diff --git a/lib/inspec/resources/npm.rb b/lib/inspec/resources/npm.rb index 8588efa99..1d8d52f90 100644 --- a/lib/inspec/resources/npm.rb +++ b/lib/inspec/resources/npm.rb @@ -27,12 +27,20 @@ module Inspec::Resources return @info if defined?(@info) if @location - npm = "cd #{Shellwords.escape @location} && npm" + command_separator = inspec.os.platform?("windows") ? ";" : "&&" + invocation = "cd #{Shellwords.escape @location} #{command_separator} npm" else - npm = "npm -g" + invocation = "npm -g" end - cmd = inspec.command("#{npm} ls --json #{@package_name}") + invocation = "#{invocation} ls --json #{@package_name}" + + # If on unix, wrap in sh -c to protect against sudo + unless inspec.os.platform?("windows") + invocation = "sh -c '#{invocation}'" + end + + cmd = inspec.command(invocation) @info = { name: @package_name, type: "npm", diff --git a/test/helpers/mock_loader.rb b/test/helpers/mock_loader.rb index 9d1573b51..5a448a748 100644 --- a/test/helpers/mock_loader.rb +++ b/test/helpers/mock_loader.rb @@ -228,8 +228,8 @@ class MockLoader "/opt/chef/embedded/bin/gem list --local -a -q ^chef-sugar$" => cmd.call("gem-list-local-a-q-chef-sugar"), 'c:\opscode\chef\embedded\bin\gem.bat list --local -a -q ^json$' => cmd.call("gem-list-local-a-q-json"), "/opt/opscode/embedded/bin/gem list --local -a -q ^knife-backup$" => cmd.call("gem-list-local-a-q-knife-backup"), - "npm -g ls --json bower" => cmd.call("npm-g-ls--json-bower"), - "cd /path/to/project && npm ls --json bower" => cmd.call("npm-ls--json-bower"), + "sh -c 'npm -g ls --json bower'" => cmd.call("npm-g-ls--json-bower"), + "sh -c 'cd /path/to/project && npm ls --json bower'" => cmd.call("npm-ls--json-bower"), "Rscript -e 'packageVersion(\"DBI\")'" => cmd.call("r-print-version"), "Rscript -e 'packageVersion(\"DoesNotExist\")'" => cmd.call("r-print-version-not-installed"), "perl -le 'eval \"require $ARGV[0]\" and print $ARGV[0]->VERSION or exit 1' DBD::Pg" => cmd.call("perl-print-version"),