Utility methods to prevent command injection vulnerabilities.
Escapes a command or command arguments by operation system
import {escapeCommand} from 'esc-command'
const dirname = '/usr/bin;" cat /etc/passwd'
const esc = 'ls -1 "' + escapeCommand(dirname) + '"'
// ls -1 "\/usr\/bin\;\" cat \/etc\/passwd"
Literal to escape a command or command arguments by operation system
import {escapeCommandLit} from 'esc-command'
const dirname = '/usr/bin;" cat /etc/passwd'
const esc = escapeCommandLit`ls -1 "${dirname}"`
// ls -1 "\/usr\/bin\;\" cat \/etc\/passwd"
Filters a command or command arguments by operation system
import {filterCommand} from 'esc-command'
const dirname = '/usr/bin;" cat /etc/passwd'
const esc = 'ls -1 "' + filterCommand(dirname) + '"'
// ls -1 "\/usr\/bin cat \/etc\/passwd"
Literal to filter a command or command arguments by operation system
import {filterCommandLit} from 'esc-command'
const dirname = '/usr/bin;" cat /etc/passwd'
const esc = filterCommandLit`ls -1 "${dirname}"`
// ls -1 "\/usr\/bin cat \/etc\/passwd"