Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Code in help gets executed #479

Closed
dzschille opened this issue Feb 14, 2022 · 0 comments · Fixed by #490
Closed

Code in help gets executed #479

dzschille opened this issue Feb 14, 2022 · 0 comments · Fixed by #490
Labels
bug Something isn't working

Comments

@dzschille
Copy link

dzschille commented Feb 14, 2022
edited
Loading

The command warden env-init --help gets me this output:

warden env-init --help                                                    
/home/linuxbrew/.linuxbrew/Cellar/warden/0.12.0/commands/env-init.help: Zeile 37: .env: Befehl nicht gefunden
/home/linuxbrew/.linuxbrew/Cellar/warden/0.12.0/commands/env-init.help: Zeile 37: /web/: Datei oder Verzeichnis nicht gefunden
Usage:
  env-init <project_name> <environment_type>

Options:
  -h, --help        Display this help menu

Environment Types:
  local               Declares the docker-compose version and labels the project
                      network allowing Warden to recognize it. Must be coupled with
                      per-project configuration. See documentation for details:
                      https://docs.warden.dev/environments/types.html#local

  magento2            Nginx, varnish, php-fpm, db (mariadb), elasticsearch, redis,
                      and rabbitmq services pre configured for Magento 2; on macOS
                      systems code files are synced into container using mutagen
                      session with pub/media, pub/static and var dirs excluded.
                      On Linux code is mounted natively.

  magento1            Nginx, php-fpm, db (mariadb), and redis services
                      pre-configured for running Magento 1

  laravel             Nginx, php-fpm, db (mariadb), and redis services
                      pre-configured for running Laravel

  symfony             Nginx, php-fpm, db (mariadb), and redis services
                      pre-configured for running Symfony 4+
                      Due to the fact that Symfony uses  file too,
                      WEBROOT value of  is used by default

  wordpress           Nginx, php-fpm, db
                      pre-configured for running Wordpress

So everything within the markdown code enclosures ` gets executed. I added `ls -alh` into the text of env-init.help and when i enter the command again my current directory gets listed.

I see it as a security risk to execute the code samples in the help file. And as bug that i can't see them in the printed help text.
I use Ubuntu 20.04 and zsh.
@davidalger davidalger added the bug Something isn't working label Feb 15, 2022
davidalger added a commit that referenced this issue Feb 22, 2022
@davidalger
Corrected syntax of env-init.help command
aed5fbd 
resolves #479
@davidalger davidalger mentioned this issue Feb 22, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Corrected syntax of env-init.help command wardenenv/warden
2 participants
@dzschille @davidalger