diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 00000000000..c63c469088c --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,79 @@ +version: 2.1 +orbs: + snyk: snyk/snyk@1.1.1 + +workflows: #creating a workflow to define the context - collection of different jobs + test-env-vars: #setting up a job to define the context which this project will use + jobs: + - build-test-monitor-app: #building the relevant context + context: Snyk # has an env var called Snyk-Token + - build-test-monitor-docker: + context: Snyk + + +jobs: # a collection of steps + build-test-monitor-app: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + working_directory: ~/goof + docker: + - image: 'cimg/node:lts' + steps: + - checkout + - run: npm ci + - snyk/scan: + fail-on-issues: false + monitor-on-build: true + token-variable: SNYKTOKEN + organization: ninja-snyker + project: circleCi-goof + severity-threshold: high + + + build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + #working_directory: ~/goof + docker: + - image: circleci/buildpack-deps:stretch + environment: + IMAGE_NAME: akanchhaS/goof + steps: + - checkout + - setup_remote_docker + - run: + name: echo "Build Docker image" + command: 'docker build -t my-new-container-circleci-goof-image .' + - snyk/scan: + fail-on-issues: false + monitor-on-build: true + token-variable: SNYKTOKEN + organization: ninja-snyker + project: circleCi-goof-container + severity-threshold: low + target-file: Dockerfile + docker-image-name: my-new-container-circleci-goof-image +build-test-monitor-iac: +docker: + - image: 'snyk/snyk-cli:npm' +parameters: + args: + default: '' + description: > + See the Snyk CLI help page for information on additional arguments: + https://support.snyk.io/hc/en-us/articles/360003812578-CLI-reference + type: string +resource_class: medium +steps: + - checkout + - scan: + additional-arguments: ' ' + command: iac test + monitor-on-build: false + +#workflows: + #node-tests: + #jobs: + # - node/test + #- snyk/scan: + # fail-on-issues: false + # monitor-on-build: true + # token-variable: SNYKTOKEN + # organization: panda-not-omar + # project: circleCi-dotnet-goof \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 811932ff6b8..496480177a1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,7 @@ # FROM node:6-stretch -FROM node:14.1.0 +FROM node:current-alpine3.14 +RUN mkdir /usr/src RUN mkdir /usr/src/goof RUN mkdir /tmp/extracted_files COPY . /usr/src/goof diff --git a/package-lock.json b/package-lock.json index 9a27820a7a2..1283840ca75 100644 --- a/package-lock.json +++ b/package-lock.json @@ -174,8 +174,7 @@ "@types/node": { "version": "13.1.7", "resolved": "https://registry.npmjs.org/@types/node/-/node-13.1.7.tgz", - "integrity": "sha512-HU0q9GXazqiKwviVxg9SI/+t/nAsGkvLDkIdxz+ObejG2nX6Si00TeLqHMoS+a/1tjH7a8YpKVQwtgHuMQsldg==", - "dev": true + "integrity": "sha512-HU0q9GXazqiKwviVxg9SI/+t/nAsGkvLDkIdxz+ObejG2nX6Si00TeLqHMoS+a/1tjH7a8YpKVQwtgHuMQsldg==" }, "@types/restify": { "version": "4.3.6", @@ -193,6 +192,20 @@ "integrity": "sha512-41qEJgBH/TWgo5NFSvBCJ1qkoi3Q6ONSF2avrHq1LVEZfYpdHmj0y9SuTK+u9ZhG1sYQKBL1AWXKyLWP4RaUoQ==", "dev": true }, + "@types/webidl-conversions": { + "version": "6.1.1", + "resolved": "https://registry.npmjs.org/@types/webidl-conversions/-/webidl-conversions-6.1.1.tgz", + "integrity": "sha512-XAahCdThVuCFDQLT7R7Pk/vqeObFNL3YqRyFZg+AqAP/W1/w3xHaIxuW7WszQqTbIBOPRcItYJIou3i/mppu3Q==" + }, + "@types/whatwg-url": { + "version": "8.2.1", + "resolved": "https://registry.npmjs.org/@types/whatwg-url/-/whatwg-url-8.2.1.tgz", + "integrity": "sha512-2YubE1sjj5ifxievI5Ge1sckb9k/Er66HyR2c+3+I6VDUUg1TLPdYYTEbQ+DjRkS4nTxMJhgWfSfMRD2sl2EYQ==", + "requires": { + "@types/node": "*", + "@types/webidl-conversions": "*" + } + }, "@types/xml2js": { "version": "0.4.3", "resolved": "https://registry.npmjs.org/@types/xml2js/-/xml2js-0.4.3.tgz", @@ -444,11 +457,6 @@ "integrity": "sha512-uWMHxJxtfj/1oZClOxDEV1sQ1HCDkA4MG8Gr69KKeBjEVH0R84WlejZ0y2DcwyBlpAEMltmVYkVgqfLFb2oyiA==", "dev": true }, - "async": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/async/-/async-0.9.0.tgz", - "integrity": "sha1-rDYTsdqb7RtHUQu0ZRuJMeRxRsc=" - }, "async-cache": { "version": "0.1.5", "resolved": "https://registry.npmjs.org/async-cache/-/async-cache-0.1.5.tgz", @@ -843,9 +851,28 @@ } }, "bson": { - "version": "0.4.23", - "resolved": "https://registry.npmjs.org/bson/-/bson-0.4.23.tgz", - "integrity": "sha1-5louPHUH/63kEJvHV1p25Q+NqRU=" + "version": "4.6.1", + "resolved": "https://registry.npmjs.org/bson/-/bson-4.6.1.tgz", + "integrity": "sha512-I1LQ7Hz5zgwR4QquilLNZwbhPw0Apx7i7X9kGMBTsqPdml/03Q9NBtD9nt/19ahjlphktQImrnderxqpzeVDjw==", + "requires": { + "buffer": "^5.6.0" + }, + "dependencies": { + "base64-js": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==" + }, + "buffer": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", + "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "requires": { + "base64-js": "^1.3.1", + "ieee754": "^1.1.13" + } + } + } }, "buffer": { "version": "4.9.1", @@ -1917,11 +1944,6 @@ "escape-html": "1.0.1" } }, - "es6-promise": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-2.1.1.tgz", - "integrity": "sha1-A+jzxyl5KOVHjWqx0GQyUVB73t0=" - }, "es6-promisify": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/es6-promisify/-/es6-promisify-5.0.0.tgz", @@ -2793,11 +2815,6 @@ "minimalistic-crypto-utils": "^1.0.1" } }, - "hooks-fixed": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/hooks-fixed/-/hooks-fixed-1.1.0.tgz", - "integrity": "sha1-DowVM2cI5mERhf45C0RofdUjDbs=" - }, "hosted-git-info": { "version": "2.8.5", "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.5.tgz", @@ -3271,7 +3288,8 @@ "isarray": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", - "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=" + "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=", + "dev": true }, "isexe": { "version": "2.0.0", @@ -3420,18 +3438,9 @@ } }, "kareem": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/kareem/-/kareem-1.0.1.tgz", - "integrity": "sha1-eAXSFbtTIU7Dr5aaHQsfF+PnuVw=" - }, - "kerberos": { - "version": "0.0.24", - "resolved": "https://registry.npmjs.org/kerberos/-/kerberos-0.0.24.tgz", - "integrity": "sha512-QO6bFq9eETHB5zcA0OJiQtw137TH45OuUcGtI+QGg2ZJQIPCvwXL2kjCqZZMColcIdbPhj4X40EY5f3oOiBfiw==", - "optional": true, - "requires": { - "nan": "~2.10.0" - } + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.3.3.tgz", + "integrity": "sha512-uESCXM2KdtOQ8LOvKyTUXEeg0MkYp4wGglTIpGcYHvjJcS5sn2Wkfrfit8m4xSbaNDAw2KdI9elgkOxZbrFYbg==" }, "keyv": { "version": "3.1.0", @@ -3877,59 +3886,52 @@ } } }, - "mongodb-core": { - "version": "1.2.19", - "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-1.2.19.tgz", - "integrity": "sha1-/LNfa2q8XD3h8aSl21JrnjBvPrc=", + "mongodb-connection-string-url": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/mongodb-connection-string-url/-/mongodb-connection-string-url-2.4.2.tgz", + "integrity": "sha512-mZUXF6nUzRWk5J3h41MsPv13ukWlH4jOMSk6astVeoZ1EbdTJyF5I3wxKkvqBAOoVtzLgyEYUvDjrGdcPlKjAw==", "requires": { - "bson": "~0.4.19", - "kerberos": "~0.0" + "@types/whatwg-url": "^8.2.1", + "whatwg-url": "^11.0.0" } }, "mongoose": { - "version": "4.2.4", - "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-4.2.4.tgz", - "integrity": "sha1-4vjAB92Dj2YztPbJZbqSojKskxc=", - "requires": { - "async": "0.9.0", - "bson": "~0.4.18", - "hooks-fixed": "1.1.0", - "kareem": "1.0.1", - "mongodb": "2.0.46", - "mpath": "0.1.1", - "mpromise": "0.5.4", - "mquery": "1.6.3", - "ms": "0.7.1", - "muri": "1.0.0", - "regexp-clone": "0.0.1", - "sliced": "0.0.5" + "version": "6.1.7", + "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-6.1.7.tgz", + "integrity": "sha512-GqU/G/5yu/CWBHdW24cfGPsW4rADER+eeXj+bwvb6mLjg6uAASl8GnE6pmEbafZJ4Uv9V7jf5LaBMJMNwvQEtg==", + "requires": { + "@types/node": "< 17.0.6", + "bson": "^4.2.2", + "kareem": "2.3.3", + "mongodb": "4.2.2", + "mpath": "0.8.4", + "mquery": "4.0.0", + "ms": "2.1.2", + "regexp-clone": "1.0.0", + "sift": "13.5.2", + "sliced": "1.0.1" }, "dependencies": { + "denque": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/denque/-/denque-2.0.1.tgz", + "integrity": "sha512-tfiWc6BQLXNLpNiR5iGd0Ocu3P3VpxfzFiqubLgMfhfOw9WyvgJBd46CClNn9k3qfbjvT//0cf7AlYRX/OslMQ==" + }, "mongodb": { - "version": "2.0.46", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-2.0.46.tgz", - "integrity": "sha1-sbhXRl5F4lmx4OAzaYNBpky5NVk=", + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.2.2.tgz", + "integrity": "sha512-zt8rCTnTKyMQppyt63qMnrLM5dbADgUk18ORPF1XbtHLIYCyc9hattaYHi0pqMvNxDpgGgUofSVzS+UQErgTug==", "requires": { - "es6-promise": "2.1.1", - "mongodb-core": "1.2.19", - "readable-stream": "1.0.31" + "bson": "^4.6.0", + "denque": "^2.0.1", + "mongodb-connection-string-url": "^2.3.2", + "saslprep": "^1.0.3" } }, "ms": { - "version": "0.7.1", - "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz", - "integrity": "sha1-nNE8A62/8ltl7/3nzoZO6VIBcJg=" - }, - "readable-stream": { - "version": "1.0.31", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.31.tgz", - "integrity": "sha1-jyUC4LyeOw2huUUgqrtOJgPsr64=", - "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.1", - "isarray": "0.0.1", - "string_decoder": "~0.10.x" - } + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" } } }, @@ -3979,44 +3981,18 @@ } }, "mpath": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/mpath/-/mpath-0.1.1.tgz", - "integrity": "sha1-I9qFK3wjLuCX9HWdKcDunNItXkY=" - }, - "mpromise": { - "version": "0.5.4", - "resolved": "https://registry.npmjs.org/mpromise/-/mpromise-0.5.4.tgz", - "integrity": "sha1-thBhPsbeN0GflEs18Hg7Ten13HU=" + "version": "0.8.4", + "resolved": "https://registry.npmjs.org/mpath/-/mpath-0.8.4.tgz", + "integrity": "sha512-DTxNZomBcTWlrMW76jy1wvV37X/cNNxPW1y2Jzd4DZkAaC5ZGsm8bfGfNOthcDuRJujXLqiuS6o3Tpy0JEoh7g==" }, "mquery": { - "version": "1.6.3", - "resolved": "https://registry.npmjs.org/mquery/-/mquery-1.6.3.tgz", - "integrity": "sha1-fAK/t+ScgBLOzhVWxeZf72HzyOU=", - "requires": { - "bluebird": "2.9.26", - "debug": "2.2.0", - "regexp-clone": "0.0.1", - "sliced": "0.0.5" - }, - "dependencies": { - "bluebird": { - "version": "2.9.26", - "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-2.9.26.tgz", - "integrity": "sha1-Nidy6k0J9VakufO2TC/RNuh+OlU=" - }, - "debug": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.2.0.tgz", - "integrity": "sha1-+HBX6ZWxofauaklgZkE3vFbwOdo=", - "requires": { - "ms": "0.7.1" - } - }, - "ms": { - "version": "0.7.1", - "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz", - "integrity": "sha1-nNE8A62/8ltl7/3nzoZO6VIBcJg=" - } + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/mquery/-/mquery-4.0.0.tgz", + "integrity": "sha512-nGjm89lHja+T/b8cybAby6H0YgA4qYC/lx6UlwvHGqvTq8bDaNeCwl1sY8uRELrNbVWJzIihxVd+vphGGn1vBw==", + "requires": { + "debug": "4.x", + "regexp-clone": "^1.0.0", + "sliced": "1.0.1" } }, "ms": { @@ -4024,11 +4000,6 @@ "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.3.tgz", "integrity": "sha1-cIFVpeROM/X9D8U+gdDUCpG+H/8=" }, - "muri": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/muri/-/muri-1.0.0.tgz", - "integrity": "sha1-3jv2vXHWfq5x12aJuVDS3hGGlcY=" - }, "mute-stream": { "version": "0.0.7", "resolved": "https://registry.npmjs.org/mute-stream/-/mute-stream-0.0.7.tgz", @@ -4056,12 +4027,6 @@ "thenify-all": "^1.0.0" } }, - "nan": { - "version": "2.10.0", - "resolved": "https://registry.npmjs.org/nan/-/nan-2.10.0.tgz", - "integrity": "sha512-bAdJv7fBLhWC+/Bls0Oza+mvTaNQtP+1RyhhhvD95pgUJz6XM5IzgmxOkItJ9tkoCiplvAnXI1tNmmUD/eScyA==", - "optional": true - }, "nconf": { "version": "0.10.0", "resolved": "https://registry.npmjs.org/nconf/-/nconf-0.10.0.tgz", @@ -7665,9 +7630,9 @@ "integrity": "sha512-Ts1Y/anZELhSsjMcU605fU9RE4Oi3p5ORujwbIKXfWa+0Zxs510Qrmrce5/Jowq3cHSZSJqBjypxmHarc+vEWg==" }, "regexp-clone": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/regexp-clone/-/regexp-clone-0.0.1.tgz", - "integrity": "sha1-p8LgmJH9vzj7sQ03b7cwA+aKxYk=" + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/regexp-clone/-/regexp-clone-1.0.0.tgz", + "integrity": "sha512-TuAasHQNamyyJ2hb97IuBEif4qBHGjPHBS64sZwytpLEqtBQ1gPJTnOaQ6qmpET16cK14kkjbazl6+p0RRv0yw==" }, "registry-auth-token": { "version": "3.4.0", @@ -8009,6 +7974,11 @@ "jsonify": "~0.0.0" } }, + "sift": { + "version": "13.5.2", + "resolved": "https://registry.npmjs.org/sift/-/sift-13.5.2.tgz", + "integrity": "sha512-+gxdEOMA2J+AI+fVsCqeNn7Tgx3M9ZN9jdi95939l1IJ8cZsqS8sqpJyOkic2SJk+1+98Uwryt/gL6XDaV+UZA==" + }, "signal-exit": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.2.tgz", @@ -8021,9 +7991,9 @@ "dev": true }, "sliced": { - "version": "0.0.5", - "resolved": "https://registry.npmjs.org/sliced/-/sliced-0.0.5.tgz", - "integrity": "sha1-XtwETKTrb3gW1Qui/GPiXY/kcH8=" + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/sliced/-/sliced-1.0.1.tgz", + "integrity": "sha1-CzpmK10Ewxd7GSa+qCsD+Dei70E=" }, "smart-buffer": { "version": "4.1.0", @@ -8996,7 +8966,8 @@ "string_decoder": { "version": "0.10.31", "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", - "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=" + "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=", + "dev": true }, "strip-ansi": { "version": "3.0.1", @@ -9463,6 +9434,14 @@ } } }, + "tr46": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-3.0.0.tgz", + "integrity": "sha512-l7FvfAHlcmulp8kr+flpQZmVwtu7nfRV7NZujtN0OqES8EL4O4e0qqzL0DC5gAvx/ZC/9lk6rhcUwYvkBnBnYA==", + "requires": { + "punycode": "^2.1.1" + } + }, "tree-kill": { "version": "1.2.2", "resolved": "https://registry.npmjs.org/tree-kill/-/tree-kill-1.2.2.tgz", @@ -9908,6 +9887,20 @@ "foreachasync": "^3.0.0" } }, + "webidl-conversions": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-7.0.0.tgz", + "integrity": "sha512-VwddBukDzu71offAQR975unBIGqfKZpM+8ZX6ySk8nYhVoo5CYaZyzt3YBvYtRtO+aoGlqxPg/B87NGVZ/fu6g==" + }, + "whatwg-url": { + "version": "11.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-11.0.0.tgz", + "integrity": "sha512-RKT8HExMpoYx4igMiVMY83lN6UeITKJlBQ+vR/8ZJ8OCdSiN3RwCq+9gH0+Xzj0+5IrM6i4j/6LuvzbZIQgEcQ==", + "requires": { + "tr46": "^3.0.0", + "webidl-conversions": "^7.0.0" + } + }, "which": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", diff --git a/package.json b/package.json index 23795fb4736..1f86c0badd9 100644 --- a/package.json +++ b/package.json @@ -36,7 +36,7 @@ "method-override": "latest", "moment": "2.15.1", "mongodb": "^3.5.9", - "mongoose": "4.2.4", + "mongoose": "6.1.7", "morgan": "latest", "ms": "^0.7.1", "mysql": "^2.18.1",