Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix all security related issues, #55

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

Fix all security related issues, #55

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
e45490e
Minor security fix
ralic Oct 12, 2019
91b6fb7
Upgrade test
ralic Oct 12, 2019
169426a
Update flow for test
ralic Oct 12, 2019
ecaff75
Fixing test failures
ralic Oct 22, 2019
9f52624
Adding eslint
ralic Oct 24, 2019
b152e87
Fix testings
ralic Oct 25, 2019
5ef75d7
Drop node v4,v6 support
ralic Oct 25, 2019
5a6a7e0
Upgrade node engine
ralic Oct 25, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions .eslintrc.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
module.exports = {
'env': {
'browser': true,
'es6': true,
'node': true,
},
'extends': [
'google',
],
'globals': {
'Atomics': 'readonly',
'SharedArrayBuffer': 'readonly',
},
'parserOptions': {
'ecmaFeatures': {
'jsx': true,
},
'ecmaVersion': 2018,
'sourceType': 'module',
},
'plugins': [
'react',
],
'rules': {
},
};
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,4 @@ coverage
.idea
npm-debug.log
lib
.nyc_output
6 changes: 4 additions & 2 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
language: node_js
node_js:
- 6
- 4
- "node"
- 12
- 10
- 8
126 changes: 58 additions & 68 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,23 @@
/* eslint-disable require-jsdoc */
/* @flow weak */
'use strict';


var Q = require('q');
var fs = require('fs');
var path = require('path');
var gutil = require('gulp-util');
var through = require('through2');
var flowBin = require('flow-bin');
var logSymbols = require('log-symbols');
var childProcess = require('child_process');
var chalk = require('chalk');
var reporter = require('flow-reporter');
const Q = require('q');
const fs = require('fs');
const path = require('path');
const gutil = require('gulp-util');
const through = require('through2');
const flowBin = require('flow-bin');
const logSymbols = require('log-symbols');
const childProcess = require('child_process');
const reporter = require('flow-reporter');

/**
* Flow check initialises a server per folder when run,
* we can store these paths and kill them later if need be.
*/
var servers = [];
var passed = true;
const servers = [];
let passed = true;

/**
* Wrap critical Flow exception into default Error json format
Expand All @@ -31,14 +30,14 @@ function fatalError(stderr) {
code: 0,
line: 0,
start: 0,
descr: stderr
}]
}]
descr: stderr,
}],
}],
};
}

function optsToArgs(opts) {
var args = [];
const args = [];

if (opts.all) {
args.push('--all');
Expand All @@ -54,155 +53,147 @@ function optsToArgs(opts) {
}

function getFlowBin() {
return process.env.FLOW_BIN || flowBin;
return process.env.FLOW_BIN || flowBin;
}

function executeFlow(_path, options) {
var deferred = Q.defer();
const deferred = Q.defer();

var opts = optsToArgs(options);
const opts = optsToArgs(options);

var command = opts.length || options.killFlow ? (() => {
const command = opts.length || options.killFlow ? (() => {
servers.push(path.dirname(_path));
return 'check';
})() : 'status';

var args = [
const args = [
command,
...opts,
'/' + path.relative('/', _path),
'--json'
'--json',
];

var stream = childProcess.spawn(getFlowBin(), args);
const stream = childProcess.spawn(getFlowBin(), args);

var dat = "";
stream.stdout.on('data', data => {
let dat = '';
stream.stdout.on('data', (data) => {
dat += data.toString();
});

stream.stdout.on('end', () =>{
var parsed;
stream.stdout.on('end', () => {
let parsed;
try {
parsed = JSON.parse(dat);
}
catch(e) {
} catch (e) {
parsed = fatalError(dat);
}
var result = {};
const result = {};

// loop through errors in file
result.errors = parsed.errors.filter(function (error) {
let isCurrentFile = error.message[0].path === _path;
let generalError = (/(Fatal)/.test(error.message[0].descr));
result.errors = parsed.errors.filter(function(error) {
const isCurrentFile = error.message[0].path === _path;
const generalError = (/(Fatal)/.test(error.message[0].descr));

return isCurrentFile || generalError;
});

if (result.errors.length) {
passed = false;

var report = typeof options.reporter === 'undefined' ?
const report = typeof options.reporter === 'undefined' ?
reporter : options.reporter;
report(result.errors);

if (options.abort) {
deferred.reject(new gutil.PluginError('gulp-flow', 'Flow failed'));
}
else {
} else {
deferred.resolve();
}
}
else {
} else {
deferred.resolve();
}
})
});

return deferred.promise;
}

function checkFlowConfigExist() {
var deferred = Q.defer();
var config = path.join(process.cwd(), '.flowconfig');
const deferred = Q.defer();
const config = path.join(process.cwd(), '.flowconfig');
fs.exists(config, function(exists) {
if (exists) {
deferred.resolve();
}
else {
} else {
deferred.reject('Missing .flowconfig in the current working directory.');
}
});
return deferred.promise;
}

function hasJsxPragma(contents) {
return /@flow\b/ig
.test(contents);
return /@flow\b/ig.test(contents);
}

function isFileSuitable(file) {
var deferred = Q.defer();
const deferred = Q.defer();
if (file.isNull()) {
deferred.reject();
}
else if (file.isStream()) {
deferred.reject(new gutil.PluginError('gulp-flow', 'Stream content is not supported'));
}
else if (file.isBuffer()) {
} else if (file.isStream()) {
deferred.reject(new gutil.PluginError('gulp-flow',
'Stream content is not supported'));
} else if (file.isBuffer()) {
deferred.resolve();
}
else {
} else {
deferred.reject();
}
return deferred.promise;
}

function killServers() {
var defers = servers.map(function(_path) {
var deferred = Q.defer();
const defers = servers.map(function(_path) {
const deferred = Q.defer();
childProcess.execFile(getFlowBin(), ['stop'], {
cwd: _path
cwd: _path,
}, deferred.resolve);
return deferred;
});
return Q.all(defers);
}

module.exports = function (options={}) {
module.exports = function(options = {}) {
options.beep = typeof options.beep !== 'undefined' ? options.beep : true;

function Flow(file, enc, callback) {

var _continue = () => {
const _continue = () => {
this.push(file);
callback();
};

isFileSuitable(file).then(() => {
var hasPragma = hasJsxPragma(file.contents.toString());
const hasPragma = hasJsxPragma(file.contents.toString());
if (options.all || hasPragma) {
checkFlowConfigExist().then(() => {
executeFlow(file.path, options).then(_continue, err => {
executeFlow(file.path, options).then(_continue, (err) => {
this.emit('error', err);
callback();
});
}, msg => {
}, (msg) => {
console.log(logSymbols.warning + ' ' + msg);
_continue();
});
} else {
_continue();
}
}, err => {
}, (err) => {
if (err) {
this.emit('error', err);
}
callback();
});
}

return through.obj(Flow, function () {
var end = () => {
return through.obj(Flow, function() {
const end = () => {
this.emit('end');
passed = true;
};
Expand All @@ -216,8 +207,7 @@ module.exports = function (options={}) {
if (options.killFlow) {
if (servers.length) {
killServers().done(end);
}
else {
} else {
end();
}
} else {
Expand Down
Loading