Skip to content

Commit e3d8969

Browse files
raych1raych1
committed
escaped quote for windows
1 parent f6227e5 commit e3d8969

File tree

1 file changed

+25
-7
lines changed

1 file changed

+25
-7
lines changed

src/lib/validators/openApiDiff.ts

Lines changed: 25 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -83,8 +83,26 @@ const updateChangeProperties = (change: ChangeProperties, pf: ProcessedFile): Ch
8383
}
8484
}
8585

86-
function escape(filePath: string) {
87-
return `"${filePath}"`
86+
/**
87+
* Safely escapes shell arguments for cross-platform compatibility
88+
* @param arg The argument to escape
89+
* @returns The safely escaped argument
90+
*/
91+
function escapeShellArg(arg: string): string {
92+
if (typeof arg !== "string") {
93+
throw new Error("Argument must be a string")
94+
}
95+
96+
if (process.platform === "win32") {
97+
// For Windows cmd.exe, wrap in double quotes and escape internal quotes
98+
// This handles paths with spaces and special characters safely
99+
// Double quotes are escaped by doubling them in Windows
100+
return `"${arg.replace(/"/g, '""')}"`
101+
} else {
102+
// On Unix-like systems, use shell-quote for proper escaping
103+
// shell-quote handles all edge cases including spaces, special chars, etc.
104+
return quote([arg])
105+
}
88106
}
89107

90108
/**
@@ -232,12 +250,12 @@ export class OpenApiDiff {
232250
const outputFolder = await fs.promises.mkdtemp(path.join(os.tmpdir(), "oad-"))
233251
const outputFilePath = path.join(outputFolder, `${outputFileName}.json`)
234252
const outputMapFilePath = path.join(outputFolder, `${outputFileName}.map`)
235-
// quote behavior is validated in shellEscapingTest.ts
253+
// Cross-platform shell argument escaping - behavior is validated in shellEscapingTest.ts
236254
const autoRestCmd = tagName
237-
? `${this.autoRestPath()} ${quote([swaggerPath])} --v2 --tag=${quote([tagName])} --output-artifact=swagger-document.json` +
238-
` --output-artifact=swagger-document.map --output-file=${quote([outputFileName])} --output-folder=${quote([outputFolder])}`
239-
: `${this.autoRestPath()} --v2 --input-file=${quote([swaggerPath])} --output-artifact=swagger-document.json` +
240-
` --output-artifact=swagger-document.map --output-file=${quote([outputFileName])} --output-folder=${quote([outputFolder])}`
255+
? `${this.autoRestPath()} ${escapeShellArg(swaggerPath)} --v2 --tag=${escapeShellArg(tagName)} --output-artifact=swagger-document.json` +
256+
` --output-artifact=swagger-document.map --output-file=${escapeShellArg(outputFileName)} --output-folder=${escapeShellArg(outputFolder)}`
257+
: `${this.autoRestPath()} --v2 --input-file=${escapeShellArg(swaggerPath)} --output-artifact=swagger-document.json` +
258+
` --output-artifact=swagger-document.map --output-file=${escapeShellArg(outputFileName)} --output-folder=${escapeShellArg(outputFolder)}`
241259

242260
log.debug(`Executing: "${autoRestCmd}"`)
243261

0 commit comments

Comments
 (0)