Commit e06e763
committed
fix(security): CVE-2026-27143 in git-credential-oauth 0.17.2-r3 (#69859)
* fix(security): CVE-2026-27143 in git-credential-oauth
* fix: git-credential-oauth test failure - capture output before grep
The test `git-credential-oauth -verbose 2>&1 | grep 0.17.2` was failing
because `git-credential-oauth -verbose` exits with status 2 when run
without a git credentials context (no git operation in progress).
With `set -eo pipefail`, the pipe fails even though the binary does
print the version string and grep would succeed.
Fix by capturing the output first with command substitution and `|| true`
to suppress the non-zero exit, then grep the captured output:
output=$(git-credential-oauth -verbose 2>&1 || true)
echo "$output" | grep ${{package.version}}
---------
Co-authored-by: cve-remediation <cve-remediation@chainguard.dev>
Export: 25954bd531261911aa204a6049d6933f5fc1d7341 parent 027f205 commit e06e763
1 file changed
Lines changed: 3 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | 3 | | |
4 | | - | |
| 4 | + | |
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
| |||
36 | 36 | | |
37 | 37 | | |
38 | 38 | | |
39 | | - | |
| 39 | + | |
| 40 | + | |
40 | 41 | | |
41 | 42 | | |
42 | 43 | | |
| |||
0 commit comments