You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
The key has expired.
miniwdl run
--dir behavior revised to be more predictable: always run in a new timestamp-named subdirectory of the specified directory, unless the latter ends with .
Automatically download input files specified as public http[s]/ftp/gs URIs
Honor runtime.maxRetries to retry task command or docker failures
output_links feature expanded to apply to all nested task/workflow runs, and include Files embedded in structs and other composite output values
Manipulate ownership/permissions to improve security and user experience:
as run completes, chown everything in run directory to invoking user and primary group
run task commands with membership in invoking user's primary group, ensuring access to working directory even if they've dropped privileges (a good docker security practice)
--as-me to force all task commands to run as invoking user (more secure, but blocks commands that assume root e.g. apt-get)
Revert to always running command in bash (as required by WDL spec) rather than container $SHELL
miniwdl check
Suppress UnnecessaryQuantifier for optional File? task outputs
