UNPKG

zapier-platform-cli

Version:

The CLI for managing integrations in Zapier Developer Platform.

platform.zapier.com

zapier/zapier-platform

135 lines (113 loc) 4.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
// This is a modernized version of the decompress package. // Instead of letting decompress import many of its plugins, such as // decompress-unzip, decompress-tar, etc, we extracted only the unzip part, // so we only depend on decompress-unzip. // Original source: https://github.com/kevva/decompress/blob/84a8c104/index.js const fsP = require('node:fs/promises'); const path = require('node:path'); const decompressUnzip = require('decompress-unzip'); const safeMakeDir = async (dir, realOutputPath) => { let resolvedPathToCheck; try { resolvedPathToCheck = await fsP.realpath(dir); } catch (error) { const parent = path.dirname(dir); resolvedPathToCheck = await safeMakeDir(parent, realOutputPath); } // Security check for zip slip vulnerability if (!resolvedPathToCheck.startsWith(realOutputPath)) { throw new Error('Refusing to create a directory outside the output path.'); } await fsP.mkdir(dir, { recursive: true }); return await fsP.realpath(dir); }; const preventWritingThroughSymlink = async (destination, realOutputPath) => { let symlinkPointsTo; try { symlinkPointsTo = await fsP.readlink(destination); } catch (error) { // Either no file exists, or it's not a symlink. In either case, this is // not an escape we need to worry about in this phase. } if (symlinkPointsTo) { throw new Error('Refusing to write into a symlink'); } }; const extractItem = async (item, realOutputPath) => { const dest = path.join(realOutputPath, item.path); const mode = item.mode & ~process.umask(); const now = new Date(); if (item.type === 'directory') { await safeMakeDir(dest, realOutputPath); await fsP.utimes(dest, now, item.mtime); return item; } await safeMakeDir(path.dirname(dest), realOutputPath); if (item.type === 'file') { await preventWritingThroughSymlink(dest, realOutputPath); } const realDestinationDir = await fsP.realpath(path.dirname(dest)); if (!realDestinationDir.startsWith(realOutputPath)) { throw new Error( 'Refusing to write outside output directory: ' + realDestinationDir, ); } if (item.type === 'symlink') { // Security check to block symlinks pointing outside output directory, // like evil_link -> ../../../../../etc/passwd. We don't throw an error // here, just skip creating the symlink, because there are known zip files // containing such symlinks (such as .editorconfig) that are not essential // to the integration. const absTargetPath = path.resolve(realDestinationDir, item.linkname); const relTargetPath = path.relative(realOutputPath, absTargetPath); if (!relTargetPath.startsWith('..')) { // Windows will have issues with the following line, since creating a // symlink on Windows requires Administrator privilege. But that's fine // because we only run decompress on Windows in CI tests, which do run // with Administrator privilege. try { await fsP.symlink(item.linkname, dest); } catch (err) { // When a package manager uses symlinks (e.g. pnpm), the zip may // contain both file entries and a symlink entry for the same path. // Since we extract in parallel, the file entries can create a // directory at `dest` before the symlink is created, causing // EEXIST. if (err.code === 'EEXIST' && err.syscall === 'symlink') { // Safe to ignore this error, the content is already there. } else { throw err; } } } } else { await fsP.writeFile(dest, item.data, { mode }); await fsP.utimes(dest, now, item.mtime); } return item; }; const decompress = async (input, output) => { if (typeof input !== 'string') { throw new TypeError('input must be a file path (string)'); } if (typeof output !== 'string') { throw new TypeError('output must be a directory path (string)'); } let fd, buf; try { fd = await fsP.open(input); buf = await fd.readFile(); } finally { await fd?.close(); } // Ensure output directory exists await fsP.mkdir(output, { recursive: true }); const realOutputPath = await fsP.realpath(output); const items = await decompressUnzip()(buf); return await Promise.all( items.map(async (x) => { return await extractItem(x, realOutputPath); }), ); }; module.exports = decompress;