-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Paranoia with null object #33
Comments
I don’t think the logging thing is an issue; CVEs because someone names an option toString i think is an issue. |
The trick we do in https://github.com/yargs/yargs-parser/blob/main/lib/yargs-parser.ts#L1045 We had a couple CVEs opened related to prototype polution in yargs-parser, we defintiely want to avoid a similar situtation in Node core, as getting a patch out is much more of a pain... Perhaps a question to ask, do we need to return objects with a prototype? My concern is people will expect this right? |
Yes, they will; I think we should. |
Nice simple approach to keep the more subtle usage internal. That addresses my concern. |
@shadowspawn @ljharb feels like this conversation has a lot in common with #32, perhaps we can just state one of the goals in the approach we land on to prvent prototype pollution should be that the public interface still feels natural. |
There is definitely overlap in conversation, due in part to my issue creation with fuzzy understanding. My current understanding is there are three things we are taking into account:
The solutions being discussed which cover (2) and help with (3) are internally using a null object, or more explicitly, a map. Most of that conversations has been in #32. Happy closing this issue as asking an implementation decision and the wider goal is being discussed deeper in #32. |
Quoted goal in #32, closing here. |
I'm on a roll with a paranoia series... Another interesting question that I don't have relevant experience to base a strong opinion on.
@ljharb asked an interesting question in #26:
Short version: no, should we do that?
Long version
The current answer is no, initialised with
I like the purity of a null object, but it has a slightly alarming behaviour in logging for users unaware of the behaviour:
The documentation covers at some lengths the complications:
which can lead to some support questions:
I like the idea of using a null object in theory. With zero-config parsing in
parseArg
there is arguably more reason to consider null prototype. However, I don't have any practical experience with working with null objects. I am interested in comments from people with experience, and of how new users cope.The text was updated successfully, but these errors were encountered: