shescape - npm Package Compare versions
Comparing version 0.3.1 to 0.4.0
@@ -12,2 +12,7 @@ # Changelog | ||
| ## [0.4.0] - 2020-12-08 | ||
| - Add `quoteAll` function to quote and escape an array of arguments. | ||
| - Create website with full documentation ([link](https://ericcornelissen.github.io/shescape/)). | ||
| ## [0.3.1] - 2020-12-07 | ||
@@ -14,0 +19,0 @@ |
13
index.js
@@ -22,1 +22,14 @@ const os = require("os"); | ||
| }; | ||
| module.exports.quoteAll = function (args) { | ||
| if (!Array.isArray(args)) return args; | ||
| const platform = os.platform(); | ||
| const result = []; | ||
| for (const arg of args) { | ||
| const safeArg = main.quoteByPlatform(arg, platform); | ||
| result.push(safeArg); | ||
| } | ||
| return result; | ||
| }; |
| { | ||
| "name": "shescape", | ||
| "version": "0.3.1", | ||
| "version": "0.4.0", | ||
| "description": "simple shell escape library", | ||
| "homepage": "https://github.com/ericcornelissen/shescape#readme", | ||
| "homepage": "https://ericcornelissen.github.io/shescape/", | ||
| "license": "MPL-2.0", | ||
@@ -7,0 +7,0 @@ "main": "index.js", |
@@ -5,12 +5,16 @@ # Shescape | ||
| [![NPM Package][npm-image]][npm-url] | ||
| [![Documentation][docs-image]][docs-url] | ||
| A simple shell escape library. Use it to escape user-specified inputs to shell | ||
| commands to prevent [shell injection]. | ||
| A simple shell escape package for JavaScript. Use it to escape user-controlled | ||
| inputs to shell commands to prevent [shell injection]. | ||
| ## Example | ||
| Below is a basic example of how to use _Shescape_. It is recommended to use the | ||
| `quote` function. This will put (OS appropriate) quotes around the user input | ||
| and escape any characters in the input if necessary. | ||
| > Please read [the full documentation][docs-url] for more information. | ||
| Below is a basic example of how to use _Shescape_. In this example `spawn` is | ||
| used to invoke a shell command and `shescape.quoteAll` is used to quote and | ||
| escape any _dangerous_ character in any of the arguments specified by | ||
| `userInput`. | ||
| ```js | ||
@@ -20,3 +24,3 @@ const cp = require("child_process"); | ||
| cp.exec(`command ${shescape.quote(userInput)}`, callback); | ||
| cp.spawn("command", shescape.quoteAll(userInput), options); | ||
| ``` | ||
@@ -29,1 +33,3 @@ | ||
| [npm-image]: https://img.shields.io/npm/v/shescape.svg | ||
| [docs-url]: https://ericcornelissen.github.io/shescape/ | ||
| [docs-image]: https://img.shields.io/badge/read-the%20docs-informational |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No website
QualityPackage does not have a website.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.4%
22705
- Lines of code
- increased by20.83%
58
- Number of lines in readme file
- increased by22.22%
33
Worsened metrics
- Number of low quality alerts
- increased by100%
2
No dependency changes