Skip to content

Commit

Permalink
Update dependencies and force-update qs (#6440)
Browse files Browse the repository at this point in the history
* Update dependencies and force-update qs

This is mainly an attempt to get rid of as many resolutions as possible
since it seems they are unnecessary except for qs (according to yarn/npm
audit).

For qs use 6.9.7 since Express is using 6.9.6 and that matches the most
closely.

Also add overrides since this is npm's version of yarn's resolutions and
we need it for the shrinkwrap to generate with the right dependencies.

Decided to keep pinning @types/node as well although I am not sure it is
necessary.  Express is pulling in v20 types.  Since this is
development-only we only need it in resolutions.

* Run formatter

Some rules seem to have changed with the dependency updates.

* Replace deprecated bodyParser.json() usage

* Audit npm shrinkwrap as well

* Skip installing dependencies in audit

It seems the tools only require the lock files.

* Fix tests when using ipv6

* Add missing openssl dependency to flake
  • Loading branch information
code-asher authored Sep 22, 2023
1 parent 47ee7ae commit acc50a5
Show file tree
Hide file tree
Showing 19 changed files with 1,054 additions and 1,219 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
uses: actions/checkout@v3

- name: Run prettier with actionsx/prettier
uses: actionsx/prettier@v2
uses: actionsx/prettier@v3
with:
args: --check --loglevel=warn .

Expand Down
19 changes: 5 additions & 14 deletions .github/workflows/security.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,21 +34,12 @@ jobs:
with:
node-version: "18"

- name: Fetch dependencies from cache
id: cache-yarn
uses: actions/cache@v3
with:
path: "**/node_modules"
key: yarn-build-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
yarn-build-
- name: Install dependencies
if: steps.cache-yarn.outputs.cache-hit != 'true'
run: SKIP_SUBMODULE_DEPS=1 yarn --frozen-lockfile
- name: Audit yarn for vulnerabilities
run: yarn audit
if: success()

- name: Audit for vulnerabilities
run: yarn _audit
- name: Audit npm for vulnerabilities
run: npm shrinkwrap && npm audit
if: success()

trivy-scan-repo:
Expand Down
2 changes: 1 addition & 1 deletion flake.nix
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
in {
devShells.default = pkgs.mkShell {
nativeBuildInputs = with pkgs; [
nodejs yarn' python3 pkg-config git rsync jq moreutils quilt bats
nodejs yarn' python3 pkg-config git rsync jq moreutils quilt bats openssl
];
buildInputs = with pkgs; (lib.optionals (!stdenv.isDarwin) [ libsecret libkrb5 ]
++ (with xorg; [ libX11 libxkbfile ])
Expand Down
101 changes: 44 additions & 57 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -38,75 +38,62 @@
},
"main": "out/node/entry.js",
"devDependencies": {
"@schemastore/package": "^0.0.6",
"@types/compression": "^1.7.0",
"@types/cookie-parser": "^1.4.2",
"@types/express": "^4.17.8",
"@types/http-proxy": "^1.17.4",
"@types/js-yaml": "^4.0.0",
"@schemastore/package": "^0.0.10",
"@types/compression": "^1.7.3",
"@types/cookie-parser": "^1.4.4",
"@types/express": "^4.17.17",
"@types/http-proxy": "1.17.7",
"@types/js-yaml": "^4.0.6",
"@types/node": "^18.0.0",
"@types/pem": "^1.9.5",
"@types/pem": "^1.14.1",
"@types/proxy-from-env": "^1.0.1",
"@types/safe-compare": "^1.1.0",
"@types/semver": "^7.1.0",
"@types/trusted-types": "^2.0.2",
"@types/ws": "^8.5.3",
"@typescript-eslint/eslint-plugin": "^5.41.0",
"@typescript-eslint/parser": "^5.41.0",
"audit-ci": "^6.0.0",
"doctoc": "2.2.1",
"eslint": "^8.26.0",
"eslint-config-prettier": "^8.5.0",
"eslint-import-resolver-typescript": "^3.5.2",
"eslint-plugin-import": "^2.26.0",
"eslint-plugin-prettier": "^4.2.1",
"prettier": "2.8.0",
"prettier-plugin-sh": "^0.12.8",
"ts-node": "^10.0.0",
"typescript": "^5.0.4"
},
"resolutions": {
"ansi-regex": "^5.0.1",
"normalize-package-data": "^5.0.0",
"doctoc/underscore": "^1.13.1",
"doctoc/**/trim": "^1.0.0",
"postcss": "^8.2.1",
"browserslist": "^4.16.5",
"safe-buffer": "^5.1.1",
"vfile-message": "^2.0.2",
"tar": "^6.1.9",
"path-parse": "^1.0.7",
"vm2": "^3.9.11",
"follow-redirects": "^1.14.8",
"node-fetch": "^2.6.7",
"nanoid": "^3.1.31",
"minimist": "npm:[email protected]",
"glob-parent": "^6.0.1",
"@types/node": "^18.0.0",
"qs": "^6.7.3"
"@types/semver": "^7.5.2",
"@types/trusted-types": "^2.0.4",
"@types/ws": "^8.5.5",
"@typescript-eslint/eslint-plugin": "^6.7.2",
"@typescript-eslint/parser": "^6.7.2",
"audit-ci": "^6.6.1",
"doctoc": "^2.2.1",
"eslint": "^8.49.0",
"eslint-config-prettier": "^9.0.0",
"eslint-import-resolver-typescript": "^3.6.0",
"eslint-plugin-import": "^2.28.1",
"eslint-plugin-prettier": "^5.0.0",
"prettier": "^3.0.3",
"prettier-plugin-sh": "^0.13.1",
"ts-node": "^10.9.1",
"typescript": "^5.2.2"
},
"dependencies": {
"@coder/logger": "^3.0.0",
"argon2": "0.31.0",
"@coder/logger": "^3.0.1",
"argon2": "^0.31.1",
"compression": "^1.7.4",
"cookie-parser": "^1.4.5",
"env-paths": "^2.2.0",
"cookie-parser": "^1.4.6",
"env-paths": "^2.2.1",
"express": "5.0.0-alpha.8",
"http-proxy": "^1.18.0",
"http-proxy": "^1.18.1",
"httpolyglot": "^0.1.2",
"i18next": "^23.2.11",
"js-yaml": "^4.0.0",
"i18next": "^23.5.1",
"js-yaml": "^4.1.0",
"limiter": "^2.1.0",
"pem": "^1.14.2",
"proxy-agent": "^6.2.1",
"qs": "6.11.0",
"rotating-file-stream": "^3.0.0",
"safe-buffer": "^5.1.1",
"pem": "^1.14.8",
"proxy-agent": "^6.3.1",
"qs": "6.9.7",
"rotating-file-stream": "^3.1.1",
"safe-buffer": "^5.2.1",
"safe-compare": "^1.1.4",
"semver": "^7.1.3",
"ws": "^8.0.0",
"semver": "^7.5.4",
"ws": "^8.14.2",
"xdg-basedir": "^4.0.0"
},
"resolutions": {
"@types/node": "^18.0.0",
"qs": "6.9.7"
},
"overrides": {
"qs": "6.9.7"
},
"bin": {
"code-server": "out/node/entry.js"
},
Expand Down
2 changes: 1 addition & 1 deletion src/browser/pages/error.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!DOCTYPE html>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
Expand Down
4 changes: 3 additions & 1 deletion src/browser/pages/global.css
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,9 @@ button {
.card-box {
background-color: rgb(250, 253, 258);
border-radius: 5px;
box-shadow: rgba(60, 66, 87, 0.117647) 0px 7px 14px 0px, rgba(0, 0, 0, 0.117647) 0px 3px 6px 0px;
box-shadow:
rgba(60, 66, 87, 0.117647) 0px 7px 14px 0px,
rgba(0, 0, 0, 0.117647) 0px 3px 6px 0px;
max-width: 650px;
width: 100%;
}
Expand Down
2 changes: 1 addition & 1 deletion src/browser/pages/login.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!DOCTYPE html>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
Expand Down
6 changes: 5 additions & 1 deletion src/common/http.ts
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,11 @@ export enum HttpCode {
* used in the HTTP response.
*/
export class HttpError extends Error {
public constructor(message: string, public readonly statusCode: HttpCode, public readonly details?: object) {
public constructor(
message: string,
public readonly statusCode: HttpCode,
public readonly details?: object,
) {
super(message)
this.name = this.constructor.name
}
Expand Down
5 changes: 4 additions & 1 deletion src/node/heart.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,10 @@ export class Heart {
private heartbeatInterval = 60000
public lastHeartbeat = 0

public constructor(private readonly heartbeatPath: string, private readonly isActive: () => Promise<boolean>) {
public constructor(
private readonly heartbeatPath: string,
private readonly isActive: () => Promise<boolean>,
) {
this.beat = this.beat.bind(this)
this.alive = this.alive.bind(this)
}
Expand Down
2 changes: 1 addition & 1 deletion src/node/i18n/index.ts
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import i18next, { init } from "i18next"
import * as en from "./locales/en.json"
import * as ja from "./locales/ja.json"
import * as th from "./locales/th.json"
import * as zhCn from "./locales/zh-cn.json"
import * as ja from "./locales/ja.json"
init({
lng: "en",
fallbackLng: "en", // language to use if translations in user language are not available.
Expand Down
5 changes: 4 additions & 1 deletion src/node/wrapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,10 @@ type ChildMessage = RelaunchMessage | ChildHandshakeMessage
type ParentMessage = ParentHandshakeMessage

class ProcessError extends Error {
public constructor(message: string, public readonly code: number | undefined) {
public constructor(
message: string,
public readonly code: number | undefined,
) {
super(message)
this.name = this.constructor.name
Error.captureStackTrace(this, this.constructor)
Expand Down
5 changes: 4 additions & 1 deletion test/e2e/models/CodeServer.ts
Original file line number Diff line number Diff line change
Expand Up @@ -269,7 +269,10 @@ export class CodeServer {
export class CodeServerPage {
private readonly editorSelector = "div.monaco-workbench"

constructor(private readonly codeServer: CodeServer, public readonly page: Page) {
constructor(
private readonly codeServer: CodeServer,
public readonly page: Page,
) {
this.page.on("console", (message) => {
this.codeServer.logger.debug(message.text())
})
Expand Down
2 changes: 1 addition & 1 deletion test/unit/node/app.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ describe("createApp", () => {
app.dispose()
}

expect(() => masterBall()).rejects.toThrow(`listen EACCES: permission denied 127.0.0.1:${port}`)
expect(() => masterBall()).rejects.toThrow("listen EACCES: permission denied")
})

it("should unlink a socket before listening on the socket", async () => {
Expand Down
7 changes: 3 additions & 4 deletions test/unit/node/proxy.test.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
import * as bodyParser from "body-parser"
import * as express from "express"
import * as http from "http"
import nodeFetch from "node-fetch"
Expand Down Expand Up @@ -110,7 +109,7 @@ describe("proxy", () => {
})

it("should allow post bodies", async () => {
e.use(bodyParser.json({ strict: false }))
e.use(express.json({ strict: false }))
e.post("/wsup", (req, res) => {
res.json(req.body)
})
Expand All @@ -127,7 +126,7 @@ describe("proxy", () => {
})

it("should handle bad requests", async () => {
e.use(bodyParser.json({ strict: false }))
e.use(express.json({ strict: false }))
e.post("/wsup", (req, res) => {
res.json(req.body)
})
Expand All @@ -154,7 +153,7 @@ describe("proxy", () => {
})

it("should handle errors", async () => {
e.use(bodyParser.json({ strict: false }))
e.use(express.json({ strict: false }))
e.post("/wsup", (req, res) => {
throw new Error("BROKEN")
})
Expand Down
2 changes: 1 addition & 1 deletion test/unit/node/test-plugin/public/index.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!DOCTYPE html>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8" />
Expand Down
Loading

0 comments on commit acc50a5

Please sign in to comment.