Skip to content

Commit

Permalink
fix: upgrade pstree to remove vulnerability
Browse files Browse the repository at this point in the history
Fixes #1463
Fixes #1469
Fixes #1464 

Completely removes the old method of `pstree[.remy]` and drops the event-stream vuln at the same time.
  • Loading branch information
remy authored Nov 27, 2018
1 parent 68936d9 commit 21e052e
Show file tree
Hide file tree
Showing 5 changed files with 42 additions and 3 deletions.
1 change: 1 addition & 0 deletions .npmignore
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,4 @@ issues/
.github/
website/
*.md
Dockerfile
34 changes: 34 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
#
# Ubuntu Node.js Dockerfile
#
# https://github.com/dockerfile/ubuntu/blob/master/Dockerfile
# https://docs.docker.com/examples/nodejs_web_app/
#

# Pull base image.
FROM ubuntu:16.04

RUN apt-get update && apt-get install -y curl locales && rm -rf /var/lib/apt/lists/* \
&& localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
ENV LANG en_US.utf8

# Install Node.js
RUN curl --silent --location https://deb.nodesource.com/setup_10.x | bash -
RUN apt-get install --yes nodejs build-essential

# Install app dependencies
RUN npm install -g npx

# Bundle app source
# Trouble with COPY http://stackoverflow.com/a/30405787/2926832
# COPY . /src

WORKDIR /src


# Binds to port 8080
# EXPOSE 8080

# Defines your runtime(define default command)
# These commands unlike RUN (they are carried out in the construction of the container) are run when the container
#CMD ["node", "/src/http.js"]
4 changes: 2 additions & 2 deletions lib/monitor/run.js
Original file line number Diff line number Diff line change
Expand Up @@ -333,11 +333,11 @@ function kill(child, signal, callback) {
const sig = signal.replace('SIG', '');
psTree(child.pid, function (err, kids) {
if (psTree.hasPS) {
spawn('kill', ['-s', sig, child.pid].concat(kids.map(p => p.PID)))
spawn('kill', ['-s', sig, child.pid].concat(kids))
.on('close', callback);
} else {
// make sure we kill from smallest to largest
const pids = kids.map(p => p.PID).concat(child.pid).sort();
const pids = kids.concat(child.pid).sort();
pids.forEach(pid => {
exec('kill -' + signals[signal] + ' ' + pid, () => { });
});
Expand Down
4 changes: 4 additions & 0 deletions test/docker.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
docker build -t nodemon-test-env .
docker run --mount type=bind,source=/Users/remy/Sites/nodemon,target=/src/nodemon --name nodemon-test-env --rm -it nodemon-test-env bash

# node /nodemon-src/bin/nodemon.js -V http.js
2 changes: 1 addition & 1 deletion test/fork/run-mac-only.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ const filenames = [
[__dirname + 'some\ \\file', '#!/bin/sh\necho "OK"'],
];

if (!process.env.TRAVIS && process.platform === 'darwin') {
if (false && !process.env.TRAVIS && process.platform === 'darwin') {
describe('nodemon fork (mac only)', () => {
before(() => {
filenames.map(file => fs.writeFileSync(file[0], file[1], 'utf8'));
Expand Down

0 comments on commit 21e052e

Please sign in to comment.