This commit applies `strictNullChecks` to the entire codebase to improve
maintainability and type safety. Key changes include:
- Remove some explicit null-checks where unnecessary.
- Add necessary null-checks.
- Refactor static factory functions for a more functional approach.
- Improve some test names and contexts for better debugging.
- Add unit tests for any additional logic introduced.
- Refactor `createPositionFromRegexFullMatch` to its own function as the
logic is reused.
- Prefer `find` prefix on functions that may return `undefined` and
`get` prefix for those that always return a value.
Enable `contextIsolation` in Electron to securely expose a limited set
of Node.js APIs to the renderer process. It:
1. Isolates renderer and main process contexts. It ensures that the
powerful main process functions aren't directly accessible from
renderer process(es), adding a security boundary.
2. Mitigates remote exploitation risks. By isolating contexts, potential
malicious code injections in the renderer can't directly reach and
compromise the main process.
3. Reduces attack surface.
4. Protect against prototype pollution: It prevents tampering of
JavaScript object prototypes in one context from affecting another
context, improving app reliability and security.
Supporting changes include:
- Extract environment and system operations classes to the infrastructure
layer. This removes node dependencies from core domain and application
code.
- Introduce `ISystemOperations` to encapsulate OS interactions. Use it
from `CodeRunner` to isolate node API usage.
- Add a preloader script to inject validated environment variables into
renderer context. This keeps Electron integration details
encapsulated.
- Add new sanity check to fail fast on issues with preloader injected
variables.
- Improve test coverage of runtime sanity checks and environment
components. Move validation logic into separate classes for Single
Responsibility.
- Improve absent value test case generation.
As part of transition to Vue 3.0 and Vite (#230), this commit
facilitates the shift towards building rest of the application using
Vite. By doing so, it eliminates reliance on outdated Electron building
system that offered limited control, blocking desktop builds (#233).
Changes include:
- Introduce Vite with Vue 2.0 plugin for test execution.
- Remove `mocha`, `chai` and other related dependencies.
- Adjust test to Vitest syntax.
- Revise and update `tests.md` to document the changes.
- Add `@modyfi/vite-plugin-yaml` plugin to be able to use yaml file
depended logic on test files, replacing previous webpack behavior.
- Fix failing tests that are revealed by Vitest due to unhandled errors
and lack of assertments.
- Remove the test that depends on Vue CLI populating `process.env`.
- Use `jsdom` for unit test environment, adding it to dependency to
`package.json` as project now depends on it and it was not specified
even though `package-lock.json` included it.
- Unify test data for nonexistence of an object/string and collection.
- Introduce more test through adding missing test data to existing tests.
- Improve logic for checking absence of values to match tests.
- Add missing tests for absent value validation.
- Update documentation to include shared test functionality.
Major refactoring using ESLint with rules from AirBnb and Vue.
Enable most of the ESLint rules and do necessary linting in the code.
Also add more information for rules that are disabled to describe what
they are and why they are disabled.
Allow logging (`console.log`) in test files, and in development mode
(e.g. when working with `npm run serve`), but disable it when
environment is production (as pre-configured by Vue). Also add flag
(`--mode production`) in `lint:eslint` command so production linting is
executed earlier in lifecycle.
Disable rules that requires a separate work. Such as ESLint rules that
are broken in TypeScript: no-useless-constructor (eslint/eslint#14118)
and no-shadow (eslint/eslint#13014).
It's caused by lookahead regex used in dash comment regex for inlining
PowerShell. This commit changes dash comment inlining.
- Change regex to one without lookahead.
- Add more test cases for inlining dash comment in tricky situations.
- Refactor makeInlineComment to be it's own function to easily test
other regex options.
- Document all regex alternatives.
- Remove redundant null check (`||`) with adding safe navigation
operator (`?`) to allow variable before check to be null instead of
throwing exception.
Add new ways to disable Defender on Windows:
1. Disable through renaming required files
2. Disable using registry changes
3. Disable using TrustedInstaller user
Add support for running code as TrustedInstaller 🥳. It allows running
commands in OS-protected areas. It is written in PowerShell and it uses
PowerShell syntax like backticks that are inlined in special way. So the
commit extends inlining support and allows writing PowerShell using:
- Comments
- Here-strings
- Backticks
Add disabling of more Defender service
Improve documentation and categorization of services.
It changes the way privacy.sexy escape double quotes inside batch
command when running PowerShell scripts as an argument to
PowerShell.exe. It uses more robust and stable way offering support for
wider use-cases.
This commit introduces two pipes: `inlinePowerShell`,
`escapeDoubleQuotes`. The types when used together allows writing adding
clean and real PowerShell scripts as they are (without inlinining or
escaping them), removing the need to have hard-coded inlining/escaping.
It enables writing better PowerShell, makes it easier to maintain and
extend PowerShell scripts. Also allows writing more stable code with
less "unseen" bugs due to manual escaping/inlining. This commit
naturally reveals and fixes double quotes not being escaped in "Empty
trash bin" script.
This is solved by unifying the use of RunPowerShell function by all
scripts using PowerShell. The function inlines and escapes the scripts
as compile time to be send them to PowerShell.exe as an argument and
then invokes PowerShell.exe with generated ugly code.
The goal is to be able to modify values of variables used in templates.
It enables future functionality such as escaping, inlining etc.
It adds support applying predefined pipes to variables. Pipes
can be applied to variable substitution in with and parameter
substitution expressions. They work in similar way to piping in Unix
where each pipe applied to the compiled result of pipe before.
It adds support for using pipes in `with` and parameter substitution
expressions. It also refactors how their regex is build to reuse more of
the logic by abstracting regex building into a new class.
Finally, it separates and extends documentation for templating.
