ashfurrow / danger-ruby-swiftlint

A Danger plugin for SwiftLint.
https://rubygems.org/gems/danger-swiftlint
MIT License
203 stars 81 forks source link

Looks like `directory` variable is not escaped #62

Closed Austinate closed 7 years ago

Austinate commented 7 years ago

Hello, first of all — thanks for such an awesome tool!

tl;dr: Looks like directory variable used in danger_plugin.rb is not escaped because i have issues when my pwd contains whitespaces

My setup: Ruby 2.3.3 & rvm 1.28.0 Danger 5.5.3 swiftlint 0.21.0 danger-swiftlint 0.10.0

pwd for my project root folder contains whitespaces (i know it's not a best idea ofc 🙃) and i see next message in logs: Swiftlint will be run from /Users/austinate/Documents/Projects/somefolder/My Project Name

And when it actually tries to pass argument to swiftlint i see in logs a lot of such messages: Unrecognized arguments: "My", "Project", "Name/.swiftlint.yml"

I tried to fix this locally and looks like it works fine when i change this line dir_selected = directory ? File.expand_path(directory) : Dir.pwd to this line: dir_selected = directory ? File.expand_path(directory) : Shellwords.escape(Dir.pwd)

Can anyone advice if this is a correct fix? i can create a PR with this but wanted to ask first since i'm not that familiar with Ruby and gems.

ashfurrow commented 7 years ago

Hey there – thanks for the detailed issue, and especially thanks for looking into a solution. I think you're correct about the nature of the problem and the fix. A pull request sounds like a good next step, let me know if I can help 👍 and thanks again.