Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add missing check for broken passThrough #1937

Merged
merged 6 commits into from
Aug 5, 2023
Merged

Add missing check for broken passThrough #1937

merged 6 commits into from
Aug 5, 2023

Conversation

aweebit
Copy link
Contributor

@aweebit aweebit commented Aug 4, 2023
edited
Loading

Problem

const { Command } = require('commander');

try {
  new Command('parent')
    .command('sub')
    .passThroughOptions(); // not allowed without enablePositionalOptions for parent
} catch (err) {
  console.error(err);
}

try {
  const parent = new Command('parent');
  const sub = new Command('sub')
    .passThroughOptions();
  parent.addCommand(sub); // allowed without enablePositionalOptions for parent
} catch (err) {
  console.error(err);
}
A check for this case is considered unnecessary, see comment 
try {
  const parent = new Command('parent')
    .enablePositionalOptions();
  parent.command('sub')
    .passThroughOptions();
  parent.enablePositionalOptions(false); // allowed despite passThroughOptions for sub
} catch (err) {
  console.error(err);
}

Solution

Throw errors in all demonstrated cases. Additionally make the error message more meaningful by including the command name (similar to #1923 and #1924).

ChangeLog

Changed

  • Breaking: throw when a subcommand with passThroughOptions is added to a command without enablePositionalOptions

shadowspawn
shadowspawn reviewed Aug 5, 2023
View reviewed changes
lib/command.js Outdated Show resolved Hide resolved
@shadowspawn
Copy link
Collaborator

I like catching the misconfiguration when using addCommand().

shadowspawn
shadowspawn reviewed Aug 5, 2023
View reviewed changes
lib/command.js Outdated Show resolved Hide resolved
@shadowspawn
Copy link
Collaborator

This is the example case that convinced me this is worth doing, bypassed the check:

const parent = new Command('parent');
const sub = new Command('sub')
    .passThroughOptions();
parent.addCommand(sub); // allowed without enablePositionalOptions for parent

@aweebit aweebit changed the title Add missing checks for illegal passThroughOptions Add missing check for broken passThrough Aug 5, 2023
@shadowspawn shadowspawn added the semver: major Releasing requires a major version bump, not backwards compatible label Aug 5, 2023
@shadowspawn shadowspawn changed the base branch from develop to release/12.x August 5, 2023 00:40
@shadowspawn
Copy link
Collaborator

(Introduces a throw so better go in a major version.)

@aweebit @shadowspawn
Unclutter error message in broken passThrough checks
43cc821 
Co-authored-by: John Gee <john@ruru.gen.nz>
shadowspawn
shadowspawn requested changes Aug 5, 2023
View reviewed changes
Copy link
Collaborator

@shadowspawn shadowspawn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am adding this review as a confirmation that requested changes will make it likely that merge accepted.

@aweebit
Copy link
Contributor Author

aweebit commented Aug 5, 2023

I am adding this review as a confirmation that requested changes will make it likely that merge accepted.

All the requested changes have been made now.

shadowspawn
shadowspawn reviewed Aug 5, 2023
View reviewed changes
lib/command.js Outdated Show resolved Hide resolved
@aweebit aweebit mentioned this pull request Aug 5, 2023
Closed
@shadowspawn
Copy link
Collaborator

(Thanks for all the tweaks.)

abetomo
abetomo approved these changes Aug 5, 2023
View reviewed changes
Copy link
Collaborator

@abetomo abetomo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

@abetomo abetomo merged commit ac8db3a into tj:release/12.x Aug 5, 2023
9 checks passed
@aweebit
Copy link
Contributor Author

aweebit commented Aug 5, 2023

Thanks for the merge!

(Introduces a throw so better go in a major version.)

Should I set base to the next release branch when there is a breaking change? Or always to develop?

@aweebit aweebit deleted the feature/illegal-passThroughOptions branch August 5, 2023 07:08
@shadowspawn
Copy link
Collaborator

Using next release branch for base is appropriate when know PR contains breaking changes.

@shadowspawn shadowspawn added the pending release Merged into a branch for a future release, but not released yet label Aug 8, 2023
@aweebit aweebit mentioned this pull request Aug 13, 2023
Closed
@shadowspawn shadowspawn removed the pending release Merged into a branch for a future release, but not released yet label Feb 3, 2024
Vylpes pushed a commit to Vylpes/random-bunny that referenced this pull request Apr 10, 2024
@Vylpes
Update dependency commander to v12 (#145)
ac8691b 
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [commander](https://github.com/tj/commander.js) | dependencies | major | [`^11.1.0` -> `^12.0.0`](https://renovatebot.com/diffs/npm/commander/11.1.0/12.0.0) |

---

### Release Notes

<details>
<summary>tj/commander.js (commander)</summary>

### [`v12.0.0`](https://github.com/tj/commander.js/blob/HEAD/CHANGELOG.md#1200-2024-02-03)

[Compare Source](tj/commander.js@v11.1.0...v12.0.0)

##### Added

-   `.addHelpOption()` as another way of configuring built-in help option (\[[#&#8203;2006](tj/commander.js#2006)])
-   `.helpCommand()` for configuring built-in help command (\[[#&#8203;2087](tj/commander.js#2087)])

##### Fixed

-   *Breaking:* use non-zero exit code when spawned executable subcommand terminates due to a signal (\[[#&#8203;2023](tj/commander.js#2023)])
-   *Breaking:* check `passThroughOptions` constraints when using `.addCommand` and throw if parent command does not have `.enablePositionalOptions()` enabled (\[[#&#8203;1937](tj/commander.js#1937)])

##### Changed

-   *Breaking:* Commander 12 requires Node.js v18 or higher (\[[#&#8203;2027](tj/commander.js#2027)])
-   *Breaking:* throw an error if add an option with a flag which is already in use (\[[#&#8203;2055](tj/commander.js#2055)])
-   *Breaking:* throw an error if add a command with name or alias which is already in use (\[[#&#8203;2059](tj/commander.js#2059)])
-   *Breaking:* throw error when calling `.storeOptionsAsProperties()` after setting an option value (\[[#&#8203;1928](tj/commander.js#1928)])
-   replace non-standard JSDoc of `@api private` with documented `@private` (\[[#&#8203;1949](tj/commander.js#1949)])
-   `.addHelpCommand()` now takes a Command (passing string or boolean still works as before but deprecated) (\[[#&#8203;2087](tj/commander.js#2087)])
-   refactor internal implementation of built-in help option (\[[#&#8203;2006](tj/commander.js#2006)])
-   refactor internal implementation of built-in help command (\[[#&#8203;2087](tj/commander.js#2087)])

##### Deprecated

-   `.addHelpCommand()` passing string or boolean (use `.helpCommand()` or pass a Command) (\[[#&#8203;2087](tj/commander.js#2087)])

##### Removed

-   *Breaking:* removed default export of a global Command instance from CommonJS (use the named `program` export instead) (\[[#&#8203;2017](tj/commander.js#2017)])

##### Migration Tips

**global program**

If you are using the [deprecated](./docs/deprecated.md#default-import-of-global-command-object) default import of the global Command object, you need to switch to using a named import (or create a new `Command`).

```js
// const program = require('commander');
const { program } = require('commander');
```

**option and command clashes**

A couple of configuration problems now throw an error, which will pick up issues in existing programs:

-   adding an option which uses the same flag as a previous option
-   adding a command which uses the same name or alias as a previous command

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4wLjAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4wLjAiLCJ0YXJnZXRCcmFuY2giOiJkZXZlbG9wIn0=-->

Reviewed-on: https://gitea.vylpes.xyz/RabbitLabs/random-bunny/pulls/145
Reviewed-by: Vylpes <ethan@vylpes.com>
Co-authored-by: Renovate Bot <renovate@vylpes.com>
Co-committed-by: Renovate Bot <renovate@vylpes.com>
This was referenced Jul 16, 2024
Open
Open
Open
Open
Open
Open
@OKEAMAH OKEAMAH mentioned this pull request Aug 2, 2024
Merged
@Ramyromel Ramyromel mentioned this pull request Aug 10, 2024
Merged
This was referenced Aug 16, 2024
Open
Open
Open
Open
Open
Open
OKEAMAH added a commit to OKEAMAH/genesis-contracts that referenced this pull request Aug 25, 2024
@OKEAMAH
[Snyk] Upgrade commander from 3.0.1 to 12.1.0 (#3)
1373482 
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)


<h3>Snyk has created this PR to upgrade commander from 3.0.1 to
12.1.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.

<hr/>

⚠️ **Warning:** This PR contains major version upgrade(s), and may be a
breaking change.

- The recommended version is **49 versions** ahead of your current
version.

- The recommended version was released on **2 months ago**.



<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>commander</b></summary>
    <ul>
      <li>
<b>12.1.0</b> - <a
href="https://github.com/tj/commander.js/releases/tag/v12.1.0">2024-05-18</a></br><h3>Added</h3>
<ul>
<li>auto-detect special node flags <code>node --eval</code> and
<code>node --print</code> when call <code>.parse()</code> with no
arguments (<a class="issue-link js-issue-link" data-error-text="Failed
to load title" data-id="2165216708" data-permission-text="Title is
private" data-url="tj/commander.js#2164"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2164/hovercard"
href="https://github.com/tj/commander.js/pull/2164">#2164</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>prefix require of Node.js core modules with <code>node:</code> (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="2216725813" data-permission-text="Title is private"
data-url="tj/commander.js#2170"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2170/hovercard"
href="https://github.com/tj/commander.js/pull/2170">#2170</a>)</li>
<li>format source files with Prettier (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="2226726228" data-permission-text="Title is private"
data-url="tj/commander.js#2180"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2180/hovercard"
href="https://github.com/tj/commander.js/pull/2180">#2180</a>)</li>
<li>switch from StandardJS to directly calling ESLint for linting (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="2137945456" data-permission-text="Title is private"
data-url="tj/commander.js#2153"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2153/hovercard"
href="https://github.com/tj/commander.js/pull/2153">#2153</a>)</li>
<li>extend security support for previous major version of Commander (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="2128889079" data-permission-text="Title is private"
data-url="tj/commander.js#2150"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2150/hovercard"
href="https://github.com/tj/commander.js/pull/2150">#2150</a>)</li>
</ul>
<h3>Removed</h3>
<ul>
<li>removed unimplemented Option.fullDescription from TypeScript
definition (<a class="issue-link js-issue-link" data-error-text="Failed
to load title" data-id="2276659867" data-permission-text="Title is
private" data-url="tj/commander.js#2191"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2191/hovercard"
href="https://github.com/tj/commander.js/pull/2191">#2191</a>)</li>
</ul>
      </li>
      <li>
<b>12.0.0</b> - <a
href="https://github.com/tj/commander.js/releases/tag/v12.0.0">2024-02-03</a></br><h3>Added</h3>
<ul>
<li><code>.addHelpOption()</code> as another way of configuring built-in
help option (<a class="issue-link js-issue-link" data-error-text="Failed
to load title" data-id="1878643332" data-permission-text="Title is
private" data-url="tj/commander.js#2006"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2006/hovercard"
href="https://github.com/tj/commander.js/pull/2006">#2006</a>)</li>
<li><code>.helpCommand()</code> for configuring built-in help command
(<a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="2010902146" data-permission-text="Title is private"
data-url="tj/commander.js#2087"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2087/hovercard"
href="https://github.com/tj/commander.js/pull/2087">#2087</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li><em>Breaking:</em> use non-zero exit code when spawned executable
subcommand terminates due to a signal (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="1909732488" data-permission-text="Title is private"
data-url="tj/commander.js#2023"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2023/hovercard"
href="https://github.com/tj/commander.js/pull/2023">#2023</a>)</li>
<li><em>Breaking:</em> check <code>passThroughOptions</code> constraints
when using <code>.addCommand</code> and throw if parent command does not
have <code>.enablePositionalOptions()</code> enabled (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1837450961" data-permission-text="Title is private"
data-url="tj/commander.js#1937"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1937/hovercard"
href="https://github.com/tj/commander.js/pull/1937">#1937</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li><em>Breaking:</em> Commander 12 requires Node.js v18 or higher (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1931183827" data-permission-text="Title is private"
data-url="tj/commander.js#2027"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2027/hovercard"
href="https://github.com/tj/commander.js/pull/2027">#2027</a>)</li>
<li><em>Breaking:</em> throw an error if add an option with a flag which
is already in use (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1967864829"
data-permission-text="Title is private"
data-url="tj/commander.js#2055"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2055/hovercard"
href="https://github.com/tj/commander.js/pull/2055">#2055</a>)</li>
<li><em>Breaking:</em> throw an error if add a command with name or
alias which is already in use (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1977163252"
data-permission-text="Title is private"
data-url="tj/commander.js#2059"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2059/hovercard"
href="https://github.com/tj/commander.js/pull/2059">#2059</a>)</li>
<li><em>Breaking:</em> throw error when calling
<code>.storeOptionsAsProperties()</code> after setting an option value
(<a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1833908464" data-permission-text="Title is private"
data-url="tj/commander.js#1928"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1928/hovercard"
href="https://github.com/tj/commander.js/pull/1928">#1928</a>)</li>
<li>replace non-standard JSDoc of <code>@ api private</code> with
documented <code>@ private</code> (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1839753631"
data-permission-text="Title is private"
data-url="tj/commander.js#1949"
data-hovercard-type="issue"
data-hovercard-url="/tj/commander.js/issues/1949/hovercard"
href="https://github.com/tj/commander.js/issues/1949">#1949</a>)</li>
<li><code>.addHelpCommand()</code> now takes a Command (passing string
or boolean still works as before but deprecated) (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="2010902146" data-permission-text="Title is private"
data-url="tj/commander.js#2087"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2087/hovercard"
href="https://github.com/tj/commander.js/pull/2087">#2087</a>)</li>
<li>refactor internal implementation of built-in help option (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1878643332" data-permission-text="Title is private"
data-url="tj/commander.js#2006"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2006/hovercard"
href="https://github.com/tj/commander.js/pull/2006">#2006</a>)</li>
<li>refactor internal implementation of built-in help command (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="2010902146" data-permission-text="Title is private"
data-url="tj/commander.js#2087"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2087/hovercard"
href="https://github.com/tj/commander.js/pull/2087">#2087</a>)</li>
</ul>
<h3>Deprecated</h3>
<ul>
<li><code>.addHelpCommand()</code> passing string or boolean (use
<code>.helpCommand()</code> or pass a Command) (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="2010902146" data-permission-text="Title is private"
data-url="tj/commander.js#2087"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2087/hovercard"
href="https://github.com/tj/commander.js/pull/2087">#2087</a>)</li>
</ul>
<h3>Removed</h3>
<ul>
<li><em>Breaking:</em> removed default export of a global Command
instance from CommonJS (use the named <code>program</code> export
instead) (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1897882149" data-permission-text="Title is private"
data-url="tj/commander.js#2017"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2017/hovercard"
href="https://github.com/tj/commander.js/pull/2017">#2017</a>)</li>
</ul>
<h3>Migration Tips</h3>
<p><strong>global program</strong></p>
<p>If you are using the <a
href="/tj/commander.js/blob/v12.0.0/docs/deprecated.md#default-import-of-global-command-object">deprecated</a>
default import of the global Command object, you need to switch to using
a named import (or create a new <code>Command</code>).</p>
<div class="highlight highlight-source-js notranslate position-relative
overflow-auto" data-snippet-clipboard-copy-content="// const program =
require('commander');
const { program } = require('commander');"><pre><span class="pl-c">//
const program = require('commander');</span>
<span class="pl-k">const</span> <span class="pl-kos">{</span> program
<span class="pl-kos">}</span> <span class="pl-c1">=</span> <span
class="pl-en">require</span><span class="pl-kos">(</span><span
class="pl-s">'commander'</span><span class="pl-kos">)</span><span
class="pl-kos">;</span></pre></div>
<p><strong>option and command clashes</strong></p>
<p>A couple of configuration problems now throw an error, which will
pick up issues in existing programs:</p>
<ul>
<li>adding an option which uses the same flag as a previous option</li>
<li>adding a command which uses the same name or alias as a previous
command</li>
</ul>
      </li>
      <li>
<b>12.0.0-1</b> - <a
href="https://github.com/tj/commander.js/releases/tag/v12.0.0-1">2024-01-19</a></br><h3>Added</h3>
<ul>
<li><code>.addHelpOption()</code> as another way of configuring built-in
help option (<a class="issue-link js-issue-link" data-error-text="Failed
to load title" data-id="1878643332" data-permission-text="Title is
private" data-url="tj/commander.js#2006"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2006/hovercard"
href="https://github.com/tj/commander.js/pull/2006">#2006</a>)</li>
<li><code>.helpCommand()</code> for configuring built-in help command
(<a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="2010902146" data-permission-text="Title is private"
data-url="tj/commander.js#2087"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2087/hovercard"
href="https://github.com/tj/commander.js/pull/2087">#2087</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li><code>.addHelpCommand()</code> now takes a Command (passing string
or boolean still works as before but deprecated) (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="2010902146" data-permission-text="Title is private"
data-url="tj/commander.js#2087"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2087/hovercard"
href="https://github.com/tj/commander.js/pull/2087">#2087</a>)</li>
<li>refactor internal implementation of built-in help option (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1878643332" data-permission-text="Title is private"
data-url="tj/commander.js#2006"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2006/hovercard"
href="https://github.com/tj/commander.js/pull/2006">#2006</a>)</li>
<li>refactor internal implementation of built-in help command (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="2010902146" data-permission-text="Title is private"
data-url="tj/commander.js#2087"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2087/hovercard"
href="https://github.com/tj/commander.js/pull/2087">#2087</a>)</li>
</ul>
<h3>Deprecated</h3>
<ul>
<li><code>.addHelpCommand()</code> passing string or boolean (use
<code>.helpCommand()</code> or pass a Command) (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="2010902146" data-permission-text="Title is private"
data-url="tj/commander.js#2087"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2087/hovercard"
href="https://github.com/tj/commander.js/pull/2087">#2087</a>)</li>
</ul>
      </li>
      <li>
<b>12.0.0-0</b> - <a
href="https://github.com/tj/commander.js/releases/tag/v12.0.0-0">2023-11-11</a></br><h3>Fixed</h3>
<ul>
<li><em>Breaking:</em> use non-zero exit code when spawned executable
subcommand terminates due to a signal (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="1909732488" data-permission-text="Title is private"
data-url="tj/commander.js#2023"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2023/hovercard"
href="https://github.com/tj/commander.js/pull/2023">#2023</a>)</li>
<li><em>Breaking:</em> check <code>passThroughOptions</code> constraints
when using <code>.addCommand</code> and throw if parent command does not
have <code>.enablePositionalOptions()</code> enabled (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1837450961" data-permission-text="Title is private"
data-url="tj/commander.js#1937"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1937/hovercard"
href="https://github.com/tj/commander.js/pull/1937">#1937</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li><em>Breaking:</em> Commander 12 requires Node.js v18 or higher (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1931183827" data-permission-text="Title is private"
data-url="tj/commander.js#2027"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2027/hovercard"
href="https://github.com/tj/commander.js/pull/2027">#2027</a>)</li>
<li><em>Breaking:</em> throw an error if add an option with a flag which
is already in use (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1967864829"
data-permission-text="Title is private"
data-url="tj/commander.js#2055"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2055/hovercard"
href="https://github.com/tj/commander.js/pull/2055">#2055</a>)</li>
<li><em>Breaking:</em> throw an error if add a command with name or
alias which is already in use (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1977163252"
data-permission-text="Title is private"
data-url="tj/commander.js#2059"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2059/hovercard"
href="https://github.com/tj/commander.js/pull/2059">#2059</a>)</li>
<li><em>Breaking:</em> throw error when calling
<code>.storeOptionsAsProperties()</code> after setting an option value
(<a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1833908464" data-permission-text="Title is private"
data-url="tj/commander.js#1928"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1928/hovercard"
href="https://github.com/tj/commander.js/pull/1928">#1928</a>)</li>
<li>replace non-standard JSDoc of <code>@ api private</code> with
documented <code>@ private</code> (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1839753631"
data-permission-text="Title is private"
data-url="tj/commander.js#1949"
data-hovercard-type="issue"
data-hovercard-url="/tj/commander.js/issues/1949/hovercard"
href="https://github.com/tj/commander.js/issues/1949">#1949</a>)</li>
</ul>
<h3>Removed</h3>
<ul>
<li><em>Breaking:</em> removed default export of a global Command
instance from CommonJS (use the named <code>program</code> export
instead) (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1897882149" data-permission-text="Title is private"
data-url="tj/commander.js#2017"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2017/hovercard"
href="https://github.com/tj/commander.js/pull/2017">#2017</a>)</li>
</ul>
<h3>Migration Tips</h3>
<p><strong>global program</strong></p>
<p>If you are using the <a
href="/tj/commander.js/blob/v12.0.0-0/docs/deprecated.md#default-import-of-global-command-object">deprecated</a>
default import of the global Command object, you need to switch to using
a named import (or create a new <code>Command</code>).</p>
<div class="highlight highlight-source-js notranslate position-relative
overflow-auto" data-snippet-clipboard-copy-content="// const program =
require('commander');
const { program } = require('commander');"><pre><span class="pl-c">//
const program = require('commander');</span>
<span class="pl-k">const</span> <span class="pl-kos">{</span> program
<span class="pl-kos">}</span> <span class="pl-c1">=</span> <span
class="pl-en">require</span><span class="pl-kos">(</span><span
class="pl-s">'commander'</span><span class="pl-kos">)</span><span
class="pl-kos">;</span></pre></div>
<p><strong>option and command clashes</strong></p>
<p>A couple of configuration problems now throw an error, which will
pick up issues in existing programs:</p>
<ul>
<li>adding an option which uses the same flag as a previous option</li>
<li>adding a command which uses the same name or alias as a previous
command</li>
</ul>
      </li>
      <li>
<b>11.1.0</b> - <a
href="https://github.com/tj/commander.js/releases/tag/v11.1.0">2023-10-13</a></br><h3>Fixed</h3>
<ul>
<li>TypeScript: update <code>OptionValueSource</code> to allow any
string, to match supported use of custom sources (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="1867932360" data-permission-text="Title is private"
data-url="tj/commander.js#1983"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1983/hovercard"
href="https://github.com/tj/commander.js/pull/1983">#1983</a>)</li>
<li>TypeScript: add that <code>Command.version()</code> can also be used
as getter (<a class="issue-link js-issue-link" data-error-text="Failed
to load title" data-id="1866585046" data-permission-text="Title is
private" data-url="tj/commander.js#1982"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1982/hovercard"
href="https://github.com/tj/commander.js/pull/1982">#1982</a>)</li>
<li>TypeScript: add null return type to
<code>Commands.executableDir()</code>, for when not configured (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1848764624" data-permission-text="Title is private"
data-url="tj/commander.js#1965"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1965/hovercard"
href="https://github.com/tj/commander.js/pull/1965">#1965</a>)</li>
<li>subcommands with an executable handler and only a short help flag
are now handled correctly by the parent's help command (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1834752363" data-permission-text="Title is private"
data-url="tj/commander.js#1930"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1930/hovercard"
href="https://github.com/tj/commander.js/pull/1930">#1930</a>)</li>
</ul>
<h3>Added</h3>
<ul>
<li><code>registeredArguments</code> property on <code>Command</code>
with the array of defined <code>Argument</code> (like
<code>Command.options</code> for <code>Option</code>) (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1889010607" data-permission-text="Title is private"
data-url="tj/commander.js#2010"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2010/hovercard"
href="https://github.com/tj/commander.js/pull/2010">#2010</a>)</li>
<li>TypeScript declarations for Option properties: <code>envVar</code>,
<code>presetArg</code> (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1899685637"
data-permission-text="Title is private"
data-url="tj/commander.js#2019"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2019/hovercard"
href="https://github.com/tj/commander.js/pull/2019">#2019</a>)</li>
<li>TypeScript declarations for Argument properties:
<code>argChoices</code>, <code>defaultValue</code>,
<code>defaultValueDescription</code> (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="1899685637" data-permission-text="Title is private"
data-url="tj/commander.js#2019"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2019/hovercard"
href="https://github.com/tj/commander.js/pull/2019">#2019</a>)</li>
<li>example file which shows how to configure help to display any custom
usage in the list of subcommands (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1773187191"
data-permission-text="Title is private"
data-url="tj/commander.js#1896"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1896/hovercard"
href="https://github.com/tj/commander.js/pull/1896">#1896</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>(developer) refactor TypeScript configs for multiple use-cases, and
enable checks in JavaScript files in supporting editors (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1849544106" data-permission-text="Title is private"
data-url="tj/commander.js#1969"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1969/hovercard"
href="https://github.com/tj/commander.js/pull/1969">#1969</a>)</li>
</ul>
<h3>Deprecated</h3>
<ul>
<li><code>Command._args</code> was private anyway, but now available as
<code>registeredArguments</code> (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1889010607"
data-permission-text="Title is private"
data-url="tj/commander.js#2010"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/2010/hovercard"
href="https://github.com/tj/commander.js/pull/2010">#2010</a>)</li>
</ul>
      </li>
      <li>
<b>11.0.0</b> - <a
href="https://github.com/tj/commander.js/releases/tag/v11.0.0">2023-06-16</a></br><h3>Fixed</h3>
<ul>
<li>help command works when help option is disabled (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1669613210" data-permission-text="Title is private"
data-url="tj/commander.js#1864"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1864/hovercard"
href="https://github.com/tj/commander.js/pull/1864">#1864</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>leading and trailing spaces are now ignored by the .arguments()
method (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1695692017" data-permission-text="Title is private"
data-url="tj/commander.js#1874"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1874/hovercard"
href="https://github.com/tj/commander.js/pull/1874">#1874</a>)</li>
<li>refine "types" exports for ESM to follow TypeScript guidelines (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1708858393" data-permission-text="Title is private"
data-url="tj/commander.js#1886"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1886/hovercard"
href="https://github.com/tj/commander.js/pull/1886">#1886</a>)</li>
<li><em>Breaking:</em> Commander 11 requires Node.js v16 or higher</li>
</ul>
      </li>
      <li>
<b>10.0.1</b> - <a
href="https://github.com/tj/commander.js/releases/tag/v10.0.1">2023-04-15</a></br><h3>Added</h3>
<ul>
<li>improvements to documentation (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1646214785"
data-permission-text="Title is private"
data-url="tj/commander.js#1858"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1858/hovercard"
href="https://github.com/tj/commander.js/pull/1858">#1858</a>, <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1658098751" data-permission-text="Title is private"
data-url="tj/commander.js#1859"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1859/hovercard"
href="https://github.com/tj/commander.js/pull/1859">#1859</a>, <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1658182756" data-permission-text="Title is private"
data-url="tj/commander.js#1860"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1860/hovercard"
href="https://github.com/tj/commander.js/pull/1860">#1860</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>remove unused <code>Option.optionFlags</code> property from
TypeScript definition (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1551713544"
data-permission-text="Title is private"
data-url="tj/commander.js#1844"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1844/hovercard"
href="https://github.com/tj/commander.js/pull/1844">#1844</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>assume boolean option intended if caller passes string instead of
hash to <code>.implies()</code> (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1620261172"
data-permission-text="Title is private"
data-url="tj/commander.js#1854"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1854/hovercard"
href="https://github.com/tj/commander.js/pull/1854">#1854</a>)</li>
</ul>
      </li>
      <li>
<b>10.0.0</b> - <a
href="https://github.com/tj/commander.js/releases/tag/v10.0.0">2023-01-14</a></br><h3>Added</h3>
<ul>
<li>wrap command description in help (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="1384929608" data-permission-text="Title is private"
data-url="tj/commander.js#1804"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1804/hovercard"
href="https://github.com/tj/commander.js/pull/1804">#1804</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li><em>Breaking:</em> Commander 10 requires Node.js v14 or higher</li>
</ul>
      </li>
      <li>
<b>9.5.0</b> - <a
href="https://github.com/tj/commander.js/releases/tag/v9.5.0">2023-01-07</a></br><h3>Added</h3>
<ul>
<li><code>.getOptionValueSourceWithGlobals()</code> (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1501610256" data-permission-text="Title is private"
data-url="tj/commander.js#1832"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1832/hovercard"
href="https://github.com/tj/commander.js/pull/1832">#1832</a>)</li>
<li><code>showGlobalOptions</code> for <code>.configureHelp{}</code> and
<code>Help</code> (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1473800888"
data-permission-text="Title is private"
data-url="tj/commander.js#1828"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1828/hovercard"
href="https://github.com/tj/commander.js/pull/1828">#1828</a>)</li>
</ul>
      </li>
      <li>
<b>9.4.1</b> - <a
href="https://github.com/tj/commander.js/releases/tag/v9.4.1">2022-09-30</a></br><h3>Fixed</h3>
<ul>
<li><code>.setOptionValue()</code> now also clears option source (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1361002052" data-permission-text="Title is private"
data-url="tj/commander.js#1795"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1795/hovercard"
href="https://github.com/tj/commander.js/pull/1795">#1795</a>)</li>
<li>TypeScript: add <code>implied</code> to
<code>OptionValueSource</code> for option values set by using
<code>.implies()</code> (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1360997506"
data-permission-text="Title is private"
data-url="tj/commander.js#1794"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1794/hovercard"
href="https://github.com/tj/commander.js/pull/1794">#1794</a>)</li>
<li>TypeScript : add <code>undefined</code> to return type of
<code>.getOptionValueSource()</code> (<a class="issue-link
js-issue-link" data-error-text="Failed to load title"
data-id="1360997506" data-permission-text="Title is private"
data-url="tj/commander.js#1794"
data-hovercard-type="pull_request"
data-hovercard-url="/tj/commander.js/pull/1794/hovercard"
href="https://github.com/tj/commander.js/pull/1794">#1794</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>additions to README</li>
</ul>
      </li>
      <li>
        <b>9.4.0</b> - 2022-07-15
      </li>
      <li>
        <b>9.3.0</b> - 2022-05-28
      </li>
      <li>
        <b>9.2.0</b> - 2022-04-15
      </li>
      <li>
        <b>9.1.0</b> - 2022-03-18
      </li>
      <li>
        <b>9.0.0</b> - 2022-01-29
      </li>
      <li>
        <b>9.0.0-1</b> - 2022-01-14
      </li>
      <li>
        <b>9.0.0-0</b> - 2021-12-22
      </li>
      <li>
        <b>8.3.0</b> - 2021-10-22
      </li>
      <li>
        <b>8.2.0</b> - 2021-09-10
      </li>
      <li>
        <b>8.1.0</b> - 2021-07-27
      </li>
      <li>
        <b>8.0.0</b> - 2021-06-25
      </li>
      <li>
        <b>8.0.0-2</b> - 2021-06-06
      </li>
      <li>
        <b>8.0.0-1</b> - 2021-05-31
      </li>
      <li>
        <b>8.0.0-0</b> - 2021-05-22
      </li>
      <li>
        <b>7.2.0</b> - 2021-03-21
      </li>
      <li>
        <b>7.1.0</b> - 2021-02-15
      </li>
      <li>
        <b>7.0.0</b> - 2021-01-15
      </li>
      <li>
        <b>7.0.0-2</b> - 2020-12-14
      </li>
      <li>
        <b>7.0.0-1</b> - 2020-11-21
      </li>
      <li>
        <b>7.0.0-0</b> - 2020-10-25
      </li>
      <li>
        <b>6.2.1</b> - 2020-12-14
      </li>
      <li>
        <b>6.2.0</b> - 2020-10-25
      </li>
      <li>
        <b>6.1.0</b> - 2020-08-28
      </li>
      <li>
        <b>6.0.0</b> - 2020-07-19
      </li>
      <li>
        <b>6.0.0-0</b> - 2020-06-20
      </li>
      <li>
        <b>5.1.0</b> - 2020-04-25
      </li>
      <li>
        <b>5.0.0</b> - 2020-03-14
      </li>
      <li>
        <b>5.0.0-4</b> - 2020-03-03
      </li>
      <li>
        <b>5.0.0-3</b> - 2020-02-20
      </li>
      <li>
        <b>5.0.0-2</b> - 2020-02-11
      </li>
      <li>
        <b>5.0.0-1</b> - 2020-02-08
      </li>
      <li>
        <b>5.0.0-0</b> - 2020-02-01
      </li>
      <li>
        <b>4.1.1</b> - 2020-02-03
      </li>
      <li>
        <b>4.1.0</b> - 2020-01-06
      </li>
      <li>
        <b>4.0.1</b> - 2019-11-11
      </li>
      <li>
        <b>4.0.0</b> - 2019-11-01
      </li>
      <li>
        <b>4.0.0-1</b> - 2019-10-08
      </li>
      <li>
        <b>4.0.0-0</b> - 2019-10-01
      </li>
      <li>
        <b>3.0.2</b> - 2019-09-26
      </li>
      <li>
        <b>3.0.1</b> - 2019-08-30
      </li>
    </ul>
from <a href="https://github.com/tj/commander.js/releases">commander
GitHub release notes</a>
  </details>
</details>

---

> [!IMPORTANT]
>
> - **Warning:** This PR contains a major version upgrade, and may be a
breaking change.
> - Check the changes in this PR to ensure they won't cause issues with
your project.
> - This PR was automatically created by Snyk using the credentials of a
real user.

---

**Note:** _You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs._

**For more information:** <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIyZDdmZTAyMC02YzE3LTRjMjYtOGQ1OC1lZWUyNGY0OWQ5YzkiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjJkN2ZlMDIwLTZjMTctNGMyNi04ZDU4LWVlZTI0ZjQ5ZDljOSJ9fQ=="
width="0" height="0"/>

> - 🧐 [View latest project
report](https://app.snyk.io/org/okeamah/project/2d65a1bc-6c0c-43f8-93fe-fbb66482541e?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)
> - 📜 [Customise PR
templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates)
> - 🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/okeamah/project/2d65a1bc-6c0c-43f8-93fe-fbb66482541e/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)
> - 🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/okeamah/project/2d65a1bc-6c0c-43f8-93fe-fbb66482541e/settings/integration?pkg&#x3D;commander&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"commander","from":"3.0.1","to":"12.1.0"}],"env":"prod","hasFixes":false,"isBreakingChange":true,"isMajorUpgrade":true,"issuesToFix":[],"prId":"2d7fe020-6c17-4c26-8d58-eee24f49d9c9","prPublicId":"2d7fe020-6c17-4c26-8d58-eee24f49d9c9","packageManager":"npm","priorityScoreList":[],"projectPublicId":"2d65a1bc-6c0c-43f8-93fe-fbb66482541e","projectUrl":"https://app.snyk.io/org/okeamah/project/2d65a1bc-6c0c-43f8-93fe-fbb66482541e?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":[],"type":"auto","upgrade":[],"upgradeInfo":{"versionsDiff":49,"publishedDate":"2024-05-18T11:16:54.043Z"},"vulns":[]})
--->
@Exkaleburx Exkaleburx mentioned this pull request Sep 6, 2024
Open
@q1blue q1blue mentioned this pull request Sep 8, 2024
Open
@OKEAMAH OKEAMAH mentioned this pull request Sep 9, 2024
Open
This was referenced Sep 11, 2024
Open
Open
Open
Open
@AKJUS AKJUS mentioned this pull request Sep 12, 2024
Open
@q1blue q1blue mentioned this pull request Sep 13, 2024
Open
This was referenced Sep 14, 2024
Open
Open
@OKEAMAH OKEAMAH mentioned this pull request Sep 17, 2024
Open
@WontonSam WontonSam mentioned this pull request Sep 18, 2024
Open
@OKEAMAH OKEAMAH mentioned this pull request Sep 19, 2024
Open
@WontonSam WontonSam mentioned this pull request Sep 19, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abetomo abetomo abetomo approved these changes

@shadowspawn shadowspawn shadowspawn approved these changes

Assignees
No one assigned
Labels
semver: major Releasing requires a major version bump, not backwards compatible
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aweebit @shadowspawn @abetomo