Conversation
hootener
left a comment
hootener
left a comment
There was a problem hiding this comment.
To address:
- should launch.json be .gitignored?
- should we keep validator and perform a two step sanitization process? 1. pass through
validator, 2. pass throughsanitizeVar
.vscode/launch.json
Outdated
| @@ -0,0 +1,15 @@ | |||
| { | |||
There was a problem hiding this comment.
I'm not sure this should be committed to source since it's IDE specific?
There was a problem hiding this comment.
No, this should not have been commited, good catch.
| var jsYaml = require('js-yaml') | ||
| var walk = require('ignore-walk') | ||
| var execSync = require('child_process').execSync | ||
| var validator = require('validator') |
There was a problem hiding this comment.
I'm unsure what benefits validator provides. But would it be worthwhile to keep it, and call it in your sanitizeVar function before the "&" removal step? Off the cuff, something like:
function sanitizeVar(arg) {
arg = validator.escape(arg)
return arg.replace(/&/g, '')
}
There was a problem hiding this comment.
Validator was added with the last patch. It also escaped / which makes actual paths very unhappy.
Codecov Report
@@ Coverage Diff @@
## master #167 +/- ##
==========================================
+ Coverage 90.14% 90.16% +0.02%
==========================================
Files 23 23
Lines 355 356 +1
Branches 85 85
==========================================
+ Hits 320 321 +1
Misses 35 35 Continue to review full report at Codecov.
|
|
|
|
This has been published under https://www.npmjs.com/package/codecov/v/3.6.5 |
3 participants
Sanitize gcov-root and ather args.