Skip to content

Commit

Permalink
fix: remove minimist
Browse files Browse the repository at this point in the history
  • Loading branch information
@jordanbtucker
jordanbtucker committed Mar 21, 2022
1 parent 4cf57da commit 7466552
Show file tree
Hide file tree
Showing 5 changed files with 201 additions and 37 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
### Unreleased [[code][c-unreleased], [diff][d-unreleased]]

- Fix: Remove dependence on minimist to patch CVE-2021-44906. ([#266])

[c-unreleased]: https://github.com/json5/json5/tree/master
[d-unreleased]: https://github.com/json5/json5/compare/v2.2.0...HEAD

Expand Down Expand Up @@ -360,3 +362,4 @@ parser for the regular JSON format.
[#229]: https://github.com/json5/json5/issues/229
[#236]: https://github.com/json5/json5/issues/236
[#244]: https://github.com/json5/json5/issues/244
[#266]: https://github.com/json5/json5/issues/266
90 changes: 65 additions & 25 deletions lib/cli.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,37 +2,17 @@

const fs = require('fs')
const path = require('path')
const minimist = require('minimist')
const pkg = require('../package.json')
const JSON5 = require('./')

const argv = minimist(process.argv.slice(2), {
alias: {
'convert': 'c',
'space': 's',
'validate': 'v',
'out-file': 'o',
'version': 'V',
'help': 'h',
},
boolean: [
'convert',
'validate',
'version',
'help',
],
string: [
'space',
'out-file',
],
})
const argv = parseArgs()

if (argv.version) {
version()
} else if (argv.help) {
usage()
} else {
const inFilename = argv._[0]
const inFilename = argv.defaults[0]

let readStream
if (inFilename) {
Expand Down Expand Up @@ -65,7 +45,7 @@ if (argv.version) {
// --convert is for backward compatibility with v0.5.1. If
// specified with <file> and not --out-file, then a file with
// the same name but with a .json extension will be written.
if (argv.convert && inFilename && !argv.o) {
if (argv.convert && inFilename && !argv.outFile) {
const parsedFilename = path.parse(inFilename)
const outFilename = path.format(
Object.assign(
Expand All @@ -75,8 +55,8 @@ if (argv.version) {
)

writeStream = fs.createWriteStream(outFilename)
} else if (argv.o) {
writeStream = fs.createWriteStream(argv.o)
} else if (argv.outFile) {
writeStream = fs.createWriteStream(argv.outFile)
} else {
writeStream = process.stdout
}
Expand All @@ -90,6 +70,66 @@ if (argv.version) {
})
}

function parseArgs () {
let convert
let space
let validate
let outFile
let version
let help
const defaults = []

const args = process.argv.slice(2)
for (let i = 0; i < args.length; i++) {
const arg = args[i]
switch (arg) {
case '--convert':
case '-c':
convert = true
break

case '--space':
case '-s':
space = args[++i]
break

case '--validate':
case '-v':
validate = true
break

case '--out-file':
case '-o':
outFile = args[++i]
break

case '--version':
case '-V':
version = true
break

case '--help':
case '-h':
help = true
break

default:
defaults.push(arg)
break
}
}

return {
convert,
space,
validate,
outFile,
version,
help,
defaults,
}
}

function version () {
console.log(pkg.version)
}
Expand Down
3 changes: 2 additions & 1 deletion package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 0 additions & 3 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,9 +48,6 @@
"url": "https://github.com/json5/json5/issues"
},
"homepage": "http://json5.org/",
"dependencies": {
"minimist": "^1.2.5"
},
"devDependencies": {
"core-js": "^2.6.5",
"eslint": "^5.15.3",
Expand Down
139 changes: 131 additions & 8 deletions test/cli.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ tap.test('CLI', t => {
})
})

t.test('indents output with the number of spaces specified', t => {
t.test('indents output with the number of spaces specified with -s', t => {
const proc = child.spawn(
process.execPath,
[
Expand All @@ -65,7 +65,29 @@ tap.test('CLI', t => {
})
})

t.test('indents output with tabs when specified', t => {
t.test('indents output with the number of spaces specified with --space', t => {
const proc = child.spawn(
process.execPath,
[
cliPath,
path.resolve(__dirname, 'test.json5'),
'--space',
'4',
]
)

let output = ''
proc.stdout.on('data', data => {
output += data
})

proc.stdout.on('end', () => {
assert.strictEqual(output, '{\n "a": 1,\n "b": 2\n}')
t.end()
})
})

t.test('indents output with tabs when specified with -s', t => {
const proc = child.spawn(
process.execPath,
[
Expand All @@ -87,7 +109,7 @@ tap.test('CLI', t => {
})
})

t.test('outputs to the specified file', t => {
t.test('outputs to the specified file with -o', t => {
const proc = child.spawn(
process.execPath,
[
Expand Down Expand Up @@ -116,7 +138,36 @@ tap.test('CLI', t => {
})
})

t.test('validates valid JSON5 files', t => {
t.test('outputs to the specified file with --out-file', t => {
const proc = child.spawn(
process.execPath,
[
cliPath,
path.resolve(__dirname, 'test.json5'),
'--out-file',
path.resolve(__dirname, 'output.json'),
]
)

proc.on('exit', () => {
assert.strictEqual(
fs.readFileSync(
path.resolve(__dirname, 'output.json'),
'utf8'
),
'{"a":1,"b":2}'
)
t.end()
})

t.tearDown(() => {
try {
fs.unlinkSync(path.resolve(__dirname, 'output.json'))
} catch (err) {}
})
})

t.test('validates valid JSON5 files with -v', t => {
const proc = child.spawn(
process.execPath,
[
Expand All @@ -132,7 +183,23 @@ tap.test('CLI', t => {
})
})

t.test('validates invalid JSON5 files', t => {
t.test('validates valid JSON5 files with --validate', t => {
const proc = child.spawn(
process.execPath,
[
cliPath,
path.resolve(__dirname, 'test.json5'),
'--validate',
]
)

proc.on('exit', code => {
assert.strictEqual(code, 0)
t.end()
})
})

t.test('validates invalid JSON5 files with -v', t => {
const proc = child.spawn(
process.execPath,
[
Expand All @@ -157,7 +224,7 @@ tap.test('CLI', t => {
})
})

t.test('outputs the version number when specified', t => {
t.test('outputs the version number when specified with -V', t => {
const proc = child.spawn(process.execPath, [cliPath, '-V'])

let output = ''
Expand All @@ -171,7 +238,21 @@ tap.test('CLI', t => {
})
})

t.test('outputs usage information when specified', t => {
t.test('outputs the version number when specified with --version', t => {
const proc = child.spawn(process.execPath, [cliPath, '--version'])

let output = ''
proc.stdout.on('data', data => {
output += data
})

proc.stdout.on('end', () => {
assert.strictEqual(output, pkg.version + '\n')
t.end()
})
})

t.test('outputs usage information when specified with -h', t => {
const proc = child.spawn(process.execPath, [cliPath, '-h'])

let output = ''
Expand All @@ -185,7 +266,21 @@ tap.test('CLI', t => {
})
})

t.test('is backward compatible with v0.5.1', t => {
t.test('outputs usage information when specified with --help', t => {
const proc = child.spawn(process.execPath, [cliPath, '--help'])

let output = ''
proc.stdout.on('data', data => {
output += data
})

proc.stdout.on('end', () => {
assert(/Usage/.test(output))
t.end()
})
})

t.test('is backward compatible with v0.5.1 with -c', t => {
const proc = child.spawn(
process.execPath,
[
Expand Down Expand Up @@ -213,5 +308,33 @@ tap.test('CLI', t => {
})
})

t.test('is backward compatible with v0.5.1 with --convert', t => {
const proc = child.spawn(
process.execPath,
[
cliPath,
'--convert',
path.resolve(__dirname, 'test.json5'),
]
)

proc.on('exit', () => {
assert.strictEqual(
fs.readFileSync(
path.resolve(__dirname, 'test.json'),
'utf8'
),
'{"a":1,"b":2}'
)
t.end()
})

t.tearDown(() => {
try {
fs.unlinkSync(path.resolve(__dirname, 'test.json'))
} catch (err) {}
})
})

t.end()
})

0 comments on commit 7466552

Please sign in to comment.