From 76b95046d8c1be46f863d81658d1d703353e3549 Mon Sep 17 00:00:00 2001 From: Luca Forstner Date: Mon, 12 Aug 2024 11:09:05 +0200 Subject: [PATCH] Add test --- .../release-value-with-quotes/input/bundle.js | 3 ++ .../release-value-with-quotes.test.ts | 32 +++++++++++++++++++ .../release-value-with-quotes/setup.ts | 15 +++++++++ 3 files changed, 50 insertions(+) create mode 100644 packages/integration-tests/fixtures/release-value-with-quotes/input/bundle.js create mode 100644 packages/integration-tests/fixtures/release-value-with-quotes/release-value-with-quotes.test.ts create mode 100644 packages/integration-tests/fixtures/release-value-with-quotes/setup.ts diff --git a/packages/integration-tests/fixtures/release-value-with-quotes/input/bundle.js b/packages/integration-tests/fixtures/release-value-with-quotes/input/bundle.js new file mode 100644 index 00000000..aa73bfa8 --- /dev/null +++ b/packages/integration-tests/fixtures/release-value-with-quotes/input/bundle.js @@ -0,0 +1,3 @@ +// Simply output the metadata to the console so it can be checked in a test +// eslint-disable-next-line no-console, @typescript-eslint/no-unsafe-member-access +console.log(JSON.stringify(global.SENTRY_RELEASE.id)); diff --git a/packages/integration-tests/fixtures/release-value-with-quotes/release-value-with-quotes.test.ts b/packages/integration-tests/fixtures/release-value-with-quotes/release-value-with-quotes.test.ts new file mode 100644 index 00000000..9dedec78 --- /dev/null +++ b/packages/integration-tests/fixtures/release-value-with-quotes/release-value-with-quotes.test.ts @@ -0,0 +1,32 @@ +/* eslint-disable jest/no-standalone-expect */ +/* eslint-disable jest/expect-expect */ +import { execSync } from "child_process"; +import path from "path"; +import { testIfNodeMajorVersionIsLessThan18 } from "../../utils/testIf"; + +function checkBundle(bundlePath: string): void { + const output = execSync(`node ${bundlePath}`, { encoding: "utf-8" }); + expect(output).toBe('i am a dangerous release value because I contain a "'); +} + +describe("Properly escapes release values before injecting", () => { + testIfNodeMajorVersionIsLessThan18("webpack 4 bundle", () => { + checkBundle(path.join(__dirname, "out", "webpack4", "bundle.js")); + }); + + test("webpack 5 bundle", () => { + checkBundle(path.join(__dirname, "out", "webpack5", "bundle.js")); + }); + + test("esbuild bundle", () => { + checkBundle(path.join(__dirname, "out", "esbuild", "bundle.js")); + }); + + test("rollup bundle", () => { + checkBundle(path.join(__dirname, "out", "rollup", "bundle.js")); + }); + + test("vite bundle", () => { + checkBundle(path.join(__dirname, "out", "vite", "bundle.js")); + }); +}); diff --git a/packages/integration-tests/fixtures/release-value-with-quotes/setup.ts b/packages/integration-tests/fixtures/release-value-with-quotes/setup.ts new file mode 100644 index 00000000..4782d284 --- /dev/null +++ b/packages/integration-tests/fixtures/release-value-with-quotes/setup.ts @@ -0,0 +1,15 @@ +import * as path from "path"; +import { createCjsBundles } from "../../utils/create-cjs-bundles"; + +const outputDir = path.resolve(__dirname, "out"); + +createCjsBundles( + { + bundle: path.resolve(__dirname, "input", "bundle.js"), + }, + outputDir, + { + release: { name: 'i am a dangerous release value because I contain a "' }, + }, + ["webpack4", "webpack5", "esbuild", "rollup", "vite"] +);