@@ -18,8 +18,14 @@ function expectInlineEvalDescription(hit: InterpreterInlineEvalHit | null, expec
1818describe("exec inline eval detection", () => {
1919it.each([
2020{ argv: ["python3", "-c", "print('hi')"], expected: "python3 -c" },
21+{ argv: ["python3.13", "-c", "print('hi')"], expected: "python3.13 -c" },
22+{ argv: ["/usr/bin/pypy3.10", "-c", "print('hi')"], expected: "pypy3.10 -c" },
2123{ argv: ["/usr/bin/node", "--eval", "console.log('hi')"], expected: "node --eval" },
2224{ argv: ["perl", "-E", "say 1"], expected: "perl -e" },
25+{ argv: ["php", "-B", "system('id');"], expected: "php -B" },
26+{ argv: ["php", "-E", "system('id');"], expected: "php -E" },
27+{ argv: ["php", "-R", "system('id');"], expected: "php -R" },
28+{ argv: ["Rscript", "-e", "system('id')"], expected: "rscript -e" },
2329{ argv: ["osascript", "-e", "beep"], expected: "osascript -e" },
2430{ argv: ["awk", "BEGIN { print 1 }"], expected: "awk inline program" },
2531{ argv: ["gawk", "-F", ",", "{print $1}", "data.csv"], expected: "gawk inline program" },
@@ -60,7 +66,11 @@ describe("exec inline eval detection", () => {
60666167it("ignores normal script execution", () => {
6268expect(detectInterpreterInlineEvalArgv(["python3", "script.py"])).toBeNull();
69+expect(detectInterpreterInlineEvalArgv(["python3.13", "script.py"])).toBeNull();
6370expect(detectInterpreterInlineEvalArgv(["node", "script.js"])).toBeNull();
71+expect(detectInterpreterInlineEvalArgv(["php", "-F", "filter.php"])).toBeNull();
72+expect(detectInterpreterInlineEvalArgv(["Rscript", "script.R"])).toBeNull();
73+expect(detectInterpreterInlineEvalArgv(["r2", "-e", "bin.cache=true", "program"])).toBeNull();
6474expect(detectInterpreterInlineEvalArgv(["awk", "-f", "script.awk", "data.csv"])).toBeNull();
6575expect(detectInterpreterInlineEvalArgv(["find", ".", "-name", "*.ts"])).toBeNull();
6676expect(detectInterpreterInlineEvalArgv(["xargs", "-0"])).toBeNull();
@@ -76,7 +86,12 @@ describe("exec inline eval detection", () => {
76867787it("matches interpreter-like allowlist patterns", () => {
7888expect(isInterpreterLikeAllowlistPattern("/usr/bin/python3")).toBe(true);
89+expect(isInterpreterLikeAllowlistPattern("/usr/bin/python3.13")).toBe(true);
90+expect(isInterpreterLikeAllowlistPattern("python3.*")).toBe(true);
91+expect(isInterpreterLikeAllowlistPattern("pypy3.10")).toBe(true);
7992expect(isInterpreterLikeAllowlistPattern("**/node")).toBe(true);
93+expect(isInterpreterLikeAllowlistPattern("Rscript")).toBe(true);
94+expect(isInterpreterLikeAllowlistPattern("r2")).toBe(false);
8095expect(isInterpreterLikeAllowlistPattern("/usr/bin/awk")).toBe(true);
8196expect(isInterpreterLikeAllowlistPattern("**/gawk")).toBe(true);
8297expect(isInterpreterLikeAllowlistPattern("/usr/bin/mawk")).toBe(true);
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。