mathisonian / command-exists Goto Github PK
View Code? Open in Web Editor NEWnode module to check if a command-line command exists
License: MIT License
node module to check if a command-line command exists
License: MIT License
A synchronous variety would also be helpful.
Create a file named "foo.cmd" in the current directory (this also works with .bat):
echo bar > foo.cmd
and then:
require('command-exists').sync('foo') // => true
require('child_process').spawn('foo') // => Uncaught Error: spawn foo ENOENT (no such file)
This is a big problem because npm install -g ...
uses .cmd
files to add commands (including the npm
command itself).
The reason the where
command on Windows finds foo.cmd
is due to the PATHEXT
environment variable, which contains a list of file extensions that you can execute without typing the extension, like .exe and .cmd and .bat.
I think the actual problem here is that node can't run these files (they have some docs on this), but for now this is a false positive.
The module is failing to determine 'cd' (without parameters) as a command in windows.
var commandExistsSync = require('command-exists').sync;
var cmd = 'cd';
console.log("Check for cd : "+ commandExistsSync(cmd));
Output in Windows (Node v6.17.1) :
Check for cd: false
But, cd is indeed a valid command which when used without any parameters displays the current drive and directory. Whereas, other standalone commands such as dir, pwd, ls.
. tends to be recognized as valid commands.
Tested and observed this behavior on recent version of node (v14.15.0) and older versions as well ( v6.17.1 , v8.17.0 and v12.13.0).
I'd like to be able to do this in a package.json script:
command-exists XYZ || 'echo installing command XYZ'
Can this be done?
For some reason on Linux if I run:
let commandExists = require('command-exists');
commandExists('scripts/script1.js').then(y=>console.log('y ',y), n=>console.log('n ', n));
It returns y
event though scripts/script1.js hasn't been made executable.
Maybe this is supposed to be the expected behavior?
It's strange because if I run commandExists
in node interactive mode it prints n
. In a script it prints y
. After retesting several different times I don't know if this is my mistake, or what.
Version 1.2.4 of command-exists no longer works on windows. No command is found.
It worked in the 1.2.2 version
Unless there was an error with checking if the command exists. It would make more sense and be more idiomatic to have a resolve(true/false) rather than rejecting in the case of the command not existing. This also means you can use async/await syntax: const exists = await commandExists('the-command')
I realise this project is probably not getting much attention at the moment which is totally fine & understandable.
I just wanted to suggest that it might benefit from taking an env
option like child_process.exec
does so that someone can say "does this command exist given this environment." I'm in the position of needing that at the moment and will have to look around for other options.
I guess it is both a relatively niche feature and also something that would fit quite naturally into the module?
I'm consuming command-exists as follows (only relevant code included):
import commandExists from 'command-exists';
import { promisify } from 'util';
const doesCommandExist = promisify(commandExists);
const configure = async () => {
const isNVMInstalled = await doesCommandExist('nvm');
const isDockerInstalled = await doesCommandExist('docker');
console.log({ isNVMInstalled, isDockerInstalled });
};
configure();
Both are installed and usable from the command line. The output I get is:
{ isNVMInstalled: false, isDockerInstalled: true }
I'm on
MacOS Catalina 10.15.6 (19G73)
Node v12.16.3
node_modules/command-exists/lib/command-exists.js:13
access(commandName, constants.F_OK,
^
TypeError: undefined is not a function
at fileNotExists (/var/www/apps/wx-collector-atf-worker/shared/node_modules/command-exists/lib/command-exists.js:13:5)
at commandExistsUnix (/var/www/apps/wx-collector-atf-worker/shared/node_modules/command-exists/lib/command-exists.js:46:5)
$ node -e "process.exit(require('command-exists').sync('unknownfilename'))"
INFO: Could not find files for the given pattern(s).
Edit: Note, I'm on Windows.
Hi, first of all: Thanks for your work!
I noticed the following inconsistencies between Windows and Mac/Linux:
On Mac/Linux an absolute path to an executable file returns true
e.g. /usr/bin/ssh
-> true
On Windows an absolute path is not accepted:
e.g. c:\Program Files\putty\plink.exe
-> false
While this just seems to be an inconsistency, the following is certainly a bug:
On Mac/Linux all directories are recognized as "existing commands":
e.g. /usr
-> true
Hello,
I just noticed that in the NPM registry, the version 1.2.9 is already available, but there is no such tag in this repository, and the version number in the master branch is 1.2.8. Is there some code missing?
Hi there...
I'm trying your module.. But it throws false positives when testing for a command with the same name as a folder at the testing location...
For example..
/myProject
/myFolderName
/anotherFolder
/myCommand <-- folder with the same name as the command.
If I test commandExists('myCommand')
inside myProject
it will throw true
because of the folder with the same name as the command.
I have cookiecutter
installed on Windows 11, WSL2, ubuntu distro. Also have it in the $PATH.
However commandExists('cookiecutter')
check does not return true, but thows error.
Is it supposed to work for the env mentioned ?
Since the last commit, I now have the following issue: Unhandled rejection TypeError: Cannot read property 'F_OK' of undefined
It seems that you can not rely on module 'fs' to have constants on all version on nodejs
Issue: We detected vulnerable dependencies in your project by using the command “npm audit”:
debug <=2.6.8 || 3.0.0 - 3.0.1
Regular Expression Denial of Service - https://npmjs.com/advisories/534
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/debug
mocha 0.6.0 - 6.2.2 || 7.0.0-esm1 - 7.1.0
Depends on vulnerable versions of debug
Depends on vulnerable versions of diff
Depends on vulnerable versions of glob
Depends on vulnerable versions of growl
Depends on vulnerable versions of mkdirp
node_modules/mocha
diff <3.5.0
Severity: high
Regular Expression Denial of Service - https://npmjs.com/advisories/1631
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/diff
mocha 0.6.0 - 6.2.2 || 7.0.0-esm1 - 7.1.0
Depends on vulnerable versions of debug
Depends on vulnerable versions of diff
Depends on vulnerable versions of glob
Depends on vulnerable versions of growl
Depends on vulnerable versions of mkdirp
node_modules/mocha
growl <1.10.2
Severity: critical
Command Injection - https://npmjs.com/advisories/146
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/growl
mocha 0.6.0 - 6.2.2 || 7.0.0-esm1 - 7.1.0
Depends on vulnerable versions of debug
Depends on vulnerable versions of diff
Depends on vulnerable versions of glob
Depends on vulnerable versions of growl
Depends on vulnerable versions of mkdirp
node_modules/mocha
lodash <=4.17.20
Severity: high
Prototype Pollution - https://npmjs.com/advisories/1523
Command Injection - https://npmjs.com/advisories/1673
fix available via npm audit fix
node_modules/lodash
minimatch <=3.0.1
Severity: high
Regular Expression Denial of Service - https://npmjs.com/advisories/118
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/mocha/node_modules/minimatch
glob 3.0.0 - 5.0.14
Depends on vulnerable versions of minimatch
node_modules/mocha/node_modules/glob
mocha 0.6.0 - 6.2.2 || 7.0.0-esm1 - 7.1.0
Depends on vulnerable versions of debug
Depends on vulnerable versions of diff
Depends on vulnerable versions of glob
Depends on vulnerable versions of growl
Depends on vulnerable versions of mkdirp
node_modules/mocha
minimist <0.2.1 || >=1.0.0 <1.2.3
Prototype Pollution - https://npmjs.com/advisories/1179
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/minimist
mkdirp 0.4.1 - 0.5.1
Depends on vulnerable versions of minimist
node_modules/mkdirp
mocha 0.6.0 - 6.2.2 || 7.0.0-esm1 - 7.1.0
Depends on vulnerable versions of debug
Depends on vulnerable versions of diff
Depends on vulnerable versions of glob
Depends on vulnerable versions of growl
Depends on vulnerable versions of mkdirp
node_modules/mocha
9 vulnerabilities (3 low, 4 high, 2 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Questions: We are conducting a research study on vulnerable dependencies in open-source JS projects. We are curious:
For any publication or research report based on this study, we will share all responses from developers in an anonymous way. Both your projects and personal information will be kept confidential.
Description: Many popular NPM packages have been found vulnerable and may carry significant risks [1]. Developers are recommended to monitor and avoid the vulnerable versions of the library. The vulnerabilities have been identified and reported by other developers, and their descriptions are available in the npm registry [2].
Steps to reproduce:
Suggested Solution: Npm has introduced the “npm audit fix” command to fix the vulnerabilities. Execute the command to apply remediation to the dependency tree.
References:
2019. 10 npm Security Best Practices. https://snyk.io/blog/ten-npm-security-best-practices/.
2021. npm-audit. https://docs.npmjs.com/cli/v7/commands/npm-audit.
Great repo, but it really lacks mac support.
On mac you can exec
which command_name
and it will return you the path.
I can probably do a PR if you're busy. Let me know.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.