chore: merge rc-v0.42.0#878
Conversation
…common-lib into fix/trigger-view
…common-lib into fix/trigger-view
…custom 404 handling
…common-lib into fix/trigger-view
…package.json and package-lock.json
…common-lib into fix/trigger-view
….json and package-lock.json
…oymentConfigDiffRadioSelect
into chore/misc-fixes # Please enter a commit message to explain why this merge is necessary, # especially if it merges an updated upstream into a topic branch. # # Lines starting with '#' will be ignored, and an empty message aborts # the commit.
refactor: misc fixes
…ib into feat/resource-watcher-ui
…ib into fix/resource-watcher-ui
fix: resource watcher UI
…common-lib into fix/bulk-deploy-trigger
feat: add api options in service
feat: modification on chart registry && git provider icon method
RohitRaj011
requested review from
vikramdevtron and
vivek-devtron
as code owners
chore(version): bump to 1.20.0
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| import { IconName } from '../Icon' | ||
|
|
||
| export const isAWSCodeCommitURL = (url: string = ''): boolean => | ||
| url.includes('git-codecommit.') && url.includes('.amazonaws.com') |
Check failure
Code scanning / CodeQL
Incomplete URL substring sanitization High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 9 months ago
To fix the problem, the code should properly parse the input URL and then inspect the host portion to determine whether it matches the structure of an AWS CodeCommit repository. Specifically, rather than checking for the presence of 'git-codecommit.' and '.amazonaws.com' anywhere in the string, the code should extract the host part of the URL, and then check that it ends with something like .amazonaws.com and contains git-codecommit. as its subdomain or prefix.
The best way to do this is to use the built-in Node.js URL constructor for URL parsing, which is available in all modern Node/TypeScript environments, or to use the legacy url module (require('url')) if you need to support older environments. For this code, assuming it's running in a browser-compatible or Node.js context and TypeScript, the global URL class will suffice.
The changes required:
- In
isAWSCodeCommitURL, parse the URL usingnew URL(url). - Check the
hostproperty (orhostname) of the parsed URL for the pattern: it starts withgit-codecommit.and ends with.amazonaws.com. - Add error handling to prevent throwing on invalid URLs (e.g., via try/catch).
Edit only the isAWSCodeCommitURL function in the file src/Shared/Components/GitProviderIcon/utils.ts.
| @@ -18,8 +18,17 @@ | ||
|
|
||
| import { IconName } from '../Icon' | ||
|
|
||
| export const isAWSCodeCommitURL = (url: string = ''): boolean => | ||
| url.includes('git-codecommit.') && url.includes('.amazonaws.com') | ||
| export const isAWSCodeCommitURL = (url: string = ''): boolean => { | ||
| try { | ||
| const { hostname } = new URL(url); | ||
| return ( | ||
| hostname.startsWith('git-codecommit.') && | ||
| hostname.endsWith('.amazonaws.com') | ||
| ); | ||
| } catch { | ||
| return false; | ||
| } | ||
| } | ||
|
|
||
| export const getGitIconName = (repoUrl: string): IconName => { | ||
| if (repoUrl.includes(GitProviderType.GITHUB)) { |
7 participants
No description provided.