@mintlify/cli 4.0.905 → 4.0.907
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/__test__/init.test.ts +13 -8
- package/__test__/openApiCheck.test.ts +0 -17
- package/__test__/pathValidation.test.ts +25 -0
- package/bin/helpers.js +2 -8
- package/bin/init.js +2 -11
- package/bin/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +7 -7
- package/src/helpers.tsx +2 -8
- package/src/init.tsx +2 -12
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mintlify/cli",
|
|
3
|
-
"version": "4.0.
|
|
3
|
+
"version": "4.0.907",
|
|
4
4
|
"description": "The Mintlify CLI",
|
|
5
5
|
"engines": {
|
|
6
6
|
"node": ">=18.0.0"
|
|
@@ -40,12 +40,12 @@
|
|
|
40
40
|
},
|
|
41
41
|
"dependencies": {
|
|
42
42
|
"@inquirer/prompts": "7.9.0",
|
|
43
|
-
"@mintlify/common": "1.0.
|
|
44
|
-
"@mintlify/link-rot": "3.0.
|
|
43
|
+
"@mintlify/common": "1.0.687",
|
|
44
|
+
"@mintlify/link-rot": "3.0.846",
|
|
45
45
|
"@mintlify/models": "0.0.259",
|
|
46
|
-
"@mintlify/prebuild": "1.0.
|
|
47
|
-
"@mintlify/previewing": "4.0.
|
|
48
|
-
"@mintlify/validation": "0.1.
|
|
46
|
+
"@mintlify/prebuild": "1.0.823",
|
|
47
|
+
"@mintlify/previewing": "4.0.879",
|
|
48
|
+
"@mintlify/validation": "0.1.571",
|
|
49
49
|
"adm-zip": "0.5.16",
|
|
50
50
|
"chalk": "5.2.0",
|
|
51
51
|
"color": "4.2.3",
|
|
@@ -81,5 +81,5 @@
|
|
|
81
81
|
"vitest": "2.0.4",
|
|
82
82
|
"vitest-mock-process": "1.0.4"
|
|
83
83
|
},
|
|
84
|
-
"gitHead": "
|
|
84
|
+
"gitHead": "4b4538c642352da583f06fe48443e4cdb85cd2d6"
|
|
85
85
|
}
|
package/src/helpers.tsx
CHANGED
|
@@ -10,7 +10,7 @@ import {
|
|
|
10
10
|
removeLastLog,
|
|
11
11
|
LOCAL_LINKED_CLI_VERSION,
|
|
12
12
|
} from '@mintlify/previewing';
|
|
13
|
-
import { upgradeToDocsConfig } from '@mintlify/validation';
|
|
13
|
+
import { upgradeToDocsConfig, validatePathWithinCwd } from '@mintlify/validation';
|
|
14
14
|
import detect from 'detect-port';
|
|
15
15
|
import fse from 'fs-extra';
|
|
16
16
|
import fs from 'fs/promises';
|
|
@@ -165,13 +165,7 @@ export const suppressConsoleWarnings = (): void => {
|
|
|
165
165
|
export const readLocalOpenApiFile = async (
|
|
166
166
|
filename: string
|
|
167
167
|
): Promise<Record<string, unknown> | undefined> => {
|
|
168
|
-
const
|
|
169
|
-
// const pathname = path.resolve(process.cwd(), filename);
|
|
170
|
-
const resolvedPath = path.resolve(baseDir, filename);
|
|
171
|
-
const relative = path.relative(baseDir, resolvedPath);
|
|
172
|
-
if (relative.startsWith('..') || path.isAbsolute(relative)) {
|
|
173
|
-
throw new Error('Access denied: invalid path');
|
|
174
|
-
}
|
|
168
|
+
const { resolvedPath } = validatePathWithinCwd(filename, CMD_EXEC_PATH);
|
|
175
169
|
const file = await fs.readFile(resolvedPath, 'utf-8');
|
|
176
170
|
const document = yaml.load(file) as Record<string, unknown> | undefined;
|
|
177
171
|
return document;
|
package/src/init.tsx
CHANGED
|
@@ -1,19 +1,9 @@
|
|
|
1
1
|
import { select, input } from '@inquirer/prompts';
|
|
2
2
|
import { addLogs, addLog, SpinnerLog, removeLastLog } from '@mintlify/previewing';
|
|
3
|
-
import { docsConfigSchema } from '@mintlify/validation';
|
|
3
|
+
import { docsConfigSchema, validatePathWithinCwd } from '@mintlify/validation';
|
|
4
4
|
import AdmZip from 'adm-zip';
|
|
5
5
|
import fse from 'fs-extra';
|
|
6
6
|
import { Box, Text } from 'ink';
|
|
7
|
-
import path from 'path';
|
|
8
|
-
|
|
9
|
-
const validatePathWithinCwd = (inputPath: string): void => {
|
|
10
|
-
const baseDir = process.cwd();
|
|
11
|
-
const resolvedPath = path.resolve(baseDir, inputPath);
|
|
12
|
-
const relative = path.relative(baseDir, resolvedPath);
|
|
13
|
-
if (relative.startsWith(`..${path.sep}`) || relative === '..' || path.isAbsolute(relative)) {
|
|
14
|
-
throw new Error(`Access denied: path "${inputPath}" is outside the current directory`);
|
|
15
|
-
}
|
|
16
|
-
};
|
|
17
7
|
|
|
18
8
|
const sendOnboardingMessage = (installDir: string) => {
|
|
19
9
|
addLogs(
|
|
@@ -120,7 +110,7 @@ export async function init(
|
|
|
120
110
|
}
|
|
121
111
|
installDir = installDir === '.' ? subdir : `${installDir}/${subdir}`;
|
|
122
112
|
// Re-validate after subdirectory is appended
|
|
123
|
-
validatePathWithinCwd(installDir);
|
|
113
|
+
validatePathWithinCwd(installDir, process.cwd());
|
|
124
114
|
}
|
|
125
115
|
}
|
|
126
116
|
|