From 0a5debdf2f9f134adbc9c149489d7b89fea94690 Mon Sep 17 00:00:00 2001 From: Anish Babu Date: Wed, 18 Oct 2023 10:20:05 -0400 Subject: [PATCH 1/3] Upgraded formidable version to 3.5.1 --- lib/enableMultipart.js | 4 ++-- package-lock.json | 26 ++++++++++++++++++++------ package.json | 2 +- test/multipart.js | 16 +++++++++++++--- 4 files changed, 36 insertions(+), 12 deletions(-) diff --git a/lib/enableMultipart.js b/lib/enableMultipart.js index 684e0376c..a93c920a5 100644 --- a/lib/enableMultipart.js +++ b/lib/enableMultipart.js @@ -20,7 +20,7 @@ module.exports = app => { // only process forms with multipart content-type if (typeof contentType === 'string' && contentType.includes('multipart/form-data')) { // generate form object with formidable - const form = formidable(params) + const form = new formidable.IncomingForm(params) form.parse(req, (err, fields, files) => { if (err) { @@ -40,7 +40,7 @@ module.exports = app => { function cleanup () { for (const key in files) { const file = files[key] - const filePath = file.filepath + const filePath = file[0].filepath if (typeof filePath === 'string') { fs.remove(filePath, err => { diff --git a/package-lock.json b/package-lock.json index a984b8fff..3f0f84d04 100644 --- a/package-lock.json +++ b/package-lock.json @@ -18,7 +18,7 @@ "execa": "7.2.0", "express": "4.18.2", "express-html-validator": "0.2.1", - "formidable": "2.1.2", + "formidable": "3.5.1", "fs-extra": "11.1.1", "helmet": "7.0.0", "html-minifier": "4.0.0", @@ -3202,14 +3202,13 @@ } }, "node_modules/formidable": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/formidable/-/formidable-2.1.2.tgz", - "integrity": "sha512-CM3GuJ57US06mlpQ47YcunuUZ9jpm8Vx+P2CGt2j7HpgkKZO/DJYQ0Bobim8G6PFQmK5lOqOOdUXboU+h73A4g==", + "version": "3.5.1", + "resolved": "https://registry.npmjs.org/formidable/-/formidable-3.5.1.tgz", + "integrity": "sha512-WJWKelbRHN41m5dumb0/k8TeAx7Id/y3a+Z7QfhxP/htI9Js5zYaEDtG8uMgG0vM0lOlqnmjE99/kfpOYi/0Og==", "dependencies": { "dezalgo": "^1.0.4", "hexoid": "^1.0.0", - "once": "^1.4.0", - "qs": "^6.11.0" + "once": "^1.4.0" }, "funding": { "url": "https://ko-fi.com/tunnckoCore/commissions" @@ -6881,6 +6880,21 @@ } } }, + "node_modules/superagent/node_modules/formidable": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/formidable/-/formidable-2.1.2.tgz", + "integrity": "sha512-CM3GuJ57US06mlpQ47YcunuUZ9jpm8Vx+P2CGt2j7HpgkKZO/DJYQ0Bobim8G6PFQmK5lOqOOdUXboU+h73A4g==", + "dev": true, + "dependencies": { + "dezalgo": "^1.0.4", + "hexoid": "^1.0.0", + "once": "^1.4.0", + "qs": "^6.11.0" + }, + "funding": { + "url": "https://ko-fi.com/tunnckoCore/commissions" + } + }, "node_modules/superagent/node_modules/mime": { "version": "2.6.0", "resolved": "https://registry.npmjs.org/mime/-/mime-2.6.0.tgz", diff --git a/package.json b/package.json index 64a59c5a7..e3bd5fd20 100644 --- a/package.json +++ b/package.json @@ -32,7 +32,7 @@ "execa": "7.2.0", "express": "4.18.2", "express-html-validator": "0.2.1", - "formidable": "2.1.2", + "formidable": "3.5.1", "fs-extra": "11.1.1", "helmet": "7.0.0", "html-minifier": "4.0.0", diff --git a/test/multipart.js b/test/multipart.js index de3b7d969..61f1c94d4 100644 --- a/test/multipart.js +++ b/test/multipart.js @@ -21,8 +21,12 @@ function isEmpty (dir) { } } +const appDir = path.join(__dirname, 'app/multipartForms') + +// Ensure the default paths are relative to appDir +const destDir = process.env.DEST_DIR || path.join(appDir, 'complete') + describe('multipart/formidable', () => { - const appDir = path.join(__dirname, 'app/multipartForms') const context = {} const tmpDir = path.join(appDir, 'tmp') const completeDir = path.join(appDir, 'complete') @@ -65,10 +69,16 @@ describe('multipart/formidable', () => { // move files to 'complete' directory for (const key in files) { const file = files[key] - const filePath = file.filepath + const filePath = file[0].filepath + const originalFilename = file[0].originalFilename + const destPath = path.join(destDir, originalFilename) if (typeof filePath === 'string') { - fs.copyFileSync(filePath, path.join(completeDir, file.originalFilename)) + try { + fs.moveSync(filePath, destPath) + } catch (error) { + console.error(`Error moving file: ${error}`) + } } } From d0ec2769a7ef5de25e0e3aeb863dbcf8351a8323 Mon Sep 17 00:00:00 2001 From: Anish Babu Date: Thu, 2 Nov 2023 10:28:11 -0400 Subject: [PATCH 2/3] Updated Formidable version with good coding principles --- lib/enableMultipart.js | 22 ++++++++++++---------- test/multipart.js | 30 ++++++++++++++---------------- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/lib/enableMultipart.js b/lib/enableMultipart.js index a93c920a5..fd1d71108 100644 --- a/lib/enableMultipart.js +++ b/lib/enableMultipart.js @@ -38,19 +38,21 @@ module.exports = app => { * Remove tmp files left behind by formidable */ function cleanup () { - for (const key in files) { - const file = files[key] - const filePath = file[0].filepath - - if (typeof filePath === 'string') { - fs.remove(filePath, err => { - if (err) { - logger.error(`${appName} failed to remove tmp file: ${filePath}\n`, err) - } - }) + for (const fileArray of Object.values(files)) { + for (const file of fileArray) { + const filePath = file.filepath + + if (typeof filePath === 'string') { + fs.remove(filePath, err => { + if (err) { + logger.error(`${appName} failed to remove tmp file: ${filePath}\n`, err) + } + }) + } } } } + next() }) } else { diff --git a/test/multipart.js b/test/multipart.js index 61f1c94d4..2b5f04fdd 100644 --- a/test/multipart.js +++ b/test/multipart.js @@ -21,12 +21,9 @@ function isEmpty (dir) { } } -const appDir = path.join(__dirname, 'app/multipartForms') - -// Ensure the default paths are relative to appDir -const destDir = process.env.DEST_DIR || path.join(appDir, 'complete') - describe('multipart/formidable', () => { + const appDir = path.join(__dirname, 'app/multipartForms') + const destDir = process.env.DEST_DIR || path.join(appDir, 'complete') const context = {} const tmpDir = path.join(appDir, 'tmp') const completeDir = path.join(appDir, 'complete') @@ -67,17 +64,18 @@ describe('multipart/formidable', () => { const files = req.files // move files to 'complete' directory - for (const key in files) { - const file = files[key] - const filePath = file[0].filepath - const originalFilename = file[0].originalFilename - const destPath = path.join(destDir, originalFilename) - - if (typeof filePath === 'string') { - try { - fs.moveSync(filePath, destPath) - } catch (error) { - console.error(`Error moving file: ${error}`) + for (const fileArray of Object.values(files)) { + for (const file of fileArray) { + const filePath = file.filepath + const originalFilename = file.originalFilename + const destPath = path.join(destDir, originalFilename) + + if (typeof filePath === 'string') { + try { + fs.moveSync(filePath, destPath) + } catch (error) { + console.error(`Error moving file: ${error}`) + } } } } From 4fc66c7101ba18f3cdc46f0a416c8abaa3ec643c Mon Sep 17 00:00:00 2001 From: Anish Babu Date: Thu, 9 Nov 2023 10:00:09 -0500 Subject: [PATCH 3/3] changed destDir to completeDir --- test/multipart.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/multipart.js b/test/multipart.js index 2b5f04fdd..6b10eae03 100644 --- a/test/multipart.js +++ b/test/multipart.js @@ -23,7 +23,6 @@ function isEmpty (dir) { describe('multipart/formidable', () => { const appDir = path.join(__dirname, 'app/multipartForms') - const destDir = process.env.DEST_DIR || path.join(appDir, 'complete') const context = {} const tmpDir = path.join(appDir, 'tmp') const completeDir = path.join(appDir, 'complete') @@ -68,7 +67,7 @@ describe('multipart/formidable', () => { for (const file of fileArray) { const filePath = file.filepath const originalFilename = file.originalFilename - const destPath = path.join(destDir, originalFilename) + const destPath = path.join(completeDir, originalFilename) if (typeof filePath === 'string') { try {