Skip to content

Commit

Permalink
breaking: remove infer-owner
Browse files Browse the repository at this point in the history
  • Loading branch information
nlf committed Jun 9, 2021
1 parent 3413f15 commit a8b21fc
Show file tree
Hide file tree
Showing 5 changed files with 1 addition and 63 deletions.
11 changes: 1 addition & 10 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,6 @@ Spawn processes the way the npm cli likes to do. Give it some options,
it'll give you a Promise that resolves or rejects based on the results of
the execution.

Note: When the current user is root, this will use
[`infer-owner`](http://npm.im/infer-owner) to find the owner of the current
working directory, and run with that effective uid/gid. Otherwise, it runs
as the current user always. (This helps prevent doing git checkouts and
such, and leaving root-owned files lying around in user-owned locations.)

## USAGE

```js
Expand All @@ -20,7 +14,6 @@ promiseSpawn('ls', [ '-laF', 'some/dir/*.js' ], {
stdioString: false, // stdout/stderr as strings rather than buffers
stdio: 'pipe', // any node spawn stdio arg is valid here
// any other arguments to node child_process.spawn can go here as well,
// but uid/gid will be ignored and set by infer-owner if relevant.
}, {
extra: 'things',
to: 'decorate',
Expand Down Expand Up @@ -61,6 +54,4 @@ spawned process.
- `cwd` String, default `process.cwd()`. Current working directory for
running the script. Also the argument to `infer-owner` to determine
effective uid/gid when run as root on Unix systems.
- Any other options for `child_process.spawn` can be passed as well, but
note that `uid` and `gid` will be overridden by the owner of the cwd when
run as root on Unix systems, or `null` otherwise.
- Any other options for `child_process.spawn` can be passed as well.
6 changes: 0 additions & 6 deletions index.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
const {spawn} = require('child_process')

const inferOwner = require('infer-owner')

const isPipe = (stdio = 'pipe', fd) =>
stdio === 'pipe' || stdio === null ? true
: Array.isArray(stdio) ? isPipe(stdio[fd], fd)
Expand All @@ -10,13 +8,9 @@ const isPipe = (stdio = 'pipe', fd) =>
// 'extra' object is for decorating the error a bit more
const promiseSpawn = (cmd, args, opts, extra = {}) => {
const cwd = opts.cwd || process.cwd()
const isRoot = process.getuid && process.getuid() === 0
const { uid, gid } = isRoot ? inferOwner.sync(cwd) : {}
return promiseSpawnUid(cmd, args, {
...opts,
cwd,
uid,
gid
}, extra)
}

Expand Down
14 changes: 0 additions & 14 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 0 additions & 3 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,5 @@
"minipass": "^3.1.1",
"require-inject": "^1.4.4",
"tap": "^14.10.6"
},
"dependencies": {
"infer-owner": "^1.0.4"
}
}
30 changes: 0 additions & 30 deletions test/promise-spawn.js
Original file line number Diff line number Diff line change
Expand Up @@ -198,33 +198,3 @@ t.test('expose process', t => {
t.end()
setTimeout(() => p.process.exit(0))
})

t.test('infer ownership', t => {
const { lstatSync } = fs
t.teardown(() => fs.lstatSync = lstatSync)
fs.lstatSync = (path) => ({ uid: 420, gid: 69 })
const getuid = process.getuid
t.teardown(() => process.getuid = getuid)

t.test('as non-root, do not change uid/gid, regardless of arguments', t => {
process.getuid = () => 1234
return t.resolveMatch(promiseSpawn('whoami', [], { uid: 4321, gid: 9876 }), {
code: 0,
signal: null,
stdout: Buffer.from('UID undefined\nGID undefined\n'),
stderr: Buffer.alloc(0),
})
})

t.test('as root, change uid/gid to folder, regardless of arguments', t => {
process.getuid = () => 0
return t.resolveMatch(promiseSpawn('whoami', [], { uid: 4321, gid: 9876 }), {
code: 0,
signal: null,
stdout: Buffer.from('UID 420\nGID 69\n'),
stderr: Buffer.alloc(0),
})
})

t.end()
})

0 comments on commit a8b21fc

Please sign in to comment.