Apply realpathSync sooner

Fixes lint: https://github.com/github/codeql-action/pull/67/checks?check_run_id=777215812
github · Jun 16, 2020 · 013c027 · 013c027
1 parent 0b53ebb
commit 013c027
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/lib/config-utils.js b/lib/config-utils.js
diff --git a/lib/config-utils.js.map b/lib/config-utils.js.map
diff --git a/src/config-utils.ts b/src/config-utils.ts
@@ -51,16 +51,16 @@ export class Config {
             const localQueryPath = queryUses.slice(2);
             // Resolve the local path against the workspace so that when this is
             // passed to codeql it resolves to exactly the path we expect it to resolve to.
-            const workspacePath = util.getRequiredEnvParam('GITHUB_WORKSPACE');
-            const absoluteQueryPath = path.join(workspacePath, localQueryPath);
+            const workspacePath = fs.realpathSync(util.getRequiredEnvParam('GITHUB_WORKSPACE'));
+            const absoluteQueryPath = fs.realpathSync(path.join(workspacePath, localQueryPath));
 
             // Check the file exists
             if (!fs.existsSync(absoluteQueryPath)) {
                 throw new Error(getLocalPathDoesNotExist(configFile, localQueryPath));
             }
 
             // Check the local path doesn't jump outside the repo using '..' or symlinks
-            if (!(fs.realpathSync(absoluteQueryPath) + path.sep).startsWith(fs.realpathSync(workspacePath) + path.sep)) {
+            if (!(absoluteQueryPath + path.sep).startsWith(workspacePath + path.sep)) {
                 throw new Error(getLocalPathOutsideOfRepository(configFile, localQueryPath));
             }