Socket
Socket
Sign inDemoInstall

shell-quote

Package Overview
Dependencies
0
Maintainers
4
Versions
27
Alerts
File Explorer

Advanced tools

Install Socket

Protect your apps from supply chain attacks

Install

shell-quote

quote and parse shell commands

    1.8.1latest
    GitHub
    npm

Version published
Maintainers
4
Weekly downloads
15,475,257
decreased by-14.77%

Weekly downloads

Package description

What is shell-quote?

The shell-quote npm package is used for quoting and parsing shell commands. It can handle various shell operations such as escaping special characters, joining command-line arguments into a single string, and parsing command-line strings into an array of arguments or a function to be executed.

What are shell-quote's main functionalities?

Quoting arguments

This feature allows you to quote an array of command-line arguments into a single string that can be safely used in a shell command. It handles escaping of special characters and quotes as necessary.

var quote = require('shell-quote').quote;
var args = ['some string', 'another "string"', '$pecial'];
console.log(quote(args));

Parsing command-line strings

This feature is used to parse a command-line string into an array of arguments, taking into account the quoting and escaping rules of a typical Unix shell.

var parse = require('shell-quote').parse;
var cmd = "echo 'hello world'";
console.log(parse(cmd));

Executing parsed commands

This feature allows you to parse a command and then execute it with a given set of environment variables or other options. It can be useful for dynamically constructing and executing shell commands within a Node.js application.

var parse = require('shell-quote').parse;
var op = parse('echo $USER');
op[0]({ USER: 'alice' }); // executes the command with the given environment variable

Other packages similar to shell-quote

Changelog

Source

v1.8.1 - 2023-04-07

Fixed

  • [Fix] parse: preserve whitespace in comments #6
  • [Fix] properly support the escape option #5

Commits

  • [Refactor] parse: hoist getVar to module level b42ac73
  • [Refactor] hoist some vars to module level 8f0c5c3
  • [Refactor] parse: use slice over substr, cache some values fcb2e1a
  • [Refactor] parse: a bit of cleanup 6780ec5
  • [Refactor] parse: tweak the regex to not match nothing 227d474
  • [Tests] increase coverage a66de94
  • [Refactor] parse: avoid shadowing a function arg 1d58679

Readme

Source

shell-quote Version Badge

github actions coverage License Downloads

npm badge

Parse and quote shell commands.

example

quote

var quote = require('shell-quote/quote');
var s = quote([ 'a', 'b c d', '$f', '"g"' ]);
console.log(s);

output

a 'b c d' \$f '"g"'

parse

var parse = require('shell-quote/parse');
var xs = parse('a "b c" \\$def \'it\\\'s great\'');
console.dir(xs);

output

[ 'a', 'b c', '\\$def', 'it\'s great' ]

parse with an environment variable

var parse = require('shell-quote/parse');
var xs = parse('beep --boop="$PWD"', { PWD: '/home/robot' });
console.dir(xs);

output

[ 'beep', '--boop=/home/robot' ]

parse with custom escape character

var parse = require('shell-quote/parse');
var xs = parse('beep ^--boop="$PWD"', { PWD: '/home/robot' }, { escape: '^' });
console.dir(xs);

output

[ 'beep --boop=/home/robot' ]

parsing shell operators

var parse = require('shell-quote/parse');
var xs = parse('beep || boop > /byte');
console.dir(xs);

output:

[ 'beep', { op: '||' }, 'boop', { op: '>' }, '/byte' ]

parsing shell comment

var parse = require('shell-quote/parse');
var xs = parse('beep > boop # > kaboom');
console.dir(xs);

output:

[ 'beep', { op: '>' }, 'boop', { comment: '> kaboom' } ]

methods

var quote = require('shell-quote/quote');
var parse = require('shell-quote/parse');

quote(args)

Return a quoted string for the array args suitable for using in shell commands.

parse(cmd, env={})

Return an array of arguments from the quoted string cmd.

Interpolate embedded bash-style $VARNAME and ${VARNAME} variables with the env object which like bash will replace undefined variables with "".

env is usually an object but it can also be a function to perform lookups. When env(key) returns a string, its result will be output just like env[key] would. When env(key) returns an object, it will be inserted into the result array like the operator objects.

When a bash operator is encountered, the element in the array with be an object with an "op" key set to the operator string. For example:

'beep || boop > /byte'

parses as:

[ 'beep', { op: '||' }, 'boop', { op: '>' }, '/byte' ]

install

With npm do:

npm install shell-quote

license

MIT

Keywords

FAQs

Last updated on 07 Apr 2023

Did you know?

Socket installs a GitHub app to automatically flag issues on every pull request and report the health of your dependencies. Find out what is inside your node modules and prevent malicious activity before you update the dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc