Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork32k
[3.12] gh-124651: Quote template strings invenv activation scripts (GH-124712)#126185
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Merged
Uh oh!
There was an error while loading.Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
…ythonGH-124712)This patch properly quotes template strings in `venv` activationscripts. This mitigates potential command injection.(cherry picked from commitd48cc82)
Please review carefully my backport, I'm not sure of what I did :-) @y5c4l3@vsajip: Would you mind to review my backport to 3.12? There was a merge conflict on I also backported manually the changes to:
I removed quotes around |
bedevere-bot commentedOct 30, 2024
vsajip approved these changesOct 31, 2024
8450b24 intopython:3.12 94 of 102 checks passed
Uh oh!
There was an error while loading.Please reload this page.
GH-126269 is a backport of this pull request to the3.11 branch. |
Thanks for the review@vsajip! |
pablogsal pushed a commit that referenced this pull requestNov 1, 2024
ambv pushed a commit that referenced this pull requestNov 4, 2024
…GH-124712) (GH-126185) (GH-126269) (GH-126300)(cherry picked from commitae961ae)
ambv pushed a commit that referenced this pull requestNov 4, 2024
Redent0r added a commit to Redent0r/CBL-Mariner that referenced this pull requestNov 6, 2024
Taken frompython/cpython#126185 which is a 3.12 backport ofpython/cpython#124712Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
12 tasks
Redent0r added a commit to Redent0r/CBL-Mariner that referenced this pull requestNov 6, 2024
Taken frompython/cpython#126185 which is a 3.12 backport ofpython/cpython#124712Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
Redent0r added a commit to Redent0r/CBL-Mariner that referenced this pull requestNov 7, 2024
Taken frompython/cpython#126185 which is a 3.12 backport ofpython/cpython#124712Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
Redent0r added a commit to Redent0r/CBL-Mariner that referenced this pull requestNov 7, 2024
Taken frompython/cpython#126185 which is a 3.12 backport ofpython/cpython#124712Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
Redent0r added a commit to Redent0r/CBL-Mariner that referenced this pull requestNov 7, 2024
Taken frompython/cpython#126185 which is a 3.12 backport ofpython/cpython#124712Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
Redent0r added a commit to Redent0r/CBL-Mariner that referenced this pull requestNov 26, 2024
Taken frompython/cpython#126185 which is a 3.12 backport ofpython/cpython#124712Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
Redent0r added a commit to Redent0r/CBL-Mariner that referenced this pull requestDec 18, 2024
Taken frompython/cpython#126185 which is a 3.12 backport ofpython/cpython#124712Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
Redent0r added a commit to Redent0r/CBL-Mariner that referenced this pull requestDec 18, 2024
Taken frompython/cpython#126185 which is a 3.12 backport ofpython/cpython#124712Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
rickprice pushed a commit to ActiveState/cpython that referenced this pull requestMar 6, 2025
… activation scripts (pythonGH-124712) (pythonGH-126185) (pythonGH-126269) (pythonGH-126301)(cherry picked from commitae961ae)
rickprice pushed a commit to ActiveState/cpython that referenced this pull requestMar 6, 2025
… activation scripts (pythonGH-124712) (pythonGH-126185) (pythonGH-126269) (pythonGH-126301)(cherry picked from commitae961ae)
rickprice pushed a commit to ActiveState/cpython that referenced this pull requestMar 7, 2025
… activation scripts (pythonGH-124712) (pythonGH-126185) (pythonGH-126269) (pythonGH-126301)(cherry picked from commitae961ae)
gentoo-bot pushed a commit to gentoo/cpython that referenced this pull requestApr 9, 2025
…ripts (pythonGH-124712) (pythonGH-126185) (pythonGH-126269) (pythonGH-126301)(cherry picked from commitae961ae)
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Labels
None yet
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading.Please reload this page.
This patch properly quotes template strings in
venvactivation scripts. This mitigates potential command injection.(cherry picked from commitd48cc82)
venvactivation scripts do not quote strings properly #124651