refactor(@angular/cli): standardize update command git utility execution#32134
+59 −26
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
All `git` commands now use `execFileSync` instead of `execSync` to prevent shell injection vulnerabilities and provide more predictable execution. `checkCleanGit` now utilizes `git status --porcelain -z` for NUL-terminated output, ensuring correct handling of filenames with spaces or special characters, and preventing potential path trimming bugs. An `execGit` helper function was introduced to reduce code duplication and standardize `git` command execution options. `hasChangesToCommit` now gracefully handles non-Git repositories by returning `false` instead of throwing.
clydinforce-pushed the cli/update-git-helpers branch from 0578dfe to 7ecaef7Compare
alan-agius4 approved these changes Dec 16, 2025
alan-agius4 added action: merge clydin merged commit b103f3b into angular:main 36 checks passed
Uh oh!
There was an error while loading. Please reload this page.
MemberAuthor
clydin commented Dec 16, 2025
This PR was merged into the repository. The changes were merged into the following branches:
|
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
All
gitcommands now useexecFileSyncinstead ofexecSyncto prevent shell injection vulnerabilities and provide more predictable execution.checkCleanGitnow utilizesgit status --porcelain -zfor NUL-terminated output, ensuring correct handling of filenames with spaces or special characters, and preventing potential path trimming bugs. AnexecGithelper function was introduced to reduce code duplication and standardizegitcommand execution options.hasChangesToCommitnow gracefully handles non-Git repositories by returningfalseinstead of throwing.