Comparing version 1.1.2 to 1.1.3
@@ -12,2 +12,6 @@ # Changelog | ||
## [1.1.3] - 2021-03-13 | ||
- Strip null characters from arguments. | ||
## [1.1.2] - 2021-01-07 | ||
@@ -14,0 +18,0 @@ |
@@ -11,3 +11,3 @@ /** | ||
* @module shescape | ||
* @version 1.1.2 | ||
* @version 1.1.3 | ||
* @license MPL-2.0 | ||
@@ -74,3 +74,3 @@ * @author Eric Cornelissen <ericornelissen@gmail.com> | ||
const platform = os.platform(); | ||
return main.quoteByPlatform(arg, platform); | ||
return main.quoteShellArgByPlatform(arg, platform); | ||
}; | ||
@@ -96,3 +96,3 @@ | ||
for (const arg of args) { | ||
const safeArg = main.quoteByPlatform(arg, platform); | ||
const safeArg = main.quoteShellArgByPlatform(arg, platform); | ||
result.push(safeArg); | ||
@@ -99,0 +99,0 @@ } |
{ | ||
"name": "shescape", | ||
"version": "1.1.2", | ||
"version": "1.1.3", | ||
"description": "simple shell escape library", | ||
@@ -39,3 +39,3 @@ "homepage": "https://ericcornelissen.github.io/shescape/", | ||
"husky": "^5.0.4", | ||
"is-ci": "^2.0.0", | ||
"is-ci": "^3.0.0", | ||
"jsfuzz": "^1.0.14", | ||
@@ -42,0 +42,0 @@ "mocha": "^8.2.0", |
@@ -5,2 +5,3 @@ # Shescape | ||
[![Coverage Report][coverage-image]][coverage-url] | ||
[![quality Report][quality-image]][quality-url] | ||
[![NPM Package][npm-image]][npm-url] | ||
@@ -33,2 +34,4 @@ [![Documentation][docs-image]][docs-url] | ||
[coverage-image]: https://codecov.io/gh/ericcornelissen/shescape/branch/main/graph/badge.svg | ||
[quality-url]: https://codeclimate.com/github/ericcornelissen/shescape/maintainability | ||
[quality-image]: https://api.codeclimate.com/v1/badges/6eb1a10f41cf6950b6ce/maintainability | ||
[npm-url]: https://www.npmjs.com/package/shescape | ||
@@ -35,0 +38,0 @@ [npm-image]: https://img.shields.io/npm/v/shescape.svg |
@@ -8,6 +8,6 @@ # Security Policy | ||
| Version | Supported | Until | | ||
| ------- | ------------------ | ---------------- | | ||
| 1.x.x | :white_check_mark: | _current_ | | ||
| < 1.0.0 | :white_check_mark: | 01 February 2021 | | ||
| Version | Supported | | ||
| ------: | ------------------ | | ||
| 1.x.x | :white_check_mark: | | ||
| 0.x.x | :x: | | ||
@@ -14,0 +14,0 @@ ## Reporting a Vulnerability |
@@ -0,3 +1,16 @@ | ||
/** | ||
* @overview Contains constants that may be used in multiple modules. | ||
* @license MPL-2.0 | ||
* @author Eric Cornelissen <ericornelissen@gmail.com> | ||
*/ | ||
/** | ||
* @constant {string} typeError The error message for incorrect parameter types. | ||
*/ | ||
module.exports.typeError = | ||
"Shescape requires strings or values that can be converted into a string using .toString()"; | ||
/** | ||
* @constant {string} win32 The string identifying Windows systems. | ||
*/ | ||
module.exports.win32 = "win32"; |
@@ -0,1 +1,8 @@ | ||
/** | ||
* @overview Contains functionality to escape and quote shell arguments on any | ||
* operating system. | ||
* @license MPL-2.0 | ||
* @author Eric Cornelissen <ericornelissen@gmail.com> | ||
*/ | ||
const { typeError, win32 } = require("./constants.js"); | ||
@@ -5,2 +12,8 @@ const unix = require("./unix.js"); | ||
/** | ||
* Check if a value can be converted into a string. | ||
* | ||
* @param {any} value The value of interest. | ||
* @returns {boolean} `true` iff `value` can be converted into a string. | ||
*/ | ||
function isStringable(value) { | ||
@@ -14,2 +27,12 @@ if (value === undefined || value === null) { | ||
/** | ||
* Take a value and escape any dangerous characters. | ||
* | ||
* Non-string inputs will be converted to strings using a `toString()` method. | ||
* | ||
* @param {string} arg The argument to escape. | ||
* @param {string} platform The platform to escape the argument for. | ||
* @returns {string} The escaped argument. | ||
* @throws {TypeError} The argument is not stringable. | ||
*/ | ||
function escapeShellArgByPlatform(arg, platform) { | ||
@@ -33,3 +56,14 @@ let argAsString = arg; | ||
function quoteByPlatform(arg, platform) { | ||
/** | ||
* Take a value, put OS-specific quotes around it, and escape any dangerous | ||
* characters. | ||
* | ||
* Non-string inputs will be converted to strings using a `toString()` method. | ||
* | ||
* @param {string} arg The argument to escape and quote. | ||
* @param {string} platform The platform to escape and quote the argument for. | ||
* @returns {string} The escaped argument. | ||
* @throws {TypeError} The argument is not stringable. | ||
*/ | ||
function quoteShellArgByPlatform(arg, platform) { | ||
const safeArg = escapeShellArgByPlatform(arg, platform); | ||
@@ -45,2 +79,2 @@ switch (platform) { | ||
module.exports.escapeShellArgByPlatform = escapeShellArgByPlatform; | ||
module.exports.quoteByPlatform = quoteByPlatform; | ||
module.exports.quoteShellArgByPlatform = quoteShellArgByPlatform; |
@@ -0,5 +1,17 @@ | ||
/** | ||
* @overview Contains functionality specifically for Unix systems. | ||
* @license MPL-2.0 | ||
* @author Eric Cornelissen <ericornelissen@gmail.com> | ||
*/ | ||
/** | ||
* Escape a shell argument. | ||
* | ||
* @param {string} arg The argument to escape. | ||
* @returns {string} The escaped argument. | ||
*/ | ||
function escapeShellArg(arg) { | ||
return arg.replace(/'/g, `'\\''`); | ||
return arg.replace(/\u{0}/gu, "").replace(/'/g, `'\\''`); | ||
} | ||
module.exports.escapeShellArg = escapeShellArg; |
@@ -0,5 +1,17 @@ | ||
/** | ||
* @overview Contains functionality specifically for Windows systems. | ||
* @license MPL-2.0 | ||
* @author Eric Cornelissen <ericornelissen@gmail.com> | ||
*/ | ||
/** | ||
* Escape a shell argument. | ||
* | ||
* @param {string} arg The argument to escape. | ||
* @returns {string} The escaped argument. | ||
*/ | ||
function escapeShellArg(arg) { | ||
return arg.replace(/"/g, `""`); | ||
return arg.replace(/\u{0}/gu, "").replace(/"/g, `""`); | ||
} | ||
module.exports.escapeShellArg = escapeShellArg; |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
28805
201
39