You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@dolphinscheduler.apache.org by GitBox <gi...@apache.org> on 2022/07/04 05:35:18 UTC

[GitHub] [dolphinscheduler] zhongjiajie opened a new pull request, #10759: [fix] Enhance name pre checker in resource center (#10094)

zhongjiajie opened a new pull request, #10759:
URL: https://github.com/apache/dolphinscheduler/pull/10759

   Add file name and directory checker to avoid directory traversal
   
   * add some missing change and change docs
   
   * change var name in directoryTraversal
   
   * Fix ci
   
   (cherry picked from commit https://github.com/apache/dolphinscheduler/commit/63f835715f8ca8bff79c0e7177ebfa5917ebb3bd)
   
   (cherry picked from commit 63f835715f8ca8bff79c0e7177ebfa5917ebb3bd)
   
   <!--Thanks very much for contributing to Apache DolphinScheduler. Please review https://dolphinscheduler.apache.org/en-us/community/development/pull-request.html before opening a pull request.-->
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [dolphinscheduler] JinyLeeChina merged pull request #10759: [fix] Enhance name pre checker in resource center (#10094)

Posted by GitBox <gi...@apache.org>.

JinyLeeChina merged PR #10759:
URL: https://github.com/apache/dolphinscheduler/pull/10759


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [dolphinscheduler] sonarcloud[bot] commented on pull request #10759: [fix] Enhance name pre checker in resource center (#10094)

Posted by GitBox <gi...@apache.org>.

sonarcloud[bot] commented on PR #10759:
URL: https://github.com/apache/dolphinscheduler/pull/10759#issuecomment-1173383746

   SonarCloud Quality Gate failed.&nbsp; &nbsp; [![Quality Gate failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png 'Quality Gate failed')](https://sonarcloud.io/dashboard?id=apache-dolphinscheduler&pullRequest=10759)
   
   [![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png 'Bug')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=BUG) [![E](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/E-16px.png 'E')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=BUG) [53 Bugs](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=BUG)  
   [![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png 'Vulnerability')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=VULNERABILITY) [![B](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/B-16px.png 'B')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=VULNERABILITY) [6 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=VULNERABILITY)  
   [![Security Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png 'Security Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=SECURITY_HOTSPOT) [![E](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/E-16px.png 'E')](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=SECURITY_HOTSPOT) [11 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=SECURITY_HOTSPOT)  
   [![Code Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png 'Code Smell')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=CODE_SMELL) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=CODE_SMELL) [1321 Code Smells](https://sonarcloud.io/project/issues?id=apache-dolphinscheduler&pullRequest=10759&resolved=false&types=CODE_SMELL)
   
   [![19.4%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/0-16px.png '19.4%')](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=10759&metric=new_coverage&view=list) [19.4% Coverage](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=10759&metric=new_coverage&view=list)  
   [![4.5%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/5-16px.png '4.5%')](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=10759&metric=new_duplicated_lines_density&view=list) [4.5% Duplication](https://sonarcloud.io/component_measures?id=apache-dolphinscheduler&pullRequest=10759&metric=new_duplicated_lines_density&view=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [dolphinscheduler] codecov-commenter commented on pull request #10759: [fix] Enhance name pre checker in resource center (#10094)

Posted by GitBox <gi...@apache.org>.

codecov-commenter commented on PR #10759:
URL: https://github.com/apache/dolphinscheduler/pull/10759#issuecomment-1173376490

   # [Codecov](https://codecov.io/gh/apache/dolphinscheduler/pull/10759?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
   > :exclamation: No coverage uploaded for pull request base (`2.0.6-prepare@367b29b`). [Click here to learn what that means](https://docs.codecov.io/docs/error-reference?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#section-missing-base-commit).
   > The diff coverage is `n/a`.
   
   ```diff
   @@               Coverage Diff                @@
   ##             2.0.6-prepare   #10759   +/-   ##
   ================================================
     Coverage                 ?   20.89%           
     Complexity               ?     1604           
   ================================================
     Files                    ?      540           
     Lines                    ?    22886           
     Branches                 ?     2727           
   ================================================
     Hits                     ?     4781           
     Misses                   ?    17613           
     Partials                 ?      492           
   ```
   
   
   
   ------
   
   [Continue to review full report at Codecov](https://codecov.io/gh/apache/dolphinscheduler/pull/10759?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
   > **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
   > `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
   > Powered by [Codecov](https://codecov.io/gh/apache/dolphinscheduler/pull/10759?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [367b29b...cba1923](https://codecov.io/gh/apache/dolphinscheduler/pull/10759?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org