Fix executeHooks to quote args for shell command
#8383
Conversation
🦋 Changeset detectedLatest commit: f7a1630 The changes in this PR will be included in the next version bump. This PR includes changesets to release 2 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
| debugLog(`Running lifecycle hook "${hookName}" script: ${script} with args: ${args.join(' ')}...`); | ||
| await execShellCommand(`${script} ${args.join(' ')}`); | ||
| debugLog(`Running lifecycle hook "${hookName}" script: ${script} with args: ${quotedArgs}...`); | ||
| await execShellCommand(`${script} ${quotedArgs}`); | ||
| } else { | ||
| debugLog(`Running lifecycle hook "${hookName}" script: ${script.name} with args: ${args.join(' ')}...`); |
There was a problem hiding this comment.
quotedArgs is not used here on purpose as the text in the log message would contain different values than script receives. It could be confusing to have escaped arguments in the log but not in the function.
There was a problem hiding this comment.
@vhenzl, I did some local QA and found out that the script should be also quote().
With the following hooks configuration:
hooks:
afterAllFileWrite:
- prettier --write /project/app/routes/blog/$postId/comments.generated.tsThe prettier --write /project/app/routes/blog/$postId/comments.generated.ts command is not properly escaped with your current implementation.
It seems that quoting the script variables (in executeHooks()) could do the work.
vhenzl
force-pushed
the
fix-cli-hooks-paths-quotes
branch
from
a47e3fe to
f7a1630
Compare
|
Rebased to resolve conflict in |
|
@charlypoly, I dissagre. Whatever is specified in a hook should be a valid command on its own. You should be able to copy&paste it to a terminal, and it should run. You are in control of what's in the config, so you should escape it if needed: hooks:
afterAllFileWrite:
- prettier --write '/project/app/routes/blog/$postId/comments.generated.ts'But if you really want to use variables in your hooks, you should be able to do that: hooks:
afterAllFileWrite:
- prettier --write $MY_PROJECT/frontendIf we escape everything automatically, this wouldn't be possible. |
|
This doesn't work on Windows... hooks:
afterAllFileWrite:
- prettier --writeis breaking because the quoted path is wrong when absolute. |
Hi @Dodobibi, Could you open an issue? 🙏🏼 Thank you! |
Description
Related #8382
Arguments for commands in CLI hooks are escaped properly using
shell-quote.Arguments are escaped only for
execShellCommand; those passed to a customscriptfunction are preserved in their original form.Type of change
Possibly breaking for
onErrorhookHow Has This Been Tested?
Locally in our project.
Checklist: