New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix bug where dotenv file using quotes greedily consumes values. #3703
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I forgot to hit send again.
"\\s*" + // leading whitespaces | ||
"(\\w+)" + // key | ||
"\\s*=\\s*" + // separator (=) | ||
"(" + // begin optional value |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
value is no longer optional
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it still is? The relevant test case still passes:
https://github.com/firebase/firebase-tools/blob/master/src/test/functions/env.spec.ts#L83
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought the backend didn't support it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh that's what I thought too but just checked deploying empty env var and confirmed that it's a valid value.
"(" + // begin optional value | ||
"\\s*'(?:\\\\'|[^'])*'|" + // single quoted or | ||
'\\s*"(?:\\\\"|[^"])*"|' + // double quoted or | ||
"[^\\#\\r\\n]+" + // unquoted |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought we decided that the #
character doesn't need escaping?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes. It looks like regex implementation ignores wrongly escaped characters, so I got lucky here:
> "#".match(RegExp("#"))
[ '#', index: 0, input: '#', groups: undefined ]
> "#".match(RegExp("\\#"))
[ '#', index: 0, input: '#', groups: undefined ]
…ebase#3703) Our parser for dotenv file format allows values to be wrapped inside single or double quotes. The regex we have for parsing these value is too greedy as implemented: ``` # .env A="abc" B="efg" ``` ``` parse(readFileSync(".env")) => { A: 'abc\nB="efg"' } ``` The change in regex correctly parses the dotenv file: ``` parse(readFileSync(".env")) => { A: "abc", B: "efg" } ```
Our parser for dotenv file format allows values to be wrapped inside single or double quotes.
The regex we have for parsing these value is too greedy as implemented:
The change in regex correctly parses the dotenv file: