Closed Avivbens closed 3 months ago
zurk just builds a flexible abstraction on top of the process spawner. zx has a broader scope. It is a toolchain that comprehensively improves devx in the tasks of writing scripts for various purposes.
zurk just builds a flexible abstraction on top of the process spawner. zx has a broader scope. It is a toolchain that comprehensively improves devx in the tasks of writing scripts for various purposes.
Thanks for the explanation 🙏
So, zurk
should handle command injection issues?
So, zurk should handle command injection issues?
Partially. zurk provides basic script syntax and cmd build logic. Meanwhile zx has built-in setups and rich bundle of utilities for seamless adaptation to different environments, corner cases, etc. These are different levels of instrumentation.
So, zurk should handle command injection issues?
Partially. zurk provides basic script syntax and cmd build logic. Meanwhile zx has built-in setups and rich bundle of utilities for seamless adaptation to different environments, corner cases, etc. These are different levels of instrumentation.
But using zurk alone would provide me a safe command execution, without worrying about arbitrary command injection?
It depends. Both zurk and zx use internal qoute
function to format cmds for bash. Another shells may (theoretically) handle input differently.
https://google.github.io/zx/quotes https://github.com/google/zx/blob/main/src/util.ts#L89
It depends. Both zurk and zx use internal
qoute
function to format cmds for bash. Another shells may (theoretically) handle input differently.
Awesome ✨🎉
Would definitely use both, for command execution & build robust scripts 🥷
I'll suggest some ideas when I'll have something in mind 🙏
Hi 👋
Really liked the repo and the idea behind it! 🥷
A Quick Question
Just want to make sure I'm getting you right - the
$
executor would be extracted from this library, so developers would be able to use its powers for production code too, besides scripts (?)I'm asking because I'm looking for something addressing a lot of the issues it would solve, see this thread