[WIP] Add list-dependencies command #403
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
justice-adams-apple
requested review from
shahmishal,
cmcgee1024 and
etcwilde
as code owners
cmcgee1024
reviewed
Jul 22, 2025
| // This is very security sensitive code here and that's why there's special process handling | ||
| // and an allow-list of what we will attempt to run as root. Also, the sudo binary is run directly | ||
| // with a fully-qualified path without any checking in order to avoid TOCTOU. | ||
| guard try Self.allowedInstallCommands.wholeMatch(in: installCmd) != nil else { |
There was a problem hiding this comment.
suggestion: We could do this check before presenting the command to the user. They might try running it themselves without checking.
cmcgee1024
reviewed
Jul 22, 2025
| var format: SwiftlyCore.OutputFormat = .text | ||
|
|
||
| @Flag(name: .shortAndLong, help: "Automatically install missing system dependencies with elevated permissions") | ||
| var installSystemDeps: Bool = false |
There was a problem hiding this comment.
issue: Let's call out sudo as the mechanism that will be used to install the system deps here to make that part clear. Sudo may or may not work for some users and machines.
cmcgee1024
reviewed
Jul 22, 2025
|
|
||
| let p = Process() | ||
| p.executableURL = URL(fileURLWithPath: "/usr/bin/sudo") | ||
| p.arguments = ["-k"] + ["-p", "Enter your sudo password to run the dependency install command right away (Ctrl-C aborts): "] + installCmd.split(separator: " ").map { String($0) } |
There was a problem hiding this comment.
thought: This pattern of invoking sudo came from my previous attempt to eliminate prompts where they weren't needed. It might be better to remove the "-k" and "-p" flags here, and just include the details in the above prompts.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Follow up from #350 and #352
list-depenencieswhich lists toolchain dependencies for the given platorm-IToDo: Add tests