• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/usr/bin/env python3
2
3import argparse
4import os
5import shutil
6import subprocess
7import tarfile
8import tempfile
9import urllib.request
10
11BASE_URL = "https://github.com/nodejs/gyp-next/archive/"
12CHECKOUT_PATH = os.path.dirname(os.path.realpath(__file__))
13CHECKOUT_GYP_PATH = os.path.join(CHECKOUT_PATH, "gyp")
14
15parser = argparse.ArgumentParser()
16parser.add_argument("tag", help="gyp tag to update to")
17args = parser.parse_args()
18
19tar_url = BASE_URL + args.tag + ".tar.gz"
20
21changed_files = subprocess.check_output(["git", "diff", "--name-only"]).strip()
22if changed_files:
23    raise Exception("Can't update gyp while you have uncommitted changes in node-gyp")
24
25with tempfile.TemporaryDirectory() as tmp_dir:
26    tar_file = os.path.join(tmp_dir, "gyp.tar.gz")
27    unzip_target = os.path.join(tmp_dir, "gyp")
28    with open(tar_file, "wb") as f:
29        print("Downloading gyp-next@" + args.tag + " into temporary directory...")
30        print("From: " + tar_url)
31        with urllib.request.urlopen(tar_url) as in_file:
32            f.write(in_file.read())
33
34        print("Unzipping...")
35        with tarfile.open(tar_file, "r:gz") as tar_ref:
36            def is_within_directory(directory, target):
37
38                abs_directory = os.path.abspath(directory)
39                abs_target = os.path.abspath(target)
40
41                prefix = os.path.commonprefix([abs_directory, abs_target])
42
43                return prefix == abs_directory
44
45            def safe_extract(tar, path=".", members=None, *, numeric_owner=False):
46
47                for member in tar.getmembers():
48                    member_path = os.path.join(path, member.name)
49                    if not is_within_directory(path, member_path):
50                        raise Exception("Attempted Path Traversal in Tar File")
51
52                tar.extractall(path, members, numeric_owner=numeric_owner)
53
54            safe_extract(tar_ref, unzip_target)
55
56        print("Moving to current checkout (" + CHECKOUT_PATH + ")...")
57        if os.path.exists(CHECKOUT_GYP_PATH):
58            shutil.rmtree(CHECKOUT_GYP_PATH)
59        shutil.move(
60            os.path.join(unzip_target, os.listdir(unzip_target)[0]), CHECKOUT_GYP_PATH
61        )
62
63subprocess.check_output(["git", "add", "gyp"], cwd=CHECKOUT_PATH)
64subprocess.check_output(["git", "commit", "-m", "feat(gyp): update gyp to " + args.tag])
65