gitlify/src/utils/validator.js

A powerful CLI tool to analyze uncommitted git changes with detailed reports, function detection, and beautiful terminal output

const path = require('path');
const fs = require('fs');

class InputValidator {
  static validateFilePath(filePath) {
    if (typeof filePath !== 'string') {
      throw new Error('File path must be a string');
    }
    
    if (filePath.length === 0) {
      throw new Error('File path cannot be empty');
    }
    
    // Path traversal kontrolü
    if (filePath.includes('..') || filePath.includes('~')) {
      throw new Error('Invalid file path: Path traversal detected');
    }
    
    // Sadece güvenli karakterler
    if (!/^[a-zA-Z0-9\/\._-]+$/.test(filePath)) {
      throw new Error('Invalid file path: Contains unsafe characters');
    }
    
    return true;
  }
  
  static validateOptions(options) {
    const validOptions = ['verbose', 'json', 'files', 'summary', 'help'];
    
    for (const key in options) {
      if (!validOptions.includes(key)) {
        throw new Error(`Invalid option: ${key}`);
      }
    }
    
    return true;
  }
  
  static validateAndResolvePath(filePath, baseDir) {
    this.validateFilePath(filePath);
    
    const normalizedPath = path.normalize(filePath);
    const fullPath = path.resolve(baseDir, normalizedPath);
    
    // Güvenlik kontrolü - path traversal koruması
    if (!fullPath.startsWith(baseDir)) {
      throw new Error('Access denied: Path outside working directory');
    }
    
    return fullPath;
  }
  
  static validateFileSize(filePath, maxSize = 10 * 1024 * 1024) {
    try {
      const stats = fs.statSync(filePath);
      if (stats.size > maxSize) {
        throw new Error(`File too large: ${stats.size} bytes (max: ${maxSize} bytes)`);
      }
      return true;
    } catch (error) {
      if (error.code === 'ENOENT') {
        throw new Error('File not found');
      }
      throw error;
    }
  }
}

module.exports = InputValidator;