fix: upgrade pstree to remove vulnerability

remy · web-flow · commit 21e052eddf14 · 2018-11-27T08:45:11.000Z
Fixes #1463 Fixes #1469 Fixes #1464 Completely removes the old method of `pstree[.remy]` and drops the event-stream vuln at the same time.
diff --git a/.npmignore b/.npmignore
@@ -5,3 +5,4 @@ issues/
 .github/
 website/
 *.md
+Dockerfile
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,34 @@
+#
+# Ubuntu Node.js Dockerfile
+#
+# https://github.com/dockerfile/ubuntu/blob/master/Dockerfile
+# https://docs.docker.com/examples/nodejs_web_app/
+#
+
+# Pull base image.
+FROM ubuntu:16.04
+
+RUN apt-get update && apt-get install -y curl locales && rm -rf /var/lib/apt/lists/* \
+    && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ENV LANG en_US.utf8
+
+# Install Node.js
+RUN curl --silent --location https://deb.nodesource.com/setup_10.x | bash -
+RUN apt-get install --yes nodejs build-essential
+
+# Install app dependencies
+RUN npm install -g npx
+
+# Bundle app source
+# Trouble with COPY http://stackoverflow.com/a/30405787/2926832
+# COPY . /src
+
+WORKDIR /src
+
+
+# Binds to port 8080
+# EXPOSE  8080
+
+#  Defines your runtime(define default command)
+# These commands unlike RUN (they are carried out in the construction of the container) are run when the container
+#CMD ["node", "/src/http.js"]
diff --git a/lib/monitor/run.js b/lib/monitor/run.js
@@ -333,11 +333,11 @@ function kill(child, signal, callback) {
     const sig = signal.replace('SIG', '');
     psTree(child.pid, function (err, kids) {
       if (psTree.hasPS) {
-        spawn('kill', ['-s', sig, child.pid].concat(kids.map(p => p.PID)))
+        spawn('kill', ['-s', sig, child.pid].concat(kids))
           .on('close', callback);
       } else {
         // make sure we kill from smallest to largest
-        const pids = kids.map(p => p.PID).concat(child.pid).sort();
+        const pids = kids.concat(child.pid).sort();
         pids.forEach(pid => {
           exec('kill -' + signals[signal] + ' ' + pid, () => { });
         });
diff --git a/test/docker.sh b/test/docker.sh
@@ -0,0 +1,4 @@
+docker build -t nodemon-test-env .
+docker run --mount type=bind,source=/Users/remy/Sites/nodemon,target=/src/nodemon --name nodemon-test-env --rm -it nodemon-test-env bash
+
+# node /nodemon-src/bin/nodemon.js -V http.js
diff --git a/test/fork/run-mac-only.test.js b/test/fork/run-mac-only.test.js
@@ -9,7 +9,7 @@ const filenames = [
   [__dirname + 'some\ \\file', '#!/bin/sh\necho "OK"'],
 ];
 
-if (!process.env.TRAVIS && process.platform === 'darwin') {
+if (false && !process.env.TRAVIS && process.platform === 'darwin') {
   describe('nodemon fork (mac only)', () => {
     before(() => {
       filenames.map(file => fs.writeFileSync(file[0], file[1], 'utf8'));
