From 1a27177f51b39fc6a165db9b0a0b4acf2b366aaa Mon Sep 17 00:00:00 2001 From: FengLee Date: Sun, 10 May 2026 00:05:08 +0800 Subject: [PATCH] Allow source local-storage route in upgrades --- scripts/admin-upgrade-runner.mjs | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/scripts/admin-upgrade-runner.mjs b/scripts/admin-upgrade-runner.mjs index 4ebb924..be91453 100755 --- a/scripts/admin-upgrade-runner.mjs +++ b/scripts/admin-upgrade-runner.mjs @@ -46,7 +46,8 @@ const COLD_ALLOWED_FILES = new Set([ 'ecosystem.config.cjs', ]); -const BLOCKED_NAMES = new Set(['.git', 'node_modules', '.next', 'dist', 'backups', 'local-storage', 'upgrade-state']); +const BLOCKED_TOP_LEVEL_NAMES = new Set(['.git', 'node_modules', '.next', 'dist', 'backups', 'local-storage', 'upgrade-state']); +const BLOCKED_ANYWHERE_NAMES = new Set(['.git', 'node_modules', '.next']); let state = readState() || { id: jobId, @@ -380,8 +381,7 @@ function listFiles(root) { function validateFiles(files, updateMode) { for (const file of files) { assertSafeRelativePath(file); - const parts = file.split('/'); - if (parts.some(part => BLOCKED_NAMES.has(part) || part.startsWith('.env'))) { + if (isBlockedPackagePath(file)) { throw new Error(`升级包包含禁止覆盖的路径: ${file}`); } if (updateMode === 'hot' && !isHotAllowed(file)) { @@ -394,6 +394,15 @@ function validateFiles(files, updateMode) { return { requiresRestart: files.some(file => !isHotAllowed(file)) }; } +function isBlockedPackagePath(file) { + const parts = file.split('/'); + return ( + parts.some(part => part.startsWith('.env')) || + BLOCKED_TOP_LEVEL_NAMES.has(parts[0]) || + parts.some(part => BLOCKED_ANYWHERE_NAMES.has(part)) + ); +} + function assertSafeRelativePath(file) { if (!file || file.startsWith('/') || file.startsWith('\\') || file.includes('\\')) { throw new Error(`升级包包含非法路径: ${file}`);