chore: drop support for Node 16

.github/workflows/node.js.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: [16.x]
+        node-version: [18.x, 20.x]
       fail-fast: false
     steps:
       - name: Harden Runner

package.json

@@ -15,7 +15,7 @@
     }
   },
   "engines": {
-    "node": ">=16.0.0"
+    "node": ">=18.0.0"
   },
   "files": [
     "dist"
@@ -56,7 +56,7 @@
     "prepublishOnly": "npm run test && npm run build",
     "start": "node dist/bin/cli.js",
     "build": "rimraf ./dist && tsc --project tsconfig.build.json",
-    "test": "cross-env NODE_ENV=test mocha --parallel",
+    "test": "glob -c \"tsx --test\" \"./src/**/*.spec.ts\"",
     "lint": "eslint ."
   },
   "devDependencies": {
@@ -89,12 +89,15 @@
     "@nodesecure/vulnera": "^1.8.0",
     "@slimio/async-cli-spinner": "^0.5.2",
     "ajv": "^8.11.2",
+    "glob": "^10.3.10",
     "kleur": "^4.1.5",
     "lodash.set": "^4.3.2",
     "pluralize": "^8.0.0",
     "pretty-ms": "^8.0.0",
     "sade": "^1.8.1",
     "table": "^6.8.1",
-    "ts-pattern": "^5.0.1"
+    "ts-pattern": "^5.0.1",
+    "ts-results": "^3.3.0",
+    "tsx": "^4.0.0"
   }
 }

src/analysis/interpretation/interpret.spec.ts

@@ -1,8 +1,11 @@
+// Import Node.js Dependencies
+import assert from "node:assert";
+import { describe, it } from "node:test";
+
 // Import Third-party Dependencies
 import * as JSXRay from "@nodesecure/js-x-ray";
 import { Scanner } from "@nodesecure/scanner";
 import { Strategy } from "@nodesecure/vuln";
-import { expect } from "chai";
 
 // Import Internal Dependencies
 import {
@@ -63,7 +66,7 @@ describe("Pipeline check workflow", () => {
           kDefaultRuntimeConfiguration
         );
 
-        expect(status).equals(pipeline.status.FAILURE);
+        assert.equal(status,pipeline.status.FAILURE);
       });
     });
 
@@ -128,8 +131,8 @@ describe("Pipeline check workflow", () => {
             kDefaultRuntimeConfiguration
           );
 
-          expect(status).equals(pipeline.status.FAILURE);
-          expect(data).to.deep.equal({
+          assert.equal(status,pipeline.status.FAILURE);
+          assert.deepEqual(data,{
             warnings: [],
             dependencies: {
               vulnerabilities: [],
@@ -215,7 +218,7 @@ describe("Pipeline check workflow", () => {
           });
 
           expectNsciPipelineToBeSuccessful(status);
-          expect(data).to.deep.equal({
+          assert.deepEqual(data,{
             warnings: [],
             dependencies: {
               vulnerabilities: [],
@@ -272,7 +275,7 @@ describe("Pipeline check workflow", () => {
                 } as Warnings
               });
 
-              expect(status).equals(pipeline.status.FAILURE);
+              assert.equal(status,pipeline.status.FAILURE);
 
               expectNsciPayloadToHaveWarnings(data.dependencies.warnings, [
                 {
@@ -411,7 +414,7 @@ describe("Pipeline check workflow", () => {
           kDefaultRuntimeConfiguration
         );
 
-        expect(data.dependencies.vulnerabilities.length).to.equal(0);
+        assert.equal(data.dependencies.vulnerabilities.length,0);
       });
 
       describe("When providing default runtime configuration", () => {
@@ -441,7 +444,7 @@ describe("Pipeline check workflow", () => {
               kDefaultRuntimeConfiguration
             );
 
-            expect(status).equals(pipeline.status.FAILURE);
+            assert.equal(status,pipeline.status.FAILURE);
           });
         });
       });
@@ -460,7 +463,7 @@ describe("Pipeline check workflow", () => {
             ignorePatterns
           });
 
-          expect(data.dependencies.warnings).to.deep.equal([]);
+          assert.deepEqual(data.dependencies.warnings,[]);
           expectNsciPipelineToBeSuccessful(status);
         });
 
@@ -477,7 +480,7 @@ describe("Pipeline check workflow", () => {
             ignorePatterns
           });
 
-          expect(data.dependencies.warnings.length).to.above(0);
+          assert.ok(data.dependencies.warnings.length>0);
           expectNsciPipelineToFail(status);
         });
       });
@@ -510,7 +513,7 @@ describe("Pipeline check workflow", () => {
             });
 
             expectNsciPipelineToBeSuccessful(status);
-            expect(data).to.deep.equal({
+            assert.deepEqual(data,{
               warnings: [],
               dependencies: {
                 vulnerabilities: [],
@@ -548,7 +551,7 @@ describe("Pipeline check workflow", () => {
             });
 
             expectNsciPipelineToFail(status);
-            expect(data.dependencies.vulnerabilities[0]).to.deep.equal({
+            assert.deepEqual(data.dependencies.vulnerabilities[0],{
               origin: "npm",
               package: "express",
               title: "Vuln...",
@@ -595,8 +598,8 @@ describe("Pipeline check workflow", () => {
             });
 
             expectNsciPipelineToFail(status);
-            expect(data.dependencies.vulnerabilities.length).to.equal(1);
-            expect(data.dependencies.vulnerabilities[0]).to.deep.equal({
+            assert.equal(data.dependencies.vulnerabilities.length,1);
+            assert.deepEqual(data.dependencies.vulnerabilities[0],{
               origin: "npm",
               package: "express",
               title: "Express vuln that should not be ignored",
@@ -684,11 +687,11 @@ function makePartialScannerDependencies(
 }
 
 function expectNsciPipelineToBeSuccessful(status: pipeline.Status): void {
-  expect(status).equals(pipeline.status.SUCCESS);
+  assert.equal(status,pipeline.status.SUCCESS);
 }
 
 function expectNsciPipelineToFail(status: pipeline.Status): void {
-  expect(status).equals(pipeline.status.FAILURE);
+  assert.equal(status,pipeline.status.FAILURE);
 }
 
 function expectNsciPayloadToHaveWarnings(
@@ -717,5 +720,5 @@ function expectNsciPayloadToHaveWarnings(
     };
   });
 
-  expect(payloadWarnings).to.deep.equal(warnings);
+  assert.deepEqual(payloadWarnings, warnings);
 }

src/configuration/environment/index.spec.ts

@@ -2,11 +2,10 @@
 /* eslint-disable max-nested-callbacks */
 
 // Import Node.js Dependencies
-import fs from "fs";
-import path from "path";
-
-// Import Third-party Dependencies
-import { expect } from "chai";
+import fs from "node:fs";
+import path from "node:path";
+import assert from "node:assert";
+import { after, before, describe, it } from "node:test";
 
 // Import Internal Dependencies
 import { Nsci } from "../standard/index.js";
@@ -58,7 +57,7 @@ function createFixturesFolder(): void {
 }
 
 function deleteFixturesFolder(): void {
-  fs.rmdirSync(kFixturesFolder, { recursive: true });
+  fs.rmSync(kFixturesFolder, { recursive: true });
 }
 
 before(() => createFixturesFolder());
@@ -68,28 +67,28 @@ describe("Environment data collection", () => {
   describe("When traversing the environment", () => {
     describe("When dealing with one single lockfile", () => {
       it("should find the yarn lockfile at the given location", async () => {
-        expect(
+        assert.deepEqual(
           (
             await analyzeEnvironmentContext({
               ...Nsci.defaultNsciRuntimeConfiguration,
               rootDir: getFixtureFolderPath(kFixtureEnvironment.yarn.folderName)
             })
           ).lockFile
-        ).to.deep.equal({
+        ,{
           current: "yarn.lock",
           multiple: false
         });
       });
 
       it("should find the shrinkwrap at the given location", async () => {
-        expect(
+        assert.deepEqual(
           await analyzeEnvironmentContext({
             ...Nsci.defaultNsciRuntimeConfiguration,
             rootDir: getFixtureFolderPath(
               kFixtureEnvironment.shrinkwrap.folderName
             )
           })
-        ).to.deep.equal({
+        ,{
           lockFile: {
             current: "npm-shrinkwrap.json",
             multiple: false
@@ -99,7 +98,7 @@ describe("Environment data collection", () => {
       });
 
       it("should find the package-lock lockfile at the given location", async () => {
-        expect(
+        assert.deepEqual(
           (
             await analyzeEnvironmentContext({
               ...Nsci.defaultNsciRuntimeConfiguration,
@@ -108,14 +107,14 @@ describe("Environment data collection", () => {
               )
             })
           ).lockFile
-        ).to.deep.equal({
+        ,{
           current: "package-lock.json",
           multiple: false
         });
       });
 
       it("should fallback to 'none' when no lockfile is found at the given location", async () => {
-        expect(
+        assert.deepEqual(
           (
             await analyzeEnvironmentContext({
               ...Nsci.defaultNsciRuntimeConfiguration,
@@ -124,7 +123,7 @@ describe("Environment data collection", () => {
               )
             })
           ).lockFile
-        ).to.deep.equal({
+        ,{
           current: "none",
           multiple: false
         });
@@ -133,14 +132,14 @@ describe("Environment data collection", () => {
 
     describe("When dealing with multiple lockfiles", () => {
       it("should keep the package-lock file", async () => {
-        expect(
+        assert.deepEqual(
           await analyzeEnvironmentContext({
             ...Nsci.defaultNsciRuntimeConfiguration,
             rootDir: getFixtureFolderPath(
               kFixtureEnvironment.multipleLockFiles.folderName
             )
           })
-        ).to.deep.equal({
+        ,{
           lockFile: {
             current: "package-lock.json",
             multiple: true
@@ -153,29 +152,29 @@ describe("Environment data collection", () => {
     describe("When providing a strategy not compatible with the environment", () => {
       describe("When the lockfile is missing or incompatible with the environment", () => {
         it("should fallback to 'SONATYPE' strategy", async () => {
-          expect(
+          assert.deepEqual(
             await analyzeEnvironmentContext({
               ...Nsci.defaultNsciRuntimeConfiguration,
               strategy: "NPM_AUDIT",
               rootDir: getFixtureFolderPath(kFixtureEnvironment.yarn.folderName)
             })
-          ).to.deep.equal({
+          ,{
             lockFile: {
               current: "yarn.lock",
               multiple: false
             },
             compatibleStrategy: "SONATYPE"
           });
 
-          expect(
+          assert.deepEqual(
             await analyzeEnvironmentContext({
               ...Nsci.defaultNsciRuntimeConfiguration,
               strategy: "NPM_AUDIT",
               rootDir: getFixtureFolderPath(
                 kFixtureEnvironment.noLockFile.folderName
               )
             })
-          ).to.deep.equal({
+          ,{
             lockFile: {
               current: "none",
               multiple: false
@@ -189,15 +188,15 @@ describe("Environment data collection", () => {
     describe("When providing a strategy compatible with every environment", () => {
       it("should not fallback to any strategy", async () => {
         const SAME_NODE_STRATEGY = "SECURITY_WG";
-        expect(
+        assert.deepEqual(
           await analyzeEnvironmentContext({
             ...Nsci.defaultNsciRuntimeConfiguration,
             strategy: SAME_NODE_STRATEGY,
             rootDir: getFixtureFolderPath(
               kFixtureEnvironment.shrinkwrap.folderName
             )
           })
-        ).to.deep.equal({
+        ,{
           lockFile: {
             current: "npm-shrinkwrap.json",
             multiple: false
@@ -207,13 +206,13 @@ describe("Environment data collection", () => {
 
         const SAME_NONE_STRATEGY = "NONE";
 
-        expect(
+        assert.deepEqual(
           await analyzeEnvironmentContext({
             ...Nsci.defaultNsciRuntimeConfiguration,
             strategy: SAME_NONE_STRATEGY,
             rootDir: getFixtureFolderPath(kFixtureEnvironment.yarn.folderName)
           })
-        ).to.deep.equal({
+        ,{
           lockFile: {
             current: "yarn.lock",
             multiple: false