netlify · netlify-team-account-1 · Nov 9, 2021 · Nov 9, 2021 · Nov 9, 2021
@@ -14,6 +14,19 @@ interface PackageJson {
   type?: string
 }
 
+const sanitiseFiles = (files: unknown): string[] | undefined => {
+  if (!Array.isArray(files)) {
+    return undefined
+  }
+
+  return files.filter((file) => typeof file === 'string')
+}
+
+const sanitisePackageJson = (pack: Record<string, unknown>): PackageJson => ({
+  ...pack,
+  files: sanitiseFiles(pack.files),
+})
+
 // Retrieve the `package.json` of a specific project or module
 const getPackageJson = async function (srcDir: string): Promise<PackageJson> {
   const packageRoot = await pkgDir(srcDir)
@@ -25,11 +38,12 @@ const getPackageJson = async function (srcDir: string): Promise<PackageJson> {
   const packageJsonPath = `${packageRoot}/package.json`
   try {
     // The path depends on the user's build, i.e. must be dynamic
-    // eslint-disable-next-line import/no-dynamic-require, node/global-require
-    return require(packageJsonPath)
+    // eslint-disable-next-line import/no-dynamic-require, node/global-require, @typescript-eslint/no-var-requires
+    const pack = require(packageJsonPath)
+    return sanitisePackageJson(pack)
   } catch (error) {
     throw new Error(`${packageJsonPath} is invalid JSON: ${error.message}`)
   }
 }
 
-export { getPackageJson, PackageJson }
+export { getPackageJson, PackageJson, sanitisePackageJson }
@@ -0,0 +1,23 @@
+const test = require('ava')
+
+const { sanitisePackageJson } = require('../dist/runtimes/node/utils/package_json')
+
+test('sanitisePackageJson', (t) => {
+  t.deepEqual(
+    sanitisePackageJson({
+      files: ['a.js', null, 'b.js'],
+    }),
+    {
+      files: ['a.js', 'b.js'],
+    },
+  )
+
+  t.deepEqual(
+    sanitisePackageJson({
+      files: { 'a.js': true, 'b.js': false },
+    }),
+    {
+      files: undefined,
+    },
+  )
+})