Merge pull request #41 from snyk/dotkas/CLI-194/fix-shescape-migration

dotkas · web-flow · commit f83f67a57421 · 2025-06-05T04:51:58.000-07:00
fix: [CLI-104] disabling `flagProtection` from shescape, bumping minium version to Node `20`
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -54,7 +54,7 @@ jobs:
     resource_class: small
     <<: *defaults
     docker:
-      - image: circleci/node:<< parameters.node_version >>
+      - image: cimg/node:<< parameters.node_version >>
     steps:
       - checkout
       - show_node_npm_version
@@ -117,15 +117,15 @@ workflows:
 
       - security-scans:
           name: Security Scans
-          node_version: "12"
+          node_version: "20.19.0"
           context:
             - open_source-managed
             - nodejs-install
 
       - lint:
           name: lint
           context: nodejs-install
-          node_version: "18.19.1"
+          node_version: "20.19.0"
 
       # UNIX tests
       - test-unix:
@@ -135,12 +135,12 @@ workflows:
             - lint
           matrix:
             parameters:
-              node_version: ["18.19.1"]
+              node_version: ["20.19.0"]
 
       - release:
           name: Release
           context: nodejs-lib-release
-          node_version: "lts"
+          node_version: "20.19.0"
           requires:
             - lint
             - test-unix
diff --git a/.node-version b/.node-version
diff --git a/.nvmrc b/.nvmrc
@@ -0,0 +1 @@
+20
diff --git a/README.md b/README.md
@@ -4,12 +4,12 @@
 
 [![Known Vulnerabilities](https://snyk.io/test/github/snyk/snyk-cocoapods-plugin/badge.svg)](https://snyk.io/test/github/snyk/snyk-cocoapods-plugin)
 
-
-Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system.
+Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part
+of your CI (Build) system.
 
 | :information_source: This repository is only a plugin to be used with the Snyk CLI tool. To use this plugin to test and fix vulnerabilities in your project, install the Snyk CLI tool first. Head over to [snyk.io](https://github.com/snyk/snyk) to get started. |
-| --- |
-
+|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 
 ## Snyk snyk-cocoapods-plugin
+
 Snyk CLI CocoaPods plugin
diff --git a/lib/sub-process.ts b/lib/sub-process.ts
@@ -4,7 +4,7 @@ import { quoteAll } from 'shescape/stateless';
 export function execute(
   command: string,
   args: string[] = [],
-  options?: { cwd?: string }
+  options?: { cwd?: string },
 ): Promise<string> {
   const spawnOptions: {
     shell: boolean;
@@ -14,7 +14,7 @@ export function execute(
     spawnOptions.cwd = options.cwd;
   }
 
-  args = quoteAll(args, spawnOptions);
+  args = quoteAll(args, { flagProtection: false });
 
   return new Promise((resolve, reject) => {
     let stdout = '';
diff --git a/package.json b/package.json
@@ -34,14 +34,14 @@
     "@snyk/cli-interface": "^2.11.0",
     "@snyk/cocoapods-lockfile-parser": "3.6.2",
     "@snyk/dep-graph": "^1.23.1",
-    "shescape": "2.1.0",
+    "shescape": "2.1.4",
     "source-map-support": "^0.5.7",
     "tslib": "^2.0.0"
   },
   "devDependencies": {
     "@types/graphlib": "^2.1.6",
     "@types/jest": "28.1.1",
-    "@types/node": "^8.10.60",
+    "@types/node": "^20.17.57",
     "@typescript-eslint/eslint-plugin": "^2.33.0",
     "@typescript-eslint/parser": "^2.33.0",
     "eslint": "^6.8.0",
@@ -51,6 +51,6 @@
     "ts-jest": "28.0.8",
     "ts-node": "^8.10.1",
     "tsc-watch": "^2.2.1",
-    "typescript": "4.9.3"
+    "typescript": "5.8.3"
   }
 }
