Passing the content of package.json as a command line argument could cause problems #57
Comments
|
PR welcome |
etiktin
pushed a commit
to etiktin/update-notifier
that referenced
this issue
Sep 24, 2015
We rewrite `options.pkg` to hold only the information we need (name and version). So when we call node with check.js we no longer pass the entire content of package.json as a command line argument. This resolves sindresorhus#57.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In the
checkmethod we pass the options object as a command line argument to check.js (see relevant line here). This means we pass the entire content of package.json as a command line argument (at least if the user followed the examples and didn't pass a custompkgobject). This is a potential problem, since certain platforms have a limit to the maximum length of the command line string (at least Windows does). So it can cause issues with really big package.json files. I think it would be better, if we updateoptions.pkg(in theUpdateNotifierconstructor) to contain just the relevant keys (name and version), so this will never become an issue.The text was updated successfully, but these errors were encountered: