Mirror/git-stats
1
0
Fork 0
mirror of https://github.com/IonicaBizau/git-stats.git synced 2024-12-22 05:12:11 +01:00
Code Issues Projects Releases Packages Wiki Activity

Fix Arbitary Code Execution

Browse source
This commit is contained in:
Alejandro Romero 2020-10-12 14:45:02 +00:00
parent a2ea72c47f
commit 08411bec3c
2 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
lib/index.js
View file

@ -13,7 +13,6 @@ var Ul = require("ul")
, ChildProcess = require("child_process") , ChildProcess = require("child_process")
, Deffy = require("deffy") , Deffy = require("deffy")
, Typpy = require("typpy") , Typpy = require("typpy")
, Exec = ChildProcess.exec
, Spawn = ChildProcess.spawn , Spawn = ChildProcess.spawn
, IterateObject = require("iterate-object") , IterateObject = require("iterate-object")
; ;
@ -528,7 +527,7 @@ GitStats.prototype.ansiCalendar = function (options, callback) {
*/ */
GitStats.prototype.authors = function (options, callback) { GitStats.prototype.authors = function (options, callback) {
var repo = new Gry(options.repo); var repo = new Gry(options.repo);
repo.exec(`shortlog -s -n --all --since "${options.start.toString()}" --until "${options.end.toString()}"`, function (err, stdout) { repo.exec(['shortlog', '-s', '-n', '--all', '--since', options.start.toString(), '--until', options.end.toString()], function (err, stdout) {
if (err) { return callback(err); } if (err) { return callback(err); }
var lines = stdout.split("\n"); var lines = stdout.split("\n");
var pieData = stdout.split("\n").map(function (c) { var pieData = stdout.split("\n").map(function (c) {

2
package.json
View file

@ -39,7 +39,7 @@
"cli-pie": "^2.0.0", "cli-pie": "^2.0.0",
"deffy": "^2.2.2", "deffy": "^2.2.2",
"gitlog-parser": "0.0.4", "gitlog-parser": "0.0.4",
"gry": "^5.0.4", "gry": "^6.0.0",
"is-there": "^4.0.0", "is-there": "^4.0.0",
"iterate-object": "^1.1.0", "iterate-object": "^1.1.0",
"moment": "^2.9.0", "moment": "^2.9.0",