我该如何避免使用'eval'和'git-for-each-ref'? [英] How can I avoid using 'eval' in conjunction with 'git-for-each-ref'?
问题描述
git for-each-ref 的大多数高级用法都涉及 eval 。例如, git- for-each-ref 手册页使用 eval 来执行 fmt code> variable:
#!/ bin / sh
fmt ='
r =%(refname)
#...省略,简洁...
'
eval =`git for-each- ref --shell --format =$ fmt\
#...省略,简明...
refs / tags`
eval$ eval
然而, eval
与安全风险相关联;尽可能避免它,被认为是良好的做法。 这是一个真实的例子,改编自这个答案:
#!/ bin / sh
fmt ='
ref =%(refname:short)
如果git merge-base --is-ancestor $ 1 $ ref;然后
printf%s\\\
$ ref
fi
'
eval$(git for-each-ref --shell - format =$ fmtrefs / heads /)
在这个特别的例子中,我该如何避免使用 eval ?我已经查看了 Zenexer的回答中列出的选项,但是我找不到一个可行的方法。我正在寻找可移植的(跨越不同的shell)一个解决方案。
code> eval ,你让 git for-each-ref 以一种容易处理的格式输出数据流。然后,你为这些数据编写一个定制处理器。
git for-each-ref --format< values> \
#更多选项
refs / tags | while read refname object_type< more args> ;做
< code>
完成
至于你给出的具体例子,这里是一个等价的非eval版本:
#!/ bin / bash
if [$#-ne 1];然后
printfusage:git branchesthatcontain< rev> \\\
\\\
exit 1
fi
rev = $ 1
git for-each-ref --format ='%(refname:short)'refs / heads \
|同时阅读ref;做
如果git merge-base --is-ancestor$ rev$ ref;然后
echo$ ref
fi;
完成
出口$?
我必须添加 git-for-each-ref 包含 - shell , - python 和 - tcl code>标志确保数据正确转义:这与接受的答案中的情况不同到您引用的问题。
这个问题和相关答案也是相关的。
Most advanced uses of git for-each-ref that I've come across involve eval. For instance, the last example in the git-for-each-ref man page uses eval in order to execute the contents of the fmt variable:
#!/bin/sh
fmt='
r=%(refname)
# ... omitted, for conciseness ...
'
eval=`git for-each-ref --shell --format="$fmt" \
# ... omitted, for conciseness ...
refs/tags`
eval "$eval"
However, the use of eval is associated with security risks; avoiding it, whenever possible, is considered good practice.
Here is a real example, adapted from this answer:
#!/bin/sh
fmt='
ref=%(refname:short)
if git merge-base --is-ancestor $1 $ref; then
printf "%s\n" "$ref"
fi
'
eval "$(git for-each-ref --shell --format="$fmt" refs/heads/)"
In this particular example, how can I avoid using eval? I've reviewed the options listed in Zenexer's answer, but I couldn't find one that does the trick. I'm looking for as portable (across different shells) a solution as possible.
Instead of treating data as code using eval, you let git for-each-ref output a stream of data in a format that is easy for you to process. Then, you write a custom processor for that data.
git for-each-ref --format "<values>" \
# more options
refs/tags | while read refname object_type <more args> ; do
<code>
done
As for the specific example you gave, here is an equivalent non-eval version:
#!/bin/bash
if [ $# -ne 1 ]; then
printf "usage: git branchesthatcontain <rev>\n\n"
exit 1
fi
rev=$1
git for-each-ref --format='%(refname:short)' refs/heads \
| while read ref; do
if git merge-base --is-ancestor "$rev" "$ref"; then
echo "$ref"
fi;
done
exit $?
I must add that git-for-each-ref does include --shell, --python and --tcl flags which ensures that the data is properly escaped: this is not the same scenario as in the accepted answer to the question you reference.
This question and the associated answer are also relevant.
这篇关于我该如何避免使用'eval'和'git-for-each-ref'?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
