repo.patch: fix command injection
1 files changed, 1 insertions(+), 0 deletions(-) M gitsrht/blueprints/repo.py
M gitsrht/blueprints/repo.py => gitsrht/blueprints/repo.py +1 -0
@@ 577,6 577,7 @@ def patch(owner, repo, ref): "--git-dir", repo.path, "format-patch", "--stdout", "-1", + "--", ref ], timeout=10, stdout=subprocess.PIPE, stderr=sys.stderr) except subprocess.TimeoutExpired: