add node modules to repo

node_modules/sanitize-filename/.gitmodules

@@ -0,0 +1,3 @@
+[submodule "big-list-of-naughty-strings"]
+	path = vendor/big-list-of-naughty-strings
+	url = https://github.com/minimaxir/big-list-of-naughty-strings.git

node_modules/sanitize-filename/.npmignore

@@ -0,0 +1 @@
+vendor/

node_modules/sanitize-filename/.travis.yml

@@ -0,0 +1,49 @@
+language: generic
+
+env:
+  matrix:
+    - ZUUL_TEST=1 NODE_VERSION=node
+    - NODE_VERSION=0.10
+    - NODE_VERSION=0.12
+    - NODE_VERSION=1
+    - NODE_VERSION=2
+    - NODE_VERSION=3
+    - NODE_VERSION=4
+    - NODE_VERSION=5
+    - NODE_VERSION=node
+  global:
+    - secure: NpqUZNJuWRuyqVs1v+LGtqpnEPO7gNWLShMsVUEYdoR6c/ZXOs9mB+shqMMPtuQ3loQqydLJZVb7yZJmwAz6ZGpftZWIsPFaXilmixs0yUTdwbJ53061uBx8ajOaZyeaTRFxv/cr2Jj48hX5ov1FUTQ+hoelCb/N221c0SJEtL8=
+    - secure: C7rEgVrfIFovn763aFbXwZrEvTapI1MDDSk8nmU/nseC8Zb++6wCHNbKeGPLaY1kgRNOJbIo9SoHWUoLhGjjHXiNamQfoRPgeD3MXe1qhUskwxOeqpXOFfZv6KEyi3YNjPrjVTgLqK/mfmH2HxHr2HIldP15z40cc5+SLxKS2Fk=
+
+# Include all possible file systems
+# Normal builds use AUFS
+# See http://docs.travis-ci.com/user/ci-environment/
+matrix:
+  include:
+    # HFS+
+    - os: osx
+      env: NODE_VERSION=node
+    # ext4
+    - sudo: required
+      dist: trusty
+      env: NODE_VERSION=node
+    # SIMFS
+    - sudo: required
+      env: NODE_VERSION=node
+
+before_install:
+install:
+  - rm -rf ~/.nvm
+  - git clone https://github.com/creationix/nvm.git ~/.nvm
+  - source ~/.nvm/nvm.sh
+  - nvm install $NODE_VERSION
+  - node --version
+  - npm install
+
+script: |
+  if [ -n "$ZUUL_TEST" ]
+  then
+    npm run test-browser-sauce
+  else
+    npm test
+  fi

node_modules/sanitize-filename/.zuul.yml

@@ -0,0 +1,14 @@
+ui: tape
+browsers:
+  - name: chrome
+    version: latest
+  - name: firefox
+    version: latest
+  - name: ie
+    version: latest
+  - name: safari
+    version: latest
+  - name: iphone
+    version: latest
+  - name: android
+    version: latest

node_modules/sanitize-filename/AUTHORS

@@ -0,0 +1,2 @@
+Parsha Pourkhomami <parshap@gmail.com>
+Joel Mukuthu <joelmukuthu@gmail.com>

node_modules/sanitize-filename/Changelog.md

@@ -0,0 +1,6 @@
+## 1.2.0
+
+Check for reserved Windows filenames (`CON`, `PRN`, `AUX`, `NUL`,
+`COM1`, `LPT1`, etc). See [1].
+
+[1] https://github.com/parshap/node-sanitize-filename/issues/9

node_modules/sanitize-filename/LICENSE.md

@@ -0,0 +1,34 @@
+This project is licensed under the [WTFPL][] and [ISC][] licenses.
+
+[WTFPL]: https://en.wikipedia.org/wiki/WTFPL
+[ISC]: https://opensource.org/licenses/ISC
+
+## WTFPL
+
+DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+Version 2, December 2004
+
+Copyright (C) 2004 Sam Hocevar \<sam@hocevar.net>
+
+Everyone is permitted to copy and distribute verbatim or modified copies
+of this license document, and changing it is allowed as long as the name
+is changed.
+
+DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE TERMS AND CONDITIONS FOR
+COPYING, DISTRIBUTION AND MODIFICATION
+
+0. You just DO WHAT THE FUCK YOU WANT TO.
+
+## ISC
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

node_modules/sanitize-filename/README.md

@@ -0,0 +1,100 @@
+# sanitize-filename [![build status](https://secure.travis-ci.org/parshap/node-sanitize-filename.svg?branch=master)](http://travis-ci.org/parshap/node-sanitize-filename)
+
+Sanitize a string to be safe for use as a filename by removing directory
+paths and invalid characters.
+
+## Install
+
+[npm: *sanitize-filename*](https://www.npmjs.com/package/sanitize-filename)
+
+```
+npm install sanitize-filename
+```
+
+## Example
+
+```js
+var sanitize = require("sanitize-filename");
+
+// Some string that may be unsafe or invalid as a filename
+var UNSAFE_USER_INPUT = "~/.\u0000ssh/authorized_keys";
+
+// Sanitize the string to be safe for use as a filename.
+var filename = sanitize(UNSAFE_USER_INPUT);
+// -> "~.sshauthorized_keys"
+```
+
+## Details
+
+*sanitize-filename* removes the following:
+
+ * [Control characters][] (`0x00`–`0x1f` and `0x80`–`0x9f`)
+ * [Reserved characters][] (`/`, `?`, `<`, `>`, `\`, `:`, `*`, `|`, and
+   `"`)
+ * Unix reserved filenames (`.` and `..`)
+ * Trailing periods and spaces ([for Windows][windows trailing])
+ * Windows reserved filenames (`CON`, `PRN`, `AUX`, `NUL`, `COM1`,
+   `COM2`, `COM3`, `COM4`, `COM5`, `COM6`, `COM7`, `COM8`, `COM9`,
+   `LPT1`, `LPT2`, `LPT3`, `LPT4`, `LPT5`, `LPT6`, `LPT7`, `LPT8`, and
+   `LPT9`)
+
+[control characters]: https://en.wikipedia.org/wiki/C0_and_C1_control_codes
+[reserved characters]: https://kb.acronis.com/content/39790
+[windows trailing]: https://msdn.microsoft.com/en-us/library/aa365247(v=vs.85).aspx#Naming_Conventions
+
+The resulting string is truncated to [255 bytes in length][255]. The
+string will not contain any directory paths and will be safe to use as a
+filename.
+
+[255]: http://unix.stackexchange.com/questions/32795/what-is-the-maximum-allowed-filename-and-folder-size-with-ecryptfs
+
+### Empty String `""` Result
+
+An empty string `""` can be returned. For example:
+
+```js
+var sanitize = require("sanitize-filename");
+sanitize("..")
+// -> ""
+
+```
+
+### Non-unique Filenames
+
+Two different inputs can return the same value. For example:
+
+```js
+var sanitize = require("sanitize-filename");
+sanitize("file?")
+// -> "file"
+sanitize ("*file*")
+// -> "file"
+```
+
+### File Systems
+
+Sanitized filenames will be safe for use on modern Windows, OS X, and
+Unix file systems (`NTFS`, `ext`, etc.).
+
+[`FAT` 8.3 filenames][8.3] are not supported.
+
+[8.3]: https://en.wikipedia.org/wiki/8.3_filename
+
+#### Test Your File System
+
+The test program will use various strings (including the [Big List of
+Naughty Strings][blns]) to create files in the working directory. Run
+`npm test` to run tests against your file system.
+
+[blns]: https://github.com/minimaxir/big-list-of-naughty-strings
+
+## API
+
+### `sanitize(inputString, [options])`
+
+Sanitize `inputString` by removing or replacing invalid characters.
+
+Options:
+
+ * `options.replacement`: A string to replace invalid characters with.
+   *Optional. Default: `""`.*

node_modules/sanitize-filename/index.js

@@ -0,0 +1,56 @@
+/*jshint node:true*/
+'use strict';
+
+/**
+ * Replaces characters in strings that are illegal/unsafe for filenames.
+ * Unsafe characters are either removed or replaced by a substitute set
+ * in the optional `options` object.
+ *
+ * Illegal Characters on Various Operating Systems
+ * / ? < > \ : * | "
+ * https://kb.acronis.com/content/39790
+ *
+ * Unicode Control codes
+ * C0 0x00-0x1f & C1 (0x80-0x9f)
+ * http://en.wikipedia.org/wiki/C0_and_C1_control_codes
+ *
+ * Reserved filenames on Unix-based systems (".", "..")
+ * Reserved filenames in Windows ("CON", "PRN", "AUX", "NUL", "COM1",
+ * "COM2", "COM3", "COM4", "COM5", "COM6", "COM7", "COM8", "COM9",
+ * "LPT1", "LPT2", "LPT3", "LPT4", "LPT5", "LPT6", "LPT7", "LPT8", and
+ * "LPT9") case-insesitively and with or without filename extensions.
+ *
+ * Capped at 255 characters in length.
+ * http://unix.stackexchange.com/questions/32795/what-is-the-maximum-allowed-filename-and-folder-size-with-ecryptfs
+ *
+ * @param  {String} input   Original filename
+ * @param  {Object} options {replacement: String}
+ * @return {String}         Sanitized filename
+ */
+
+var truncate = require("truncate-utf8-bytes");
+
+var illegalRe = /[\/\?<>\\:\*\|":]/g;
+var controlRe = /[\x00-\x1f\x80-\x9f]/g;
+var reservedRe = /^\.+$/;
+var windowsReservedRe = /^(con|prn|aux|nul|com[0-9]|lpt[0-9])(\..*)?$/i;
+var windowsTrailingRe = /[\. ]+$/;
+
+function sanitize(input, replacement) {
+  var sanitized = input
+    .replace(illegalRe, replacement)
+    .replace(controlRe, replacement)
+    .replace(reservedRe, replacement)
+    .replace(windowsReservedRe, replacement)
+    .replace(windowsTrailingRe, replacement);
+  return truncate(sanitized, 255);
+}
+
+module.exports = function (input, options) {
+  var replacement = (options && options.replacement) || '';
+  var output = sanitize(input, replacement);
+  if (replacement === '') {
+    return output;
+  }
+  return sanitize(output, '');
+};

node_modules/sanitize-filename/package.json

@@ -0,0 +1,80 @@
+{
+  "_args": [
+    [
+      "sanitize-filename@1.6.1",
+      "/home/s2/Documents/Code/gitlit"
+    ]
+  ],
+  "_development": true,
+  "_from": "sanitize-filename@1.6.1",
+  "_id": "sanitize-filename@1.6.1",
+  "_inBundle": false,
+  "_integrity": "sha1-YS2hyWRz+gLczaktzVtKsWSmdyo=",
+  "_location": "/sanitize-filename",
+  "_phantomChildren": {},
+  "_requested": {
+    "type": "version",
+    "registry": true,
+    "raw": "sanitize-filename@1.6.1",
+    "name": "sanitize-filename",
+    "escapedName": "sanitize-filename",
+    "rawSpec": "1.6.1",
+    "saveSpec": null,
+    "fetchSpec": "1.6.1"
+  },
+  "_requiredBy": [
+    "/electron-packager"
+  ],
+  "_resolved": "https://registry.npmjs.org/sanitize-filename/-/sanitize-filename-1.6.1.tgz",
+  "_spec": "1.6.1",
+  "_where": "/home/s2/Documents/Code/gitlit",
+  "author": {
+    "name": "Parsha Pourkhomami"
+  },
+  "bugs": {
+    "url": "https://github.com/parshap/node-sanitize-filename/issues"
+  },
+  "contributors": [
+    {
+      "name": "Parsha Pourkhomami",
+      "email": "parshap@gmail.com"
+    },
+    {
+      "name": "Joel Mukuthu",
+      "email": "joelmukuthu@gmail.com"
+    }
+  ],
+  "dependencies": {
+    "truncate-utf8-bytes": "^1.0.0"
+  },
+  "description": "Sanitize a string for use as a filename",
+  "devDependencies": {
+    "browserify": "^13.0.0",
+    "concat-stream": "^1.5.1",
+    "mktemp": "^0.4.0",
+    "tape": "^4.2.2",
+    "zuul": "^3.7.2"
+  },
+  "homepage": "https://github.com/parshap/node-sanitize-filename#readme",
+  "keywords": [
+    "file",
+    "name",
+    "filename",
+    "sanitize",
+    "validate",
+    "escape"
+  ],
+  "license": "WTFPL OR ISC",
+  "main": "index.js",
+  "name": "sanitize-filename",
+  "repository": {
+    "type": "git",
+    "url": "git+ssh://git@github.com/parshap/node-sanitize-filename.git"
+  },
+  "scripts": {
+    "test": "tape test.js",
+    "test-browser": "zuul --local --open -- test.js",
+    "test-browser-sauce": "zuul -- test.js"
+  },
+  "version": "1.6.1"
+}

node_modules/sanitize-filename/test.js

@@ -0,0 +1,272 @@
+"use strict";
+
+var test = require("tape"),
+  sanitize = require("./");
+
+function repeat(string, times) {
+  return new Array(times + 1).join(string);
+}
+
+var REPLACEMENT_OPTS = {
+  replacement: "_",
+};
+
+test("valid names", function(t) {
+  ["the quick brown fox jumped over the lazy dog.mp3",
+    "résumé"].forEach(function(name) {
+    t.equal(sanitize(name), name);
+  });
+  t.end();
+});
+
+test("valid names", function(t) {
+  ["valid name.mp3", "résumé"].forEach(function(name) {
+    t.equal(sanitize(name, REPLACEMENT_OPTS), name);
+  });
+  t.end();
+});
+
+test("null character", function(t) {
+  t.equal(sanitize("hello\u0000world"), "helloworld");
+  t.end();
+});
+
+test("null character", function(t) {
+  t.equal(sanitize("hello\u0000world", REPLACEMENT_OPTS), "hello_world");
+  t.end();
+});
+
+test("control characters", function(t) {
+  t.equal(sanitize("hello\nworld"), "helloworld");
+  t.end();
+});
+
+test("control characters", function(t) {
+  t.equal(sanitize("hello\nworld", REPLACEMENT_OPTS), "hello_world");
+  t.end();
+});
+
+test("restricted codes", function(t) {
+  ["h?w", "h/w", "h*w"].forEach(function(name) {
+    t.equal(sanitize(name), "hw");
+  });
+  t.end();
+});
+
+test("restricted codes", function(t) {
+  ["h?w", "h/w", "h*w"].forEach(function(name) {
+    t.equal(sanitize(name, REPLACEMENT_OPTS), "h_w");
+  });
+  t.end();
+});
+
+// https://msdn.microsoft.com/en-us/library/aa365247(v=vs.85).aspx
+test("restricted suffixes", function(t) {
+  ["mr.", "mr..", "mr ", "mr  "].forEach(function(name) {
+    t.equal(sanitize(name), "mr");
+  });
+  t.end();
+});
+
+test("relative paths", function(t) {
+  [".", "..", "./", "../", "/..", "/../", "*.|."].forEach(function(name) {
+    t.equal(sanitize(name), "");
+  });
+  t.end();
+});
+
+test("relative path with replacement", function(t) {
+  t.equal(sanitize("..", REPLACEMENT_OPTS), "_");
+  t.end();
+});
+
+test("reserved filename in Windows", function(t) {
+  t.equal(sanitize("con"), "");
+  t.equal(sanitize("COM1"), "");
+  t.equal(sanitize("PRN."), "");
+  t.equal(sanitize("aux.txt"), "");
+  t.equal(sanitize("LPT9.asdfasdf"), "");
+  t.equal(sanitize("LPT10.txt"), "LPT10.txt");
+  t.end();
+});
+
+test("reserved filename in Windows with replacement", function(t) {
+  t.equal(sanitize("con", REPLACEMENT_OPTS), "_");
+  t.equal(sanitize("COM1", REPLACEMENT_OPTS), "_");
+  t.equal(sanitize("PRN.", REPLACEMENT_OPTS), "_");
+  t.equal(sanitize("aux.txt", REPLACEMENT_OPTS), "_");
+  t.equal(sanitize("LPT9.asdfasdf", REPLACEMENT_OPTS), "_");
+  t.equal(sanitize("LPT10.txt", REPLACEMENT_OPTS), "LPT10.txt");
+  t.end();
+});
+
+test("invalid replacement", function (t) {
+  t.equal(sanitize(".", { replacement: "."}), "");
+  t.equal(sanitize("foo?.txt", { replacement: ">"}), "foo.txt");
+  t.equal(sanitize("con.txt", { replacement: "aux"}), "");
+  t.equal(sanitize("valid.txt", { replacement: "\/:*?\"<>|"}), "valid.txt");
+  t.end();
+});
+
+test("255 characters max", function(t) {
+  var string = repeat("a", 300);
+  t.ok(string.length > 255);
+  t.ok(sanitize(string).length <= 255);
+  t.end();
+});
+
+// Test the handling of non-BMP chars in UTF-8
+//
+
+test("non-bmp SADDLES the limit", function(t){
+  var str25x = repeat("a", 252),
+    name = str25x + '\uD800\uDC00';
+  t.equal(sanitize(name), str25x);
+
+  t.end();
+});
+
+test("non-bmp JUST WITHIN the limit", function(t){
+  var str25x = repeat('a', 251),
+    name = str25x + '\uD800\uDC00';
+  t.equal(sanitize(name), name);
+
+  t.end();
+});
+
+test("non-bmp JUST OUTSIDE the limit", function(t){
+  var str25x = repeat('a', 253),
+    name = str25x + '\uD800\uDC00';
+  t.equal(sanitize(name), str25x);
+
+  t.end();
+});
+
+function testStringUsingFS(str, t) {
+  var sanitized = sanitize(str) || "default";
+  var filepath = path.join(tempdir, sanitized);
+
+  // Should not contain any directories or relative paths
+  t.equal(path.dirname(path.resolve("/abs/path", sanitized)), path.resolve("/abs/path"));
+
+  // Should be max 255 bytes
+  t.assert(Buffer.byteLength(sanitized) <= 255, "max 255 bytes");
+
+  // Should write and read file to disk
+  t.equal(path.dirname(path.normalize(filepath)), tempdir);
+  fs.writeFile(filepath, "foobar", function(err) {
+    t.ifError(err, "no error writing file");
+    fs.readFile(filepath, function(err, data) {
+      t.ifError(err, "no error reading file");
+      t.equal(data.toString(), "foobar", "file contents equals");
+      fs.unlink(filepath, function(err) {
+        t.ifError(err, "no error unlinking file");
+        t.end();
+      });
+    });
+  });
+}
+
+// Don't run these tests in browser environments
+if ( ! process.browser) {
+  // ## Browserify Build
+  //
+  // Make sure Buffer is not used when building using browserify.
+  //
+
+  var browserify = require("browserify");
+  var concat = require("concat-stream");
+
+  test("browserify build", function(t) {
+    var bundle = browserify(__dirname).bundle();
+    bundle.on("error", t.ifError);
+    bundle.pipe(concat(function(data) {
+      var source = data.toString();
+      t.ok(source.indexOf("Buffer") === -1);
+      t.end();
+    }));
+  });
+
+  // ## Filesystem Tests
+  //
+  // Test writing files to the local filesystem.
+  //
+
+  var fs = require("fs");
+  var path = require("path");
+  var mktemp = require("mktemp");
+  var tempdir = mktemp.createDirSync("sanitize-filename-test-XXXXXX");
+
+  try {
+    var blns = require("./vendor/big-list-of-naughty-strings/blns.json");
+  }
+  catch (err) {
+    console.error("Error: Cannot load file './vendor/big-list-of-naughty-strings/blns.json'");
+    console.error();
+    console.error("Make sure you've initialized git submodules by running");
+    console.error();
+    console.error("    git submodule update --init");
+    console.error();
+    process.exit(1);
+  }
+
+  [].concat(
+    [
+      repeat("a", 300),
+      "the quick brown fox jumped over the lazy dog",
+      "résumé",
+      "hello\u0000world",
+      "hello\nworld",
+      "semi;colon.js",
+      ";leading-semi.js",
+      "slash\\.js",
+      "slash/.js",
+      "col:on.js",
+      "star*.js",
+      "question?.js",
+      "quote\".js",
+      "singlequote'.js",
+      "brack<e>ts.js",
+      "p|pes.js",
+      "plus+.js",
+      "'five and six<seven'.js",
+      " space at front",
+      "space at end ",
+      ".period",
+      "period.",
+      "relative/path/to/some/dir",
+      "/abs/path/to/some/dir",
+      "~/.\u0000notssh/authorized_keys",
+      "",
+      "h?w",
+      "h/w",
+      "h*w",
+      ".",
+      "..",
+      "./",
+      "../",
+      "/..",
+      "/../",
+      "*.|.",
+      "./",
+      "./foobar",
+      "../foobar",
+      "../../foobar",
+      "./././foobar",
+      "|*.what",
+      "LPT9.asdf",
+    ],
+    blns
+  ).forEach(function(str) {
+    test(JSON.stringify(str), function(t) {
+      testStringUsingFS(str, t);
+    });
+  });
+
+  test("remove temp directory", function(t) {
+    fs.rmdir(tempdir, function(err) {
+      t.ifError(err);
+      t.end();
+    });
+  });
+}