syncd是一款开源的代码部署工具,它具有简单、高效、易用等特点,可以提高团队的工作效率.

Syncd - 自动化部署工具

Syncd是一款开源的代码部署工具,它具有简单、高效、易用等特点,可以提高团队的工作效率。

码云GVP项目

文档

查看文档

特性

  • Go语言开发,编译简单、运行高效
  • Web界面访问,交互友好
  • 权限模型灵活自由
  • 支持自定义构建
  • 支持Git仓库
  • 支持分支、Tag上线
  • 部署Hook支持,可扩展性强
  • 完善的上线工作流
  • 邮件通知机制

项目地址

Github: https://github.com/dreamans/syncd

Gitee: https://gitee.com/dreamans/syncd

获取帮助

Syncd使用交流QQ群①: 725302833

捐赠

Syncd的发展离不开您的支持,前往捐赠

LICENSE

本项目采用 MIT 开源授权许可证,完整的授权说明已放置在 LICENSE 文件中。

Owner
Comments
  • 发布-提交上线申请无法获取项目空间

    发布-提交上线申请无法获取项目空间

    syncd版本: 1.1.2
    系统版本: Linux version 4.4.0-17134-Microsoft ([email protected]) (gcc version 5.4.0 (GCC) ) #523-Microsoft Mon Dec 31 17:49:00 PST 2018
    other: git version 2.18.0, go-latest, mysql8

    问题: 已经配置了两个项目空间, 分别配置了两个项目, 日志信息配置输出控制台, 控制台没有看到错误信息, 但是在提交上线申请时无法获取项目空间. 是我配置或者是使用上还有问题吗?

    图-无法获取项目 image

    图-已配置的项目空间 image

    图-已配置项目空间所属的项目 image

    图-syncd运行图 image

  • tar (child): /tmp/.syncd/tmp/syncd_1_1.tar.gz:无法 open: 没有那个文件或目录

    tar (child): /tmp/.syncd/tmp/syncd_1_1.tar.gz:无法 open: 没有那个文件或目录

    使用版本Syncd-v1.1.2-linux-amd64 系统CENTOS7.4 git version 2.21.0 syncd@localhost:~$ 上线失败 Error Output >>> task run failed, exit status 141 tar (child): /tmp/.syncd/tmp/syncd_1_1.tar.gz:无法 open: 没有那个文件或目录 tar (child): Error is not recoverable: exiting now

    更新代码仓库文件 完成 拉取代码文件 完成 打包 失败 task run failed, exit status 141 tar (child): /tmp/.syncd/tmp/syncd_1_1.tar.gz:无法 open: 没有那个文件或目录 tar (child): Error is not recoverable: exiting now

  • 按照官方文档无法编译安装

    按照官方文档无法编译安装

    使用安装命令:curl https://syncd.cc/install.sh | bash 报错:unrecognized import path "cloud.google.com/go" (get https://cloud.google.com/go?go-get=1:dial tcp 172.217.27.142:443: i/o timeout)

  • make

    make

    go: downloading github.com/google/go-cmp v0.2.0 go build -o syncd_bin ./syncd/main.go

    runtime

    /usr/local/go/src/runtime/map.go:64:2: bucketCntBits redeclared in this block previous declaration at /usr/local/go/src/runtime/hashmap.go:64:18 /usr/local/go/src/runtime/map.go:65:2: bucketCnt redeclared in this block previous declaration at /usr/local/go/src/runtime/hashmap.go:65:23 /usr/local/go/src/runtime/map.go:69:2: loadFactorNum redeclared in this block previous declaration at /usr/local/go/src/runtime/hashmap.go:69:18 /usr/local/go/src/runtime/map.go:70:2: loadFactorDen redeclared in this block previous declaration at /usr/local/go/src/runtime/hashmap.go:70:18 /usr/local/go/src/runtime/map.go:76:2: maxKeySize redeclared in this block previous declaration at /usr/local/go/src/runtime/hashmap.go:76:17 /usr/local/go/src/runtime/map.go:77:2: maxValueSize redeclared in this block previous declaration at /usr/local/go/src/runtime/hashmap.go:77:17 /usr/local/go/src/runtime/map.go:82:2: dataOffset redeclared in this block previous declaration at /usr/local/go/src/runtime/hashmap.go:85:4 /usr/local/go/src/runtime/map.go:91:2: empty redeclared in this block previous declaration at /usr/local/go/src/runtime/hashmap.go:91:19 /usr/local/go/src/runtime/map.go:92:2: evacuatedEmpty redeclared in this block previous declaration at /usr/local/go/src/runtime/hashmap.go:92:19 /usr/local/go/src/runtime/map.go:93:2: evacuatedX redeclared in this block previous declaration at /usr/local/go/src/runtime/hashmap.go:93:19 /usr/local/go/src/runtime/map.go:93:2: too many errors Makefile:16: recipe for target 'build' failed make: *** [build] Error 2

  • 对syncd的一些建议

    对syncd的一些建议

    在使用了一下syncd1.x版本之后,想对未来的版本写一些建议,其中有些也跟作者讨论了一下。

    • 建议增加发布回滚功能,并且保留的项目版本可以由用户自定义。
    • 建议除了排除某些不上线的文件外,支持只允许某些文件上线。
    • 建议增加构建钩子,可选性质(web前端项目可以不构建,npm + webpack的也可以构建, Jq类可不构建),在beforeDepoly钩子前可选执行。
    • 建议增加项目启动/停止/重启等功能按钮和Hook钩子,其执行逻辑可以由用户使用python/shell等脚本实现,和afterDepoly Hook区分。(个人认为部署是由dep --> target server的过程,其他逻辑单元应该是分为不同的钩子去执行,或者是用户可选执行,区别:java类项目需要构建,而web前端则只需发布到Nginx等web服务器即可)

    其他的疑问或者建议待本人多加实验后补充,目前先提那么多,作为备忘

  • emoji 报错解决

    emoji 报错解决

    In order to fully support UTF-8 encoding, you need to change charset=utf8 to charset=utf8mb4. See this article for a detailed explanation.

    我尝试在提交上线单时编写 emoji 字符 test foo𝌆bar,报错如下

    // 前端报错
    {"code":1001,"message":"apply submit failed"}
    // 后端报错
     mysql query error: Error 1366: Incorrect string value: '\xF0\x9D\x8C\x86ba...' 
    

    看到目前代码仅支持 mysql, 索性直接把 utf8mb4 写死了,不知道是否可以。

  • Bump moment from 2.24.0 to 2.29.2 in /web

    Bump moment from 2.24.0 to 2.29.2 in /web

    Bumps moment from 2.24.0 to 2.29.2.

    Changelog

    Sourced from moment's changelog.

    2.29.2 See full changelog

    • Release Apr 3 2022

    Address https://github.com/advisories/GHSA-8hfj-j24r-96c4

    2.29.1 See full changelog

    • Release Oct 6, 2020

    Updated deprecation message, bugfix in hi locale

    2.29.0 See full changelog

    • Release Sept 22, 2020

    New locales (es-mx, bn-bd). Minor bugfixes and locale improvements. More tests. Moment is in maintenance mode. Read more at this link: https://momentjs.com/docs/#/-project-status/

    2.28.0 See full changelog

    • Release Sept 13, 2020

    Fix bug where .format() modifies original instance, and locale updates

    2.27.0 See full changelog

    • Release June 18, 2020

    Added Turkmen locale, other locale improvements, slight TypeScript fixes

    2.26.0 See full changelog

    • Release May 19, 2020

    TypeScript fixes and many locale improvements

    2.25.3

    • Release May 4, 2020

    Remove package.json module property. It looks like webpack behaves differently for modules loaded via module vs jsnext:main.

    2.25.2

    • Release May 4, 2020

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump url-parse from 1.4.4 to 1.5.7 in /web

    Bump url-parse from 1.4.4 to 1.5.7 in /web

    Bumps url-parse from 1.4.4 to 1.5.7.

    Commits
    • 8b3f5f2 1.5.7
    • ef45a13 [fix] Readd the empty userinfo to url.href (#226)
    • 88df234 [doc] Add soft deprecation notice
    • 78e9f2f [security] Fix nits
    • e6fa434 [security] Add credits for incorrect handling of userinfo vulnerability
    • 4c9fa23 1.5.6
    • 7b0b8a6 Merge pull request #223 from unshiftio/fix/at-sign-handling-in-userinfo
    • e4a5807 1.5.5
    • 193b44b [minor] Simplify whitespace regex
    • 319851b [fix] Remove CR, HT, and LF
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump express from 4.17.0 to 4.18.2 in /web

    Bump express from 4.17.0 to 4.18.2 in /web

    Bumps express from 4.17.0 to 4.18.2.

    Release notes

    Sourced from express's releases.

    4.18.2

    4.18.1

    • Fix hanging on large stack of sync routes

    4.18.0

    ... (truncated)

    Changelog

    Sourced from express's changelog.

    4.18.2 / 2022-10-08

    4.18.1 / 2022-04-29

    • Fix hanging on large stack of sync routes

    4.18.0 / 2022-04-25

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump qs from 6.6.0 to 6.6.1 in /web

    Bump qs from 6.6.0 to 6.6.1 in /web

    Bumps qs from 6.6.0 to 6.6.1.

    Changelog

    Sourced from qs's changelog.

    6.6.1

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
    • [Fix] utils.merge: avoid a crash with a null target and an array source
    • [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
    • [Fix] correctly parse nested arrays
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [Robustness] stringify: cache Object.prototype.hasOwnProperty
    • [Refactor] formats: tiny bit of cleanup.
    • [Refactor] utils: isBuffer: small tweak; add tests
    • [Refactor]: stringify/utils: cache Array.isArray
    • [Refactor] utils: reduce observable [[Get]]s
    • [Refactor] use cached Array.isArray
    • [Refactor] parse/stringify: make a function to normalize the options
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] Clarify the need for "arrayLimit" option
    • [meta] fix README.md (#399)
    • [meta] do not publish workflow files
    • [meta] Clean up license text so it’s properly detected as BSD-3-Clause
    • [meta] add FUNDING.yml
    • [meta] Fixes typo in CHANGELOG.md
    • [actions] backport actions from main
    • [Tests] fix Buffer tests to work in node < 4.5 and node < 5.10
    • [Tests] always use String(x) over x.toString()
    • [Dev Deps] backport from main
    Commits
    • 4cc653c v6.6.1
    • 5a8c870 [meta] do not publish workflow files
    • 7320525 [Fix] parse: ignore __proto__ keys (#428)
    • 65c669e [Robustness] stringify: avoid relying on a global undefined (#427)
    • 6024134 [readme] remove travis badge; add github actions/codecov badges; update URLs
    • 33b27f4 [meta] fix README.md (#399)
    • 54530e2 [actions] backport actions from main
    • 8e8e1ef Clean up license text so it’s properly detected as BSD-3-Clause
    • 16148bd add FUNDING.yml
    • 1e7aa19 [Refactor] formats: tiny bit of cleanup.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump decode-uri-component from 0.2.0 to 0.2.2 in /web

    Bump decode-uri-component from 0.2.0 to 0.2.2 in /web

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump css-what from 2.1.2 to 2.1.3 in /web

    Bump css-what from 2.1.2 to 2.1.3 in /web

    Bumps css-what from 2.1.2 to 2.1.3.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump moment from 2.24.0 to 2.29.4 in /web

    Bump moment from 2.24.0 to 2.29.4 in /web

    Bumps moment from 2.24.0 to 2.29.4.

    Changelog

    Sourced from moment's changelog.

    2.29.4

    • Release Jul 6, 2022
      • #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

    2.29.3 Full changelog

    • Release Apr 17, 2022
      • #5995 [bugfix] Remove const usage
      • #5990 misc: fix advisory link

    2.29.2 See full changelog

    • Release Apr 3 2022

    Address https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4

    2.29.1 See full changelog

    • Release Oct 6, 2020

    Updated deprecation message, bugfix in hi locale

    2.29.0 See full changelog

    • Release Sept 22, 2020

    New locales (es-mx, bn-bd). Minor bugfixes and locale improvements. More tests. Moment is in maintenance mode. Read more at this link: https://momentjs.com/docs/#/-project-status/

    2.28.0 See full changelog

    • Release Sept 13, 2020

    Fix bug where .format() modifies original instance, and locale updates

    2.27.0 See full changelog

    • Release June 18, 2020

    Added Turkmen locale, other locale improvements, slight TypeScript fixes

    2.26.0 See full changelog

    • Release May 19, 2020

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump shell-quote from 1.6.1 to 1.7.3 in /web

    Bump shell-quote from 1.6.1 to 1.7.3 in /web

    Bumps shell-quote from 1.6.1 to 1.7.3.

    Release notes

    Sourced from shell-quote's releases.

    v1.7.2

    • Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. (144e1c2)

    v1.7.1

    • Fix $ being removed when not part of an environment variable name. (@​Adman in #32)

    v1.7.0

    • Add support for parsing >> and >& redirection operators. (@​forivall in #16)
    • Add support for parsing <( process substitution operator. (@​cuonglm in #15)

    v1.6.3

    • Fix Windows path quoting problems. (@​dy in #34)

    v1.6.2

    • Remove dependencies in favour of native methods. (@​zertosh in #21)
    Changelog

    Sourced from shell-quote's changelog.

    1.7.3

    • Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the quoting rules. (CVE-2021-42740)

    1.7.2

    • Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. (144e1c2)

    1.7.1

    • Fix $ being removed when not part of an environment variable name. (@​Adman in #32)

    1.7.0

    • Add support for parsing >> and >& redirection operators. (@​forivall in #16)
    • Add support for parsing <( process substitution operator. (@​cuonglm in #15)

    1.6.3

    • Fix Windows path quoting problems. (@​dy in #34)

    1.6.2

    • Remove dependencies in favour of native methods. (@​zertosh in #21)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.