From a9e5b83f6b41748675d91124e73711a6d78ee0f6 Mon Sep 17 00:00:00 2001 From: Nikhil Gupta <35272911+nikhil2611@users.noreply.github.com> Date: Mon, 13 Jan 2025 19:09:46 +0530 Subject: [PATCH] updated the IO.read to File.read to fix vulenrability (#3290) Signed-off-by: nikhil2611 --- omnibus/config/projects/chef-workstation.rb | 4 ++-- omnibus/config/software/powershell-scripts.rb | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/omnibus/config/projects/chef-workstation.rb b/omnibus/config/projects/chef-workstation.rb index 4f232d286..0f3c89fb0 100644 --- a/omnibus/config/projects/chef-workstation.rb +++ b/omnibus/config/projects/chef-workstation.rb @@ -38,14 +38,14 @@ end version_file = File.expand_path("../../../VERSION", __dir__) -build_version IO.read(version_file).strip +build_version File.read(version_file).strip build_iteration 1 # In order to prevent unnecessary cache expiration, # package and package version overrides, build_version # and build_iteration are kept in /omnibus_overrides.rb overrides_path = File.expand_path("../../../omnibus_overrides.rb", __dir__) -instance_eval(IO.read(overrides_path), overrides_path) +instance_eval(File.read(overrides_path), overrides_path) dependency "preparation" diff --git a/omnibus/config/software/powershell-scripts.rb b/omnibus/config/software/powershell-scripts.rb index 95d617b1c..e757b37fb 100644 --- a/omnibus/config/software/powershell-scripts.rb +++ b/omnibus/config/software/powershell-scripts.rb @@ -33,7 +33,7 @@ create_directory(psm1_path) chef_module_dir = "#{install_dir}/modules/chef" create_directory(chef_module_dir) - template = ERB.new(IO.read(template_file)) + template = ERB.new(File.read(template_file)) chef_psm1 = template.result File.open(::File.join(psm1_path, "chef.psm1"), "w") { |f| f.write(chef_psm1) } Dir.glob("#{chef_gem_path}/distro/powershell/chef/*").each do |file|