From bbe4d0926022a350f5d4999b0dadee58da5e3f52 Mon Sep 17 00:00:00 2001 From: Laurent Cozic Date: Tue, 21 Dec 2021 10:50:32 +0100 Subject: [PATCH] Plugin Repo: Disallow invalid plugin version numbers --- .eslintignore | 6 ++++ .gitignore | 6 ++++ .../utils/validatePluginVersion.test.ts | 32 +++++++++++++++++++ .../plugins/utils/validatePluginVersion.ts | 14 ++++++++ packages/plugin-repo-cli/index.ts | 2 ++ 5 files changed, 60 insertions(+) create mode 100644 packages/lib/services/plugins/utils/validatePluginVersion.test.ts create mode 100644 packages/lib/services/plugins/utils/validatePluginVersion.ts diff --git a/.eslintignore b/.eslintignore index b9d04ad62..0e6e65f81 100644 --- a/.eslintignore +++ b/.eslintignore @@ -1539,6 +1539,12 @@ packages/lib/services/plugins/utils/validatePluginId.js.map packages/lib/services/plugins/utils/validatePluginId.test.d.ts packages/lib/services/plugins/utils/validatePluginId.test.js packages/lib/services/plugins/utils/validatePluginId.test.js.map +packages/lib/services/plugins/utils/validatePluginVersion.d.ts +packages/lib/services/plugins/utils/validatePluginVersion.js +packages/lib/services/plugins/utils/validatePluginVersion.js.map +packages/lib/services/plugins/utils/validatePluginVersion.test.d.ts +packages/lib/services/plugins/utils/validatePluginVersion.test.js +packages/lib/services/plugins/utils/validatePluginVersion.test.js.map packages/lib/services/rest/Api.d.ts packages/lib/services/rest/Api.js packages/lib/services/rest/Api.js.map diff --git a/.gitignore b/.gitignore index 8f9c82491..3cf944630 100644 --- a/.gitignore +++ b/.gitignore @@ -1530,6 +1530,12 @@ packages/lib/services/plugins/utils/validatePluginId.js.map packages/lib/services/plugins/utils/validatePluginId.test.d.ts packages/lib/services/plugins/utils/validatePluginId.test.js packages/lib/services/plugins/utils/validatePluginId.test.js.map +packages/lib/services/plugins/utils/validatePluginVersion.d.ts +packages/lib/services/plugins/utils/validatePluginVersion.js +packages/lib/services/plugins/utils/validatePluginVersion.js.map +packages/lib/services/plugins/utils/validatePluginVersion.test.d.ts +packages/lib/services/plugins/utils/validatePluginVersion.test.js +packages/lib/services/plugins/utils/validatePluginVersion.test.js.map packages/lib/services/rest/Api.d.ts packages/lib/services/rest/Api.js packages/lib/services/rest/Api.js.map diff --git a/packages/lib/services/plugins/utils/validatePluginVersion.test.ts b/packages/lib/services/plugins/utils/validatePluginVersion.test.ts new file mode 100644 index 000000000..c41efbc2c --- /dev/null +++ b/packages/lib/services/plugins/utils/validatePluginVersion.test.ts @@ -0,0 +1,32 @@ +import validatePluginVersion from './validatePluginVersion'; + +describe('validatePluginVersion', () => { + + test('should validate a version number', () => { + const okCases = [ + '1.2.3', + '3', + '1.3-beta', + '10-re', + '4-ALPHA', + ]; + + const errorCases = [ + '', + '3.14159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817', + '0.14.1 OHNO', + '-', + '-1.5', + '1.6-', + ]; + + for (const t of okCases) { + expect(() => validatePluginVersion(t)).not.toThrow(); + } + + for (const t of errorCases) { + expect(() => validatePluginVersion(t)).toThrow(); + } + }); + +}); diff --git a/packages/lib/services/plugins/utils/validatePluginVersion.ts b/packages/lib/services/plugins/utils/validatePluginVersion.ts new file mode 100644 index 000000000..3fea75f1e --- /dev/null +++ b/packages/lib/services/plugins/utils/validatePluginVersion.ts @@ -0,0 +1,14 @@ +export default function(version: string): void { + if (!version || !version.length) throw new Error('Version number cannot be empty'); + + const maxLength = 64; + if (version.length > 64) throw new Error(`Version number cannot be longer than ${maxLength} characters`); + + const patternStart = '^[0-9a-zA-Z].*$'; + const patternEnd = '^.*[0-9a-zA-Z]$'; + const pattern = '^[0-9a-zA-Z-.]+$'; + + if (!version.match(new RegExp(patternStart))) throw new Error(`Version number must match pattern /${patternStart}/`); + if (!version.match(new RegExp(patternEnd))) throw new Error(`Version number must match pattern /${patternEnd}/`); + if (!version.match(new RegExp(pattern))) throw new Error(`Version number must match pattern /${pattern}/`); +} diff --git a/packages/plugin-repo-cli/index.ts b/packages/plugin-repo-cli/index.ts index e873523d4..280dfc6d1 100644 --- a/packages/plugin-repo-cli/index.ts +++ b/packages/plugin-repo-cli/index.ts @@ -4,6 +4,7 @@ import * as fs from 'fs-extra'; import * as path from 'path'; import * as process from 'process'; import validatePluginId from '@joplin/lib/services/plugins/utils/validatePluginId'; +import validatePluginVersion from '@joplin/lib/services/plugins/utils/validatePluginVersion'; import { execCommand2, resolveRelativePathWithinDir, gitPullTry, gitRepoCleanTry, gitRepoClean } from '@joplin/tools/tool-utils.js'; import checkIfPluginCanBeAdded from './lib/checkIfPluginCanBeAdded'; import updateReadme from './lib/updateReadme'; @@ -61,6 +62,7 @@ async function extractPluginFilesFromPackage(existingManifests: any, workDir: st // manifest properties are checked when the plugin is loaded into the app. const manifest = await readJsonFile(manifestFilePath); validatePluginId(manifest.id); + validatePluginVersion(manifest.version); manifest._npm_package_name = packageName;