From a86bcb0a8a62407f431138a29606aa2223f4b827 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:41:16 -0500 Subject: [PATCH 01/11] Add .circleci/config.yml --- .circleci/config.yml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 00000000000..bb68f37ad27 --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,38 @@ +version: 2.1 +orbs: + snyk: snyk/snyk@0.0.8 + +jobs: # a collection of steps + build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + working_directory: ~/goof + docker: + - image: circleci/node@3.0.0 + steps: + - run: + name: echo "install and build npm project" + command: 'npm install' + - run: + name: echo "build project" + command: 'npm run build' + #- run: + # name: echo "build Docker image" + # command: 'docker build -t my-new-container-goof-image .' + + - snyk/scan: + fail-on-issues: false + monitor-on-build: true + token-variable: SNYKTOKEN + organization: panda-not-omar + project: circleCi-dotnet-goof + severity-threshold: high + +#workflows: + #node-tests: + #jobs: + # - node/test + #- snyk/scan: + # fail-on-issues: false + # monitor-on-build: true + # token-variable: SNYKTOKEN + # organization: panda-not-omar + # project: circleCi-dotnet-goof \ No newline at end of file From 78a80e3be2a035d99021011ed9e5653af73ef313 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:42:59 -0500 Subject: [PATCH 02/11] Updated config.yml --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index bb68f37ad27..797edeaf68f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -6,7 +6,7 @@ jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof docker: - - image: circleci/node@3.0.0 + - image: circleci/node:4.8.2 steps: - run: name: echo "install and build npm project" @@ -25,7 +25,7 @@ jobs: # a collection of steps organization: panda-not-omar project: circleCi-dotnet-goof severity-threshold: high - + workflows: null #workflows: #node-tests: #jobs: From 947b2e626577f4efffb634ebcfbc01d9d20e5845 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:45:53 -0500 Subject: [PATCH 03/11] Updated config.yml --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 797edeaf68f..2309864fdbe 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -10,7 +10,7 @@ jobs: # a collection of steps steps: - run: name: echo "install and build npm project" - command: 'npm install' + command: 'sudo npm install' - run: name: echo "build project" command: 'npm run build' @@ -23,7 +23,7 @@ jobs: # a collection of steps monitor-on-build: true token-variable: SNYKTOKEN organization: panda-not-omar - project: circleCi-dotnet-goof + project: circleCi-goof severity-threshold: high workflows: null #workflows: From 1e7b1740d27b53de18b907257c76e0078a6e3a01 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:49:02 -0500 Subject: [PATCH 04/11] Updated config.yml --- .circleci/config.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2309864fdbe..5dddf8198fa 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -7,10 +7,11 @@ jobs: # a collection of steps working_directory: ~/goof docker: - image: circleci/node:4.8.2 - steps: + steps: + - checkout - run: name: echo "install and build npm project" - command: 'sudo npm install' + command: 'sudo npm install -g npm@latest' - run: name: echo "build project" command: 'npm run build' From 01383b46f6a7bd35a35345d30bd551bf246d4aab Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:52:00 -0500 Subject: [PATCH 05/11] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 5dddf8198fa..40dba8a64ac 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -11,7 +11,7 @@ jobs: # a collection of steps - checkout - run: name: echo "install and build npm project" - command: 'sudo npm install -g npm@latest' + command: 'sudo npm install -q' - run: name: echo "build project" command: 'npm run build' From 2c54c9fe2764743d39b9f8dffc63ca092dfcff0b Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:13:10 -0500 Subject: [PATCH 06/11] Updated config.yml --- .circleci/config.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 40dba8a64ac..0825bc46073 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,6 +2,11 @@ version: 2.1 orbs: snyk: snyk/snyk@0.0.8 +workflows: + test-env-vars: + jobs: + - build: + context: Snyk # has an env var called Snyk-Token jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof @@ -18,7 +23,7 @@ jobs: # a collection of steps #- run: # name: echo "build Docker image" # command: 'docker build -t my-new-container-goof-image .' - + - snyk/scan: fail-on-issues: false monitor-on-build: true @@ -26,7 +31,7 @@ jobs: # a collection of steps organization: panda-not-omar project: circleCi-goof severity-threshold: high - workflows: null + #workflows: #node-tests: #jobs: From efef4c3ebb7573b0c42afe7563643727af65d8fb Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:32:36 -0500 Subject: [PATCH 07/11] Updated Config.yml with container scan --- .circleci/config.yml | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 0825bc46073..d97af85ae35 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,10 +2,10 @@ version: 2.1 orbs: snyk: snyk/snyk@0.0.8 -workflows: - test-env-vars: +workflows: #creating a workflow to define the context - collection of different jobs + test-env-vars: #setting up a job to define the context which this project will use jobs: - - build: + - build: #building the relevant context context: Snyk # has an env var called Snyk-Token jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run @@ -23,7 +23,6 @@ jobs: # a collection of steps #- run: # name: echo "build Docker image" # command: 'docker build -t my-new-container-goof-image .' - - snyk/scan: fail-on-issues: false monitor-on-build: true @@ -31,7 +30,30 @@ jobs: # a collection of steps organization: panda-not-omar project: circleCi-goof severity-threshold: high - + + jobs: # a collection of steps + build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + working_directory: ~/goof + docker: + - image: circleci/buildpack-deps:stretch + environment: + IMAGE_NAME: akanchhaS/goof + steps: + - checkout + - setup_remote_docker + - run: + name: echo "Build Docker image" + command: 'docker build -t my-new-container-circleCI-goof-image .' + - snyk/scan: + fail-on-issues: false + monitor-on-build: true + token-variable: SNYKTOKEN + organization: panda-not-omar + project: circleCi-goof-container + severity-threshold: low + target-file: Dockerfile + docker-image-name: my-new-container-circleCI-goof-image + #workflows: #node-tests: #jobs: From 43d561e2caa60165b49c1cfef00e59eac5bca9ef Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:36:16 -0500 Subject: [PATCH 08/11] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index d97af85ae35..150f8403166 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -33,7 +33,7 @@ jobs: # a collection of steps jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run - working_directory: ~/goof + #working_directory: ~/goof docker: - image: circleci/buildpack-deps:stretch environment: From 0fd541e629f42567822dd21f5cc16dc3a5663c7c Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:43:56 -0500 Subject: [PATCH 09/11] Updated config.yml --- .circleci/config.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 150f8403166..0b73b687d78 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -5,10 +5,14 @@ orbs: workflows: #creating a workflow to define the context - collection of different jobs test-env-vars: #setting up a job to define the context which this project will use jobs: - - build: #building the relevant context + - build-test-monitor-app: #building the relevant context context: Snyk # has an env var called Snyk-Token + - build-test-monitor-docker: + context: Snyk + + jobs: # a collection of steps - build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + build-test-monitor-app: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof docker: - image: circleci/node:4.8.2 @@ -31,8 +35,8 @@ jobs: # a collection of steps project: circleCi-goof severity-threshold: high - jobs: # a collection of steps - build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + + build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - image: circleci/buildpack-deps:stretch From 66fcbff47f745ef79cc6527ffb5d7a14b9e4089e Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:51:59 -0500 Subject: [PATCH 10/11] Updated config.yml --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 0b73b687d78..378a7a17495 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -47,7 +47,7 @@ jobs: # a collection of steps - setup_remote_docker - run: name: echo "Build Docker image" - command: 'docker build -t my-new-container-circleCI-goof-image .' + command: 'docker build -t my-new-container-circleci-goof-image .' - snyk/scan: fail-on-issues: false monitor-on-build: true @@ -56,7 +56,7 @@ jobs: # a collection of steps project: circleCi-goof-container severity-threshold: low target-file: Dockerfile - docker-image-name: my-new-container-circleCI-goof-image + docker-image-name: my-new-container-circleci-goof-image #workflows: #node-tests: From 70cca5d1de0746d6ebbf63f4979f3a43c8a74dda Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 15 Sep 2021 07:00:47 +0000 Subject: [PATCH 11/11] feat: upgrade express-fileupload from 0.0.5 to 1.2.1 Snyk has created this PR to upgrade express-fileupload from 0.0.5 to 1.2.1. See this package in npm: https://www.npmjs.com/package/express-fileupload See this project in Snyk: https://app.snyk.io/org/ninja-co./project/72dd65a6-a474-411a-bf88-c24587e09bf3?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 41 ++++------------------------------------- package.json | 2 +- 2 files changed, 5 insertions(+), 38 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9a27820a7a2..67806db6272 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1370,14 +1370,6 @@ "xdg-basedir": "^3.0.0" } }, - "connect-busboy": { - "version": "0.0.2", - "resolved": "https://registry.npmjs.org/connect-busboy/-/connect-busboy-0.0.2.tgz", - "integrity": "sha1-rFyclmchcYheV2xmsr/ZXTuxEJc=", - "requires": { - "busboy": "*" - } - }, "console-browserify": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/console-browserify/-/console-browserify-1.1.0.tgz", @@ -2165,13 +2157,11 @@ } }, "express-fileupload": { - "version": "0.0.5", - "resolved": "https://registry.npmjs.org/express-fileupload/-/express-fileupload-0.0.5.tgz", - "integrity": "sha1-QzpxJSWvqYtMkxYlIui/ecaNguc=", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/express-fileupload/-/express-fileupload-1.2.1.tgz", + "integrity": "sha512-fWPNAkBj+Azt9Itmcz/Reqdg3LeBfaXptDEev2JM8bCC0yDptglCnlizhf0YZauyU5X/g6v7v4Xxqhg8tmEfEA==", "requires": { - "connect-busboy": "0.0.2", - "fs-extra": "^0.22.1", - "streamifier": "^0.1.1" + "busboy": "^0.3.1" } }, "express-session": { @@ -2422,16 +2412,6 @@ "resolved": "https://registry.npmjs.org/fs-exists-cached/-/fs-exists-cached-1.0.0.tgz", "integrity": "sha1-zyVVTKBQ3EmuZla0HeQiWJidy84=" }, - "fs-extra": { - "version": "0.22.1", - "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-0.22.1.tgz", - "integrity": "sha1-X9b4BJ3JdsoZ6yNV1lgXPKvM4FY=", - "requires": { - "graceful-fs": "^4.1.2", - "jsonfile": "^2.1.0", - "rimraf": "^2.2.8" - } - }, "fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", @@ -3338,14 +3318,6 @@ "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" }, - "jsonfile": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-2.4.0.tgz", - "integrity": "sha1-NzaitCi4e72gzIO1P6PWM6NcKug=", - "requires": { - "graceful-fs": "^4.1.6" - } - }, "jsonify": { "version": "0.0.0", "resolved": "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz", @@ -8956,11 +8928,6 @@ } } }, - "streamifier": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/streamifier/-/streamifier-0.1.1.tgz", - "integrity": "sha1-l+mNj6TRBdYqJpHR3AfoINuN/E8=" - }, "streamsearch": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-0.1.2.tgz", diff --git a/package.json b/package.json index 23795fb4736..3ceb71fe1d4 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,7 @@ "ejs-locals": "1.0.2", "errorhandler": "1.2.0", "express": "4.12.4", - "express-fileupload": "0.0.5", + "express-fileupload": "1.2.1", "express-session": "^1.17.2", "file-type": "^8.1.0", "hbs": "^4.0.4",