Skip to content

Commit 7336720

Browse files
OctavianGuzuOctavianGuzu
authored
Improve gh.sh wrapper: stricter validation and better error messages (#996)
- Use allowlist for issue view (numeric issue numbers only) - Enforce zero positional args for issue list / label list - Pin GH_HOST and GH_REPO explicitly to avoid ambient state - Add descriptive error messages with usage examples
1 parent 64c7a0e commit 7336720

File tree

1 file changed

+23
-12
lines changed

1 file changed

+23
-12
lines changed

scripts/gh.sh

Lines changed: 23 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,15 @@ set -euo pipefail
1111
# ./scripts/gh.sh search issues "search query" --limit 10
1212
# ./scripts/gh.sh label list --limit 100
1313

14+
export GH_HOST=github.com
15+
16+
REPO="${GH_REPO:-${GITHUB_REPOSITORY:-}}"
17+
if [[ -z "$REPO" || "$REPO" == */*/* || "$REPO" != */* ]]; then
18+
echo "Error: GH_REPO or GITHUB_REPOSITORY must be set to owner/repo format (e.g., GITHUB_REPOSITORY=anthropics/claude-code)" >&2
19+
exit 1
20+
fi
21+
export GH_REPO="$REPO"
22+
1423
ALLOWED_FLAGS=(--comments --state --limit --label)
1524
FLAGS_WITH_VALUES=(--state --limit --label)
1625

@@ -21,6 +30,7 @@ case "$CMD" in
2130
"issue view"|"issue list"|"search issues"|"label list")
2231
;;
2332
*)
33+
echo "Error: only 'issue view', 'issue list', 'search issues', 'label list' are allowed (e.g., ./scripts/gh.sh issue view 123)" >&2
2434
exit 1
2535
;;
2636
esac
@@ -45,6 +55,7 @@ for arg in "$@"; do
4555
fi
4656
done
4757
if [[ "$matched" == false ]]; then
58+
echo "Error: only --comments, --state, --limit, --label flags are allowed (e.g., ./scripts/gh.sh issue list --state open --limit 20)" >&2
4859
exit 1
4960
fi
5061
FLAGS+=("$arg")
@@ -62,24 +73,24 @@ for arg in "$@"; do
6273
fi
6374
done
6475

65-
REPO="${GH_REPO:-${GITHUB_REPOSITORY:-}}"
66-
6776
if [[ "$CMD" == "search issues" ]]; then
68-
if [[ -z "$REPO" ]]; then
69-
exit 1
70-
fi
7177
QUERY="${POSITIONAL[0]:-}"
7278
QUERY_LOWER=$(echo "$QUERY" | tr '[:upper:]' '[:lower:]')
7379
if [[ "$QUERY_LOWER" == *"repo:"* || "$QUERY_LOWER" == *"org:"* || "$QUERY_LOWER" == *"user:"* ]]; then
80+
echo "Error: search query must not contain repo:, org:, or user: qualifiers (e.g., ./scripts/gh.sh search issues \"bug report\" --limit 10)" >&2
7481
exit 1
7582
fi
7683
gh "$SUB1" "$SUB2" "$QUERY" --repo "$REPO" "${FLAGS[@]}"
84+
elif [[ "$CMD" == "issue view" ]]; then
85+
if [[ ${#POSITIONAL[@]} -ne 1 ]] || ! [[ "${POSITIONAL[0]}" =~ ^[0-9]+$ ]]; then
86+
echo "Error: issue view requires exactly one numeric issue number (e.g., ./scripts/gh.sh issue view 123)" >&2
87+
exit 1
88+
fi
89+
gh "$SUB1" "$SUB2" "${POSITIONAL[0]}" "${FLAGS[@]}"
7790
else
78-
# Reject URLs in positional args to prevent cross-repo access
79-
for pos in "${POSITIONAL[@]}"; do
80-
if [[ "$pos" == http://* || "$pos" == https://* ]]; then
81-
exit 1
82-
fi
83-
done
84-
gh "$SUB1" "$SUB2" "${POSITIONAL[@]}" "${FLAGS[@]}"
91+
if [[ ${#POSITIONAL[@]} -ne 0 ]]; then
92+
echo "Error: issue list and label list do not accept positional arguments (e.g., ./scripts/gh.sh issue list --state open, ./scripts/gh.sh label list --limit 100)" >&2
93+
exit 1
94+
fi
95+
gh "$SUB1" "$SUB2" "${FLAGS[@]}"
8596
fi

0 commit comments

Comments
 (0)