Merge 78e9f4587871ed870bb147671356dd3512cef7d2 into e597bb208efe942f30139df88b5ef74e78c15925

[New] Add support for NVM_AUTH_HEADER env var
Closes #3366 Co-authored-by: David Welch <david@davidwelch.co> Co-authored-by: Andre Kradolfer <narfdre@gmail.com>
2025-08-16 18:43:43 +00:00 · 2024-07-01 20:53:37 +00:00 · 2024-06-21 08:55:22 -06:00
2 changed files with 10 additions and 10 deletions
--- a/nvm.sh
+++ b/nvm.sh
@ -120,16 +120,15 @@ nvm_download() {
    local CURL_COMPRESSED_FLAG=""
    local CURL_HEADER_FLAG=""

-    if [ -n "$NVM_AUTH_HEADER" ]; then
-        sanitized_header=$(nvm_sanitize_auth_header "$NVM_AUTH_HEADER")
-        CURL_HEADER_FLAG="--header \"Authorization: $sanitized_header\""
+    if [ -n "${NVM_AUTH_HEADER:-}" ]; then
+      sanitized_header=$(nvm_sanitize_auth_header "${NVM_AUTH_HEADER}")
+      CURL_HEADER_FLAG="--header \"Authorization: ${sanitized_header}\""
    fi

    if nvm_curl_use_compression; then
-        CURL_COMPRESSED_FLAG="--compressed"
+      CURL_COMPRESSED_FLAG="--compressed"
    fi
-
-    eval "curl -q --fail ${CURL_COMPRESSED_FLAG:-} ${CURL_HEADER_FLAG:-} $@"
+    eval "curl -q --fail ${CURL_COMPRESSED_FLAG:-} ${CURL_HEADER_FLAG:-} $*"
  elif nvm_has "wget"; then
    # Emulate curl with wget
    ARGS=$(nvm_echo "$@" | command sed -e 's/--progress-bar /--progress=bar /' \
@ -152,7 +151,7 @@ nvm_download() {

 nvm_sanitize_auth_header() {
    # Remove potentially dangerous characters
-    echo "$1" | sed 's/[^a-zA-Z0-9:;_. -]//g'
+    nvm_echo "$1" | command sed 's/[^a-zA-Z0-9:;_. -]//g'
 }

 nvm_has_system_node() {
--- a/tests/nvm_download
+++ b/tests/nvm_download
@ -19,9 +19,10 @@ nvm_download "https://raw.githubusercontent.com/nvm-sh/nvm/HEAD/install.sh" >/de
 # nvm_download should pass when calling with auth header
 docker pull kennethreitz/httpbin && docker run -d --name httpbin -p 80:80 kennethreitz/httpbin
 sleep 1 # wait for httpbin to start
-NVM_AUTH_HEADER="Bearer test-token"
-nvm_download "http://127.0.0.1/bearer" > /dev/null || die "nvm_download unable to send auth header"
-unset NVM_AUTH_HEADER
+NVM_AUTH_HEADER="Bearer test-token" nvm_download "http://127.0.0.1/bearer" > /dev/null || die 'nvm_download with auth header should send correctly'
+
+# nvm_download should fail when calling without auth header
+nvm_download "http://127.0.0.1/bearer" > /dev/null && die 'nvm_download with no auth header should not send the header and should fail'
 docker stop httpbin && docker rm httpbin

 cleanup
Author	SHA1	Message	Date
David Welch	4913fe7415	Merge 78e9f4587871ed870bb147671356dd3512cef7d2 into e597bb208efe942f30139df88b5ef74e78c15925	2024-07-01 20:53:37 +00:00
David Welch	78e9f45878	[New] Add support for `NVM_AUTH_HEADER` env var Closes #3366 Co-authored-by: David Welch <david@davidwelch.co> Co-authored-by: Andre Kradolfer <narfdre@gmail.com>	2024-06-21 08:55:22 -06:00