Skip to content

child_process: validate exec's options.shell as string #59185

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

child_process: validate exec's options.shell as string #59185

wants to merge 1 commit into from

Conversation

Renegade334
Copy link
Contributor

@Renegade334 Renegade334 commented Jul 23, 2025
edited
Loading

exec() is documented to only take a string for the shell option, but this is not validated; passing something like { shell: false } (or any other invalid value) is currently silently ignored. This adds explicit validation.

Replaces #58525.

@nodejs-github-bot nodejs-github-bot added child_process Issues and PRs related to the child_process subsystem. needs-ci PRs that need a full CI run. labels Jul 23, 2025
@codecov Codecov
Copy link

codecov bot commented Jul 23, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.28%. Comparing base (6a46f31) to head (4ca3f67).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #59185      +/-   ##
==========================================
+ Coverage   87.76%   88.28%   +0.52%     
==========================================
  Files         701      701              
  Lines      206774   206780       +6     
  Branches    39692    39780      +88     
==========================================
+ Hits       181477   182563    +1086     
+ Misses      17288    16235    -1053     
+ Partials     8009     7982      -27
Files with missing lines Coverage Δ
lib/child_process.js 95.57% <100.00%> (+0.30%) ⬆️

... and 101 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/68165/

himself65
himself65 reviewed Jul 25, 2025
View reviewed changes
test/parallel/test-child-process-exec-any-shells-windows.js
@@ -33,7 +33,7 @@ const testCopy = (shellName, shellPath) => {
const system32 = `${process.env.SystemRoot}\\System32`;

// Test CMD
test(true);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

shell: true is a widely used input. many downstream devs (and me) are actually using it.

https://github.com/search?q=child_process+shell%3A+true+language%3AJavaScript&type=code&l=JavaScript

So this is a breaking change. I personally unvote this

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On exec() or its sister functions?

This is only adding validation of documented behaviour, which by precedent is not a breaking change – not that it's for me to say.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, it is string on document. But I think it's too loose before on runtime, now it's hard to make it back

@himself65 himself65 added the semver-major PRs that contain breaking changes and should be released in the next major version. label Jul 25, 2025
aduh95
aduh95 reviewed Sep 6, 2025
View reviewed changes
aduh95
aduh95 reviewed Sep 6, 2025
View reviewed changes
lib/child_process.js
Comment on lines +622 to +627
if (options.shell != null) {
if (typeof options.shell !== 'boolean' && typeof options.shell !== 'string') {
throw new ERR_INVALID_ARG_TYPE('options.shell',
['boolean', 'string'], options.shell);
}
validateArgumentNullCheck(options.shell, 'options.shell');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we have a test for when options.shell is the empty string?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not at present, that was the whole conversation that led to #58564. There will be one when we get around to a runtime deprecation.

@Renegade334 Renegade334 force-pushed the childprocess-exec-validate-shell-argument branch from a355ebf to 4ca3f67 Compare September 11, 2025 01:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@himself65 himself65 himself65 left review comments

@aduh95 aduh95 aduh95 left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
child_process Issues and PRs related to the child_process subsystem. needs-ci PRs that need a full CI run. semver-major PRs that contain breaking changes and should be released in the next major version.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Renegade334 @nodejs-github-bot @himself65 @aduh95