Skip to content

chore: remove cjs exports and improve typescript performance #472

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 4, 2025
Merged

chore: remove cjs exports and improve typescript performance #472

merged 4 commits into from
May 4, 2025

Conversation

mimshins
Copy link
Collaborator

@mimshins mimshins commented May 4, 2025

No description provided.

@mimshins mimshins self-assigned this May 4, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems May 4, 2025
View reviewed changes
packages/icons/scripts/build.ts
execCmd(["tsc", "--project", tsconfigEsmFile].join(" ")),
]);

await execCmd(["tsc", "--project", tsconfigFile].join(" "));

Check warning

Code scanning / CodeQL

Shell command built from environment values Medium

This shell command depends on an uncontrolled
absolute path
Loading
.
packages/react-icons/scripts/build.ts
]);

await execCmd(`shx ls ${distDir}/*.{tsx,ts} | xargs rm`);
await execCmd(["tsc", "--project", tsconfigFile].join(" "));

Check warning

Code scanning / CodeQL

Shell command built from environment values Medium

This shell command depends on an uncontrolled
absolute path
Loading
.

Copilot Autofix

AI 14 days ago

To fix the issue, we will replace the use of execCmd with a safer alternative that avoids dynamically constructing the shell command. Specifically:

  1. Use execFile or execFileSync instead of exec to pass the command and its arguments as separate parameters. This ensures that the shell does not interpret the arguments.
  2. Modify the execCmd call on line 75 to pass tsconfigFile as an argument to the tsc command, rather than embedding it in a concatenated string.

This change will ensure that special characters in tsconfigFile are treated as literal values and not interpreted by the shell.

Suggested changeset 1
packages/react-icons/scripts/build.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/packages/react-icons/scripts/build.ts b/packages/react-icons/scripts/build.ts
--- a/packages/react-icons/scripts/build.ts
+++ b/packages/react-icons/scripts/build.ts
@@ -74,3 +74,3 @@
   await execCmd(["shx", "cp", baseIconFile, distDir].join(" "));
-  await execCmd(["tsc", "--project", tsconfigFile].join(" "));
+  await execCmd("tsc", ["--project", tsconfigFile]);
   await execCmd(`shx ls ${distDir}/*.{tsx,ts} | grep -v ".d.ts$" | xargs rm`);
EOF
@@ -74,3 +74,3 @@
await execCmd(["shx", "cp", baseIconFile, distDir].join(" "));
await execCmd(["tsc", "--project", tsconfigFile].join(" "));
await execCmd("tsc", ["--project", tsconfigFile]);
await execCmd(`shx ls ${distDir}/*.{tsx,ts} | grep -v ".d.ts$" | xargs rm`);
Copilot is powered by AI and may make mistakes. Always verify output.
packages/react-icons/scripts/build.ts

await execCmd(`shx ls ${distDir}/*.{tsx,ts} | xargs rm`);
await execCmd(["tsc", "--project", tsconfigFile].join(" "));
await execCmd(`shx ls ${distDir}/*.{tsx,ts} | grep -v ".d.ts$" | xargs rm`);

Check warning

Code scanning / CodeQL

Shell command built from environment values Medium

This shell command depends on an uncontrolled
absolute path
Loading
.

Copilot Autofix

AI 14 days ago

To fix the issue, we will replace the dynamically constructed shell command with a safer alternative that avoids shell interpretation. Specifically:

  1. Use execFile or execFileSync instead of exec to pass arguments as an array, ensuring they are not interpreted by the shell.
  2. Replace the shx ls and grep commands with equivalent functionality implemented in JavaScript, avoiding the need for shell commands entirely.

The changes will focus on line 76, where the vulnerable shell command is executed.

Suggested changeset 1
packages/react-icons/scripts/build.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/packages/react-icons/scripts/build.ts b/packages/react-icons/scripts/build.ts
--- a/packages/react-icons/scripts/build.ts
+++ b/packages/react-icons/scripts/build.ts
@@ -75,3 +75,7 @@
   await execCmd(["tsc", "--project", tsconfigFile].join(" "));
-  await execCmd(`shx ls ${distDir}/*.{tsx,ts} | grep -v ".d.ts$" | xargs rm`);
+  const files = await fs.readdir(distDir);
+  const filesToDelete = files.filter(file => /\.(tsx|ts)$/.test(file) && !file.endsWith(".d.ts"));
+  await Promise.all(
+    filesToDelete.map(file => fs.rm(path.join(distDir, file)))
+  );
 
EOF
@@ -75,3 +75,7 @@
await execCmd(["tsc", "--project", tsconfigFile].join(" "));
await execCmd(`shx ls ${distDir}/*.{tsx,ts} | grep -v ".d.ts$" | xargs rm`);
const files = await fs.readdir(distDir);
const filesToDelete = files.filter(file => /\.(tsx|ts)$/.test(file) && !file.endsWith(".d.ts"));
await Promise.all(
filesToDelete.map(file => fs.rm(path.join(distDir, file)))
);

Copilot is powered by AI and may make mistakes. Always verify output.
packages/web-icons/scripts/build.ts
]);

await removeDirsExcept(distDir, ["cjs", "esm"]);
await execCmd(["tsc", "--project", tsconfigFile].join(" "));

Check warning

Code scanning / CodeQL

Shell command built from environment values Medium

This shell command depends on an uncontrolled
absolute path
Loading
.
packages/web-icons/scripts/build.ts
await removeDirsExcept(distDir, ["cjs", "esm"]);
await execCmd(["tsc", "--project", tsconfigFile].join(" "));
await execCmd(
`shx ls ${distDir}/*.{tsx,ts} ${distDir}/**/*.{tsx,ts} | grep -v ".d.ts$" | xargs rm`,

Check warning

Code scanning / CodeQL

Shell command built from environment values Medium

This shell command depends on an uncontrolled
absolute path
Loading
.
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented May 4, 2025

Warnings
⚠️

🛝 Changes in playground was detected! 1

Generated by 🚫 dangerJS against 228e7f3

Footnotes

  1. Some of the changes in this PR are related to project's playground. Check them before merging the PR.

@github-actions github-actions bot requested a review from amir78729 May 4, 2025 16:02
@mimshins mimshins merged commit ba17f66 into main May 4, 2025
8 checks passed
@mimshins mimshins deleted the chore/improve-ts-performance branch May 4, 2025 16:04
@github-actions github-actions bot mentioned this pull request May 4, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amir78729 amir78729 Awaiting requested review from amir78729

Assignees

@amir78729 amir78729

@mimshins mimshins

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mimshins @amir78729