Skip to content

Commit

Permalink
chore: print a warning when the user uses paths outside CWD
Browse files Browse the repository at this point in the history
  • Loading branch information
@francescomari
francescomari committed Jun 13, 2022
1 parent 2603279 commit 3389471
Showing 1 changed file with 26 additions and 0 deletions.
26 changes: 26 additions & 0 deletions src/cli/commands/test/iac/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ import { UnsupportedEntitlementError } from '../../../../lib/errors/unsupported-
import * as ora from 'ora';
import { CustomError, FormattedCustomError } from '../../../../lib/errors';
import { scan } from './scan';
import * as path from 'path';

const debug = Debug('snyk-test');
const SEPARATOR = '\n-------------------------------------------------------\n';
Expand Down Expand Up @@ -74,6 +75,10 @@ export default async function(
if (shouldLogUserMessages(options, isNewIacOutputSupported)) {
console.log(EOL + iacTestTitle + EOL);

if (paths.some(isOutsideCurrentWorkingDirectory)) {
printCurrentWorkingDirectoryTraversalWarning();
}

testSpinner = ora({ isSilent: options.quiet, stream: process.stdout });
}

Expand Down Expand Up @@ -317,3 +322,24 @@ export default async function(
stringifiedSarifData,
);
}

function isOutsideCurrentWorkingDirectory(p: string): boolean {
return path.relative(process.cwd(), p).includes('..');
}

function printCurrentWorkingDirectoryTraversalWarning() {
let msg = '';

msg +=
'Warning: Scanning paths outside the current working directory is deprecated and' +
EOL;
msg +=
'will be removed in the future. Please see the documentation for further details:' +
EOL +
EOL;
msg +=
' https://docs.snyk.io/products/snyk-infrastructure-as-code/snyk-cli-for-infrastructure-as-code/test-your-configuration-files' +
EOL;

console.log(chalk.yellow(msg));
}

0 comments on commit 3389471

Please sign in to comment.