File permissions on Windows are weird. This adds a brief note into the
README that this is something to watch out for. As far as I'm aware, WSL
completely avoids the weirdness because it's actually Linux (and so it
follows POSIX).
No change to logic. This documents `shell.ls('-l')`'s `.toString()`
override. I noticed this feature was not documented. This string format
should not be depended on by programmatic usage, but it's useful to make
things more human readable.
No change to logic. This adds a test case to make sure the caret
character ('^') is passed through to the command. This is to make sure
the character is not treated specially on Windows, where it's an escape
character in the shell.
Fixes#1015
This adds testing for node v14. This removes testing for node v6 and v7
because codecov breaks on these versions. This omits node v15 because
appveyor doesn't seem to support this version. The nodejs org currently
supports [10, 12, 14, 15].
This makes a couple minor edits to the check-node-support script for
consistency with shelljs/shx#186.
This bumps the shx dependency because it seems we're hitting issue #973
on node v14.
Test: npm run check-node-support
This adds an initial implementation of shell.cmd(), which is intended as
the eventual replacement for shell.exec(). This PR does not fully
implement the API, but demonstrates a simple and secure alternative, and
will allow further iteration to cover other use cases in follow-up PRs.
Design doc: https://shelljs.page.link/cmd-design
Issue #495
Test: automated test suite
Previously, we just concatenated _tempDir() with '/' and a random
filename. Instead, we should join paths with path.join() to use the OS
path separator.
This is a speculative fix for issue #974, although this may not be
enough to actually make Windows happy.
Issue #974
Node.js is currently considering printing a warning when a non-existent
property of `module.exports` is accessed while in a circular `require()`
dependency, in order to make it easier to catch issues with circular
dependencies.
In order to avoid printing these warnings for shelljs, checking for the
property’s existence rather than its truthiness suffices.
Refs: https://github.com/nodejs/node/pull/29935
No change to production logic.
This renames test cases with duplicate names, deletes a redundant test,
and uses the public `t.title` API in favor of `t._test.title`.
This is a prerequisite for updating ava.
Issue #969
This PR introduces a new boolean fatal option for the exec() function. Like the existing silent option, this new option allows you to override the global fatal configuration parameter on a per-command basis.
This updates `eslint-config-airbnb-base` and `eslint-plugin-import`.
This also addresses lint errors these updates raise, and excludes
several rules.
This also adds a minor simplification to the gendocs script.
Test: npm run lint
Test: npm run gendocs
No change to logic.
This adds documentation about `shell.exec()`'s inherent vulnerability to
command injection and links to a more detailed security notice.
Issue #103, #143, #495, #765, #766, #810, #842, #938, #945
Also remove example featuring line deletion as it does not work since the regex with '\n' will never match anything, because the file content is split by '\n' so there are no '\n's to match at all.
This upgrades eslint to a new version to resolve a security warning.
This fixes a couple new lint errors, and disables some lint checks.
The current version of the airbnb lint config triggers
DeprecationWarnings in the new version of eslint. These warnings will be
resolved in a follow-up.
Test: npm run lint
No change to logic, only docs.
In v0.7.0, we introduced ShellStrings and changed most methods to return
them. Docs weren't appropriately updated, so this PR cross-links these
methods to the ShellString docs.
This also expands on the ShellString docs themselves, since there was
room to make this clearer.
Fixes#933
* feat(options): initial support for long options
This adds initial support for long options. This integration tests them
with `shell.touch()` and unit tests them in `test/common.js`. This
documents the new syntax.
This also refactors some of the common internals:
* Creates a new CommandError type to replace the `'earlyExit'` hack
* Clearer Error types for `parseOptions()` exceptions
* Removes side effects from a test which modifies `common.config`
* Fixes appveyor and travis config to run lint (regressed in #920)
Issue #924
Test: touch.js, common.js
* small refactor for errorOptions
No change to production logic.
We never had coverage for `touch({'-d': ...})`, so this adds test
coverage. This also updates documentation to clarify the parameter
should be an instance of the `Date` type.
Test: `handles date argument` case
NYC takes forever on my local machine, and I generally prefer to look at
coverage reports on the website anyway.
This changes `npm test` to run without coverage, and changes our CI to
run `npm run test-with-coverage` instead.
* fix(exec): consistent error message for maxBuffer
This explicitly checks for maxBuffer errors in exec-child.js and
provides a consistent error message. This modifies the test to verify
this.
This also supports the change in Node v10, which emits this as a
RangeError instead of a regular Error.
Although the error message is now explicit, this is not part of our API,
since it's just tacked onto the end of exec's stderr.
Fixes#915
* Remove debugging log, ignore uncovered lines
This drops support for node v4 and v5. Neither is currently supported by
the Node.js team, nor by the `npm` CLI team, so it's hard to justify we
continue to support it.
The new minimum supported version is v6.
Fixes#873
No change to node support, this just adds a script.
This adds a script to check that we correctly configure all supported
node versions, since we need to update quite a few spots (README.md,
package.json, travis, appveyor).
Issue #873
Test: manual
This removes our lockfile and our `ci-or-install` script. The lockfile
caused headaches, since `npm install` would modify the lockfile.
Unfortunately, `ci-or-install` (added in #896) didn't work reliably on
appveyor, so removing the lockfile seems easier. We remove the script
since it's now obsolete.
Fixes#893
No change to logic.
This removes gitter integration with the project. I don't monitor gitter
right now, and I've never noticed the integration to be particularly
useful otherwise.
Test: N/A
