Software: Apache/2.4.41 (Ubuntu). PHP/8.0.30 uname -a: Linux apirnd 5.4.0-204-generic #224-Ubuntu SMP Thu Dec 5 13:38:28 UTC 2024 x86_64 uid=33(www-data) gid=33(www-data) groups=33(www-data) Safe-mode: OFF (not secure) /usr/local/lib/node_modules/npm/node_modules/npm-normalize-package-bin/test/ drwxr-xr-x | |
| Viewing file: Select action/file-type: const normalize = require('../')
const t = require('tap')
t.test('benign string', async t => {
const pkg = { name: 'hello', version: 'world', bin: 'hello.js' }
const expect = { name: 'hello', version: 'world', bin: { hello: 'hello.js' } }
t.strictSame(normalize(pkg), expect)
t.strictSame(normalize(normalize(pkg)), expect, 'double sanitize ok')
})
t.test('slashy string', async t => {
const pkg = { name: 'hello', version: 'world', bin: '/etc/passwd' }
const expect = { name: 'hello', version: 'world', bin: { hello: 'etc/passwd' } }
t.strictSame(normalize(pkg), expect)
t.strictSame(normalize(normalize(pkg)), expect, 'double sanitize ok')
})
t.test('dotty string', async t => {
const pkg = { name: 'hello', version: 'world', bin: '../../../../etc/passwd' }
const expect = { name: 'hello', version: 'world', bin: { hello: 'etc/passwd' } }
t.strictSame(normalize(pkg), expect)
t.strictSame(normalize(normalize(pkg)), expect, 'double sanitize ok')
})
t.test('double path', async t => {
const pkg = { name: 'hello', version: 'world', bin: '/etc/passwd:/bin/usr/exec' }
const expect = { name: 'hello', version: 'world', bin: { hello: 'etc/passwd:/bin/usr/exec' } }
t.strictSame(normalize(pkg), expect)
t.strictSame(normalize(normalize(pkg)), expect, 'double sanitize ok')
})
t.test('string with no name', async t => {
const pkg = { bin: 'foobar.js' }
const expect = {}
t.strictSame(normalize(pkg), expect)
t.strictSame(normalize(normalize(pkg)), expect, 'double sanitize ok')
})
|
:: Command execute :: | |
--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.0045 ]-- |