How to handle paths outside of package.json's directory
mk-pmb opened this issue · comments
"browser": {
"./../../limits.json": "./overrides/limits.json",
"/etc/users.json": "./override/etc_users.json"
}The first one even complies with the wishful thinking that
All paths for browser fields are relative to the
package.jsonfile location
I can make up a dozen of cases where it would be really useful if some bundlers accept above config, but nevertheless I propose that:
Bundlers MUST ignore overrides that:
would apply to parent directories of the(nope, that could leak information about file system structure)package.jsonthat sets them- contain upwards path components, e.g.
... - contain absolute or network paths, e.g. start with a slash (linux/win), backslash (win), drive letter (win), UNC path (win)
- contain characters below U+0020
You might wish to include even more Unicode ranges, but they'd probably be in a region where we'd have to care about the differemces between UTF-8 and UCS-2.