launch-editor - npm Package Compare versions

Comparing version 2.7.0 to 2.8.0

editor-info/macos.js

get-args.js

		@@ -20,2 +20,3 @@ const path = require('path')
		case 'charm':
		case 'zed':
		return [`${fileName}:${lineNumber}:${columnNumber}`]
		@@ -22,0 +23,0 @@ case 'notepad++':

guess.js

		@@ -8,3 +8,3 @@ const path = require('path')
		// of the app every time
		const COMMON_EDITORS_OSX = require('./editor-info/osx')
		const COMMON_EDITORS_MACOS = require('./editor-info/macos')
		const COMMON_EDITORS_LINUX = require('./editor-info/linux')
		@@ -36,3 +36,3 @@ const COMMON_EDITORS_WIN = require('./editor-info/windows')
		.toString()
		const processNames = Object.keys(COMMON_EDITORS_OSX)
		const processNames = Object.keys(COMMON_EDITORS_MACOS)
		const processList = output.split('\n')
		@@ -43,3 +43,3 @@ for (let i = 0; i < processNames.length; i++) {
		if (processList.includes(processName)) {
		return [COMMON_EDITORS_OSX[processName]]
		return [COMMON_EDITORS_MACOS[processName]]
		}
		@@ -50,4 +50,4 @@ const processNameWithoutApplications = processName.replace('/Applications', '')
		// Use the CLI command if one is specified
		if (processName !== COMMON_EDITORS_OSX[processName]) {
		return [COMMON_EDITORS_OSX[processName]]
		if (processName !== COMMON_EDITORS_MACOS[processName]) {
		return [COMMON_EDITORS_MACOS[processName]]
		}
		@@ -97,3 +97,3 @@ // Use a partial match to find the running process path. If one is found, use the
		}
		} catch (error) {
		} catch (ignoreError) {
		// Ignore...
		@@ -100,0 +100,0 @@ }

index.js

		@@ -100,2 +100,32 @@ /**

		// cmd.exe on Windows is vulnerable to RCE attacks given a file name of the
		// form "C:\Users\myusername\Downloads\& curl 172.21.93.52". Use a safe file
		// name pattern to validate user-provided file names. This doesn't cover the
		// entire range of valid file names but should cover almost all of them in practice.
		// (Backport of
		// https://github.com/facebook/create-react-app/pull/4866
		// and
		// https://github.com/facebook/create-react-app/pull/5431)

		// Allows alphanumeric characters, periods, dashes, slashes, and underscores.
		const WINDOWS_CMD_SAFE_FILE_NAME_PATTERN = /^([A-Za-z]:[/\\])?[\p{L}0-9/.\-_\\]+$/u
		if (
		process.platform === 'win32' &&
		!WINDOWS_CMD_SAFE_FILE_NAME_PATTERN.test(fileName.trim())
		) {
		console.log()
		console.log(
		colors.red('Could not open ' + path.basename(fileName) + ' in the editor.')
		)
		console.log()
		console.log(
		'When running on Windows, file names are checked against a safe file name ' +
		'pattern to protect against remote code execution attacks. File names ' +
		'may consist only of alphanumeric characters (all languages), periods, ' +
		'dashes, slashes, and underscores.'
		);
		console.log()
		return
		}

		if (lineNumber) {
		@@ -135,3 +165,7 @@ const extraArgs = getArgumentsForPosition(editor, fileName, lineNumber, columnNumber)
		_childProcess.on('error', function (error) {
		onErrorCallback(fileName, error.message)
		let { code, message } = error
		if ('ENOENT' === code) {
		message = `${message} ('${editor}' command does not exist in 'PATH')`
		}
		onErrorCallback(fileName, message);
		})
		@@ -138,0 +172,0 @@ }

package.json

		{
		"name": "launch-editor",
		"version": "2.7.0",
		"version": "2.8.0",
		"description": "launch editor from node.js",
		@@ -5,0 +5,0 @@ "main": "index.js",

editor-info/osx.js

launch-editor - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics