chesleybrown / bitbucket-codeship-status Goto Github PK

No style guide/spec that I can find. Suggest a .jsbeautifyrc to let the editors format according to your preference.

The added Codeship badge should link to the actual passing/failing/running build and not the project's build list.

I think there is no universal link for this, but we could make the link point to our end-point that would make a Codeship REST API call to discover the build id for the last build run on a specific branch, and then redirect to the URL for that specific build.

I can't track down why, as the code appears correct (by just grabbing the pull request_created key and modifying the description), but we are seeing all reviewers being removed from a pull request once the Codeship status is added.

There is a security vulnerability that allows anyone who knows the path to your endpoint the ability to send it payloads to update your pull requests.

They cannot however retrieve or read any information.

Solution is to require setting basic auth credentials within the Pull Request POST hook. This means only requests you setup will be accepted by the app. Probably just going to use the given BITBUCKET_USERNAME and BITBUCKET_PASSWORD for easy setup.

If password contains (unescaped) special characters, the app fails - the index page won't load:

URIError: URI malformed
   at decodeURIComponent (native)
   at Url.parse (url.js:185:19)
   at Object.urlParse [as parse] (url.js:101:5)
   at Request.init (/app/node_modules/request/request.js:248:20)
   at new Request (/app/node_modules/request/request.js:139:8)
   at request (/app/node_modules/request/index.js:55:10)
   at /app/app.js:14:3
   at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
   at next (/app/node_modules/express/lib/router/route.js:131:13)
   at Route.dispatch (/app/node_modules/express/lib/router/route.js:112:3)

It should be easy to fix. I'll submit a fix when I get some free time.

Hi, I'm trying to make the app work.
First try I created an OAuth key on Bitbucket and set on my app the OAuth key as the BITBUCKET_PASSWORD.
After I tried setting BITBUCKET_PASSWORD to my bitbucket password which also didn't work.

In both cases I see on my app that "Access to Bitbucket was denied."

Any clues on how to fix this?

See the PUT data sent to Bitbucket here: https://github.com/chesleybrown/bitbucket-codeship-status/blob/master/app.js#L53-L56

This causes any other attributes than title and description to be unset by Bitbucket (e.g. reviewers or checked checkbox "close branch after merging"). From Bitbucket's point of view, this is intended behaviour, as stated in the Bitbucket API documentation:

With the exception of the source and destination parameters, the request body must include all the existing request parameters; Omitting a parameter causes the server to drop the existing value.

Easiest fix is probably to just duplicate the pullRequest object as received from Bitbucket and change the description, but I'm not entirely sure whether this might cause other kinds of problems.