fix: fix execArgv not work in cov (#255)

.gitignore

@@ -11,6 +11,7 @@ test/fixtures/ts/node_modules/aliyun-egg/
 !test/fixtures/test-files-glob/**
 !test/fixtures/example/node_modules/
 !test/fixtures/example-ts-cluster/node_modules/
+!test/fixtures/egg-revert/node_modules/
 !test/fixtures/example-ts-error-stack/node_modules/
 !test/fixtures/egg-require/node_modules/
 !test/fixtures/example-ts-simple/node_modules/

src/cmd/base.ts

@@ -97,12 +97,17 @@ export abstract class BaseCommand extends Command {
       console.log('dry run: $ %o', `${process.execPath} ${modulePath} ${args.join(' ')}`);
       return;
     }
+    const forkExecArgv = [
+      ...this.ctx.args.execArgv || [],
+      ...options.execArgv || [],
+    ];
 
     options = {
       stdio: 'inherit',
       env: this.ctx.env,
       cwd: this.base,
       ...options,
+      execArgv: forkExecArgv,
     };
     const proc = fork(modulePath, args, options);
     debug('Run fork pid: %o, `%s %s %s`',

src/cmd/cov.ts

@@ -83,6 +83,6 @@ export class CovCommand extends TestCommand {
     const coverageDir = path.join(this.base, 'coverage');
     await fs.rm(coverageDir, { force: true, recursive: true });
 
-    await super.forkNode(c8File, [ ...c8Args, modulePath, ...args ]);
+    await super.forkNode(c8File, [ ...c8Args, process.execPath, ...this.ctx.args.execArgv || [], modulePath, ...args ]);
   }
 }

src/middleware/global_options.ts

@@ -136,6 +136,14 @@ export default class GlobalOptions implements ApplicationLifecycle {
         await runscript(`node ${etsBin}`);
       }
 
+      if (ctx.args.pkgEgg.revert) {
+        ctx.args.execArgv = ctx.args.execArgv || [];
+        const reverts = Array.isArray(ctx.args.pkgEgg.revert) ? ctx.args.pkgEgg.revert : [ ctx.args.pkgEgg.revert ];
+        for (const revert of reverts) {
+          ctx.args.execArgv.push(`--security-revert=${revert}`);
+        }
+      }
+
       debug('set NODE_OPTIONS: %o', ctx.env.NODE_OPTIONS);
       debug('ctx.args: %o', ctx.args);
       debug('enter next');

test/cmd/cov.test.ts

@@ -2,8 +2,12 @@ import assert from 'node:assert';
 import path from 'node:path';
 import fs from 'node:fs/promises';
 import assertFile from 'assert-file';
+import mm from 'mm';
+
 import coffee from '../coffee';
 
+const version = Number(process.version.substring(1, 3));
+
 describe('test/cmd/cov.test.ts', () => {
   const eggBin = path.join(__dirname, '../../src/bin/cli.ts');
   const fixtures = path.join(__dirname, '../fixtures');
@@ -183,5 +187,18 @@ describe('test/cmd/cov.test.ts', () => {
         .expect('code', 0)
         .end();
     });
+
+    it('should support egg.revert', () => {
+      if (version < 18) return;
+      mm(process.env, 'NODE_ENV', 'development');
+      return coffee.fork(eggBin, [ 'cov' ], {
+        cwd: path.join(__dirname, '../fixtures/egg-revert'),
+      })
+        .debug()
+        .expect('stdout', /SECURITY WARNING: Reverting CVE-2023-46809: Marvin attack on PKCS#1 padding/)
+        .expect('stdout', /1 passing/)
+        .expect('code', 0)
+        .end();
+    });
   });
 });

test/cmd/dev.test.ts

@@ -1,8 +1,11 @@
 import path from 'node:path';
 import net from 'node:net';
 import detect from 'detect-port';
+import mm from 'mm';
 import coffee from '../coffee';
 
+const version = Number(process.version.substring(1, 3));
+
 describe('test/cmd/dev.test.ts', () => {
   const eggBin = path.join(__dirname, '../../src/bin/cli.ts');
   const fixtures = path.join(__dirname, '../fixtures');
@@ -186,4 +189,16 @@ describe('test/cmd/dev.test.ts', () => {
         .end();
     });
   });
+
+  it('should support egg.revert', () => {
+    if (version < 18) return;
+    mm(process.env, 'NODE_ENV', 'development');
+    return coffee.fork(eggBin, [ 'dev' ], {
+      cwd: path.join(__dirname, '../fixtures/egg-revert'),
+    })
+      // .debug()
+      .expect('stdout', /SECURITY WARNING: Reverting CVE-2023-46809: Marvin attack on PKCS#1 padding/)
+      .expect('code', 0)
+      .end();
+  });
 });

test/cmd/test.test.ts

@@ -1,6 +1,8 @@
 import path from 'node:path';
 import coffee from '../coffee';
 
+const version = Number(process.version.substring(1, 3));
+
 describe('test/cmd/test.test.ts', () => {
   const eggBin = path.join(__dirname, '../../src/bin/cli.ts');
   const fixtures = path.join(__dirname, '../fixtures');
@@ -304,5 +306,16 @@ describe('test/cmd/test.test.ts', () => {
         .expect('code', 0)
         .end();
     });
+
+    it('should support egg.revert', () => {
+      if (version < 18) return;
+      return coffee.fork(eggBin, [ 'test' ], {
+        cwd: path.join(__dirname, '../fixtures/egg-revert'),
+      })
+        .debug()
+        .expect('stdout', /SECURITY WARNING: Reverting CVE-2023-46809: Marvin attack on PKCS#1 padding/)
+        .expect('code', 0)
+        .end();
+    });
   });
 });

test/fixtures/egg-revert/package.json

@@ -0,0 +1,7 @@
+{
+  "name": "demo-app",
+  "egg": {
+    "framework": "aliyun-egg",
+    "revert": "CVE-2023-46809"
+  }
+}

test/fixtures/egg-revert/test/index.test.js

@@ -0,0 +1,8 @@
+const assert = require('assert');
+
+describe('test/index.test.js', () => {
+  it('should test', () => {
+    // test
+    assert(process.execArgv.includes('--security-revert=CVE-2023-46809'));
+  });
+});