Levente Polyak pushed to branch main at Arch Linux / Packaging / Packages / intellij-idea-community-edition
Commits: 0278cf6f by Levente Polyak at 2026-02-07T16:03:28+01:00 nvchecker: replace disallowed cmd source with regex Use regex as cmd sources are hard to control from a dependency point of view and allow for arbitrary code execution, which both are the reason we had limited it down in pkgctl. Fixes #21 - - - - - 1 changed file: - .nvchecker.toml Changes: ===================================== .nvchecker.toml ===================================== @@ -1,3 +1,4 @@ [intellij-idea-community-edition] -source = "cmd" -cmd = "curl -s --location --header \"Accept: application/rdf+xml\" https://www.jetbrains.com/updates/updates.xml | xmllint --xpath \"string(/products/product[@name='IntelliJ IDEA']/channel[@status='release' or @status!='eap']/build/@version)\" -" +source = "regex" +url = "https://www.jetbrains.com/updates/updates.xml"; +regex = 'name="IntelliJ IDEA RELEASE" .*status="release".*\n.*version="([^")]+)"' View it on GitLab: https://gitlab.archlinux.org/archlinux/packaging/packages/intellij-idea-community-edition/-/commit/0278cf6f807ec6c8d4adb5c71b054b8b0e932601 -- View it on GitLab: https://gitlab.archlinux.org/archlinux/packaging/packages/intellij-idea-community-edition/-/commit/0278cf6f807ec6c8d4adb5c71b054b8b0e932601 You're receiving this email because of your account on gitlab.archlinux.org.
