child_process: allow URL instances as paths to executables
#49031
Conversation
nodejs-github-bot
added
child_process
test/common/index.js
Outdated
| [new URL('file:///C:/Windows/system32/cmd.exe'), ['/d', '/c', 'cd']] : | ||
| [new URL('file:///bin/pwd'), []]; |
There was a problem hiding this comment.
Why these changes? Are we sure these absolute paths are safe assumptions?
There was a problem hiding this comment.
Not 100% sure and I'd like to see if it's not the case on any platform covered by CI first.
Then it will most likely be moved to separate test-child-process-urlfile.mjs test.
If there is a concise&robust way to get absolute url or absolute path to pwd or any other convenient good-for-test executable, or if we can create one in fixtures, I'd like to know.
There was a problem hiding this comment.
I would guess the "where"/"which" commands should generally be available, even outside of CI since tests should work locally too.
github-actions
bot
added
request-ci-failed
Failed to start CI- Validating Jenkins credentials ✘ Jenkins credentials invalidhttps://github.com/nodejs/node/actions/runs/5774680936 |
| @@ -1040,6 +1056,10 @@ metacharacters may be used to trigger arbitrary command execution.** | |||
| <!-- YAML | |||
| added: v0.11.12 | |||
| changes: | |||
| - version: REPLACEME | |||
| pr-url: https://github.com/nodejs/node/pull/49031 | |||
| description: The `command` parameter can be a WHATWG `URL` object using | |||
There was a problem hiding this comment.
The word object hints towards an actual javascript object with URL class properties, but there isn't any test to check towards it.
| description: The `command` parameter can be a WHATWG `URL` object using | |
| description: The `command` parameter can be a WHATWG `URL` instance using |
There was a problem hiding this comment.
isURL() is duck-typed:
Lines 761 to 763 in d150316
so it probably makes sense? The same term is used in other entries here as well.
| } | ||
|
|
||
| { | ||
| const stdout = cp.spawnSync(...pwdCommandAndOptions).stdout; |
There was a problem hiding this comment.
Can you also add a test where the legacy url class is used? We need to make sure it does exactly what we want it to be.
| const pwdFullPath = `${cp.execSync(whichCommand)}`.trim(); | ||
| const pwdUrl = pathToFileURL(pwdFullPath); | ||
| const pwdCommandAndOptions = isWindows ? | ||
| [pwdUrl, ['/d', '/c', 'cd'], { cwd: pathToFileURL(cwd) }] : |
There was a problem hiding this comment.
Can you also add a test where javascript object representation of the URL is used?
| @@ -545,8 +545,7 @@ function copyProcessEnvToEnv(env, name, optionEnv) { | |||
| } | |||
|
|
|||
| function normalizeSpawnArguments(file, args, options) { | |||
| validateString(file, 'file'); | |||
| validateArgumentNullCheck(file, 'file'); | |||
| file = getValidatedPath(file, 'file'); | |||
There was a problem hiding this comment.
validatePath inside getValidatedPath also accepts buffers. Can you add a test for it as well?
There was a problem hiding this comment.
Nice catch! I guess it should be restricted to string or stringified URL, at least for now.
|
cc @nodejs/url |
|
|
||
| throws( | ||
| () => cp.execFileSync(...pwdCommandAndOptions), | ||
| { code: 'ERR_INVALID_ARG_TYPE' }, |
There was a problem hiding this comment.
Can you be specific, or at least add comment about what this line is testing? It is really cryptic atm.
There was a problem hiding this comment.
Added tests for specific errors, added brief comments.
aduh95
added
request-ci
github-actions
bot
removed
the
request-ci
This comment was marked as outdated.
This comment was marked as outdated.
LiviaMedeiros
force-pushed
the
childprocess-file-url
branch
from
7ca5ecf
to
71a2fef
Compare
github-actions
bot
removed
the
request-ci
Allow
URLinstances to be passed asfileparameters andexecPathoptions. For example: