Skip to content

fix(tflint-installer): Scope regex to avoid release json overmatches#997

Open
RoseSecurity wants to merge 1 commit into
antonbabenko:masterfrom
RoseSecurity:fix-failing-docker-builds
Open

fix(tflint-installer): Scope regex to avoid release json overmatches#997
RoseSecurity wants to merge 1 commit into
antonbabenko:masterfrom
RoseSecurity:fix-failing-docker-builds

Conversation

@RoseSecurity

@RoseSecurity RoseSecurity commented Jun 19, 2026

Copy link
Copy Markdown

Put an x into the box if that apply:

  • This PR introduces breaking change.
  • This PR fixes a bug.
  • This PR adds new functionality.
  • This PR enhances existing functionality.

Description of your changes

  • It looks like the two most recent releases have failed to push Docker containers to the registry. After a little vibe-troubleshooting, this is what I have
  • Fixes the Docker image build failure in /install/tflint.sh by narrowing the TFLint GitHub release URL regex. The previous https://.+?... pattern could overmatch GitHub API JSON and pass curl a malformed URL, causing exit code 3. The new https://[^\"]*... pattern stops at the JSON string boundary while still matching the linux amd64/arm64 TFLint zip assets.

How can we test changes

docker build \
    --build-arg INSTALL_ALL=true \
    --platform linux/amd64 \
    -t pre-commit-terraform:tflint-fix-test .

@coderabbitai

coderabbitai Bot commented Jun 19, 2026
edited
Loading

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

In tools/install/tflint.sh, the two GitHub release URL regex patterns (GH_RELEASE_REGEX_SPECIFIC_VERSION and GH_RELEASE_REGEX_LATEST) are updated to replace broad .+? matching with the stricter [^\"]* character class, preventing the patterns from matching across quoted URL boundaries.

Changes

tflint URL Regex Tightening

Layer / File(s) Summary
Stricter URL regex patterns
tools/install/tflint.sh		 Both GH_RELEASE_REGEX_SPECIFIC_VERSION and GH_RELEASE_REGEX_LATEST replace https://.+?/-style matching with https://[^\"]*/ to restrict matches to within a quoted URL string.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description check ✅ Passed The description clearly relates to the changeset, explaining the bug being fixed (overly broad regex causing Docker build failure) and the solution (narrowing the regex pattern).
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Title check ✅ Passed The title directly addresses the main change: fixing an overly broad regex pattern in tflint.sh to prevent matching beyond JSON URL boundaries.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@RoseSecurity RoseSecurity changed the title fix(tflint-installer): scope regex to avoid release json overmatches fix(tflint-installer): Scope regex to avoid release json overmatches Jun 19, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MaxymVlasov MaxymVlasov Awaiting requested review from MaxymVlasov MaxymVlasov is a code owner

@yermulnik yermulnik Awaiting requested review from yermulnik yermulnik is a code owner

@antonbabenko antonbabenko Awaiting requested review from antonbabenko antonbabenko is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@RoseSecurity