build: disable NODE_OPTIONS

jesec · jesec · commit 7f3403bd71d2 · 2022-05-03T12:38:24.000-07:00
Production binaries shall NOT take NODE_OPTIONS from end-users. Only the users (developers who use pkg to package their project) should have control over the flags via the "bake in" (--options) mechanism. Bug: vercel/pkg#954, vercel/pkg#989, vercel/pkg#1194, vercel/pkg#1517
diff --git a/lib/build.ts b/lib/build.ts
@@ -55,6 +55,9 @@ function getConfigureArgs(major: number, targetPlatform: string): string[] {
     }
   }
 
+  // production binaries do NOT take NODE_OPTIONS from end-users
+  args.push('--without-node-options');
+
   // DTrace
   args.push('--without-dtrace');
 

Original file line number	Diff line number	Diff line change
`@@ -55,6 +55,9 @@ function getConfigureArgs(major: number, targetPlatform: string): string[] {`
`55`	`55`	`}`
`56`	`56`	`}`
`57`	`57`
	`58`	`+ // production binaries do NOT take NODE_OPTIONS from end-users`
	`59`	`+ args.push('--without-node-options');`
	`60`	`+`
`58`	`61`	`// DTrace`
`59`	`62`	`args.push('--without-dtrace');`
`60`	`63`