Skip to content

Commit 4062ada

Browse files
justin808claude
justin808
and
claude
committed
Fix YAML serialization, file validation, and documentation issues
**YAML Serialization Fixes:** - Fix multiline string values under object keys to use proper block scalar (|) syntax - Multiline strings in objects now properly indented with valueIndent **File Security & Validation:** - Add basename() sanitization to prevent path traversal in writeMultipleFiles - Call validateOutputPath() in both writeSingleFile and writeMultipleFiles - Ensure filenames cannot escape target directory **Documentation:** - Add bash language hint to code fence at line 78 (fixes MD040 markdownlint warning) All changes address issues identified in code review while maintaining backward compatibility. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
1 parent e5e3e54 commit 4062ada

3 files changed

Lines changed: 14 additions & 7 deletions

File tree

docs/troubleshooting.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@
7575

7676
6. Generate webpack stats for build analysis (useful for bundle size optimization):
7777

78-
```
78+
```bash
7979
NODE_ENV=development bin/shakapacker --profile --json > /tmp/webpack-stats.json
8080
```
8181

package/configExporter/fileWriter.ts

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
import { writeFileSync, mkdirSync, existsSync } from "fs"
2-
import { resolve, dirname, relative, isAbsolute } from "path"
2+
import { resolve, dirname, relative, isAbsolute, basename } from "path"
33
import { tmpdir } from "os"
44
import { FileOutput } from "./types"
55

@@ -17,7 +17,9 @@ export class FileWriter {
1717

1818
// Write each file
1919
outputs.forEach((output) => {
20-
const filePath = resolve(targetDir, output.filename)
20+
const safeName = basename(output.filename)
21+
const filePath = resolve(targetDir, safeName)
22+
this.validateOutputPath(filePath)
2123
this.writeFile(filePath, output.content)
2224
console.log(`[Config Exporter] Created: ${filePath}`)
2325
})
@@ -35,6 +37,7 @@ export class FileWriter {
3537
const dir = dirname(filePath)
3638
this.ensureDirectory(dir)
3739

40+
this.validateOutputPath(filePath)
3841
this.writeFile(filePath, content)
3942
console.log(`[Config Exporter] Config exported to: ${filePath}`)
4043
}

package/configExporter/yamlSerializer.ts

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -184,10 +184,13 @@ export class YamlSerializer {
184184
}
185185
}
186186

187-
const serialized = this.serializeValue(value, indent + 2, fullKeyPath)
188-
189-
// Handle nested objects and arrays differently
190-
if (
187+
// Handle multiline strings specially with block scalar
188+
if (typeof value === "string" && value.includes("\n")) {
189+
lines.push(`${keyIndent}${key}: |`)
190+
for (const line of value.split("\n")) {
191+
lines.push(`${valueIndent}${line}`)
192+
}
193+
} else if (
191194
typeof value === "object" &&
192195
value !== null &&
193196
!Array.isArray(value)
@@ -212,6 +215,7 @@ export class YamlSerializer {
212215
lines.push(arrayLines)
213216
}
214217
} else {
218+
const serialized = this.serializeValue(value, indent + 2, fullKeyPath)
215219
lines.push(`${keyIndent}${key}: ${serialized}`)
216220
}
217221
})

0 commit comments

Comments
 (0)