mirror of https://github.com/garrytan/gstack.git
ed349027f5
Codex code review found two issues:
P1: eval $(gstack-slug) in gstack-repo-mode executes branch names as
shell. Branch names like foo$(touch${IFS}pwned) are valid git refs and
would execute arbitrary commands. Fix: compute SLUG directly with sed
instead of eval'ing gstack-slug output.
P2: git shortlog HEAD only sees current branch history. On feature
branches that haven't merged main recently, other contributors disappear
from the sample. Fix: use git shortlog on the default branch
(origin/main) instead of HEAD.
Also improved blame lookup in collaborative triage to check both the
test file and the production code it covers.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| gstack | ||
| gstack-browse | ||
| gstack-careful | ||
| gstack-design-consultation | ||
| gstack-design-review | ||
| gstack-document-release | ||
| gstack-freeze | ||
| gstack-guard | ||
| gstack-investigate | ||
| gstack-office-hours | ||
| gstack-plan-ceo-review | ||
| gstack-plan-design-review | ||
| gstack-plan-eng-review | ||
| gstack-qa | ||
| gstack-qa-only | ||
| gstack-retro | ||
| gstack-review | ||
| gstack-setup-browser-cookies | ||
| gstack-ship | ||
| gstack-unfreeze | ||
| gstack-upgrade | ||