fix: support most unix style file paths

We allow most file paths now including spaces. We exclude `=` to allow the `path=whatever` format and `/` because `isomoric-git` doesn't handle it.

[ci skip]

src/utils/parsers.ts

@@ -9,9 +9,9 @@ import * as networkUtils from 'polykey/dist/network/utils';
 import * as nodesUtils from 'polykey/dist/nodes/utils';
 
 const secretPathRegex =
-  /^([\w-]+)(?::)([\w\-\\\/\.\$]+)(?:=)?([a-zA-Z_][\w]+)?$/;
+  /^([\w-]+)(?::)([^\0\\=]+)(?:=)?([a-zA-Z_][\w]+)?$/;
 const secretPathEnvRegex =
-  /^([\w-]+)(?::)([\w\-\\\/\.\$]+)(?:=)?([a-zA-Z_]+[a-zA-Z0-9_]*)?$/;
+  /^([\w-]+)(?::)([^\0\\=]+)(?:=)?([a-zA-Z_]+[a-zA-Z0-9_]*)?$/;
 
 /**
  * Converts a validation parser to commander argument parser

tests/secrets/create.test.ts

@@ -1,6 +1,8 @@
 import type { VaultName } from 'polykey/dist/vaults/types';
 import path from 'path';
 import fs from 'fs';
+import { test } from '@fast-check/jest';
+import fc from 'fast-check';
 import Logger, { LogLevel, StreamHandler } from '@matrixai/logger';
 import PolykeyAgent from 'polykey/dist/PolykeyAgent';
 import { vaultOps } from 'polykey/dist/vaults';
@@ -76,4 +78,42 @@ describe('commandCreateSecret', () => {
     },
     globalThis.defaultTimeout * 2,
   );
+  const fileNameArb = fc.stringMatching(/^[^\0\\/]$/);
+  test.prop([fileNameArb, fileNameArb], { numRuns: 10 })(
+    'secrets handle unix style paths for secrets',
+    async (directoryName, secretName) => {
+      await polykeyAgent.vaultManager.stop();
+      await polykeyAgent.vaultManager.start({ fresh: true });
+      const vaultName = 'Vault1' as VaultName;
+      const vaultId = await polykeyAgent.vaultManager.createVault(vaultName);
+      const secretPath = path.join(dataDir, 'secret');
+      await fs.promises.writeFile(secretPath, 'this is a secret');
+      const vaultsSecretPath = path.join(directoryName, secretName);
+
+      command = [
+        'secrets',
+        'create',
+        '-np',
+        dataDir,
+        secretPath,
+        `${vaultName}:${vaultsSecretPath}`,
+      ];
+
+      const result = await testUtils.pkStdio([...command], {
+        env: {
+          PK_PASSWORD: password,
+        },
+        cwd: dataDir,
+      });
+      expect(result.exitCode).toBe(0);
+
+      await polykeyAgent.vaultManager.withVaults([vaultId], async (vault) => {
+        const list = await vaultOps.listSecrets(vault);
+        expect(list.sort()).toStrictEqual([vaultsSecretPath]);
+        expect(
+          (await vaultOps.getSecret(vault, vaultsSecretPath)).toString(),
+        ).toStrictEqual('this is a secret');
+      });
+    },
+  );
 });