Don’t expand globs via symbolic links #14627
Conversation
6cb4b40 to
f4bfebf
Compare
Users don’t expect Prettier to follow symlinks: • If a source tree contains a symlink an external location outside the source tree, Prettier should stay within the tree it was asked to format, and shouldn’t check or modify those external files. • If a source tree contains a symlink to an internal location within itself, Prettier will already find that location via its normal path; symlinks should not cause Prettier to format those files multiple times. • If a source tree contains a symlink to a location that’s ignored via .prettierignore, Prettier should ignore that location without the user needing to separately list the symlinks as ignored too. Following symlinks without special care can lead to problems: • Cycles of symlinks would cause Prettier to recurse infinitely or for a very long time, depending on the filesystem. • A symlink to (say) your home directory could cause Prettier to rewrite every file in your home directory. Fixes prettier#12080. Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
@andersk Thanks for working on this, we have more than glob patterns, so please fix the new tests I added. |
|
Maybe just skip if prettier/src/cli/expand-patterns.js Line 69 in 053bc69 |
|
If Prettier throws an error when the user provides an argument that matches only non-supported files, it seems consistent that Prettier should also throw an error when the user provides an argument that matches only symlinks. I don’t think it should silently skip them as a special case. |
We already did that? prettier/src/cli/expand-patterns.js Line 36 in 053bc69 Maybe we should discuss what's expected first.
Skip symlink, if non-match, throws
throws since no "file" matched.
Skip symlink, if non-match, throws Sounds good? So, if |
|
Okay, updated with an specific error for that case ( |
e7ad984 to
ffbb10b
Compare
f397aae to
79e2801
Compare
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Co-authored-by: fisker <lionkay@gmail.com> Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
@sosukesuzuki @kachkaev Can you help review? |
|
@andersk You open with a fine problem statement, but ultimately the solution design is very crude: report an error and exit with a fault exit status whenever a symbolic link happens to be specified on the command line. In CI, it's not always possible to filter the list of files beforehand based on some special characteristics. Instead, Prettier should handle the scenarios you describe itself. |
It does not follow that Prettier should skip uncontrollably. Right now, Prettier cannot be controlled in the way it handles symlinks. It now simply fails and fails CI pipelines. |
|
@sanmai-NL Neither |
|
I didn't specify globs or relative paths (or rather, our tooling), but literal paths. I note that Prettier does have CLI flags to ignore unmatched paths, etc., but nothing to ignore symlinks. Whenever something changes to a matched explicit path that is a symlink (e.g., file type changed to symlink), some CI tooling will specify it to Prettier and the fault will trigger. |
|
@andersk What can you do to fix this situation? We have pipelines failing on this with no recourse ... Otherwise, I'll have to submit PR that restores the original behavior. |
|
@sanmai-NL I can’t do anything—I’m not a Prettier maintainer. But if I understand the linked issue correctly, it looks like your use case will be addressed by evilmartians/lefthook#538, so you might try helping there. If you don’t want to wait for that, you can use the lefthook |
|
@andersk patching other tools to work-around a breakage you introduced (unwittingly) is at best a stop-gap measure. You could've taken on to fix your work in a new PR. At least one compromise solution has been proposed in this thread. I'll create a PR to fix your PR. Or perhaps revert it, if that takes undue time. |
|
@sanmai-NL The change was not made unwittingly. It is consistent with the way Prettier handles other unsupported files, and was discussed with the maintainer ahove. I’m sorry that your CI had been unintentionally relying on the previous behavior, and I understand you’re unhappy that it fails after the Prettier 3 upgrade, but such things happen—major releases sometimes intentionally make breaking changes, and the purpose of CI is to fail when things break. Although there is always some value in avoiding breaking changes, here I still believe there was more value gained by eliminating unexpected behavior around symlinks, and throwing an error is better than either silently processing unexpected files or silently skipping them. |
|
@sanmai-NL I'm sorry that this change breaks your tool, but please open an new issue to continue discussion. This is an merged PR. |
Description
Users don’t expect Prettier to follow symlinks:
If a source tree contains a symlink an external location outside the source tree, Prettier should stay within the tree it was asked to format, and shouldn’t check or modify those external files.
If a source tree contains a symlink to an internal location within itself, Prettier will already find that location via its normal path; symlinks should not cause Prettier to format those files multiple times.
If a source tree contains a symlink to a location that’s ignored via
.prettierignore, Prettier should ignore that location without the user needing to separately list the symlinks as ignored too.Following symlinks without special care can lead to problems:
Cycles of symlinks would cause Prettier to recurse infinitely or for a very long time, depending on the filesystem.
A symlink to (say) your home directory could cause Prettier to rewrite every file in your home directory.
Fixes #12080.
Checklist
docs/directory).changelog_unreleased/*/XXXX.mdfile followingchangelog_unreleased/TEMPLATE.md.✨Try the playground for this PR✨