community-scripts/ProxmoxVE
1
0
Fork 0
mirror of https://github.com/community-scripts/ProxmoxVE.git synced 2026-03-03 16:15:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Only strip v for digit tags; sanitize version

Browse Source 
Improve GitHub release tag handling: only remove a leading 'v' when it's followed by a digit (avoids mangling tags like "version/..."), and sanitize the derived version string for filenames by replacing '/' with '-'. Use the sanitized version when constructing the downloaded tarball filename to prevent invalid or unexpected paths.
This commit is contained in:
CanbiZ (MickLesk)
2026-03-02 09:16:25 +01:00
parent f2970522a9
commit e3af8ad287
1 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
misc/tools.func
View File

@@ -2195,7 +2195,12 @@ check_for_gh_release() {
local clean_tags=()
for t in "${raw_tags[@]}"; do
clean_tags+=("${t#v}")
# Only strip leading 'v' when followed by a digit (e.g. v1.2.3)
if [[ "$t" =~ ^v[0-9] ]]; then
clean_tags+=("${t:1}")
else
clean_tags+=("$t")
fi
done
local latest_raw="${raw_tags[0]}"
@@ -2308,7 +2313,12 @@ check_for_codeberg_release() {
local clean_tags=()
for t in "${raw_tags[@]}"; do
clean_tags+=("${t#v}")
# Only strip leading 'v' when followed by a digit (e.g. v1.2.3)
if [[ "$t" =~ ^v[0-9] ]]; then
clean_tags+=("${t:1}")
else
clean_tags+=("$t")
fi
done
local latest_raw="${raw_tags[0]}"
@@ -3138,7 +3148,10 @@ function fetch_and_deploy_gh_release() {
local json tag_name
json=$(</tmp/gh_rel.json)
tag_name=$(echo "$json" | jq -r '.tag_name // .name // empty')
[[ "$tag_name" =~ ^v ]] && version="${tag_name:1}" || version="$tag_name"
# Only strip leading 'v' when followed by a digit (e.g. v1.2.3), not words like "version/..."
[[ "$tag_name" =~ ^v[0-9] ]] && version="${tag_name:1}" || version="$tag_name"
# Sanitize version for use in filenames (replace / with -)
local version_safe="${version//\//-}"
if [[ "$current_version" == "$version" ]]; then
$STD msg_ok "$app is already up-to-date (v$version)"
@@ -3159,7 +3172,7 @@ function fetch_and_deploy_gh_release() {
# GitHub API's tarball_url/zipball_url can return HTTP 300 Multiple Choices
# when a branch and tag share the same name. Use explicit refs/tags/ URL instead.
local direct_tarball_url="https://github.com/$repo/archive/refs/tags/$tag_name.tar.gz"
filename="${app_lc}-${version}.tar.gz"
filename="${app_lc}-${version_safe}.tar.gz"
curl $download_timeout -fsSL -o "$tmpdir/$filename" "$direct_tarball_url" || {
msg_error "Download failed: $direct_tarball_url"