Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

braces has a high severity bug #229

Open
Zanaxhir opened this issue Jun 12, 2024 · 11 comments
Open

braces has a high severity bug #229

Zanaxhir opened this issue Jun 12, 2024 · 11 comments

Comments

@Zanaxhir
Copy link

braces is Used by copy-template-dir and has an high severity bug

Path: svgtofont > copy-template-dir > readdirp > micromatch > braces
Bug-Report: GHSA-grv7-fg5c-xmjg
jaywcjlove added a commit to tsbbjs/copy-template-dir that referenced this issue Jun 15, 2024
@jaywcjlove
chore(deps): update dependency readdirp to ^3.6.0
97c4d54 
jaywcjlove/svgtofont#229
jaywcjlove added a commit that referenced this issue Jun 15, 2024
@jaywcjlove
chore(deps): replace dependency 'copy-template-dir' with '@tsbb/copy-…
6e62676 
…template-dir' #229
github-actions bot pushed a commit that referenced this issue Jun 15, 2024
@jaywcjlove
v4.2.0 chore(deps): replace dependency 'copy-template-dir' with '@tsb…
61bff8f 
…b/copy-template-dir' #229 6e62676
jaywcjlove added a commit that referenced this issue Jun 15, 2024
@jaywcjlove
released v4.2.1 #229
73b33bf
github-actions bot pushed a commit that referenced this issue Jun 15, 2024
@jaywcjlove
v4.2.1 released v4.2.1 #229 73b33bf
4425c93
@jaywcjlove
Copy link
Owner

@Zanaxhir I upgraded the dependencies, and now the 'braces' package is no longer available.

@Zanaxhir
Copy link
Author

Zanaxhir commented Jun 18, 2024
edited
Loading

now I get the following error:

    throw new ERR_INVALID_ARG_TYPE(name, 'string', value);
    ^

TypeError [ERR_INVALID_ARG_TYPE]: The "path" argument must be of type string. Received undefined
    at new NodeError (node:internal/errors:399:5)
    at validateString (node:internal/validators:163:11)
    at Object.basename (node:path:1309:5)
    at /app/node_modules/@tsbb/copy-template-dir/index.js:59:28
    at /app/node_modules/run-parallel/index.js:46:7
    at Array.forEach (<anonymous>)
    at runParallel (/app/node_modules/run-parallel/index.js:45:11)
    at ReaddirpStream.<anonymous> (/app/node_modules/@tsbb/copy-template-dir/index.js:45:7)
    at ReaddirpStream.f (/app/node_modules/once/once.js:25:25)
    at ReaddirpStream.onend (/app/node_modules/end-of-stream/index.js:36:27) {
  code: 'ERR_INVALID_ARG_TYPE'
}

@Be-Mann
Copy link

Be-Mann commented Jun 18, 2024

We have exactly the same error with version 4.2.1

@jaywcjlove
Copy link
Owner

@Zanaxhir @Be-Mann Could you provide a reproducible example of the error? I have not encountered the error during local testing, and it did not appear in the CI either.

@Zanaxhir
Copy link
Author

Maybe it's because we use templates.
here is the config and the script call:

  "scripts": {
   "font": "svgtofont --sources src/generated/svg/images --output public/assets/font --fontName $VUE_APP_NAME'__font'"
  },
  "svgtofont": {
    "css": {
      "cssPath": "#{$host}/assets/font/",
      "output": "src/generated/svg/font",
      "include": ".*\\.scss",
      "fontSize": false
    },
    "styleTemplates": "src/svg",
    "outSVGReact": false
  },

And the Template:

@font-face {font-family: "{{fontname}}";
  src: url('{{cssPath}}{{fontname}}.eot?t={{timestamp}}'); /* IE9*/
  src: url('{{cssPath}}{{fontname}}.eot?t={{timestamp}}#iefix') format('embedded-opentype'), /* IE6-IE8 */
  url("{{cssPath}}{{fontname}}.woff2?t={{timestamp}}") format("woff2"),
  url("{{cssPath}}{{fontname}}.woff?t={{timestamp}}") format("woff"),
  url('{{cssPath}}{{fontname}}.ttf?t={{timestamp}}') format('truetype'), /* chrome, firefox, opera, Safari, Android, iOS 4.2+*/
  url('{{cssPath}}{{fontname}}.svg?t={{timestamp}}#{{fontname}}') format('svg'); /* iOS 4.1- */
}

@mixin iconFont() {
    font-family: '{{fontname}}' !important;
    font-style: normal;
    -webkit-font-smoothing: antialiased;
    -moz-osx-font-smoothing: grayscale;
}

[class^="{{prefix}}-"], [class*=" {{prefix}}-"] {
  @include iconFont;
  {{fontSize}}
}

{{cssString}}
{{cssToVars}}

@Zanaxhir
Copy link
Author

Ok, I tested with reduced config. Same error.

  "scripts": {
   "font": "svgtofont --sources src/generated/svg/images --output public/assets/font"
  },
  "svgtofont": {
    "css": {
      "cssPath": "#{$host}/assets/font/",
      "output": "src/generated/svg/font",
      "fontSize": false
    },
    "styleTemplates": "src/svg"
  },

Node Version is 'Node.js v18.16.0'

@Zanaxhir
Copy link
Author

Zanaxhir commented Jun 19, 2024
edited
Loading

New Node-Version new Error

SvgToFont:CLI:ERR: [Error: EISDIR: illegal operation on a directory, open '/app/public/assets/font/SVG.tpl'] {
  errno: -21,
  code: 'EISDIR',
  syscall: 'open',
  path: '/app/public/assets/font/SVG.tpl'
}
done!
/app/node_modules/svgtofont/lib/utils.js:269
            createdFiles = createdFiles.map(filePath => {
                                        ^

TypeError: Cannot read properties of undefined (reading 'map')
    at /app/node_modules/svgtofont/lib/utils.js:269:41
    at /app/node_modules/@tsbb/copy-template-dir/index.js:46:25
    at end (/app/node_modules/run-parallel/index.js:21:15)
    at done (/app/node_modules/run-parallel/index.js:25:10)
    at each (/app/node_modules/run-parallel/index.js:31:7)
    at /app/node_modules/run-parallel/index.js:46:37
    at /app/node_modules/@tsbb/copy-template-dir/node_modules/pump/index.js:73:7
    at f (/app/node_modules/once/once.js:25:25)
    at WriteStream.<anonymous> (/app/node_modules/@tsbb/copy-template-dir/node_modules/pump/index.js:29:21)
    at WriteStream.f (/app/node_modules/once/once.js:25:25)

Node.js v18.20.3

Conflict with a template of an svg-Vue-Component-Generator, but the template is in another directory.
All Files in 'public/assets/font' are generated by the font script.
This Error is not triggered if styleTemplates removed from config.
Workaround: I moved the styleTemplates to a subdirectory

2024-06-19_09h24_58

@jaywcjlove
Copy link
Owner

@Zanaxhir Create a repository, let me run and take a look.

Like this: https://github.com/jaywcjlove/svgtofont/tree/master/test/example

@ilearnio
Copy link

Having the same error with bun or node v16.20.2 & npm v8.19.4. Fresh install, no configs, just a CLI command

image

image

jaywcjlove added a commit that referenced this issue Jun 22, 2024
@jaywcjlove
fix: Minumum node.js requirement is now version 8.x #229
20e28a9
jaywcjlove added a commit that referenced this issue Jun 22, 2024
@jaywcjlove
released v4.2.2 #229
cbc1fc5
github-actions bot pushed a commit that referenced this issue Jun 22, 2024
@jaywcjlove
v4.2.1 fix: Minumum node.js requirement is now version 8.x #229 20e28a9
62c7ac5
github-actions bot pushed a commit that referenced this issue Jun 22, 2024
@jaywcjlove
v4.2.2 released v4.2.2 #229 cbc1fc5
ae59734
@jaywcjlove
Copy link
Owner

@Zanaxhir @ilearnio copy-template-dir dependency has been upgraded to readdirp@v3, but it now requires at least Node.js 18+.

@marcos-castrillo
Copy link

For anybody still getting the same error, from the documentation of copy-template-dir:

templateDir: The directory that holds the templates. Filenames prepended with a _ will have it removed when copying. Dotfiles need to be prepended with a _. Files and filenames are populated with variables using the {{varName}} syntax.

I had to prepend the template name with an underscore: from iconfont.less.template to _iconfont.less.template in my case.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jaywcjlove @Zanaxhir @ilearnio @Be-Mann @marcos-castrillo