chore: add .editorconfig for consistent code formatting#17227
Open
srpatcha wants to merge 5 commits intofacebook:mainfrom
Open
chore: add .editorconfig for consistent code formatting#17227srpatcha wants to merge 5 commits intofacebook:mainfrom
srpatcha wants to merge 5 commits intofacebook:mainfrom
Conversation
line.match(/ .*/g)[0] crashed with TypeError when the regex had no match and returned null. Added null-safe handling with optional chaining to prevent the crash during eject. Signed-off-by: Srikanth Patchava <spatchava@meta.com> Signed-off-by: Srikanth Patchava <srikanth.patchava@outlook.com>
Add templateValidator.js with comprehensive CRA template validation: - Template structure validation (required files check) - Package.json schema validation with blocked keys - Dependency conflict detection with react-scripts - Script hook validation - Path traversal prevention (dangerous patterns, symlinks) - Template directory scanning for unsafe files - Version compatibility checking - Combined validation runner with detailed error messages Signed-off-by: Srikanth Patchava <spatchava@meta.com>
Add Jest test suite for templateValidator.js covering: - Template structure validation (missing files, TS alternatives) - Package.json schema validation (blocked keys, deprecated fields) - Dependency conflict detection - Script hook validation - Path traversal prevention - Version compatibility checking - Integration test combining all validations Signed-off-by: Srikanth Patchava <spatchava@meta.com>
Add filter and dereference options to fs.copySync in init.js to prevent malicious templates from writing files outside the target app directory. The filter validates that each resolved destination path stays within appPath, blocking path traversal via '../' patterns and symlinks. Signed-off-by: Srikanth Patchava <spatchava@meta.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes
chore: add .editorconfig for consistent code formatting
Signed with GPG.