Actualizacion de seguridad
This commit is contained in:
Pablinux
4
node_modules/nodemon/lib/config/defaults.js
generated
vendored
4
node_modules/nodemon/lib/config/defaults.js
generated
vendored
@@ -25,7 +25,9 @@ const defaults = {
|
||||
watchOptions: {},
|
||||
};
|
||||
|
||||
if ((process.env.NODE_OPTIONS || '').includes('--loader')) {
|
||||
const nodeOptions = process.env.NODE_OPTIONS || ''; // ?
|
||||
|
||||
if (/--(loader|import)\b/.test(nodeOptions)) {
|
||||
delete defaults.execMap.ts;
|
||||
}
|
||||
|
||||
|
||||
43
node_modules/nodemon/lib/config/exec.js
generated
vendored
43
node_modules/nodemon/lib/config/exec.js
generated
vendored
@@ -27,7 +27,7 @@ function execFromPackage() {
|
||||
if (pkg.scripts && pkg.scripts.start) {
|
||||
return { exec: pkg.scripts.start };
|
||||
}
|
||||
} catch (e) { }
|
||||
} catch (e) {}
|
||||
|
||||
return null;
|
||||
}
|
||||
@@ -78,8 +78,10 @@ function exec(nodemonOptions, execMap) {
|
||||
|
||||
// if there's no script passed, try to get it from the first argument
|
||||
if (!options.script && (options.args || []).length) {
|
||||
script = expandScript(options.args[0],
|
||||
options.ext && ('.' + (options.ext || 'js').split(',')[0]));
|
||||
script = expandScript(
|
||||
options.args[0],
|
||||
options.ext && '.' + (options.ext || 'js').split(',')[0]
|
||||
);
|
||||
|
||||
// if the script was found, shift it off our args
|
||||
if (script !== options.args[0]) {
|
||||
@@ -101,8 +103,7 @@ function exec(nodemonOptions, execMap) {
|
||||
if (!options.script) {
|
||||
options.script = found.script;
|
||||
}
|
||||
if (Array.isArray(options.args) &&
|
||||
options.scriptPosition === null) {
|
||||
if (Array.isArray(options.args) && options.scriptPosition === null) {
|
||||
options.scriptPosition = options.args.length;
|
||||
}
|
||||
}
|
||||
@@ -115,8 +116,8 @@ function exec(nodemonOptions, execMap) {
|
||||
|
||||
var extension = options.ext;
|
||||
if (extension === undefined) {
|
||||
var isJS = scriptExt === 'js' || scriptExt === 'mjs';
|
||||
extension = (isJS || !scriptExt) ? 'js,mjs' : scriptExt;
|
||||
var isJS = scriptExt === 'js' || scriptExt === 'mjs' || scriptExt === 'cjs';
|
||||
extension = isJS || !scriptExt ? 'js,mjs,cjs' : scriptExt;
|
||||
extension += ',json'; // Always watch JSON files
|
||||
}
|
||||
|
||||
@@ -147,8 +148,10 @@ function exec(nodemonOptions, execMap) {
|
||||
});
|
||||
|
||||
var newExec = substitution(options.exec);
|
||||
if (newExec !== options.exec &&
|
||||
options.exec.indexOf('{{filename}}') !== -1) {
|
||||
if (
|
||||
newExec !== options.exec &&
|
||||
options.exec.indexOf('{{filename}}') !== -1
|
||||
) {
|
||||
options.script = null;
|
||||
}
|
||||
options.exec = newExec;
|
||||
@@ -160,14 +163,16 @@ function exec(nodemonOptions, execMap) {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (options.exec === 'node' && options.nodeArgs && options.nodeArgs.length) {
|
||||
options.execArgs = options.execArgs.concat(options.nodeArgs);
|
||||
}
|
||||
|
||||
// note: indexOf('coffee') handles both .coffee and .litcoffee
|
||||
if (!execDefined && options.exec === 'node' &&
|
||||
scriptExt.indexOf('coffee') !== -1) {
|
||||
if (
|
||||
!execDefined &&
|
||||
options.exec === 'node' &&
|
||||
scriptExt.indexOf('coffee') !== -1
|
||||
) {
|
||||
options.exec = 'coffee';
|
||||
|
||||
// we need to get execArgs set before the script
|
||||
@@ -187,7 +192,9 @@ function exec(nodemonOptions, execMap) {
|
||||
if (options.exec === 'coffee') {
|
||||
// don't override user specified extension tracking
|
||||
if (options.ext === undefined) {
|
||||
if (extension) { extension += ','; }
|
||||
if (extension) {
|
||||
extension += ',';
|
||||
}
|
||||
extension += 'coffee,litcoffee';
|
||||
}
|
||||
|
||||
@@ -203,19 +210,21 @@ function exec(nodemonOptions, execMap) {
|
||||
// because the terminal will automatically expand the glob against
|
||||
// the file system :(
|
||||
extension = (extension.match(/[^,*\s]+/g) || [])
|
||||
.map(ext => ext.replace(/^\./, ''))
|
||||
.map((ext) => ext.replace(/^\./, ''))
|
||||
.join(',');
|
||||
|
||||
options.ext = extension;
|
||||
|
||||
if (options.script) {
|
||||
options.script = expandScript(options.script,
|
||||
extension && ('.' + extension.split(',')[0]));
|
||||
options.script = expandScript(
|
||||
options.script,
|
||||
extension && '.' + extension.split(',')[0]
|
||||
);
|
||||
}
|
||||
|
||||
options.env = {};
|
||||
// make sure it's an object (and since we don't have )
|
||||
if (({}).toString.apply(nodemonOptions.env) === '[object Object]') {
|
||||
if ({}.toString.apply(nodemonOptions.env) === '[object Object]') {
|
||||
options.env = utils.clone(nodemonOptions.env);
|
||||
} else if (nodemonOptions.env !== undefined) {
|
||||
throw new Error('nodemon env values must be an object: { PORT: 8000 }');
|
||||
|
||||
89
node_modules/nodemon/lib/config/load.js
generated
vendored
89
node_modules/nodemon/lib/config/load.js
generated
vendored
@@ -16,7 +16,11 @@ var existsSync = fs.existsSync || path.existsSync;
|
||||
function findAppScript() {
|
||||
// nodemon has been run alone, so try to read the package file
|
||||
// or try to read the index.js file
|
||||
if (existsSync('./index.js')) {
|
||||
|
||||
var pkg =
|
||||
existsSync(path.join(process.cwd(), 'package.json')) &&
|
||||
require(path.join(process.cwd(), 'package.json'));
|
||||
if ((!pkg || pkg.main == undefined) && existsSync('./index.js')) {
|
||||
return 'index.js';
|
||||
}
|
||||
}
|
||||
@@ -62,7 +66,6 @@ function load(settings, options, config, callback) {
|
||||
options.ignore = defaults.ignore.concat(options.ignore);
|
||||
}
|
||||
|
||||
|
||||
// add in any missing defaults
|
||||
options = utils.merge(options, defaults);
|
||||
|
||||
@@ -74,11 +77,14 @@ function load(settings, options, config, callback) {
|
||||
}
|
||||
// if the script is found as a result of not being on the command
|
||||
// line, then we move any of the pre double-dash args in execArgs
|
||||
const n = options.scriptPosition === null ?
|
||||
options.args.length : options.scriptPosition;
|
||||
const n =
|
||||
options.scriptPosition === null
|
||||
? options.args.length
|
||||
: options.scriptPosition;
|
||||
|
||||
options.execArgs = (options.execArgs || [])
|
||||
.concat(options.args.splice(0, n));
|
||||
options.execArgs = (options.execArgs || []).concat(
|
||||
options.args.splice(0, n)
|
||||
);
|
||||
options.scriptPosition = null;
|
||||
|
||||
options.script = found;
|
||||
@@ -102,53 +108,11 @@ function load(settings, options, config, callback) {
|
||||
normaliseRules(options, callback);
|
||||
};
|
||||
|
||||
// if we didn't pick up a nodemon.json file & there's no cli ignores
|
||||
// then try loading an old style .nodemonignore file
|
||||
if (config.loaded.length === 0) {
|
||||
var legacy = loadLegacyIgnore.bind(null, options, config, ready);
|
||||
|
||||
// first try .nodemonignore, if that doesn't exist, try nodemon-ignore
|
||||
return legacy('.nodemonignore', function () {
|
||||
legacy('nodemon-ignore', function (options) {
|
||||
ready(options);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
ready(options);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Loads the old style nodemonignore files which is a list of patterns
|
||||
* in a file to ignore
|
||||
*
|
||||
* @param {Object} options nodemon user options
|
||||
* @param {Function} success
|
||||
* @param {String} filename ignore file (.nodemonignore or nodemon-ignore)
|
||||
* @param {Function} fail (optional) failure callback
|
||||
*/
|
||||
function loadLegacyIgnore(options, config, success, filename, fail) {
|
||||
var ignoreFile = path.join(process.cwd(), filename);
|
||||
|
||||
exists(ignoreFile, function (exists) {
|
||||
if (exists) {
|
||||
config.loaded.push(ignoreFile);
|
||||
return parse(ignoreFile, function (error, rules) {
|
||||
options.ignore = rules.raw;
|
||||
success(options);
|
||||
});
|
||||
}
|
||||
|
||||
if (fail) {
|
||||
fail(options);
|
||||
} else {
|
||||
success(options);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
function normaliseRules(options, ready) {
|
||||
// convert ignore and watch options to rules/regexp
|
||||
rules.watch.add(options.watch);
|
||||
@@ -170,7 +134,7 @@ function normaliseRules(options, ready) {
|
||||
*/
|
||||
function loadFile(options, config, dir, ready) {
|
||||
if (!ready) {
|
||||
ready = function () { };
|
||||
ready = function () {};
|
||||
}
|
||||
|
||||
var callback = function (settings) {
|
||||
@@ -222,29 +186,32 @@ function loadFile(options, config, dir, ready) {
|
||||
|
||||
function loadPackageJSON(config, ready) {
|
||||
if (!ready) {
|
||||
ready = () => { };
|
||||
ready = () => {};
|
||||
}
|
||||
|
||||
const dir = process.cwd();
|
||||
const filename = path.join(dir, 'package.json');
|
||||
const packageLoadOptions = { configFile: filename };
|
||||
return loadFile(packageLoadOptions, config, dir, settings => {
|
||||
return loadFile(packageLoadOptions, config, dir, (settings) => {
|
||||
ready(settings.nodemonConfig || {});
|
||||
});
|
||||
}
|
||||
|
||||
function mutateExecOptions(options) {
|
||||
// work out the execOptions based on the final config we have
|
||||
options.execOptions = exec({
|
||||
script: options.script,
|
||||
exec: options.exec,
|
||||
args: options.args,
|
||||
scriptPosition: options.scriptPosition,
|
||||
nodeArgs: options.nodeArgs,
|
||||
execArgs: options.execArgs,
|
||||
ext: options.ext,
|
||||
env: options.env,
|
||||
}, options.execMap);
|
||||
options.execOptions = exec(
|
||||
{
|
||||
script: options.script,
|
||||
exec: options.exec,
|
||||
args: options.args,
|
||||
scriptPosition: options.scriptPosition,
|
||||
nodeArgs: options.nodeArgs,
|
||||
execArgs: options.execArgs,
|
||||
ext: options.ext,
|
||||
env: options.env,
|
||||
},
|
||||
options.execMap
|
||||
);
|
||||
|
||||
// clean up values that we don't need at the top level
|
||||
delete options.scriptPosition;
|
||||
|
||||
Reference in New Issue
Block a user