Manipulate strings according to the word parsing rules of the UNIX Bourne shell.
The shellwords package is designed to manipulate strings according to the word parsing rules of the UNIX Bourne shell. It provides functionality for splitting a string into an array of tokens in the same way the shell would and for escaping and joining words into a single string that can be safely used in a shell command.
Splitting a string into an array of tokens
This feature allows you to split a command line string into an array of tokens, similar to how a UNIX shell would. It's useful for parsing command line arguments or processing shell commands within a Node.js application.
"const shellwords = require('shellwords');
const cmd = 'ls -la /some/path with spaces';
const tokens = shellwords.split(cmd);
console.log(tokens);"Escaping and joining words into a shell command
This feature enables you to take an array of command line arguments and join them into a single string that is safe to use in a shell command. It automatically escapes any characters that have special meaning in the shell, making it easier to construct shell commands programmatically.
"const shellwords = require('shellwords');
const args = ['ls', '-la', '/some/path with spaces'];
const cmd = shellwords.join(args);
console.log(cmd);"Similar to shellwords, shell-quote provides functionality for quoting and parsing shell commands. It differs in its approach to handling special characters and offers more customization options for parsing, making it a versatile alternative for complex shell command manipulations.
Shlex is a port of Python's shlex module for Node.js. It offers similar functionality to shellwords, focusing on splitting shell commands into tokens. Shlex might be preferred in environments where developers are more familiar with Python's way of handling shell strings.
Shellwords provides functions to manipulate strings according to the word parsing rules of the UNIX Bourne shell. It is based on the Ruby module of the same name.
With npm:
npm install shellwords
With Yarn:
yarn add shellwords
Shellwords exports the following functions, shown here in the TypeScript declaration file format.
/**
* Splits a string into an array of tokens in the same way the UNIX Bourne shell does.
*
* @param line A string to split.
* @returns An array of the split tokens.
*/
export declare const split: (line?: string) => string[];
/**
* Escapes a string so that it can be safely used in a Bourne shell command line.
*
* @param str A string to escape.
* @returns The escaped string.
*/
export declare const escape: (str?: string) => string;
import { escape, split } from "shellwords";
split("foo 'bar baz'");
// ["foo", "bar baz"]
escape("What's up, yo?");
// 'What\\\'s\\ up,\\ yo\\?'
shellwords is released under the MIT license. See LICENSE.
FAQs
Manipulate strings according to the word parsing rules of the UNIX Bourne shell.
We found that shellwords demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.
Security News
Research
Socket researchers found a malicious Maven package impersonating the legitimate ‘XZ for Java’ library, introducing a backdoor for remote code execution.