-
Notifications
You must be signed in to change notification settings - Fork 760
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
use shell-quote
package
#4080
use shell-quote
package
#4080
Conversation
|
A wrangler prerelease is available for testing. You can install this latest build in your project with: npm install --save-dev https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/6384551922/npm-package-wrangler-4080 You can reference the automatically updated head of this PR with: npm install --save-dev https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/prs/6384551922/npm-package-wrangler-4080 Or you can use npx https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/6384551922/npm-package-wrangler-4080 dev path/to/script.js Additional artifacts:npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/6384551922/npm-package-cloudflare-pages-shared-4080 Note that these links will no longer work once the GitHub Actions artifact expires.
| Please ensure constraints are pinned, and |
e7e5b6f
to
ac29253
Compare
Codecov Report
@@ Coverage Diff @@
## main #4080 +/- ##
==========================================
- Coverage 75.07% 74.99% -0.08%
==========================================
Files 216 217 +1
Lines 12054 12065 +11
Branches 3123 3122 -1
==========================================
- Hits 9049 9048 -1
- Misses 3005 3017 +12
|
runWrangler("d1 execute --command 'select 1;'") | ||
runWrangler("d1 execute db --command 'select 1;'") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This test forgot to specify the database
positional argument. It was passing before because the command
argument has a space (and previously we split the whole command by space), resulting in command
parsed as 'select
and database
parsed as 1;'
"deploy --dry-run --outdir dist --define abc:'https://www.abc.net.au/news/'" | ||
`deploy --dry-run --outdir dist --define "abc:'https://www.abc.net.au/news/'"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This wasn't a correct example of how a user would specify the define
arg with this value.
Before (incorrect, note the missing quotes by the time node.js sees the value):
▶ node -e 'console.log(process.argv.slice(1))' -- --define abc:'123'
[ '--define', 'abc:123' ]
After (correct, note the quotes in the value as expected):
▶ node -e 'console.log(process.argv.slice(1))' -- --define "abc:'123'"
[ '--define', "abc:'123'" ]
`kv:key put dKey dVal --namespace-id some-namespace-id --metadata {"mKey":"mValue"}` | ||
`kv:key put dKey dVal --namespace-id some-namespace-id --metadata '{"mKey":"mValue"}'` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This wasn't a correct example of how a user would specify the metadata arg with JSON.
Before (incorrect, note the missing quotes which would fail JSON.parse)
▶ node -e 'console.log(process.argv.slice(1))' -- --metadata {"mKey":"mValue"}
[ '--metadata', '{mKey:mValue}' ]
After (correct, note the valid JSON as expected):
▶ node -e 'console.log(process.argv.slice(1))' -- --metadata '{"mKey":"mValue"}'
[ '--metadata', '{"mKey":"mValue"}' ]
...getC3CommandFromEnv().split(" "), | ||
...shellquote.parse(getC3CommandFromEnv()), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This would have failed in scenarios where the c3 command was pointing to a local executable, for example, in a directory with spaces
c3Arguments.unshift(...getC3CommandFromEnv().split(" ")); | ||
c3Arguments.unshift(...shellquote.parse(getC3CommandFromEnv())); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This would have failed in scenarios where the c3 command was pointing to a local executable, for example, in a directory with spaces
import shellquote from "shell-quote"; | ||
|
||
export const quote = shellquote.quote; | ||
|
||
export function parse(cmd: string, env?: Record<string, string>): string[] { | ||
const entries = shellquote.parse(cmd, env); | ||
const argv: string[] = []; | ||
|
||
for (const entry of entries) { | ||
// use string entries, as is | ||
if (typeof entry === "string") { | ||
argv.push(entry); | ||
continue; | ||
} | ||
|
||
// ignore comments | ||
if ("comment" in entry) { | ||
continue; | ||
} | ||
|
||
// we don't want to resolve globs, passthrough the pattern unexpanded | ||
if (entry.op === "glob") { | ||
argv.push(entry.pattern); | ||
continue; | ||
} | ||
|
||
// any other entry.op is a ControlOperator (e.g. && or ||) we don't want to support | ||
throw new Error( | ||
`Only simple commands are supported, please don't use the "${entry.op}" operator in "${cmd}".` | ||
); | ||
} | ||
|
||
return argv; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is duplicated across C3 and wrangler. I will extract to a new shared package when #4038 is merged
instead of approximating behaviour with .split(" ") and .join(" ")
- return string[], not including objects - passthrough glob patterns - throw when using non-simple commands
ef392be
to
ea0e5e7
Compare
use
shell-quote
package instead of approximating behaviour with.split(" ")
and.join(" ")
Fixes #4079
Reviewer is to perform the following, as applicable:
Note for PR author:
We want to celebrate and highlight awesome PR review! If you think this PR received a particularly high-caliber review, please assign it the label
highlight pr review
so future reviewers can take inspiration and learn from it.