Closed chelnak closed 1 year ago
that may have no external impact to Forge modules.
Puppetfiles
.These results were generated with Rangefinder, a tool that helps predict the downstream impact of breaking changes to elements used in Puppet modules. You can run this on the command line to get a full report.
Exact matches are those that we can positively identify via namespace and the declaring modules' metadata. Non-namespaced items, such as Puppet 3.x functions, will always be reported as near matches only.
Prior to this PR there was a possibility that malformed strings could be passed as the resources name. This could lead to unsafe executions on a remote system.
This was also a possibility for the options parameter as it was constrained to a string.
In addition, commands were not properly broken out in to arrays of arguments when passed to the exec resource.
This PR fixes the above by adding validation to the resource name ensuring that the given ppa name conforms to expectation.
Also, commands are now broken down in to arrays of arguments appropriately. This ensures safer execution on the remote system.
Given that the options parameter, passed as a raw string, could lead to unsafe code execution it was reasonable to change the accepted type to an
Optional[Array[String]]
.This means that an array of options can now be passed to the exec resource inside the original command.