@eggjs/security 5.0.0-beta.19 → 5.0.0-beta.20

package/dist/context-C-N1IY85.d.ts

@@ -0,0 +1,95 @@
+import { SecurityConfig } from "./config.default-D8v08Vox.js";
+import { HttpClientOptions, HttpClientRequestURL, HttpClientResponse } from "./safe_curl-mqZZv_YQ.js";
+import { Context, Response } from "egg";
+
+//#region src/app/extend/response.d.ts
+declare class SecurityResponse extends Response {
+  ctx: SecurityContext;
+  /**
+   * This is an unsafe redirection, and we WON'T check if the
+   * destination url is safe or not.
+   * Please DO NOT use this method unless in some very special cases,
+   * otherwise there may be security vulnerabilities.
+   *
+   * @function Response#unsafeRedirect
+   * @param {String} url URL to forward
+   * @example
+   * ```js
+   * ctx.response.unsafeRedirect('http://www.domain.com');
+   * ctx.unsafeRedirect('http://www.domain.com');
+   * ```
+   */
+  unsafeRedirect(url: string, alt?: string): void;
+  /**
+   * A safe redirection, and we'll check if the URL is in
+   * a safe domain or not.
+   * We've overridden the default Koa's implementation by adding a
+   * white list as the filter for that.
+   *
+   * @function Response#redirect
+   * @param {String} url URL to forward
+   * @example
+   * ```js
+   * ctx.response.redirect('/login');
+   * ctx.redirect('/login');
+   * ```
+   */
+  redirect(url: string, alt?: string): void;
+}
+//#endregion
+//#region src/app/extend/context.d.ts
+declare const CSRF_SECRET: unique symbol;
+declare const LOG_CSRF_NOTICE: unique symbol;
+declare const INPUT_TOKEN: unique symbol;
+declare const CSRF_REFERER_CHECK: unique symbol;
+declare const CSRF_CTOKEN_CHECK: unique symbol;
+declare class SecurityContext extends Context {
+  response: SecurityResponse;
+  get securityOptions(): Partial<SecurityConfig>;
+  /**
+   * Check whether the specific `domain` is in / matches the whiteList or not.
+   * @param {string} domain The assigned domain.
+   * @param {Array<string>} [customWhiteList] The custom white list for domain.
+   * @return {boolean} If the domain is in / matches the whiteList, return true;
+   * otherwise false.
+   */
+  isSafeDomain(domain: string, customWhiteList?: string[]): boolean;
+  get nonce(): string;
+  /**
+   * get csrf token, general use in template
+   * @return {String} csrf token
+   * @public
+   */
+  get csrf(): string;
+  /**
+   * get csrf secret from session or cookie
+   * @return {String} csrf secret
+   * @private
+   */
+  get [CSRF_SECRET](): string;
+  /**
+   * ensure csrf secret exists in session or cookie.
+   * @param {Boolean} [rotate] reset secret even if the secret exists
+   * @public
+   */
+  ensureCsrfSecret(rotate?: boolean): void;
+  get [INPUT_TOKEN](): string;
+  /**
+   * rotate csrf secret exists in session or cookie.
+   * must rotate the secret when user login
+   * @public
+   */
+  rotateCsrfSecret(): void;
+  /**
+   * assert csrf token/referer is present
+   * @public
+   */
+  assertCsrf(): void;
+  [CSRF_CTOKEN_CHECK](): "missing csrf token" | "invalid csrf token" | undefined;
+  [CSRF_REFERER_CHECK](): "missing csrf referer or origin" | "invalid csrf referer or origin" | undefined;
+  [LOG_CSRF_NOTICE](msg: string): void;
+  safeCurl<T = any>(url: HttpClientRequestURL, options?: HttpClientOptions): Promise<HttpClientResponse<T>>;
+  unsafeRedirect(url: string, alt?: string): void;
+}
+//#endregion
+export { SecurityContext, SecurityResponse };

package/dist/context-e-QJTKfq.js

@@ -0,0 +1,191 @@
+import { checkIfIgnore, getFromUrl, isSafeDomain } from "./utils-Cajs5P8M.js";
+import { Context } from "egg";
+import { debuglog } from "node:util";
+import { nanoid } from "nanoid/non-secure";
+import Tokens from "csrf";
+
+//#region src/app/extend/context.ts
+const debug = debuglog("egg/security/app/extend/context");
+const tokens = new Tokens();
+const CSRF_SECRET = Symbol("egg-security#CSRF_SECRET");
+const _CSRF_SECRET = Symbol("egg-security#_CSRF_SECRET");
+const NEW_CSRF_SECRET = Symbol("egg-security#NEW_CSRF_SECRET");
+const LOG_CSRF_NOTICE = Symbol("egg-security#LOG_CSRF_NOTICE");
+const INPUT_TOKEN = Symbol("egg-security#INPUT_TOKEN");
+const NONCE_CACHE = Symbol("egg-security#NONCE_CACHE");
+const SECURITY_OPTIONS = Symbol("egg-security#SECURITY_OPTIONS");
+const CSRF_REFERER_CHECK = Symbol("egg-security#CSRF_REFERER_CHECK");
+const CSRF_CTOKEN_CHECK = Symbol("egg-security#CSRF_CTOKEN_CHECK");
+function findToken(obj, keys) {
+	if (!obj) return;
+	if (!keys || !keys.length) return;
+	if (typeof keys === "string") return obj[keys];
+	for (const key of keys) if (obj[key]) return obj[key];
+}
+var SecurityContext = class extends Context {
+	get securityOptions() {
+		if (!this[SECURITY_OPTIONS]) this[SECURITY_OPTIONS] = {};
+		return this[SECURITY_OPTIONS];
+	}
+	/**
+	* Check whether the specific `domain` is in / matches the whiteList or not.
+	* @param {string} domain The assigned domain.
+	* @param {Array<string>} [customWhiteList] The custom white list for domain.
+	* @return {boolean} If the domain is in / matches the whiteList, return true;
+	* otherwise false.
+	*/
+	isSafeDomain(domain, customWhiteList) {
+		const domainWhiteList = customWhiteList && customWhiteList.length > 0 ? customWhiteList : this.app.config.security.domainWhiteList;
+		return isSafeDomain(domain, domainWhiteList);
+	}
+	get nonce() {
+		if (!this[NONCE_CACHE]) this[NONCE_CACHE] = nanoid(16);
+		return this[NONCE_CACHE];
+	}
+	/**
+	* get csrf token, general use in template
+	* @return {String} csrf token
+	* @public
+	*/
+	get csrf() {
+		const secret = this[NEW_CSRF_SECRET] || this[CSRF_SECRET];
+		debug("get csrf token, NEW_CSRF_SECRET: %s, _CSRF_SECRET: %s", this[NEW_CSRF_SECRET], this[CSRF_SECRET]);
+		return secret ? tokens.create(secret) : "";
+	}
+	/**
+	* get csrf secret from session or cookie
+	* @return {String} csrf secret
+	* @private
+	*/
+	get [CSRF_SECRET]() {
+		if (this[_CSRF_SECRET]) return this[_CSRF_SECRET];
+		let { useSession, sessionName, cookieName: cookieNames, cookieOptions } = this.app.config.security.csrf;
+		if (useSession) this[_CSRF_SECRET] = this.session[sessionName] || "";
+		else {
+			if (!Array.isArray(cookieNames)) cookieNames = [cookieNames];
+			for (const cookieName of cookieNames) {
+				this[_CSRF_SECRET] = this.cookies.get(cookieName, { signed: cookieOptions.signed }) || "";
+				if (this[_CSRF_SECRET]) break;
+			}
+		}
+		return this[_CSRF_SECRET];
+	}
+	/**
+	* ensure csrf secret exists in session or cookie.
+	* @param {Boolean} [rotate] reset secret even if the secret exists
+	* @public
+	*/
+	ensureCsrfSecret(rotate) {
+		if (this[CSRF_SECRET] && !rotate) return;
+		debug("ensure csrf secret, exists: %s, rotate; %s", this[CSRF_SECRET], rotate);
+		const secret = tokens.secretSync();
+		this[NEW_CSRF_SECRET] = secret;
+		let { useSession, sessionName, cookieDomain, cookieName: cookieNames, cookieOptions } = this.app.config.security.csrf;
+		if (useSession) this.session[sessionName] = secret;
+		else {
+			if (typeof cookieDomain === "function") cookieDomain = cookieDomain(this);
+			const cookieOpts = {
+				domain: cookieDomain,
+				...cookieOptions
+			};
+			if (!Array.isArray(cookieNames)) cookieNames = [cookieNames];
+			for (const cookieName of cookieNames) this.cookies.set(cookieName, secret, cookieOpts);
+		}
+	}
+	get [INPUT_TOKEN]() {
+		const { headerName, bodyName, queryName } = this.app.config.security.csrf;
+		const token = findToken(this.request.query, queryName) || findToken(this.request.body, bodyName) || headerName && this.request.get(headerName);
+		debug("get token: %j, secret: %j", token, this[CSRF_SECRET]);
+		return token;
+	}
+	/**
+	* rotate csrf secret exists in session or cookie.
+	* must rotate the secret when user login
+	* @public
+	*/
+	rotateCsrfSecret() {
+		if (!this[NEW_CSRF_SECRET] && this[CSRF_SECRET]) this.ensureCsrfSecret(true);
+	}
+	/**
+	* assert csrf token/referer is present
+	* @public
+	*/
+	assertCsrf() {
+		if (checkIfIgnore(this.app.config.security.csrf, this)) {
+			debug("%s, ignore by csrf options", this.path);
+			return;
+		}
+		const { type } = this.app.config.security.csrf;
+		let message;
+		const messages = [];
+		switch (type) {
+			case "ctoken":
+				message = this[CSRF_CTOKEN_CHECK]();
+				if (message) this.throw(403, message);
+				break;
+			case "referer":
+				message = this[CSRF_REFERER_CHECK]();
+				if (message) this.throw(403, message);
+				break;
+			case "all":
+				message = this[CSRF_CTOKEN_CHECK]();
+				if (message) this.throw(403, message);
+				message = this[CSRF_REFERER_CHECK]();
+				if (message) this.throw(403, message);
+				break;
+			case "any":
+				message = this[CSRF_CTOKEN_CHECK]();
+				if (!message) return;
+				messages.push(message);
+				message = this[CSRF_REFERER_CHECK]();
+				if (!message) return;
+				messages.push(message);
+				this.throw(403, `both ctoken and referer check error: ${messages.join(", ")}`);
+				break;
+			default: this.throw(`invalid type ${type}`);
+		}
+	}
+	[CSRF_CTOKEN_CHECK]() {
+		if (!this[CSRF_SECRET]) {
+			debug("missing csrf token");
+			this[LOG_CSRF_NOTICE]("missing csrf token");
+			return "missing csrf token";
+		}
+		const token = this[INPUT_TOKEN];
+		if (token !== this[CSRF_SECRET] && !tokens.verify(this[CSRF_SECRET], token)) {
+			debug("verify secret and token error");
+			this[LOG_CSRF_NOTICE]("invalid csrf token");
+			const { rotateWhenInvalid } = this.app.config.security.csrf;
+			if (rotateWhenInvalid) this.rotateCsrfSecret();
+			return "invalid csrf token";
+		}
+	}
+	[CSRF_REFERER_CHECK]() {
+		const { refererWhiteList } = this.app.config.security.csrf;
+		const referer = (this.headers.referer ?? this.headers.origin ?? "").toLowerCase();
+		if (!referer) {
+			debug("missing csrf referer or origin");
+			this[LOG_CSRF_NOTICE]("missing csrf referer or origin");
+			return "missing csrf referer or origin";
+		}
+		const host = getFromUrl(referer, "host");
+		const domainList = refererWhiteList.concat(this.host);
+		if (!host || !isSafeDomain(host, domainList)) {
+			debug("verify referer or origin error");
+			this[LOG_CSRF_NOTICE]("invalid csrf referer or origin");
+			return "invalid csrf referer or origin";
+		}
+	}
+	[LOG_CSRF_NOTICE](msg) {
+		if (this.app.config.env === "local") this.logger.warn(`${msg}. See https://eggjs.org/zh-CN/core/security/#%E5%AE%89%E5%85%A8%E5%A8%81%E8%83%81-csrf-%E7%9A%84%E9%98%B2%E8%8C%83`);
+	}
+	async safeCurl(url, options) {
+		return await this.app.safeCurl(url, options);
+	}
+	unsafeRedirect(url, alt) {
+		this.response.unsafeRedirect(url, alt);
+	}
+};
+
+//#endregion
+export { SecurityContext };

package/dist/csp-BW5AJd_f.js

@@ -0,0 +1,46 @@
+import { checkIfIgnore } from "./utils-Cajs5P8M.js";
+import extend from "extend";
+
+//#region src/lib/middlewares/csp.ts
+const HEADER = ["x-content-security-policy", "content-security-policy"];
+const REPORT_ONLY_HEADER = ["x-content-security-policy-report-only", "content-security-policy-report-only"];
+const MSIE_REGEXP = / MSIE /i;
+var csp_default = (options) => {
+	return async function csp(ctx, next) {
+		await next();
+		const opts = {
+			...options,
+			...ctx.securityOptions.csp
+		};
+		if (checkIfIgnore(opts, ctx)) return;
+		let finalHeader;
+		const matchedOption = extend(true, {}, opts.policy);
+		const bufArray = [];
+		const headers = opts.reportOnly ? REPORT_ONLY_HEADER : HEADER;
+		if (opts.supportIE && MSIE_REGEXP.test(ctx.get("user-agent"))) finalHeader = headers[0];
+		else finalHeader = headers[1];
+		for (const key in matchedOption) {
+			const value = matchedOption[key];
+			if (key === "sandbox" && value === true) bufArray.push(key);
+			else {
+				let values = Array.isArray(value) ? value : [value];
+				if (key === "script-src") {
+					if (!values.some(function(val) {
+						return val.indexOf("nonce-") !== -1;
+					})) values.push("'nonce-" + ctx.nonce + "'");
+				}
+				values = values.map(function(d) {
+					if (d.startsWith(".")) d = "*" + d;
+					return d;
+				});
+				bufArray.push(key + " " + values.join(" "));
+			}
+		}
+		const headerString = bufArray.join(";");
+		ctx.set(finalHeader, headerString);
+		ctx.set("x-csp-nonce", ctx.nonce);
+	};
+};
+
+//#endregion
+export { csp_default };

package/dist/csrf-9aSLHiby.js

@@ -0,0 +1,33 @@
+import { checkIfIgnore } from "./utils-Cajs5P8M.js";
+import { debuglog } from "node:util";
+import typeis from "type-is";
+
+//#region src/lib/middlewares/csrf.ts
+const debug = debuglog("egg/security/lib/middlewares/csrf");
+var csrf_default = (options) => {
+	return function csrf(ctx, next) {
+		if (checkIfIgnore(options, ctx)) return next();
+		if ([
+			"any",
+			"all",
+			"ctoken"
+		].includes(options.type)) ctx.ensureCsrfSecret();
+		const method = ctx.method;
+		let isSupported = false;
+		for (const eachRule of options.supportedRequests) if (eachRule.path.test(ctx.path)) {
+			if (eachRule.methods.includes(method)) {
+				isSupported = true;
+				break;
+			}
+		}
+		if (!isSupported) return next();
+		if (options.ignoreJSON && typeis.is(ctx.get("content-type"), "json")) return next();
+		const body = ctx.request.body;
+		debug("%s %s, got %j", ctx.method, ctx.url, body);
+		ctx.assertCsrf();
+		return next();
+	};
+};
+
+//#endregion
+export { csrf_default };

package/dist/dta-DVAKEpJ3.js

@@ -0,0 +1,13 @@
+import { isSafePath } from "./utils-Cajs5P8M.js";
+
+//#region src/lib/middlewares/dta.ts
+var dta_default = () => {
+	return function dta(ctx, next) {
+		const path = ctx.path;
+		if (!isSafePath(path, ctx)) ctx.throw(400);
+		return next();
+	};
+};
+
+//#endregion
+export { dta_default };

package/dist/escape-Dex_Pk9e.d.ts

@@ -0,0 +1,2 @@
+import escapeHTML$1 from "escape-html";
+export { escapeHTML$1 as escapeHTML };

package/dist/escape-p8-cW8c_.js

@@ -0,0 +1,7 @@
+import escapeHTML from "escape-html";
+
+//#region src/lib/helper/escape.ts
+var escape_default = escapeHTML;
+
+//#endregion
+export { escape_default };

package/dist/escapeShellArg-BnzDicAC.d.ts

@@ -0,0 +1,4 @@
+//#region src/lib/helper/escapeShellArg.d.ts
+declare function escapeShellArg(text: string): string;
+//#endregion
+export { escapeShellArg };

package/dist/escapeShellArg-C0v1ZeCl.js

@@ -0,0 +1,7 @@
+//#region src/lib/helper/escapeShellArg.ts
+function escapeShellArg(text) {
+	return "'" + ("" + text).replace(/\\/g, "\\\\").replace(/'/g, "\\'") + "'";
+}
+
+//#endregion
+export { escapeShellArg };

package/dist/escapeShellCmd-CkAdyhtO.js

@@ -0,0 +1,15 @@
+//#region src/lib/helper/escapeShellCmd.ts
+const BASIC_ALPHABETS = new Set("#&;`|*?~<>^()[]{}$;'\",\nÿ".split(""));
+function escapeShellCmd(text) {
+	const str = "" + text;
+	let res = "";
+	let ascii;
+	for (let index = 0; index < str.length; index++) {
+		ascii = str[index];
+		if (!BASIC_ALPHABETS.has(ascii)) res += ascii;
+	}
+	return res;
+}
+
+//#endregion
+export { escapeShellCmd };

package/dist/escapeShellCmd-DQZZIHde.d.ts

@@ -0,0 +1,4 @@
+//#region src/lib/helper/escapeShellCmd.d.ts
+declare function escapeShellCmd(text: string): string;
+//#endregion
+export { escapeShellCmd };

package/dist/helper-DylzfQ_5.js

@@ -0,0 +1,25 @@
+import { cliFilter } from "./cliFilter-7BSD8Nc_.js";
+import { escape_default } from "./escape-p8-cW8c_.js";
+import { escapeShellArg } from "./escapeShellArg-C0v1ZeCl.js";
+import { escapeShellCmd } from "./escapeShellCmd-CkAdyhtO.js";
+import { shtml } from "./shtml-CgF4kOx-.js";
+import { escapeJavaScript } from "./sjs-Cbmkk5xS.js";
+import { jsonEscape } from "./sjson-BetFnVR6.js";
+import { pathFilter } from "./spath-Bu9sy6Kz.js";
+import { surl } from "./surl-ClleTea7.js";
+
+//#region src/lib/helper/index.ts
+var helper_default = {
+	cliFilter,
+	escape: escape_default,
+	escapeShellArg,
+	escapeShellCmd,
+	shtml,
+	sjs: escapeJavaScript,
+	sjson: jsonEscape,
+	spath: pathFilter,
+	surl
+};
+
+//#endregion
+export { helper_default };

package/dist/hsts-CWMKNTEh.js

@@ -0,0 +1,19 @@
+import { checkIfIgnore } from "./utils-Cajs5P8M.js";
+
+//#region src/lib/middlewares/hsts.ts
+var hsts_default = (options) => {
+	return async function hsts(ctx, next) {
+		await next();
+		const opts = {
+			...options,
+			...ctx.securityOptions.hsts
+		};
+		if (checkIfIgnore(opts, ctx)) return;
+		let val = `max-age=${opts.maxAge}`;
+		if (opts.includeSubdomains) val = `${val}; includeSubdomains`;
+		ctx.set("strict-transport-security", val);
+	};
+};
+
+//#endregion
+export { hsts_default };

package/dist/index.d.ts

@@ -1 +1,5 @@
-export { };
+import "./config.default-D8v08Vox.js";
+import "./safe_curl-mqZZv_YQ.js";
+import "./application-n5bk2L_z.js";
+import "./context-C-N1IY85.js";
+import "./types-BZR2U30p.js";

package/dist/index.js

@@ -1,5 +1,8 @@
-import "./app/extend/application.js";
-import "./app/extend/context.js";
-import "./app/extend/response.js";
+import "./utils-Cajs5P8M.js";
+import "./safe_curl-UlViaxoF.js";
+import "./application-COC0mYEe.js";
+import "./context-e-QJTKfq.js";
+import "./response-BFnHAJrV.js";
+import "./types-DnJpiSJb.js";
 
 export {  };

package/dist/lib/extend/safe_curl.d.ts

@@ -1,20 +1,3 @@
-import { SSRFCheckAddressFunction } from "../../config/config.default.js";
-import * as egg10 from "egg";
-import { EggApplicationCore } from "egg";
-
-//#region src/lib/extend/safe_curl.d.ts
-type HttpClient = EggApplicationCore['HttpClient'];
-type HttpClientParameters = Parameters<HttpClient['prototype']['request']>;
-type HttpClientRequestURL = HttpClientParameters[0];
-type HttpClientOptions = HttpClientParameters[1] & {
-  checkAddress?: SSRFCheckAddressFunction;
-};
-type HttpClientResponse<T = any> = Awaited<ReturnType<HttpClient['prototype']['request']>> & {
-  data: T;
-};
-/**
- * safe curl with ssrf protection
- */
-declare function safeCurlForApplication<T = any>(app: EggApplicationCore, url: HttpClientRequestURL, options?: HttpClientOptions): Promise<egg10.HttpClientResponse<T>>;
-//#endregion
+import "../../config.default-D8v08Vox.js";
+import { HttpClientOptions, HttpClientRequestURL, HttpClientResponse, safeCurlForApplication } from "../../safe_curl-mqZZv_YQ.js";
 export { HttpClientOptions, HttpClientRequestURL, HttpClientResponse, safeCurlForApplication };

package/dist/lib/extend/safe_curl.js

@@ -1,19 +1,3 @@
-//#region src/lib/extend/safe_curl.ts
-const SSRF_HTTPCLIENT = Symbol("SSRF_HTTPCLIENT");
-/**
-* safe curl with ssrf protection
-*/
-async function safeCurlForApplication(app, url, options = {}) {
-	const ssrfConfig = app.config.security.ssrf;
-	if (ssrfConfig?.checkAddress) options.checkAddress = ssrfConfig.checkAddress;
-	else app.logger.warn("[@eggjs/security] please configure `config.security.ssrf` first");
-	if (ssrfConfig?.checkAddress) {
-		let httpClient = app[SSRF_HTTPCLIENT];
-		if (!httpClient) httpClient = app[SSRF_HTTPCLIENT] = app.createHttpClient({ checkAddress: ssrfConfig.checkAddress });
-		return await httpClient.request(url, options);
-	}
-	return await app.curl(url, options);
-}
+import { safeCurlForApplication } from "../../safe_curl-UlViaxoF.js";
 
-//#endregion
 export { safeCurlForApplication };

package/dist/lib/helper/cliFilter.d.ts

@@ -1,7 +1,2 @@
-//#region src/lib/helper/cliFilter.d.ts
-/**
- * remote command execution
- */
-declare function cliFilter(text: string): string;
-//#endregion
+import { cliFilter } from "../../cliFilter-DKZxCxSe.js";
 export { cliFilter as default };

package/dist/lib/helper/cliFilter.js

@@ -1,18 +1,3 @@
-//#region src/lib/helper/cliFilter.ts
-/**
-* remote command execution
-*/
-const BASIC_ALPHABETS = new Set("abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ.-_".split(""));
-function cliFilter(text) {
-	const str = "" + text;
-	let res = "";
-	let ascii;
-	for (let index = 0; index < str.length; index++) {
-		ascii = str[index];
-		if (BASIC_ALPHABETS.has(ascii)) res += ascii;
-	}
-	return res;
-}
+import { cliFilter } from "../../cliFilter-7BSD8Nc_.js";
 
-//#endregion
 export { cliFilter as default };

package/dist/lib/helper/escape.d.ts

@@ -1,2 +1,2 @@
-import escapeHTML from "escape-html";
+import { escapeHTML } from "../../escape-Dex_Pk9e.js";
 export { escapeHTML as default };

package/dist/lib/helper/escape.js

@@ -1,7 +1,3 @@
-import escapeHTML from "escape-html";
+import { escape_default } from "../../escape-p8-cW8c_.js";
 
-//#region src/lib/helper/escape.ts
-var escape_default = escapeHTML;
-
-//#endregion
 export { escape_default as default };

package/dist/lib/helper/escapeShellArg.d.ts

@@ -1,4 +1,2 @@
-//#region src/lib/helper/escapeShellArg.d.ts
-declare function escapeShellArg(text: string): string;
-//#endregion
+import { escapeShellArg } from "../../escapeShellArg-BnzDicAC.js";
 export { escapeShellArg as default };

package/dist/lib/helper/escapeShellArg.js

@@ -1,7 +1,3 @@
-//#region src/lib/helper/escapeShellArg.ts
-function escapeShellArg(text) {
-	return "'" + ("" + text).replace(/\\/g, "\\\\").replace(/'/g, "\\'") + "'";
-}
+import { escapeShellArg } from "../../escapeShellArg-C0v1ZeCl.js";
 
-//#endregion
 export { escapeShellArg as default };

package/dist/lib/helper/escapeShellCmd.d.ts

@@ -1,4 +1,2 @@
-//#region src/lib/helper/escapeShellCmd.d.ts
-declare function escapeShellCmd(text: string): string;
-//#endregion
+import { escapeShellCmd } from "../../escapeShellCmd-DQZZIHde.js";
 export { escapeShellCmd as default };

package/dist/lib/helper/escapeShellCmd.js

@@ -1,15 +1,3 @@
-//#region src/lib/helper/escapeShellCmd.ts
-const BASIC_ALPHABETS = new Set("#&;`|*?~<>^()[]{}$;'\",\nÿ".split(""));
-function escapeShellCmd(text) {
-	const str = "" + text;
-	let res = "";
-	let ascii;
-	for (let index = 0; index < str.length; index++) {
-		ascii = str[index];
-		if (!BASIC_ALPHABETS.has(ascii)) res += ascii;
-	}
-	return res;
-}
+import { escapeShellCmd } from "../../escapeShellCmd-CkAdyhtO.js";
 
-//#endregion
 export { escapeShellCmd as default };

package/dist/lib/helper/index.d.ts

@@ -1,12 +1,12 @@
-import cliFilter from "./cliFilter.js";
-import escapeShellArg from "./escapeShellArg.js";
-import escapeShellCmd from "./escapeShellCmd.js";
-import shtml from "./shtml.js";
-import escapeJavaScript from "./sjs.js";
-import jsonEscape from "./sjson.js";
-import pathFilter from "./spath.js";
-import surl from "./surl.js";
-import escapeHTML from "./escape.js";
+import { cliFilter } from "../../cliFilter-DKZxCxSe.js";
+import { escapeShellArg } from "../../escapeShellArg-BnzDicAC.js";
+import { escapeShellCmd } from "../../escapeShellCmd-DQZZIHde.js";
+import { shtml } from "../../shtml-CAquTzgV.js";
+import { escapeJavaScript } from "../../sjs-QZIJYS71.js";
+import { jsonEscape } from "../../sjson-O-vKJPws.js";
+import { pathFilter } from "../../spath-DseDPHxf.js";
+import { surl } from "../../surl-JV70X_RZ.js";
+import { escapeHTML } from "../../escape-Dex_Pk9e.js";
 
 //#region src/lib/helper/index.d.ts
 declare const _default: {