From 345db138075f8f969b9628ad37f3e8aa530a8dc9 Mon Sep 17 00:00:00 2001 From: Keiran Raine Date: Mon, 25 Jun 2018 09:30:14 +0100 Subject: [PATCH 1/3] Changes to help users protect password files --- CHANGES.md | 5 +++++ js/jbrowse_rasterize.js | 22 +++++++++++++++++++++- package-lock.json | 11 ++++++++--- package.json | 3 ++- 4 files changed, 36 insertions(+), 5 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 08e86bf..6af2787 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,10 @@ # Changes +## NEXT + +* Warn and change file permissions if password file has permissive access. + * Display warning when Windows as can't do it. + ## 2.1.1 * Missing package in dependencies diff --git a/js/jbrowse_rasterize.js b/js/jbrowse_rasterize.js index 1fbcc90..9ced07c 100755 --- a/js/jbrowse_rasterize.js +++ b/js/jbrowse_rasterize.js @@ -43,6 +43,7 @@ const path = require('path'); const colon = encodeURIComponent(':'); const fs = require('fs'); const mkdirp = require('mkdirp'); +const Mode = require('stat-mode'); /** * Process command line args and check validity @@ -244,7 +245,26 @@ function headerHeight(options) { * @return {string|null} - Loaded password or null */ function loadPw(options) { - if(options.passwdFile) return fs.readFileSync(options.passwdFile, "utf-8").replace(/\r?\n/g, ''); + if(options.passwdFile) { + if(process.platform == 'win32') { + console.warn("Windows system, cannot check or correct file permissions of --passwdFile"); + } + else { + var mode = new Mode(fs.statSync(options.passwdFile)); + if(mode.group.read || mode.others.read) { + console.warn("File provided to --passwdFile is readable by people other than you, changing permissions..."); + mode.owner.execute = false; + mode.group.read = false; + mode.group.write = false; + mode.group.execute = false; + mode.others.read = false; + mode.others.write = false; + mode.others.execute = false; + fs.chmodSync(options.passwdFile, mode.stat.mode); + } + } + return fs.readFileSync(options.passwdFile, "utf-8").replace(/\r?\n/g, ''); + } return null; } diff --git a/package-lock.json b/package-lock.json index d87f110..1b55017 100644 --- a/package-lock.json +++ b/package-lock.json @@ -125,9 +125,9 @@ } }, "https-proxy-agent": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-2.1.1.tgz", - "integrity": "sha512-LK6tQUR/VOkTI6ygAfWUKKP95I+e6M1h7N3PncGu1CATHCnex+CAv9ttR0lbHu1Uk2PXm/WoAHFo6JCGwMjVMw==", + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-2.2.1.tgz", + "integrity": "sha512-HPCTS1LW51bcyMYbxUIOO4HEOlQ1/1qRaFWcyxvwaqUS9TY88aoEuHUY33kuAh1YhVVaDQhLZsnPd+XNARWZlQ==", "requires": { "agent-base": "^4.1.0", "debug": "^3.1.0" @@ -268,6 +268,11 @@ "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz", "integrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg==" }, + "stat-mode": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/stat-mode/-/stat-mode-0.2.2.tgz", + "integrity": "sha1-5sgLYjEj19gM8TLOU480YokHJQI=" + }, "string_decoder": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz", diff --git a/package.json b/package.json index 97e499e..9b16c43 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,8 @@ "dependencies": { "commander": "^2.15.1", "mkdirp": "^0.5.1", - "puppeteer": "^1.1.1" + "puppeteer": "^1.1.1", + "stat-mode": "^0.2.2" }, "bin": { "jbrowse_rasterize": "js/jbrowse_rasterize.js" From 7c3cff120a4bf5727983c9f890daf583addf00b3 Mon Sep 17 00:00:00 2001 From: Keiran Raine Date: Mon, 25 Jun 2018 09:45:14 +0100 Subject: [PATCH 2/3] lint error --- js/jbrowse_rasterize.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/jbrowse_rasterize.js b/js/jbrowse_rasterize.js index 9ced07c..5b1c490 100755 --- a/js/jbrowse_rasterize.js +++ b/js/jbrowse_rasterize.js @@ -250,7 +250,7 @@ function loadPw(options) { console.warn("Windows system, cannot check or correct file permissions of --passwdFile"); } else { - var mode = new Mode(fs.statSync(options.passwdFile)); + const mode = new Mode(fs.statSync(options.passwdFile)); if(mode.group.read || mode.others.read) { console.warn("File provided to --passwdFile is readable by people other than you, changing permissions..."); mode.owner.execute = false; From f1f6bb338feacf6d3286a5e63205ff42e55da7d6 Mon Sep 17 00:00:00 2001 From: Keiran Raine Date: Mon, 25 Jun 2018 09:54:21 +0100 Subject: [PATCH 3/3] Release notes and version --- CHANGES.md | 2 +- js/version.js | 2 +- package.json | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 6af2787..9c5595f 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,6 +1,6 @@ # Changes -## NEXT +## 2.2.0 * Warn and change file permissions if password file has permissive access. * Display warning when Windows as can't do it. diff --git a/js/version.js b/js/version.js index 69b5d52..8c3c394 100644 --- a/js/version.js +++ b/js/version.js @@ -1 +1 @@ -module.exports = '2.1.1'; +module.exports = '2.2.0'; diff --git a/package.json b/package.json index 9b16c43..5bed21f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@cancerit/cgpjbrowsetoolkit", - "version": "2.1.1", + "version": "2.2.0", "description": "CLI tools for working with JBrowse", "directories": { "doc": "docs",