From 00c8094301fb83f4d95d872aa3d9c016a218333d Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Thu, 9 Jun 2022 22:44:26 +0200 Subject: [PATCH 01/25] feat: add getIngoreFile fn --- package-lock.json | 193 +++++++++--------- package.json | 1 + .../external/nodesecure/ignore-file.ts | 33 +++ .../external/nodesecure/index.spec.ts | 31 +++ .../external/nodesecure/index.ts | 24 +++ src/reporting/run.ts | 9 +- 6 files changed, 191 insertions(+), 100 deletions(-) create mode 100644 src/configuration/external/nodesecure/ignore-file.ts create mode 100644 src/configuration/external/nodesecure/index.spec.ts diff --git a/package-lock.json b/package-lock.json index 5796e7f..0e05816 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,6 +13,7 @@ "@nodesecure/scanner": "^3.3.0", "@nodesecure/vuln": "^1.4.0", "@slimio/async-cli-spinner": "^0.5.2", + "ajv": "^8.11.0", "kleur": "^4.1.4", "lodash.set": "^4.3.2", "pluralize": "^8.0.0", @@ -544,6 +545,22 @@ "node": "^12.22.0 || ^14.17.0 || >=16.0.0" } }, + "node_modules/@eslint/eslintrc/node_modules/ajv": { + "version": "6.12.6", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "dev": true, + "dependencies": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/epoberezkin" + } + }, "node_modules/@eslint/eslintrc/node_modules/globals": { "version": "13.12.0", "resolved": "https://registry.npmjs.org/globals/-/globals-13.12.0.tgz", @@ -559,6 +576,12 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/@eslint/eslintrc/node_modules/json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, "node_modules/@gar/promisify": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/@gar/promisify/-/promisify-1.1.2.tgz", @@ -1067,26 +1090,6 @@ "npm": ">=6.0.0" } }, - "node_modules/@slimio/config/node_modules/ajv": { - "version": "8.10.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.10.0.tgz", - "integrity": "sha512-bzqAEZOjkrUMl2afH8dknrq5KEk2SrwdBROR+vH1EKVQTqaUbJVPdc/gEdggTMM0Se+s+Ja4ju4TlNcStKl2Hw==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/@slimio/config/node_modules/json-schema-traverse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", - "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" - }, "node_modules/@slimio/github": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/@slimio/github/-/github-1.0.0.tgz", @@ -1466,14 +1469,13 @@ } }, "node_modules/ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dev": true, + "version": "8.11.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.11.0.tgz", + "integrity": "sha512-wGgprdCvMalC0BztXvitD2hC04YffAvtsUn93JbGXYLAtCUO4xd17mCCZQxUOItiBwZvJScWo8NIvQMQ71rdpg==", "dependencies": { "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", + "json-schema-traverse": "^1.0.0", + "require-from-string": "^2.0.2", "uri-js": "^4.2.2" }, "funding": { @@ -2569,6 +2571,22 @@ "node": "^12.22.0 || ^14.17.0 || >=16.0.0" } }, + "node_modules/eslint/node_modules/ajv": { + "version": "6.12.6", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "dev": true, + "dependencies": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/epoberezkin" + } + }, "node_modules/eslint/node_modules/eslint-scope": { "version": "7.1.0", "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.1.0.tgz", @@ -2609,6 +2627,12 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/eslint/node_modules/json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, "node_modules/espree": { "version": "9.2.0", "resolved": "https://registry.npmjs.org/espree/-/espree-9.2.0.tgz", @@ -3595,10 +3619,9 @@ "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==" }, "node_modules/json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", - "dev": true + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" }, "node_modules/json-stable-stringify-without-jsonify": { "version": "1.0.1", @@ -5252,26 +5275,6 @@ "node": ">=10.0.0" } }, - "node_modules/table/node_modules/ajv": { - "version": "8.10.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.10.0.tgz", - "integrity": "sha512-bzqAEZOjkrUMl2afH8dknrq5KEk2SrwdBROR+vH1EKVQTqaUbJVPdc/gEdggTMM0Se+s+Ja4ju4TlNcStKl2Hw==", - "dependencies": { - "fast-deep-equal": "^3.1.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" - }, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/epoberezkin" - } - }, - "node_modules/table/node_modules/json-schema-traverse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", - "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" - }, "node_modules/tar": { "version": "6.1.11", "resolved": "https://registry.npmjs.org/tar/-/tar-6.1.11.tgz", @@ -6185,6 +6188,18 @@ "strip-json-comments": "^3.1.1" }, "dependencies": { + "ajv": { + "version": "6.12.6", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "dev": true, + "requires": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, "globals": { "version": "13.12.0", "resolved": "https://registry.npmjs.org/globals/-/globals-13.12.0.tgz", @@ -6193,6 +6208,12 @@ "requires": { "type-fest": "^0.20.2" } + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true } } }, @@ -6620,24 +6641,6 @@ "lodash.set": "^4.3.2", "node-watch": "^0.7.2", "zen-observable": "^0.8.15" - }, - "dependencies": { - "ajv": { - "version": "8.10.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.10.0.tgz", - "integrity": "sha512-bzqAEZOjkrUMl2afH8dknrq5KEk2SrwdBROR+vH1EKVQTqaUbJVPdc/gEdggTMM0Se+s+Ja4ju4TlNcStKl2Hw==", - "requires": { - "fast-deep-equal": "^3.1.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" - } - }, - "json-schema-traverse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", - "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" - } } }, "@slimio/github": { @@ -6909,14 +6912,13 @@ } }, "ajv": { - "version": "6.12.6", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", - "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", - "dev": true, + "version": "8.11.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.11.0.tgz", + "integrity": "sha512-wGgprdCvMalC0BztXvitD2hC04YffAvtsUn93JbGXYLAtCUO4xd17mCCZQxUOItiBwZvJScWo8NIvQMQ71rdpg==", "requires": { "fast-deep-equal": "^3.1.1", - "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.4.1", + "json-schema-traverse": "^1.0.0", + "require-from-string": "^2.0.2", "uri-js": "^4.2.2" } }, @@ -7573,6 +7575,18 @@ "v8-compile-cache": "^2.0.3" }, "dependencies": { + "ajv": { + "version": "6.12.6", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "dev": true, + "requires": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, "eslint-scope": { "version": "7.1.0", "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.1.0.tgz", @@ -7600,6 +7614,12 @@ "requires": { "type-fest": "^0.20.2" } + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true } } }, @@ -8489,10 +8509,9 @@ "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==" }, "json-schema-traverse": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", - "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", - "dev": true + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" }, "json-stable-stringify-without-jsonify": { "version": "1.0.1", @@ -9699,24 +9718,6 @@ "slice-ansi": "^4.0.0", "string-width": "^4.2.3", "strip-ansi": "^6.0.1" - }, - "dependencies": { - "ajv": { - "version": "8.10.0", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.10.0.tgz", - "integrity": "sha512-bzqAEZOjkrUMl2afH8dknrq5KEk2SrwdBROR+vH1EKVQTqaUbJVPdc/gEdggTMM0Se+s+Ja4ju4TlNcStKl2Hw==", - "requires": { - "fast-deep-equal": "^3.1.1", - "json-schema-traverse": "^1.0.0", - "require-from-string": "^2.0.2", - "uri-js": "^4.2.2" - } - }, - "json-schema-traverse": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", - "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" - } } }, "tar": { diff --git a/package.json b/package.json index 66eec6d..aa418e7 100644 --- a/package.json +++ b/package.json @@ -83,6 +83,7 @@ "@nodesecure/scanner": "^3.3.0", "@nodesecure/vuln": "^1.4.0", "@slimio/async-cli-spinner": "^0.5.2", + "ajv": "^8.11.0", "kleur": "^4.1.4", "lodash.set": "^4.3.2", "pluralize": "^8.0.0", diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts new file mode 100644 index 0000000..e15d543 --- /dev/null +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -0,0 +1,33 @@ +import Validator from "ajv"; + +export interface IgnoreFile { + warnings?: Record; +} + +const kIgnoreFileSchema = { + type: "object", + properties: { + warnings: { + type: "object", + patternProperties: { + "^[0-9]{2,6}$": { + type: "array", + items: { + type: "string" + } + } + } + } + }, + additionalProperties: false +} as const; + +export function validateIgnoreFile( + ignoreFile: string, +): boolean { + const validator = new Validator(); + const isValid = validator.validate(kIgnoreFileSchema, ignoreFile); + + return isValid; +} + diff --git a/src/configuration/external/nodesecure/index.spec.ts b/src/configuration/external/nodesecure/index.spec.ts new file mode 100644 index 0000000..6778621 --- /dev/null +++ b/src/configuration/external/nodesecure/index.spec.ts @@ -0,0 +1,31 @@ +// Third-party Dependencies +import { expect } from "chai"; + +// Internal Dependencies +import { getIgnoreFile } from "./index"; + +describe('getIgnoreFile', () => { + it("should return empty object if file doen't exist", async () => { + const readFileWillThrow = () => { throw new Error("boom") }; + + const result = await getIgnoreFile({ readFile: readFileWillThrow }); + + expect(result).to.be.empty; + }); + + it("should return empty object if file format is invalid", async () => { + const invalidIgnoreFile = JSON.stringify({ foo: "bar" }); + + const result = await getIgnoreFile({ readFile: () => invalidIgnoreFile }); + + expect(result).to.be.empty; + }); + + it("should return the ignore file if it's valid", async () => { + const validIgnoreFile = { warnings: {} }; + + const result = await getIgnoreFile({ readFile: () => JSON.stringify(validIgnoreFile) }); + + expect(result).to.be.deep.equal(validIgnoreFile); + }); +}) diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index 51c21d5..16118c9 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -1,9 +1,15 @@ +// Node.Js Dependencies +import { readFile } from "fs/promises"; +import { join, dirname } from "path"; +import { fileURLToPath } from "url"; + // Import Third-party Dependencies import { RC as NodeSecureRuntimeConfig, read } from "@nodesecure/rc"; import { match } from "ts-pattern"; import type { Result } from "ts-results"; // Import Internal Dependencies +import { validateIgnoreFile, IgnoreFile } from "./ignore-file"; import { Maybe } from "../../../types/index.js"; import { defaultExternalConfigOptions, @@ -55,6 +61,24 @@ export async function getNodeSecureConfig(): Promise< return interpretNodeSecureConfigResult(config); } +// Note: ctx object is used for testing purposes +export async function getIgnoreFile(ctx: { readFile?: any } = { readFile }): Promise { + try { + const __dirname = dirname(fileURLToPath(import.meta.url)); + const ignoreFile = await ctx.readFile(join(__dirname, ".nsci-ignore"), "utf8"); + const ignoreObject = JSON.parse(ignoreFile); + const isValid = validateIgnoreFile(ignoreObject); + if (!isValid) { + return {}; + } + return JSON.parse(ignoreFile) as IgnoreFile; + + } + catch (error) { + return {}; + } +} + function adaptNodeSecureConfigToExternalConfig( runtimeConfig: NodeSecureRuntimeConfig ): ExternalRuntimeConfiguration { diff --git a/src/reporting/run.ts b/src/reporting/run.ts index b97fe66..eaacd7b 100644 --- a/src/reporting/run.ts +++ b/src/reporting/run.ts @@ -84,15 +84,16 @@ async function runPayloadChecks( return interpretedPayload; } +type PipelineOptions = (ApiConfig | CliConfig) & { + autoExitAfterFailure: boolean; +} + export async function runPipeline( - options: (ApiConfig | CliConfig) & { - autoExitAfterFailure: boolean; - } = { ...defaultExternalConfigOptions, autoExitAfterFailure: true } + options: PipelineOptions = { ...defaultExternalConfigOptions, autoExitAfterFailure: true } ): Promise> { try { const defaultAutoExitAfterFailure = (options && options.autoExitAfterFailure) ?? true; - const runtimeConfig = await useRuntimeConfig(options); const analysisPayload = await runScannerAnalysis(runtimeConfig); From 04c234e3c16fd59d198a66e434ea501d37f1921b Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Sun, 19 Jun 2022 12:35:07 +0200 Subject: [PATCH 02/25] chore: delete di and use mock-fs --- package-lock.json | 35 +++++++++++++++++++ package.json | 2 ++ .../external/nodesecure/ignore-file.ts | 2 ++ .../external/nodesecure/index.spec.ts | 30 +++++++++++----- .../external/nodesecure/index.ts | 13 ++++--- 5 files changed, 69 insertions(+), 13 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0e05816..e170706 100644 --- a/package-lock.json +++ b/package-lock.json @@ -30,6 +30,7 @@ "@types/chai": "^4.3.0", "@types/lodash.set": "^4.3.6", "@types/mocha": "^9.0.0", + "@types/mock-fs": "^4.13.1", "@types/node": "^16.11.12", "@types/pluralize": "^0.0.29", "@types/sade": "^1.7.4", @@ -39,6 +40,7 @@ "eslint-import-resolver-typescript": "^2.5.0", "eslint-plugin-prettier": "^4.0.0", "mocha": "^9.1.4", + "mock-fs": "^5.1.2", "prettier": "^2.5.1", "rimraf": "^3.0.2", "ts-node": "^10.4.0", @@ -1198,6 +1200,15 @@ "integrity": "sha512-scN0hAWyLVAvLR9AyW7HoFF5sJZglyBsbPuHO4fv7JRvfmPBMfp1ozWqOf/e4wwPNxezBZXRfWzMb6iFLgEVRA==", "dev": true }, + "node_modules/@types/mock-fs": { + "version": "4.13.1", + "resolved": "https://registry.npmjs.org/@types/mock-fs/-/mock-fs-4.13.1.tgz", + "integrity": "sha512-m6nFAJ3lBSnqbvDZioawRvpLXSaPyn52Srf7OfzjubYbYX8MTUdIgDxQl0wEapm4m/pNYSd9TXocpQ0TvZFlYA==", + "dev": true, + "dependencies": { + "@types/node": "*" + } + }, "node_modules/@types/mri": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/@types/mri/-/mri-1.1.1.tgz", @@ -4100,6 +4111,15 @@ "url": "https://github.com/chalk/supports-color?sponsor=1" } }, + "node_modules/mock-fs": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/mock-fs/-/mock-fs-5.1.2.tgz", + "integrity": "sha512-YkjQkdLulFrz0vD4BfNQdQRVmgycXTV7ykuHMlyv+C8WCHazpkiQRDthwa02kSyo8wKnY9wRptHfQLgmf0eR+A==", + "dev": true, + "engines": { + "node": ">=12.0.0" + } + }, "node_modules/mri": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/mri/-/mri-1.2.0.tgz", @@ -6736,6 +6756,15 @@ "integrity": "sha512-scN0hAWyLVAvLR9AyW7HoFF5sJZglyBsbPuHO4fv7JRvfmPBMfp1ozWqOf/e4wwPNxezBZXRfWzMb6iFLgEVRA==", "dev": true }, + "@types/mock-fs": { + "version": "4.13.1", + "resolved": "https://registry.npmjs.org/@types/mock-fs/-/mock-fs-4.13.1.tgz", + "integrity": "sha512-m6nFAJ3lBSnqbvDZioawRvpLXSaPyn52Srf7OfzjubYbYX8MTUdIgDxQl0wEapm4m/pNYSd9TXocpQ0TvZFlYA==", + "dev": true, + "requires": { + "@types/node": "*" + } + }, "@types/mri": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/@types/mri/-/mri-1.1.1.tgz", @@ -8870,6 +8899,12 @@ } } }, + "mock-fs": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/mock-fs/-/mock-fs-5.1.2.tgz", + "integrity": "sha512-YkjQkdLulFrz0vD4BfNQdQRVmgycXTV7ykuHMlyv+C8WCHazpkiQRDthwa02kSyo8wKnY9wRptHfQLgmf0eR+A==", + "dev": true + }, "mri": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/mri/-/mri-1.2.0.tgz", diff --git a/package.json b/package.json index aa418e7..0fcedb5 100644 --- a/package.json +++ b/package.json @@ -64,6 +64,7 @@ "@types/chai": "^4.3.0", "@types/lodash.set": "^4.3.6", "@types/mocha": "^9.0.0", + "@types/mock-fs": "^4.13.1", "@types/node": "^16.11.12", "@types/pluralize": "^0.0.29", "@types/sade": "^1.7.4", @@ -73,6 +74,7 @@ "eslint-import-resolver-typescript": "^2.5.0", "eslint-plugin-prettier": "^4.0.0", "mocha": "^9.1.4", + "mock-fs": "^5.1.2", "prettier": "^2.5.1", "rimraf": "^3.0.2", "ts-node": "^10.4.0", diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts index e15d543..4e17ab5 100644 --- a/src/configuration/external/nodesecure/ignore-file.ts +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -22,6 +22,8 @@ const kIgnoreFileSchema = { additionalProperties: false } as const; +export const kIgnoreFileName = ".nsci-ignore"; + export function validateIgnoreFile( ignoreFile: string, ): boolean { diff --git a/src/configuration/external/nodesecure/index.spec.ts b/src/configuration/external/nodesecure/index.spec.ts index 6778621..c388422 100644 --- a/src/configuration/external/nodesecure/index.spec.ts +++ b/src/configuration/external/nodesecure/index.spec.ts @@ -1,31 +1,45 @@ // Third-party Dependencies import { expect } from "chai"; +import mock from "mock-fs"; // Internal Dependencies -import { getIgnoreFile } from "./index"; +import { getIgnoreFile, kIgnoreFilePath } from "./index"; describe('getIgnoreFile', () => { it("should return empty object if file doen't exist", async () => { - const readFileWillThrow = () => { throw new Error("boom") }; - - const result = await getIgnoreFile({ readFile: readFileWillThrow }); + const result = await getIgnoreFile(); expect(result).to.be.empty; }); it("should return empty object if file format is invalid", async () => { - const invalidIgnoreFile = JSON.stringify({ foo: "bar" }); + const invalidIgnoreFile = { foo: "bar" }; + createFakeIgnoreFile(JSON.stringify(invalidIgnoreFile)); - const result = await getIgnoreFile({ readFile: () => invalidIgnoreFile }); + const result = await getIgnoreFile(); expect(result).to.be.empty; + mock.restore(); }); it("should return the ignore file if it's valid", async () => { const validIgnoreFile = { warnings: {} }; + createFakeIgnoreFile(JSON.stringify(validIgnoreFile)); - const result = await getIgnoreFile({ readFile: () => JSON.stringify(validIgnoreFile) }); + const result = await getIgnoreFile(); expect(result).to.be.deep.equal(validIgnoreFile); + mock.restore(); }); -}) +}); + +/** + * HELPERS + */ + +function createFakeIgnoreFile(fileContent: string) { + mock({ + [kIgnoreFilePath]: Buffer.from(fileContent) + }, {} as any); +} + diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index 16118c9..8fc3e24 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -9,7 +9,7 @@ import { match } from "ts-pattern"; import type { Result } from "ts-results"; // Import Internal Dependencies -import { validateIgnoreFile, IgnoreFile } from "./ignore-file"; +import { validateIgnoreFile, kIgnoreFileName, IgnoreFile } from "./ignore-file"; import { Maybe } from "../../../types/index.js"; import { defaultExternalConfigOptions, @@ -17,6 +17,10 @@ import { ExternalRuntimeConfiguration } from "../common.js"; +const __dirname = dirname(fileURLToPath(import.meta.url)); +const kRootPath = join(__dirname, "..", "..", ".."); +export const kIgnoreFilePath = join(kRootPath, kIgnoreFileName); + function interpretNodeSecureConfigResult( config: Result ): NodeSecureRuntimeConfig | undefined { @@ -62,10 +66,9 @@ export async function getNodeSecureConfig(): Promise< } // Note: ctx object is used for testing purposes -export async function getIgnoreFile(ctx: { readFile?: any } = { readFile }): Promise { +export async function getIgnoreFile(): Promise { try { - const __dirname = dirname(fileURLToPath(import.meta.url)); - const ignoreFile = await ctx.readFile(join(__dirname, ".nsci-ignore"), "utf8"); + const ignoreFile = await readFile(kIgnoreFilePath, "utf8"); const ignoreObject = JSON.parse(ignoreFile); const isValid = validateIgnoreFile(ignoreObject); if (!isValid) { @@ -74,7 +77,7 @@ export async function getIgnoreFile(ctx: { readFile?: any } = { readFile }): Pr return JSON.parse(ignoreFile) as IgnoreFile; } - catch (error) { + catch (error: any) { return {}; } } From a8756bc98d7527f3972aacffdaecfb35fb656c3c Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Sun, 19 Jun 2022 18:21:05 +0200 Subject: [PATCH 03/25] feat: make validator return error --- src/configuration/external/nodesecure/ignore-file.ts | 12 ++++++++---- src/configuration/external/nodesecure/index.ts | 10 +++++++--- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts index 4e17ab5..5d6b730 100644 --- a/src/configuration/external/nodesecure/ignore-file.ts +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -26,10 +26,14 @@ export const kIgnoreFileName = ".nsci-ignore"; export function validateIgnoreFile( ignoreFile: string, -): boolean { +): { isValid: boolean; error?: string } { const validator = new Validator(); - const isValid = validator.validate(kIgnoreFileSchema, ignoreFile); - - return isValid; + const validate = validator.compile(kIgnoreFileSchema); + const isValid = validate(ignoreFile); + + return { + isValid, + error: validate.errors ? validate?.errors[0]?.message : undefined + }; } diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index 8fc3e24..c59b0cf 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -10,13 +10,15 @@ import type { Result } from "ts-results"; // Import Internal Dependencies import { validateIgnoreFile, kIgnoreFileName, IgnoreFile } from "./ignore-file"; -import { Maybe } from "../../../types/index.js"; import { defaultExternalConfigOptions, ExternalConfigAdapter, ExternalRuntimeConfiguration } from "../common.js"; +import { Maybe } from "../../../types/index.js"; +import { consolePrinter } from "../../../../lib/console-printer"; +const { font: log } = consolePrinter; const __dirname = dirname(fileURLToPath(import.meta.url)); const kRootPath = join(__dirname, "..", "..", ".."); export const kIgnoreFilePath = join(kRootPath, kIgnoreFileName); @@ -65,19 +67,21 @@ export async function getNodeSecureConfig(): Promise< return interpretNodeSecureConfigResult(config); } -// Note: ctx object is used for testing purposes export async function getIgnoreFile(): Promise { try { const ignoreFile = await readFile(kIgnoreFilePath, "utf8"); const ignoreObject = JSON.parse(ignoreFile); - const isValid = validateIgnoreFile(ignoreObject); + const { isValid, error } = validateIgnoreFile(ignoreObject); if (!isValid) { + log.error(`Invalid ignore file: ${error}, empty one will be used instead`).print(); return {}; } + log.success("Ignore file loaded").print(); return JSON.parse(ignoreFile) as IgnoreFile; } catch (error: any) { + log.error(`Cannot load ignore file: ${error.message}`).print(); return {}; } } From dc9153fe7e9d1b5a119ab1eda08b7e00c08091a7 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Sun, 19 Jun 2022 18:25:54 +0200 Subject: [PATCH 04/25] fix: root path --- src/configuration/external/nodesecure/index.ts | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index c59b0cf..d43cd24 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -20,7 +20,7 @@ import { consolePrinter } from "../../../../lib/console-printer"; const { font: log } = consolePrinter; const __dirname = dirname(fileURLToPath(import.meta.url)); -const kRootPath = join(__dirname, "..", "..", ".."); +const kRootPath = join(__dirname, "..", "..", "..", ".."); export const kIgnoreFilePath = join(kRootPath, kIgnoreFileName); function interpretNodeSecureConfigResult( @@ -73,15 +73,15 @@ export async function getIgnoreFile(): Promise { const ignoreObject = JSON.parse(ignoreFile); const { isValid, error } = validateIgnoreFile(ignoreObject); if (!isValid) { - log.error(`Invalid ignore file: ${error}, empty one will be used instead`).print(); + log.error(`x Invalid ignore file: ${error}, empty one will be used instead`).print(); return {}; } - log.success("Ignore file loaded").print(); + log.success("✔ Ignore file loaded").print(); return JSON.parse(ignoreFile) as IgnoreFile; } catch (error: any) { - log.error(`Cannot load ignore file: ${error.message}`).print(); + log.error(`x Cannot load ignore file: ${error.message}`).print(); return {}; } } From 0845d8d9fea9d1a90af35b2dc53e29547048f480 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Mon, 20 Jun 2022 17:14:24 +0200 Subject: [PATCH 05/25] feat: add base filter --- src/analysis/interpretation/interpret.spec.ts | 48 ++++++++++++++++++- src/analysis/interpretation/interpret.ts | 34 ++++++++++++- src/configuration/external/adapt.ts | 5 +- .../external/nodesecure/ignore-file.ts | 42 +++++++++++----- .../external/nodesecure/index.spec.ts | 24 ++++++---- .../external/nodesecure/index.ts | 31 ++++++++---- .../external/standardize.spec.ts | 7 ++- src/configuration/external/standardize.ts | 7 ++- src/configuration/manage.ts | 9 +++- src/configuration/standard/nsci.ts | 10 +++- src/reporting/run.ts | 7 ++- 11 files changed, 181 insertions(+), 43 deletions(-) diff --git a/src/analysis/interpretation/interpret.spec.ts b/src/analysis/interpretation/interpret.spec.ts index 9019f1c..68c7e85 100644 --- a/src/analysis/interpretation/interpret.spec.ts +++ b/src/analysis/interpretation/interpret.spec.ts @@ -4,10 +4,18 @@ import { StandardVulnerability } from "@nodesecure/vuln/types/strategy"; import { expect } from "chai"; // Import Internal Dependencies +import { + IgnorePatterns, + IgnoreWarningsPatterns +} from "../../configuration/external/nodesecure/ignore-file"; import { Nsci } from "../../configuration/standard/index.js"; import * as pipeline from "../../reporting/status.js"; +import { DependencyWarning } from "../../types/index.js"; -import { runPayloadInterpreter } from "./interpret.js"; +import { + runPayloadInterpreter, + filterDependenciesWarnings +} from "./interpret.js"; // CONSTANTS const kDefaultRuntimeConfiguration: Nsci.Configuration = { @@ -15,7 +23,8 @@ const kDefaultRuntimeConfiguration: Nsci.Configuration = { strategy: Nsci.vulnStrategy.npm, reporters: [Nsci.reporterTarget.CONSOLE], vulnerabilitySeverity: Nsci.vulnSeverity.ALL, - warnings: Nsci.warnings.ERROR + warnings: Nsci.warnings.ERROR, + ignorePatterns: IgnorePatterns.default() }; const kDefaultScannerPayload: Scanner.Payload = { @@ -27,6 +36,41 @@ const kDefaultScannerPayload: Scanner.Payload = { vulnerabilityStrategy: "npm" }; +describe("filterDependenciesWarnings", () => { + it("should not filter warnings if ignorePatterns.warnings is an empty object", () => { + const warnings: DependencyWarning[] = []; + const emptyIgnorePatterns: IgnorePatterns = IgnorePatterns.default(); + + const filteredWarnings = filterDependenciesWarnings( + warnings, + emptyIgnorePatterns + ); + + expect(filteredWarnings).to.deep.equal(warnings); + }); + + it("should filter warnings if ignorePatterns.warnings is not an empty object", () => { + const warnings: DependencyWarning[] = [ + { + package: "lodash.difference", + warnings: [{ kind: "unsafe-stmt", location: {} as any }] + } + ]; + const ignorePatterns: IgnorePatterns = { + warnings: new IgnoreWarningsPatterns({ + "unsafe-stmt": ["lodash.difference"] + }) + }; + + const filteredWarnings = filterDependenciesWarnings( + warnings, + ignorePatterns + ); + + expect(filteredWarnings).to.deep.equal([]); + }); +}); + /* eslint-disable max-nested-callbacks */ describe("Pipeline check workflow", () => { describe("When running the payload interpreter", () => { diff --git a/src/analysis/interpretation/interpret.ts b/src/analysis/interpretation/interpret.ts index 306ac14..c0f6669 100644 --- a/src/analysis/interpretation/interpret.ts +++ b/src/analysis/interpretation/interpret.ts @@ -4,8 +4,10 @@ import { GlobalWarning } from "@nodesecure/scanner/types/scanner"; import set from "lodash.set"; // Import Internal Dependencies +import { IgnorePatterns } from "../../configuration/external/nodesecure/ignore-file.js"; import { Nsci } from "../../configuration/standard/index.js"; import { pipeline } from "../../reporting/index.js"; +import { DependencyWarning } from "../../types/index.js"; import { extractScannerPayload, WorkableVulnerability @@ -76,6 +78,32 @@ function interpretPayloadChecks( }; } +export function filterDependenciesWarnings( + dependenciesWarnings: DependencyWarning[], + ignorePatterns: IgnorePatterns +): DependencyWarning[] { + const isWarningsEmpty = + ignorePatterns.warnings === undefined || + Object.keys(ignorePatterns?.warnings).length === 0; + if (isWarningsEmpty) { + return dependenciesWarnings; + } + + return dependenciesWarnings.filter(function excludeIgnorableWarnings( + dependencyWarnings + ) { + if ( + dependencyWarnings.warnings.find((w) => + ignorePatterns.warnings.has(w.kind, dependencyWarnings.package) + ) + ) { + return false; + } + + return true; + }); +} + /** * This interpreter accumulates each Check Function output in order to determine * a global pipeline status and at the same time compact the original payload to @@ -89,11 +117,15 @@ export function runPayloadInterpreter( rc: Nsci.Configuration ): OutcomePayloadFromPipelineChecks { const { warnings, dependencies } = extractScannerPayload(payload); + const filteredDependencies = filterDependenciesWarnings( + dependencies.warnings, + rc.ignorePatterns + ); /* eslint-disable @typescript-eslint/explicit-function-return-type */ return interpretPayloadChecks([ () => checkGlobalWarnings(warnings), - () => checkDependenciesWarnings(dependencies.warnings, rc), + () => checkDependenciesWarnings(filteredDependencies, rc), () => checkDependenciesVulns(dependencies.vulnerabilities, rc) ]); } diff --git a/src/configuration/external/adapt.ts b/src/configuration/external/adapt.ts index 5884889..b241548 100644 --- a/src/configuration/external/adapt.ts +++ b/src/configuration/external/adapt.ts @@ -3,6 +3,7 @@ import { constants, accessSync } from "fs"; import { resolve } from "path"; // Import Internal Dependencies +import { IgnoreWarningsPatterns } from "../external/nodesecure/ignore-file"; import { Nsci } from "../standard/index.js"; import { @@ -121,6 +122,8 @@ export function adaptExternalToStandardConfiguration( reporters: adaptReporters(reporters), strategy: adaptStrategy(strategy), vulnerabilitySeverity: adaptSeverity(vulnerabilities), - warnings: adaptWarnings(warnings) + warnings: adaptWarnings(warnings), + // TODO(tony): check where this is call before merging + ignorePatterns: { warnings: new IgnoreWarningsPatterns() } }; } diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts index 5d6b730..4ed7af6 100644 --- a/src/configuration/external/nodesecure/ignore-file.ts +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -1,7 +1,27 @@ import Validator from "ajv"; -export interface IgnoreFile { - warnings?: Record; +export class IgnorePatterns { + public warnings: IgnoreWarningsPatterns; + + constructor(warnings: IgnoreWarningsPatterns = new IgnoreWarningsPatterns()) { + this.warnings = warnings; + } + + static default(): IgnorePatterns { + return new IgnorePatterns(); + } +} + +export class IgnoreWarningsPatterns { + public entries: Record; + + constructor(entries: Record = {}) { + this.entries = entries; + } + + has(warning: string, pkg: string): boolean { + return this.entries[warning]?.includes(pkg); + } } const kIgnoreFileSchema = { @@ -24,16 +44,16 @@ const kIgnoreFileSchema = { export const kIgnoreFileName = ".nsci-ignore"; -export function validateIgnoreFile( - ignoreFile: string, -): { isValid: boolean; error?: string } { +export function validateIgnoreFile(ignoreFile: string): { + isValid: boolean; + error?: string; +} { const validator = new Validator(); const validate = validator.compile(kIgnoreFileSchema); const isValid = validate(ignoreFile); - - return { - isValid, - error: validate.errors ? validate?.errors[0]?.message : undefined - }; -} + return { + isValid, + error: validate.errors ? validate?.errors[0]?.message : undefined + }; +} diff --git a/src/configuration/external/nodesecure/index.spec.ts b/src/configuration/external/nodesecure/index.spec.ts index c388422..e147be0 100644 --- a/src/configuration/external/nodesecure/index.spec.ts +++ b/src/configuration/external/nodesecure/index.spec.ts @@ -1,15 +1,19 @@ // Third-party Dependencies -import { expect } from "chai"; +import { expect } from "chai"; import mock from "mock-fs"; // Internal Dependencies +import { IgnorePatterns } from "./ignore-file"; + import { getIgnoreFile, kIgnoreFilePath } from "./index"; -describe('getIgnoreFile', () => { +describe("getIgnoreFile", () => { + const kDefaultIgnoreFileContent = IgnorePatterns.default(); + it("should return empty object if file doen't exist", async () => { const result = await getIgnoreFile(); - expect(result).to.be.empty; + expect(result).deep.equal(kDefaultIgnoreFileContent); }); it("should return empty object if file format is invalid", async () => { @@ -18,7 +22,7 @@ describe('getIgnoreFile', () => { const result = await getIgnoreFile(); - expect(result).to.be.empty; + expect(result).deep.equal(kDefaultIgnoreFileContent); mock.restore(); }); @@ -37,9 +41,11 @@ describe('getIgnoreFile', () => { * HELPERS */ -function createFakeIgnoreFile(fileContent: string) { - mock({ - [kIgnoreFilePath]: Buffer.from(fileContent) - }, {} as any); +function createFakeIgnoreFile(fileContent: string): void { + mock( + { + [kIgnoreFilePath]: Buffer.from(fileContent) + }, + {} as any + ); } - diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index d43cd24..34bd54e 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -9,14 +9,20 @@ import { match } from "ts-pattern"; import type { Result } from "ts-results"; // Import Internal Dependencies -import { validateIgnoreFile, kIgnoreFileName, IgnoreFile } from "./ignore-file"; +import { consolePrinter } from "../../../../lib/console-printer"; +import { Maybe } from "../../../types/index.js"; import { defaultExternalConfigOptions, ExternalConfigAdapter, ExternalRuntimeConfiguration } from "../common.js"; -import { Maybe } from "../../../types/index.js"; -import { consolePrinter } from "../../../../lib/console-printer"; + +import { + validateIgnoreFile, + kIgnoreFileName, + IgnorePatterns, + IgnoreWarningsPatterns +} from "./ignore-file"; const { font: log } = consolePrinter; const __dirname = dirname(fileURLToPath(import.meta.url)); @@ -67,22 +73,27 @@ export async function getNodeSecureConfig(): Promise< return interpretNodeSecureConfigResult(config); } -export async function getIgnoreFile(): Promise { +export async function getIgnoreFile(): Promise { try { const ignoreFile = await readFile(kIgnoreFilePath, "utf8"); const ignoreObject = JSON.parse(ignoreFile); const { isValid, error } = validateIgnoreFile(ignoreObject); if (!isValid) { - log.error(`x Invalid ignore file: ${error}, empty one will be used instead`).print(); - return {}; + log + .error( + `x Invalid ignore file: ${error}, empty one will be used instead` + ) + .print(); + + return { warnings: new IgnoreWarningsPatterns() }; } log.success("✔ Ignore file loaded").print(); - return JSON.parse(ignoreFile) as IgnoreFile; - } - catch (error: any) { + return JSON.parse(ignoreFile) as IgnorePatterns; + } catch (error: any) { log.error(`x Cannot load ignore file: ${error.message}`).print(); - return {}; + + return { warnings: new IgnoreWarningsPatterns() }; } } diff --git a/src/configuration/external/standardize.spec.ts b/src/configuration/external/standardize.spec.ts index ebc05a4..9214913 100644 --- a/src/configuration/external/standardize.spec.ts +++ b/src/configuration/external/standardize.spec.ts @@ -3,6 +3,7 @@ import { RC as NodeSecureRuntimeConfig } from "@nodesecure/rc"; import { expect } from "chai"; // Import Internal Dependencies +import { IgnorePatterns } from "../../configuration/external/nodesecure/ignore-file"; import { Nsci } from "../standard/index.js"; import { ExternalRuntimeConfiguration } from "./common.js"; @@ -29,7 +30,8 @@ describe("Standardize CLI/API configuration to Nsci runtime configuration", () = strategy: "NPM_AUDIT", reporters: ["console", "html"], vulnerabilitySeverity: "all", - warnings: "error" + warnings: "error", + ignorePatterns: IgnorePatterns.default() }; expect( @@ -131,6 +133,7 @@ it("should standardize NodeSecure runtime configuration to Nsci runtime configur "encoded-literal": "off", "unsafe-regex": "error", "short-identifiers": "warning" - } + }, + ignorePatterns: IgnorePatterns.default() }); }); diff --git a/src/configuration/external/standardize.ts b/src/configuration/external/standardize.ts index e26fe51..35f5f82 100644 --- a/src/configuration/external/standardize.ts +++ b/src/configuration/external/standardize.ts @@ -2,6 +2,7 @@ import { RC as NodeSecureRuntimeConfig } from "@nodesecure/rc"; // Import Internal Dependencies +import { IgnorePatterns } from "../../configuration/external/nodesecure/ignore-file"; import type { DeepPartialRecord } from "../../types"; import { Nsci } from "../standard/index.js"; @@ -83,7 +84,8 @@ export function standardizeAllApisOptions( } export async function standardizeRuntimeConfig( - options: ApiConfig | CliConfig | NodeSecureRuntimeConfig + options: ApiConfig | CliConfig | NodeSecureRuntimeConfig, + ignorePatterns: IgnorePatterns ): Promise { const externalConfiguration = standardizeAllApisOptions(options); const standardizedNsciConfig = standardizeExternalConfiguration( @@ -104,6 +106,7 @@ export async function standardizeRuntimeConfig( * runtime configuration wherever the options are coming from. */ ...Nsci.defaultNsciRuntimeConfiguration, - ...standardizedNsciConfig + ...standardizedNsciConfig, + ignorePatterns } as Nsci.Configuration; } diff --git a/src/configuration/manage.ts b/src/configuration/manage.ts index 83f9827..6ce777f 100644 --- a/src/configuration/manage.ts +++ b/src/configuration/manage.ts @@ -6,6 +6,7 @@ import { analyzeEnvironmentContext } from "./environment/index.js"; import { getNodeSecureConfig, standardizeRuntimeConfig, + getIgnoreFile, ApiConfig, CliConfig } from "./external/index.js"; @@ -29,17 +30,21 @@ export async function selectRuntimeConfig( options: ApiConfig | CliConfig ): Promise { const nodesecureConfig = await getNodeSecureConfig(); + const ignorePatterns = await getIgnoreFile(); if (nodesecureConfig) { return { configMode: "file", - runtimeConfig: await standardizeRuntimeConfig(nodesecureConfig) + runtimeConfig: await standardizeRuntimeConfig( + nodesecureConfig, + ignorePatterns + ) }; } return { configMode: "raw", - runtimeConfig: await standardizeRuntimeConfig(options) + runtimeConfig: await standardizeRuntimeConfig(options, ignorePatterns) }; } diff --git a/src/configuration/standard/nsci.ts b/src/configuration/standard/nsci.ts index 5964806..7895fdc 100644 --- a/src/configuration/standard/nsci.ts +++ b/src/configuration/standard/nsci.ts @@ -3,6 +3,10 @@ import type JSXRay from "@nodesecure/js-x-ray"; // Import Internal Dependencies import { ValueOf } from "../../types"; +import { + IgnorePatterns, + IgnoreWarningsPatterns +} from "../external/nodesecure/ignore-file"; export const vulnStrategy = { npm: "NPM_AUDIT", @@ -64,6 +68,7 @@ export type Configuration = { reporters: ReporterTarget[]; vulnerabilitySeverity: ValueOf; warnings: Warnings; + ignorePatterns: IgnorePatterns; }; function generateDefaultRC(): Configuration { @@ -72,7 +77,10 @@ function generateDefaultRC(): Configuration { strategy: vulnStrategy.npm, reporters: [reporterTarget.CONSOLE], vulnerabilitySeverity: vulnSeverity.MEDIUM, - warnings: warnings.ERROR + warnings: warnings.ERROR, + ignorePatterns: { + warnings: new IgnoreWarningsPatterns() + } }; } diff --git a/src/reporting/run.ts b/src/reporting/run.ts index eaacd7b..8e7623f 100644 --- a/src/reporting/run.ts +++ b/src/reporting/run.ts @@ -86,10 +86,13 @@ async function runPayloadChecks( type PipelineOptions = (ApiConfig | CliConfig) & { autoExitAfterFailure: boolean; -} +}; export async function runPipeline( - options: PipelineOptions = { ...defaultExternalConfigOptions, autoExitAfterFailure: true } + options: PipelineOptions = { + ...defaultExternalConfigOptions, + autoExitAfterFailure: true + } ): Promise> { try { const defaultAutoExitAfterFailure = From 226a53337fabcc83c08bc959d7fa9ee32e907c75 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Mon, 20 Jun 2022 17:19:50 +0200 Subject: [PATCH 06/25] chore: update ns pakcages --- package-lock.json | 2103 +++++++++++++++++++++++++++++---------------- package.json | 6 +- 2 files changed, 1371 insertions(+), 738 deletions(-) diff --git a/package-lock.json b/package-lock.json index e170706..f97d101 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,9 +9,9 @@ "version": "1.4.1", "license": "MIT", "dependencies": { - "@nodesecure/rc": "^1.0.1", - "@nodesecure/scanner": "^3.3.0", - "@nodesecure/vuln": "^1.4.0", + "@nodesecure/rc": "^1.2.0", + "@nodesecure/scanner": "^3.6.0", + "@nodesecure/vuln": "^1.7.0", "@slimio/async-cli-spinner": "^0.5.2", "ajv": "^8.11.0", "kleur": "^4.1.4", @@ -585,9 +585,9 @@ "dev": true }, "node_modules/@gar/promisify": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@gar/promisify/-/promisify-1.1.2.tgz", - "integrity": "sha512-82cpyJyKRoQoRi+14ibCeGPu0CwypgtBAdBhq1WfvagpCZNKqwXbKwXllYSMG91DhmG4jt9gN8eP6lGOtozuaw==" + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@gar/promisify/-/promisify-1.1.3.tgz", + "integrity": "sha512-k2Ty1JcVojjJFwrg/ThKi2ujJ7XNLYaFGNB/bWT9wGR+oSMJHMa5w+CUq6p/pVrKeNNgA7pCqEcjSnHVoqJQFw==" }, "node_modules/@humanwhocodes/config-array": { "version": "0.9.2", @@ -620,19 +620,27 @@ "integrity": "sha512-SQ7Kzhh9+D+ZW9MA0zkYv3VXhIDNx+LzM6EJ+/65I3QY+enU6Itte7E5XX7EWrqLW2FN4n06GWzBnPoC3th2aQ==" }, "node_modules/@myunisoft/httpie": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/@myunisoft/httpie/-/httpie-1.4.0.tgz", - "integrity": "sha512-rZhQxh2Ay3fy7OHEqoGyX0FnS86Df7cHWOPIOaJrDKsp5AnHIakFpZeRoaiAig8vdZ2oj1G3riZivLCl7fMNAg==", + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/@myunisoft/httpie/-/httpie-1.8.0.tgz", + "integrity": "sha512-+Gye+gL14arbhMLANumHFB2wp4lEJza9Td2eyK4W/z7hPD0TgzZInqa3+cGPh1yZXGM0S7K4treGc+AO5J9s/Q==", "dependencies": { "content-type": "^1.0.4", - "lru-cache": "^6.0.0", + "lru-cache": "^7.10.1", "statuses": "^2.0.1", - "undici": "^4.12.2" + "undici": "^5.5.1" }, "engines": { "node": ">=14" } }, + "node_modules/@myunisoft/httpie/node_modules/lru-cache": { + "version": "7.10.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.10.1.tgz", + "integrity": "sha512-BQuhQxPuRl79J5zSXRP+uNzPOyZw2oFI9JLRQ80XswSvg21KMKNtQza9eF42rfI/3Z40RvzBdXgziEkudzjo8A==", + "engines": { + "node": ">=12" + } + }, "node_modules/@nodelib/fs.scandir": { "version": "2.1.5", "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", @@ -682,9 +690,9 @@ } }, "node_modules/@nodesecure/flags": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@nodesecure/flags/-/flags-2.2.0.tgz", - "integrity": "sha512-uVPIkRhT3ytu+i3M3MIyFmCaQucrTMP5BTfVd/AjpIUTqAYCh9cgHdUt1FFv16iEHP/VyhpYpXwmR7+zXoH6RA==" + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@nodesecure/flags/-/flags-2.4.0.tgz", + "integrity": "sha512-kzgg8MlEoMt3yY5gR4Aoijri0KwRlih44vtmR/vcioiLPjMmVF8kWidbtf4Je7+mjp+Tnmyn8CCk9q1Nc345gw==" }, "node_modules/@nodesecure/fs-walk": { "version": "1.0.0", @@ -692,23 +700,23 @@ "integrity": "sha512-3Sn8N78jWiOdatBTTLt6YbEHNhkuO13T9gQT3bhVkQdU/cQ4VKX6K76Up8HQLH5IQ168vIzAz8eWvM4dPsnK7w==" }, "node_modules/@nodesecure/i18n": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@nodesecure/i18n/-/i18n-1.2.1.tgz", - "integrity": "sha512-KxJpE3Ra9ZEomdcJBy4EfsIlae7wE1DFb+ez9OEBZ5Zo3yup79saYtUWnxFWIC6jvG5mJJcGHQj7Vr+MgLJ1IA==", + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/@nodesecure/i18n/-/i18n-1.5.0.tgz", + "integrity": "sha512-xmz/v27D1qtk9H1F6TBvmxBla95EmQ+B5oM/qZmUPlGMBG7EG4N6N9K34buQMdwIzzu3KKW59jydBdJgNKnfrQ==", "dependencies": { - "cacache": "^15.3.0", + "cacache": "^16.0.7", "lodash.get": "^4.4.2" } }, "node_modules/@nodesecure/js-x-ray": { - "version": "4.2.1", - "resolved": "https://registry.npmjs.org/@nodesecure/js-x-ray/-/js-x-ray-4.2.1.tgz", - "integrity": "sha512-ZH6LkTQnysH4zh0iSt6U6duzo38ufZgDvqoh69OWVjbsRXHt/DipIWhzhrXFKgyXzOLbOtJwF9rgHDoHkwAWLw==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/@nodesecure/js-x-ray/-/js-x-ray-5.0.1.tgz", + "integrity": "sha512-VQy5K0MR+edNQpxnzatUZvCMUXYo7MZEhRdbHpifKn9cGZEbVlYQ2QH7Eb3M9tZwJoUHgmPncoRZTe+uPAzw1Q==", "dependencies": { - "@nodesecure/sec-literal": "^1.0.1", + "@nodesecure/sec-literal": "^1.1.0", "estree-walker": "^3.0.1", "is-minified-code": "^2.0.0", - "meriyah": "^4.2.0", + "meriyah": "^4.2.1", "safe-regex": "^2.1.1" }, "engines": { @@ -727,12 +735,12 @@ } }, "node_modules/@nodesecure/npm-registry-sdk": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@nodesecure/npm-registry-sdk/-/npm-registry-sdk-1.3.0.tgz", - "integrity": "sha512-h/dpP+EEqEHw6hnXUfgy9DowqpB9Wd91KPj6PqW41s1vLS/pgP5rmwMBEHu/utmpeJWrDI3Iy3FVpAATldWyvQ==", + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@nodesecure/npm-registry-sdk/-/npm-registry-sdk-1.4.0.tgz", + "integrity": "sha512-pUXDIE9zRIr7kq6MiP9Xom2tL+4TMDq1ecWBLtpUvnrdzz0zScajlFG006dJxK29EXh1f5Op+gpPyAaJVrC5Tg==", "dependencies": { - "@myunisoft/httpie": "^1.3.1", - "@npm/types": "^1.0.1" + "@myunisoft/httpie": "^1.8.0", + "@npm/types": "^1.0.2" } }, "node_modules/@nodesecure/ntlp": { @@ -744,25 +752,25 @@ } }, "node_modules/@nodesecure/rc": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@nodesecure/rc/-/rc-1.0.1.tgz", - "integrity": "sha512-vKHUebUOu6IjSCfzTuriNDYMtZFDAikGtaL3XUhF07rUed4daUOVCHTSFt79I3yYIXwBZB9vYTl4jQdb3+d4xQ==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@nodesecure/rc/-/rc-1.2.0.tgz", + "integrity": "sha512-Fikc815kOiewzkoRP+efJGC8kzotwuzVCkFZF4wXbktakf3cCaCwplDxhOqIWak4SGxkCll9S8UAD4RSq0j6eQ==", "dependencies": { - "@nodesecure/i18n": "^1.2.1", - "@nodesecure/js-x-ray": "^4.2.1", - "@nodesecure/vuln": "^1.5.0", + "@nodesecure/i18n": "^1.5.0", + "@nodesecure/js-x-ray": "^5.0.1", + "@nodesecure/vuln": "^1.7.0", "@slimio/config": "^1.0.1", "ts-results": "^3.3.0", - "type-fest": "^2.11.0" + "type-fest": "^2.13.1" }, "engines": { "node": ">=16" } }, "node_modules/@nodesecure/rc/node_modules/type-fest": { - "version": "2.12.0", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-2.12.0.tgz", - "integrity": "sha512-Qe5GRT+n/4GoqCNGGVp5Snapg1Omq3V7irBJB3EaKsp7HWDo5Gv2d/67gfNyV+d5EXD+x/RF5l1h4yJ7qNkcGA==", + "version": "2.13.1", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-2.13.1.tgz", + "integrity": "sha512-hXYyrPFwETT2swFLHeoKtJrvSF/ftG/sA15/8nGaLuaDGfVAaq8DYFpu4yOyV4tzp082WqnTEoMsm3flKMI2FQ==", "engines": { "node": ">=12.20" }, @@ -771,41 +779,56 @@ } }, "node_modules/@nodesecure/scanner": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/@nodesecure/scanner/-/scanner-3.3.0.tgz", - "integrity": "sha512-r1R0SCPzJPAHXcTIz9JmgOKMxBrdKEhqUidanNDfPqPmx3XEOaRnzavabsREC6/cF0BLCWEsGCYClIejEkMz9A==", + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/@nodesecure/scanner/-/scanner-3.6.0.tgz", + "integrity": "sha512-NmaeTcpwxE3oT6QfnyVX5cfl2GGYkS4DXhCrNwI0Ax3DPu4j8MFOu2dRBEd+zdOLs7TvGGQVwyo2Ss0XBhk3GA==", "dependencies": { - "@nodesecure/flags": "^2.2.0", + "@nodesecure/flags": "^2.3.0", "@nodesecure/fs-walk": "^1.0.0", - "@nodesecure/i18n": "^1.2.1", - "@nodesecure/js-x-ray": "^4.2.0", + "@nodesecure/i18n": "^1.3.0", + "@nodesecure/js-x-ray": "^4.5.0", "@nodesecure/npm-registry-sdk": "^1.3.0", "@nodesecure/ntlp": "^2.1.0", "@nodesecure/utils": "^1.0.0", - "@nodesecure/vuln": "^1.5.0", - "@npm/types": "^1.0.1", - "@npmcli/arborist": "^4.3.0", + "@nodesecure/vuln": "^1.7.0", + "@npm/types": "^1.0.2", + "@npmcli/arborist": "^5.2.1", "@slimio/lock": "^1.0.0", - "builtins": "^4.0.0", + "builtins": "^5.0.1", "combine-async-iterators": "^2.0.1", "itertools": "^1.7.1", "lodash.difference": "^4.5.0", - "pacote": "^12.0.3", - "semver": "^7.3.4" + "pacote": "^13.6.0", + "semver": "^7.3.7" }, "engines": { "node": ">=16" } }, + "node_modules/@nodesecure/scanner/node_modules/@nodesecure/js-x-ray": { + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/@nodesecure/js-x-ray/-/js-x-ray-4.5.0.tgz", + "integrity": "sha512-NFmPkX0jL4AVzfFYLqKZJqxs7dWdXJE7EZKGMToWopNp4W5fe8ys64puAqxxWiYF9jxMKjyLLCro+v5s8TDyVA==", + "dependencies": { + "@nodesecure/sec-literal": "^1.1.0", + "estree-walker": "^3.0.1", + "is-minified-code": "^2.0.0", + "meriyah": "^4.2.1", + "safe-regex": "^2.1.1" + }, + "engines": { + "node": "^12.20.0 || ^14.13.1 || >=16.0.0" + } + }, "node_modules/@nodesecure/sec-literal": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@nodesecure/sec-literal/-/sec-literal-1.0.1.tgz", - "integrity": "sha512-gnYdW1zzBpkKxNHg4vdhkkpvQvQqpYvSoBpdNHJlBnMehy0UCSViAQVXQA7BupHXrYP5xRnrq3lQvzU1QI6PqQ==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@nodesecure/sec-literal/-/sec-literal-1.1.0.tgz", + "integrity": "sha512-gBk4OGzBR3u+nbMlOGTCJzY0MLLELxkDSlEz49jm0KXHTvGv3r7xNbZKRhuxLkyKFLzGvNohbSiIkhqUOIcyiA==", "dependencies": { "frequency-set": "^1.0.1", "is-base64": "^1.1.0", "is-svg": "^4.3.2", - "string-width": "^5.0.1" + "string-width": "^5.1.2" } }, "node_modules/@nodesecure/sec-literal/node_modules/ansi-regex": { @@ -824,24 +847,13 @@ "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" }, - "node_modules/@nodesecure/sec-literal/node_modules/is-fullwidth-code-point": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-4.0.0.tgz", - "integrity": "sha512-O4L094N2/dZ7xqVdrXhh9r1KODPJpFms8B5sGdJLPy664AgvXsreZUyCQQNItZRDlYug4xStLjNp/sz3HvBowQ==", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/@nodesecure/sec-literal/node_modules/string-width": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.0.1.tgz", - "integrity": "sha512-5ohWO/M4//8lErlUUtrFy3b11GtNOuMOU0ysKCDXFcfXuuvUXu95akgj/i8ofmaGdN0hCqyl6uu9i8dS/mQp5g==", + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", + "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", "dependencies": { + "eastasianwidth": "^0.2.0", "emoji-regex": "^9.2.2", - "is-fullwidth-code-point": "^4.0.0", "strip-ansi": "^7.0.1" }, "engines": { @@ -871,89 +883,106 @@ "integrity": "sha512-eLkW+MDYx/pznZ5lvAA4QbQJryUaHOIwSfm/anWHsZYNE3HdtUOq2T7/eAKQyymmEIJbG3EHYMXVKSiVKZWgng==" }, "node_modules/@nodesecure/vuln": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/@nodesecure/vuln/-/vuln-1.5.0.tgz", - "integrity": "sha512-bwT5ftAPMwvEyhtSW6p9nRsyf0kqXmc+Pw9VYzT6LSuw+bQFW89hXEp6CwmQh8mbSTGB0nSxcrT03Dkc02jBEQ==", + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@nodesecure/vuln/-/vuln-1.7.0.tgz", + "integrity": "sha512-48KZ+gOD0k059RUjNzWu7JeMwXrHPn+Nbzcf2Ee149Esl56vWKnjn690gXyKbqf+2s/HN5NCTIwXOJW00aKPog==", "dependencies": { - "@myunisoft/httpie": "^1.4.0", + "@myunisoft/httpie": "^1.6.0", "@nodesecure/npm-registry-sdk": "^1.3.0", - "@npmcli/arborist": "^4.2.1", + "@npmcli/arborist": "^5.1.1", "@slimio/github": "^1.0.0", - "semver": "^7.3.5" + "semver": "^7.3.7" } }, "node_modules/@npm/types": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@npm/types/-/types-1.0.1.tgz", - "integrity": "sha512-+tTwymYjZrm7s5KPcS6Abq2l1wVlsk0Jxx4RWMMlC9BePNK4BGMaXUKWphdi7xAYJNA+lwqIqFK6hcNrMu/HFg==" + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/@npm/types/-/types-1.0.2.tgz", + "integrity": "sha512-KXZccTDEnWqNrrx6JjpJKU/wJvNeg9BDgjS0XhmlZab7br921HtyVbsYzJr4L+xIvjdJ20Wh9dgxgCI2a5CEQw==" }, "node_modules/@npmcli/arborist": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-4.3.0.tgz", - "integrity": "sha512-d1aDSql/JrCRRc3g6R6bXk94Gx9ggf25qaMTEc6KCEdIghr2oL+zkr/hQMWcSuBPPynx4yNA9EcZ3uFosvMp+Q==", + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-5.2.1.tgz", + "integrity": "sha512-DNyTHov3lU7PtCGHABzrPqQOUiBdiYzZ5dLv3D0RD5I9KbmhTLcZI/rv3ddZY0K9vpDE/R+R48b+cU/dUkL0Tw==", "dependencies": { "@isaacs/string-locale-compare": "^1.1.0", "@npmcli/installed-package-contents": "^1.0.7", - "@npmcli/map-workspaces": "^2.0.0", - "@npmcli/metavuln-calculator": "^2.0.0", - "@npmcli/move-file": "^1.1.0", + "@npmcli/map-workspaces": "^2.0.3", + "@npmcli/metavuln-calculator": "^3.0.1", + "@npmcli/move-file": "^2.0.0", "@npmcli/name-from-folder": "^1.0.1", - "@npmcli/node-gyp": "^1.0.3", - "@npmcli/package-json": "^1.0.1", - "@npmcli/run-script": "^2.0.0", + "@npmcli/node-gyp": "^2.0.0", + "@npmcli/package-json": "^2.0.0", + "@npmcli/run-script": "^3.0.0", "bin-links": "^3.0.0", - "cacache": "^15.0.3", + "cacache": "^16.0.6", "common-ancestor-path": "^1.0.1", "json-parse-even-better-errors": "^2.3.1", "json-stringify-nice": "^1.1.4", "mkdirp": "^1.0.4", "mkdirp-infer-owner": "^2.0.0", - "npm-install-checks": "^4.0.0", - "npm-package-arg": "^8.1.5", - "npm-pick-manifest": "^6.1.0", - "npm-registry-fetch": "^12.0.1", - "pacote": "^12.0.2", + "nopt": "^5.0.0", + "npm-install-checks": "^5.0.0", + "npm-package-arg": "^9.0.0", + "npm-pick-manifest": "^7.0.0", + "npm-registry-fetch": "^13.0.0", + "npmlog": "^6.0.2", + "pacote": "^13.0.5", "parse-conflict-json": "^2.0.1", - "proc-log": "^1.0.0", + "proc-log": "^2.0.0", "promise-all-reject-late": "^1.0.0", "promise-call-limit": "^1.0.1", "read-package-json-fast": "^2.0.2", "readdir-scoped-modules": "^1.1.0", "rimraf": "^3.0.2", - "semver": "^7.3.5", - "ssri": "^8.0.1", - "treeverse": "^1.0.4", + "semver": "^7.3.7", + "ssri": "^9.0.0", + "treeverse": "^2.0.0", "walk-up-path": "^1.0.0" }, "bin": { "arborist": "bin/index.js" }, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/@npmcli/fs": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-1.0.0.tgz", - "integrity": "sha512-8ltnOpRR/oJbOp8vaGUnipOi3bqkcW+sLHFlyXIr08OGHmVJLB1Hn7QtGXbYcpVtH1gAYZTlmDXtE4YV0+AMMQ==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-2.1.0.tgz", + "integrity": "sha512-DmfBvNXGaetMxj9LTp8NAN9vEidXURrf5ZTslQzEAi/6GbW+4yjaLFQc6Tue5cpZ9Frlk4OBo/Snf1Bh/S7qTQ==", "dependencies": { - "@gar/promisify": "^1.0.1", + "@gar/promisify": "^1.1.3", "semver": "^7.3.5" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/@npmcli/git": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@npmcli/git/-/git-2.1.0.tgz", - "integrity": "sha512-/hBFX/QG1b+N7PZBFs0bi+evgRZcK9nWBxQKZkGoXUT5hJSwl5c4d7y8/hm+NQZRPhQ67RzFaj5UM9YeyKoryw==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/@npmcli/git/-/git-3.0.1.tgz", + "integrity": "sha512-UU85F/T+F1oVn3IsB/L6k9zXIMpXBuUBE25QDH0SsURwT6IOBqkC7M16uqo2vVZIyji3X1K4XH9luip7YekH1A==", "dependencies": { - "@npmcli/promise-spawn": "^1.3.2", - "lru-cache": "^6.0.0", + "@npmcli/promise-spawn": "^3.0.0", + "lru-cache": "^7.4.4", "mkdirp": "^1.0.4", - "npm-pick-manifest": "^6.1.1", + "npm-pick-manifest": "^7.0.0", + "proc-log": "^2.0.0", "promise-inflight": "^1.0.1", "promise-retry": "^2.0.1", "semver": "^7.3.5", "which": "^2.0.2" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } + }, + "node_modules/@npmcli/git/node_modules/lru-cache": { + "version": "7.10.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.10.1.tgz", + "integrity": "sha512-BQuhQxPuRl79J5zSXRP+uNzPOyZw2oFI9JLRQ80XswSvg21KMKNtQza9eF42rfI/3Z40RvzBdXgziEkudzjo8A==", + "engines": { + "node": ">=12" } }, "node_modules/@npmcli/installed-package-contents": { @@ -972,43 +1001,80 @@ } }, "node_modules/@npmcli/map-workspaces": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@npmcli/map-workspaces/-/map-workspaces-2.0.0.tgz", - "integrity": "sha512-QBJfpCY1NOAkkW3lFfru9VTdqvMB2TN0/vrevl5xBCv5Fi0XDVcA6rqqSau4Ysi4Iw3fBzyXV7hzyTBDfadf7g==", + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@npmcli/map-workspaces/-/map-workspaces-2.0.3.tgz", + "integrity": "sha512-X6suAun5QyupNM8iHkNPh0AHdRC2rb1W+MTdMvvA/2ixgmqZwlq5cGUBgmKHUHT2LgrkKJMAXbfAoTxOigpK8Q==", "dependencies": { "@npmcli/name-from-folder": "^1.0.1", - "glob": "^7.1.6", - "minimatch": "^3.0.4", - "read-package-json-fast": "^2.0.1" + "glob": "^8.0.1", + "minimatch": "^5.0.1", + "read-package-json-fast": "^2.0.3" }, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } + }, + "node_modules/@npmcli/map-workspaces/node_modules/brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "dependencies": { + "balanced-match": "^1.0.0" + } + }, + "node_modules/@npmcli/map-workspaces/node_modules/glob": { + "version": "8.0.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-8.0.3.tgz", + "integrity": "sha512-ull455NHSHI/Y1FqGaaYFaLGkNMMJbavMrEGFXG/PGrg6y7sutWHUHrz6gy6WEBH6akM1M414dWKCNs+IhKdiQ==", + "dependencies": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^5.0.1", + "once": "^1.3.0" + }, + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, + "node_modules/@npmcli/map-workspaces/node_modules/minimatch": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz", + "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==", + "dependencies": { + "brace-expansion": "^2.0.1" + }, + "engines": { + "node": ">=10" } }, "node_modules/@npmcli/metavuln-calculator": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@npmcli/metavuln-calculator/-/metavuln-calculator-2.0.0.tgz", - "integrity": "sha512-VVW+JhWCKRwCTE+0xvD6p3uV4WpqocNYYtzyvenqL/u1Q3Xx6fGTJ+6UoIoii07fbuEO9U3IIyuGY0CYHDv1sg==", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/@npmcli/metavuln-calculator/-/metavuln-calculator-3.1.0.tgz", + "integrity": "sha512-Q5fbQqGDlYqk7kWrbg6E2j/mtqQjZop0ZE6735wYA1tYNHguIDjAuWs+kFb5rJCkLIlXllfapvsyotYKiZOTBA==", "dependencies": { - "cacache": "^15.0.5", + "cacache": "^16.0.0", "json-parse-even-better-errors": "^2.3.1", - "pacote": "^12.0.0", - "semver": "^7.3.2" + "pacote": "^13.0.3", + "semver": "^7.3.5" }, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/@npmcli/move-file": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@npmcli/move-file/-/move-file-1.1.2.tgz", - "integrity": "sha512-1SUf/Cg2GzGDyaf15aR9St9TWlb+XvbZXWpDx8YKs7MLzMH/BCeopv+y9vzrzgkfykCGuWOlSu3mZhj2+FQcrg==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/move-file/-/move-file-2.0.0.tgz", + "integrity": "sha512-UR6D5f4KEGWJV6BGPH3Qb2EtgH+t+1XQ1Tt85c7qicN6cezzuHPdZwwAxqZr4JLtnQu0LZsTza/5gmNmSl8XLg==", "dependencies": { "mkdirp": "^1.0.4", "rimraf": "^3.0.2" }, "engines": { - "node": ">=10" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/@npmcli/name-from-folder": { @@ -1017,35 +1083,47 @@ "integrity": "sha512-qq3oEfcLFwNfEYOQ8HLimRGKlD8WSeGEdtUa7hmzpR8Sa7haL1KVQrvgO6wqMjhWFFVjgtrh1gIxDz+P8sjUaA==" }, "node_modules/@npmcli/node-gyp": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/@npmcli/node-gyp/-/node-gyp-1.0.3.tgz", - "integrity": "sha512-fnkhw+fmX65kiLqk6E3BFLXNC26rUhK90zVwe2yncPliVT/Qos3xjhTLE59Df8KnPlcwIERXKVlU1bXoUQ+liA==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/node-gyp/-/node-gyp-2.0.0.tgz", + "integrity": "sha512-doNI35wIe3bBaEgrlPfdJPaCpUR89pJWep4Hq3aRdh6gKazIVWfs0jHttvSSoq47ZXgC7h73kDsUl8AoIQUB+A==", + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } }, "node_modules/@npmcli/package-json": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@npmcli/package-json/-/package-json-1.0.1.tgz", - "integrity": "sha512-y6jnu76E9C23osz8gEMBayZmaZ69vFOIk8vR1FJL/wbEJ54+9aVG9rLTjQKSXfgYZEr50nw1txBBFfBZZe+bYg==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/package-json/-/package-json-2.0.0.tgz", + "integrity": "sha512-42jnZ6yl16GzjWSH7vtrmWyJDGVa/LXPdpN2rcUWolFjc9ON2N3uz0qdBbQACfmhuJZ2lbKYtmK5qx68ZPLHMA==", "dependencies": { "json-parse-even-better-errors": "^2.3.1" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/@npmcli/promise-spawn": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/@npmcli/promise-spawn/-/promise-spawn-1.3.2.tgz", - "integrity": "sha512-QyAGYo/Fbj4MXeGdJcFzZ+FkDkomfRBrPM+9QYJSg+PxgAUL+LU3FneQk37rKR2/zjqkCV1BLHccX98wRXG3Sg==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/promise-spawn/-/promise-spawn-3.0.0.tgz", + "integrity": "sha512-s9SgS+p3a9Eohe68cSI3fi+hpcZUmXq5P7w0kMlAsWVtR7XbK3ptkZqKT2cK1zLDObJ3sR+8P59sJE0w/KTL1g==", "dependencies": { "infer-owner": "^1.0.4" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/@npmcli/run-script": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-2.0.0.tgz", - "integrity": "sha512-fSan/Pu11xS/TdaTpTB0MRn9guwGU8dye+x56mEVgBEd/QsybBbYcAL0phPXi8SGWFEChkQd6M9qL4y6VOpFig==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-3.0.3.tgz", + "integrity": "sha512-ZXL6qgC5NjwfZJ2nET+ZSLEz/PJgJ/5CU90C2S66dZY4Jw73DasS4ZCXuy/KHWYP0imjJ4VtA+Gebb5BxxKp9Q==", "dependencies": { - "@npmcli/node-gyp": "^1.0.2", - "@npmcli/promise-spawn": "^1.3.2", - "node-gyp": "^8.2.0", - "read-package-json-fast": "^2.0.1" + "@npmcli/node-gyp": "^2.0.0", + "@npmcli/promise-spawn": "^3.0.0", + "node-gyp": "^8.4.1", + "read-package-json-fast": "^2.0.3" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/@slimio/async-cli-spinner": { @@ -1455,9 +1533,9 @@ } }, "node_modules/agentkeepalive": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/agentkeepalive/-/agentkeepalive-4.2.0.tgz", - "integrity": "sha512-0PhAp58jZNw13UJv7NVdTGb0ZcghHUb3DrZ046JiiJY/BOaTTpbwdHq2VObPCBV8M2GPh7sgrJ3AQ8Ey468LJw==", + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/agentkeepalive/-/agentkeepalive-4.2.1.tgz", + "integrity": "sha512-Zn4cw2NEqd+9fiSVWMscnjyQ1a8Yfoc5oBajLeo5w+YBHgDUcEBY2hS4YpTz6iN5f/2zQiktcuM6tS8x1p9dpA==", "dependencies": { "debug": "^4.1.0", "depd": "^1.1.2", @@ -1544,15 +1622,15 @@ "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==" }, "node_modules/are-we-there-yet": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-2.0.0.tgz", - "integrity": "sha512-Ci/qENmwHnsYo9xKIcUJN5LeDKdJ6R1Z1j9V/J5wyq8nh/mYPEpIKJbBZXtZjG04HiK7zV/p6Vs9952MrMeUIw==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-3.0.0.tgz", + "integrity": "sha512-0GWpv50YSOcLXaN6/FAKY3vfRbllXWV2xvfA/oKJF8pzFhWXPV+yjhJXDBbjscDYowv7Yw1A3uigpzn5iEGTyw==", "dependencies": { "delegates": "^1.0.0", "readable-stream": "^3.6.0" }, "engines": { - "node": ">=10" + "node": "^12.13.0 || ^14.15.0 || >=16" } }, "node_modules/arg": { @@ -1617,7 +1695,7 @@ "node_modules/asap": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", - "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" + "integrity": "sha512-BSHWgDSAiKs50o2Re8ppvp3seVHXSRM44cdSsT9FfNEUUZLOGWVCsiWaRPWM1Znn+mqZ1OfVZ3z3DWEzSp7hRA==" }, "node_modules/assertion-error": { "version": "1.1.0", @@ -1661,19 +1739,19 @@ ] }, "node_modules/bin-links": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/bin-links/-/bin-links-3.0.0.tgz", - "integrity": "sha512-fC7kPWcEkAWBgCKxmAMqZldlIeHsXwQy9JXzrppAVQiukGiDKxmYesJcBKWu6UMwx/5GOfo10wtK/4zy+Xt/mg==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/bin-links/-/bin-links-3.0.1.tgz", + "integrity": "sha512-9vx+ypzVhASvHTS6K+YSGf7nwQdANoz7v6MTC0aCtYnOEZ87YvMf81aY737EZnGZdpbRM3sfWjO9oWkKmuIvyQ==", "dependencies": { - "cmd-shim": "^4.0.1", + "cmd-shim": "^5.0.0", "mkdirp-infer-owner": "^2.0.0", "npm-normalize-package-bin": "^1.0.0", - "read-cmd-shim": "^2.0.0", + "read-cmd-shim": "^3.0.0", "rimraf": "^3.0.0", "write-file-atomic": "^4.0.0" }, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/binary-extensions": { @@ -1769,53 +1847,84 @@ } }, "node_modules/builtins": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/builtins/-/builtins-4.0.0.tgz", - "integrity": "sha512-qC0E2Dxgou1IHhvJSLwGDSTvokbRovU5zZFuDY6oY8Y2lF3nGt5Ad8YZK7GMtqzY84Wu7pXTPeHQeHcXSXsRhw==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/builtins/-/builtins-5.0.1.tgz", + "integrity": "sha512-qwVpFEHNfhYJIzNRBvd2C1kyo6jz3ZSMPyyuR47OPdiKWlbYnZNyDWuyR175qDnAJLiCo5fBBqPb3RiXgWlkOQ==", "dependencies": { "semver": "^7.0.0" } }, "node_modules/cacache": { - "version": "15.3.0", - "resolved": "https://registry.npmjs.org/cacache/-/cacache-15.3.0.tgz", - "integrity": "sha512-VVdYzXEn+cnbXpFgWs5hTT7OScegHVmLhJIR8Ufqk3iFD6A6j5iSX1KuBTfNEv4tdJWE2PzA6IVFtcLC7fN9wQ==", + "version": "16.1.1", + "resolved": "https://registry.npmjs.org/cacache/-/cacache-16.1.1.tgz", + "integrity": "sha512-VDKN+LHyCQXaaYZ7rA/qtkURU+/yYhviUdvqEv2LT6QPZU8jpyzEkEVAcKlKLt5dJ5BRp11ym8lo3NKLluEPLg==", "dependencies": { - "@npmcli/fs": "^1.0.0", - "@npmcli/move-file": "^1.0.1", + "@npmcli/fs": "^2.1.0", + "@npmcli/move-file": "^2.0.0", "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "glob": "^7.1.4", + "fs-minipass": "^2.1.0", + "glob": "^8.0.1", "infer-owner": "^1.0.4", - "lru-cache": "^6.0.0", - "minipass": "^3.1.1", + "lru-cache": "^7.7.1", + "minipass": "^3.1.6", "minipass-collect": "^1.0.2", "minipass-flush": "^1.0.5", - "minipass-pipeline": "^1.2.2", - "mkdirp": "^1.0.3", + "minipass-pipeline": "^1.2.4", + "mkdirp": "^1.0.4", "p-map": "^4.0.0", "promise-inflight": "^1.0.1", "rimraf": "^3.0.2", - "ssri": "^8.0.1", - "tar": "^6.0.2", + "ssri": "^9.0.0", + "tar": "^6.1.11", "unique-filename": "^1.1.1" }, "engines": { - "node": ">= 10" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, - "node_modules/cacache/node_modules/p-map": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz", - "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==", + "node_modules/cacache/node_modules/brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", "dependencies": { - "aggregate-error": "^3.0.0" + "balanced-match": "^1.0.0" + } + }, + "node_modules/cacache/node_modules/glob": { + "version": "8.0.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-8.0.3.tgz", + "integrity": "sha512-ull455NHSHI/Y1FqGaaYFaLGkNMMJbavMrEGFXG/PGrg6y7sutWHUHrz6gy6WEBH6akM1M414dWKCNs+IhKdiQ==", + "dependencies": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^5.0.1", + "once": "^1.3.0" }, "engines": { - "node": ">=10" + "node": ">=12" }, "funding": { - "url": "https://github.com/sponsors/sindresorhus" + "url": "https://github.com/sponsors/isaacs" + } + }, + "node_modules/cacache/node_modules/lru-cache": { + "version": "7.10.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.10.1.tgz", + "integrity": "sha512-BQuhQxPuRl79J5zSXRP+uNzPOyZw2oFI9JLRQ80XswSvg21KMKNtQza9eF42rfI/3Z40RvzBdXgziEkudzjo8A==", + "engines": { + "node": ">=12" + } + }, + "node_modules/cacache/node_modules/minimatch": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz", + "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==", + "dependencies": { + "brace-expansion": "^2.0.1" + }, + "engines": { + "node": ">=10" } }, "node_modules/call-bind": { @@ -1970,14 +2079,14 @@ } }, "node_modules/cmd-shim": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/cmd-shim/-/cmd-shim-4.1.0.tgz", - "integrity": "sha512-lb9L7EM4I/ZRVuljLPEtUJOP+xiQVknZ4ZMpMgEp4JzNldPb27HU03hi6K1/6CoIuit/Zm/LQXySErFeXxDprw==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/cmd-shim/-/cmd-shim-5.0.0.tgz", + "integrity": "sha512-qkCtZ59BidfEwHltnJwkyVZn+XQojdAySM1D1gSeh11Z4pW1Kpolkyo53L5noc0nrxmIvyFwTmJRo4xs7FFLPw==", "dependencies": { "mkdirp-infer-owner": "^2.0.0" }, "engines": { - "node": ">=10" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/color-convert": { @@ -2025,7 +2134,7 @@ "node_modules/console-control-strings": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz", - "integrity": "sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4=" + "integrity": "sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ==" }, "node_modules/content-type": { "version": "1.0.4", @@ -2094,7 +2203,7 @@ "node_modules/debuglog": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/debuglog/-/debuglog-1.0.1.tgz", - "integrity": "sha1-qiT/uaw9+aI1GDfPstJ5NgzXhJI=", + "integrity": "sha512-syBZ+rnAK3EgMsH2aYEOLUW7mZSY9Gb+0wUMCFsZvcmiz+HigA0LOcq/HoQqVuGG+EKykunc7QG2bzrponfaSw==", "engines": { "node": "*" } @@ -2133,20 +2242,20 @@ "node_modules/delegates": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", - "integrity": "sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=" + "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==" }, "node_modules/depd": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", - "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=", + "integrity": "sha512-7emPTl6Dpo6JRXOXjLRxck+FlLRX5847cLKEn00PLAgc3g2hTZZgr+e4c2v6QpSmLeFP3n5yUo7ft6avBK/5jQ==", "engines": { "node": ">= 0.6" } }, "node_modules/dezalgo": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/dezalgo/-/dezalgo-1.0.3.tgz", - "integrity": "sha1-f3Qt4Gb8dIvI24IFad3c5Jvw1FY=", + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/dezalgo/-/dezalgo-1.0.4.tgz", + "integrity": "sha512-rXSP0bf+5n0Qonsb+SVVfNfIsimO4HEtmnIpPHY8Q1UCzKlQrDMfdobr8nJOOsRgWCyMRqeSBQzmWUMq7zvVig==", "dependencies": { "asap": "^2.0.0", "wrappy": "1" @@ -2185,6 +2294,11 @@ "node": ">=6.0.0" } }, + "node_modules/eastasianwidth": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", + "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" + }, "node_modules/electron-to-chromium": { "version": "1.3.905", "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.905.tgz", @@ -2876,8 +2990,7 @@ "node_modules/function-bind": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true + "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==" }, "node_modules/functional-red-black-tree": { "version": "1.0.1", @@ -2886,22 +2999,21 @@ "dev": true }, "node_modules/gauge": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/gauge/-/gauge-4.0.0.tgz", - "integrity": "sha512-F8sU45yQpjQjxKkm1UOAhf0U/O0aFt//Fl7hsrNVto+patMHjs7dPI9mFOGUKbhrgKm0S3EjW3scMFuQmWSROw==", + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/gauge/-/gauge-4.0.4.tgz", + "integrity": "sha512-f9m+BEN5jkg6a0fZjleidjN51VE1X+mPFQ2DJ0uv1V39oCLCbsGe6yjbBnp7eK7z/+GAon99a3nHuqbuuthyPg==", "dependencies": { - "ansi-regex": "^5.0.1", "aproba": "^1.0.3 || ^2.0.0", - "color-support": "^1.1.2", - "console-control-strings": "^1.0.0", + "color-support": "^1.1.3", + "console-control-strings": "^1.1.0", "has-unicode": "^2.0.1", - "signal-exit": "^3.0.0", + "signal-exit": "^3.0.7", "string-width": "^4.2.3", "strip-ansi": "^6.0.1", - "wide-align": "^1.1.2" + "wide-align": "^1.1.5" }, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/gensync": { @@ -3033,9 +3145,9 @@ } }, "node_modules/graceful-fs": { - "version": "4.2.9", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.9.tgz", - "integrity": "sha512-NtNxqUcXgpW2iMrfqSfR73Glt39K+BLwWsPs94yR63v45T0Wbej7eRmL5cWfwEgqXnmjQp3zaJTshdRW/qC2ZQ==" + "version": "4.2.10", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", + "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==" }, "node_modules/growl": { "version": "1.10.5", @@ -3050,7 +3162,6 @@ "version": "1.0.3", "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, "dependencies": { "function-bind": "^1.1.1" }, @@ -3109,7 +3220,7 @@ "node_modules/has-unicode": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/has-unicode/-/has-unicode-2.0.1.tgz", - "integrity": "sha1-4Ob+aijPUROIVeCG0Wkedx3iqLk=" + "integrity": "sha512-8Rf9Y83NBReMnx0gFzA8JImQACstCYWUplepDa9xprwwtmgEZUF0h/i5xSA625zB/I37EtrswSST6OXxwaaIJQ==" }, "node_modules/he": { "version": "1.2.0", @@ -3121,14 +3232,22 @@ } }, "node_modules/hosted-git-info": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.1.0.tgz", - "integrity": "sha512-kyCuEOWjJqZuDbRHzL8V93NzQhwIB71oFWSyzVo+KPZI+pnQPPxucdkrOZvkLRnrf5URsQM+IJ09Dw29cRALIA==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-5.0.0.tgz", + "integrity": "sha512-rRnjWu0Bxj+nIfUOkz0695C0H6tRrN5iYIzYejb0tDEefe2AekHu/U5Kn9pEie5vsJqpNQU02az7TGSH3qpz4Q==", "dependencies": { - "lru-cache": "^6.0.0" + "lru-cache": "^7.5.1" }, "engines": { - "node": ">=10" + "node": "^12.13.0 || ^14.15.0 || >=16" + } + }, + "node_modules/hosted-git-info/node_modules/lru-cache": { + "version": "7.10.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.10.1.tgz", + "integrity": "sha512-BQuhQxPuRl79J5zSXRP+uNzPOyZw2oFI9JLRQ80XswSvg21KMKNtQza9eF42rfI/3Z40RvzBdXgziEkudzjo8A==", + "engines": { + "node": ">=12" } }, "node_modules/http-cache-semantics": { @@ -3150,9 +3269,9 @@ } }, "node_modules/https-proxy-agent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz", - "integrity": "sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", + "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", "dependencies": { "agent-base": "6", "debug": "4" @@ -3164,7 +3283,7 @@ "node_modules/humanize-ms": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/humanize-ms/-/humanize-ms-1.2.1.tgz", - "integrity": "sha1-xG4xWaKT9riW2ikxbYtv6Lt5u+0=", + "integrity": "sha512-Fl70vYtsAFb/C06PTS9dZBo7ihau+Tu/DNCk/OyHhea07S+aeMWpFFkUaXRa8fI+ScZbEI8dfSxwY7gxZ9SAVQ==", "dependencies": { "ms": "^2.0.0" } @@ -3210,11 +3329,30 @@ } }, "node_modules/ignore-walk": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/ignore-walk/-/ignore-walk-4.0.1.tgz", - "integrity": "sha512-rzDQLaW4jQbh2YrOFlJdCtX8qgJTehFRYiUB2r1osqTeDzV/3+Jh8fz1oAPzUThf3iku8Ds4IDqawI5d8mUiQw==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ignore-walk/-/ignore-walk-5.0.1.tgz", + "integrity": "sha512-yemi4pMf51WKT7khInJqAvsIGzoqYXblnsz0ql8tM+yi1EKYTY1evX4NAbJrLL/Aanr2HyZeluqU+Oi7MGHokw==", "dependencies": { - "minimatch": "^3.0.4" + "minimatch": "^5.0.1" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } + }, + "node_modules/ignore-walk/node_modules/brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "dependencies": { + "balanced-match": "^1.0.0" + } + }, + "node_modules/ignore-walk/node_modules/minimatch": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz", + "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==", + "dependencies": { + "brace-expansion": "^2.0.1" }, "engines": { "node": ">=10" @@ -3296,9 +3434,9 @@ } }, "node_modules/ip": { - "version": "1.1.5", - "resolved": "https://registry.npmjs.org/ip/-/ip-1.1.5.tgz", - "integrity": "sha1-vd7XARQpCCjAoDnnLvJfWq7ENUo=" + "version": "1.1.8", + "resolved": "https://registry.npmjs.org/ip/-/ip-1.1.8.tgz", + "integrity": "sha512-PuExPYUiu6qMBQb4l06ecm6T6ujzhmh+MeJcW9wa89PoAz5pvd4zPgN5WJV104mb6S2T1AwNIAaB70JNrLQWhg==" }, "node_modules/is-base64": { "version": "1.1.0", @@ -3365,10 +3503,9 @@ } }, "node_modules/is-core-module": { - "version": "2.8.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.8.0.tgz", - "integrity": "sha512-vd15qHsaqrRL7dtH6QNuy0ndJmRDrS9HAM1CAiSifNUFv4x1a0CCVsj18hJ1mShxIG6T2i1sO78MkP56r0nYRw==", - "dev": true, + "version": "2.9.0", + "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.9.0.tgz", + "integrity": "sha512-+5FPy5PnwmO3lvfMb0AsoPaBG+5KHUI0wYFXOtYPnVVVspTFUuMZNfNaNVRt3FZadstu2c8x23vykRW/NBoU6A==", "dependencies": { "has": "^1.0.3" }, @@ -3424,7 +3561,7 @@ "node_modules/is-lambda": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/is-lambda/-/is-lambda-1.0.1.tgz", - "integrity": "sha1-PZh3iZ5qU+/AFgUEzeFfgubwYdU=" + "integrity": "sha512-z7CMFGNrENq5iFB9Bqo64Xk6Y9sg+epq1myIcdHaGnbMTYOxvzsEtdYqQUylB7LxfkvgrrjP32T6Ywciio9UIQ==" }, "node_modules/is-minified-code": { "version": "2.0.0", @@ -3551,11 +3688,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, "node_modules/is-unicode-supported": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-0.1.0.tgz", @@ -3666,20 +3798,20 @@ "node_modules/jsonparse": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/jsonparse/-/jsonparse-1.3.1.tgz", - "integrity": "sha1-P02uSpH6wxX3EGL4UhzCOfE2YoA=", + "integrity": "sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg==", "engines": [ "node >= 0.2.0" ] }, "node_modules/just-diff": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/just-diff/-/just-diff-5.0.1.tgz", - "integrity": "sha512-X00TokkRIDotUIf3EV4xUm6ELc/IkqhS/vPSHdWnsM5y0HoNMfEqrazizI7g78lpHvnRSRt/PFfKtRqJCOGIuQ==" + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/just-diff/-/just-diff-5.0.3.tgz", + "integrity": "sha512-a8p80xcpJ6sdurk5PxDKb4mav9MeKjA3zFKZpCWBIfvg8mznfnmb13MKZvlrwJ+Lhis0wM3uGAzE0ArhFHvIcg==" }, "node_modules/just-diff-apply": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/just-diff-apply/-/just-diff-apply-4.0.1.tgz", - "integrity": "sha512-AKOkzB5P6FkfP21UlZVX/OPXx/sC2GagpLX9cBxqHqDuRjwmZ/AJRKSNrB9jHPpRW1W1ONs6gly1gW46t055nQ==" + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/just-diff-apply/-/just-diff-apply-5.3.1.tgz", + "integrity": "sha512-dgFenZnMsc1xGNqgdtgnh7DK+Oy352CE3VZLbzcbQpsBs9iI2K3M0IRrdgREZ72eItTjbl0suRyvKRdVQa9GbA==" }, "node_modules/kleur": { "version": "4.1.4", @@ -3816,6 +3948,66 @@ "node": ">= 10" } }, + "node_modules/make-fetch-happen/node_modules/@npmcli/fs": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-1.1.1.tgz", + "integrity": "sha512-8KG5RD0GVP4ydEzRn/I4BNDuxDtqVbOdm8675T49OIG/NGhaK0pjPX7ZcDlvKYbA+ulvVK3ztfcF4uBdOxuJbQ==", + "dependencies": { + "@gar/promisify": "^1.0.1", + "semver": "^7.3.5" + } + }, + "node_modules/make-fetch-happen/node_modules/@npmcli/move-file": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@npmcli/move-file/-/move-file-1.1.2.tgz", + "integrity": "sha512-1SUf/Cg2GzGDyaf15aR9St9TWlb+XvbZXWpDx8YKs7MLzMH/BCeopv+y9vzrzgkfykCGuWOlSu3mZhj2+FQcrg==", + "dependencies": { + "mkdirp": "^1.0.4", + "rimraf": "^3.0.2" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/make-fetch-happen/node_modules/cacache": { + "version": "15.3.0", + "resolved": "https://registry.npmjs.org/cacache/-/cacache-15.3.0.tgz", + "integrity": "sha512-VVdYzXEn+cnbXpFgWs5hTT7OScegHVmLhJIR8Ufqk3iFD6A6j5iSX1KuBTfNEv4tdJWE2PzA6IVFtcLC7fN9wQ==", + "dependencies": { + "@npmcli/fs": "^1.0.0", + "@npmcli/move-file": "^1.0.1", + "chownr": "^2.0.0", + "fs-minipass": "^2.0.0", + "glob": "^7.1.4", + "infer-owner": "^1.0.4", + "lru-cache": "^6.0.0", + "minipass": "^3.1.1", + "minipass-collect": "^1.0.2", + "minipass-flush": "^1.0.5", + "minipass-pipeline": "^1.2.2", + "mkdirp": "^1.0.3", + "p-map": "^4.0.0", + "promise-inflight": "^1.0.1", + "rimraf": "^3.0.2", + "ssri": "^8.0.1", + "tar": "^6.0.2", + "unique-filename": "^1.1.1" + }, + "engines": { + "node": ">= 10" + } + }, + "node_modules/make-fetch-happen/node_modules/ssri": { + "version": "8.0.1", + "resolved": "https://registry.npmjs.org/ssri/-/ssri-8.0.1.tgz", + "integrity": "sha512-97qShzy1AiyxvPNIkLWoGua7xoQzzPjQ0HAH4B0rWKo7SZ6USuPcrUiAFrws0UH8RrbWmgq3LMTObhPIHbbBeQ==", + "dependencies": { + "minipass": "^3.1.1" + }, + "engines": { + "node": ">= 8" + } + }, "node_modules/merge2": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz", @@ -3826,9 +4018,9 @@ } }, "node_modules/meriyah": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/meriyah/-/meriyah-4.2.0.tgz", - "integrity": "sha512-fCVh5GB9YT53Bq14l00HLYE3i9DywrY0JVZxbk0clXWDuMsUKKwluvC5sY0bMBqHbnIbpIjfSSIsnrzbauA8Yw==", + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/meriyah/-/meriyah-4.2.1.tgz", + "integrity": "sha512-Uv5sWsmjFNC6IszEmHo5bzJLL+kqjQ/VrEj9Agqsqtx7B6dcxHnHLew1ioJD19HNXrxrRZltPi+NVh12I8RLXA==", "engines": { "node": ">=10.4.0" } @@ -3872,9 +4064,9 @@ "dev": true }, "node_modules/minipass": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.5.tgz", - "integrity": "sha512-+8NzxD82XQoNKNrl1d/FSi+X8wAEWR+sbYAfIvub4Nz0d22plFG72CEVVaufV8PNf4qSslFTD8VMOxNVhHCjTw==", + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.3.tgz", + "integrity": "sha512-N0BOsdFAlNRfmwMhjAsLVWOk7Ljmeb39iqFlsV1At+jqRhSUP9yeof8FyJu4imaJiSUp8vQebWD/guZwGQC8iA==", "dependencies": { "yallist": "^4.0.0" }, @@ -4210,6 +4402,20 @@ "node": ">=6" } }, + "node_modules/normalize-package-data": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-4.0.0.tgz", + "integrity": "sha512-m+GL22VXJKkKbw62ZaBBjv8u6IE3UI4Mh5QakIqs3fWiKe0Xyi6L97hakwZK41/LD4R/2ly71Bayx0NLMwLA/g==", + "dependencies": { + "hosted-git-info": "^5.0.0", + "is-core-module": "^2.8.1", + "semver": "^7.3.5", + "validate-npm-package-license": "^3.0.4" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16" + } + }, "node_modules/normalize-path": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", @@ -4228,14 +4434,14 @@ } }, "node_modules/npm-install-checks": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-4.0.0.tgz", - "integrity": "sha512-09OmyDkNLYwqKPOnbI8exiOZU2GVVmQp7tgez2BPi5OZC8M82elDAps7sxC4l//uSUtotWqoEIDwjRvWH4qz8w==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-5.0.0.tgz", + "integrity": "sha512-65lUsMI8ztHCxFz5ckCEC44DRvEGdZX5usQFriauxHEwt7upv1FKaQEmAtU0YnOAdwuNWCmk64xYiQABNrEyLA==", "dependencies": { "semver": "^7.1.1" }, "engines": { - "node": ">=10" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/npm-normalize-package-bin": { @@ -4244,60 +4450,101 @@ "integrity": "sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA==" }, "node_modules/npm-package-arg": { - "version": "8.1.5", - "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-8.1.5.tgz", - "integrity": "sha512-LhgZrg0n0VgvzVdSm1oiZworPbTxYHUJCgtsJW8mGvlDpxTM1vSJc3m5QZeUkhAHIzbz3VCHd/R4osi1L1Tg/Q==", + "version": "9.0.2", + "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-9.0.2.tgz", + "integrity": "sha512-v/miORuX8cndiOheW8p2moNuPJ7QhcFh9WGlTorruG8hXSA23vMTEp5hTCmDxic0nD8KHhj/NQgFuySD3GYY3g==", "dependencies": { - "hosted-git-info": "^4.0.1", - "semver": "^7.3.4", - "validate-npm-package-name": "^3.0.0" + "hosted-git-info": "^5.0.0", + "semver": "^7.3.5", + "validate-npm-package-name": "^4.0.0" }, "engines": { - "node": ">=10" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/npm-packlist": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/npm-packlist/-/npm-packlist-3.0.0.tgz", - "integrity": "sha512-L/cbzmutAwII5glUcf2DBRNY/d0TFd4e/FnaZigJV6JD85RHZXJFGwCndjMWiiViiWSsWt3tiOLpI3ByTnIdFQ==", + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/npm-packlist/-/npm-packlist-5.1.0.tgz", + "integrity": "sha512-a04sqF6FbkyOAFA19AA0e94gS7Et5T2/IMj3VOT9nOF2RaRdVPQ1Q17Fb/HaDRFs+gbC7HOmhVZ29adpWgmDZg==", "dependencies": { - "glob": "^7.1.6", - "ignore-walk": "^4.0.1", - "npm-bundled": "^1.1.1", + "glob": "^8.0.1", + "ignore-walk": "^5.0.1", + "npm-bundled": "^1.1.2", "npm-normalize-package-bin": "^1.0.1" }, "bin": { "npm-packlist": "bin/index.js" }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } + }, + "node_modules/npm-packlist/node_modules/brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "dependencies": { + "balanced-match": "^1.0.0" + } + }, + "node_modules/npm-packlist/node_modules/glob": { + "version": "8.0.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-8.0.3.tgz", + "integrity": "sha512-ull455NHSHI/Y1FqGaaYFaLGkNMMJbavMrEGFXG/PGrg6y7sutWHUHrz6gy6WEBH6akM1M414dWKCNs+IhKdiQ==", + "dependencies": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^5.0.1", + "once": "^1.3.0" + }, + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, + "node_modules/npm-packlist/node_modules/minimatch": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz", + "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==", + "dependencies": { + "brace-expansion": "^2.0.1" + }, "engines": { "node": ">=10" } }, "node_modules/npm-pick-manifest": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-6.1.1.tgz", - "integrity": "sha512-dBsdBtORT84S8V8UTad1WlUyKIY9iMsAmqxHbLdeEeBNMLQDlDWWra3wYUx9EBEIiG/YwAy0XyNHDd2goAsfuA==", + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-7.0.1.tgz", + "integrity": "sha512-IA8+tuv8KujbsbLQvselW2XQgmXWS47t3CB0ZrzsRZ82DbDfkcFunOaPm4X7qNuhMfq+FmV7hQT4iFVpHqV7mg==", "dependencies": { - "npm-install-checks": "^4.0.0", + "npm-install-checks": "^5.0.0", "npm-normalize-package-bin": "^1.0.1", - "npm-package-arg": "^8.1.2", - "semver": "^7.3.4" + "npm-package-arg": "^9.0.0", + "semver": "^7.3.5" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/npm-registry-fetch": { - "version": "12.0.1", - "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-12.0.1.tgz", - "integrity": "sha512-ricy4ezH3Uv0d4am6RSwHjCYTWJI74NJjurIigWMAG7Vs3PFyd0TUlkrez5L0AgaPzDLRsEzqb5cOZ/Ue01bmA==", + "version": "13.1.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-13.1.1.tgz", + "integrity": "sha512-5p8rwe6wQPLJ8dMqeTnA57Dp9Ox6GH9H60xkyJup07FmVlu3Mk7pf/kIIpl9gaN5bM8NM+UUx3emUWvDNTt39w==", "dependencies": { - "make-fetch-happen": "^10.0.0", - "minipass": "^3.1.3", - "minipass-fetch": "^1.3.0", + "make-fetch-happen": "^10.0.6", + "minipass": "^3.1.6", + "minipass-fetch": "^2.0.3", "minipass-json-stream": "^1.0.1", - "minizlib": "^2.0.0", - "npm-package-arg": "^8.0.0" + "minizlib": "^2.1.2", + "npm-package-arg": "^9.0.1", + "proc-log": "^2.0.0" }, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/npm-registry-fetch/node_modules/@tootallnate/once": { @@ -4321,44 +4568,81 @@ "node": ">= 6" } }, + "node_modules/npm-registry-fetch/node_modules/lru-cache": { + "version": "7.10.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.10.1.tgz", + "integrity": "sha512-BQuhQxPuRl79J5zSXRP+uNzPOyZw2oFI9JLRQ80XswSvg21KMKNtQza9eF42rfI/3Z40RvzBdXgziEkudzjo8A==", + "engines": { + "node": ">=12" + } + }, "node_modules/npm-registry-fetch/node_modules/make-fetch-happen": { - "version": "10.0.0", - "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-10.0.0.tgz", - "integrity": "sha512-CREcDkbKZZ64g5MN1FT+u58mDHX9FQFFtFyio5HonX44BdQdytqPZBXUz+6ibi2w/6ncji59f2phyXGSMGpgzA==", + "version": "10.1.8", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-10.1.8.tgz", + "integrity": "sha512-0ASJbG12Au6+N5I84W+8FhGS6iM8MyzvZady+zaQAu+6IOaESFzCLLD0AR1sAFF3Jufi8bxm586ABN6hWd3k7g==", "dependencies": { - "agentkeepalive": "^4.1.3", - "cacache": "^15.2.0", + "agentkeepalive": "^4.2.1", + "cacache": "^16.1.0", "http-cache-semantics": "^4.1.0", "http-proxy-agent": "^5.0.0", "https-proxy-agent": "^5.0.0", "is-lambda": "^1.0.1", - "lru-cache": "^6.0.0", - "minipass": "^3.1.3", + "lru-cache": "^7.7.1", + "minipass": "^3.1.6", "minipass-collect": "^1.0.2", - "minipass-fetch": "^1.3.2", + "minipass-fetch": "^2.0.3", "minipass-flush": "^1.0.5", "minipass-pipeline": "^1.2.4", "negotiator": "^0.6.3", "promise-retry": "^2.0.1", - "socks-proxy-agent": "^6.0.0", - "ssri": "^8.0.0" + "socks-proxy-agent": "^7.0.0", + "ssri": "^9.0.0" }, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } + }, + "node_modules/npm-registry-fetch/node_modules/minipass-fetch": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-2.1.0.tgz", + "integrity": "sha512-H9U4UVBGXEyyWJnqYDCLp1PwD8XIkJ4akNHp1aGVI+2Ym7wQMlxDKi4IB4JbmyU+pl9pEs/cVrK6cOuvmbK4Sg==", + "dependencies": { + "minipass": "^3.1.6", + "minipass-sized": "^1.0.3", + "minizlib": "^2.1.2" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + }, + "optionalDependencies": { + "encoding": "^0.1.13" + } + }, + "node_modules/npm-registry-fetch/node_modules/socks-proxy-agent": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-7.0.0.tgz", + "integrity": "sha512-Fgl0YPZ902wEsAyiQ+idGd1A7rSFx/ayC1CQVMw5P+EQx2V0SgpGtf6OKFhVjPflPUl9YMmEOnmfjCdMUsygww==", + "dependencies": { + "agent-base": "^6.0.2", + "debug": "^4.3.3", + "socks": "^2.6.2" + }, + "engines": { + "node": ">= 10" } }, "node_modules/npmlog": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-6.0.0.tgz", - "integrity": "sha512-03ppFRGlsyUaQFbGC2C8QWJN/C/K7PsfyD9aQdhVKAQIH4sQBc8WASqFBP7O+Ut4d2oo5LoeoboB3cGdBZSp6Q==", + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-6.0.2.tgz", + "integrity": "sha512-/vBvz5Jfr9dT/aFWd0FIRf+T/Q2WBsLENygUaFUqstqsycmZAP/t5BvFJTK0viFmSUxiUKTUplWy5vt+rvKIxg==", "dependencies": { - "are-we-there-yet": "^2.0.0", + "are-we-there-yet": "^3.0.0", "console-control-strings": "^1.1.0", - "gauge": "^4.0.0", + "gauge": "^4.0.3", "set-blocking": "^2.0.0" }, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/object-inspect": { @@ -4483,6 +4767,20 @@ "node": ">=4" } }, + "node_modules/p-map": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz", + "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==", + "dependencies": { + "aggregate-error": "^3.0.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/p-try": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/p-try/-/p-try-1.0.0.tgz", @@ -4494,35 +4792,37 @@ } }, "node_modules/pacote": { - "version": "12.0.3", - "resolved": "https://registry.npmjs.org/pacote/-/pacote-12.0.3.tgz", - "integrity": "sha512-CdYEl03JDrRO3x18uHjBYA9TyoW8gy+ThVcypcDkxPtKlw76e4ejhYB6i9lJ+/cebbjpqPW/CijjqxwDTts8Ow==", - "dependencies": { - "@npmcli/git": "^2.1.0", - "@npmcli/installed-package-contents": "^1.0.6", - "@npmcli/promise-spawn": "^1.2.0", - "@npmcli/run-script": "^2.0.0", - "cacache": "^15.0.5", + "version": "13.6.0", + "resolved": "https://registry.npmjs.org/pacote/-/pacote-13.6.0.tgz", + "integrity": "sha512-zHmuCwG4+QKnj47LFlW3LmArwKoglx2k5xtADiMCivVWPgNRP5QyLDGOIjGjwOe61lhl1rO63m/VxT16pEHLWg==", + "dependencies": { + "@npmcli/git": "^3.0.0", + "@npmcli/installed-package-contents": "^1.0.7", + "@npmcli/promise-spawn": "^3.0.0", + "@npmcli/run-script": "^3.0.1", + "cacache": "^16.0.0", "chownr": "^2.0.0", "fs-minipass": "^2.1.0", "infer-owner": "^1.0.4", - "minipass": "^3.1.3", - "mkdirp": "^1.0.3", - "npm-package-arg": "^8.0.1", - "npm-packlist": "^3.0.0", - "npm-pick-manifest": "^6.0.0", - "npm-registry-fetch": "^12.0.0", + "minipass": "^3.1.6", + "mkdirp": "^1.0.4", + "npm-package-arg": "^9.0.0", + "npm-packlist": "^5.1.0", + "npm-pick-manifest": "^7.0.0", + "npm-registry-fetch": "^13.0.1", + "proc-log": "^2.0.0", "promise-retry": "^2.0.1", - "read-package-json-fast": "^2.0.1", + "read-package-json": "^5.0.0", + "read-package-json-fast": "^2.0.3", "rimraf": "^3.0.2", - "ssri": "^8.0.1", - "tar": "^6.1.0" + "ssri": "^9.0.0", + "tar": "^6.1.11" }, "bin": { "pacote": "lib/bin.js" }, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/parent-module": { @@ -4538,16 +4838,16 @@ } }, "node_modules/parse-conflict-json": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/parse-conflict-json/-/parse-conflict-json-2.0.1.tgz", - "integrity": "sha512-Y7nYw+QaSGBto1LB9lgwOR05Rtz5SbuTf+Oe7HJ6SYQ/DHsvRjQ8O03oWdJbvkt6GzDWospgyZbGmjDYL0sDgA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/parse-conflict-json/-/parse-conflict-json-2.0.2.tgz", + "integrity": "sha512-jDbRGb00TAPFsKWCpZZOT93SxVP9nONOSgES3AevqRq/CHvavEBvKAjxX9p5Y5F0RZLxH9Ufd9+RwtCsa+lFDA==", "dependencies": { "json-parse-even-better-errors": "^2.3.1", "just-diff": "^5.0.1", - "just-diff-apply": "^4.0.1" + "just-diff-apply": "^5.2.0" }, "engines": { - "node": "^12.13.0 || ^14.15.0 || >=16" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/parse-ms": { @@ -4695,9 +4995,12 @@ } }, "node_modules/proc-log": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-1.0.0.tgz", - "integrity": "sha512-aCk8AO51s+4JyuYGg3Q/a6gnrlDO09NpVWePtjp7xwphcoQ04x5WAfCyugcsbLooWcMJ87CLkD4+604IckEdhg==" + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-2.0.1.tgz", + "integrity": "sha512-Kcmo2FhfDTXdcbfDH76N7uBYHINxc/8GW7UAVuVP9I+Va3uHSerrnKV6dLooga/gh7GlgzuCCr/eoldnL1muGw==", + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } }, "node_modules/progress": { "version": "2.0.3", @@ -4727,7 +5030,7 @@ "node_modules/promise-inflight": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/promise-inflight/-/promise-inflight-1.0.1.tgz", - "integrity": "sha1-mEcocL8igTL8vdhoEputEsPAKeM=" + "integrity": "sha512-6zWPyEOFaQBJYcGMHBKTKJ3u6TBsnMFOIZSa6ce1e/ZrrsOlnHRHbabMjLiBYKp+n44X9eUI6VUPaukCXHuG4g==" }, "node_modules/promise-retry": { "version": "2.0.1", @@ -4788,9 +5091,26 @@ } }, "node_modules/read-cmd-shim": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/read-cmd-shim/-/read-cmd-shim-2.0.0.tgz", - "integrity": "sha512-HJpV9bQpkl6KwjxlJcBoqu9Ba0PQg8TqSNIOrulGt54a0uup0HtevreFHzYzkm0lpnleRdNBzXznKrgxglEHQw==" + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/read-cmd-shim/-/read-cmd-shim-3.0.0.tgz", + "integrity": "sha512-KQDVjGqhZk92PPNRj9ZEXEuqg8bUobSKRw+q0YQ3TKI5xkce7bUJobL4Z/OtiEbAAv70yEpYIXp4iQ9L8oPVog==", + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } + }, + "node_modules/read-package-json": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/read-package-json/-/read-package-json-5.0.1.tgz", + "integrity": "sha512-MALHuNgYWdGW3gKzuNMuYtcSSZbGQm94fAp16xt8VsYTLBjUSc55bLMKe6gzpWue0Tfi6CBgwCSdDAqutGDhMg==", + "dependencies": { + "glob": "^8.0.1", + "json-parse-even-better-errors": "^2.3.1", + "normalize-package-data": "^4.0.0", + "npm-normalize-package-bin": "^1.0.1" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } }, "node_modules/read-package-json-fast": { "version": "2.0.3", @@ -4804,6 +5124,43 @@ "node": ">=10" } }, + "node_modules/read-package-json/node_modules/brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "dependencies": { + "balanced-match": "^1.0.0" + } + }, + "node_modules/read-package-json/node_modules/glob": { + "version": "8.0.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-8.0.3.tgz", + "integrity": "sha512-ull455NHSHI/Y1FqGaaYFaLGkNMMJbavMrEGFXG/PGrg6y7sutWHUHrz6gy6WEBH6akM1M414dWKCNs+IhKdiQ==", + "dependencies": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^5.0.1", + "once": "^1.3.0" + }, + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, + "node_modules/read-package-json/node_modules/minimatch": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz", + "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==", + "dependencies": { + "brace-expansion": "^2.0.1" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/readable-stream": { "version": "3.6.0", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz", @@ -4910,7 +5267,7 @@ "node_modules/retry": { "version": "0.12.0", "resolved": "https://registry.npmjs.org/retry/-/retry-0.12.0.tgz", - "integrity": "sha1-G0KmJmoh8HQh0bC1S33BZ7AcATs=", + "integrity": "sha512-9LkiTwjUh6rT555DtE9rTX+BKByPfrMzEAtnlEtdEwr3Nkffwiihqe2bWADg+OQRjt9gl6ICdmB/ZFDCGAtSow==", "engines": { "node": ">= 4" } @@ -5007,9 +5364,9 @@ "optional": true }, "node_modules/semver": { - "version": "7.3.5", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", - "integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", + "version": "7.3.7", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.7.tgz", + "integrity": "sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g==", "dependencies": { "lru-cache": "^6.0.0" }, @@ -5032,7 +5389,7 @@ "node_modules/set-blocking": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", - "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=" + "integrity": "sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==" }, "node_modules/shebang-command": { "version": "2.0.0", @@ -5071,9 +5428,9 @@ } }, "node_modules/signal-exit": { - "version": "3.0.6", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.6.tgz", - "integrity": "sha512-sDl4qMFpijcGw22U5w63KmD3cZJfBuFlVNbVMKje2keoKML7X2UzWbc4XrmEbDwg0NXJc3yv4/ox7b+JWb57kQ==" + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" }, "node_modules/slash": { "version": "3.0.0", @@ -5110,12 +5467,12 @@ } }, "node_modules/socks": { - "version": "2.6.1", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.6.1.tgz", - "integrity": "sha512-kLQ9N5ucj8uIcxrDwjm0Jsqk06xdpBjGNQtpXy4Q8/QY2k+fY7nZH8CARy+hkbG+SGAovmzzuauCpBlb8FrnBA==", + "version": "2.6.2", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.6.2.tgz", + "integrity": "sha512-zDZhHhZRY9PxRruRMR7kMhnf3I8hDs4S3f9RecfnGxvcBHQcKcIH/oUcEWffsfl1XxdYlA7nnlGbbTvPz9D8gA==", "dependencies": { "ip": "^1.1.5", - "smart-buffer": "^4.1.0" + "smart-buffer": "^4.2.0" }, "engines": { "node": ">= 10.13.0", @@ -5123,13 +5480,13 @@ } }, "node_modules/socks-proxy-agent": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-6.1.1.tgz", - "integrity": "sha512-t8J0kG3csjA4g6FTbsMOWws+7R7vuRC8aQ/wy3/1OWmsgwA68zs/+cExQ0koSitUDXqhufF/YJr9wtNMZHw5Ew==", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-6.2.1.tgz", + "integrity": "sha512-a6KW9G+6B3nWZ1yB8G7pJwL3ggLy1uTzKAgCb7ttblwqdz9fMGJUuTy3uFzEP48FAs9FLILlmzDlE2JJhVQaXQ==", "dependencies": { "agent-base": "^6.0.2", - "debug": "^4.3.1", - "socks": "^2.6.1" + "debug": "^4.3.3", + "socks": "^2.6.2" }, "engines": { "node": ">= 10" @@ -5144,6 +5501,15 @@ "node": ">=0.10.0" } }, + "node_modules/spdx-correct": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.1.tgz", + "integrity": "sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==", + "dependencies": { + "spdx-expression-parse": "^3.0.0", + "spdx-license-ids": "^3.0.0" + } + }, "node_modules/spdx-exceptions": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz", @@ -5164,14 +5530,14 @@ "integrity": "sha512-Ctl2BrFiM0X3MANYgj3CkygxhRmr9mi6xhejbdO960nF6EDJApTYpn0BQnDKlnNBULKiCN1n3w9EBkHK8ZWg+g==" }, "node_modules/ssri": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/ssri/-/ssri-8.0.1.tgz", - "integrity": "sha512-97qShzy1AiyxvPNIkLWoGua7xoQzzPjQ0HAH4B0rWKo7SZ6USuPcrUiAFrws0UH8RrbWmgq3LMTObhPIHbbBeQ==", + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/ssri/-/ssri-9.0.1.tgz", + "integrity": "sha512-o57Wcn66jMQvfHG1FlYbWeZWW/dHZhJXjpIcTfXldXEk5nz5lStPo3mK0OJQfGR3RbZUlbISexbljkJzuEj/8Q==", "dependencies": { "minipass": "^3.1.1" }, "engines": { - "node": ">= 8" + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" } }, "node_modules/statuses": { @@ -5370,9 +5736,12 @@ } }, "node_modules/treeverse": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/treeverse/-/treeverse-1.0.4.tgz", - "integrity": "sha512-whw60l7r+8ZU8Tu/Uc2yxtc4ZTZbR/PF3u1IPNKGQ6p8EICLb3Z2lAgoqw9bqYd8IkgnsaOcLzYHFckjqNsf0g==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/treeverse/-/treeverse-2.0.0.tgz", + "integrity": "sha512-N5gJCkLu1aXccpOTtqV6ddSEi6ZmGkh3hjmbu1IjcavJK4qyOVQmi0myQKM7z5jVGmD68SJoliaVrMmVObhj6A==", + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } }, "node_modules/ts-node": { "version": "10.4.0", @@ -5512,25 +5881,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/typedarray-to-buffer": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-4.0.0.tgz", - "integrity": "sha512-6dOYeZfS3O9RtRD1caom0sMxgK59b27+IwoNy8RDPsmslSGOyU+mpTamlaIW7aNKi90ZQZ9DFaZL3YRoiSCULQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, "node_modules/typescript": { "version": "4.5.2", "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.5.2.tgz", @@ -5561,9 +5911,9 @@ } }, "node_modules/undici": { - "version": "4.13.0", - "resolved": "https://registry.npmjs.org/undici/-/undici-4.13.0.tgz", - "integrity": "sha512-8lk8S/f2V0VUNGf2scU2b+KI2JSzEQLdCyRNRF3XmHu+5jectlSDaPSBCXAHFaUlt1rzngzOBVDgJS9/Gue/KA==", + "version": "5.5.1", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.5.1.tgz", + "integrity": "sha512-MEvryPLf18HvlCbLSzCW0U00IMftKGI5udnjrQbC5D4P0Hodwffhv+iGfWuJwg16Y/TK11ZFK8i+BPVW2z/eAw==", "engines": { "node": ">=12.18" } @@ -5595,7 +5945,7 @@ "node_modules/util-deprecate": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", - "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" + "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==" }, "node_modules/v8-compile-cache": { "version": "2.3.0", @@ -5603,18 +5953,25 @@ "integrity": "sha512-l8lCEmLcLYZh4nbunNZvQCJc5pv7+RCwa8q/LdUx8u7lsWvPDKmpodJAJNwkAhJC//dFY48KuIEmjtd4RViDrA==", "dev": true }, - "node_modules/validate-npm-package-name": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-3.0.0.tgz", - "integrity": "sha1-X6kS2B630MdK/BQN5zF/DKffQ34=", + "node_modules/validate-npm-package-license": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", "dependencies": { - "builtins": "^1.0.3" + "spdx-correct": "^3.0.0", + "spdx-expression-parse": "^3.0.0" } }, - "node_modules/validate-npm-package-name/node_modules/builtins": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/builtins/-/builtins-1.0.3.tgz", - "integrity": "sha1-y5T662HIaWRR2zZTThQi+U8K7og=" + "node_modules/validate-npm-package-name": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-4.0.0.tgz", + "integrity": "sha512-mzR0L8ZDktZjpX4OB46KT+56MAhl4EIazWP/+G/HPGuvfdaqg4YsCdtOm6U9+LOFyYDoh4dpnpxZRB9MQQns5Q==", + "dependencies": { + "builtins": "^5.0.0" + }, + "engines": { + "node": "^12.13.0 || ^14.15.0 || >=16.0.0" + } }, "node_modules/walk-up-path": { "version": "1.0.0", @@ -5698,14 +6055,12 @@ "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" }, "node_modules/write-file-atomic": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.0.tgz", - "integrity": "sha512-JhcWoKffJNF7ivO9yflBhc7tn3wKnokMUfWpBriM9yCXj4ePQnRPcWglBkkg1AHC8nsW/EfxwwhqsLtOy59djA==", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.1.tgz", + "integrity": "sha512-nSKUxgAbyioruk6hU87QzVbY279oYT6uiwgDoujth2ju4mJ+TZau7SQBhtbTmUyuNYTuXnSyRn66FV0+eCgcrQ==", "dependencies": { "imurmurhash": "^0.1.4", - "is-typedarray": "^1.0.0", - "signal-exit": "^3.0.2", - "typedarray-to-buffer": "^4.0.0" + "signal-exit": "^3.0.7" }, "engines": { "node": "^12.13.0 || ^14.15.0 || >=16" @@ -6238,9 +6593,9 @@ } }, "@gar/promisify": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@gar/promisify/-/promisify-1.1.2.tgz", - "integrity": "sha512-82cpyJyKRoQoRi+14ibCeGPu0CwypgtBAdBhq1WfvagpCZNKqwXbKwXllYSMG91DhmG4jt9gN8eP6lGOtozuaw==" + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@gar/promisify/-/promisify-1.1.3.tgz", + "integrity": "sha512-k2Ty1JcVojjJFwrg/ThKi2ujJ7XNLYaFGNB/bWT9wGR+oSMJHMa5w+CUq6p/pVrKeNNgA7pCqEcjSnHVoqJQFw==" }, "@humanwhocodes/config-array": { "version": "0.9.2", @@ -6270,14 +6625,21 @@ "integrity": "sha512-SQ7Kzhh9+D+ZW9MA0zkYv3VXhIDNx+LzM6EJ+/65I3QY+enU6Itte7E5XX7EWrqLW2FN4n06GWzBnPoC3th2aQ==" }, "@myunisoft/httpie": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/@myunisoft/httpie/-/httpie-1.4.0.tgz", - "integrity": "sha512-rZhQxh2Ay3fy7OHEqoGyX0FnS86Df7cHWOPIOaJrDKsp5AnHIakFpZeRoaiAig8vdZ2oj1G3riZivLCl7fMNAg==", + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/@myunisoft/httpie/-/httpie-1.8.0.tgz", + "integrity": "sha512-+Gye+gL14arbhMLANumHFB2wp4lEJza9Td2eyK4W/z7hPD0TgzZInqa3+cGPh1yZXGM0S7K4treGc+AO5J9s/Q==", "requires": { "content-type": "^1.0.4", - "lru-cache": "^6.0.0", + "lru-cache": "^7.10.1", "statuses": "^2.0.1", - "undici": "^4.12.2" + "undici": "^5.5.1" + }, + "dependencies": { + "lru-cache": { + "version": "7.10.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.10.1.tgz", + "integrity": "sha512-BQuhQxPuRl79J5zSXRP+uNzPOyZw2oFI9JLRQ80XswSvg21KMKNtQza9eF42rfI/3Z40RvzBdXgziEkudzjo8A==" + } } }, "@nodelib/fs.scandir": { @@ -6320,9 +6682,9 @@ } }, "@nodesecure/flags": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@nodesecure/flags/-/flags-2.2.0.tgz", - "integrity": "sha512-uVPIkRhT3ytu+i3M3MIyFmCaQucrTMP5BTfVd/AjpIUTqAYCh9cgHdUt1FFv16iEHP/VyhpYpXwmR7+zXoH6RA==" + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@nodesecure/flags/-/flags-2.4.0.tgz", + "integrity": "sha512-kzgg8MlEoMt3yY5gR4Aoijri0KwRlih44vtmR/vcioiLPjMmVF8kWidbtf4Je7+mjp+Tnmyn8CCk9q1Nc345gw==" }, "@nodesecure/fs-walk": { "version": "1.0.0", @@ -6330,23 +6692,23 @@ "integrity": "sha512-3Sn8N78jWiOdatBTTLt6YbEHNhkuO13T9gQT3bhVkQdU/cQ4VKX6K76Up8HQLH5IQ168vIzAz8eWvM4dPsnK7w==" }, "@nodesecure/i18n": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@nodesecure/i18n/-/i18n-1.2.1.tgz", - "integrity": "sha512-KxJpE3Ra9ZEomdcJBy4EfsIlae7wE1DFb+ez9OEBZ5Zo3yup79saYtUWnxFWIC6jvG5mJJcGHQj7Vr+MgLJ1IA==", + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/@nodesecure/i18n/-/i18n-1.5.0.tgz", + "integrity": "sha512-xmz/v27D1qtk9H1F6TBvmxBla95EmQ+B5oM/qZmUPlGMBG7EG4N6N9K34buQMdwIzzu3KKW59jydBdJgNKnfrQ==", "requires": { - "cacache": "^15.3.0", + "cacache": "^16.0.7", "lodash.get": "^4.4.2" } }, "@nodesecure/js-x-ray": { - "version": "4.2.1", - "resolved": "https://registry.npmjs.org/@nodesecure/js-x-ray/-/js-x-ray-4.2.1.tgz", - "integrity": "sha512-ZH6LkTQnysH4zh0iSt6U6duzo38ufZgDvqoh69OWVjbsRXHt/DipIWhzhrXFKgyXzOLbOtJwF9rgHDoHkwAWLw==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/@nodesecure/js-x-ray/-/js-x-ray-5.0.1.tgz", + "integrity": "sha512-VQy5K0MR+edNQpxnzatUZvCMUXYo7MZEhRdbHpifKn9cGZEbVlYQ2QH7Eb3M9tZwJoUHgmPncoRZTe+uPAzw1Q==", "requires": { - "@nodesecure/sec-literal": "^1.0.1", + "@nodesecure/sec-literal": "^1.1.0", "estree-walker": "^3.0.1", "is-minified-code": "^2.0.0", - "meriyah": "^4.2.0", + "meriyah": "^4.2.1", "safe-regex": "^2.1.1" } }, @@ -6359,12 +6721,12 @@ } }, "@nodesecure/npm-registry-sdk": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@nodesecure/npm-registry-sdk/-/npm-registry-sdk-1.3.0.tgz", - "integrity": "sha512-h/dpP+EEqEHw6hnXUfgy9DowqpB9Wd91KPj6PqW41s1vLS/pgP5rmwMBEHu/utmpeJWrDI3Iy3FVpAATldWyvQ==", + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@nodesecure/npm-registry-sdk/-/npm-registry-sdk-1.4.0.tgz", + "integrity": "sha512-pUXDIE9zRIr7kq6MiP9Xom2tL+4TMDq1ecWBLtpUvnrdzz0zScajlFG006dJxK29EXh1f5Op+gpPyAaJVrC5Tg==", "requires": { - "@myunisoft/httpie": "^1.3.1", - "@npm/types": "^1.0.1" + "@myunisoft/httpie": "^1.8.0", + "@npm/types": "^1.0.2" } }, "@nodesecure/ntlp": { @@ -6376,58 +6738,72 @@ } }, "@nodesecure/rc": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@nodesecure/rc/-/rc-1.0.1.tgz", - "integrity": "sha512-vKHUebUOu6IjSCfzTuriNDYMtZFDAikGtaL3XUhF07rUed4daUOVCHTSFt79I3yYIXwBZB9vYTl4jQdb3+d4xQ==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@nodesecure/rc/-/rc-1.2.0.tgz", + "integrity": "sha512-Fikc815kOiewzkoRP+efJGC8kzotwuzVCkFZF4wXbktakf3cCaCwplDxhOqIWak4SGxkCll9S8UAD4RSq0j6eQ==", "requires": { - "@nodesecure/i18n": "^1.2.1", - "@nodesecure/js-x-ray": "^4.2.1", - "@nodesecure/vuln": "^1.5.0", + "@nodesecure/i18n": "^1.5.0", + "@nodesecure/js-x-ray": "^5.0.1", + "@nodesecure/vuln": "^1.7.0", "@slimio/config": "^1.0.1", "ts-results": "^3.3.0", - "type-fest": "^2.11.0" + "type-fest": "^2.13.1" }, "dependencies": { "type-fest": { - "version": "2.12.0", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-2.12.0.tgz", - "integrity": "sha512-Qe5GRT+n/4GoqCNGGVp5Snapg1Omq3V7irBJB3EaKsp7HWDo5Gv2d/67gfNyV+d5EXD+x/RF5l1h4yJ7qNkcGA==" + "version": "2.13.1", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-2.13.1.tgz", + "integrity": "sha512-hXYyrPFwETT2swFLHeoKtJrvSF/ftG/sA15/8nGaLuaDGfVAaq8DYFpu4yOyV4tzp082WqnTEoMsm3flKMI2FQ==" } } }, "@nodesecure/scanner": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/@nodesecure/scanner/-/scanner-3.3.0.tgz", - "integrity": "sha512-r1R0SCPzJPAHXcTIz9JmgOKMxBrdKEhqUidanNDfPqPmx3XEOaRnzavabsREC6/cF0BLCWEsGCYClIejEkMz9A==", + "version": "3.6.0", + "resolved": "https://registry.npmjs.org/@nodesecure/scanner/-/scanner-3.6.0.tgz", + "integrity": "sha512-NmaeTcpwxE3oT6QfnyVX5cfl2GGYkS4DXhCrNwI0Ax3DPu4j8MFOu2dRBEd+zdOLs7TvGGQVwyo2Ss0XBhk3GA==", "requires": { - "@nodesecure/flags": "^2.2.0", + "@nodesecure/flags": "^2.3.0", "@nodesecure/fs-walk": "^1.0.0", - "@nodesecure/i18n": "^1.2.1", - "@nodesecure/js-x-ray": "^4.2.0", + "@nodesecure/i18n": "^1.3.0", + "@nodesecure/js-x-ray": "^4.5.0", "@nodesecure/npm-registry-sdk": "^1.3.0", "@nodesecure/ntlp": "^2.1.0", "@nodesecure/utils": "^1.0.0", - "@nodesecure/vuln": "^1.5.0", - "@npm/types": "^1.0.1", - "@npmcli/arborist": "^4.3.0", + "@nodesecure/vuln": "^1.7.0", + "@npm/types": "^1.0.2", + "@npmcli/arborist": "^5.2.1", "@slimio/lock": "^1.0.0", - "builtins": "^4.0.0", + "builtins": "^5.0.1", "combine-async-iterators": "^2.0.1", "itertools": "^1.7.1", "lodash.difference": "^4.5.0", - "pacote": "^12.0.3", - "semver": "^7.3.4" + "pacote": "^13.6.0", + "semver": "^7.3.7" + }, + "dependencies": { + "@nodesecure/js-x-ray": { + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/@nodesecure/js-x-ray/-/js-x-ray-4.5.0.tgz", + "integrity": "sha512-NFmPkX0jL4AVzfFYLqKZJqxs7dWdXJE7EZKGMToWopNp4W5fe8ys64puAqxxWiYF9jxMKjyLLCro+v5s8TDyVA==", + "requires": { + "@nodesecure/sec-literal": "^1.1.0", + "estree-walker": "^3.0.1", + "is-minified-code": "^2.0.0", + "meriyah": "^4.2.1", + "safe-regex": "^2.1.1" + } + } } }, "@nodesecure/sec-literal": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@nodesecure/sec-literal/-/sec-literal-1.0.1.tgz", - "integrity": "sha512-gnYdW1zzBpkKxNHg4vdhkkpvQvQqpYvSoBpdNHJlBnMehy0UCSViAQVXQA7BupHXrYP5xRnrq3lQvzU1QI6PqQ==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@nodesecure/sec-literal/-/sec-literal-1.1.0.tgz", + "integrity": "sha512-gBk4OGzBR3u+nbMlOGTCJzY0MLLELxkDSlEz49jm0KXHTvGv3r7xNbZKRhuxLkyKFLzGvNohbSiIkhqUOIcyiA==", "requires": { "frequency-set": "^1.0.1", "is-base64": "^1.1.0", "is-svg": "^4.3.2", - "string-width": "^5.0.1" + "string-width": "^5.1.2" }, "dependencies": { "ansi-regex": { @@ -6440,18 +6816,13 @@ "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==" }, - "is-fullwidth-code-point": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-4.0.0.tgz", - "integrity": "sha512-O4L094N2/dZ7xqVdrXhh9r1KODPJpFms8B5sGdJLPy664AgvXsreZUyCQQNItZRDlYug4xStLjNp/sz3HvBowQ==" - }, "string-width": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.0.1.tgz", - "integrity": "sha512-5ohWO/M4//8lErlUUtrFy3b11GtNOuMOU0ysKCDXFcfXuuvUXu95akgj/i8ofmaGdN0hCqyl6uu9i8dS/mQp5g==", + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", + "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", "requires": { + "eastasianwidth": "^0.2.0", "emoji-regex": "^9.2.2", - "is-fullwidth-code-point": "^4.0.0", "strip-ansi": "^7.0.1" } }, @@ -6471,83 +6842,93 @@ "integrity": "sha512-eLkW+MDYx/pznZ5lvAA4QbQJryUaHOIwSfm/anWHsZYNE3HdtUOq2T7/eAKQyymmEIJbG3EHYMXVKSiVKZWgng==" }, "@nodesecure/vuln": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/@nodesecure/vuln/-/vuln-1.5.0.tgz", - "integrity": "sha512-bwT5ftAPMwvEyhtSW6p9nRsyf0kqXmc+Pw9VYzT6LSuw+bQFW89hXEp6CwmQh8mbSTGB0nSxcrT03Dkc02jBEQ==", + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@nodesecure/vuln/-/vuln-1.7.0.tgz", + "integrity": "sha512-48KZ+gOD0k059RUjNzWu7JeMwXrHPn+Nbzcf2Ee149Esl56vWKnjn690gXyKbqf+2s/HN5NCTIwXOJW00aKPog==", "requires": { - "@myunisoft/httpie": "^1.4.0", + "@myunisoft/httpie": "^1.6.0", "@nodesecure/npm-registry-sdk": "^1.3.0", - "@npmcli/arborist": "^4.2.1", + "@npmcli/arborist": "^5.1.1", "@slimio/github": "^1.0.0", - "semver": "^7.3.5" + "semver": "^7.3.7" } }, "@npm/types": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@npm/types/-/types-1.0.1.tgz", - "integrity": "sha512-+tTwymYjZrm7s5KPcS6Abq2l1wVlsk0Jxx4RWMMlC9BePNK4BGMaXUKWphdi7xAYJNA+lwqIqFK6hcNrMu/HFg==" + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/@npm/types/-/types-1.0.2.tgz", + "integrity": "sha512-KXZccTDEnWqNrrx6JjpJKU/wJvNeg9BDgjS0XhmlZab7br921HtyVbsYzJr4L+xIvjdJ20Wh9dgxgCI2a5CEQw==" }, "@npmcli/arborist": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-4.3.0.tgz", - "integrity": "sha512-d1aDSql/JrCRRc3g6R6bXk94Gx9ggf25qaMTEc6KCEdIghr2oL+zkr/hQMWcSuBPPynx4yNA9EcZ3uFosvMp+Q==", + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/@npmcli/arborist/-/arborist-5.2.1.tgz", + "integrity": "sha512-DNyTHov3lU7PtCGHABzrPqQOUiBdiYzZ5dLv3D0RD5I9KbmhTLcZI/rv3ddZY0K9vpDE/R+R48b+cU/dUkL0Tw==", "requires": { "@isaacs/string-locale-compare": "^1.1.0", "@npmcli/installed-package-contents": "^1.0.7", - "@npmcli/map-workspaces": "^2.0.0", - "@npmcli/metavuln-calculator": "^2.0.0", - "@npmcli/move-file": "^1.1.0", + "@npmcli/map-workspaces": "^2.0.3", + "@npmcli/metavuln-calculator": "^3.0.1", + "@npmcli/move-file": "^2.0.0", "@npmcli/name-from-folder": "^1.0.1", - "@npmcli/node-gyp": "^1.0.3", - "@npmcli/package-json": "^1.0.1", - "@npmcli/run-script": "^2.0.0", + "@npmcli/node-gyp": "^2.0.0", + "@npmcli/package-json": "^2.0.0", + "@npmcli/run-script": "^3.0.0", "bin-links": "^3.0.0", - "cacache": "^15.0.3", + "cacache": "^16.0.6", "common-ancestor-path": "^1.0.1", "json-parse-even-better-errors": "^2.3.1", "json-stringify-nice": "^1.1.4", "mkdirp": "^1.0.4", "mkdirp-infer-owner": "^2.0.0", - "npm-install-checks": "^4.0.0", - "npm-package-arg": "^8.1.5", - "npm-pick-manifest": "^6.1.0", - "npm-registry-fetch": "^12.0.1", - "pacote": "^12.0.2", + "nopt": "^5.0.0", + "npm-install-checks": "^5.0.0", + "npm-package-arg": "^9.0.0", + "npm-pick-manifest": "^7.0.0", + "npm-registry-fetch": "^13.0.0", + "npmlog": "^6.0.2", + "pacote": "^13.0.5", "parse-conflict-json": "^2.0.1", - "proc-log": "^1.0.0", + "proc-log": "^2.0.0", "promise-all-reject-late": "^1.0.0", "promise-call-limit": "^1.0.1", "read-package-json-fast": "^2.0.2", "readdir-scoped-modules": "^1.1.0", "rimraf": "^3.0.2", - "semver": "^7.3.5", - "ssri": "^8.0.1", - "treeverse": "^1.0.4", + "semver": "^7.3.7", + "ssri": "^9.0.0", + "treeverse": "^2.0.0", "walk-up-path": "^1.0.0" } }, "@npmcli/fs": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-1.0.0.tgz", - "integrity": "sha512-8ltnOpRR/oJbOp8vaGUnipOi3bqkcW+sLHFlyXIr08OGHmVJLB1Hn7QtGXbYcpVtH1gAYZTlmDXtE4YV0+AMMQ==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-2.1.0.tgz", + "integrity": "sha512-DmfBvNXGaetMxj9LTp8NAN9vEidXURrf5ZTslQzEAi/6GbW+4yjaLFQc6Tue5cpZ9Frlk4OBo/Snf1Bh/S7qTQ==", "requires": { - "@gar/promisify": "^1.0.1", + "@gar/promisify": "^1.1.3", "semver": "^7.3.5" } }, "@npmcli/git": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@npmcli/git/-/git-2.1.0.tgz", - "integrity": "sha512-/hBFX/QG1b+N7PZBFs0bi+evgRZcK9nWBxQKZkGoXUT5hJSwl5c4d7y8/hm+NQZRPhQ67RzFaj5UM9YeyKoryw==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/@npmcli/git/-/git-3.0.1.tgz", + "integrity": "sha512-UU85F/T+F1oVn3IsB/L6k9zXIMpXBuUBE25QDH0SsURwT6IOBqkC7M16uqo2vVZIyji3X1K4XH9luip7YekH1A==", "requires": { - "@npmcli/promise-spawn": "^1.3.2", - "lru-cache": "^6.0.0", + "@npmcli/promise-spawn": "^3.0.0", + "lru-cache": "^7.4.4", "mkdirp": "^1.0.4", - "npm-pick-manifest": "^6.1.1", + "npm-pick-manifest": "^7.0.0", + "proc-log": "^2.0.0", "promise-inflight": "^1.0.1", "promise-retry": "^2.0.1", "semver": "^7.3.5", "which": "^2.0.2" + }, + "dependencies": { + "lru-cache": { + "version": "7.10.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.10.1.tgz", + "integrity": "sha512-BQuhQxPuRl79J5zSXRP+uNzPOyZw2oFI9JLRQ80XswSvg21KMKNtQza9eF42rfI/3Z40RvzBdXgziEkudzjo8A==" + } } }, "@npmcli/installed-package-contents": { @@ -6560,31 +6941,61 @@ } }, "@npmcli/map-workspaces": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@npmcli/map-workspaces/-/map-workspaces-2.0.0.tgz", - "integrity": "sha512-QBJfpCY1NOAkkW3lFfru9VTdqvMB2TN0/vrevl5xBCv5Fi0XDVcA6rqqSau4Ysi4Iw3fBzyXV7hzyTBDfadf7g==", + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@npmcli/map-workspaces/-/map-workspaces-2.0.3.tgz", + "integrity": "sha512-X6suAun5QyupNM8iHkNPh0AHdRC2rb1W+MTdMvvA/2ixgmqZwlq5cGUBgmKHUHT2LgrkKJMAXbfAoTxOigpK8Q==", "requires": { "@npmcli/name-from-folder": "^1.0.1", - "glob": "^7.1.6", - "minimatch": "^3.0.4", - "read-package-json-fast": "^2.0.1" + "glob": "^8.0.1", + "minimatch": "^5.0.1", + "read-package-json-fast": "^2.0.3" + }, + "dependencies": { + "brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "requires": { + "balanced-match": "^1.0.0" + } + }, + "glob": { + "version": "8.0.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-8.0.3.tgz", + "integrity": "sha512-ull455NHSHI/Y1FqGaaYFaLGkNMMJbavMrEGFXG/PGrg6y7sutWHUHrz6gy6WEBH6akM1M414dWKCNs+IhKdiQ==", + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^5.0.1", + "once": "^1.3.0" + } + }, + "minimatch": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz", + "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==", + "requires": { + "brace-expansion": "^2.0.1" + } + } } }, "@npmcli/metavuln-calculator": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@npmcli/metavuln-calculator/-/metavuln-calculator-2.0.0.tgz", - "integrity": "sha512-VVW+JhWCKRwCTE+0xvD6p3uV4WpqocNYYtzyvenqL/u1Q3Xx6fGTJ+6UoIoii07fbuEO9U3IIyuGY0CYHDv1sg==", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/@npmcli/metavuln-calculator/-/metavuln-calculator-3.1.0.tgz", + "integrity": "sha512-Q5fbQqGDlYqk7kWrbg6E2j/mtqQjZop0ZE6735wYA1tYNHguIDjAuWs+kFb5rJCkLIlXllfapvsyotYKiZOTBA==", "requires": { - "cacache": "^15.0.5", + "cacache": "^16.0.0", "json-parse-even-better-errors": "^2.3.1", - "pacote": "^12.0.0", - "semver": "^7.3.2" + "pacote": "^13.0.3", + "semver": "^7.3.5" } }, "@npmcli/move-file": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@npmcli/move-file/-/move-file-1.1.2.tgz", - "integrity": "sha512-1SUf/Cg2GzGDyaf15aR9St9TWlb+XvbZXWpDx8YKs7MLzMH/BCeopv+y9vzrzgkfykCGuWOlSu3mZhj2+FQcrg==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/move-file/-/move-file-2.0.0.tgz", + "integrity": "sha512-UR6D5f4KEGWJV6BGPH3Qb2EtgH+t+1XQ1Tt85c7qicN6cezzuHPdZwwAxqZr4JLtnQu0LZsTza/5gmNmSl8XLg==", "requires": { "mkdirp": "^1.0.4", "rimraf": "^3.0.2" @@ -6596,35 +7007,35 @@ "integrity": "sha512-qq3oEfcLFwNfEYOQ8HLimRGKlD8WSeGEdtUa7hmzpR8Sa7haL1KVQrvgO6wqMjhWFFVjgtrh1gIxDz+P8sjUaA==" }, "@npmcli/node-gyp": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/@npmcli/node-gyp/-/node-gyp-1.0.3.tgz", - "integrity": "sha512-fnkhw+fmX65kiLqk6E3BFLXNC26rUhK90zVwe2yncPliVT/Qos3xjhTLE59Df8KnPlcwIERXKVlU1bXoUQ+liA==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/node-gyp/-/node-gyp-2.0.0.tgz", + "integrity": "sha512-doNI35wIe3bBaEgrlPfdJPaCpUR89pJWep4Hq3aRdh6gKazIVWfs0jHttvSSoq47ZXgC7h73kDsUl8AoIQUB+A==" }, "@npmcli/package-json": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@npmcli/package-json/-/package-json-1.0.1.tgz", - "integrity": "sha512-y6jnu76E9C23osz8gEMBayZmaZ69vFOIk8vR1FJL/wbEJ54+9aVG9rLTjQKSXfgYZEr50nw1txBBFfBZZe+bYg==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/package-json/-/package-json-2.0.0.tgz", + "integrity": "sha512-42jnZ6yl16GzjWSH7vtrmWyJDGVa/LXPdpN2rcUWolFjc9ON2N3uz0qdBbQACfmhuJZ2lbKYtmK5qx68ZPLHMA==", "requires": { "json-parse-even-better-errors": "^2.3.1" } }, "@npmcli/promise-spawn": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/@npmcli/promise-spawn/-/promise-spawn-1.3.2.tgz", - "integrity": "sha512-QyAGYo/Fbj4MXeGdJcFzZ+FkDkomfRBrPM+9QYJSg+PxgAUL+LU3FneQk37rKR2/zjqkCV1BLHccX98wRXG3Sg==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@npmcli/promise-spawn/-/promise-spawn-3.0.0.tgz", + "integrity": "sha512-s9SgS+p3a9Eohe68cSI3fi+hpcZUmXq5P7w0kMlAsWVtR7XbK3ptkZqKT2cK1zLDObJ3sR+8P59sJE0w/KTL1g==", "requires": { "infer-owner": "^1.0.4" } }, "@npmcli/run-script": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-2.0.0.tgz", - "integrity": "sha512-fSan/Pu11xS/TdaTpTB0MRn9guwGU8dye+x56mEVgBEd/QsybBbYcAL0phPXi8SGWFEChkQd6M9qL4y6VOpFig==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-3.0.3.tgz", + "integrity": "sha512-ZXL6qgC5NjwfZJ2nET+ZSLEz/PJgJ/5CU90C2S66dZY4Jw73DasS4ZCXuy/KHWYP0imjJ4VtA+Gebb5BxxKp9Q==", "requires": { - "@npmcli/node-gyp": "^1.0.2", - "@npmcli/promise-spawn": "^1.3.2", - "node-gyp": "^8.2.0", - "read-package-json-fast": "^2.0.1" + "@npmcli/node-gyp": "^2.0.0", + "@npmcli/promise-spawn": "^3.0.0", + "node-gyp": "^8.4.1", + "read-package-json-fast": "^2.0.3" } }, "@slimio/async-cli-spinner": { @@ -6922,9 +7333,9 @@ } }, "agentkeepalive": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/agentkeepalive/-/agentkeepalive-4.2.0.tgz", - "integrity": "sha512-0PhAp58jZNw13UJv7NVdTGb0ZcghHUb3DrZ046JiiJY/BOaTTpbwdHq2VObPCBV8M2GPh7sgrJ3AQ8Ey468LJw==", + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/agentkeepalive/-/agentkeepalive-4.2.1.tgz", + "integrity": "sha512-Zn4cw2NEqd+9fiSVWMscnjyQ1a8Yfoc5oBajLeo5w+YBHgDUcEBY2hS4YpTz6iN5f/2zQiktcuM6tS8x1p9dpA==", "requires": { "debug": "^4.1.0", "depd": "^1.1.2", @@ -6986,9 +7397,9 @@ "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==" }, "are-we-there-yet": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-2.0.0.tgz", - "integrity": "sha512-Ci/qENmwHnsYo9xKIcUJN5LeDKdJ6R1Z1j9V/J5wyq8nh/mYPEpIKJbBZXtZjG04HiK7zV/p6Vs9952MrMeUIw==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-3.0.0.tgz", + "integrity": "sha512-0GWpv50YSOcLXaN6/FAKY3vfRbllXWV2xvfA/oKJF8pzFhWXPV+yjhJXDBbjscDYowv7Yw1A3uigpzn5iEGTyw==", "requires": { "delegates": "^1.0.0", "readable-stream": "^3.6.0" @@ -7041,7 +7452,7 @@ "asap": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/asap/-/asap-2.0.6.tgz", - "integrity": "sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=" + "integrity": "sha512-BSHWgDSAiKs50o2Re8ppvp3seVHXSRM44cdSsT9FfNEUUZLOGWVCsiWaRPWM1Znn+mqZ1OfVZ3z3DWEzSp7hRA==" }, "assertion-error": { "version": "1.1.0", @@ -7065,14 +7476,14 @@ "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==" }, "bin-links": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/bin-links/-/bin-links-3.0.0.tgz", - "integrity": "sha512-fC7kPWcEkAWBgCKxmAMqZldlIeHsXwQy9JXzrppAVQiukGiDKxmYesJcBKWu6UMwx/5GOfo10wtK/4zy+Xt/mg==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/bin-links/-/bin-links-3.0.1.tgz", + "integrity": "sha512-9vx+ypzVhASvHTS6K+YSGf7nwQdANoz7v6MTC0aCtYnOEZ87YvMf81aY737EZnGZdpbRM3sfWjO9oWkKmuIvyQ==", "requires": { - "cmd-shim": "^4.0.1", + "cmd-shim": "^5.0.0", "mkdirp-infer-owner": "^2.0.0", "npm-normalize-package-bin": "^1.0.0", - "read-cmd-shim": "^2.0.0", + "read-cmd-shim": "^3.0.0", "rimraf": "^3.0.0", "write-file-atomic": "^4.0.0" } @@ -7140,44 +7551,69 @@ } }, "builtins": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/builtins/-/builtins-4.0.0.tgz", - "integrity": "sha512-qC0E2Dxgou1IHhvJSLwGDSTvokbRovU5zZFuDY6oY8Y2lF3nGt5Ad8YZK7GMtqzY84Wu7pXTPeHQeHcXSXsRhw==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/builtins/-/builtins-5.0.1.tgz", + "integrity": "sha512-qwVpFEHNfhYJIzNRBvd2C1kyo6jz3ZSMPyyuR47OPdiKWlbYnZNyDWuyR175qDnAJLiCo5fBBqPb3RiXgWlkOQ==", "requires": { "semver": "^7.0.0" } }, "cacache": { - "version": "15.3.0", - "resolved": "https://registry.npmjs.org/cacache/-/cacache-15.3.0.tgz", - "integrity": "sha512-VVdYzXEn+cnbXpFgWs5hTT7OScegHVmLhJIR8Ufqk3iFD6A6j5iSX1KuBTfNEv4tdJWE2PzA6IVFtcLC7fN9wQ==", + "version": "16.1.1", + "resolved": "https://registry.npmjs.org/cacache/-/cacache-16.1.1.tgz", + "integrity": "sha512-VDKN+LHyCQXaaYZ7rA/qtkURU+/yYhviUdvqEv2LT6QPZU8jpyzEkEVAcKlKLt5dJ5BRp11ym8lo3NKLluEPLg==", "requires": { - "@npmcli/fs": "^1.0.0", - "@npmcli/move-file": "^1.0.1", + "@npmcli/fs": "^2.1.0", + "@npmcli/move-file": "^2.0.0", "chownr": "^2.0.0", - "fs-minipass": "^2.0.0", - "glob": "^7.1.4", + "fs-minipass": "^2.1.0", + "glob": "^8.0.1", "infer-owner": "^1.0.4", - "lru-cache": "^6.0.0", - "minipass": "^3.1.1", + "lru-cache": "^7.7.1", + "minipass": "^3.1.6", "minipass-collect": "^1.0.2", "minipass-flush": "^1.0.5", - "minipass-pipeline": "^1.2.2", - "mkdirp": "^1.0.3", + "minipass-pipeline": "^1.2.4", + "mkdirp": "^1.0.4", "p-map": "^4.0.0", "promise-inflight": "^1.0.1", "rimraf": "^3.0.2", - "ssri": "^8.0.1", - "tar": "^6.0.2", + "ssri": "^9.0.0", + "tar": "^6.1.11", "unique-filename": "^1.1.1" }, "dependencies": { - "p-map": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz", - "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==", + "brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "requires": { + "balanced-match": "^1.0.0" + } + }, + "glob": { + "version": "8.0.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-8.0.3.tgz", + "integrity": "sha512-ull455NHSHI/Y1FqGaaYFaLGkNMMJbavMrEGFXG/PGrg6y7sutWHUHrz6gy6WEBH6akM1M414dWKCNs+IhKdiQ==", + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^5.0.1", + "once": "^1.3.0" + } + }, + "lru-cache": { + "version": "7.10.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.10.1.tgz", + "integrity": "sha512-BQuhQxPuRl79J5zSXRP+uNzPOyZw2oFI9JLRQ80XswSvg21KMKNtQza9eF42rfI/3Z40RvzBdXgziEkudzjo8A==" + }, + "minimatch": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz", + "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==", "requires": { - "aggregate-error": "^3.0.0" + "brace-expansion": "^2.0.1" } } } @@ -7286,9 +7722,9 @@ } }, "cmd-shim": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/cmd-shim/-/cmd-shim-4.1.0.tgz", - "integrity": "sha512-lb9L7EM4I/ZRVuljLPEtUJOP+xiQVknZ4ZMpMgEp4JzNldPb27HU03hi6K1/6CoIuit/Zm/LQXySErFeXxDprw==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/cmd-shim/-/cmd-shim-5.0.0.tgz", + "integrity": "sha512-qkCtZ59BidfEwHltnJwkyVZn+XQojdAySM1D1gSeh11Z4pW1Kpolkyo53L5noc0nrxmIvyFwTmJRo4xs7FFLPw==", "requires": { "mkdirp-infer-owner": "^2.0.0" } @@ -7329,7 +7765,7 @@ "console-control-strings": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz", - "integrity": "sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4=" + "integrity": "sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ==" }, "content-type": { "version": "1.0.4", @@ -7388,7 +7824,7 @@ "debuglog": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/debuglog/-/debuglog-1.0.1.tgz", - "integrity": "sha1-qiT/uaw9+aI1GDfPstJ5NgzXhJI=" + "integrity": "sha512-syBZ+rnAK3EgMsH2aYEOLUW7mZSY9Gb+0wUMCFsZvcmiz+HigA0LOcq/HoQqVuGG+EKykunc7QG2bzrponfaSw==" }, "deep-eql": { "version": "3.0.1", @@ -7418,17 +7854,17 @@ "delegates": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", - "integrity": "sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=" + "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==" }, "depd": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", - "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=" + "integrity": "sha512-7emPTl6Dpo6JRXOXjLRxck+FlLRX5847cLKEn00PLAgc3g2hTZZgr+e4c2v6QpSmLeFP3n5yUo7ft6avBK/5jQ==" }, "dezalgo": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/dezalgo/-/dezalgo-1.0.3.tgz", - "integrity": "sha1-f3Qt4Gb8dIvI24IFad3c5Jvw1FY=", + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/dezalgo/-/dezalgo-1.0.4.tgz", + "integrity": "sha512-rXSP0bf+5n0Qonsb+SVVfNfIsimO4HEtmnIpPHY8Q1UCzKlQrDMfdobr8nJOOsRgWCyMRqeSBQzmWUMq7zvVig==", "requires": { "asap": "^2.0.0", "wrappy": "1" @@ -7458,6 +7894,11 @@ "esutils": "^2.0.2" } }, + "eastasianwidth": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", + "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==" + }, "electron-to-chromium": { "version": "1.3.905", "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.905.tgz", @@ -8002,8 +8443,7 @@ "function-bind": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", - "dev": true + "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==" }, "functional-red-black-tree": { "version": "1.0.1", @@ -8012,19 +8452,18 @@ "dev": true }, "gauge": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/gauge/-/gauge-4.0.0.tgz", - "integrity": "sha512-F8sU45yQpjQjxKkm1UOAhf0U/O0aFt//Fl7hsrNVto+patMHjs7dPI9mFOGUKbhrgKm0S3EjW3scMFuQmWSROw==", + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/gauge/-/gauge-4.0.4.tgz", + "integrity": "sha512-f9m+BEN5jkg6a0fZjleidjN51VE1X+mPFQ2DJ0uv1V39oCLCbsGe6yjbBnp7eK7z/+GAon99a3nHuqbuuthyPg==", "requires": { - "ansi-regex": "^5.0.1", "aproba": "^1.0.3 || ^2.0.0", - "color-support": "^1.1.2", - "console-control-strings": "^1.0.0", + "color-support": "^1.1.3", + "console-control-strings": "^1.1.0", "has-unicode": "^2.0.1", - "signal-exit": "^3.0.0", + "signal-exit": "^3.0.7", "string-width": "^4.2.3", "strip-ansi": "^6.0.1", - "wide-align": "^1.1.2" + "wide-align": "^1.1.5" } }, "gensync": { @@ -8119,9 +8558,9 @@ } }, "graceful-fs": { - "version": "4.2.9", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.9.tgz", - "integrity": "sha512-NtNxqUcXgpW2iMrfqSfR73Glt39K+BLwWsPs94yR63v45T0Wbej7eRmL5cWfwEgqXnmjQp3zaJTshdRW/qC2ZQ==" + "version": "4.2.10", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", + "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==" }, "growl": { "version": "1.10.5", @@ -8133,7 +8572,6 @@ "version": "1.0.3", "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", - "dev": true, "requires": { "function-bind": "^1.1.1" } @@ -8171,7 +8609,7 @@ "has-unicode": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/has-unicode/-/has-unicode-2.0.1.tgz", - "integrity": "sha1-4Ob+aijPUROIVeCG0Wkedx3iqLk=" + "integrity": "sha512-8Rf9Y83NBReMnx0gFzA8JImQACstCYWUplepDa9xprwwtmgEZUF0h/i5xSA625zB/I37EtrswSST6OXxwaaIJQ==" }, "he": { "version": "1.2.0", @@ -8180,11 +8618,18 @@ "dev": true }, "hosted-git-info": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.1.0.tgz", - "integrity": "sha512-kyCuEOWjJqZuDbRHzL8V93NzQhwIB71oFWSyzVo+KPZI+pnQPPxucdkrOZvkLRnrf5URsQM+IJ09Dw29cRALIA==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-5.0.0.tgz", + "integrity": "sha512-rRnjWu0Bxj+nIfUOkz0695C0H6tRrN5iYIzYejb0tDEefe2AekHu/U5Kn9pEie5vsJqpNQU02az7TGSH3qpz4Q==", "requires": { - "lru-cache": "^6.0.0" + "lru-cache": "^7.5.1" + }, + "dependencies": { + "lru-cache": { + "version": "7.10.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.10.1.tgz", + "integrity": "sha512-BQuhQxPuRl79J5zSXRP+uNzPOyZw2oFI9JLRQ80XswSvg21KMKNtQza9eF42rfI/3Z40RvzBdXgziEkudzjo8A==" + } } }, "http-cache-semantics": { @@ -8203,9 +8648,9 @@ } }, "https-proxy-agent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz", - "integrity": "sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", + "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", "requires": { "agent-base": "6", "debug": "4" @@ -8214,7 +8659,7 @@ "humanize-ms": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/humanize-ms/-/humanize-ms-1.2.1.tgz", - "integrity": "sha1-xG4xWaKT9riW2ikxbYtv6Lt5u+0=", + "integrity": "sha512-Fl70vYtsAFb/C06PTS9dZBo7ihau+Tu/DNCk/OyHhea07S+aeMWpFFkUaXRa8fI+ScZbEI8dfSxwY7gxZ9SAVQ==", "requires": { "ms": "^2.0.0" } @@ -8240,11 +8685,29 @@ "dev": true }, "ignore-walk": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/ignore-walk/-/ignore-walk-4.0.1.tgz", - "integrity": "sha512-rzDQLaW4jQbh2YrOFlJdCtX8qgJTehFRYiUB2r1osqTeDzV/3+Jh8fz1oAPzUThf3iku8Ds4IDqawI5d8mUiQw==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ignore-walk/-/ignore-walk-5.0.1.tgz", + "integrity": "sha512-yemi4pMf51WKT7khInJqAvsIGzoqYXblnsz0ql8tM+yi1EKYTY1evX4NAbJrLL/Aanr2HyZeluqU+Oi7MGHokw==", "requires": { - "minimatch": "^3.0.4" + "minimatch": "^5.0.1" + }, + "dependencies": { + "brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "requires": { + "balanced-match": "^1.0.0" + } + }, + "minimatch": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz", + "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==", + "requires": { + "brace-expansion": "^2.0.1" + } + } } }, "import-fresh": { @@ -8307,9 +8770,9 @@ } }, "ip": { - "version": "1.1.5", - "resolved": "https://registry.npmjs.org/ip/-/ip-1.1.5.tgz", - "integrity": "sha1-vd7XARQpCCjAoDnnLvJfWq7ENUo=" + "version": "1.1.8", + "resolved": "https://registry.npmjs.org/ip/-/ip-1.1.8.tgz", + "integrity": "sha512-PuExPYUiu6qMBQb4l06ecm6T6ujzhmh+MeJcW9wa89PoAz5pvd4zPgN5WJV104mb6S2T1AwNIAaB70JNrLQWhg==" }, "is-base64": { "version": "1.1.0", @@ -8354,10 +8817,9 @@ "peer": true }, "is-core-module": { - "version": "2.8.0", - "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.8.0.tgz", - "integrity": "sha512-vd15qHsaqrRL7dtH6QNuy0ndJmRDrS9HAM1CAiSifNUFv4x1a0CCVsj18hJ1mShxIG6T2i1sO78MkP56r0nYRw==", - "dev": true, + "version": "2.9.0", + "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.9.0.tgz", + "integrity": "sha512-+5FPy5PnwmO3lvfMb0AsoPaBG+5KHUI0wYFXOtYPnVVVspTFUuMZNfNaNVRt3FZadstu2c8x23vykRW/NBoU6A==", "requires": { "has": "^1.0.3" } @@ -8395,7 +8857,7 @@ "is-lambda": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/is-lambda/-/is-lambda-1.0.1.tgz", - "integrity": "sha1-PZh3iZ5qU+/AFgUEzeFfgubwYdU=" + "integrity": "sha512-z7CMFGNrENq5iFB9Bqo64Xk6Y9sg+epq1myIcdHaGnbMTYOxvzsEtdYqQUylB7LxfkvgrrjP32T6Ywciio9UIQ==" }, "is-minified-code": { "version": "2.0.0", @@ -8477,11 +8939,6 @@ "has-symbols": "^1.0.2" } }, - "is-typedarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", - "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" - }, "is-unicode-supported": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-0.1.0.tgz", @@ -8565,17 +9022,17 @@ "jsonparse": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/jsonparse/-/jsonparse-1.3.1.tgz", - "integrity": "sha1-P02uSpH6wxX3EGL4UhzCOfE2YoA=" + "integrity": "sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg==" }, "just-diff": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/just-diff/-/just-diff-5.0.1.tgz", - "integrity": "sha512-X00TokkRIDotUIf3EV4xUm6ELc/IkqhS/vPSHdWnsM5y0HoNMfEqrazizI7g78lpHvnRSRt/PFfKtRqJCOGIuQ==" + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/just-diff/-/just-diff-5.0.3.tgz", + "integrity": "sha512-a8p80xcpJ6sdurk5PxDKb4mav9MeKjA3zFKZpCWBIfvg8mznfnmb13MKZvlrwJ+Lhis0wM3uGAzE0ArhFHvIcg==" }, "just-diff-apply": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/just-diff-apply/-/just-diff-apply-4.0.1.tgz", - "integrity": "sha512-AKOkzB5P6FkfP21UlZVX/OPXx/sC2GagpLX9cBxqHqDuRjwmZ/AJRKSNrB9jHPpRW1W1ONs6gly1gW46t055nQ==" + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/just-diff-apply/-/just-diff-apply-5.3.1.tgz", + "integrity": "sha512-dgFenZnMsc1xGNqgdtgnh7DK+Oy352CE3VZLbzcbQpsBs9iI2K3M0IRrdgREZ72eItTjbl0suRyvKRdVQa9GbA==" }, "kleur": { "version": "4.1.4", @@ -8688,6 +9145,59 @@ "promise-retry": "^2.0.1", "socks-proxy-agent": "^6.0.0", "ssri": "^8.0.0" + }, + "dependencies": { + "@npmcli/fs": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-1.1.1.tgz", + "integrity": "sha512-8KG5RD0GVP4ydEzRn/I4BNDuxDtqVbOdm8675T49OIG/NGhaK0pjPX7ZcDlvKYbA+ulvVK3ztfcF4uBdOxuJbQ==", + "requires": { + "@gar/promisify": "^1.0.1", + "semver": "^7.3.5" + } + }, + "@npmcli/move-file": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@npmcli/move-file/-/move-file-1.1.2.tgz", + "integrity": "sha512-1SUf/Cg2GzGDyaf15aR9St9TWlb+XvbZXWpDx8YKs7MLzMH/BCeopv+y9vzrzgkfykCGuWOlSu3mZhj2+FQcrg==", + "requires": { + "mkdirp": "^1.0.4", + "rimraf": "^3.0.2" + } + }, + "cacache": { + "version": "15.3.0", + "resolved": "https://registry.npmjs.org/cacache/-/cacache-15.3.0.tgz", + "integrity": "sha512-VVdYzXEn+cnbXpFgWs5hTT7OScegHVmLhJIR8Ufqk3iFD6A6j5iSX1KuBTfNEv4tdJWE2PzA6IVFtcLC7fN9wQ==", + "requires": { + "@npmcli/fs": "^1.0.0", + "@npmcli/move-file": "^1.0.1", + "chownr": "^2.0.0", + "fs-minipass": "^2.0.0", + "glob": "^7.1.4", + "infer-owner": "^1.0.4", + "lru-cache": "^6.0.0", + "minipass": "^3.1.1", + "minipass-collect": "^1.0.2", + "minipass-flush": "^1.0.5", + "minipass-pipeline": "^1.2.2", + "mkdirp": "^1.0.3", + "p-map": "^4.0.0", + "promise-inflight": "^1.0.1", + "rimraf": "^3.0.2", + "ssri": "^8.0.1", + "tar": "^6.0.2", + "unique-filename": "^1.1.1" + } + }, + "ssri": { + "version": "8.0.1", + "resolved": "https://registry.npmjs.org/ssri/-/ssri-8.0.1.tgz", + "integrity": "sha512-97qShzy1AiyxvPNIkLWoGua7xoQzzPjQ0HAH4B0rWKo7SZ6USuPcrUiAFrws0UH8RrbWmgq3LMTObhPIHbbBeQ==", + "requires": { + "minipass": "^3.1.1" + } + } } }, "merge2": { @@ -8697,9 +9207,9 @@ "dev": true }, "meriyah": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/meriyah/-/meriyah-4.2.0.tgz", - "integrity": "sha512-fCVh5GB9YT53Bq14l00HLYE3i9DywrY0JVZxbk0clXWDuMsUKKwluvC5sY0bMBqHbnIbpIjfSSIsnrzbauA8Yw==" + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/meriyah/-/meriyah-4.2.1.tgz", + "integrity": "sha512-Uv5sWsmjFNC6IszEmHo5bzJLL+kqjQ/VrEj9Agqsqtx7B6dcxHnHLew1ioJD19HNXrxrRZltPi+NVh12I8RLXA==" }, "micromatch": { "version": "4.0.4", @@ -8731,9 +9241,9 @@ "dev": true }, "minipass": { - "version": "3.1.5", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.1.5.tgz", - "integrity": "sha512-+8NzxD82XQoNKNrl1d/FSi+X8wAEWR+sbYAfIvub4Nz0d22plFG72CEVVaufV8PNf4qSslFTD8VMOxNVhHCjTw==", + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.3.tgz", + "integrity": "sha512-N0BOsdFAlNRfmwMhjAsLVWOk7Ljmeb39iqFlsV1At+jqRhSUP9yeof8FyJu4imaJiSUp8vQebWD/guZwGQC8iA==", "requires": { "yallist": "^4.0.0" } @@ -8968,6 +9478,17 @@ "abbrev": "1" } }, + "normalize-package-data": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-4.0.0.tgz", + "integrity": "sha512-m+GL22VXJKkKbw62ZaBBjv8u6IE3UI4Mh5QakIqs3fWiKe0Xyi6L97hakwZK41/LD4R/2ly71Bayx0NLMwLA/g==", + "requires": { + "hosted-git-info": "^5.0.0", + "is-core-module": "^2.8.1", + "semver": "^7.3.5", + "validate-npm-package-license": "^3.0.4" + } + }, "normalize-path": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", @@ -8983,9 +9504,9 @@ } }, "npm-install-checks": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-4.0.0.tgz", - "integrity": "sha512-09OmyDkNLYwqKPOnbI8exiOZU2GVVmQp7tgez2BPi5OZC8M82elDAps7sxC4l//uSUtotWqoEIDwjRvWH4qz8w==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/npm-install-checks/-/npm-install-checks-5.0.0.tgz", + "integrity": "sha512-65lUsMI8ztHCxFz5ckCEC44DRvEGdZX5usQFriauxHEwt7upv1FKaQEmAtU0YnOAdwuNWCmk64xYiQABNrEyLA==", "requires": { "semver": "^7.1.1" } @@ -8996,48 +9517,79 @@ "integrity": "sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA==" }, "npm-package-arg": { - "version": "8.1.5", - "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-8.1.5.tgz", - "integrity": "sha512-LhgZrg0n0VgvzVdSm1oiZworPbTxYHUJCgtsJW8mGvlDpxTM1vSJc3m5QZeUkhAHIzbz3VCHd/R4osi1L1Tg/Q==", + "version": "9.0.2", + "resolved": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-9.0.2.tgz", + "integrity": "sha512-v/miORuX8cndiOheW8p2moNuPJ7QhcFh9WGlTorruG8hXSA23vMTEp5hTCmDxic0nD8KHhj/NQgFuySD3GYY3g==", "requires": { - "hosted-git-info": "^4.0.1", - "semver": "^7.3.4", - "validate-npm-package-name": "^3.0.0" + "hosted-git-info": "^5.0.0", + "semver": "^7.3.5", + "validate-npm-package-name": "^4.0.0" } }, "npm-packlist": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/npm-packlist/-/npm-packlist-3.0.0.tgz", - "integrity": "sha512-L/cbzmutAwII5glUcf2DBRNY/d0TFd4e/FnaZigJV6JD85RHZXJFGwCndjMWiiViiWSsWt3tiOLpI3ByTnIdFQ==", + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/npm-packlist/-/npm-packlist-5.1.0.tgz", + "integrity": "sha512-a04sqF6FbkyOAFA19AA0e94gS7Et5T2/IMj3VOT9nOF2RaRdVPQ1Q17Fb/HaDRFs+gbC7HOmhVZ29adpWgmDZg==", "requires": { - "glob": "^7.1.6", - "ignore-walk": "^4.0.1", - "npm-bundled": "^1.1.1", + "glob": "^8.0.1", + "ignore-walk": "^5.0.1", + "npm-bundled": "^1.1.2", "npm-normalize-package-bin": "^1.0.1" + }, + "dependencies": { + "brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "requires": { + "balanced-match": "^1.0.0" + } + }, + "glob": { + "version": "8.0.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-8.0.3.tgz", + "integrity": "sha512-ull455NHSHI/Y1FqGaaYFaLGkNMMJbavMrEGFXG/PGrg6y7sutWHUHrz6gy6WEBH6akM1M414dWKCNs+IhKdiQ==", + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^5.0.1", + "once": "^1.3.0" + } + }, + "minimatch": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz", + "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==", + "requires": { + "brace-expansion": "^2.0.1" + } + } } }, "npm-pick-manifest": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-6.1.1.tgz", - "integrity": "sha512-dBsdBtORT84S8V8UTad1WlUyKIY9iMsAmqxHbLdeEeBNMLQDlDWWra3wYUx9EBEIiG/YwAy0XyNHDd2goAsfuA==", + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/npm-pick-manifest/-/npm-pick-manifest-7.0.1.tgz", + "integrity": "sha512-IA8+tuv8KujbsbLQvselW2XQgmXWS47t3CB0ZrzsRZ82DbDfkcFunOaPm4X7qNuhMfq+FmV7hQT4iFVpHqV7mg==", "requires": { - "npm-install-checks": "^4.0.0", + "npm-install-checks": "^5.0.0", "npm-normalize-package-bin": "^1.0.1", - "npm-package-arg": "^8.1.2", - "semver": "^7.3.4" + "npm-package-arg": "^9.0.0", + "semver": "^7.3.5" } }, "npm-registry-fetch": { - "version": "12.0.1", - "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-12.0.1.tgz", - "integrity": "sha512-ricy4ezH3Uv0d4am6RSwHjCYTWJI74NJjurIigWMAG7Vs3PFyd0TUlkrez5L0AgaPzDLRsEzqb5cOZ/Ue01bmA==", + "version": "13.1.1", + "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-13.1.1.tgz", + "integrity": "sha512-5p8rwe6wQPLJ8dMqeTnA57Dp9Ox6GH9H60xkyJup07FmVlu3Mk7pf/kIIpl9gaN5bM8NM+UUx3emUWvDNTt39w==", "requires": { - "make-fetch-happen": "^10.0.0", - "minipass": "^3.1.3", - "minipass-fetch": "^1.3.0", + "make-fetch-happen": "^10.0.6", + "minipass": "^3.1.6", + "minipass-fetch": "^2.0.3", "minipass-json-stream": "^1.0.1", - "minizlib": "^2.0.0", - "npm-package-arg": "^8.0.0" + "minizlib": "^2.1.2", + "npm-package-arg": "^9.0.1", + "proc-log": "^2.0.0" }, "dependencies": { "@tootallnate/once": { @@ -9055,39 +9607,65 @@ "debug": "4" } }, + "lru-cache": { + "version": "7.10.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.10.1.tgz", + "integrity": "sha512-BQuhQxPuRl79J5zSXRP+uNzPOyZw2oFI9JLRQ80XswSvg21KMKNtQza9eF42rfI/3Z40RvzBdXgziEkudzjo8A==" + }, "make-fetch-happen": { - "version": "10.0.0", - "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-10.0.0.tgz", - "integrity": "sha512-CREcDkbKZZ64g5MN1FT+u58mDHX9FQFFtFyio5HonX44BdQdytqPZBXUz+6ibi2w/6ncji59f2phyXGSMGpgzA==", + "version": "10.1.8", + "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-10.1.8.tgz", + "integrity": "sha512-0ASJbG12Au6+N5I84W+8FhGS6iM8MyzvZady+zaQAu+6IOaESFzCLLD0AR1sAFF3Jufi8bxm586ABN6hWd3k7g==", "requires": { - "agentkeepalive": "^4.1.3", - "cacache": "^15.2.0", + "agentkeepalive": "^4.2.1", + "cacache": "^16.1.0", "http-cache-semantics": "^4.1.0", "http-proxy-agent": "^5.0.0", "https-proxy-agent": "^5.0.0", "is-lambda": "^1.0.1", - "lru-cache": "^6.0.0", - "minipass": "^3.1.3", + "lru-cache": "^7.7.1", + "minipass": "^3.1.6", "minipass-collect": "^1.0.2", - "minipass-fetch": "^1.3.2", + "minipass-fetch": "^2.0.3", "minipass-flush": "^1.0.5", "minipass-pipeline": "^1.2.4", "negotiator": "^0.6.3", "promise-retry": "^2.0.1", - "socks-proxy-agent": "^6.0.0", - "ssri": "^8.0.0" + "socks-proxy-agent": "^7.0.0", + "ssri": "^9.0.0" + } + }, + "minipass-fetch": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-2.1.0.tgz", + "integrity": "sha512-H9U4UVBGXEyyWJnqYDCLp1PwD8XIkJ4akNHp1aGVI+2Ym7wQMlxDKi4IB4JbmyU+pl9pEs/cVrK6cOuvmbK4Sg==", + "requires": { + "encoding": "^0.1.13", + "minipass": "^3.1.6", + "minipass-sized": "^1.0.3", + "minizlib": "^2.1.2" + } + }, + "socks-proxy-agent": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-7.0.0.tgz", + "integrity": "sha512-Fgl0YPZ902wEsAyiQ+idGd1A7rSFx/ayC1CQVMw5P+EQx2V0SgpGtf6OKFhVjPflPUl9YMmEOnmfjCdMUsygww==", + "requires": { + "agent-base": "^6.0.2", + "debug": "^4.3.3", + "socks": "^2.6.2" } } } }, "npmlog": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-6.0.0.tgz", - "integrity": "sha512-03ppFRGlsyUaQFbGC2C8QWJN/C/K7PsfyD9aQdhVKAQIH4sQBc8WASqFBP7O+Ut4d2oo5LoeoboB3cGdBZSp6Q==", + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-6.0.2.tgz", + "integrity": "sha512-/vBvz5Jfr9dT/aFWd0FIRf+T/Q2WBsLENygUaFUqstqsycmZAP/t5BvFJTK0viFmSUxiUKTUplWy5vt+rvKIxg==", "requires": { - "are-we-there-yet": "^2.0.0", + "are-we-there-yet": "^3.0.0", "console-control-strings": "^1.1.0", - "gauge": "^4.0.0", + "gauge": "^4.0.3", "set-blocking": "^2.0.0" } }, @@ -9180,6 +9758,14 @@ "p-limit": "^1.1.0" } }, + "p-map": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz", + "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==", + "requires": { + "aggregate-error": "^3.0.0" + } + }, "p-try": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/p-try/-/p-try-1.0.0.tgz", @@ -9188,29 +9774,31 @@ "peer": true }, "pacote": { - "version": "12.0.3", - "resolved": "https://registry.npmjs.org/pacote/-/pacote-12.0.3.tgz", - "integrity": "sha512-CdYEl03JDrRO3x18uHjBYA9TyoW8gy+ThVcypcDkxPtKlw76e4ejhYB6i9lJ+/cebbjpqPW/CijjqxwDTts8Ow==", - "requires": { - "@npmcli/git": "^2.1.0", - "@npmcli/installed-package-contents": "^1.0.6", - "@npmcli/promise-spawn": "^1.2.0", - "@npmcli/run-script": "^2.0.0", - "cacache": "^15.0.5", + "version": "13.6.0", + "resolved": "https://registry.npmjs.org/pacote/-/pacote-13.6.0.tgz", + "integrity": "sha512-zHmuCwG4+QKnj47LFlW3LmArwKoglx2k5xtADiMCivVWPgNRP5QyLDGOIjGjwOe61lhl1rO63m/VxT16pEHLWg==", + "requires": { + "@npmcli/git": "^3.0.0", + "@npmcli/installed-package-contents": "^1.0.7", + "@npmcli/promise-spawn": "^3.0.0", + "@npmcli/run-script": "^3.0.1", + "cacache": "^16.0.0", "chownr": "^2.0.0", "fs-minipass": "^2.1.0", "infer-owner": "^1.0.4", - "minipass": "^3.1.3", - "mkdirp": "^1.0.3", - "npm-package-arg": "^8.0.1", - "npm-packlist": "^3.0.0", - "npm-pick-manifest": "^6.0.0", - "npm-registry-fetch": "^12.0.0", + "minipass": "^3.1.6", + "mkdirp": "^1.0.4", + "npm-package-arg": "^9.0.0", + "npm-packlist": "^5.1.0", + "npm-pick-manifest": "^7.0.0", + "npm-registry-fetch": "^13.0.1", + "proc-log": "^2.0.0", "promise-retry": "^2.0.1", - "read-package-json-fast": "^2.0.1", + "read-package-json": "^5.0.0", + "read-package-json-fast": "^2.0.3", "rimraf": "^3.0.2", - "ssri": "^8.0.1", - "tar": "^6.1.0" + "ssri": "^9.0.0", + "tar": "^6.1.11" } }, "parent-module": { @@ -9223,13 +9811,13 @@ } }, "parse-conflict-json": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/parse-conflict-json/-/parse-conflict-json-2.0.1.tgz", - "integrity": "sha512-Y7nYw+QaSGBto1LB9lgwOR05Rtz5SbuTf+Oe7HJ6SYQ/DHsvRjQ8O03oWdJbvkt6GzDWospgyZbGmjDYL0sDgA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/parse-conflict-json/-/parse-conflict-json-2.0.2.tgz", + "integrity": "sha512-jDbRGb00TAPFsKWCpZZOT93SxVP9nONOSgES3AevqRq/CHvavEBvKAjxX9p5Y5F0RZLxH9Ufd9+RwtCsa+lFDA==", "requires": { "json-parse-even-better-errors": "^2.3.1", "just-diff": "^5.0.1", - "just-diff-apply": "^4.0.1" + "just-diff-apply": "^5.2.0" } }, "parse-ms": { @@ -9329,9 +9917,9 @@ } }, "proc-log": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-1.0.0.tgz", - "integrity": "sha512-aCk8AO51s+4JyuYGg3Q/a6gnrlDO09NpVWePtjp7xwphcoQ04x5WAfCyugcsbLooWcMJ87CLkD4+604IckEdhg==" + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-2.0.1.tgz", + "integrity": "sha512-Kcmo2FhfDTXdcbfDH76N7uBYHINxc/8GW7UAVuVP9I+Va3uHSerrnKV6dLooga/gh7GlgzuCCr/eoldnL1muGw==" }, "progress": { "version": "2.0.3", @@ -9352,7 +9940,7 @@ "promise-inflight": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/promise-inflight/-/promise-inflight-1.0.1.tgz", - "integrity": "sha1-mEcocL8igTL8vdhoEputEsPAKeM=" + "integrity": "sha512-6zWPyEOFaQBJYcGMHBKTKJ3u6TBsnMFOIZSa6ce1e/ZrrsOlnHRHbabMjLiBYKp+n44X9eUI6VUPaukCXHuG4g==" }, "promise-retry": { "version": "2.0.1", @@ -9393,9 +9981,50 @@ } }, "read-cmd-shim": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/read-cmd-shim/-/read-cmd-shim-2.0.0.tgz", - "integrity": "sha512-HJpV9bQpkl6KwjxlJcBoqu9Ba0PQg8TqSNIOrulGt54a0uup0HtevreFHzYzkm0lpnleRdNBzXznKrgxglEHQw==" + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/read-cmd-shim/-/read-cmd-shim-3.0.0.tgz", + "integrity": "sha512-KQDVjGqhZk92PPNRj9ZEXEuqg8bUobSKRw+q0YQ3TKI5xkce7bUJobL4Z/OtiEbAAv70yEpYIXp4iQ9L8oPVog==" + }, + "read-package-json": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/read-package-json/-/read-package-json-5.0.1.tgz", + "integrity": "sha512-MALHuNgYWdGW3gKzuNMuYtcSSZbGQm94fAp16xt8VsYTLBjUSc55bLMKe6gzpWue0Tfi6CBgwCSdDAqutGDhMg==", + "requires": { + "glob": "^8.0.1", + "json-parse-even-better-errors": "^2.3.1", + "normalize-package-data": "^4.0.0", + "npm-normalize-package-bin": "^1.0.1" + }, + "dependencies": { + "brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "requires": { + "balanced-match": "^1.0.0" + } + }, + "glob": { + "version": "8.0.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-8.0.3.tgz", + "integrity": "sha512-ull455NHSHI/Y1FqGaaYFaLGkNMMJbavMrEGFXG/PGrg6y7sutWHUHrz6gy6WEBH6akM1M414dWKCNs+IhKdiQ==", + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^5.0.1", + "once": "^1.3.0" + } + }, + "minimatch": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz", + "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==", + "requires": { + "brace-expansion": "^2.0.1" + } + } + } }, "read-package-json-fast": { "version": "2.0.3", @@ -9485,7 +10114,7 @@ "retry": { "version": "0.12.0", "resolved": "https://registry.npmjs.org/retry/-/retry-0.12.0.tgz", - "integrity": "sha1-G0KmJmoh8HQh0bC1S33BZ7AcATs=" + "integrity": "sha512-9LkiTwjUh6rT555DtE9rTX+BKByPfrMzEAtnlEtdEwr3Nkffwiihqe2bWADg+OQRjt9gl6ICdmB/ZFDCGAtSow==" }, "reusify": { "version": "1.0.4", @@ -9538,9 +10167,9 @@ "optional": true }, "semver": { - "version": "7.3.5", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", - "integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", + "version": "7.3.7", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.7.tgz", + "integrity": "sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g==", "requires": { "lru-cache": "^6.0.0" } @@ -9557,7 +10186,7 @@ "set-blocking": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", - "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=" + "integrity": "sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==" }, "shebang-command": { "version": "2.0.0", @@ -9587,9 +10216,9 @@ } }, "signal-exit": { - "version": "3.0.6", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.6.tgz", - "integrity": "sha512-sDl4qMFpijcGw22U5w63KmD3cZJfBuFlVNbVMKje2keoKML7X2UzWbc4XrmEbDwg0NXJc3yv4/ox7b+JWb57kQ==" + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" }, "slash": { "version": "3.0.0", @@ -9613,22 +10242,22 @@ "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==" }, "socks": { - "version": "2.6.1", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.6.1.tgz", - "integrity": "sha512-kLQ9N5ucj8uIcxrDwjm0Jsqk06xdpBjGNQtpXy4Q8/QY2k+fY7nZH8CARy+hkbG+SGAovmzzuauCpBlb8FrnBA==", + "version": "2.6.2", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.6.2.tgz", + "integrity": "sha512-zDZhHhZRY9PxRruRMR7kMhnf3I8hDs4S3f9RecfnGxvcBHQcKcIH/oUcEWffsfl1XxdYlA7nnlGbbTvPz9D8gA==", "requires": { "ip": "^1.1.5", - "smart-buffer": "^4.1.0" + "smart-buffer": "^4.2.0" } }, "socks-proxy-agent": { - "version": "6.1.1", - "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-6.1.1.tgz", - "integrity": "sha512-t8J0kG3csjA4g6FTbsMOWws+7R7vuRC8aQ/wy3/1OWmsgwA68zs/+cExQ0koSitUDXqhufF/YJr9wtNMZHw5Ew==", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-6.2.1.tgz", + "integrity": "sha512-a6KW9G+6B3nWZ1yB8G7pJwL3ggLy1uTzKAgCb7ttblwqdz9fMGJUuTy3uFzEP48FAs9FLILlmzDlE2JJhVQaXQ==", "requires": { "agent-base": "^6.0.2", - "debug": "^4.3.1", - "socks": "^2.6.1" + "debug": "^4.3.3", + "socks": "^2.6.2" } }, "source-map": { @@ -9637,6 +10266,15 @@ "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", "dev": true }, + "spdx-correct": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.1.tgz", + "integrity": "sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==", + "requires": { + "spdx-expression-parse": "^3.0.0", + "spdx-license-ids": "^3.0.0" + } + }, "spdx-exceptions": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz", @@ -9657,9 +10295,9 @@ "integrity": "sha512-Ctl2BrFiM0X3MANYgj3CkygxhRmr9mi6xhejbdO960nF6EDJApTYpn0BQnDKlnNBULKiCN1n3w9EBkHK8ZWg+g==" }, "ssri": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/ssri/-/ssri-8.0.1.tgz", - "integrity": "sha512-97qShzy1AiyxvPNIkLWoGua7xoQzzPjQ0HAH4B0rWKo7SZ6USuPcrUiAFrws0UH8RrbWmgq3LMTObhPIHbbBeQ==", + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/ssri/-/ssri-9.0.1.tgz", + "integrity": "sha512-o57Wcn66jMQvfHG1FlYbWeZWW/dHZhJXjpIcTfXldXEk5nz5lStPo3mK0OJQfGR3RbZUlbISexbljkJzuEj/8Q==", "requires": { "minipass": "^3.1.1" } @@ -9820,9 +10458,9 @@ } }, "treeverse": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/treeverse/-/treeverse-1.0.4.tgz", - "integrity": "sha512-whw60l7r+8ZU8Tu/Uc2yxtc4ZTZbR/PF3u1IPNKGQ6p8EICLb3Z2lAgoqw9bqYd8IkgnsaOcLzYHFckjqNsf0g==" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/treeverse/-/treeverse-2.0.0.tgz", + "integrity": "sha512-N5gJCkLu1aXccpOTtqV6ddSEi6ZmGkh3hjmbu1IjcavJK4qyOVQmi0myQKM7z5jVGmD68SJoliaVrMmVObhj6A==" }, "ts-node": { "version": "10.4.0", @@ -9921,11 +10559,6 @@ "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==", "dev": true }, - "typedarray-to-buffer": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-4.0.0.tgz", - "integrity": "sha512-6dOYeZfS3O9RtRD1caom0sMxgK59b27+IwoNy8RDPsmslSGOyU+mpTamlaIW7aNKi90ZQZ9DFaZL3YRoiSCULQ==" - }, "typescript": { "version": "4.5.2", "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.5.2.tgz", @@ -9946,9 +10579,9 @@ } }, "undici": { - "version": "4.13.0", - "resolved": "https://registry.npmjs.org/undici/-/undici-4.13.0.tgz", - "integrity": "sha512-8lk8S/f2V0VUNGf2scU2b+KI2JSzEQLdCyRNRF3XmHu+5jectlSDaPSBCXAHFaUlt1rzngzOBVDgJS9/Gue/KA==" + "version": "5.5.1", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.5.1.tgz", + "integrity": "sha512-MEvryPLf18HvlCbLSzCW0U00IMftKGI5udnjrQbC5D4P0Hodwffhv+iGfWuJwg16Y/TK11ZFK8i+BPVW2z/eAw==" }, "unique-filename": { "version": "1.1.1", @@ -9977,7 +10610,7 @@ "util-deprecate": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", - "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" + "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==" }, "v8-compile-cache": { "version": "2.3.0", @@ -9985,19 +10618,21 @@ "integrity": "sha512-l8lCEmLcLYZh4nbunNZvQCJc5pv7+RCwa8q/LdUx8u7lsWvPDKmpodJAJNwkAhJC//dFY48KuIEmjtd4RViDrA==", "dev": true }, + "validate-npm-package-license": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", + "requires": { + "spdx-correct": "^3.0.0", + "spdx-expression-parse": "^3.0.0" + } + }, "validate-npm-package-name": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-3.0.0.tgz", - "integrity": "sha1-X6kS2B630MdK/BQN5zF/DKffQ34=", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-4.0.0.tgz", + "integrity": "sha512-mzR0L8ZDktZjpX4OB46KT+56MAhl4EIazWP/+G/HPGuvfdaqg4YsCdtOm6U9+LOFyYDoh4dpnpxZRB9MQQns5Q==", "requires": { - "builtins": "^1.0.3" - }, - "dependencies": { - "builtins": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/builtins/-/builtins-1.0.3.tgz", - "integrity": "sha1-y5T662HIaWRR2zZTThQi+U8K7og=" - } + "builtins": "^5.0.0" } }, "walk-up-path": { @@ -10064,14 +10699,12 @@ "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" }, "write-file-atomic": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.0.tgz", - "integrity": "sha512-JhcWoKffJNF7ivO9yflBhc7tn3wKnokMUfWpBriM9yCXj4ePQnRPcWglBkkg1AHC8nsW/EfxwwhqsLtOy59djA==", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.1.tgz", + "integrity": "sha512-nSKUxgAbyioruk6hU87QzVbY279oYT6uiwgDoujth2ju4mJ+TZau7SQBhtbTmUyuNYTuXnSyRn66FV0+eCgcrQ==", "requires": { "imurmurhash": "^0.1.4", - "is-typedarray": "^1.0.0", - "signal-exit": "^3.0.2", - "typedarray-to-buffer": "^4.0.0" + "signal-exit": "^3.0.7" } }, "yallist": { diff --git a/package.json b/package.json index 0fcedb5..82897f3 100644 --- a/package.json +++ b/package.json @@ -81,9 +81,9 @@ "typescript": "^4.5.2" }, "dependencies": { - "@nodesecure/rc": "^1.0.1", - "@nodesecure/scanner": "^3.3.0", - "@nodesecure/vuln": "^1.4.0", + "@nodesecure/rc": "^1.2.0", + "@nodesecure/scanner": "^3.6.0", + "@nodesecure/vuln": "^1.7.0", "@slimio/async-cli-spinner": "^0.5.2", "ajv": "^8.11.0", "kleur": "^4.1.4", From d3e640868a6e89e6db79ce3c619edf9eea645a4e Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Mon, 20 Jun 2022 17:34:52 +0200 Subject: [PATCH 07/25] fix: types --- src/configuration/standard/nsci.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/configuration/standard/nsci.ts b/src/configuration/standard/nsci.ts index 7895fdc..8afa48d 100644 --- a/src/configuration/standard/nsci.ts +++ b/src/configuration/standard/nsci.ts @@ -12,6 +12,7 @@ export const vulnStrategy = { npm: "NPM_AUDIT", node: "SECURITY_WG", snyk: "SNYK", + sonatype: "SONATYPE", none: "NONE" } as const; @@ -38,7 +39,7 @@ export type WarningMode = ValueOf; // These warnings types should probably come from JSXRay but are hosted here for now export const warningKinds: Readonly< - (JSXRay.kindWithValue | "unsafe-import")[] + (JSXRay.WarningName | "unsafe-import")[] > = [ "parsing-error", "encoded-literal", @@ -51,7 +52,7 @@ export const warningKinds: Readonly< "unsafe-import" ] as const; -export type WarningKind = JSXRay.kindWithValue | "unsafe-import"; +export type WarningKind = JSXRay.WarningName | "unsafe-import"; export type Warnings = WarningMode | Record; From 5b2f2c359ba4155dc23498c36d832bf4c217ab1f Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Thu, 23 Jun 2022 12:43:04 +0200 Subject: [PATCH 08/25] chore(interpret): create hasWarningsIgnorePatterns func --- src/analysis/interpretation/interpret.ts | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/analysis/interpretation/interpret.ts b/src/analysis/interpretation/interpret.ts index c0f6669..b1728af 100644 --- a/src/analysis/interpretation/interpret.ts +++ b/src/analysis/interpretation/interpret.ts @@ -4,7 +4,7 @@ import { GlobalWarning } from "@nodesecure/scanner/types/scanner"; import set from "lodash.set"; // Import Internal Dependencies -import { IgnorePatterns } from "../../configuration/external/nodesecure/ignore-file.js"; +import { IgnorePatterns, IgnoreWarningsPatterns } from "../../configuration/external/nodesecure/ignore-file.js"; import { Nsci } from "../../configuration/standard/index.js"; import { pipeline } from "../../reporting/index.js"; import { DependencyWarning } from "../../types/index.js"; @@ -78,14 +78,16 @@ function interpretPayloadChecks( }; } +function hasWarningsIgnorePatterns(warnings?: IgnoreWarningsPatterns): boolean { + return warnings !== undefined && + Object.keys(warnings).length > 0; +} + export function filterDependenciesWarnings( dependenciesWarnings: DependencyWarning[], ignorePatterns: IgnorePatterns ): DependencyWarning[] { - const isWarningsEmpty = - ignorePatterns.warnings === undefined || - Object.keys(ignorePatterns?.warnings).length === 0; - if (isWarningsEmpty) { + if (!hasWarningsIgnorePatterns(ignorePatterns?.warnings)) { return dependenciesWarnings; } From 49f33ea3df4bac6e46b28b2a436e9fa0b6f55c4c Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Thu, 23 Jun 2022 12:45:21 +0200 Subject: [PATCH 09/25] chore(adapt): fix import) --- src/configuration/external/adapt.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/configuration/external/adapt.ts b/src/configuration/external/adapt.ts index b241548..f8c91e4 100644 --- a/src/configuration/external/adapt.ts +++ b/src/configuration/external/adapt.ts @@ -3,7 +3,7 @@ import { constants, accessSync } from "fs"; import { resolve } from "path"; // Import Internal Dependencies -import { IgnoreWarningsPatterns } from "../external/nodesecure/ignore-file"; +import { IgnoreWarningsPatterns } from "../external/nodesecure/ignore-file.js"; import { Nsci } from "../standard/index.js"; import { From 04fee5a2b17f9249b2819a7758ae324416d913d1 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Thu, 23 Jun 2022 12:54:32 +0200 Subject: [PATCH 10/25] fix(adapt): dont return ignorePatterns --- src/configuration/external/adapt.ts | 4 +--- src/configuration/external/standardize.ts | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/configuration/external/adapt.ts b/src/configuration/external/adapt.ts index f8c91e4..b21cc99 100644 --- a/src/configuration/external/adapt.ts +++ b/src/configuration/external/adapt.ts @@ -111,7 +111,7 @@ function adaptSeverity(vulnerabilityThreshold: Nsci.Severity): Nsci.Severity { */ export function adaptExternalToStandardConfiguration( sanitizedOptions: Partial -): Nsci.Configuration { +): Partial { const { vulnerabilities, directory, strategy, warnings, reporters } = { ...defaultExternalConfigOptions, ...sanitizedOptions @@ -123,7 +123,5 @@ export function adaptExternalToStandardConfiguration( strategy: adaptStrategy(strategy), vulnerabilitySeverity: adaptSeverity(vulnerabilities), warnings: adaptWarnings(warnings), - // TODO(tony): check where this is call before merging - ignorePatterns: { warnings: new IgnoreWarningsPatterns() } }; } diff --git a/src/configuration/external/standardize.ts b/src/configuration/external/standardize.ts index 35f5f82..2855e7e 100644 --- a/src/configuration/external/standardize.ts +++ b/src/configuration/external/standardize.ts @@ -39,7 +39,7 @@ function extractOnlyValidPropsFromExternalConfig( return Object.fromEntries(filteredEntries); } -function mergeConfigs(adaptedConfig: Nsci.Configuration): Nsci.Configuration { +function mergeConfigs(adaptedConfig: Partial): Nsci.Configuration { return { ...Nsci.defaultNsciRuntimeConfiguration, /** From 5d28da200663deafa5a36c119f9613d5e8591a0c Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Thu, 23 Jun 2022 13:02:17 +0200 Subject: [PATCH 11/25] fix(ignore-file): add jsxray types --- src/configuration/external/nodesecure/ignore-file.ts | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts index 4ed7af6..cb636ae 100644 --- a/src/configuration/external/nodesecure/ignore-file.ts +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -1,4 +1,6 @@ +// Import Third-party dependencies import Validator from "ajv"; +import JSXray from "@nodesecure/js-x-ray"; export class IgnorePatterns { public warnings: IgnoreWarningsPatterns; @@ -13,13 +15,13 @@ export class IgnorePatterns { } export class IgnoreWarningsPatterns { - public entries: Record; + public entries: Record; constructor(entries: Record = {}) { this.entries = entries; } - has(warning: string, pkg: string): boolean { + has(warning: JSXray.WarningName, pkg: string): boolean { return this.entries[warning]?.includes(pkg); } } From 7676d7f084616f2b31da70031f027eaf06a08d2e Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Thu, 23 Jun 2022 13:05:14 +0200 Subject: [PATCH 12/25] fix: use process.cwd() --- src/configuration/external/nodesecure/index.ts | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index 34bd54e..56bf81a 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -25,9 +25,7 @@ import { } from "./ignore-file"; const { font: log } = consolePrinter; -const __dirname = dirname(fileURLToPath(import.meta.url)); -const kRootPath = join(__dirname, "..", "..", "..", ".."); -export const kIgnoreFilePath = join(kRootPath, kIgnoreFileName); +export const kIgnoreFilePath = join(process.cwd(), kIgnoreFileName); function interpretNodeSecureConfigResult( config: Result From 02e0458153a834468a074c700fa30dd98ed59c8a Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Thu, 23 Jun 2022 13:08:06 +0200 Subject: [PATCH 13/25] fix: use IgnorePatterns.default instead of creating manual object --- src/configuration/external/nodesecure/index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index 56bf81a..7c6da37 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -91,7 +91,7 @@ export async function getIgnoreFile(): Promise { } catch (error: any) { log.error(`x Cannot load ignore file: ${error.message}`).print(); - return { warnings: new IgnoreWarningsPatterns() }; + return IgnorePatterns.default(); } } From fc56f9954cd6709b4071b97271f297614b995081 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Thu, 23 Jun 2022 13:17:09 +0200 Subject: [PATCH 14/25] fix: lint + use IgnorePatterns.default --- src/analysis/interpretation/interpret.ts | 8 +++++--- src/configuration/external/adapt.ts | 3 +-- src/configuration/external/nodesecure/ignore-file.ts | 2 +- src/configuration/external/nodesecure/index.ts | 8 +++----- src/configuration/external/standardize.ts | 4 +++- src/configuration/standard/nsci.ts | 9 ++------- 6 files changed, 15 insertions(+), 19 deletions(-) diff --git a/src/analysis/interpretation/interpret.ts b/src/analysis/interpretation/interpret.ts index b1728af..63c26d0 100644 --- a/src/analysis/interpretation/interpret.ts +++ b/src/analysis/interpretation/interpret.ts @@ -4,7 +4,10 @@ import { GlobalWarning } from "@nodesecure/scanner/types/scanner"; import set from "lodash.set"; // Import Internal Dependencies -import { IgnorePatterns, IgnoreWarningsPatterns } from "../../configuration/external/nodesecure/ignore-file.js"; +import { + IgnorePatterns, + IgnoreWarningsPatterns +} from "../../configuration/external/nodesecure/ignore-file.js"; import { Nsci } from "../../configuration/standard/index.js"; import { pipeline } from "../../reporting/index.js"; import { DependencyWarning } from "../../types/index.js"; @@ -79,8 +82,7 @@ function interpretPayloadChecks( } function hasWarningsIgnorePatterns(warnings?: IgnoreWarningsPatterns): boolean { - return warnings !== undefined && - Object.keys(warnings).length > 0; + return warnings !== undefined && Object.keys(warnings).length > 0; } export function filterDependenciesWarnings( diff --git a/src/configuration/external/adapt.ts b/src/configuration/external/adapt.ts index b21cc99..2e40be9 100644 --- a/src/configuration/external/adapt.ts +++ b/src/configuration/external/adapt.ts @@ -3,7 +3,6 @@ import { constants, accessSync } from "fs"; import { resolve } from "path"; // Import Internal Dependencies -import { IgnoreWarningsPatterns } from "../external/nodesecure/ignore-file.js"; import { Nsci } from "../standard/index.js"; import { @@ -122,6 +121,6 @@ export function adaptExternalToStandardConfiguration( reporters: adaptReporters(reporters), strategy: adaptStrategy(strategy), vulnerabilitySeverity: adaptSeverity(vulnerabilities), - warnings: adaptWarnings(warnings), + warnings: adaptWarnings(warnings) }; } diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts index cb636ae..40b9f06 100644 --- a/src/configuration/external/nodesecure/ignore-file.ts +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -1,6 +1,6 @@ // Import Third-party dependencies -import Validator from "ajv"; import JSXray from "@nodesecure/js-x-ray"; +import Validator from "ajv"; export class IgnorePatterns { public warnings: IgnoreWarningsPatterns; diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index 7c6da37..7ad339c 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -1,7 +1,6 @@ // Node.Js Dependencies import { readFile } from "fs/promises"; -import { join, dirname } from "path"; -import { fileURLToPath } from "url"; +import { join } from "path"; // Import Third-party Dependencies import { RC as NodeSecureRuntimeConfig, read } from "@nodesecure/rc"; @@ -20,8 +19,7 @@ import { import { validateIgnoreFile, kIgnoreFileName, - IgnorePatterns, - IgnoreWarningsPatterns + IgnorePatterns } from "./ignore-file"; const { font: log } = consolePrinter; @@ -83,7 +81,7 @@ export async function getIgnoreFile(): Promise { ) .print(); - return { warnings: new IgnoreWarningsPatterns() }; + return IgnorePatterns.default(); } log.success("✔ Ignore file loaded").print(); diff --git a/src/configuration/external/standardize.ts b/src/configuration/external/standardize.ts index 2855e7e..9bb631b 100644 --- a/src/configuration/external/standardize.ts +++ b/src/configuration/external/standardize.ts @@ -39,7 +39,9 @@ function extractOnlyValidPropsFromExternalConfig( return Object.fromEntries(filteredEntries); } -function mergeConfigs(adaptedConfig: Partial): Nsci.Configuration { +function mergeConfigs( + adaptedConfig: Partial +): Nsci.Configuration { return { ...Nsci.defaultNsciRuntimeConfiguration, /** diff --git a/src/configuration/standard/nsci.ts b/src/configuration/standard/nsci.ts index 16eddf8..3ead01a 100644 --- a/src/configuration/standard/nsci.ts +++ b/src/configuration/standard/nsci.ts @@ -3,10 +3,7 @@ import type JSXRay from "@nodesecure/js-x-ray"; // Import Internal Dependencies import { ValueOf } from "../../types"; -import { - IgnorePatterns, - IgnoreWarningsPatterns -} from "../external/nodesecure/ignore-file"; +import { IgnorePatterns } from "../external/nodesecure/ignore-file"; export const vulnStrategy = { npm: "NPM_AUDIT", @@ -78,9 +75,7 @@ function generateDefaultRC(): Configuration { reporters: [reporterTarget.CONSOLE], vulnerabilitySeverity: vulnSeverity.MEDIUM, warnings: warnings.ERROR, - ignorePatterns: { - warnings: new IgnoreWarningsPatterns() - } + ignorePatterns: IgnorePatterns.default() }; } From 39d2bba24dc24606a3f1ab15b23674bf664de880 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Thu, 23 Jun 2022 13:19:49 +0200 Subject: [PATCH 15/25] fix: standardizeExternalConfiguration type --- src/configuration/external/standardize.ts | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/configuration/external/standardize.ts b/src/configuration/external/standardize.ts index 9bb631b..3ed8730 100644 --- a/src/configuration/external/standardize.ts +++ b/src/configuration/external/standardize.ts @@ -3,7 +3,6 @@ import { RC as NodeSecureRuntimeConfig } from "@nodesecure/rc"; // Import Internal Dependencies import { IgnorePatterns } from "../../configuration/external/nodesecure/ignore-file"; -import type { DeepPartialRecord } from "../../types"; import { Nsci } from "../standard/index.js"; import { adaptExternalToStandardConfiguration } from "./adapt.js"; @@ -54,7 +53,7 @@ function mergeConfigs( export function standardizeExternalConfiguration( externalConfig: ExternalRuntimeConfiguration -): DeepPartialRecord { +): Nsci.Configuration { return mergeConfigs( adaptExternalToStandardConfiguration( extractOnlyValidPropsFromExternalConfig(externalConfig) From 4212bea40f023e2adc6a9300d91bfbabcaf972b1 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Thu, 23 Jun 2022 13:25:09 +0200 Subject: [PATCH 16/25] chore: rename filter function --- src/analysis/interpretation/interpret.spec.ts | 8 ++++---- src/analysis/interpretation/interpret.ts | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/analysis/interpretation/interpret.spec.ts b/src/analysis/interpretation/interpret.spec.ts index 68c7e85..83c9946 100644 --- a/src/analysis/interpretation/interpret.spec.ts +++ b/src/analysis/interpretation/interpret.spec.ts @@ -14,7 +14,7 @@ import { DependencyWarning } from "../../types/index.js"; import { runPayloadInterpreter, - filterDependenciesWarnings + excludeIgnoredDependenciesWarnings } from "./interpret.js"; // CONSTANTS @@ -36,12 +36,12 @@ const kDefaultScannerPayload: Scanner.Payload = { vulnerabilityStrategy: "npm" }; -describe("filterDependenciesWarnings", () => { +describe("excludeIgnoredDependenciesWarnings", () => { it("should not filter warnings if ignorePatterns.warnings is an empty object", () => { const warnings: DependencyWarning[] = []; const emptyIgnorePatterns: IgnorePatterns = IgnorePatterns.default(); - const filteredWarnings = filterDependenciesWarnings( + const filteredWarnings = excludeIgnoredDependenciesWarnings( warnings, emptyIgnorePatterns ); @@ -62,7 +62,7 @@ describe("filterDependenciesWarnings", () => { }) }; - const filteredWarnings = filterDependenciesWarnings( + const filteredWarnings = excludeIgnoredDependenciesWarnings( warnings, ignorePatterns ); diff --git a/src/analysis/interpretation/interpret.ts b/src/analysis/interpretation/interpret.ts index 63c26d0..cbe721e 100644 --- a/src/analysis/interpretation/interpret.ts +++ b/src/analysis/interpretation/interpret.ts @@ -85,7 +85,7 @@ function hasWarningsIgnorePatterns(warnings?: IgnoreWarningsPatterns): boolean { return warnings !== undefined && Object.keys(warnings).length > 0; } -export function filterDependenciesWarnings( +export function excludeIgnoredDependenciesWarnings( dependenciesWarnings: DependencyWarning[], ignorePatterns: IgnorePatterns ): DependencyWarning[] { @@ -121,7 +121,7 @@ export function runPayloadInterpreter( rc: Nsci.Configuration ): OutcomePayloadFromPipelineChecks { const { warnings, dependencies } = extractScannerPayload(payload); - const filteredDependencies = filterDependenciesWarnings( + const filteredDependencies = excludeIgnoredDependenciesWarnings( dependencies.warnings, rc.ignorePatterns ); From ffdc9bd7d347079580a629b6a9e66284f0e404d2 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Mon, 27 Jun 2022 19:40:27 +0200 Subject: [PATCH 17/25] chore: rename a few variables/func/types --- src/analysis/interpretation/interpret.ts | 16 ++++------------ src/types/index.ts | 7 ++++++- 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/src/analysis/interpretation/interpret.ts b/src/analysis/interpretation/interpret.ts index cbe721e..a1e7921 100644 --- a/src/analysis/interpretation/interpret.ts +++ b/src/analysis/interpretation/interpret.ts @@ -10,7 +10,7 @@ import { } from "../../configuration/external/nodesecure/ignore-file.js"; import { Nsci } from "../../configuration/standard/index.js"; import { pipeline } from "../../reporting/index.js"; -import { DependencyWarning } from "../../types/index.js"; +import { DependencyWarning, Warning } from "../../types/index.js"; import { extractScannerPayload, WorkableVulnerability @@ -93,18 +93,10 @@ export function excludeIgnoredDependenciesWarnings( return dependenciesWarnings; } - return dependenciesWarnings.filter(function excludeIgnorableWarnings( - dependencyWarnings - ) { - if ( - dependencyWarnings.warnings.find((w) => - ignorePatterns.warnings.has(w.kind, dependencyWarnings.package) - ) - ) { - return false; - } + return dependenciesWarnings.filter(function excludeIgnorableWarnings(dependencyWarnings) { + const hasWarnings = (warn: Warning) => ignorePatterns.warnings.has(warn.kind, dependencyWarnings.package) - return true; + return !!dependencyWarnings.warnings.find(hasWarnings) ? false : true; }); } diff --git a/src/types/index.ts b/src/types/index.ts index 3a4216c..f1f7a4a 100644 --- a/src/types/index.ts +++ b/src/types/index.ts @@ -6,13 +6,18 @@ export type DeepPartialRecord = { : Partial; }; + +export type Warning = Omit; + +export type Warnings = Warning[]; + /** * These types are used to enhance @nodesecure type definitions. * In the near feature, these types will be directly colocalized with packages. */ export type DependencyWarning = { package: string; - warnings: Omit[]; + warnings: Warnings }; export type Maybe = T | undefined; From 6c2825a2a65f33635b22a005179434f1cc69eb11 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Wed, 29 Jun 2022 20:18:29 +0200 Subject: [PATCH 18/25] test: move test and fix types --- src/analysis/interpretation/interpret.spec.ts | 121 ++++++++++++------ src/analysis/interpretation/interpret.ts | 2 +- .../external/nodesecure/ignore-file.ts | 8 +- 3 files changed, 86 insertions(+), 45 deletions(-) diff --git a/src/analysis/interpretation/interpret.spec.ts b/src/analysis/interpretation/interpret.spec.ts index 83c9946..f694175 100644 --- a/src/analysis/interpretation/interpret.spec.ts +++ b/src/analysis/interpretation/interpret.spec.ts @@ -1,4 +1,4 @@ -// Import Third-party Dependencies + // Import Third-party Dependencies import { Scanner } from "@nodesecure/scanner"; import { StandardVulnerability } from "@nodesecure/vuln/types/strategy"; import { expect } from "chai"; @@ -10,12 +10,8 @@ import { } from "../../configuration/external/nodesecure/ignore-file"; import { Nsci } from "../../configuration/standard/index.js"; import * as pipeline from "../../reporting/status.js"; -import { DependencyWarning } from "../../types/index.js"; -import { - runPayloadInterpreter, - excludeIgnoredDependenciesWarnings -} from "./interpret.js"; +import { runPayloadInterpreter } from "./interpret.js"; // CONSTANTS const kDefaultRuntimeConfiguration: Nsci.Configuration = { @@ -36,41 +32,6 @@ const kDefaultScannerPayload: Scanner.Payload = { vulnerabilityStrategy: "npm" }; -describe("excludeIgnoredDependenciesWarnings", () => { - it("should not filter warnings if ignorePatterns.warnings is an empty object", () => { - const warnings: DependencyWarning[] = []; - const emptyIgnorePatterns: IgnorePatterns = IgnorePatterns.default(); - - const filteredWarnings = excludeIgnoredDependenciesWarnings( - warnings, - emptyIgnorePatterns - ); - - expect(filteredWarnings).to.deep.equal(warnings); - }); - - it("should filter warnings if ignorePatterns.warnings is not an empty object", () => { - const warnings: DependencyWarning[] = [ - { - package: "lodash.difference", - warnings: [{ kind: "unsafe-stmt", location: {} as any }] - } - ]; - const ignorePatterns: IgnorePatterns = { - warnings: new IgnoreWarningsPatterns({ - "unsafe-stmt": ["lodash.difference"] - }) - }; - - const filteredWarnings = excludeIgnoredDependenciesWarnings( - warnings, - ignorePatterns - ); - - expect(filteredWarnings).to.deep.equal([]); - }); -}); - /* eslint-disable max-nested-callbacks */ describe("Pipeline check workflow", () => { describe("When running the payload interpreter", () => { @@ -593,6 +554,84 @@ describe("Pipeline check workflow", () => { }); }); + describe("When providing an .nsci-ignore file", () => { + it("should not return ignored warnings", () => { + const warnings = new IgnoreWarningsPatterns({ "unsafe-assign": ["express"] }); + const ignorePatterns = new IgnorePatterns(warnings); + const scannerPayload: Scanner.Payload = { + ...kDefaultScannerPayload, + dependencies: { + express: { + // @ts-expect-error - we are not interested in providing metadata here + metadata: {}, + versions: { + "2.1.0": { + warnings: [ + { + kind: "unsafe-assign", + location: [ + [0, 1], + [5, 0] + ] + } + ], + // @ts-expect-error - we are not interested in providing composition + composition: {} + } + }, + vulnerabilities: [] + }, + } + }; + + const { status, data } = runPayloadInterpreter(scannerPayload, { + ...kDefaultRuntimeConfiguration, + ignorePatterns + }); + + expect(data.dependencies.warnings).to.deep.equal([]); + expect(status).equals(pipeline.status.SUCCESS); + }); + + it("should return not ignored warnings", () => { + const warnings = new IgnoreWarningsPatterns({ "weak-crypto": ["express"] }); + const ignorePatterns = new IgnorePatterns(warnings); + const scannerPayload: Scanner.Payload = { + ...kDefaultScannerPayload, + dependencies: { + express: { + // @ts-expect-error - we are not interested in providing metadata here + metadata: {}, + versions: { + "2.1.0": { + warnings: [ + { + kind: "unsafe-assign", + location: [ + [0, 1], + [5, 0] + ] + } + ], + // @ts-expect-error - we are not interested in providing composition + composition: {} + } + }, + vulnerabilities: [] + }, + } + }; + + const { status, data } = runPayloadInterpreter(scannerPayload, { + ...kDefaultRuntimeConfiguration, + ignorePatterns + }); + + expect(data.dependencies.warnings.length).to.above(0); + expect(status).equals(pipeline.status.FAILURE); + }); + }); + describe("When providing customized runtime configuration affecting vulnerabilities", () => { describe("When dealing with vulnerabilities with lower severities than the configured threshold", () => { it("should make the pipeline succeed with no returned data", () => { diff --git a/src/analysis/interpretation/interpret.ts b/src/analysis/interpretation/interpret.ts index a1e7921..89eb118 100644 --- a/src/analysis/interpretation/interpret.ts +++ b/src/analysis/interpretation/interpret.ts @@ -85,7 +85,7 @@ function hasWarningsIgnorePatterns(warnings?: IgnoreWarningsPatterns): boolean { return warnings !== undefined && Object.keys(warnings).length > 0; } -export function excludeIgnoredDependenciesWarnings( +function excludeIgnoredDependenciesWarnings( dependenciesWarnings: DependencyWarning[], ignorePatterns: IgnorePatterns ): DependencyWarning[] { diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts index 40b9f06..ae28757 100644 --- a/src/configuration/external/nodesecure/ignore-file.ts +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -14,15 +14,17 @@ export class IgnorePatterns { } } +type WarningEntries = Partial>; + export class IgnoreWarningsPatterns { - public entries: Record; + public entries: WarningEntries; - constructor(entries: Record = {}) { + constructor(entries: WarningEntries = {} as WarningEntries) { this.entries = entries; } has(warning: JSXray.WarningName, pkg: string): boolean { - return this.entries[warning]?.includes(pkg); + return !!this.entries[warning]?.includes(pkg); } } From f0c0fb75828bae61587e92f53705deec2e9f9cfb Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Wed, 29 Jun 2022 20:21:53 +0200 Subject: [PATCH 19/25] chore: apply linter --- src/analysis/interpretation/interpret.spec.ts | 20 +++++++++++-------- src/analysis/interpretation/interpret.ts | 10 +++++++--- .../external/nodesecure/ignore-file.ts | 4 ++-- src/types/index.ts | 3 +-- 4 files changed, 22 insertions(+), 15 deletions(-) diff --git a/src/analysis/interpretation/interpret.spec.ts b/src/analysis/interpretation/interpret.spec.ts index f694175..caa3383 100644 --- a/src/analysis/interpretation/interpret.spec.ts +++ b/src/analysis/interpretation/interpret.spec.ts @@ -1,4 +1,4 @@ - // Import Third-party Dependencies +// Import Third-party Dependencies import { Scanner } from "@nodesecure/scanner"; import { StandardVulnerability } from "@nodesecure/vuln/types/strategy"; import { expect } from "chai"; @@ -556,13 +556,15 @@ describe("Pipeline check workflow", () => { describe("When providing an .nsci-ignore file", () => { it("should not return ignored warnings", () => { - const warnings = new IgnoreWarningsPatterns({ "unsafe-assign": ["express"] }); + const warnings = new IgnoreWarningsPatterns({ + "unsafe-assign": ["express"] + }); const ignorePatterns = new IgnorePatterns(warnings); const scannerPayload: Scanner.Payload = { ...kDefaultScannerPayload, dependencies: { express: { - // @ts-expect-error - we are not interested in providing metadata here + // @ts-expect-error - we are not interested in providing metadata here metadata: {}, versions: { "2.1.0": { @@ -580,7 +582,7 @@ describe("Pipeline check workflow", () => { } }, vulnerabilities: [] - }, + } } }; @@ -592,15 +594,17 @@ describe("Pipeline check workflow", () => { expect(data.dependencies.warnings).to.deep.equal([]); expect(status).equals(pipeline.status.SUCCESS); }); - + it("should return not ignored warnings", () => { - const warnings = new IgnoreWarningsPatterns({ "weak-crypto": ["express"] }); + const warnings = new IgnoreWarningsPatterns({ + "weak-crypto": ["express"] + }); const ignorePatterns = new IgnorePatterns(warnings); const scannerPayload: Scanner.Payload = { ...kDefaultScannerPayload, dependencies: { express: { - // @ts-expect-error - we are not interested in providing metadata here + // @ts-expect-error - we are not interested in providing metadata here metadata: {}, versions: { "2.1.0": { @@ -618,7 +622,7 @@ describe("Pipeline check workflow", () => { } }, vulnerabilities: [] - }, + } } }; diff --git a/src/analysis/interpretation/interpret.ts b/src/analysis/interpretation/interpret.ts index 89eb118..e51a8ba 100644 --- a/src/analysis/interpretation/interpret.ts +++ b/src/analysis/interpretation/interpret.ts @@ -93,10 +93,14 @@ function excludeIgnoredDependenciesWarnings( return dependenciesWarnings; } - return dependenciesWarnings.filter(function excludeIgnorableWarnings(dependencyWarnings) { - const hasWarnings = (warn: Warning) => ignorePatterns.warnings.has(warn.kind, dependencyWarnings.package) + return dependenciesWarnings.filter(function excludeIgnorableWarnings( + dependencyWarnings + ) { + function hasWarnings(warn: Warning): boolean { + return ignorePatterns.warnings.has(warn.kind, dependencyWarnings.package); + } - return !!dependencyWarnings.warnings.find(hasWarnings) ? false : true; + return !dependencyWarnings.warnings.find(hasWarnings); }); } diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts index ae28757..a1e57cd 100644 --- a/src/configuration/external/nodesecure/ignore-file.ts +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -17,14 +17,14 @@ export class IgnorePatterns { type WarningEntries = Partial>; export class IgnoreWarningsPatterns { - public entries: WarningEntries; + public entries: WarningEntries; constructor(entries: WarningEntries = {} as WarningEntries) { this.entries = entries; } has(warning: JSXray.WarningName, pkg: string): boolean { - return !!this.entries[warning]?.includes(pkg); + return Boolean(this.entries[warning]?.includes(pkg)); } } diff --git a/src/types/index.ts b/src/types/index.ts index f1f7a4a..db37ee3 100644 --- a/src/types/index.ts +++ b/src/types/index.ts @@ -6,7 +6,6 @@ export type DeepPartialRecord = { : Partial; }; - export type Warning = Omit; export type Warnings = Warning[]; @@ -17,7 +16,7 @@ export type Warnings = Warning[]; */ export type DependencyWarning = { package: string; - warnings: Warnings + warnings: Warnings; }; export type Maybe = T | undefined; From a2682dedab7ea36917a909408f78e4d70f8b8f61 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Wed, 29 Jun 2022 22:58:46 +0200 Subject: [PATCH 20/25] chore(interpret): add fixture generators --- src/analysis/interpretation/interpret.spec.ts | 118 ++++++++++-------- .../external/nodesecure/ignore-file.ts | 2 +- 2 files changed, 64 insertions(+), 56 deletions(-) diff --git a/src/analysis/interpretation/interpret.spec.ts b/src/analysis/interpretation/interpret.spec.ts index caa3383..573c311 100644 --- a/src/analysis/interpretation/interpret.spec.ts +++ b/src/analysis/interpretation/interpret.spec.ts @@ -1,12 +1,14 @@ // Import Third-party Dependencies import { Scanner } from "@nodesecure/scanner"; +import { Dependency } from "@nodesecure/scanner/types/scanner"; import { StandardVulnerability } from "@nodesecure/vuln/types/strategy"; import { expect } from "chai"; // Import Internal Dependencies import { IgnorePatterns, - IgnoreWarningsPatterns + IgnoreWarningsPatterns, + WarningEntries } from "../../configuration/external/nodesecure/ignore-file"; import { Nsci } from "../../configuration/standard/index.js"; import * as pipeline from "../../reporting/status.js"; @@ -556,35 +558,12 @@ describe("Pipeline check workflow", () => { describe("When providing an .nsci-ignore file", () => { it("should not return ignored warnings", () => { - const warnings = new IgnoreWarningsPatterns({ + const ignorePatterns = createIgnorePatternsWith({ "unsafe-assign": ["express"] }); - const ignorePatterns = new IgnorePatterns(warnings); - const scannerPayload: Scanner.Payload = { - ...kDefaultScannerPayload, - dependencies: { - express: { - // @ts-expect-error - we are not interested in providing metadata here - metadata: {}, - versions: { - "2.1.0": { - warnings: [ - { - kind: "unsafe-assign", - location: [ - [0, 1], - [5, 0] - ] - } - ], - // @ts-expect-error - we are not interested in providing composition - composition: {} - } - }, - vulnerabilities: [] - } - } - }; + const scannerPayload: Scanner.Payload = createScannerPayloadWith({ + express: ["unsafe-assign"] + }); const { status, data } = runPayloadInterpreter(scannerPayload, { ...kDefaultRuntimeConfiguration, @@ -596,35 +575,12 @@ describe("Pipeline check workflow", () => { }); it("should return not ignored warnings", () => { - const warnings = new IgnoreWarningsPatterns({ + const ignorePatterns = createIgnorePatternsWith({ "weak-crypto": ["express"] }); - const ignorePatterns = new IgnorePatterns(warnings); - const scannerPayload: Scanner.Payload = { - ...kDefaultScannerPayload, - dependencies: { - express: { - // @ts-expect-error - we are not interested in providing metadata here - metadata: {}, - versions: { - "2.1.0": { - warnings: [ - { - kind: "unsafe-assign", - location: [ - [0, 1], - [5, 0] - ] - } - ], - // @ts-expect-error - we are not interested in providing composition - composition: {} - } - }, - vulnerabilities: [] - } - } - }; + const scannerPayload: Scanner.Payload = createScannerPayloadWith({ + express: ["unsafe-assign"] + }); const { status, data } = runPayloadInterpreter(scannerPayload, { ...kDefaultRuntimeConfiguration, @@ -771,3 +727,55 @@ describe("Pipeline check workflow", () => { }); }); }); + +// ///////////////// +// // HELPERS ////// +// ///////////////// + +function createIgnorePatternsWith( + warningsEntries: WarningEntries +): IgnorePatterns { + const warnings = new IgnoreWarningsPatterns(warningsEntries); + + return new IgnorePatterns(warnings); +} + +type SimplifiedWarningEntries = Record; + +function createScannerPayloadWith( + warnings: SimplifiedWarningEntries +): Scanner.Payload { + const scannerPayload: Scanner.Payload = { + ...kDefaultScannerPayload, + dependencies: { + ...Object.entries(warnings).reduce( + (acc: Record, [pkg, warns]: [string, string[]]) => { + acc[pkg] = { + metadata: {} as any, + versions: { + "2.1.0": { + // @ts-expect-error + warnings: warns.map((warn: string) => { + return { + kind: warn, + location: [ + [0, 1], + [5, 0] + ] + }; + }), + composition: {} as any + } + }, + vulnerabilities: [] + }; + + return acc; + }, + {} + ) + } + }; + + return scannerPayload; +} diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts index a1e57cd..1264fb0 100644 --- a/src/configuration/external/nodesecure/ignore-file.ts +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -14,7 +14,7 @@ export class IgnorePatterns { } } -type WarningEntries = Partial>; +export type WarningEntries = Partial>; export class IgnoreWarningsPatterns { public entries: WarningEntries; From c5156cedf9138c3857434ef69518d1b906562b61 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Fri, 1 Jul 2022 22:38:08 +0200 Subject: [PATCH 21/25] chore: rename ignore file --- src/analysis/interpretation/interpret.spec.ts | 2 +- src/configuration/external/nodesecure/ignore-file.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/analysis/interpretation/interpret.spec.ts b/src/analysis/interpretation/interpret.spec.ts index 573c311..68f2bf3 100644 --- a/src/analysis/interpretation/interpret.spec.ts +++ b/src/analysis/interpretation/interpret.spec.ts @@ -556,7 +556,7 @@ describe("Pipeline check workflow", () => { }); }); - describe("When providing an .nsci-ignore file", () => { + describe("When providing an .nodesecureignore file", () => { it("should not return ignored warnings", () => { const ignorePatterns = createIgnorePatternsWith({ "unsafe-assign": ["express"] diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts index 1264fb0..08b1e42 100644 --- a/src/configuration/external/nodesecure/ignore-file.ts +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -46,7 +46,7 @@ const kIgnoreFileSchema = { additionalProperties: false } as const; -export const kIgnoreFileName = ".nsci-ignore"; +export const kIgnoreFileName = ".nodesecureignore"; export function validateIgnoreFile(ignoreFile: string): { isValid: boolean; From ef2eac9105541c13bff8401b3ad812079cac1c89 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Fri, 1 Jul 2022 23:06:44 +0200 Subject: [PATCH 22/25] fix: create temporary logger abstract --- package-lock.json | 28 +++++++++++++++++++ package.json | 3 +- .../external/nodesecure/index.ts | 25 ++++++++++++++--- 3 files changed, 51 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6f22f9f..f2e63ab 100644 --- a/package-lock.json +++ b/package-lock.json @@ -35,6 +35,7 @@ "@types/pluralize": "^0.0.29", "@types/sade": "^1.7.4", "chai": "^4.3.4", + "cross-env": "^7.0.3", "eslint": "^8.4.1", "eslint-config-prettier": "^8.3.0", "eslint-import-resolver-typescript": "^2.5.0", @@ -2165,6 +2166,24 @@ "integrity": "sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==", "dev": true }, + "node_modules/cross-env": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/cross-env/-/cross-env-7.0.3.tgz", + "integrity": "sha512-+/HKd6EgcQCJGh2PSjZuUitQBQynKor4wrFbRg4DtAgS1aWO+gU52xpH7M9ScGgXSYmAVS9bIJ8EzuaGw0oNAw==", + "dev": true, + "dependencies": { + "cross-spawn": "^7.0.1" + }, + "bin": { + "cross-env": "src/bin/cross-env.js", + "cross-env-shell": "src/bin/cross-env-shell.js" + }, + "engines": { + "node": ">=10.14", + "npm": ">=6", + "yarn": ">=1" + } + }, "node_modules/cross-spawn": { "version": "7.0.3", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", @@ -7916,6 +7935,15 @@ "integrity": "sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==", "dev": true }, + "cross-env": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/cross-env/-/cross-env-7.0.3.tgz", + "integrity": "sha512-+/HKd6EgcQCJGh2PSjZuUitQBQynKor4wrFbRg4DtAgS1aWO+gU52xpH7M9ScGgXSYmAVS9bIJ8EzuaGw0oNAw==", + "dev": true, + "requires": { + "cross-spawn": "^7.0.1" + } + }, "cross-spawn": { "version": "7.0.3", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", diff --git a/package.json b/package.json index 82897f3..9f810e7 100644 --- a/package.json +++ b/package.json @@ -56,7 +56,7 @@ "prepublishOnly": "npm run test && npm run build", "start": "node dist/bin/cli.js", "build": "rimraf ./dist && tsc --project tsconfig.build.json", - "test": "mocha --parallel", + "test": "cross-env NODE_ENV=test mocha --parallel", "lint": "eslint ." }, "devDependencies": { @@ -69,6 +69,7 @@ "@types/pluralize": "^0.0.29", "@types/sade": "^1.7.4", "chai": "^4.3.4", + "cross-env": "^7.0.3", "eslint": "^8.4.1", "eslint-config-prettier": "^8.3.0", "eslint-import-resolver-typescript": "^2.5.0", diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index 7ad339c..c144016 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -25,6 +25,24 @@ import { const { font: log } = consolePrinter; export const kIgnoreFilePath = join(process.cwd(), kIgnoreFileName); +/** + * NOTE: this abstract is temporary + * + * TODO: create a proper logger abstract + */ +const logger = { + error: (message: string): void => { + const nodeEnv = process.env["NODE_ENV"]; + if (nodeEnv !== "test") { + log + .error( + `x Invalid ignore file: ${message}, empty one will be used instead` + ) + .print(); + } + } +}; + function interpretNodeSecureConfigResult( config: Result ): NodeSecureRuntimeConfig | undefined { @@ -75,11 +93,10 @@ export async function getIgnoreFile(): Promise { const ignoreObject = JSON.parse(ignoreFile); const { isValid, error } = validateIgnoreFile(ignoreObject); if (!isValid) { - log + logger .error( `x Invalid ignore file: ${error}, empty one will be used instead` - ) - .print(); + ); return IgnorePatterns.default(); } @@ -87,7 +104,7 @@ export async function getIgnoreFile(): Promise { return JSON.parse(ignoreFile) as IgnorePatterns; } catch (error: any) { - log.error(`x Cannot load ignore file: ${error.message}`).print(); + logger.error(`x Cannot load ignore file: ${error.message}`); return IgnorePatterns.default(); } From 0bc588ab722693322b7047817b008db9be7a932b Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Fri, 1 Jul 2022 23:10:37 +0200 Subject: [PATCH 23/25] chore: apply linter --- src/configuration/external/nodesecure/index.ts | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index c144016..a14276e 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -31,8 +31,8 @@ export const kIgnoreFilePath = join(process.cwd(), kIgnoreFileName); * TODO: create a proper logger abstract */ const logger = { - error: (message: string): void => { - const nodeEnv = process.env["NODE_ENV"]; + error: (message: string): void => { + const nodeEnv = process.env.NODE_ENV; if (nodeEnv !== "test") { log .error( @@ -40,7 +40,7 @@ const logger = { ) .print(); } - } + } }; function interpretNodeSecureConfigResult( @@ -93,10 +93,9 @@ export async function getIgnoreFile(): Promise { const ignoreObject = JSON.parse(ignoreFile); const { isValid, error } = validateIgnoreFile(ignoreObject); if (!isValid) { - logger - .error( - `x Invalid ignore file: ${error}, empty one will be used instead` - ); + logger.error( + `x Invalid ignore file: ${error}, empty one will be used instead` + ); return IgnorePatterns.default(); } From f27eb146673689f909a41e16ae5f497f52e56e8f Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Fri, 1 Jul 2022 23:38:12 +0200 Subject: [PATCH 24/25] doc: add .nodesecureignore base doc --- README.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/README.md b/README.md index 51ffdc6..b3dbc1d 100644 --- a/README.md +++ b/README.md @@ -183,6 +183,27 @@ If you don't have the possibility to generate a **.nodesecurerc** file, there ar The idea is to provide same options for all types of configuration. Nevertheless for now, the specific way to set a **warnings** dictionary (other than "error" | "warning" | "off" options) is only available when using the **.nodesecurerc** or **API** configurations. +#### .nodesecureignore (ignore file) + +During your NodeSecure journey it's possible that you'll find false positives. The `.nodesecureignore` is the perfect tool to address these cases. + +Let's say that you want to exclude `"unsafe-regex"` from `express`: + +1. Create your `.nodesecureignore` file at the root of your project + +2. Add the following JSON content: + +```json +{ + "warnings": { + "unsafe-regex": ["express"] + } +} +``` + +3. Run your analysis as usual: no more `unsafe-regex` for `express` package. + +> Found the list of warnings available [here](https://github.com/NodeSecure/js-x-ray#warnings) --- #### CLI From fc25e10b3d63555dc46cc9d8ed686de2acb24024 Mon Sep 17 00:00:00 2001 From: Tony Gorez Date: Sat, 2 Jul 2022 19:47:14 +0200 Subject: [PATCH 25/25] fix: IgnorePatterns & IgnoreWarningsPatterns abstract --- src/analysis/interpretation/interpret.spec.ts | 5 +-- .../external/nodesecure/ignore-file.ts | 4 +- .../external/nodesecure/index.spec.ts | 40 +++++++++++++++++-- .../external/nodesecure/index.ts | 18 +++++++-- src/configuration/external/standardize.ts | 2 +- src/configuration/standard/nsci.ts | 2 +- 6 files changed, 56 insertions(+), 15 deletions(-) diff --git a/src/analysis/interpretation/interpret.spec.ts b/src/analysis/interpretation/interpret.spec.ts index 68f2bf3..43a681e 100644 --- a/src/analysis/interpretation/interpret.spec.ts +++ b/src/analysis/interpretation/interpret.spec.ts @@ -7,7 +7,6 @@ import { expect } from "chai"; // Import Internal Dependencies import { IgnorePatterns, - IgnoreWarningsPatterns, WarningEntries } from "../../configuration/external/nodesecure/ignore-file"; import { Nsci } from "../../configuration/standard/index.js"; @@ -735,9 +734,7 @@ describe("Pipeline check workflow", () => { function createIgnorePatternsWith( warningsEntries: WarningEntries ): IgnorePatterns { - const warnings = new IgnoreWarningsPatterns(warningsEntries); - - return new IgnorePatterns(warnings); + return new IgnorePatterns(warningsEntries); } type SimplifiedWarningEntries = Record; diff --git a/src/configuration/external/nodesecure/ignore-file.ts b/src/configuration/external/nodesecure/ignore-file.ts index 08b1e42..f42b2d0 100644 --- a/src/configuration/external/nodesecure/ignore-file.ts +++ b/src/configuration/external/nodesecure/ignore-file.ts @@ -5,8 +5,8 @@ import Validator from "ajv"; export class IgnorePatterns { public warnings: IgnoreWarningsPatterns; - constructor(warnings: IgnoreWarningsPatterns = new IgnoreWarningsPatterns()) { - this.warnings = warnings; + constructor(warnings: WarningEntries = {}) { + this.warnings = new IgnoreWarningsPatterns(warnings); } static default(): IgnorePatterns { diff --git a/src/configuration/external/nodesecure/index.spec.ts b/src/configuration/external/nodesecure/index.spec.ts index e147be0..0322e3f 100644 --- a/src/configuration/external/nodesecure/index.spec.ts +++ b/src/configuration/external/nodesecure/index.spec.ts @@ -3,7 +3,7 @@ import { expect } from "chai"; import mock from "mock-fs"; // Internal Dependencies -import { IgnorePatterns } from "./ignore-file"; +import { IgnorePatterns, IgnoreWarningsPatterns } from "./ignore-file"; import { getIgnoreFile, kIgnoreFilePath } from "./index"; @@ -27,12 +27,46 @@ describe("getIgnoreFile", () => { }); it("should return the ignore file if it's valid", async () => { - const validIgnoreFile = { warnings: {} }; + const validIgnoreFile = { + warnings: { + "unsafe-regex": ["negotiator"] + } + }; createFakeIgnoreFile(JSON.stringify(validIgnoreFile)); const result = await getIgnoreFile(); - expect(result).to.be.deep.equal(validIgnoreFile); + expect(result).to.be.an.instanceof(IgnorePatterns); + expect(result).not.to.deep.equal({}); + mock.restore(); + }); + + it("should return an IgnorePatterns warnings property", async () => { + const validIgnoreFile = { + warnings: { + "unsafe-regex": ["negotiator"] + } + }; + createFakeIgnoreFile(JSON.stringify(validIgnoreFile)); + + const { warnings } = await getIgnoreFile(); + + expect(warnings).to.be.an.instanceof(IgnoreWarningsPatterns); + mock.restore(); + }); + + it("should return an helper to check if a warning exist for a given pkg", async () => { + const validIgnoreFile = { + warnings: { + "unsafe-regex": ["negotiator"] + } + }; + createFakeIgnoreFile(JSON.stringify(validIgnoreFile)); + + const result = await getIgnoreFile(); + + expect(result.warnings.has("unsafe-regex", "negotiator")).to.equal(true); + expect(result.warnings.has("unsafe-regex", "express")).to.equal(false); mock.restore(); }); }); diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index a14276e..821b7c7 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -8,7 +8,7 @@ import { match } from "ts-pattern"; import type { Result } from "ts-results"; // Import Internal Dependencies -import { consolePrinter } from "../../../../lib/console-printer"; +import { consolePrinter } from "../../../../lib/console-printer/index.js"; import { Maybe } from "../../../types/index.js"; import { defaultExternalConfigOptions, @@ -20,7 +20,7 @@ import { validateIgnoreFile, kIgnoreFileName, IgnorePatterns -} from "./ignore-file"; +} from "./ignore-file.js"; const { font: log } = consolePrinter; export const kIgnoreFilePath = join(process.cwd(), kIgnoreFileName); @@ -31,6 +31,16 @@ export const kIgnoreFilePath = join(process.cwd(), kIgnoreFileName); * TODO: create a proper logger abstract */ const logger = { + info: (message: string): void => { + const nodeEnv = process.env.NODE_ENV; + if (nodeEnv !== "test") { + log + .info( + `x Invalid ignore file: ${message}, empty one will be used instead` + ) + .print(); + } + }, error: (message: string): void => { const nodeEnv = process.env.NODE_ENV; if (nodeEnv !== "test") { @@ -99,9 +109,9 @@ export async function getIgnoreFile(): Promise { return IgnorePatterns.default(); } - log.success("✔ Ignore file loaded").print(); + logger.info("✔ Ignore file loaded"); - return JSON.parse(ignoreFile) as IgnorePatterns; + return new IgnorePatterns(ignoreObject.warnings); } catch (error: any) { logger.error(`x Cannot load ignore file: ${error.message}`); diff --git a/src/configuration/external/standardize.ts b/src/configuration/external/standardize.ts index 3ed8730..d25b7c8 100644 --- a/src/configuration/external/standardize.ts +++ b/src/configuration/external/standardize.ts @@ -2,7 +2,7 @@ import { RC as NodeSecureRuntimeConfig } from "@nodesecure/rc"; // Import Internal Dependencies -import { IgnorePatterns } from "../../configuration/external/nodesecure/ignore-file"; +import { IgnorePatterns } from "../../configuration/external/nodesecure/ignore-file.js"; import { Nsci } from "../standard/index.js"; import { adaptExternalToStandardConfiguration } from "./adapt.js"; diff --git a/src/configuration/standard/nsci.ts b/src/configuration/standard/nsci.ts index 3ead01a..5ff2e07 100644 --- a/src/configuration/standard/nsci.ts +++ b/src/configuration/standard/nsci.ts @@ -3,7 +3,7 @@ import type JSXRay from "@nodesecure/js-x-ray"; // Import Internal Dependencies import { ValueOf } from "../../types"; -import { IgnorePatterns } from "../external/nodesecure/ignore-file"; +import { IgnorePatterns } from "../external/nodesecure/ignore-file.js"; export const vulnStrategy = { npm: "NPM_AUDIT",