electron-builder
electron-builder copied to clipboard
Scoped package name causes S3 upload to fail
- Electron-Builder Version: 23.4.0
- Node Version: 16.13.0
- Electron Version: 19.0.8
- Electron Type (current, beta, nightly): current
-
Target:
nsis-web
ia32/x64
Setting the name
property in the package.json
of an Electron project to a scoped value makes S3 upload fail, at least when targetting nsis-web
.
This seems to come from BuildAppPackage()
. It calls get sanitizedName()
that calls sanitizeFileName()
that in turn invokes the sanitize-filename
package with the package.json
name
property as parameter, all the way down.
According to this library, it does not strip the file name of "at" symbols (@
) and AWS states that these might need special handling on application level. I'm not sure how electron-builder
talks to AWS, but we might be forming URLs without proper escaping. I had no time to check on this further.
I logged args
BaseS3Publisher
and it corroborates my thesis. I have an application named @transform/heartfix
and args
is:
[
'publish-s3',
'--bucket',
'heartfix-pc-releases',
'--key',
'@transformheartfix-1.0.0-alpha.0-ia32.nsis.7z',
'--file',
'[REDACTED]\\heartfix\\dist\\nsis-web\\@transformheartfix-1.0.0-alpha.0-ia32.nsis.7z',
'--acl',
'public-read'
]
Upload fails with expected argument for flag '--key'
error message.
The artifacts' names should be properly sanitised, escaped or at least overridable via configuration.