Merge pull request #1 from Asjidkalam/master

Fixed code execution bug on count-git-tags

Author: JamieSlome

index.js

@@ -3,15 +3,27 @@ import isGit from 'is-git-repository';
 import { platform } from 'os';
 import makepath from 'path';
 import pathIsAbsolute from 'path-is-absolute';
+import shellescape from 'shell-escape';
 
 const cwd = process.cwd();
 
+// escape bad arguments
+var escapeShell = function(cmd) {
+  if(cmd !== undefined){
+    var arg = cmd.toString().split(" ");
+    return shellescape(arg);
+  }
+}
+
 const countGitTags = ({ path, local } = {}) => {
   let countOfTags = 0;
 
   let thisPath = path || cwd;
   thisPath = pathIsAbsolute(thisPath) ? thisPath : makepath.join(cwd, thisPath);
   const thisLocal = local === undefined ? true : local;
+  
+  thisPath = escapeShell(thisPath);
+  thisLocal = escapeShell(thisLocal);
 
   if (!isGit(thisPath)) {
     return 0;

package.json

@@ -36,7 +36,8 @@
     "execa": "^0.6.1",
     "fs-extra": "^3.0.1",
     "is-git-repository": "^1.1.1",
-    "path-is-absolute": "^1.0.1"
+    "path-is-absolute": "^1.0.1",
+    "shell-escape": "^0.2.0"
   },
   "devDependencies": {
     "ava": "^0.18.2",