Skip to content

Commit 42dc752

Browse files
aduh95aduh95
committed
fix(ncu-config): do not override encrypted values silently
1 parent 7342aff commit 42dc752

File tree

1 file changed

+16
-8
lines changed

1 file changed

+16
-8
lines changed

lib/config.js

Lines changed: 16 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -70,14 +70,18 @@ function addEncryptedPropertyGetter(target, key, input) {
7070
return value;
7171
},
7272
set(newValue) {
73-
addEncryptedPropertyGetter(target, key, newValue) ||
74-
setOwnProperty(target, key, newValue);
73+
if (!addEncryptedPropertyGetter(target, key, newValue)) {
74+
throw new Error(
75+
'Refusing to override an encrypted value with a non-encrypted one. ' +
76+
'Please use an encrypted one, or delete the config key first.'
77+
);
78+
}
7579
}
7680
});
7781
}
7882
}
7983

80-
export function getConfig(configType, dir) {
84+
export function getConfig(configType, dir, raw = false) {
8185
const configPath = getConfigPath(configType, dir);
8286
const encryptedConfigPath = configPath + '.gpg';
8387
if (existsSync(encryptedConfigPath)) {
@@ -90,16 +94,20 @@ export function getConfig(configType, dir) {
9094
}
9195
try {
9296
const json = readJson(configPath);
93-
for (const [key, val] of Object.entries(json)) {
94-
addEncryptedPropertyGetter(json, key, val);
97+
if (!raw) {
98+
// Raw config means encrypted values are returned as is.
99+
// Otherwise we install getters to decrypt them when accessed.
100+
for (const [key, val] of Object.entries(json)) {
101+
addEncryptedPropertyGetter(json, key, val);
102+
}
95103
}
96104
return json;
97105
} catch (cause) {
98106
throw new Error('Unable to parse config file ' + configPath, { cause });
99107
}
100108
};
101109

102-
export function getConfigPath(configType, dir) {
110+
function getConfigPath(configType, dir) {
103111
switch (configType) {
104112
case GLOBAL_CONFIG:
105113
return getNcurcPath();
@@ -117,7 +125,7 @@ export function getConfigPath(configType, dir) {
117125
}
118126
};
119127

120-
export function writeConfig(configType, obj, dir) {
128+
function writeConfig(configType, obj, dir) {
121129
const configPath = getConfigPath(configType, dir);
122130
const encryptedConfigPath = configPath + '.gpg';
123131
if (existsSync(encryptedConfigPath)) {
@@ -141,7 +149,7 @@ export function writeConfig(configType, obj, dir) {
141149
};
142150

143151
export function updateConfig(configType, obj, dir) {
144-
const config = getConfig(configType, dir);
152+
const config = getConfig(configType, dir, true);
145153
writeConfig(configType, Object.assign(config, obj), dir);
146154
};
147155

0 commit comments

Comments
 (0)