From dec3bcbbd75fc4044b19648c6d6f1877b011cd4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Lorber?= Date: Fri, 28 Feb 2025 20:09:59 +0100 Subject: [PATCH] fix(create-docusaurus): fix CLI and remove shelljs escapeShellArg util (#10958) --- packages/create-docusaurus/src/index.ts | 13 ++++++------- .../src/__tests__/shellUtils.test.ts | 19 ------------------- packages/docusaurus-utils/src/index.ts | 1 - packages/docusaurus-utils/src/shellUtils.ts | 18 ------------------ 4 files changed, 6 insertions(+), 45 deletions(-) delete mode 100644 packages/docusaurus-utils/src/__tests__/shellUtils.test.ts delete mode 100644 packages/docusaurus-utils/src/shellUtils.ts diff --git a/packages/create-docusaurus/src/index.ts b/packages/create-docusaurus/src/index.ts index f38f0f2287..fadb644680 100755 --- a/packages/create-docusaurus/src/index.ts +++ b/packages/create-docusaurus/src/index.ts @@ -13,7 +13,10 @@ import {logger} from '@docusaurus/logger'; import execa from 'execa'; import prompts, {type Choice} from 'prompts'; import supportsColor from 'supports-color'; -import {escapeShellArg, askPreferredLanguage} from '@docusaurus/utils'; + +// TODO remove dependency on large @docusaurus/utils +// would be better to have a new smaller @docusaurus/utils-cli package +import {askPreferredLanguage} from '@docusaurus/utils'; type LanguagesOptions = { javascript?: boolean; @@ -530,10 +533,7 @@ export default async function init( if (source.type === 'git') { const gitCommand = await getGitCommand(source.strategy); - const gitCloneCommand = `${gitCommand} ${escapeShellArg( - source.url, - )} ${escapeShellArg(dest)}`; - if (execa.command(gitCloneCommand).exitCode !== 0) { + if ((await execa(gitCommand, [source.url, dest])).exitCode !== 0) { logger.error`Cloning Git template failed!`; process.exit(1); } @@ -598,8 +598,7 @@ export default async function init( { env: { ...process.env, - // Force coloring the output, since the command is invoked by - // shelljs, which is not an interactive shell + // Force coloring the output ...(supportsColor.stdout ? {FORCE_COLOR: '1'} : {}), }, }, diff --git a/packages/docusaurus-utils/src/__tests__/shellUtils.test.ts b/packages/docusaurus-utils/src/__tests__/shellUtils.test.ts deleted file mode 100644 index adc64d9443..0000000000 --- a/packages/docusaurus-utils/src/__tests__/shellUtils.test.ts +++ /dev/null @@ -1,19 +0,0 @@ -/** - * Copyright (c) Facebook, Inc. and its affiliates. - * - * This source code is licensed under the MIT license found in the - * LICENSE file in the root directory of this source tree. - */ - -import {escapeShellArg} from '../shellUtils'; - -describe('shellUtils', () => { - it('escapeShellArg', () => { - expect(escapeShellArg('hello')).toBe("'hello'"); - expect(escapeShellArg('*')).toBe("'*'"); - expect(escapeShellArg('hello world')).toBe("'hello world'"); - expect(escapeShellArg("'hello'")).toBe("\\''hello'\\'"); - expect(escapeShellArg('$(pwd)')).toBe("'$(pwd)'"); - expect(escapeShellArg('hello$(pwd)')).toBe("'hello$(pwd)'"); - }); -}); diff --git a/packages/docusaurus-utils/src/index.ts b/packages/docusaurus-utils/src/index.ts index 5a35bb672d..a38a6def09 100644 --- a/packages/docusaurus-utils/src/index.ts +++ b/packages/docusaurus-utils/src/index.ts @@ -107,7 +107,6 @@ export { getWebpackLoaderCompilerName, type WebpackCompilerName, } from './webpackUtils'; -export {escapeShellArg} from './shellUtils'; export {loadFreshModule} from './moduleUtils'; export { getDataFilePath, diff --git a/packages/docusaurus-utils/src/shellUtils.ts b/packages/docusaurus-utils/src/shellUtils.ts deleted file mode 100644 index 25536a3c1f..0000000000 --- a/packages/docusaurus-utils/src/shellUtils.ts +++ /dev/null @@ -1,18 +0,0 @@ -/** - * Copyright (c) Facebook, Inc. and its affiliates. - * - * This source code is licensed under the MIT license found in the - * LICENSE file in the root directory of this source tree. - */ - -// TODO move from shelljs to execa later? -// Execa is well maintained and widely used -// Even shelljs recommends execa for security / escaping: -// https://github.com/shelljs/shelljs/wiki/Security-guidelines - -// Inspired by https://github.com/xxorax/node-shell-escape/blob/master/shell-escape.js -export function escapeShellArg(s: string): string { - let res = `'${s.replace(/'/g, "'\\''")}'`; - res = res.replace(/^(?:'')+/g, '').replace(/\\'''/g, "\\'"); - return res; -}