Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

use full paths when calling exec command #2437

Merged
merged 2 commits into from
Jun 13, 2023
Merged

Conversation

rubys
Copy link
Contributor

@rubys rubys commented Jun 13, 2023

@kzys
Copy link
Member

kzys commented Jun 13, 2023

Putting relative paths in PATH is bad. Go changed the behavior as you noted. Rust did it too in rust-lang/rust#87704.

Is to coming from customers' own configuration (like ~/.bashrc) or tools (like Bundler)?

@rubys
Copy link
Contributor Author

rubys commented Jun 13, 2023

Putting relative paths in PATH is commonplace for Ruby. Example: https://github.com/rbenv/rbenv/wiki/Understanding-binstubs#adding-project-specific-binstubs-to-path ; note the security concern mentioned on that page.

scanner/rails.go Outdated Show resolved Hide resolved
scanner/rails.go Outdated Show resolved Hide resolved
@kzys
Copy link
Member

kzys commented Jun 13, 2023

Oh rbenv...

@rubys rubys merged commit 186d91e into master Jun 13, 2023
@rubys rubys deleted the full-path-exec-command branch June 13, 2023 21:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants