From 708c467c47eab7215c30077ad1e9f07e97fb7bfa Mon Sep 17 00:00:00 2001 From: Anton Golub Date: Tue, 24 Dec 2024 16:25:23 +0300 Subject: [PATCH] fix: check donenv names --- src/util.ts | 7 +++++- test/cli.test.js | 2 +- test/util.test.js | 59 +++++++++++++++++++++++++---------------------- 3 files changed, 38 insertions(+), 30 deletions(-) diff --git a/src/util.ts b/src/util.ts index 0000a32d56..efb4ce0cc3 100644 --- a/src/util.ts +++ b/src/util.ts @@ -361,10 +361,14 @@ export const parseBool = (v: string): boolean | string => // prettier-ignore export const parseDotenv = (content: string): NodeJS.ProcessEnv => { const e: Record = {} + const r = /^[a-zA-Z_]+[a-zA-Z0-9_]*$/ let k = '' let c = '' let q = '' - const cap = () => {if (c && k) { e[k] = c; c = ''; k = '' }} + const cap = () => { if (c && k) { + if (!r.test(k)) throw new Error(`Invalid identifier: ${k}`) + e[k] = c; c = ''; k = '' + }} for (const s of content) { if (s === ' ' && !q) { @@ -389,6 +393,7 @@ export const parseDotenv = (content: string): NodeJS.ProcessEnv => { } c += s } + cap() return e } diff --git a/test/cli.test.js b/test/cli.test.js index ebaa02f93b..da35f16d20 100644 --- a/test/cli.test.js +++ b/test/cli.test.js @@ -150,7 +150,7 @@ describe('cli', () => { assert.ok(p.stderr.endsWith(cwd + '\n')) }) - test('supports `--env` options with file', async () => { + test('supports `--env` option', async () => { const env = tmpfile( '.env', `FOO=BAR diff --git a/test/util.test.js b/test/util.test.js index 448242b025..5dfecb3879 100644 --- a/test/util.test.js +++ b/test/util.test.js @@ -140,10 +140,9 @@ describe('util', () => { assert.equal(toCamelCase('SOME_MORE_BIG_STR'), 'someMoreBigStr') assert.equal(toCamelCase('kebab-input-str'), 'kebabInputStr') }) -}) -test('parseDotenv()', () => { - const multiline = `SIMPLE=xyz123 + test('parseDotenv()', () => { + const multiline = `SIMPLE=xyz123 NON_INTERPOLATED='raw text without variable interpolation' MULTILINE = """ long text here, @@ -152,32 +151,36 @@ e.g. a private SSH key ENV=v1\nENV2=v2\n\n\n ENV3 = v3 \n export ENV4=v4 ` - assert.deepEqual(parseDotenv(multiline), { - SIMPLE: 'xyz123', - NON_INTERPOLATED: 'raw text without variable interpolation', - MULTILINE: '\nlong text here,\ne.g. a private SSH key\n', - ENV: 'v1', - ENV2: 'v2', - ENV3: 'v3', - ENV4: 'v4', - }) -}) - -describe('readEnvFromFile()', () => { - test('handles correct proccess.env', () => { - const file = tempfile('.env', 'ENV=value1\nENV2=value24') - const env = readEnvFromFile(file) - assert.equal(env.ENV, 'value1') - assert.equal(env.ENV2, 'value24') - assert.ok(env.NODE_VERSION !== '') + assert.deepEqual(parseDotenv(multiline), { + SIMPLE: 'xyz123', + NON_INTERPOLATED: 'raw text without variable interpolation', + MULTILINE: '\nlong text here,\ne.g. a private SSH key\n', + ENV: 'v1', + ENV2: 'v2', + ENV3: 'v3', + ENV4: 'v4', + }) + + assert.deepEqual(parseDotenv(`FOO=BAR + BAR=FOO+`), {FOO: 'BAR', BAR: 'FOO+'}) }) - test('handles correct some env', () => { - const file = tempfile('.env', 'ENV=value1\nENV2=value24') - const env = readEnvFromFile(file, { version: '1.0.0', name: 'zx' }) - assert.equal(env.ENV, 'value1') - assert.equal(env.ENV2, 'value24') - assert.equal(env.version, '1.0.0') - assert.equal(env.name, 'zx') + describe('readEnvFromFile()', () => { + test('handles correct proccess.env', () => { + const file = tempfile('.env', 'ENV=value1\nENV2=value24') + const env = readEnvFromFile(file) + assert.equal(env.ENV, 'value1') + assert.equal(env.ENV2, 'value24') + assert.ok(env.NODE_VERSION !== '') + }) + + test('handles correct some env', () => { + const file = tempfile('.env', 'ENV=value1\nENV2=value24') + const env = readEnvFromFile(file, { version: '1.0.0', name: 'zx' }) + assert.equal(env.ENV, 'value1') + assert.equal(env.ENV2, 'value24') + assert.equal(env.version, '1.0.0') + assert.equal(env.name, 'zx') + }) }) })