1const normalize = require('../') 2const t = require('tap') 3 4t.test('benign array', async t => { 5 const pkg = { name: 'hello', version: 'world', bin: ['./x/y', 'y/z', './a'] } 6 const expect = { name: 'hello', version: 'world', bin: { 7 y: 'x/y', 8 z: 'y/z', 9 a: 'a', 10 } } 11 t.strictSame(normalize(pkg), expect) 12 t.strictSame(normalize(normalize(pkg)), expect, 'double sanitize ok') 13}) 14 15t.test('conflicting array', async t => { 16 const pkg = { name: 'hello', version: 'world', bin: ['./x/y', 'z/y', './a'] } 17 const expect = { name: 'hello', version: 'world', bin: { 18 y: 'z/y', 19 a: 'a', 20 } } 21 t.strictSame(normalize(pkg), expect) 22 t.strictSame(normalize(normalize(pkg)), expect, 'double sanitize ok') 23}) 24 25t.test('slashy array', async t => { 26 const pkg = { name: 'hello', version: 'world', bin: [ '/etc/passwd' ] } 27 const expect = { name: 'hello', version: 'world', bin: { passwd: 'etc/passwd' } } 28 t.strictSame(normalize(pkg), expect) 29 t.strictSame(normalize(normalize(pkg)), expect, 'double sanitize ok') 30}) 31 32t.test('dotty array', async t => { 33 const pkg = { name: 'hello', version: 'world', bin: ['../../../../etc/passwd'] } 34 const expect = { name: 'hello', version: 'world', bin: { passwd: 'etc/passwd' } } 35 t.strictSame(normalize(pkg), expect) 36 t.strictSame(normalize(normalize(pkg)), expect, 'double sanitize ok') 37}) 38