Socket
Socket
Sign inDemoInstall

@cspotcode/cross-spawn

Package Overview
Dependencies
8
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

    @cspotcode/cross-spawn

Cross platform child_process#spawn and child_process#spawnSync


Version published
Weekly downloads
2
decreased by-81.82%
Maintainers
1
Install size
101 kB
Created
Weekly downloads
 

Readme

Source

@cspotcode/cross-spawn

NPM version Downloads Build Status Build status Dependency status Dev Dependency status Greenkeeper badge

This is a proof-of-concept fork of cross-spawn while I wait for a fix to be merged upstream.

A cross platform solution to node's spawn and spawnSync.

Installation

$ npm install @cspotcode/cross-spawn

If you are using spawnSync on node 0.10 or older, you will also need to install spawn-sync:

$ npm install spawn-sync

Why

Node has issues when using spawn on Windows:

  • It ignores PATHEXT
  • It does not support shebangs
  • No options.shell support on node <v4.8
  • It does not allow you to run del or dir

All these issues are handled correctly by cross-spawn. There are some known modules, such as win-spawn, that try to solve this but they are either broken or provide faulty escaping of shell arguments.

Usage

Exactly the same way as node's spawn or spawnSync, so it's a drop in replacement.

var spawn = require('@cspotcode/cross-spawn');

// Spawn NPM asynchronously
var child = spawn('npm', ['list', '-g', '-depth', '0'], { stdio: 'inherit' });

// Spawn NPM synchronously
var results = spawn.sync('npm', ['list', '-g', '-depth', '0'], { stdio: 'inherit' });

Caveats

options.shell as an alternative to @cspotcode/cross-spawn

Starting from node v4.8, spawn has a shell option that allows you run commands from within a shell. This new option solves most of the problems that @cspotcode/cross-spawn attempts to solve, but:

  • It's not supported in node <v4.8
  • It has no support for shebangs on Windows
  • You must manually escape the command and arguments which is very error prone, specially when passing user input

If you are using the shell option to spawn a command in a cross platform way, consider using @cspotcode/cross-spawn instead. You have been warned.

Shebangs

While @cspotcode/cross-spawn handles shebangs on Windows, its support is limited: e.g.: it doesn't handle arguments after the path, e.g.: #!/bin/bash -e.

Remember to always test your code on Windows!

Tests

$ npm test

License

Released under the MIT License.

Keywords

FAQs

Last updated on 19 Oct 2017

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc