: https://github.com/apache/dolphinscheduler/pull/12913#issuecomment-1316380774

   > I wonder whether we should support escape characters?
   
   Could you please provide a example?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


[GitHub] [dolphinscheduler] Radeity commented on pull request #12913: Script cannot contains ''' in params (#12067)

Posted by GitBox <gi...@apache.org>.
Radeity commented on PR #12913:
URL: https://github.com/apache/dolphinscheduler/pull/12913#issuecomment-1316496183

   > > I wonder whether we should support escape characters?
   > 
   > Could you please provide an example?
   
   I mean use escape characters to handle special characters in script to prevent injection, like what `preparedStatement` does when cope with sql injection.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org