Skip to content

Add trap to ensure temp file cleanup in SRI script #266

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
myoshi2891 merged 3 commits into from
Feb 11, 2026
Merged

Add trap to ensure temp file cleanup in SRI script #266

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1e9467a
Add trap to ensure temp file cleanup in SRI script
myoshi2891 Feb 11, 2026
b4fd957
📝 Add docstrings to `dev-from-macmini`
coderabbitai[bot] Feb 11, 2026
0ca9ac2
Merge pull request #267 from myoshi2891/coderabbitai/docstrings/1e9467a
myoshi2891 Feb 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions calc_sri_fix.sh
100755 → 100644
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,21 +2,21 @@

set -euo pipefail

# calculate_sri downloads the given URL, computes the SHA-384 SRI hash of its content (base64) and echoes a line "<url> sha384-<base64_hash>".
calculate_sri() {
url="$1"
temp_file=$(mktemp)
trap 'rm -f "$temp_file"' RETURN
Comment on lines 7 to +9

@coderabbitai coderabbitai Bot Feb 11, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion | 🟠 Major

urltemp_filelocal で宣言してください。

関数内で local を使わずに変数を代入しているため、グローバルスコープを汚染します。trap 内の $temp_file はトラップ発火時に展開されるため、もし将来的に並列呼び出しや入れ子呼び出しが発生した場合、意図しないファイルを削除するリスクがあります。

♻️ 修正案 
 calculate_sri() {
-    url="$1"
-    temp_file=$(mktemp)
+    local url="$1"
+    local temp_file
+    temp_file=$(mktemp)
     trap 'rm -f "$temp_file"' RETURN
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
url="$1"
temp_file=$(mktemp)
trap 'rm -f "$temp_file"' RETURN
local url="$1"
local temp_file
temp_file=$(mktemp)
trap 'rm -f "$temp_file"' RETURN
🤖 Prompt for AI Agents 
In `@calc_sri_fix.sh` around lines 7 - 9, 関数内でグローバルを汚染しているので、変数 url と temp_file
をローカル化してください(宣言する名前: url,
temp_file);さらにトラップの対象ファイルが将来の並列/入れ子呼び出しで変わらないように、トラップ登録時に temp_file
の現在値を固定する形式に変更してください(参照箇所: 変数 url, 変数 temp_file, 現在の trap 'rm -f "$temp_file"'
RETURN)。


# curl options: -f (fail on HTTP error), -S (show error), -s (silent equivalent), -L (follow redirects)
if ! curl -fS -sL "$url" -o "$temp_file"; then
echo "Error downloading $url" >&2
rm -f "$temp_file"
return 1
fi

# Check for empty response
if [ ! -s "$temp_file" ]; then
echo "Error: Empty response from $url" >&2
rm -f "$temp_file"
return 1
fi

Expand All @@ -26,4 +26,4 @@ calculate_sri() {
}

calculate_sri "https://cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/plugins/line-numbers/prism-line-numbers.min.js"
calculate_sri "https://cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/plugins/toolbar/prism-toolbar.min.js"
calculate_sri "https://cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/plugins/toolbar/prism-toolbar.min.js"