From c97e5481fb91932dc137da94de0a189d54bdc694 Mon Sep 17 00:00:00 2001
From: Daniel Barnes <dabarnes2b@gmail.com>
Date: Sat, 8 Oct 2022 15:07:48 -0700
Subject: [PATCH] CodeQL recommendations (#1218)

* url parsing based on codeql results

* Update src/drivers/github.js

* debug

* lazy debugging

* bad ternary?

* lazy debugging

* Revert things

This reverts commit df90c98f220d7bad08a4313277bc77ec8a08401a.

This reverts commit f11c8ae959cf73276bc07c5a641b2c5eab5d2bdd.

This reverts commit 39d0a456180be3908d15b899b1c946fb3b1e5d13.

* Cleanup
---
 bin/cml/asset/publish.js | 4 ++--
 src/cml.js               | 7 ++++---
 src/drivers/github.js    | 5 ++---
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/bin/cml/asset/publish.js b/bin/cml/asset/publish.js
index 208deb2cd..d545c0fe2 100644
--- a/bin/cml/asset/publish.js
+++ b/bin/cml/asset/publish.js
@@ -15,8 +15,8 @@ exports.handler = async (opts) => {
     opts.native = true;
   }
 
-  const { file, repo, native, asset: path } = opts;
-  const cml = new CML({ ...opts, repo: native ? repo : 'cml' });
+  const { file, asset: path } = opts;
+  const cml = new CML({ ...opts });
   const output = await cml.publish({ ...opts, path });
 
   if (!file) console.log(output);
diff --git a/src/cml.js b/src/cml.js
index 8a755e26b..b303942d8 100755
--- a/src/cml.js
+++ b/src/cml.js
@@ -69,9 +69,10 @@ const inferToken = () => {
 const inferDriver = (opts = {}) => {
   const { repo } = opts;
   if (repo) {
-    if (repo.includes('github.com')) return GITHUB;
-    if (repo.includes('gitlab.com')) return GITLAB;
-    if (/bitbucket\.(com|org)/.test(repo)) return BB;
+    const url = new URL(repo);
+    if (url.hostname === 'github.com') return GITHUB;
+    if (url.hostname === 'gitlab.com') return GITLAB;
+    if (/bitbucket\.(com|org)/.test(url.hostname)) return BB;
   }
 
   if (GITHUB_REPOSITORY) return GITHUB;
diff --git a/src/drivers/github.js b/src/drivers/github.js
index a4ab4fd81..5362f59e5 100644
--- a/src/drivers/github.js
+++ b/src/drivers/github.js
@@ -66,11 +66,10 @@ const octokit = (token, repo) => {
       onAbuseLimit: throttleHandler
     }
   };
-
-  if (!repo.includes('github.com')) {
+  const { host, hostname } = new url.URL(repo);
+  if (hostname !== 'github.com') {
     // GitHub Enterprise, use the: repo URL host + '/api/v3' - as baseURL
     // as per: https://developer.github.com/enterprise/v3/enterprise-admin/#endpoint-urls
-    const { host } = new url.URL(repo);
     octokitOptions.baseUrl = `https://${host}/api/v3`;
   }