chalk icon indicating copy to clipboard operation
chalk copied to clipboard
verified publisher icon crashappsec

some `staticExec`s should check the exit code

Open ee7 opened this issue 2 years ago • 0 comments

Example

  1. Download a source archive for chalk
  2. Extract it
  3. cd to the extracted location
  4. Run nimble build

This is relevant for packaging chalk - see https://github.com/crashappsec/internal_tickets/issues/138.

Expected behavior

The build succeeds, and chalk is fully functional. In particular, a chalk insert should insert a chalk mark that contains the git commit ref from which chalk was built, like:

"COMMIT_ID": "e50885d33aa5e66fc75cb8e8f133c2159c6d052a",

Observed behavior

The build succeeds, but then a chalk insert inserts a chalk mark with a bad COMMIT_ID value, which contains an error message instead of a commit ref.

The chalk version output has the same issue:

$ chalk version | grep commit
 ┊ Commit ID      ┊ fatal: not a git repository [etc]    ┊

Diagnosis

We have some staticExec that silently use the command's output even when the command indicates an error:

https://github.com/crashappsec/chalk/blob/cf9ebf8476bf3e3a2399512673e2ccc12dbb8aeb/src/chalk_common.nim#L362-L364

https://github.com/crashappsec/chalk/blob/cf9ebf8476bf3e3a2399512673e2ccc12dbb8aeb/src/attestation.nim#L13-L14

These should use gorgeEx, or some wrapper around that.

ee7 avatar Feb 09 '24 13:02 ee7