New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[match] fix match nuke not deleting decrypted files #20776
[match] fix match nuke not deleting decrypted files #20776
Conversation
0f5634d
to
1fbb55f
Compare
1fbb55f
to
868db12
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Great find!! 🙌
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh this is amazing! Thanks for finding and fixing this 😊
Also... hello 👋 🥰
Hey @revolter 👋 Thank you for your contribution to fastlane and congrats on getting this pull request merged 🎉 Please let us know if this change requires an immediate release by adding a comment here 👍 |
Congratulations! 🎉 This was released as part of fastlane 2.211.0 🚀 |
Hello 🤗 Thanks for merging! |
Checklist
bundle exec rspec
from the root directory to see all new and existing tests passbundle exec rubocop -a
to ensure the code style is validci/circleci
builds in the "All checks have passed" section of my PR (connect CircleCI to GitHub if not)Motivation and Context
I noticed that running
fastlane match nuke
and cancelling it (answeringn
to "Do you really want to nuke everything listed above? (y/n)") causes the decrypted git repo to remain in the temp folder, which I personally think it's a security issue.Description
I added an
ensure
block that deletes it, similar to therunner.rb
file.Testing Steps
Add
to your
Gemfile
, and runbundle install
to apply the changes.Then run
bundle exec fastlane match nuke development
, then pressn
, and see that a folder like/var/folders/73/rlp8bl_x5lg1vbv1xbz159d40000gn/T/d20221021-22249-cq51af
still exists, which contains the decrypted certificates and profiles.