Version Details and Security Vulnerabilities

📦

shelljs

0.8.2

Comparision Betweeen 0.8.2 and 0.8.1

Identify the differences between the current version of the package and the previous one.

Version

Dependencies

Dev Dependencies

Peer Dependencies

Distributed Files

N/A

Unpacked Size

199.95 KB

N/A

Version 0.8.2 Details

ShellJS is a popular Node.js library bringing familiar Unix shell commands to JavaScript developers, streamlining scripting and automation tasks. Comparing versions 0.8.1 and 0.8.2, reveals a subtle evolution primarily focused on package management and distribution improvements. While the core dependencies like glob, rechoir, and interpret remain consistent, ensuring ongoing compatibility with existing file system interactions and configuration handling, the devDependencies used for development, testing, and linting, also remain unchanged, indicating a focus on code quality and consistency of the development pipeline.

The key difference lies in the dist section of the package metadata. Version 0.8.2 includes fileCount (42) and unpackedSize (204752), providing developers with insights into the package's footprint. Additionally, the releaseDate is updated from January 20, 2018, to May 8, 2018, highlighting the release timeline. These details are crucial for managing dependencies, assessing download times, and understanding the package's evolution.

For developers, upgrading from 0.8.1 to 0.8.2 offers a more transparent view of the built package without behavioral changes. While functionally equivalent, the added metadata in the dist section aids in dependency management practices. ShellJS's strength continues to be its ability to simplify common shell operations directly within Node.js, improving script portability and reducing reliance on external shell executions.

Security Vulnerabilities

This site is an independent open-source project and is not affiliated with, endorsed by, or sponsored by npm, Inc. or GitHub, Inc. The name “npm” is a registered trademark of npm, Inc., used here solely to describe compatibility and reference publicly available npm package data.

Version Details and Security Vulnerabilities

📦

shelljs

0.8.2

Comparision Betweeen 0.8.2 and 0.8.1

Identify the differences between the current version of the package and the previous one.

Version

Dependencies

Dev Dependencies

Peer Dependencies

Distributed Files

N/A

Unpacked Size

199.95 KB

N/A

Version 0.8.2 Details

Security Vulnerabilities

Security Details

Comprehensive list of direct or transitive vulnerabilities for version 0.8.2 of the package shelljs.

All Security Vulnerabilities

All the vulnerabilities related to the version 0.8.2 of the package

Summary:

Improper Privilege Management in shelljs

Details:

shelljs is vulnerable to Improper Privilege Management

Details about shelljs@0.8.2

Summary:

Improper Privilege Management in shelljs

Details:

Impact

Output from the synchronous version of shell.exec() may be visible to other users on the same system. You may be affected if you execute shell.exec() in multi-user Mac, Linux, or WSL environments, or if you execute shell.exec() as the root user.

Other shelljs functions (including the asynchronous version of shell.exec()) are not impacted.

Patches

Patched in shelljs 0.8.5

Workarounds

Recommended action is to upgrade to 0.8.5.

References

https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c/

For more information

If you have any questions or comments about this advisory:

Ask at https://github.com/shelljs/shelljs/issues/1058
Open an issue at https://github.com/shelljs/shelljs/issues/new

Details about shelljs@0.8.2

Security Details

Comprehensive list of direct or transitive vulnerabilities for version 0.8.2 of the package shelljs.

All Security Vulnerabilities

All the vulnerabilities related to the version 0.8.2 of the package

Summary:

Improper Privilege Management in shelljs

Details:

shelljs is vulnerable to Improper Privilege Management

Details about shelljs@0.8.2

Summary:

Improper Privilege Management in shelljs

Details:

Impact

Other shelljs functions (including the asynchronous version of shell.exec()) are not impacted.

Patches

Patched in shelljs 0.8.5

Workarounds

Recommended action is to upgrade to 0.8.5.

References

https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c/

For more information

If you have any questions or comments about this advisory:

Ask at https://github.com/shelljs/shelljs/issues/1058
Open an issue at https://github.com/shelljs/shelljs/issues/new

Details about shelljs@0.8.2

Version Details and Security Vulnerabilities

shelljs

Comparision Betweeen 0.8.2 and 0.8.1

Version 0.8.2 Details

Security Vulnerabilities

Version Details and Security Vulnerabilities

shelljs

Comparision Betweeen 0.8.2 and 0.8.1

Version 0.8.2 Details

Security Vulnerabilities

Security Details

All

Transitive Dependencies

Package

All Security Vulnerabilities

Impact

Patches

Workarounds

References

For more information

Security Details

All

Transitive Dependencies

Package

All Security Vulnerabilities

Impact

Patches

Workarounds

References

For more information

Version Details and Security Vulnerabilities

shelljs

Comparision Betweeen 0.8.2 and 0.8.1

Version 0.8.2 Details

Security Vulnerabilities

Version Details and Security Vulnerabilities

shelljs

Comparision Betweeen 0.8.2 and 0.8.1

Version 0.8.2 Details

Security Vulnerabilities

Security Details

All

Transitive Dependencies

Package

All Security Vulnerabilities

shelljs@0.8.2 GHSA-4rq4-32rv-6wp6 7.1

shelljs@0.8.2 GHSA-64g7-mvw6-v9qj N/A

Impact

Patches

Workarounds

References

For more information

Security Details

All

Transitive Dependencies

Package

All Security Vulnerabilities

shelljs@0.8.2 GHSA-4rq4-32rv-6wp6 7.1

shelljs@0.8.2 GHSA-64g7-mvw6-v9qj N/A

Impact

Patches

Workarounds

References

For more information