Format the codebase with swiftformat #690
Conversation
zenangst
force-pushed
the
swift/format
branch
from
86a78a4 to
ebfa250
Compare
There was a problem hiding this comment.
Pull request overview
This PR applies automated code formatting to the Swift codebase using swiftformat, standardizing the placement of opening braces and indentation throughout the project.
Changes:
- Moved opening braces from new lines to the end of function/initializer/type declarations
- Adjusted indentation in
#if DEBUGsections for consistency - Applied formatting to over 150 files across the codebase
Reviewed changes
Copilot reviewed 162 out of 166 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| UnitTests/Sources/*.swift | Updated test file initializer formatting |
| App/Sources/UI/Windows/*.swift | Standardized window class initializer brace positioning |
| App/Sources/UI/Views/**/*.swift | Formatted all view initializers and computed properties |
| App/Sources/UI/Stores/*.swift | Adjusted DEBUG section indentation |
| App/Sources/Core/**/*.swift | Formatted core functionality initializers and functions |
| Packages/RingBuffer/Sources/RingBuffer/*.swift | Applied formatting to package code |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| checkCancellation: Bool) async throws -> String? { | ||
| let source = """ | ||
| shortcuts run "\(command.shortcutIdentifier)" | ||
| """ |
There was a problem hiding this comment.
The ShortcutsCommandRunner.run method builds a shell script line shortcuts run "\(command.shortcutIdentifier)" via string interpolation and then executes it through the shell, which allows shell command injection if shortcutIdentifier contains quotes or other shell metacharacters. Because shortcutIdentifier is loaded from configuration (and thus can be altered by imported or edited configs), an attacker can craft a value like Shortcut"; rm -rf ~; echo "x" so that when this command executes, the injected shell commands run with the user's privileges. To mitigate this, avoid embedding shortcutIdentifier directly into a shell script string; instead, either escape it robustly for the shell context or invoke the shortcuts tool with it passed as a separate process argument rather than as part of a script line.
There was a problem hiding this comment.
@copilot open a new pull request to apply changes based on this feedback
|
Test: succeeded ✅ |
No description provided.