From a86bcb0a8a62407f431138a29606aa2223f4b827 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:41:16 -0500 Subject: [PATCH 01/25] Add .circleci/config.yml --- .circleci/config.yml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 00000000000..bb68f37ad27 --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,38 @@ +version: 2.1 +orbs: + snyk: snyk/snyk@0.0.8 + +jobs: # a collection of steps + build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + working_directory: ~/goof + docker: + - image: circleci/node@3.0.0 + steps: + - run: + name: echo "install and build npm project" + command: 'npm install' + - run: + name: echo "build project" + command: 'npm run build' + #- run: + # name: echo "build Docker image" + # command: 'docker build -t my-new-container-goof-image .' + + - snyk/scan: + fail-on-issues: false + monitor-on-build: true + token-variable: SNYKTOKEN + organization: panda-not-omar + project: circleCi-dotnet-goof + severity-threshold: high + +#workflows: + #node-tests: + #jobs: + # - node/test + #- snyk/scan: + # fail-on-issues: false + # monitor-on-build: true + # token-variable: SNYKTOKEN + # organization: panda-not-omar + # project: circleCi-dotnet-goof \ No newline at end of file From 78a80e3be2a035d99021011ed9e5653af73ef313 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:42:59 -0500 Subject: [PATCH 02/25] Updated config.yml --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index bb68f37ad27..797edeaf68f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -6,7 +6,7 @@ jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof docker: - - image: circleci/node@3.0.0 + - image: circleci/node:4.8.2 steps: - run: name: echo "install and build npm project" @@ -25,7 +25,7 @@ jobs: # a collection of steps organization: panda-not-omar project: circleCi-dotnet-goof severity-threshold: high - + workflows: null #workflows: #node-tests: #jobs: From 947b2e626577f4efffb634ebcfbc01d9d20e5845 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:45:53 -0500 Subject: [PATCH 03/25] Updated config.yml --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 797edeaf68f..2309864fdbe 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -10,7 +10,7 @@ jobs: # a collection of steps steps: - run: name: echo "install and build npm project" - command: 'npm install' + command: 'sudo npm install' - run: name: echo "build project" command: 'npm run build' @@ -23,7 +23,7 @@ jobs: # a collection of steps monitor-on-build: true token-variable: SNYKTOKEN organization: panda-not-omar - project: circleCi-dotnet-goof + project: circleCi-goof severity-threshold: high workflows: null #workflows: From 1e7b1740d27b53de18b907257c76e0078a6e3a01 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:49:02 -0500 Subject: [PATCH 04/25] Updated config.yml --- .circleci/config.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2309864fdbe..5dddf8198fa 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -7,10 +7,11 @@ jobs: # a collection of steps working_directory: ~/goof docker: - image: circleci/node:4.8.2 - steps: + steps: + - checkout - run: name: echo "install and build npm project" - command: 'sudo npm install' + command: 'sudo npm install -g npm@latest' - run: name: echo "build project" command: 'npm run build' From 01383b46f6a7bd35a35345d30bd551bf246d4aab Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:52:00 -0500 Subject: [PATCH 05/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 5dddf8198fa..40dba8a64ac 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -11,7 +11,7 @@ jobs: # a collection of steps - checkout - run: name: echo "install and build npm project" - command: 'sudo npm install -g npm@latest' + command: 'sudo npm install -q' - run: name: echo "build project" command: 'npm run build' From 2c54c9fe2764743d39b9f8dffc63ca092dfcff0b Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:13:10 -0500 Subject: [PATCH 06/25] Updated config.yml --- .circleci/config.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 40dba8a64ac..0825bc46073 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,6 +2,11 @@ version: 2.1 orbs: snyk: snyk/snyk@0.0.8 +workflows: + test-env-vars: + jobs: + - build: + context: Snyk # has an env var called Snyk-Token jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof @@ -18,7 +23,7 @@ jobs: # a collection of steps #- run: # name: echo "build Docker image" # command: 'docker build -t my-new-container-goof-image .' - + - snyk/scan: fail-on-issues: false monitor-on-build: true @@ -26,7 +31,7 @@ jobs: # a collection of steps organization: panda-not-omar project: circleCi-goof severity-threshold: high - workflows: null + #workflows: #node-tests: #jobs: From efef4c3ebb7573b0c42afe7563643727af65d8fb Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:32:36 -0500 Subject: [PATCH 07/25] Updated Config.yml with container scan --- .circleci/config.yml | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 0825bc46073..d97af85ae35 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,10 +2,10 @@ version: 2.1 orbs: snyk: snyk/snyk@0.0.8 -workflows: - test-env-vars: +workflows: #creating a workflow to define the context - collection of different jobs + test-env-vars: #setting up a job to define the context which this project will use jobs: - - build: + - build: #building the relevant context context: Snyk # has an env var called Snyk-Token jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run @@ -23,7 +23,6 @@ jobs: # a collection of steps #- run: # name: echo "build Docker image" # command: 'docker build -t my-new-container-goof-image .' - - snyk/scan: fail-on-issues: false monitor-on-build: true @@ -31,7 +30,30 @@ jobs: # a collection of steps organization: panda-not-omar project: circleCi-goof severity-threshold: high - + + jobs: # a collection of steps + build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + working_directory: ~/goof + docker: + - image: circleci/buildpack-deps:stretch + environment: + IMAGE_NAME: akanchhaS/goof + steps: + - checkout + - setup_remote_docker + - run: + name: echo "Build Docker image" + command: 'docker build -t my-new-container-circleCI-goof-image .' + - snyk/scan: + fail-on-issues: false + monitor-on-build: true + token-variable: SNYKTOKEN + organization: panda-not-omar + project: circleCi-goof-container + severity-threshold: low + target-file: Dockerfile + docker-image-name: my-new-container-circleCI-goof-image + #workflows: #node-tests: #jobs: From 43d561e2caa60165b49c1cfef00e59eac5bca9ef Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:36:16 -0500 Subject: [PATCH 08/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index d97af85ae35..150f8403166 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -33,7 +33,7 @@ jobs: # a collection of steps jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run - working_directory: ~/goof + #working_directory: ~/goof docker: - image: circleci/buildpack-deps:stretch environment: From 0fd541e629f42567822dd21f5cc16dc3a5663c7c Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:43:56 -0500 Subject: [PATCH 09/25] Updated config.yml --- .circleci/config.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 150f8403166..0b73b687d78 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -5,10 +5,14 @@ orbs: workflows: #creating a workflow to define the context - collection of different jobs test-env-vars: #setting up a job to define the context which this project will use jobs: - - build: #building the relevant context + - build-test-monitor-app: #building the relevant context context: Snyk # has an env var called Snyk-Token + - build-test-monitor-docker: + context: Snyk + + jobs: # a collection of steps - build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + build-test-monitor-app: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof docker: - image: circleci/node:4.8.2 @@ -31,8 +35,8 @@ jobs: # a collection of steps project: circleCi-goof severity-threshold: high - jobs: # a collection of steps - build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + + build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - image: circleci/buildpack-deps:stretch From 66fcbff47f745ef79cc6527ffb5d7a14b9e4089e Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:51:59 -0500 Subject: [PATCH 10/25] Updated config.yml --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 0b73b687d78..378a7a17495 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -47,7 +47,7 @@ jobs: # a collection of steps - setup_remote_docker - run: name: echo "Build Docker image" - command: 'docker build -t my-new-container-circleCI-goof-image .' + command: 'docker build -t my-new-container-circleci-goof-image .' - snyk/scan: fail-on-issues: false monitor-on-build: true @@ -56,7 +56,7 @@ jobs: # a collection of steps project: circleCi-goof-container severity-threshold: low target-file: Dockerfile - docker-image-name: my-new-container-circleCI-goof-image + docker-image-name: my-new-container-circleci-goof-image #workflows: #node-tests: From 7f66a29c84060e5a6e3d92b3a2742960716b1a49 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:13:34 +0530 Subject: [PATCH 11/25] Add .circleci/config.yml --- .circleci/config.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 378a7a17495..46317f5233c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,6 +1,6 @@ version: 2.1 orbs: - snyk: snyk/snyk@0.0.8 + snyk: snyk/snyk@1.1.1 workflows: #creating a workflow to define the context - collection of different jobs test-env-vars: #setting up a job to define the context which this project will use @@ -31,7 +31,7 @@ jobs: # a collection of steps fail-on-issues: false monitor-on-build: true token-variable: SNYKTOKEN - organization: panda-not-omar + organization: ninja-snyker project: circleCi-goof severity-threshold: high @@ -52,7 +52,7 @@ jobs: # a collection of steps fail-on-issues: false monitor-on-build: true token-variable: SNYKTOKEN - organization: panda-not-omar + organization: ninja-snyker project: circleCi-goof-container severity-threshold: low target-file: Dockerfile From f1ee77cc14c6fb74c2ce0dafe8ab50ac5f4d3721 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:15:37 +0530 Subject: [PATCH 12/25] Add .circleci/config.yml From 604222629c5153914c70b8b6010a427643f4b4ba Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:18:13 +0530 Subject: [PATCH 13/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 46317f5233c..2a81c7e75b3 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -20,7 +20,7 @@ jobs: # a collection of steps - checkout - run: name: echo "install and build npm project" - command: 'sudo npm install -q' + command: 'sudo npm install -g' - run: name: echo "build project" command: 'npm run build' From 121a0fc65e73992f44567562ee28256aa013b47a Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:21:44 +0530 Subject: [PATCH 14/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2a81c7e75b3..2e3c9fcf105 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -20,7 +20,7 @@ jobs: # a collection of steps - checkout - run: name: echo "install and build npm project" - command: 'sudo npm install -g' + command: 'npm install -g' - run: name: echo "build project" command: 'npm run build' From 2da23a71d45c830119f924dec99cb44f02f4de27 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:30:34 +0530 Subject: [PATCH 15/25] Updated config.yml --- .circleci/config.yml | 34 +++++++++++++++++++++------------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2e3c9fcf105..56ad7590e14 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -15,19 +15,11 @@ jobs: # a collection of steps build-test-monitor-app: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof docker: - - image: circleci/node:4.8.2 + - image: 'cimg/node:lts' steps: - - checkout - - run: - name: echo "install and build npm project" - command: 'npm install -g' - - run: - name: echo "build project" - command: 'npm run build' - #- run: - # name: echo "build Docker image" - # command: 'docker build -t my-new-container-goof-image .' - - snyk/scan: + - checkout + - run: npm ci + - snyk/scan: fail-on-issues: false monitor-on-build: true token-variable: SNYKTOKEN @@ -39,7 +31,7 @@ jobs: # a collection of steps build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - - image: circleci/buildpack-deps:stretch + - image: cimg/buildpack-deps:stretch environment: IMAGE_NAME: akanchhaS/goof steps: @@ -57,6 +49,22 @@ jobs: # a collection of steps severity-threshold: low target-file: Dockerfile docker-image-name: my-new-container-circleci-goof-image +docker: + - image: 'snyk/snyk-cli:npm' +parameters: + args: + default: '' + description: > + See the Snyk CLI help page for information on additional arguments: + https://support.snyk.io/hc/en-us/articles/360003812578-CLI-reference + type: string +resource_class: medium +steps: + - checkout + - scan: + additional-arguments: ' ' + command: iac test + monitor-on-build: false #workflows: #node-tests: From 103d8aff5638097d18db0f473afb2d2d352c97b4 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:32:50 +0530 Subject: [PATCH 16/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 56ad7590e14..a1358ef299b 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -31,7 +31,7 @@ jobs: # a collection of steps build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - - image: cimg/buildpack-deps:stretch + - image: circleci/buildpack-deps:stretch environment: IMAGE_NAME: akanchhaS/goof steps: From c2d60aecf59dd140f76b188fd42886163e67c82a Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:56:18 +0530 Subject: [PATCH 17/25] Made it alpine image --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 811932ff6b8..04d10105b9e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # FROM node:6-stretch -FROM node:14.1.0 +FROM node:current-alpine3.14 RUN mkdir /usr/src/goof RUN mkdir /tmp/extracted_files From 40915b85f3a459aa8134db79e54783170ecc79ec Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 04:08:25 +0530 Subject: [PATCH 18/25] Update Dockerfile --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 04d10105b9e..496480177a1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,7 @@ # FROM node:6-stretch FROM node:current-alpine3.14 +RUN mkdir /usr/src RUN mkdir /usr/src/goof RUN mkdir /tmp/extracted_files COPY . /usr/src/goof From 55383d738d9e32f33e9884dea4e2e63b16d613c0 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 04:10:51 +0530 Subject: [PATCH 19/25] Updated config.yml --- .circleci/config.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index a1358ef299b..9130edd2e40 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -49,6 +49,7 @@ jobs: # a collection of steps severity-threshold: low target-file: Dockerfile docker-image-name: my-new-container-circleci-goof-image + install-alpine-dependencies: true docker: - image: 'snyk/snyk-cli:npm' parameters: From 4a4df847a9a4a994fb8a8046d7ec3bfebbfd5c63 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 19:51:53 +0530 Subject: [PATCH 20/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 9130edd2e40..ecc936fb58d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -31,7 +31,7 @@ jobs: # a collection of steps build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - - image: circleci/buildpack-deps:stretch + - image: node:current-alpine3.14 environment: IMAGE_NAME: akanchhaS/goof steps: From e9c942179ed997a303fc86ba37ff947ccda47c66 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 19:54:34 +0530 Subject: [PATCH 21/25] Updated config.yml --- .circleci/config.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index ecc936fb58d..198af38ae92 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -31,7 +31,7 @@ jobs: # a collection of steps build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - - image: node:current-alpine3.14 + - image: docker:19.03.13 environment: IMAGE_NAME: akanchhaS/goof steps: @@ -41,6 +41,7 @@ jobs: # a collection of steps name: echo "Build Docker image" command: 'docker build -t my-new-container-circleci-goof-image .' - snyk/scan: + os: alpine fail-on-issues: false monitor-on-build: true token-variable: SNYKTOKEN From 235a45193b0fce074fcb156eee23fdb629d0c5cb Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Fri, 17 Sep 2021 00:01:57 +0530 Subject: [PATCH 22/25] Updated config.yml --- .circleci/config.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 198af38ae92..a1358ef299b 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -31,7 +31,7 @@ jobs: # a collection of steps build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - - image: docker:19.03.13 + - image: circleci/buildpack-deps:stretch environment: IMAGE_NAME: akanchhaS/goof steps: @@ -41,7 +41,6 @@ jobs: # a collection of steps name: echo "Build Docker image" command: 'docker build -t my-new-container-circleci-goof-image .' - snyk/scan: - os: alpine fail-on-issues: false monitor-on-build: true token-variable: SNYKTOKEN @@ -50,7 +49,6 @@ jobs: # a collection of steps severity-threshold: low target-file: Dockerfile docker-image-name: my-new-container-circleci-goof-image - install-alpine-dependencies: true docker: - image: 'snyk/snyk-cli:npm' parameters: From bd75be2bfbfa513887993724888137abe2d1c9ed Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Fri, 17 Sep 2021 00:06:37 +0530 Subject: [PATCH 23/25] Add .circleci/config.yml --- .circleci/config.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index a1358ef299b..ffcf77b10e7 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -49,6 +49,8 @@ jobs: # a collection of steps severity-threshold: low target-file: Dockerfile docker-image-name: my-new-container-circleci-goof-image + +build-test-monitor-iac: docker: - image: 'snyk/snyk-cli:npm' parameters: From da00ff724e70db7e58ee761c3513687b5dfd3f75 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Fri, 17 Sep 2021 00:07:39 +0530 Subject: [PATCH 24/25] Add .circleci/config.yml --- .circleci/config.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index ffcf77b10e7..c63c469088c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -49,7 +49,6 @@ jobs: # a collection of steps severity-threshold: low target-file: Dockerfile docker-image-name: my-new-container-circleci-goof-image - build-test-monitor-iac: docker: - image: 'snyk/snyk-cli:npm' From 09281f21d26c4b0612144cb7502d8426962fb973 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 26 Apr 2022 00:27:37 +0000 Subject: [PATCH 25/25] feat: upgrade mongoose from 4.2.4 to 6.2.10 Snyk has created this PR to upgrade mongoose from 4.2.4 to 6.2.10. See this package in npm: https://www.npmjs.com/package/mongoose See this project in Snyk: https://app.snyk.io/org/panda-co/project/ebfb2282-581e-4b1b-afb0-8a0e07b1b540?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 256 ++++++++++++++++++++++------------------------ package.json | 2 +- 2 files changed, 125 insertions(+), 133 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9a27820a7a2..d7856b58e31 100644 --- a/package-lock.json +++ b/package-lock.json @@ -174,8 +174,7 @@ "@types/node": { "version": "13.1.7", "resolved": "https://registry.npmjs.org/@types/node/-/node-13.1.7.tgz", - "integrity": "sha512-HU0q9GXazqiKwviVxg9SI/+t/nAsGkvLDkIdxz+ObejG2nX6Si00TeLqHMoS+a/1tjH7a8YpKVQwtgHuMQsldg==", - "dev": true + "integrity": "sha512-HU0q9GXazqiKwviVxg9SI/+t/nAsGkvLDkIdxz+ObejG2nX6Si00TeLqHMoS+a/1tjH7a8YpKVQwtgHuMQsldg==" }, "@types/restify": { "version": "4.3.6", @@ -193,6 +192,20 @@ "integrity": "sha512-41qEJgBH/TWgo5NFSvBCJ1qkoi3Q6ONSF2avrHq1LVEZfYpdHmj0y9SuTK+u9ZhG1sYQKBL1AWXKyLWP4RaUoQ==", "dev": true }, + "@types/webidl-conversions": { + "version": "6.1.1", + "resolved": "https://registry.npmjs.org/@types/webidl-conversions/-/webidl-conversions-6.1.1.tgz", + "integrity": "sha512-XAahCdThVuCFDQLT7R7Pk/vqeObFNL3YqRyFZg+AqAP/W1/w3xHaIxuW7WszQqTbIBOPRcItYJIou3i/mppu3Q==" + }, + "@types/whatwg-url": { + "version": "8.2.1", + "resolved": "https://registry.npmjs.org/@types/whatwg-url/-/whatwg-url-8.2.1.tgz", + "integrity": "sha512-2YubE1sjj5ifxievI5Ge1sckb9k/Er66HyR2c+3+I6VDUUg1TLPdYYTEbQ+DjRkS4nTxMJhgWfSfMRD2sl2EYQ==", + "requires": { + "@types/node": "*", + "@types/webidl-conversions": "*" + } + }, "@types/xml2js": { "version": "0.4.3", "resolved": "https://registry.npmjs.org/@types/xml2js/-/xml2js-0.4.3.tgz", @@ -444,11 +457,6 @@ "integrity": "sha512-uWMHxJxtfj/1oZClOxDEV1sQ1HCDkA4MG8Gr69KKeBjEVH0R84WlejZ0y2DcwyBlpAEMltmVYkVgqfLFb2oyiA==", "dev": true }, - "async": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/async/-/async-0.9.0.tgz", - "integrity": "sha1-rDYTsdqb7RtHUQu0ZRuJMeRxRsc=" - }, "async-cache": { "version": "0.1.5", "resolved": "https://registry.npmjs.org/async-cache/-/async-cache-0.1.5.tgz", @@ -843,9 +851,28 @@ } }, "bson": { - "version": "0.4.23", - "resolved": "https://registry.npmjs.org/bson/-/bson-0.4.23.tgz", - "integrity": "sha1-5louPHUH/63kEJvHV1p25Q+NqRU=" + "version": "4.6.3", + "resolved": "https://registry.npmjs.org/bson/-/bson-4.6.3.tgz", + "integrity": "sha512-rAqP5hcUVJhXP2MCSNVsf0oM2OGU1So6A9pVRDYayvJ5+hygXHQApf87wd5NlhPM1J9RJnbqxIG/f8QTzRoQ4A==", + "requires": { + "buffer": "^5.6.0" + }, + "dependencies": { + "base64-js": { + "version": "1.5.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==" + }, + "buffer": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", + "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "requires": { + "base64-js": "^1.3.1", + "ieee754": "^1.1.13" + } + } + } }, "buffer": { "version": "4.9.1", @@ -1917,11 +1944,6 @@ "escape-html": "1.0.1" } }, - "es6-promise": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-2.1.1.tgz", - "integrity": "sha1-A+jzxyl5KOVHjWqx0GQyUVB73t0=" - }, "es6-promisify": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/es6-promisify/-/es6-promisify-5.0.0.tgz", @@ -2793,11 +2815,6 @@ "minimalistic-crypto-utils": "^1.0.1" } }, - "hooks-fixed": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/hooks-fixed/-/hooks-fixed-1.1.0.tgz", - "integrity": "sha1-DowVM2cI5mERhf45C0RofdUjDbs=" - }, "hosted-git-info": { "version": "2.8.5", "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.5.tgz", @@ -3114,8 +3131,7 @@ "ip": { "version": "1.1.5", "resolved": "https://registry.npmjs.org/ip/-/ip-1.1.5.tgz", - "integrity": "sha1-vd7XARQpCCjAoDnnLvJfWq7ENUo=", - "dev": true + "integrity": "sha1-vd7XARQpCCjAoDnnLvJfWq7ENUo=" }, "ipaddr.js": { "version": "1.0.5", @@ -3271,7 +3287,8 @@ "isarray": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", - "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=" + "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=", + "dev": true }, "isexe": { "version": "2.0.0", @@ -3420,18 +3437,9 @@ } }, "kareem": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/kareem/-/kareem-1.0.1.tgz", - "integrity": "sha1-eAXSFbtTIU7Dr5aaHQsfF+PnuVw=" - }, - "kerberos": { - "version": "0.0.24", - "resolved": "https://registry.npmjs.org/kerberos/-/kerberos-0.0.24.tgz", - "integrity": "sha512-QO6bFq9eETHB5zcA0OJiQtw137TH45OuUcGtI+QGg2ZJQIPCvwXL2kjCqZZMColcIdbPhj4X40EY5f3oOiBfiw==", - "optional": true, - "requires": { - "nan": "~2.10.0" - } + "version": "2.3.5", + "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.3.5.tgz", + "integrity": "sha512-qxCyQtp3ioawkiRNQr/v8xw9KIviMSSNmy+63Wubj7KmMn3g7noRXIZB4vPCAP+ETi2SR8eH6CvmlKZuGpoHOg==" }, "keyv": { "version": "3.1.0", @@ -3877,58 +3885,63 @@ } } }, - "mongodb-core": { - "version": "1.2.19", - "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-1.2.19.tgz", - "integrity": "sha1-/LNfa2q8XD3h8aSl21JrnjBvPrc=", + "mongodb-connection-string-url": { + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/mongodb-connection-string-url/-/mongodb-connection-string-url-2.5.2.tgz", + "integrity": "sha512-tWDyIG8cQlI5k3skB6ywaEA5F9f5OntrKKsT/Lteub2zgwSUlhqEN2inGgBTm8bpYJf8QYBdA/5naz65XDpczA==", "requires": { - "bson": "~0.4.19", - "kerberos": "~0.0" + "@types/whatwg-url": "^8.2.1", + "whatwg-url": "^11.0.0" } }, "mongoose": { - "version": "4.2.4", - "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-4.2.4.tgz", - "integrity": "sha1-4vjAB92Dj2YztPbJZbqSojKskxc=", - "requires": { - "async": "0.9.0", - "bson": "~0.4.18", - "hooks-fixed": "1.1.0", - "kareem": "1.0.1", - "mongodb": "2.0.46", - "mpath": "0.1.1", - "mpromise": "0.5.4", - "mquery": "1.6.3", - "ms": "0.7.1", - "muri": "1.0.0", - "regexp-clone": "0.0.1", - "sliced": "0.0.5" + "version": "6.2.10", + "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-6.2.10.tgz", + "integrity": "sha512-Yp+6UH5M0AlxAVGdC2/Deq0St+2qW73oKCnhJDr83bOZ12eflTLTT5uQF0p6KzvtFj86XWbq/7ApvO4yW6h1sA==", + "requires": { + "bson": "^4.2.2", + "kareem": "2.3.5", + "mongodb": "4.3.1", + "mpath": "0.8.4", + "mquery": "4.0.2", + "ms": "2.1.3", + "sift": "16.0.0" }, "dependencies": { + "denque": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/denque/-/denque-2.0.1.tgz", + "integrity": "sha512-tfiWc6BQLXNLpNiR5iGd0Ocu3P3VpxfzFiqubLgMfhfOw9WyvgJBd46CClNn9k3qfbjvT//0cf7AlYRX/OslMQ==" + }, "mongodb": { - "version": "2.0.46", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-2.0.46.tgz", - "integrity": "sha1-sbhXRl5F4lmx4OAzaYNBpky5NVk=", + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.3.1.tgz", + "integrity": "sha512-sNa8APSIk+r4x31ZwctKjuPSaeKuvUeNb/fu/3B6dRM02HpEgig7hTHM8A/PJQTlxuC/KFWlDlQjhsk/S43tBg==", "requires": { - "es6-promise": "2.1.1", - "mongodb-core": "1.2.19", - "readable-stream": "1.0.31" + "bson": "^4.6.1", + "denque": "^2.0.1", + "mongodb-connection-string-url": "^2.4.1", + "saslprep": "^1.0.3", + "socks": "^2.6.1" } }, "ms": { - "version": "0.7.1", - "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz", - "integrity": "sha1-nNE8A62/8ltl7/3nzoZO6VIBcJg=" + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" }, - "readable-stream": { - "version": "1.0.31", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.31.tgz", - "integrity": "sha1-jyUC4LyeOw2huUUgqrtOJgPsr64=", + "smart-buffer": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", + "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==" + }, + "socks": { + "version": "2.6.2", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.6.2.tgz", + "integrity": "sha512-zDZhHhZRY9PxRruRMR7kMhnf3I8hDs4S3f9RecfnGxvcBHQcKcIH/oUcEWffsfl1XxdYlA7nnlGbbTvPz9D8gA==", "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.1", - "isarray": "0.0.1", - "string_decoder": "~0.10.x" + "ip": "^1.1.5", + "smart-buffer": "^4.2.0" } } } @@ -3979,44 +3992,16 @@ } }, "mpath": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/mpath/-/mpath-0.1.1.tgz", - "integrity": "sha1-I9qFK3wjLuCX9HWdKcDunNItXkY=" - }, - "mpromise": { - "version": "0.5.4", - "resolved": "https://registry.npmjs.org/mpromise/-/mpromise-0.5.4.tgz", - "integrity": "sha1-thBhPsbeN0GflEs18Hg7Ten13HU=" + "version": "0.8.4", + "resolved": "https://registry.npmjs.org/mpath/-/mpath-0.8.4.tgz", + "integrity": "sha512-DTxNZomBcTWlrMW76jy1wvV37X/cNNxPW1y2Jzd4DZkAaC5ZGsm8bfGfNOthcDuRJujXLqiuS6o3Tpy0JEoh7g==" }, "mquery": { - "version": "1.6.3", - "resolved": "https://registry.npmjs.org/mquery/-/mquery-1.6.3.tgz", - "integrity": "sha1-fAK/t+ScgBLOzhVWxeZf72HzyOU=", - "requires": { - "bluebird": "2.9.26", - "debug": "2.2.0", - "regexp-clone": "0.0.1", - "sliced": "0.0.5" - }, - "dependencies": { - "bluebird": { - "version": "2.9.26", - "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-2.9.26.tgz", - "integrity": "sha1-Nidy6k0J9VakufO2TC/RNuh+OlU=" - }, - "debug": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.2.0.tgz", - "integrity": "sha1-+HBX6ZWxofauaklgZkE3vFbwOdo=", - "requires": { - "ms": "0.7.1" - } - }, - "ms": { - "version": "0.7.1", - "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.1.tgz", - "integrity": "sha1-nNE8A62/8ltl7/3nzoZO6VIBcJg=" - } + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/mquery/-/mquery-4.0.2.tgz", + "integrity": "sha512-oAVF0Nil1mT3rxty6Zln4YiD6x6QsUWYz927jZzjMxOK2aqmhEz5JQ7xmrKK7xRFA2dwV+YaOpKU/S+vfNqKxA==", + "requires": { + "debug": "4.x" } }, "ms": { @@ -4024,11 +4009,6 @@ "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.3.tgz", "integrity": "sha1-cIFVpeROM/X9D8U+gdDUCpG+H/8=" }, - "muri": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/muri/-/muri-1.0.0.tgz", - "integrity": "sha1-3jv2vXHWfq5x12aJuVDS3hGGlcY=" - }, "mute-stream": { "version": "0.0.7", "resolved": "https://registry.npmjs.org/mute-stream/-/mute-stream-0.0.7.tgz", @@ -4056,12 +4036,6 @@ "thenify-all": "^1.0.0" } }, - "nan": { - "version": "2.10.0", - "resolved": "https://registry.npmjs.org/nan/-/nan-2.10.0.tgz", - "integrity": "sha512-bAdJv7fBLhWC+/Bls0Oza+mvTaNQtP+1RyhhhvD95pgUJz6XM5IzgmxOkItJ9tkoCiplvAnXI1tNmmUD/eScyA==", - "optional": true - }, "nconf": { "version": "0.10.0", "resolved": "https://registry.npmjs.org/nconf/-/nconf-0.10.0.tgz", @@ -7664,11 +7638,6 @@ "resolved": "https://registry.npmjs.org/reflect-metadata/-/reflect-metadata-0.1.13.tgz", "integrity": "sha512-Ts1Y/anZELhSsjMcU605fU9RE4Oi3p5ORujwbIKXfWa+0Zxs510Qrmrce5/Jowq3cHSZSJqBjypxmHarc+vEWg==" }, - "regexp-clone": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/regexp-clone/-/regexp-clone-0.0.1.tgz", - "integrity": "sha1-p8LgmJH9vzj7sQ03b7cwA+aKxYk=" - }, "registry-auth-token": { "version": "3.4.0", "resolved": "https://registry.npmjs.org/registry-auth-token/-/registry-auth-token-3.4.0.tgz", @@ -8009,6 +7978,11 @@ "jsonify": "~0.0.0" } }, + "sift": { + "version": "16.0.0", + "resolved": "https://registry.npmjs.org/sift/-/sift-16.0.0.tgz", + "integrity": "sha512-ILTjdP2Mv9V1kIxWMXeMTIRbOBrqKc4JAXmFMnFq3fKeyQ2Qwa3Dw1ubcye3vR+Y6ofA0b9gNDr/y2t6eUeIzQ==" + }, "signal-exit": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.2.tgz", @@ -8020,11 +7994,6 @@ "integrity": "sha1-c0TLuLbib7J9ZrL8hvn21Zl1IcY=", "dev": true }, - "sliced": { - "version": "0.0.5", - "resolved": "https://registry.npmjs.org/sliced/-/sliced-0.0.5.tgz", - "integrity": "sha1-XtwETKTrb3gW1Qui/GPiXY/kcH8=" - }, "smart-buffer": { "version": "4.1.0", "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.1.0.tgz", @@ -8996,7 +8965,8 @@ "string_decoder": { "version": "0.10.31", "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", - "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=" + "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=", + "dev": true }, "strip-ansi": { "version": "3.0.1", @@ -9463,6 +9433,14 @@ } } }, + "tr46": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-3.0.0.tgz", + "integrity": "sha512-l7FvfAHlcmulp8kr+flpQZmVwtu7nfRV7NZujtN0OqES8EL4O4e0qqzL0DC5gAvx/ZC/9lk6rhcUwYvkBnBnYA==", + "requires": { + "punycode": "^2.1.1" + } + }, "tree-kill": { "version": "1.2.2", "resolved": "https://registry.npmjs.org/tree-kill/-/tree-kill-1.2.2.tgz", @@ -9908,6 +9886,20 @@ "foreachasync": "^3.0.0" } }, + "webidl-conversions": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-7.0.0.tgz", + "integrity": "sha512-VwddBukDzu71offAQR975unBIGqfKZpM+8ZX6ySk8nYhVoo5CYaZyzt3YBvYtRtO+aoGlqxPg/B87NGVZ/fu6g==" + }, + "whatwg-url": { + "version": "11.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-11.0.0.tgz", + "integrity": "sha512-RKT8HExMpoYx4igMiVMY83lN6UeITKJlBQ+vR/8ZJ8OCdSiN3RwCq+9gH0+Xzj0+5IrM6i4j/6LuvzbZIQgEcQ==", + "requires": { + "tr46": "^3.0.0", + "webidl-conversions": "^7.0.0" + } + }, "which": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", diff --git a/package.json b/package.json index 23795fb4736..7725778f26f 100644 --- a/package.json +++ b/package.json @@ -36,7 +36,7 @@ "method-override": "latest", "moment": "2.15.1", "mongodb": "^3.5.9", - "mongoose": "4.2.4", + "mongoose": "6.2.10", "morgan": "latest", "ms": "^0.7.1", "mysql": "^2.18.1",