Wrong parsing of arguments in install-node-and-nmp
See original GitHub issueI need to provide custom .npmrc
to the npm install
command. The .npmrc
is located in root of my project. My plugin configuration looks as:
<!--Install dependencies using npm-->
<execution>
<id>npm install</id>
<goals>
<goal>npm</goal>
</goals>
<configuration>
<arguments>install --userconfig "${basedir}/.npmrc"</arguments>
</configuration>
</execution>
The quotes ""
are provided because this runs on my Jenkins CI server and it constructs the temp folder for CI build out of project name which contains spaces. Unfortunately the the args are simply split on \s+
which ignores the quotes hence cannot be used with custom .npmrc
located in path which contains spaces. The issue can be seen here:
IMHO the problem is you take all the arguments as single String. I suggest you have option to provide List
of arguments instead and take them as they are. To make the change backward compatible you can provide new list property like <argumentsList>
and use the one which is set, fail if both are set. The fixed <configuration />
may look like:
<!--Install dependencies using npm-->
<execution>
<id>npm install</id>
<goals>
<goal>npm</goal>
</goals>
<configuration>
<argumentsList>
<argument>install</argument>
<argument>--userconfig</argument>
<argument>"${basedir}/.npmrc"</argument>
<argumentsList>
</configuration>
</execution>
Overall doing split on space looks dangerous to me. Let me know if you need help with this, will be glad to assist.
Issue Analytics
- State:
- Created 8 years ago
- Reactions:3
- Comments:6 (2 by maintainers)
Top GitHub Comments
This is tricky, what you are looking for is really some command line parser. The quotes may be escaped etc. There is whole apache project for that.
As I see it you want to pass arguments to a process. This is really
Collection
ofString
s. Even you hit the problem that the underlying API wants you to pass in aCollection
of parameters rather a singleString
- therefore you did the split. If user has a way to provide directly the collection that would be easiest from my point of view.Again, if you are OK with that I can do the coding a pull request.
+1 for fixing this issue