From b36935fb3d85b342d45738bfcc5d13377dbd8d21 Mon Sep 17 00:00:00 2001 From: Mitch Dickinson Date: Wed, 25 Sep 2024 12:05:54 -0400 Subject: [PATCH] Revert "Improve binary run safety" --- packages/cli-kit/package.json | 2 -- packages/cli-kit/src/public/node/system.ts | 17 ++--------------- pnpm-lock.yaml | 12 ++---------- 3 files changed, 4 insertions(+), 27 deletions(-) diff --git a/packages/cli-kit/package.json b/packages/cli-kit/package.json index 75dd01e6f2..9f0c68fb82 100644 --- a/packages/cli-kit/package.json +++ b/packages/cli-kit/package.json @@ -162,7 +162,6 @@ "tempy": "3.0.0", "terminal-link": "3.0.0", "ts-error": "1.0.6", - "which": "4.0.0", "zod": "3.22.3" }, "devDependencies": { @@ -174,7 +173,6 @@ "@types/node": "18.19.3", "@types/react": "18.2.0", "@types/semver": "^7.5.2", - "@types/which": "3.0.4", "@vitest/coverage-istanbul": "^1.6.0", "node-stream-zip": "^1.15.0", "ts-morph": "^17.0.1", diff --git a/packages/cli-kit/src/public/node/system.ts b/packages/cli-kit/src/public/node/system.ts index 4b13d273ee..f6a14d3608 100644 --- a/packages/cli-kit/src/public/node/system.ts +++ b/packages/cli-kit/src/public/node/system.ts @@ -1,12 +1,10 @@ import {AbortSignal} from './abort.js' -import {AbortError, ExternalError} from './error.js' -import {cwd, dirname} from './path.js' +import {ExternalError} from './error.js' +import {cwd} from './path.js' import {treeKill} from './tree-kill.js' import {isTruthy} from './context/utilities.js' -import {renderWarning} from './ui.js' import {shouldDisplayColors, outputDebug} from '../../public/node/output.js' import {execa, ExecaChildProcess} from 'execa' -import which from 'which' import type {Writable, Readable} from 'stream' export interface ExecOptions { @@ -99,7 +97,6 @@ function buildExec(command: string, args: string[], options?: ExecOptions): Exec if (shouldDisplayColors()) { env.FORCE_COLOR = '1' } - checkCommandSafety(command) const commandProcess = execa(command, args, { env, cwd: options?.cwd, @@ -120,16 +117,6 @@ Running system process: return commandProcess } -function checkCommandSafety(command: string) { - const commandDirectory = dirname(which.sync(command)) - if (commandDirectory === cwd()) { - const headline = ['Skipped run of unsecure binary', {command}, 'found in the current directory.'] - const body = 'Please remove that file or review your current PATH.' - renderWarning({headline, body}) - throw new AbortError(headline, body) - } -} - /** * Waits for a given number of seconds. * diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index e6e5e41555..70a2651c52 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -487,9 +487,6 @@ importers: ts-error: specifier: 1.0.6 version: 1.0.6 - which: - specifier: 4.0.0 - version: 4.0.0 zod: specifier: 3.22.3 version: 3.22.3 @@ -518,9 +515,6 @@ importers: '@types/semver': specifier: ^7.5.2 version: 7.5.8 - '@types/which': - specifier: 3.0.4 - version: 3.0.4 '@vitest/coverage-istanbul': specifier: ^1.6.0 version: 1.6.0(vitest@1.6.0) @@ -7129,10 +7123,6 @@ packages: resolution: {integrity: sha512-rFT3ak0/2trgvp4yYZo5iKFEPsET7vKydKF+VRCxlQ9bpheehyAJH89dAkaLEq/j/RZXJIqcgsmPJKUP1Z28HA==} dev: true - /@types/which@3.0.4: - resolution: {integrity: sha512-liyfuo/106JdlgSchJzXEQCVArk0CvevqPote8F8HgWgJ3dRCcTHgJIsLDuee0kxk/mhbInzIZk3QWSZJ8R+2w==} - dev: true - /@types/wrap-ansi@3.0.0: resolution: {integrity: sha512-ltIpx+kM7g/MLRZfkbL7EsCEjfzCcScLpkg37eXEtx5kmrAKBkTJwd1GIAjDSL8wTpM6Hzn5YO4pSb91BEwu1g==} dev: true @@ -11776,6 +11766,7 @@ packages: /isexe@3.1.1: resolution: {integrity: sha512-LpB/54B+/2J5hqQ7imZHfdU31OlgQqx7ZicVlkm9kzg9/w8GKLEcFfJl/t7DCEDueOyBAD6zCCwTO6Fzs0NoEQ==} engines: {node: '>=16'} + dev: true /isobject@2.1.0: resolution: {integrity: sha512-+OUdGJlgjOBZDfxnDjYYG6zp487z0JGNQq3cYQYg5f5hKR+syHMsaztzGeml/4kGG55CSpKSpWTY+jYGgsHLgA==} @@ -16037,6 +16028,7 @@ packages: hasBin: true dependencies: isexe: 3.1.1 + dev: true /why-is-node-running@2.2.2: resolution: {integrity: sha512-6tSwToZxTOcotxHeA+qGCq1mVzKR3CwcJGmVcY+QE8SHy6TnpFnh8PAvPNHYr7EcuVeG0QSMxtYCuO1ta/G/oA==}