tachibana-shin / capacitor-fs Goto Github PK

View Code? Open in Web Editor NEW

5.0 1.0 0.0 172 KB

A library filesystem (like module `fs` in Node.js) for framework Capacitor.JS

License: MIT License

TypeScript 100.00%

capacitor plugin

capacitor-fs's Issues

readdir has wrong type

I'm submitting a ...
[x] bug report
[ ] feature request
[ ] question about the decisions made in the repository
[ ] question about how to use this project
Summary

The TypeScript definition for readdir is incorrect. The type is presented as:

readdir: (path: string) => Promise<readonly string[]>;

But is actually

readdir: (path: string) => Promise<readonly SomeKindOfFile[]>;

Where an example of SomeKindOfFile can be seen here:

{
    ctime: "1685222746852"
    mtime: "1685222746862"
    name: "149e76c2bdf06535eccc518d969d848f13158089.mp3"
    size: 11607479
    type: "file"
    uri: "file:///private/var/mobile/Containers/Data/Application/6A855C5A-1330-433A-B1D4-B648E9992B55/Library/Caches/149e76c2bdf06535eccc518d969d848f1…"
}

Is that possible to read files from Photo Library?

Hello,

Is that possible to read files from Photo Library?

Like:

/var/mobile/Media/DCIM/100APPLE/***.JPG

Add in web worker

I'm submitting a ...
[ ] bug report
[] feature request
[ ] question about the decisions made in the repository
[*] question about how to use this project

Hi there

How can this be added in in web worker, specifically in importScripts function ? I tried adding it but I see multiple issues in adding dependency.

Thanks

minimatch-3.0.4.tgz: 1 vulnerabilities (highest severity is: 7.5)

Vulnerable Library - minimatch-3.0.4.tgz

a glob matcher in javascript

Library home page: https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/minimatch/package.json

Found in HEAD commit: 1327b8b389661e64a2150797f144f87eb512a8b3

Vulnerabilities

CVE	Severity	CVSS	Dependency	Type	Fixed in (minimatch version)	Remediation Possible**
CVE-2022-3517	High	7.5	minimatch-3.0.4.tgz	Direct	minimatch - 3.0.5	❌

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2022-3517

Vulnerable Library - minimatch-3.0.4.tgz

a glob matcher in javascript

Library home page: https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/minimatch/package.json

Dependency Hierarchy:

❌ minimatch-3.0.4.tgz (Vulnerable Library)

Found in HEAD commit: 1327b8b389661e64a2150797f144f87eb512a8b3

Found in base branch: master

Vulnerability Details

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.

Publish Date: 2022-10-17

URL: CVE-2022-3517

CVSS 3 Score Details (7.5)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2022-10-17

Fix Resolution: minimatch - 3.0.5

Step up your Open Source Security Game with Mend here

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.