Skip to content

Commit

Permalink
fix: ensure that setgid and setuid flags are cleared
Browse files Browse the repository at this point in the history
  • Loading branch information
develar committed Jun 20, 2019
1 parent 93db696 commit 167fe0a
Show file tree
Hide file tree
Showing 17 changed files with 80 additions and 77 deletions.
1 change: 1 addition & 0 deletions .idea/dictionaries/develar.xml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
"@types/debug": "^4.1.4",
"@types/is-ci": "^2.0.0",
"@types/semver": "^6.0.0",
"app-builder-bin": "2.6.17",
"app-builder-bin": "2.7.0",
"archiver": "^3.0.0",
"async-exit-hook": "^2.0.1",
"bluebird-lst": "^1.0.9",
Expand Down
2 changes: 1 addition & 1 deletion packages/app-builder-lib/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@
"homepage": "https://github.com/electron-userland/electron-builder",
"dependencies": {
"7zip-bin": "~4.1.0",
"app-builder-bin": "2.6.17",
"app-builder-bin": "2.7.0",
"async-exit-hook": "^2.0.1",
"bluebird-lst": "^1.0.9",
"chromium-pickle-js": "^0.2.0",
Expand Down
8 changes: 1 addition & 7 deletions packages/app-builder-lib/src/remoteBuilder/RemoteBuilder.ts
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ export class RemoteBuilder {

scheduleBuild(target: Target, arch: Arch, unpackedDirectory: string) {
if (!isEnvTrue(process.env._REMOTE_BUILD) && this.packager.config.remoteBuild === false) {
throw new Error("Target is not supported on your OS and using of Electron Build Service is disabled (\"remoteBuild\" option)")
throw new InvalidConfigurationError("Target is not supported on your OS and using of Electron Build Service is disabled (\"remoteBuild\" option)")
}

let list = this.toBuild.get(arch)
Expand Down Expand Up @@ -61,7 +61,6 @@ export class RemoteBuilder {

const projectInfoManager = new ProjectInfoManager(packager.info)

// let result: RemoteBuilderResponse | null = null
const req = Buffer.from(JSON.stringify({
targets: targets.map(it => {
return {
Expand Down Expand Up @@ -126,9 +125,4 @@ interface ArtifactInfo extends UploadTask {

readonly isWriteUpdateInfo?: boolean
readonly updateInfo?: any
}

export interface RemoteBuilderResponse {
files: Array<ArtifactInfo> | null
error: string | null
}
13 changes: 7 additions & 6 deletions packages/app-builder-lib/src/remoteBuilder/builder-cli.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import { readJson, writeFile } from "fs-extra-p"
import * as path from "path"
import { UploadTask, Arch, Packager, PackagerOptions, PublishOptions } from ".."
import { InvalidConfigurationError } from "builder-util"
import SnapTarget from "../targets/snap"

if (process.env.BUILDER_REMOVE_STAGE_EVEN_IF_DEBUG == null) {
Expand All @@ -9,31 +10,31 @@ if (process.env.BUILDER_REMOVE_STAGE_EVEN_IF_DEBUG == null) {

async function doBuild(data: BuildTask): Promise<void> {
if (process.env.APP_BUILDER_TMP_DIR == null) {
throw new Error("Env APP_BUILDER_TMP_DIR must be set for builder process")
throw new InvalidConfigurationError("Env APP_BUILDER_TMP_DIR must be set for builder process")
}

const projectDir = process.env.PROJECT_DIR
if (projectDir == null) {
throw new Error("Env PROJECT_DIR must be set for builder process")
throw new InvalidConfigurationError("Env PROJECT_DIR must be set for builder process")
}

const targets = data.targets
if (data.platform == null) {
throw new Error("platform not specified")
throw new InvalidConfigurationError("platform not specified")
}
if (targets == null) {
throw new Error("targets path not specified")
throw new InvalidConfigurationError("targets path not specified")
}
if (!Array.isArray(targets)) {
throw new Error("targets must be array of target name")
throw new InvalidConfigurationError("targets must be array of target name")
}

const infoFile = projectDir + path.sep + "info.json"
const info = await readJson(infoFile)

const projectOutDir = process.env.PROJECT_OUT_DIR
if (projectDir == null) {
throw new Error("Env PROJECT_OUT_DIR must be set for builder process")
throw new InvalidConfigurationError("Env PROJECT_OUT_DIR must be set for builder process")
}

// yes, for now we expect the only target
Expand Down
2 changes: 1 addition & 1 deletion packages/builder-util/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
"out"
],
"dependencies": {
"app-builder-bin": "2.6.17",
"app-builder-bin": "2.7.0",
"temp-file": "^3.3.3",
"fs-extra-p": "^8.0.2",
"is-ci": "^2.0.0",
Expand Down
3 changes: 3 additions & 0 deletions packages/builder-util/src/fs.ts
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,9 @@ export function copyOrLinkFile(src: string, dest: string, stats?: Stats | null,
mode.group.read = true
mode.others.read = true

mode.setuid = false
mode.setgid = false

if (originalModeNumber !== stats.mode) {
if (log.isDebugEnabled) {
const oldMode = new Mode({mode: originalModeNumber})
Expand Down
7 changes: 2 additions & 5 deletions packages/builder-util/src/log.ts
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ export class Logger {
message = message.toString()
}

const levelIndicator = "•"
const levelIndicator = level === "error" ? "⨯" : "•"
const color = LEVEL_TO_COLOR[level]
this.stream.write(`${" ".repeat(PADDING)}${color(levelIndicator)} `)
this.stream.write(Logger.createMessage(this.messageTransformer(message, level), fields, level, color, PADDING + 2 /* level indicator and space */))
Expand All @@ -82,11 +82,8 @@ export class Logger {
return message
}

let text = message

const fieldPadding = " ".repeat(Math.max(1, 16 - message.length))
text += fieldPadding

let text = message + fieldPadding
const fieldNames = Object.keys(fields)
let counter = 0
for (const name of fieldNames) {
Expand Down
1 change: 1 addition & 0 deletions packages/builder-util/src/util.ts
Original file line number Diff line number Diff line change
Expand Up @@ -333,6 +333,7 @@ export function executeAppBuilder(args: Array<string>, childProcessConsumer?: (c
SNAP_USE_HARD_LINKS_IF_POSSIBLE: isCI.toString(),
...process.env,
SZA_PATH: path7za,
FORCE_COLOR: chalk.enabled ? "1" : "0",
}
const cacheEnv = process.env.ELECTRON_BUILDER_CACHE
if (cacheEnv != null && cacheEnv.length > 0) {
Expand Down
14 changes: 7 additions & 7 deletions test/out/__snapshots__/BuildTest.js.snap
Original file line number Diff line number Diff line change
Expand Up @@ -466,7 +466,7 @@ Object {
"dist": Object {
"files": Object {
"debug.js": Object {
"size": 26324,
"size": 27572,
},
},
},
Expand All @@ -479,7 +479,7 @@ Object {
"size": 5831,
},
"common.js": Object {
"size": 5874,
"size": 5930,
},
"index.js": Object {
"size": 314,
Expand Down Expand Up @@ -768,13 +768,13 @@ Object {
"size": 749,
},
"inherits.js": Object {
"size": 192,
"size": 250,
},
"inherits_browser.js": Object {
"size": 672,
"size": 753,
},
"package.json": Object {
"size": 393,
"size": 394,
},
},
},
Expand Down Expand Up @@ -1102,7 +1102,7 @@ Object {
"size": 1069,
},
"index.js": Object {
"size": 4826,
"size": 4896,
},
"package.json": Object {
"size": 524,
Expand Down Expand Up @@ -1244,7 +1244,7 @@ Object {
"process-nextick-args": Object {
"files": Object {
"index.js": Object {
"size": 1045,
"size": 1083,
},
"license.md": Object {
"size": 1064,
Expand Down
11 changes: 0 additions & 11 deletions test/out/linux/__snapshots__/snapTest.js.snap
Original file line number Diff line number Diff line change
Expand Up @@ -1425,14 +1425,3 @@ Object {
],
}
`;

exports[`snap full 1`] = `
Object {
"linux": Array [
Object {
"arch": "x64",
"file": "se-wo-template_1.1.0_amd64.snap",
},
],
}
`;
2 changes: 1 addition & 1 deletion test/src/BuildTest.ts
Original file line number Diff line number Diff line change
Expand Up @@ -319,7 +319,7 @@ test.ifAll.ifDevOrLinuxCi("posix smart unpack", app({
}, {
projectDirCreated: packageJson(it => {
it.dependencies = {
debug: "4.1.0",
debug: "4.1.1",
"edge-cs": "1.2.1",
// no prebuilt for electron 3
// "lzma-native": "3.0.10",
Expand Down
1 change: 1 addition & 0 deletions test/src/helpers/packTester.ts
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ if (process.env.TRAVIS !== "true") {
}

export const linuxDirTarget = Platform.LINUX.createTarget(DIR_TARGET)
export const snapTarget = Platform.LINUX.createTarget("snap")

export interface AssertPackOptions {
readonly projectDirCreated?: (projectDir: string, tmpDir: TmpDir) => Promise<any>
Expand Down
23 changes: 4 additions & 19 deletions test/src/linux/snapTest.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import { Platform } from "electron-builder"
import { app, assertPack } from "../helpers/packTester"
import { app, assertPack, snapTarget } from "../helpers/packTester"

if (process.env.SNAP_TEST === "false") {
fit("Skip snapTest suite — SNAP_TEST is set to false or Windows", () => {
Expand All @@ -12,8 +12,6 @@ else if (process.platform === "win32") {
})
}

const snapTarget = Platform.LINUX.createTarget("snap")

test.ifAll.ifDevOrLinuxCi("snap", app({
targets: snapTarget,
config: {
Expand All @@ -24,20 +22,6 @@ test.ifAll.ifDevOrLinuxCi("snap", app({
},
}))

// very slow
test.skip("snap full", app({
targets: snapTarget,
config: {
extraMetadata: {
name: "se-wo-template",
},
productName: "Snap Electron App (full build)",
snap: {
useTemplateApp: false,
},
},
}))

test.ifAll.ifDevOrLinuxCi("default stagePackages", async () => {
for (const p of [["default"], ["default", "custom"], ["custom", "default"], ["foo1", "default", "foo2"]]) {
await assertPack("test-app-one", {
Expand All @@ -58,7 +42,7 @@ test.ifAll.ifDevOrLinuxCi("default stagePackages", async () => {
effectiveOptionComputed: async ({snap, args}) => {
delete snap.parts.app.source
expect(snap).toMatchSnapshot()
expect(args).toContain("--exclude")
expect(args).not.toContain("--exclude")
return true
},
})
Expand Down Expand Up @@ -185,8 +169,9 @@ test.ifDevOrLinuxCi("no desktop plugs", app({
plugs: ["foo", "bar"]
}
},
effectiveOptionComputed: async ({ snap }) => {
effectiveOptionComputed: async ({ snap, args }) => {
expect(snap).toMatchSnapshot()
expect(args).toContain("--exclude")
return true
},
}))
31 changes: 31 additions & 0 deletions test/src/linux/snapTestHeavy.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
import { Platform, Arch } from "app-builder-lib"
import { app, snapTarget } from "../helpers/packTester"

// very slow

test.ifAll("snap full", app({
targets: snapTarget,
config: {
extraMetadata: {
name: "se-wo-template",
},
productName: "Snap Electron App (full build)",
snap: {
useTemplateApp: false,
},
},
}))

// very slow
test.ifAll("snap full (armhf)", app({
targets: Platform.LINUX.createTarget("snap", Arch.armv7l),
config: {
extraMetadata: {
name: "se-wo-template",
},
productName: "Snap Electron App (full build)",
snap: {
useTemplateApp: false,
},
},
}))
4 changes: 2 additions & 2 deletions test/src/mac/masTest.ts
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ test.ifAll("custom mas", () => {
})
})

test.ifAll("entitlements in the package.json", () => {
test.ifAll.ifNotCi("entitlements in the package.json", () => {
let platformPackager: CheckingMacPackager | null = null
return assertPack("test-app-one", signed({
targets: Platform.MAC.createTarget(),
Expand All @@ -66,7 +66,7 @@ test.ifAll("entitlements in the package.json", () => {
})
})

test.ifAll("entitlements in build dir", () => {
test.ifAll.ifNotCi("entitlements in build dir", () => {
let platformPackager: CheckingMacPackager | null = null
return assertPack("test-app-one", signed({
targets: Platform.MAC.createTarget(),
Expand Down
Loading

0 comments on commit 167fe0a

Please sign in to comment.