josh/Catalyst
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 13 Wiki Activity

fix: remove npm cache and fix release notes shell injection
All checks were successful
CI / test (pull_request) Successful in 14s
Details
CI / build-dev (pull_request) Has been skipped
Details

Browse Source 
cache: npm caused ~4min ETIMEDOUT on every run (cache service unreachable).

Commit messages containing backticks were shell-expanded inside the
curl -d "..." string, causing 'sha: No such file or directory'. Fixed by
writing release notes to a temp file and using python3 to build the JSON
payload, then passing it to curl with --data @file.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Josh Wright
2026-03-28 13:49:38 -04:00
parent 3037381084
commit 3233d65db0
1 changed files with 17 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
.gitea/workflows/release.yml
View File

@@ -20,7 +20,6 @@ jobs:
- uses: actions/setup-node@v4 - uses: actions/setup-node@v4
with: with:
node-version: 'lts/*' node-version: 'lts/*'
cache: npm
- run: npm ci - run: npm ci
- run: npm test - run: npm test
@@ -48,12 +47,10 @@ jobs:
run: | run: |
LAST_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo "") LAST_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo "")
if [ -n "$LAST_TAG" ]; then if [ -n "$LAST_TAG" ]; then
NOTES=$(git log "${LAST_TAG}..HEAD" --pretty=format:"- %s" --no-merges) git log "${LAST_TAG}..HEAD" --pretty=format:"- %s" --no-merges > /tmp/release_notes.txt
else else
NOTES=$(git log --pretty=format:"- %s" --no-merges) git log --pretty=format:"- %s" --no-merges > /tmp/release_notes.txt
fi fi
NOTES_JSON=$(printf '%s' "$NOTES" | python3 -c "import sys,json; print(json.dumps(sys.stdin.read()))")
echo "NOTES=${NOTES_JSON}" >> $GITEA_ENV
- name: Docker metadata - name: Docker metadata
id: meta id: meta
@@ -82,14 +79,22 @@ jobs:
- name: Create Gitea release - name: Create Gitea release
run: | run: |
python3 -c "
import json, os
notes = open('/tmp/release_notes.txt').read()
version = os.environ['VERSION']
image = os.environ['IMAGE']
payload = {
'tag_name': 'v' + version,
'name': 'Catalyst v' + version,
'body': '### Changes\n\n' + notes + '\n\n### Image\n\n\`' + image + ':' + version + '\`',
'draft': False,
'prerelease': False,
}
print(json.dumps(payload))
" > /tmp/release_body.json
curl -sf -X POST \ curl -sf -X POST \
-H "Authorization: token ${{ secrets.TOKEN }}" \ -H "Authorization: token ${{ secrets.TOKEN }}" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
"${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}/releases" \ "${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}/releases" \
-d "{ --data @/tmp/release_body.json
\"tag_name\": \"v${{ env.VERSION }}\",
\"name\": \"Catalyst v${{ env.VERSION }}\",
\"body\": \"### Changes\n\n${{ env.NOTES }}\n\n### Image\n\n\`${{ env.IMAGE }}:${{ env.VERSION }}\`\",
\"draft\": false,
\"prerelease\": false
}"