Closed damartripamungkas closed 1 year ago
5.8.1
20.3.1
macOs, Windows, Linux
x64
node18
no bugs just wanted to ask, questions in the description
Is this safe from code injection by running UNTRUSTED CODE? I mean code injection to steal the code, below is a simple code to run it :
// config.js exports.addInt = (a) => { return Math.random() + parseInt(a) }
// index.js const { join } = require("node:path") const { cwd } = require("node:process") const props = require(join(cwd(), "config.js")) console.log(props.addInt(123))
code is in the description above
What version of pkg are you using?
5.8.1
What version of Node.js are you using?
20.3.1
What operating system are you using?
macOs, Windows, Linux
What CPU architecture are you using?
x64
What Node versions, OSs and CPU architectures are you building for?
node18
Describe the Bug
no bugs just wanted to ask, questions in the description
Expected Behavior
Is this safe from code injection by running UNTRUSTED CODE? I mean code injection to steal the code, below is a simple code to run it :
To Reproduce
code is in the description above