From 37245261374b2a7f039e2df182939de8ba049671 Mon Sep 17 00:00:00 2001 From: Dzmitry Kosarau Date: Tue, 7 Nov 2023 13:19:57 +0500 Subject: [PATCH 1/4] EPMRPP-87408 || Update axios package --- CHANGELOG.md | 2 ++ package-lock.json | 18 ++++++++++++------ package.json | 2 +- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8dfa1e0..96165b9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,5 @@ +### Security +- Updated versions of vulnerable packages (axios). ### Added - Logging link to the launch on the launch finish diff --git a/package-lock.json b/package-lock.json index 8757dfe..cf9edd5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "5.0.14", "license": "Apache-2.0", "dependencies": { - "axios": "^0.27.2", + "axios": "^1.6.0", "axios-retry": "^3.4.0", "glob": "^7.2.3", "ini": "^2.0.0", @@ -1320,12 +1320,13 @@ } }, "node_modules/axios": { - "version": "0.27.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz", - "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==", + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", + "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", "dependencies": { - "follow-redirects": "^1.14.9", - "form-data": "^4.0.0" + "follow-redirects": "^1.15.0", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" } }, "node_modules/axios-retry": { @@ -3962,6 +3963,11 @@ "node": ">= 8" } }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, "node_modules/punycode": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz", diff --git a/package.json b/package.json index 8006a69..eace5dd 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ "node": ">=10.x" }, "dependencies": { - "axios": "^0.27.2", + "axios": "^1.6.0", "axios-retry": "^3.4.0", "glob": "^7.2.3", "ini": "^2.0.0", From 141535e4b18bf0d9a0c125dbd938848fc9a19c09 Mon Sep 17 00:00:00 2001 From: Dzmitry Kosarau Date: Thu, 9 Nov 2023 12:13:58 +0500 Subject: [PATCH 2/4] EPMRPP-87408 || add flag to support nodejs 10 --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index eace5dd..e8fcd26 100644 --- a/package.json +++ b/package.json @@ -8,8 +8,8 @@ "clean": "rimraf ./build", "lint": "eslint ./statistics/**/* ./lib/**/* ./spec/**/*", "format": "npm run lint -- --fix", - "test": "nyc ./node_modules/jasmine/bin/jasmine.js", - "test:coverage": "nyc report --reporter=lcov --reporter=text-summary" + "test": "nyc node --experimental-modules ./node_modules/jasmine/bin/jasmine.js", + "test:coverage": "nyc node --experimental-modules report --reporter=lcov --reporter=text-summary" }, "directories": { "lib": "./lib" From 2b862903b83045f6aab40ae40b92c1fef037c061 Mon Sep 17 00:00:00 2001 From: Dzmitry Kosarau Date: Thu, 9 Nov 2023 12:17:10 +0500 Subject: [PATCH 3/4] EPMRPP-87408 || Fix pipeline --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index e8fcd26..8561cce 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ "lint": "eslint ./statistics/**/* ./lib/**/* ./spec/**/*", "format": "npm run lint -- --fix", "test": "nyc node --experimental-modules ./node_modules/jasmine/bin/jasmine.js", - "test:coverage": "nyc node --experimental-modules report --reporter=lcov --reporter=text-summary" + "test:coverage": "nyc report --reporter=lcov --reporter=text-summary" }, "directories": { "lib": "./lib" From dffea9dac14b7585ee410bee9402b8f9b4a75159 Mon Sep 17 00:00:00 2001 From: Dzmitry Kosarau Date: Thu, 9 Nov 2023 12:20:01 +0500 Subject: [PATCH 4/4] EPMRPP-87408 || Add node options --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 8561cce..7de706f 100644 --- a/package.json +++ b/package.json @@ -8,7 +8,7 @@ "clean": "rimraf ./build", "lint": "eslint ./statistics/**/* ./lib/**/* ./spec/**/*", "format": "npm run lint -- --fix", - "test": "nyc node --experimental-modules ./node_modules/jasmine/bin/jasmine.js", + "test": "NODE_OPTIONS=--experimental-modules nyc ./node_modules/jasmine/bin/jasmine.js", "test:coverage": "nyc report --reporter=lcov --reporter=text-summary" }, "directories": {