diff --git a/CHANGELOG.md b/CHANGELOG.md index 5b9aa0d2..06688a3f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,13 @@ [c-unreleased]: https://github.com/json5/json5/tree/master [d-unreleased]: https://github.com/json5/json5/compare/v2.2.0...HEAD +### v2.2.1 [[code][c2.2.1], [diff][d2.2.1]] + +[c2.2.1]: https://github.com/json5/json5/tree/v2.2.1 +[d2.2.1]: https://github.com/json5/json5/compare/v2.2.0...v2.2.1 + +- Fix: Removed dependence on minimist to patch CVE-2021-44906. ([#266]) + ### v2.2.0 [[code][c2.2.0], [diff][d2.2.0]] [c2.2.0]: https://github.com/json5/json5/tree/v2.2.0 @@ -360,3 +367,4 @@ parser for the regular JSON format. [#229]: https://github.com/json5/json5/issues/229 [#236]: https://github.com/json5/json5/issues/236 [#244]: https://github.com/json5/json5/issues/244 +[#266]: https://github.com/json5/json5/issues/266 diff --git a/lib/cli.js b/lib/cli.js index de852f15..93cb8092 100644 --- a/lib/cli.js +++ b/lib/cli.js @@ -2,37 +2,17 @@ const fs = require('fs') const path = require('path') -const minimist = require('minimist') const pkg = require('../package.json') const JSON5 = require('./') -const argv = minimist(process.argv.slice(2), { - alias: { - 'convert': 'c', - 'space': 's', - 'validate': 'v', - 'out-file': 'o', - 'version': 'V', - 'help': 'h', - }, - boolean: [ - 'convert', - 'validate', - 'version', - 'help', - ], - string: [ - 'space', - 'out-file', - ], -}) +const argv = parseArgs() if (argv.version) { version() } else if (argv.help) { usage() } else { - const inFilename = argv._[0] + const inFilename = argv.defaults[0] let readStream if (inFilename) { @@ -65,7 +45,7 @@ if (argv.version) { // --convert is for backward compatibility with v0.5.1. If // specified with and not --out-file, then a file with // the same name but with a .json extension will be written. - if (argv.convert && inFilename && !argv.o) { + if (argv.convert && inFilename && !argv.outFile) { const parsedFilename = path.parse(inFilename) const outFilename = path.format( Object.assign( @@ -75,8 +55,8 @@ if (argv.version) { ) writeStream = fs.createWriteStream(outFilename) - } else if (argv.o) { - writeStream = fs.createWriteStream(argv.o) + } else if (argv.outFile) { + writeStream = fs.createWriteStream(argv.outFile) } else { writeStream = process.stdout } @@ -90,6 +70,66 @@ if (argv.version) { }) } +function parseArgs () { + let convert + let space + let validate + let outFile + let version + let help + const defaults = [] + + const args = process.argv.slice(2) + for (let i = 0; i < args.length; i++) { + const arg = args[i] + switch (arg) { + case '--convert': + case '-c': + convert = true + break + + case '--space': + case '-s': + space = args[++i] + break + + case '--validate': + case '-v': + validate = true + break + + case '--out-file': + case '-o': + outFile = args[++i] + break + + case '--version': + case '-V': + version = true + break + + case '--help': + case '-h': + help = true + break + + default: + defaults.push(arg) + break + } + } + + return { + convert, + space, + validate, + outFile, + version, + help, + defaults, + } +} + function version () { console.log(pkg.version) } diff --git a/package-lock.json b/package-lock.json index 56c0f4de..c4e0207d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "json5", - "version": "2.2.0", + "version": "2.2.1", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -2184,7 +2184,8 @@ "minimist": { "version": "1.2.5", "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", + "dev": true }, "minipass": { "version": "2.3.5", diff --git a/package.json b/package.json index 31c43e5f..ec68d1c5 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "json5", - "version": "2.2.0", + "version": "2.2.1", "description": "JSON for humans.", "main": "lib/index.js", "module": "dist/index.mjs", @@ -48,9 +48,6 @@ "url": "https://github.com/json5/json5/issues" }, "homepage": "http://json5.org/", - "dependencies": { - "minimist": "^1.2.5" - }, "devDependencies": { "core-js": "^2.6.5", "eslint": "^5.15.3", diff --git a/package.json5 b/package.json5 index afcfbe26..2bbfb413 100644 --- a/package.json5 +++ b/package.json5 @@ -1,7 +1,7 @@ // This is a generated file. Do not edit. { name: 'json5', - version: '2.2.0', + version: '2.2.1', description: 'JSON for humans.', main: 'lib/index.js', module: 'dist/index.mjs', @@ -49,9 +49,6 @@ url: 'https://github.com/json5/json5/issues', }, homepage: 'http://json5.org/', - dependencies: { - minimist: '^1.2.5', - }, devDependencies: { 'core-js': '^2.6.5', eslint: '^5.15.3', diff --git a/test/cli.js b/test/cli.js index 8ddef73a..c52dd926 100644 --- a/test/cli.js +++ b/test/cli.js @@ -43,7 +43,7 @@ tap.test('CLI', t => { }) }) - t.test('indents output with the number of spaces specified', t => { + t.test('indents output with the number of spaces specified with -s', t => { const proc = child.spawn( process.execPath, [ @@ -65,7 +65,29 @@ tap.test('CLI', t => { }) }) - t.test('indents output with tabs when specified', t => { + t.test('indents output with the number of spaces specified with --space', t => { + const proc = child.spawn( + process.execPath, + [ + cliPath, + path.resolve(__dirname, 'test.json5'), + '--space', + '4', + ] + ) + + let output = '' + proc.stdout.on('data', data => { + output += data + }) + + proc.stdout.on('end', () => { + assert.strictEqual(output, '{\n "a": 1,\n "b": 2\n}') + t.end() + }) + }) + + t.test('indents output with tabs when specified with -s', t => { const proc = child.spawn( process.execPath, [ @@ -87,7 +109,7 @@ tap.test('CLI', t => { }) }) - t.test('outputs to the specified file', t => { + t.test('outputs to the specified file with -o', t => { const proc = child.spawn( process.execPath, [ @@ -116,7 +138,36 @@ tap.test('CLI', t => { }) }) - t.test('validates valid JSON5 files', t => { + t.test('outputs to the specified file with --out-file', t => { + const proc = child.spawn( + process.execPath, + [ + cliPath, + path.resolve(__dirname, 'test.json5'), + '--out-file', + path.resolve(__dirname, 'output.json'), + ] + ) + + proc.on('exit', () => { + assert.strictEqual( + fs.readFileSync( + path.resolve(__dirname, 'output.json'), + 'utf8' + ), + '{"a":1,"b":2}' + ) + t.end() + }) + + t.tearDown(() => { + try { + fs.unlinkSync(path.resolve(__dirname, 'output.json')) + } catch (err) {} + }) + }) + + t.test('validates valid JSON5 files with -v', t => { const proc = child.spawn( process.execPath, [ @@ -132,7 +183,23 @@ tap.test('CLI', t => { }) }) - t.test('validates invalid JSON5 files', t => { + t.test('validates valid JSON5 files with --validate', t => { + const proc = child.spawn( + process.execPath, + [ + cliPath, + path.resolve(__dirname, 'test.json5'), + '--validate', + ] + ) + + proc.on('exit', code => { + assert.strictEqual(code, 0) + t.end() + }) + }) + + t.test('validates invalid JSON5 files with -v', t => { const proc = child.spawn( process.execPath, [ @@ -157,7 +224,7 @@ tap.test('CLI', t => { }) }) - t.test('outputs the version number when specified', t => { + t.test('outputs the version number when specified with -V', t => { const proc = child.spawn(process.execPath, [cliPath, '-V']) let output = '' @@ -171,7 +238,21 @@ tap.test('CLI', t => { }) }) - t.test('outputs usage information when specified', t => { + t.test('outputs the version number when specified with --version', t => { + const proc = child.spawn(process.execPath, [cliPath, '--version']) + + let output = '' + proc.stdout.on('data', data => { + output += data + }) + + proc.stdout.on('end', () => { + assert.strictEqual(output, pkg.version + '\n') + t.end() + }) + }) + + t.test('outputs usage information when specified with -h', t => { const proc = child.spawn(process.execPath, [cliPath, '-h']) let output = '' @@ -185,7 +266,21 @@ tap.test('CLI', t => { }) }) - t.test('is backward compatible with v0.5.1', t => { + t.test('outputs usage information when specified with --help', t => { + const proc = child.spawn(process.execPath, [cliPath, '--help']) + + let output = '' + proc.stdout.on('data', data => { + output += data + }) + + proc.stdout.on('end', () => { + assert(/Usage/.test(output)) + t.end() + }) + }) + + t.test('is backward compatible with v0.5.1 with -c', t => { const proc = child.spawn( process.execPath, [ @@ -213,5 +308,33 @@ tap.test('CLI', t => { }) }) + t.test('is backward compatible with v0.5.1 with --convert', t => { + const proc = child.spawn( + process.execPath, + [ + cliPath, + '--convert', + path.resolve(__dirname, 'test.json5'), + ] + ) + + proc.on('exit', () => { + assert.strictEqual( + fs.readFileSync( + path.resolve(__dirname, 'test.json'), + 'utf8' + ), + '{"a":1,"b":2}' + ) + t.end() + }) + + t.tearDown(() => { + try { + fs.unlinkSync(path.resolve(__dirname, 'test.json')) + } catch (err) {} + }) + }) + t.end() }) pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy