diff --git a/.github/actions/action_tests/action.yaml b/.github/actions/action_tests/action.yaml index ec3ba71eb..faac5b6c3 100644 --- a/.github/actions/action_tests/action.yaml +++ b/.github/actions/action_tests/action.yaml @@ -79,7 +79,7 @@ runs: with: junit-paths: junit.xml org-slug: trunk-staging-org - token: ${{ inputs.trunk-token }} + token: ${{ inputs.trunk-staging-token }} continue-on-error: true env: TRUNK_PUBLIC_API_ADDRESS: https://api.trunk-staging.io diff --git a/.github/actions/linter_tests/action.yaml b/.github/actions/linter_tests/action.yaml index 81a9c9f7f..43bc45381 100644 --- a/.github/actions/linter_tests/action.yaml +++ b/.github/actions/linter_tests/action.yaml @@ -128,7 +128,7 @@ runs: with: junit-paths: junit.xml org-slug: trunk-staging-org - token: ${{ inputs.trunk-token }} + token: ${{ inputs.trunk-staging-token }} continue-on-error: true env: TRUNK_PUBLIC_API_ADDRESS: https://api.trunk-staging.io diff --git a/.github/actions/tool_tests/action.yaml b/.github/actions/tool_tests/action.yaml index 795670be7..598f8c7cd 100644 --- a/.github/actions/tool_tests/action.yaml +++ b/.github/actions/tool_tests/action.yaml @@ -96,7 +96,7 @@ runs: with: junit-paths: junit.xml org-slug: trunk-staging-org - token: ${{ inputs.trunk-token }} + token: ${{ inputs.trunk-staging-token }} continue-on-error: true env: TRUNK_PUBLIC_API_ADDRESS: https://api.trunk-staging.io diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bdb0bfca6..7ef466e3b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,7 +34,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 # Override language selection by uncommenting this and choosing your languages with: languages: javascript @@ -42,7 +42,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/autobuild@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -56,4 +56,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml index 66966bfe8..9d8a80242 100644 --- a/.github/workflows/nightly.yaml +++ b/.github/workflows/nightly.yaml @@ -183,7 +183,7 @@ jobs: - name: Upload Test Outputs for Upload Job # Only upload results from latest. Always run, except when cancelled. if: (failure() || success()) && matrix.linter-version == 'Latest' - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ matrix.results-file }}-test-results path: ${{ matrix.results-file }}-res.json @@ -244,7 +244,7 @@ jobs: - name: Upload Test Outputs for Notification Job # Always run, except when cancelled. if: (failure() || success()) - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: tools-${{ matrix.results-file }}-test-results path: ${{ matrix.results-file }}-res.json diff --git a/.github/workflows/repo_tests.reusable.yaml b/.github/workflows/repo_tests.reusable.yaml index 843cc25f7..c3e28f4e2 100644 --- a/.github/workflows/repo_tests.reusable.yaml +++ b/.github/workflows/repo_tests.reusable.yaml @@ -28,7 +28,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Setup node - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: node-version: 18 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 9a0646763..cc4870873 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -57,7 +57,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: Upload artifact - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: SARIF file path: results.sarif @@ -65,6 +65,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: sarif_file: results.sarif diff --git a/.github/workflows/upload_results.reusable.yaml b/.github/workflows/upload_results.reusable.yaml index 28762ee5e..7e72f9b58 100644 --- a/.github/workflows/upload_results.reusable.yaml +++ b/.github/workflows/upload_results.reusable.yaml @@ -98,7 +98,7 @@ jobs: echo "::endgroup::" - name: Slack Notification For Missing Artifacts - uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 if: steps.download-ubuntu.outcome == 'failure' || steps.download-macos.outcome == 'failure' || steps.download-windows.outcome == 'failure' @@ -121,7 +121,7 @@ jobs: SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Setup Node - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: node-version: 18 @@ -181,7 +181,7 @@ jobs: # Slack notifications - name: Slack Notification For Failures - uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 if: always() && steps.parse.outputs.failures == 'true' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} @@ -190,7 +190,7 @@ jobs: SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Slack Notification For Staging Upload Failure - uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 if: inputs.upload-validated-versions == true && steps.upload-staging.outcome == 'failure' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} @@ -211,7 +211,7 @@ jobs: SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Slack Notification For Prod Upload Failure - uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 if: inputs.upload-validated-versions == true && steps.upload-prod.outcome == 'failure' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} @@ -241,7 +241,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Setup Node - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: node-version: 18 @@ -278,7 +278,7 @@ jobs: private_key: ${{ secrets.TRUNK_OPEN_PR_APP_PRIVATE_KEY }} - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@v7 with: title: Auto-add missing snapshots body: diff --git a/.gitignore b/.gitignore index 003c57f6f..026fd7db3 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,5 @@ node_modules/ # Typescript out/ + +junit.xml diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index 09055eb7a..981a8b5ec 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -2,7 +2,7 @@ version: 0.1 # version used for local trunk runs and testing cli: - version: 1.22.3-beta.33 + version: 1.22.6-beta.2 shell_hooks: enforce: true @@ -17,7 +17,7 @@ plugins: - id: configs uri: https://github.com/trunk-io/configs - ref: v1.0.7 + ref: v1.0.8 lint: files: @@ -42,11 +42,11 @@ lint: enabled: # enabled linters inherited from github.com/trunk-io/configs plugin - definition-checker - - eslint@9.9.0 + - eslint@9.11.1 + - trunk-toolbox@0.4.1 disabled: - pylint # pylint diagnostics are too strict - semgrep - - trivy # investigating issues with shared cachedir ignore: - linters: [ALL] diff --git a/README.md b/README.md index 3df95c43b..ad42f489a 100644 --- a/README.md +++ b/README.md @@ -38,59 +38,59 @@ Enable the following tools via: trunk check enable {linter} ``` -| Technology | Linters | -| --------------- | -------------------------------------------------------------------------------------------------------------------- | -| All | [codespell], [cspell], [gitleaks], [git-diff-check], [pre-commit-hooks], [trunk-toolbox], [vale] | -| Ansible | [ansible-lint] | -| Apex | [pmd] | -| Bash | [shellcheck], [shfmt] | -| Bazel, Starlark | [buildifier] | -| C, C++ | [clang-format], [clang-tidy], [include-what-you-use], [pragma-once] | -| C# | [dotnet-format] | -| CircleCI Config | [circleci] | -| Cloudformation | [cfnlint], [checkov] | -| CMake | [cmake-format] | -| CSS, SCSS | [stylelint], [prettier] | -| Cue | [cue-fmt] | -| Dart | [dart] | -| Docker | [hadolint], [checkov] | -| Dotenv | [dotenv-linter] | -| GitHub | [actionlint] | -| Go | [gofmt], [gofumpt], [goimports], [gokart], [golangci-lint], [golines], [semgrep] | -| GraphQL | [graphql-schema-linter], [prettier] | -| HAML | [haml-lint] | -| HTML Templates | [djlint] | -| Java | [google-java-format], [pmd], [semgrep] | -| Javascript | [biome], [deno], [eslint], [prettier], [rome], [semgrep] | -| JSON | [biome], [deno], [eslint], [prettier], [semgrep] | -| Kotlin | [detekt], [ktlint] | -| Kubernetes | [kube-linter] | -| Lua | [stylua] | -| Markdown | [deno], [markdownlint], [markdown-link-check], [markdown-table-prettify], [prettier], [remark-lint] | -| Nix | [nixpkgs-fmt] | -| package.json | [sort-package-json] | -| Perl | [perlcritic], [perltidy] | -| PHP | [php-cs-fixer], [phpstan] | -| PNG | [oxipng] | -| PowerShell | [psscriptanalyzer] | -| Prisma | [prisma] | -| Protobuf | [buf] (breaking, lint, and format), [clang-format], [clang-tidy] | -| Python | [autopep8], [bandit], [black], [flake8], [isort], [mypy], [pylint], [pyright], [semgrep], [yapf], [ruff], [sourcery] | -| Rego | [regal], [opa] | -| Renovate | [renovate] | -| Ruby | [brakeman], [rubocop], [rufo], [semgrep], [standardrb] | -| Rust | [clippy], [rustfmt] | -| Scala | [scalafmt] | -| Security | [checkov], [dustilock], [nancy], [osv-scanner], [tfsec], [trivy], [trufflehog], [terrascan] | -| SQL | [sqlfluff], [sqlfmt], [sql-formatter] | -| SVG | [svgo] | -| Swift | [stringslint], [swiftlint], [swiftformat] | -| Terraform | [terraform] (validate and fmt), [checkov], [tflint], [tfsec], [terrascan], [tofu] | -| Terragrunt | [terragrunt] | -| Textproto | [txtpbfmt] | -| TOML | [taplo] | -| Typescript | [deno], [eslint], [prettier], [rome], [semgrep] | -| YAML | [prettier], [semgrep], [yamllint] | +| Technology | Linters | +| --------------- | ------------------------------------------------------------------------------------------------------------------------ | +| All | [codespell], [cspell], [gitleaks], [git-diff-check], [pre-commit-hooks], [trunk-toolbox], [vale] | +| Ansible | [ansible-lint] | +| Apex | [pmd] | +| Bash | [shellcheck], [shfmt] | +| Bazel, Starlark | [buildifier] | +| C, C++ | [clang-format], [clang-tidy], [include-what-you-use], [pragma-once] | +| C# | [dotnet-format] | +| CircleCI Config | [circleci] | +| Cloudformation | [cfnlint], [checkov] | +| CMake | [cmake-format] | +| CSS, SCSS | [stylelint], [prettier] | +| Cue | [cue-fmt] | +| Dart | [dart] | +| Docker | [hadolint], [checkov] | +| Dotenv | [dotenv-linter] | +| GitHub | [actionlint] | +| Go | [gofmt], [gofumpt], [goimports], [gokart], [golangci-lint], [golines], [semgrep] | +| GraphQL | [graphql-schema-linter], [prettier] | +| HAML | [haml-lint] | +| HTML Templates | [djlint] | +| Java | [google-java-format], [pmd], [semgrep] | +| Javascript | [biome], [deno], [eslint], [prettier], [rome], [semgrep] | +| JSON | [biome], [deno], [eslint], [prettier], [semgrep] | +| Kotlin | [detekt], [ktlint] | +| Kubernetes | [kube-linter] | +| Lua | [stylua] | +| Markdown | [deno], [markdownlint], [markdownlint-cli2], [markdown-link-check], [markdown-table-prettify], [prettier], [remark-lint] | +| Nix | [nixpkgs-fmt] | +| package.json | [sort-package-json] | +| Perl | [perlcritic], [perltidy] | +| PHP | [php-cs-fixer], [phpstan] | +| PNG | [oxipng] | +| PowerShell | [psscriptanalyzer] | +| Prisma | [prisma] | +| Protobuf | [buf] (breaking, lint, and format), [clang-format], [clang-tidy] | +| Python | [autopep8], [bandit], [black], [flake8], [isort], [mypy], [pylint], [pyright], [semgrep], [yapf], [ruff], [sourcery] | +| Rego | [regal], [opa] | +| Renovate | [renovate] | +| Ruby | [brakeman], [rubocop], [rufo], [semgrep], [standardrb] | +| Rust | [clippy], [rustfmt] | +| Scala | [scalafmt] | +| Security | [checkov], [dustilock], [nancy], [osv-scanner], [tfsec], [trivy], [trufflehog], [terrascan] | +| SQL | [sqlfluff], [sqlfmt], [sql-formatter], [squawk] | +| SVG | [svgo] | +| Swift | [stringslint], [swiftlint], [swiftformat] | +| Terraform | [terraform] (validate and fmt), [checkov], [tflint], [tfsec], [terrascan], [tofu] | +| Terragrunt | [terragrunt] | +| Textproto | [txtpbfmt] | +| TOML | [taplo] | +| Typescript | [deno], [eslint], [prettier], [rome], [semgrep] | +| YAML | [prettier], [semgrep], [yamllint] | [actionlint]: https://trunk.io/linters/infra/actionlint [ansible-lint]: https://github.com/ansible/ansible-lint#readme @@ -137,6 +137,7 @@ trunk check enable {linter} [ktlint]: https://github.com/pinterest/ktlint#readme [kube-linter]: https://github.com/stackrox/kube-linter#readme [markdownlint]: https://github.com/DavidAnson/markdownlint#readme +[markdownlint-cli2]: https://github.com/DavidAnson/markdownlint-cli2#readme [markdown-table-prettify]: https://github.com/darkriszty/MarkdownTablePrettify-VSCodeExt#readme [markdown-link-check]: https://github.com/tcort/markdown-link-check#readme [mypy]: https://github.com/python/mypy#readme @@ -173,6 +174,7 @@ trunk check enable {linter} [sql-formatter]: https://github.com/sql-formatter-org/sql-formatter#readme [sqlfluff]: https://github.com/sqlfluff/sqlfluff#readme [sqlfmt]: https://github.com/tconbeer/sqlfmt#readme +[squawk]: https://github.com/sbdchd/squawk#readme [standardrb]: https://github.com/testdouble/standard#readme [stringslint]: https://github.com/dral3x/StringsLint#readme [stylelint]: https://github.com/stylelint/stylelint#readme diff --git a/actions/submodules/plugin.yaml b/actions/submodules/plugin.yaml new file mode 100644 index 000000000..dcae26219 --- /dev/null +++ b/actions/submodules/plugin.yaml @@ -0,0 +1,10 @@ +version: 0.1 +actions: + definitions: + - id: submodule-init-update + display_name: Submodule Init Update + description: Git hook for updating submodules + run: git submodule update --init --recursive + triggers: + - git_hooks: [post-checkout, post-merge, pre-rebase] + notify_on_error: false diff --git a/linters/buildifier/test_data/buildifier_v7.3.1_basic_check.check.shot b/linters/buildifier/test_data/buildifier_v7.3.1_basic_check.check.shot new file mode 100644 index 000000000..51223c11c --- /dev/null +++ b/linters/buildifier/test_data/buildifier_v7.3.1_basic_check.check.shot @@ -0,0 +1,135 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing linter buildifier test basic_check 1`] = ` +{ + "issues": [ + { + "code": "module-docstring", + "column": "1", + "file": "test_data/basic.bzl", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/bazelbuild/buildtools/blob/main/WARNINGS.md#module-docstring", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "buildifier", + "message": "The file has no module docstring. +A module docstring is a string literal (not a comment) which should be the first statement of a file (it may follow comment lines).", + "targetType": "starlark", + }, + { + "code": "load", + "column": "26", + "file": "test_data/basic.bzl", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/bazelbuild/buildtools/blob/main/WARNINGS.md#load", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "buildifier", + "message": "Loaded symbol "a" is unused. Please remove it. +To disable the warning, add '@unused' in a comment. +If you want to re-export a symbol, use the following pattern: + + load(..., _a = "a", ...) + a = _a", + "targetType": "starlark", + }, + { + "code": "load", + "column": "26", + "file": "test_data/basic.bzl", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/bazelbuild/buildtools/blob/main/WARNINGS.md#load", + "level": "LEVEL_HIGH", + "line": "2", + "linter": "buildifier", + "message": "Loaded symbol "b" is unused. Please remove it. +To disable the warning, add '@unused' in a comment. +If you want to re-export a symbol, use the following pattern: + + load(..., _b = "b", ...) + b = _b", + "targetType": "starlark", + }, + ], + "lintActions": [ + { + "command": "fix", + "fileGroupName": "bazel-build", + "linter": "buildifier", + "paths": [ + "test_data/add_tables.BUILD", + ], + "verb": "TRUNK_VERB_FMT", + }, + { + "command": "fix", + "fileGroupName": "starlark", + "linter": "buildifier", + "paths": [ + "test_data/basic.bzl", + ], + "verb": "TRUNK_VERB_FMT", + }, + { + "command": "warn", + "fileGroupName": "bazel-build", + "linter": "buildifier", + "paths": [ + "test_data/add_tables.BUILD", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "warn", + "fileGroupName": "starlark", + "linter": "buildifier", + "paths": [ + "test_data/basic.bzl", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "warn", + "fileGroupName": "bazel-build", + "linter": "buildifier", + "paths": [ + "test_data/add_tables.BUILD", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "warn", + "fileGroupName": "starlark", + "linter": "buildifier", + "paths": [ + "test_data/basic.bzl", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [ + { + "column": "1", + "file": "test_data/add_tables.BUILD", + "issueClass": "ISSUE_CLASS_UNFORMATTED", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "buildifier", + "message": "Incorrect formatting, autoformat by running 'trunk fmt'", + }, + { + "column": "1", + "file": "test_data/basic.bzl", + "issueClass": "ISSUE_CLASS_UNFORMATTED", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "buildifier", + "message": "Incorrect formatting, autoformat by running 'trunk fmt'", + }, + ], +} +`; diff --git a/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.add_tables.BUILD.fmt.shot b/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.add_tables.BUILD.fmt.shot new file mode 100644 index 000000000..54e82961f --- /dev/null +++ b/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.add_tables.BUILD.fmt.shot @@ -0,0 +1,36 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing formatter buildifier test no_config 1`] = ` +"foo_macro( + fizz = [ + ":lib2", + ":lib1", + ], +) + +filegroup( + name = "files", + srcs = glob(["**"]), +) + +sh_library( + name = "lib1", + srcs = ["src1.sh"], +) + +sh_library( + name = "lib2", + srcs = ["src1.sh"], +) + +sh_binary( + name = "foo", + srcs = ["foo.sh"], + deps = [ + ":lib1", + ":lib2", + ], +) +" +`; diff --git a/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.basic.bzl.fmt.shot b/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.basic.bzl.fmt.shot new file mode 100644 index 000000000..0f9da3bb5 --- /dev/null +++ b/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.basic.bzl.fmt.shot @@ -0,0 +1,11 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing formatter buildifier test no_config 1`] = ` +"# Misformatted file +def eponymous_name(): + name = native.package_name() + + return name[name.rfind("/") + 1:] +" +`; diff --git a/linters/buildifier/test_data/buildifier_v7.3.1_with_config.test_data.add_tables.BUILD.fmt.shot b/linters/buildifier/test_data/buildifier_v7.3.1_with_config.test_data.add_tables.BUILD.fmt.shot new file mode 100644 index 000000000..e4ce11ada --- /dev/null +++ b/linters/buildifier/test_data/buildifier_v7.3.1_with_config.test_data.add_tables.BUILD.fmt.shot @@ -0,0 +1,36 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing formatter buildifier test with_config 1`] = ` +"foo_macro( + fizz = [ + ":lib1", + ":lib2", + ], +) + +filegroup( + name = "files", + srcs = glob(["**"]), +) + +sh_library( + name = "lib1", + srcs = ["src1.sh"], +) + +sh_library( + name = "lib2", + srcs = ["src1.sh"], +) + +sh_binary( + name = "foo", + srcs = ["foo.sh"], + deps = [ + ":lib1", + ":lib2", + ], +) +" +`; diff --git a/linters/markdownlint-cli2/markdownlint.test.ts b/linters/markdownlint-cli2/markdownlint.test.ts new file mode 100644 index 000000000..91b33f474 --- /dev/null +++ b/linters/markdownlint-cli2/markdownlint.test.ts @@ -0,0 +1,3 @@ +import { linterCheckTest } from "tests"; + +linterCheckTest({ linterName: "markdownlint-cli2" }); diff --git a/linters/markdownlint-cli2/plugin.yaml b/linters/markdownlint-cli2/plugin.yaml new file mode 100644 index 000000000..1b662a8d4 --- /dev/null +++ b/linters/markdownlint-cli2/plugin.yaml @@ -0,0 +1,46 @@ +version: 0.1 +tools: + definitions: + - name: markdownlint-cli2 + runtime: node + package: markdownlint-cli2 + shims: [markdownlint-cli2] + known_good_version: 0.14.0 + +lint: + definitions: + - name: markdownlint-cli2 + files: [markdown] + tools: [markdownlint-cli2] + description: A style checker and lint tool for markdown files + commands: + - name: lint + # Custom parser type defined in the trunk cli to handle markdownlint's JSON output. + output: regex + read_output_from: stderr + parse_regex: + "(?P[^:]+):(?P[\\d+]+)(?::(?P[\\d+]+))? (?P[^ ]+) + (?P.*)\n" + run: markdownlint-cli2 ${target} --json + success_codes: [0, 1] + batch: true + cache_results: true + suggest_if: config_present + direct_configs: + - .markdownlint-cli2.jsonc + - .markdownlint-cli2.yaml + - .markdownlint-cli2.cjs + - .markdownlint-cli2.mjs + affects_cache: + - package.json + - .markdownlint.jsonc + - .markdownlint.json + - .markdownlint.yaml + - .markdownlint.yml + - .markdownlint.cjs + - .markdownlint.mjs + issue_url_format: https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#{} + known_good_version: 0.14.0 + version_command: + parse_regex: ${semver} + run: markdownlint --version diff --git a/linters/markdownlint-cli2/test_data/.markdownlint-cli2.jsonc b/linters/markdownlint-cli2/test_data/.markdownlint-cli2.jsonc new file mode 100644 index 000000000..5ecf259c3 --- /dev/null +++ b/linters/markdownlint-cli2/test_data/.markdownlint-cli2.jsonc @@ -0,0 +1,5 @@ +{ + "config": { + "extends": "markdownlint/style/prettier" + } +} diff --git a/linters/markdownlint-cli2/test_data/basic.in.md b/linters/markdownlint-cli2/test_data/basic.in.md new file mode 100644 index 000000000..9163e8372 --- /dev/null +++ b/linters/markdownlint-cli2/test_data/basic.in.md @@ -0,0 +1,11 @@ +# bad.md + +# This file fails some rules + +Line is OK- Make a realy long line that breaks the layout rules completely. Make a realy long line +that breaks +But this should be ignored because of config + + +Line is too long (over 120) A B C D E F G A B C D E F G A B C D E F G A B C D E F G A B C D E F G A +B C D E F G A B C D E F G A B C D E F G diff --git a/linters/markdownlint-cli2/test_data/markdownlint_cli2_v0.14.0_basic.check.shot b/linters/markdownlint-cli2/test_data/markdownlint_cli2_v0.14.0_basic.check.shot new file mode 100644 index 000000000..a0471cf50 --- /dev/null +++ b/linters/markdownlint-cli2/test_data/markdownlint_cli2_v0.14.0_basic.check.shot @@ -0,0 +1,43 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`Testing linter markdownlint-cli2 test basic 1`] = ` +{ + "issues": [ + { + "code": "MD025/single-title/single-h1", + "column": "1", + "file": "test_data/basic.in.md", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#MD025/single-title/single-h1", + "level": "LEVEL_HIGH", + "line": "3", + "linter": "markdownlint-cli2", + "message": "Multiple top-level headings in the same document [Context: "This file fails some rules"]", + "targetType": "markdown", + }, + ], + "lintActions": [ + { + "command": "lint", + "fileGroupName": "markdown", + "linter": "markdownlint-cli2", + "paths": [ + "test_data/basic.in.md", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "lint", + "fileGroupName": "markdown", + "linter": "markdownlint-cli2", + "paths": [ + "test_data/basic.in.md", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [], +} +`; diff --git a/linters/markdownlint/plugin.yaml b/linters/markdownlint/plugin.yaml index 978bbdd0c..1aa1515d5 100644 --- a/linters/markdownlint/plugin.yaml +++ b/linters/markdownlint/plugin.yaml @@ -26,9 +26,6 @@ lint: - .markdownlint.yaml - .markdownlint.yml - .markdownlintrc - - .markdownlint-cli2.json - - .markdownlint-cli2.yaml - - .markdownlint-cli2.jsonc issue_url_format: https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#{} known_good_version: 0.33.0 version_command: diff --git a/linters/osv-scanner/expected_issues.json b/linters/osv-scanner/expected_issues.json index f62a00908..367c09831 100644 --- a/linters/osv-scanner/expected_issues.json +++ b/linters/osv-scanner/expected_issues.json @@ -54,17 +54,6 @@ "targetType": "lockfile", "isSecurity": true }, - { - "file": "test_data/Gemfile.lock", - "line": "16", - "message": "Active Support Possibly Discloses Locally Encrypted Files. Current version of 'activesupport' is vulnerable: 5.2.8.1. Patch available: upgrade to 6.1.7.5 or higher.", - "code": "GHSA-cr5q-6q9f-rq6q", - "level": "LEVEL_LOW", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-cr5q-6q9f-rq6q", - "targetType": "lockfile", - "isSecurity": true - }, { "file": "test_data/Gemfile.lock", "line": "16", @@ -87,6 +76,17 @@ "targetType": "lockfile", "isSecurity": true }, + { + "file": "test_data/Gemfile.lock", + "line": "16", + "message": "Active Support Possibly Discloses Locally Encrypted Files. Current version of 'activesupport' is vulnerable: 5.2.8.1. Patch available: upgrade to 6.1.7.5 or higher.", + "code": "GHSA-cr5q-6q9f-rq6q", + "level": "LEVEL_LOW", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-cr5q-6q9f-rq6q", + "targetType": "lockfile", + "isSecurity": true + }, { "file": "test_data/Gemfile.lock", "line": "34", @@ -131,6 +131,17 @@ "targetType": "lockfile", "isSecurity": true }, + { + "file": "test_data/Gemfile.lock", + "line": "97", + "message": "'Nokogiri' updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459. Current version of 'nokogiri' is vulnerable: 1.14.1. Patch available: upgrade to 1.16.5 or higher.", + "code": "GHSA-r95h-9x8f-r3f7", + "level": "LEVEL_LOW", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-r95h-9x8f-r3f7", + "targetType": "lockfile", + "isSecurity": true + }, { "file": "test_data/Gemfile.lock", "line": "97", @@ -221,41 +232,21 @@ }, { "file": "test_data/go.mod", - "message": "Improper handling of JavaScript whitespace in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-24540", - "level": "LEVEL_HIGH", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-24540", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/go.mod", - "message": "Excessive resource consumption in mime/multipart. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41725", - "level": "LEVEL_HIGH", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41725", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/go.mod", - "message": "Large RSA keys can cause high CPU usage in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-29409", + "message": "Comments in display names are incorrectly handled in net/mail. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24784", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-29409", + "issueUrl": "https://osv.dev/CVE-2024-24784", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Insufficient sanitization of Host header in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-29406", + "message": "Panic due to crafted inputs in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-39293", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-29406", + "issueUrl": "https://osv.dev/CVE-2021-39293", "targetType": "lockfile", "isSecurity": true }, @@ -281,221 +272,211 @@ }, { "file": "test_data/go.mod", - "message": "Improper handling of special tags within script contexts in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-39319", - "level": "LEVEL_HIGH", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-39319", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/go.mod", - "message": "Denial of service via chunk extensions in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-39326", + "message": "Improper handling of JavaScript whitespace in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-24540", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-39326", + "issueUrl": "https://osv.dev/CVE-2023-24540", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Insecure parsing of Windows paths with a \\??\\ prefix in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-45283", + "message": "Improper sanitization of CSS values in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-24539", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-45283", + "issueUrl": "https://osv.dev/CVE-2023-24539", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect detection of reserved device names on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-45284", + "message": "Backticks not treated as string delimiters in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-24538", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-45284", + "issueUrl": "https://osv.dev/CVE-2023-24538", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-45287", + "message": "Stack exhaustion on crafted paths in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30632", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-45287", + "issueUrl": "https://osv.dev/CVE-2022-30632", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-45289", + "message": "Stack exhaustion when reading certain archives in compress/gzip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30631", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-45289", + "issueUrl": "https://osv.dev/CVE-2022-30631", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Memory exhaustion in multipart form parsing in net/textproto and net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-45290", + "message": "Stack exhaustion in Glob on certain paths in io/fs. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30630", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-45290", + "issueUrl": "https://osv.dev/CVE-2022-30630", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Verify panics on certificates with an unknown public key algorithm in crypto/x509. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2024-24783", + "message": "Session tickets lack random ticket_age_add in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30629", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2024-24783", + "issueUrl": "https://osv.dev/CVE-2022-30629", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Comments in display names are incorrectly handled in net/mail. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2024-24784", + "message": "Empty Cmd.Path can trigger unintended binary in os/exec on Windows. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30580", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2024-24784", + "issueUrl": "https://osv.dev/CVE-2022-30580", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Errors returned from JSON marshaling may break template escaping in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2024-24785", + "message": "Path traversal via Clean on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-29804", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2024-24785", + "issueUrl": "https://osv.dev/CVE-2022-29804", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "HTTP/2 rapid reset can cause excessive work in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-4374-p667-p6c8", + "message": "Incorrect sanitization of forwarded query parameters in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-2880", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-4374-p667-p6c8", + "issueUrl": "https://osv.dev/CVE-2022-2880", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "HTTP/2 CONTINUATION flood in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-4v7x-pqxf-cx7m", + "message": "Unbounded memory consumption when reading headers in archive/tar. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-2879", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-4v7x-pqxf-cx7m", + "issueUrl": "https://osv.dev/CVE-2022-2879", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Denial of service in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-69cg-p879-7622", + "message": "Panic due to large inputs affecting P-256 curves in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-28327", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-69cg-p879-7622", + "issueUrl": "https://osv.dev/CVE-2022-28327", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic due to large headers in net/http and golang.org/x/net/http/httpguts. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-h86h-8ppg-mxmh", + "message": "Stack exhaustion from deeply nested XML documents in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-28131", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-h86h-8ppg-mxmh", + "issueUrl": "https://osv.dev/CVE-2022-28131", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect privilege reporting in syscall and golang.org/x/sys/unix. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-p782-xgp4-8hr8", + "message": "Stack exhaustion when compiling deeply nested expressions in regexp. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-24921", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-p782-xgp4-8hr8", + "issueUrl": "https://osv.dev/CVE-2022-24921", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Unbounded memory growth in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-vc3p-29h2-gpcp", + "message": "Stack overflow from a large amount of PEM data in encoding/pem. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-24675", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-vc3p-29h2-gpcp", + "issueUrl": "https://osv.dev/CVE-2022-24675", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-vvpx-j8f3-3w6h", + "message": "Incorrect computation for some invalid field elements in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-23806", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-vvpx-j8f3-3w6h", + "issueUrl": "https://osv.dev/CVE-2022-23806", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Excessive memory growth in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-xrjj-mj9h-534m", + "message": "Uncontrolled memory consumption in math/big. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-23772", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-xrjj-mj9h-534m", + "issueUrl": "https://osv.dev/CVE-2022-23772", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect calculation on P256 curves in crypto/internal/nistec. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-24532", + "message": "Stack exhaustion due to deeply nested types in go/parser. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-1962", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-24532", + "issueUrl": "https://osv.dev/CVE-2022-1962", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic on large handshake records in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41724", + "message": "Improper sanitization of Transfer-Encoding headers in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-1705", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41724", + "issueUrl": "https://osv.dev/CVE-2022-1705", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Improper sanitization of CSS values in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-24539", + "message": "Misdirected I/O in syscall. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-44717", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-24539", + "issueUrl": "https://osv.dev/CVE-2021-44717", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Backticks not treated as string delimiters in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-24538", + "message": "Indefinite hang with large buffers on Windows in crypto/rand. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30634", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-24538", + "issueUrl": "https://osv.dev/CVE-2022-30634", "targetType": "lockfile", "isSecurity": true }, @@ -531,101 +512,121 @@ }, { "file": "test_data/go.mod", - "message": "Cross-site scripting in net/http/cgi and net/http/fcgi. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2020-24553", + "message": "Incorrect calculation on P256 curves in crypto/internal/nistec. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-24532", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2020-24553", + "issueUrl": "https://osv.dev/CVE-2023-24532", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Infinite loop when decoding inputs in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-27918", + "message": "Excessive resource consumption in mime/multipart. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41725", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-27918", + "issueUrl": "https://osv.dev/CVE-2022-41725", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect operations on the P-224 curve in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-3114", + "message": "Excessive memory growth in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-xrjj-mj9h-534m", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-3114", + "issueUrl": "https://osv.dev/GHSA-xrjj-mj9h-534m", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Improper sanitization when resolving values from DNS in net. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-33195", + "message": "Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-vvpx-j8f3-3w6h", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-33195", + "issueUrl": "https://osv.dev/GHSA-vvpx-j8f3-3w6h", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic when reading certain archives in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-33196", + "message": "Unbounded memory growth in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-vc3p-29h2-gpcp", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-33196", + "issueUrl": "https://osv.dev/GHSA-vc3p-29h2-gpcp", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Attacker can drop certain headers in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-33197", + "message": "Incorrect privilege reporting in syscall and golang.org/x/sys/unix. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-p782-xgp4-8hr8", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-33197", + "issueUrl": "https://osv.dev/GHSA-p782-xgp4-8hr8", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic on inputs with large exponents in math/big. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-33198", + "message": "Panic due to large headers in net/http and golang.org/x/net/http/httpguts. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-h86h-8ppg-mxmh", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-33198", + "issueUrl": "https://osv.dev/GHSA-h86h-8ppg-mxmh", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic on certain certificates in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-34558", + "message": "Denial of service in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-69cg-p879-7622", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-34558", + "issueUrl": "https://osv.dev/GHSA-69cg-p879-7622", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic in ReverseProxy in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-36221", + "message": "HTTP/2 CONTINUATION flood in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-4v7x-pqxf-cx7m", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-36221", + "issueUrl": "https://osv.dev/GHSA-4v7x-pqxf-cx7m", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic due to crafted inputs in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-39293", + "message": "HTTP/2 rapid reset can cause excessive work in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-4374-p667-p6c8", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-39293", + "issueUrl": "https://osv.dev/GHSA-4374-p667-p6c8", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Denial of service due to improper 100-continue handling in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24791", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2024-24791", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24790", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2024-24790", "targetType": "lockfile", "isSecurity": true }, @@ -641,201 +642,201 @@ }, { "file": "test_data/go.mod", - "message": "Panic when opening certain archives in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-41772", + "message": "Panic on large handshake records in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41724", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-41772", + "issueUrl": "https://osv.dev/CVE-2022-41724", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Misdirected I/O in syscall. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-44717", + "message": "Path traversal on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41722", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-44717", + "issueUrl": "https://osv.dev/CVE-2022-41722", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Improper sanitization of Transfer-Encoding headers in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-1705", + "message": "Mishandling of corrupt central directory record in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24789", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-1705", + "issueUrl": "https://osv.dev/CVE-2024-24789", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion due to deeply nested types in go/parser. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-1962", + "message": "Restricted file access on Windows in os and net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41720", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-1962", + "issueUrl": "https://osv.dev/CVE-2022-41720", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Uncontrolled memory consumption in math/big. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-23772", + "message": "Errors returned from JSON marshaling may break template escaping in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24785", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-23772", + "issueUrl": "https://osv.dev/CVE-2024-24785", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect computation for some invalid field elements in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-23806", + "message": "Large RSA keys can cause high CPU usage in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-29409", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-23806", + "issueUrl": "https://osv.dev/CVE-2023-29409", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack overflow from a large amount of PEM data in encoding/pem. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-24675", + "message": "Verify panics on certificates with an unknown public key algorithm in crypto/x509. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24783", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-24675", + "issueUrl": "https://osv.dev/CVE-2024-24783", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion when compiling deeply nested expressions in regexp. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-24921", + "message": "Memory exhaustion in multipart form parsing in net/textproto and net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-45290", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-24921", + "issueUrl": "https://osv.dev/CVE-2023-45290", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion from deeply nested XML documents in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-28131", + "message": "Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-45289", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-28131", + "issueUrl": "https://osv.dev/CVE-2023-45289", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic due to large inputs affecting P-256 curves in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-28327", + "message": "Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-45287", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-28327", + "issueUrl": "https://osv.dev/CVE-2023-45287", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Unbounded memory consumption when reading headers in archive/tar. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-2879", + "message": "Incorrect detection of reserved device names on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-45284", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-2879", + "issueUrl": "https://osv.dev/CVE-2023-45284", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect sanitization of forwarded query parameters in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-2880", + "message": "Insecure parsing of Windows paths with a \\??\\ prefix in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-45283", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-2880", + "issueUrl": "https://osv.dev/CVE-2023-45283", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Path traversal via Clean on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-29804", + "message": "Denial of service via chunk extensions in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-39326", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-29804", + "issueUrl": "https://osv.dev/CVE-2023-39326", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Empty Cmd.Path can trigger unintended binary in os/exec on Windows. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30580", + "message": "Unsanitized NUL in environment variables on Windows in syscall and os/exec. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41716", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30580", + "issueUrl": "https://osv.dev/CVE-2022-41716", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Session tickets lack random ticket_age_add in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30629", + "message": "Memory exhaustion when compiling regular expressions in regexp/syntax. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41715", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30629", + "issueUrl": "https://osv.dev/CVE-2022-41715", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion in Glob on certain paths in io/fs. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30630", + "message": "Panic when opening certain archives in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-41772", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30630", + "issueUrl": "https://osv.dev/CVE-2021-41772", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion when reading certain archives in compress/gzip. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30631", + "message": "Insufficient sanitization of Host header in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-29406", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30631", + "issueUrl": "https://osv.dev/CVE-2023-29406", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion on crafted paths in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30632", + "message": "Panic when decoding Float and Rat types in math/big. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-32189", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30632", + "issueUrl": "https://osv.dev/CVE-2022-32189", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion when unmarshaling certain documents in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30633", + "message": "Exposure of client IP addresses in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-32148", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30633", + "issueUrl": "https://osv.dev/CVE-2022-32148", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Indefinite hang with large buffers on Windows in crypto/rand. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30634", + "message": "Improper handling of special tags within script contexts in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-39319", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30634", + "issueUrl": "https://osv.dev/CVE-2023-39319", "targetType": "lockfile", "isSecurity": true }, @@ -851,91 +852,131 @@ }, { "file": "test_data/go.mod", - "message": "Exposure of client IP addresses in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-32148", + "message": "Improper handling of HTML-like comments in script contexts in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-39318", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-32148", + "issueUrl": "https://osv.dev/CVE-2023-39318", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic when decoding Float and Rat types in math/big. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-32189", + "message": "Cross-site scripting in net/http/cgi and net/http/fcgi. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2020-24553", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-32189", + "issueUrl": "https://osv.dev/CVE-2020-24553", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Memory exhaustion when compiling regular expressions in regexp/syntax. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41715", + "message": "Infinite loop when decoding inputs in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-27918", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41715", + "issueUrl": "https://osv.dev/CVE-2021-27918", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Unsanitized NUL in environment variables on Windows in syscall and os/exec. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41716", + "message": "Incorrect operations on the P-224 curve in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-3114", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41716", + "issueUrl": "https://osv.dev/CVE-2021-3114", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Restricted file access on Windows in os and net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41720", + "message": "Improper sanitization when resolving values from DNS in net. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-33195", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41720", + "issueUrl": "https://osv.dev/CVE-2021-33195", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Path traversal on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41722", + "message": "Panic when reading certain archives in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-33196", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41722", + "issueUrl": "https://osv.dev/CVE-2021-33196", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Improper handling of HTML-like comments in script contexts in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-39318", + "message": "Attacker can drop certain headers in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-33197", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-39318", + "issueUrl": "https://osv.dev/CVE-2021-33197", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Panic on inputs with large exponents in math/big. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-33198", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2021-33198", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Panic on certain certificates in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-34558", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2021-34558", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Panic in ReverseProxy in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-36221", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2021-36221", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Stack exhaustion when unmarshaling certain documents in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30633", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2022-30633", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Gitea erroneous repo clones. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-8j3v-68w3-3848", - "level": "LEVEL_MEDIUM", + "message": "Gitea vulnerable to Argument Injection in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-w8xw-7crf-h23x", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-8j3v-68w3-3848", + "issueUrl": "https://osv.dev/GHSA-w8xw-7crf-h23x", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Stored Cross-site Scripting in gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", + "message": "Stored Cross-site Scripting in gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", "code": "GHSA-ph3w-2843-72mx", - "level": "LEVEL_MEDIUM", + "level": "LEVEL_HIGH", "linter": "osv-scanner", "issueUrl": "https://osv.dev/GHSA-ph3w-2843-72mx", "targetType": "lockfile", @@ -944,113 +985,157 @@ { "file": "test_data/go.mod", "line": "7", - "message": "Gogs and Gitea SSRF Vulnerability. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-fg3x-rwq9-74cw", + "message": "Shell command injection in gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-p5f9-c9j9-g8qx", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-fg3x-rwq9-74cw", + "issueUrl": "https://osv.dev/GHSA-p5f9-c9j9-g8qx", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Gitea allowed assignment of private issues. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-fhv8-m4j4-cww2", - "level": "LEVEL_MEDIUM", + "message": "Capture-replay in Gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-jrpg-35hw-m4p9", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-fhv8-m4j4-cww2", + "issueUrl": "https://osv.dev/GHSA-jrpg-35hw-m4p9", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Arbitrary file deletion in gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-g7p7-x6w7-w6qg", + "message": "Gitea Missing Authorization vulnerability in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-jr9c-h74f-2v28", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-g7p7-x6w7-w6qg", + "issueUrl": "https://osv.dev/GHSA-jr9c-h74f-2v28", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Arbitrary Code Execution in Gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-3h6c-c475-jm7v", + "message": "Path Traversal in Gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-h3q4-vmw4-cpr5", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-3h6c-c475-jm7v", + "issueUrl": "https://osv.dev/GHSA-h3q4-vmw4-cpr5", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "'code.gitea.io/gitea' Open Redirect vulnerability. Current version is vulnerable: 1.9.0-dev.", - "code": "GHSA-cf6v-9j57-v6r6", - "level": "LEVEL_LOW", + "message": "Cross-site Scripting in Gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-g95p-88p4-76cm", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-cf6v-9j57-v6r6", + "issueUrl": "https://osv.dev/GHSA-g95p-88p4-76cm", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Cross-site Scripting in Gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-g95p-88p4-76cm", - "level": "LEVEL_MEDIUM", + "message": "Arbitrary file deletion in gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-g7p7-x6w7-w6qg", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-g95p-88p4-76cm", + "issueUrl": "https://osv.dev/GHSA-g7p7-x6w7-w6qg", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Path Traversal in Gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-h3q4-vmw4-cpr5", - "level": "LEVEL_MEDIUM", + "message": "Denial of Service in Gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-g2qx-6ghw-67hm", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-h3q4-vmw4-cpr5", + "issueUrl": "https://osv.dev/GHSA-g2qx-6ghw-67hm", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Gitea Missing Authorization vulnerability. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-jr9c-h74f-2v28", + "message": "Gitea allowed assignment of private issues in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-fhv8-m4j4-cww2", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-jr9c-h74f-2v28", + "issueUrl": "https://osv.dev/GHSA-fhv8-m4j4-cww2", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Shell command injection in gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-p5f9-c9j9-g8qx", + "message": "Gogs and Gitea SSRF Vulnerability in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-fg3x-rwq9-74cw", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-p5f9-c9j9-g8qx", + "issueUrl": "https://osv.dev/GHSA-fg3x-rwq9-74cw", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "'code.gitea.io/gitea' Open Redirect vulnerability. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-cf6v-9j57-v6r6", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-cf6v-9j57-v6r6", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Gitea erroneous repo clones in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-8j3v-68w3-3848", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-8j3v-68w3-3848", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Gitea Open Redirect. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", + "message": "Gitea Open Redirect in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", "code": "GHSA-4rqq-rxvc-v2rc", - "level": "LEVEL_MEDIUM", + "level": "LEVEL_HIGH", "linter": "osv-scanner", "issueUrl": "https://osv.dev/GHSA-4rqq-rxvc-v2rc", "targetType": "lockfile", "isSecurity": true }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Gitea Cross-site Scripting Vulnerability in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-4h4p-553m-46qh", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-4h4p-553m-46qh", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Arbitrary Code Execution in Gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", + "code": "GHSA-3h6c-c475-jm7v", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-3h6c-c475-jm7v", + "targetType": "lockfile", + "isSecurity": true + }, { "file": "test_data/go.mod", "line": "16", @@ -1087,18 +1172,18 @@ { "file": "test_data/go.mod", "line": "58", - "message": "Open redirect in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-36h2-95gj-w488", - "level": "LEVEL_MEDIUM", + "message": "Gitea Improper Input Validation in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", + "code": "GHSA-q47x-6mqq-4w92", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-36h2-95gj-w488", + "issueUrl": "https://osv.dev/GHSA-q47x-6mqq-4w92", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "58", - "message": "Cross Site Request Forgery in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "message": "Cross Site Request Forgery in Gitea in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", "code": "GHSA-4wp3-8q92-mh8w", "level": "LEVEL_HIGH", "linter": "osv-scanner", @@ -1109,9 +1194,20 @@ { "file": "test_data/go.mod", "line": "58", - "message": "Gitea displaying raw OpenID error in UI. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "message": "Open redirect in Gitea in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", + "code": "GHSA-36h2-95gj-w488", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-36h2-95gj-w488", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "58", + "message": "Gitea displaying raw OpenID error in UI in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", "code": "GHSA-8h8p-x289-vvqr", - "level": "LEVEL_MEDIUM", + "level": "LEVEL_HIGH", "linter": "osv-scanner", "issueUrl": "https://osv.dev/GHSA-8h8p-x289-vvqr", "targetType": "lockfile", @@ -1120,9 +1216,9 @@ { "file": "test_data/go.mod", "line": "58", - "message": "Gitea Exposes Private Email Addresses. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "message": "Gitea Exposes Private Email Addresses in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", "code": "GHSA-f5fj-7265-jxhj", - "level": "LEVEL_MEDIUM", + "level": "LEVEL_HIGH", "linter": "osv-scanner", "issueUrl": "https://osv.dev/GHSA-f5fj-7265-jxhj", "targetType": "lockfile", @@ -1142,97 +1238,86 @@ { "file": "test_data/go.mod", "line": "58", - "message": "Capture-replay in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-jrpg-35hw-m4p9", + "message": "Gitea vulnerable to Argument Injection. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "code": "GHSA-w8xw-7crf-h23x", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-jrpg-35hw-m4p9", + "issueUrl": "https://osv.dev/GHSA-w8xw-7crf-h23x", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "58", - "message": "Gitea Improper Input Validation. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-q47x-6mqq-4w92", + "message": "Improper Access Control in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "code": "GHSA-r7h7-chh4-5rvm", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-q47x-6mqq-4w92", + "issueUrl": "https://osv.dev/GHSA-r7h7-chh4-5rvm", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "58", - "message": "Cross-site Scripting in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "message": "Cross-site Scripting in Gitea in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", "code": "GHSA-r3gq-wxqf-q4gh", - "level": "LEVEL_MEDIUM", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-r3gq-wxqf-q4gh", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/go.mod", - "line": "58", - "message": "Improper Access Control in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-r7h7-chh4-5rvm", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-r7h7-chh4-5rvm", + "issueUrl": "https://osv.dev/GHSA-r3gq-wxqf-q4gh", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "58", - "message": "Gitea vulnerable to Argument Injection. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-w8xw-7crf-h23x", + "message": "Gitea Remote Code Execution in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", + "code": "GHSA-hpmr-prr2-cqc4", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-w8xw-7crf-h23x", + "issueUrl": "https://osv.dev/GHSA-hpmr-prr2-cqc4", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "58", - "message": "Gitea Remote Code Execution. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-hpmr-prr2-cqc4", + "message": "Capture-replay in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "code": "GHSA-jrpg-35hw-m4p9", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-hpmr-prr2-cqc4", + "issueUrl": "https://osv.dev/GHSA-jrpg-35hw-m4p9", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "84", - "message": "Gophish vulnerable to Cross-site Scripting via crafted landing page. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", - "code": "GHSA-55m9-hm92-xm8j", - "level": "LEVEL_MEDIUM", + "message": "Gophish before 0.12.0 vulnerable to Open Redirect in 'github.com/gophish/gophish'. Current version is vulnerable: 0.1.2.", + "code": "GHSA-hvw3-p9px-gpc9", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-55m9-hm92-xm8j", + "issueUrl": "https://osv.dev/GHSA-hvw3-p9px-gpc9", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "84", - "message": "Gophish vulnerable to Denial of Service via crafted payload involving autofocus. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", - "code": "GHSA-8gg8-wr4j-v2wr", + "message": "Gophish XSS Vulnerability in 'github.com/gophish/gophish'. Current version is vulnerable: 0.1.2.", + "code": "GHSA-9h9f-9q8g-6764", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-8gg8-wr4j-v2wr", + "issueUrl": "https://osv.dev/GHSA-9h9f-9q8g-6764", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "84", - "message": "Gophish vulnerable to Server-Side Request Forgery. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", + "message": "Gophish vulnerable to Server-Side Request Forgery in 'github.com/gophish/gophish'. Current version is vulnerable: 0.1.2.", "code": "GHSA-9c9w-9pq7-f35h", - "level": "LEVEL_MEDIUM", + "level": "LEVEL_HIGH", "linter": "osv-scanner", "issueUrl": "https://osv.dev/GHSA-9c9w-9pq7-f35h", "targetType": "lockfile", @@ -1241,44 +1326,44 @@ { "file": "test_data/go.mod", "line": "84", - "message": "Gophish XSS Vulnerability. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", - "code": "GHSA-9h9f-9q8g-6764", - "level": "LEVEL_MEDIUM", + "message": "Gophish vulnerable to Denial of Service via crafted payload involving autofocus. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", + "code": "GHSA-8gg8-wr4j-v2wr", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-9h9f-9q8g-6764", + "issueUrl": "https://osv.dev/GHSA-8gg8-wr4j-v2wr", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "84", - "message": "Gophish before 0.12.0 vulnerable to Open Redirect. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", - "code": "GHSA-hvw3-p9px-gpc9", + "message": "Gophish vulnerable to Cross-site Scripting via crafted landing page. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", + "code": "GHSA-55m9-hm92-xm8j", "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-hvw3-p9px-gpc9", + "issueUrl": "https://osv.dev/GHSA-55m9-hm92-xm8j", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "91", - "message": "pgx SQL Injection via Protocol Message Size Overflow. Current version of 'github.com/jackc/pgx' is vulnerable: 3.6.0+incompatible.", - "code": "GHSA-7jwh-3vrq-q3m8", + "message": "pgx SQL Injection via Line Comment Creation. Current version of 'github.com/jackc/pgx' is vulnerable: 3.6.0+incompatible.", + "code": "GHSA-m7wr-2xf7-cm9p", "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-7jwh-3vrq-q3m8", + "issueUrl": "https://osv.dev/GHSA-m7wr-2xf7-cm9p", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "91", - "message": "pgx SQL Injection via Line Comment Creation. Current version of 'github.com/jackc/pgx' is vulnerable: 3.6.0+incompatible.", - "code": "GHSA-m7wr-2xf7-cm9p", + "message": "pgx SQL Injection via Protocol Message Size Overflow. Current version of 'github.com/jackc/pgx' is vulnerable: 3.6.0+incompatible.", + "code": "GHSA-7jwh-3vrq-q3m8", "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-m7wr-2xf7-cm9p", + "issueUrl": "https://osv.dev/GHSA-7jwh-3vrq-q3m8", "targetType": "lockfile", "isSecurity": true }, @@ -1318,22 +1403,22 @@ { "file": "test_data/go.mod", "line": "161", - "message": "Path traversal in 'github.com/unknwon/cae'. Current version is vulnerable: 1.0.0.", - "code": "GHSA-vpx7-vm66-qx8r", + "message": "Path Traversal in 'github.com/unknwon/cae'. Current version is vulnerable: 1.0.0.", + "code": "GHSA-88jf-7rch-32qc", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-vpx7-vm66-qx8r", + "issueUrl": "https://osv.dev/GHSA-88jf-7rch-32qc", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "161", - "message": "Path Traversal in 'github.com/unknwon/cae'. Current version is vulnerable: 1.0.0.", - "code": "GHSA-88jf-7rch-32qc", + "message": "Path traversal in 'github.com/unknwon/cae'. Current version is vulnerable: 1.0.0.", + "code": "GHSA-vpx7-vm66-qx8r", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-88jf-7rch-32qc", + "issueUrl": "https://osv.dev/GHSA-vpx7-vm66-qx8r", "targetType": "lockfile", "isSecurity": true }, @@ -1436,6 +1521,17 @@ "targetType": "lockfile", "isSecurity": true }, + { + "file": "test_data/go.mod", + "line": "172", + "message": "Limited directory traversal vulnerability on Windows in 'golang.org/x/crypto'. Current version is vulnerable: 0.0.0-20190308221718-c2843e01d9a2.", + "code": "CVE-2022-30636", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2022-30636", + "targetType": "lockfile", + "isSecurity": true + }, { "file": "test_data/go.mod", "line": "173", @@ -1450,11 +1546,11 @@ { "file": "test_data/go.mod", "line": "173", - "message": "Denial of service via crafted TIFF image in golang.org/x/image/tiff. Current version is vulnerable: 0.0.0-20190802002840-cff245a6509b.", - "code": "GHSA-qgc7-mgm3-q253", + "message": "Panic when parsing invalid palette-color images in 'golang.org/x/image'. Current version is vulnerable: 0.0.0-20190802002840-cff245a6509b.", + "code": "GHSA-9phm-fm57-rhg8", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-qgc7-mgm3-q253", + "issueUrl": "https://osv.dev/GHSA-9phm-fm57-rhg8", "targetType": "lockfile", "isSecurity": true }, @@ -1469,25 +1565,36 @@ "targetType": "lockfile", "isSecurity": true }, + { + "file": "test_data/go.mod", + "line": "173", + "message": "Denial of service via crafted TIFF image in golang.org/x/image/tiff. Current version is vulnerable: 0.0.0-20190802002840-cff245a6509b.", + "code": "GHSA-qgc7-mgm3-q253", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-qgc7-mgm3-q253", + "targetType": "lockfile", + "isSecurity": true + }, { "file": "test_data/go.mod", "line": "174", - "message": "Denial of service in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-69cg-p879-7622", + "message": "Excessive memory growth in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-xrjj-mj9h-534m", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-69cg-p879-7622", + "issueUrl": "https://osv.dev/GHSA-xrjj-mj9h-534m", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Denial of service via crafted HTTP/2 stream in net/http and 'golang.org/x/net'. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-vvpx-j8f3-3w6h", + "message": "Unbounded memory growth in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-vc3p-29h2-gpcp", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-vvpx-j8f3-3w6h", + "issueUrl": "https://osv.dev/GHSA-vc3p-29h2-gpcp", "targetType": "lockfile", "isSecurity": true }, @@ -1495,87 +1602,87 @@ "file": "test_data/go.mod", "line": "174", "message": "HTTP/2 Stream Cancellation Attack. Current version of 'golang.org/x/net' is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-2m7v-gc89-fjqf", + "code": "GHSA-qppj-fm5r-hxr3", "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-2m7v-gc89-fjqf", + "issueUrl": "https://osv.dev/GHSA-qppj-fm5r-hxr3", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Improper rendering of text nodes in golang.org/x/net/html. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-2wrh-6pvc-2jm9", + "message": "Panic due to large headers in net/http and golang.org/x/net/http/httpguts. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-h86h-8ppg-mxmh", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-2wrh-6pvc-2jm9", + "issueUrl": "https://osv.dev/GHSA-h86h-8ppg-mxmh", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "HTTP/2 rapid reset can cause excessive work in net/http. Current version of 'golang.org/x/net' is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-4374-p667-p6c8", + "message": "Infinite loop when parsing inputs in golang.org/x/net/html. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-83g2-8m93-v3w7", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-4374-p667-p6c8", + "issueUrl": "https://osv.dev/GHSA-83g2-8m93-v3w7", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "HTTP/2 CONTINUATION flood in net/http. Current version of 'golang.org/x/net' is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-4v7x-pqxf-cx7m", + "message": "Denial of service in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-69cg-p879-7622", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-4v7x-pqxf-cx7m", + "issueUrl": "https://osv.dev/GHSA-69cg-p879-7622", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Excessive memory growth in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-xrjj-mj9h-534m", + "message": "HTTP/2 CONTINUATION flood in net/http. Current version of 'golang.org/x/net' is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-4v7x-pqxf-cx7m", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-xrjj-mj9h-534m", + "issueUrl": "https://osv.dev/GHSA-4v7x-pqxf-cx7m", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Infinite loop when parsing inputs in golang.org/x/net/html. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-83g2-8m93-v3w7", + "message": "HTTP/2 rapid reset can cause excessive work in net/http. Current version of 'golang.org/x/net' is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-4374-p667-p6c8", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-83g2-8m93-v3w7", + "issueUrl": "https://osv.dev/GHSA-4374-p667-p6c8", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Panic due to large headers in net/http and golang.org/x/net/http/httpguts. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-h86h-8ppg-mxmh", + "message": "Improper rendering of text nodes in golang.org/x/net/html. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-2wrh-6pvc-2jm9", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-h86h-8ppg-mxmh", + "issueUrl": "https://osv.dev/GHSA-2wrh-6pvc-2jm9", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Unbounded memory growth in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-vc3p-29h2-gpcp", + "message": "Denial of service via crafted HTTP/2 stream in net/http and 'golang.org/x/net'. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-vvpx-j8f3-3w6h", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-vc3p-29h2-gpcp", + "issueUrl": "https://osv.dev/GHSA-vvpx-j8f3-3w6h", "targetType": "lockfile", "isSecurity": true }, @@ -1593,22 +1700,22 @@ { "file": "test_data/go.mod", "line": "179", - "message": "Denial of service from HTTP/2 Rapid Reset in 'google.golang.org/grpc'. Current version is vulnerable: 1.23.0.", - "code": "GHSA-m425-mq94-257g", - "level": "LEVEL_HIGH", + "message": "HTTP/2 Stream Cancellation Attack. Current version of 'google.golang.org/grpc' is vulnerable: 1.23.0.", + "code": "GHSA-qppj-fm5r-hxr3", + "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-m425-mq94-257g", + "issueUrl": "https://osv.dev/GHSA-qppj-fm5r-hxr3", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "179", - "message": "HTTP/2 Stream Cancellation Attack. Current version of 'google.golang.org/grpc' is vulnerable: 1.23.0.", - "code": "GHSA-2m7v-gc89-fjqf", - "level": "LEVEL_MEDIUM", + "message": "Denial of service from HTTP/2 Rapid Reset in 'google.golang.org/grpc'. Current version is vulnerable: 1.23.0.", + "code": "GHSA-m425-mq94-257g", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-2m7v-gc89-fjqf", + "issueUrl": "https://osv.dev/GHSA-m425-mq94-257g", "targetType": "lockfile", "isSecurity": true }, @@ -1648,99 +1755,99 @@ { "file": "test_data/requirements.txt", "line": "1", - "message": "'Pillow' buffer overflow vulnerability. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.3.0 or higher.", - "code": "GHSA-44wm-f244-xhp3", - "level": "LEVEL_MEDIUM", + "message": "Arbitrary Code Execution in 'Pillow'. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.2.0 or higher.", + "code": "GHSA-3f63-hfp8-52jq", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-44wm-f244-xhp3", + "issueUrl": "https://osv.dev/GHSA-3f63-hfp8-52jq", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "'Pillow' before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 9.2.0 or higher.", - "code": "GHSA-m2vv-5vj5-2hm7", + "message": "'Pillow' versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 (previously CVE-2023-4863). 'Pillow' v10.0.1 upgrades the bundled libwebp binary to v1.3.2. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", + "code": "PYSEC-2023-175", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-m2vv-5vj5-2hm7", + "issueUrl": "https://osv.dev/PYSEC-2023-175", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "Invalid-free in _dealloc. Current version of 'pillow' is vulnerable: 9.1.1.", - "code": "OSV-2022-1074", - "level": "LEVEL_HIGH", + "message": "'Pillow' buffer overflow vulnerability. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.3.0 or higher.", + "code": "GHSA-44wm-f244-xhp3", + "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/OSV-2022-1074", + "issueUrl": "https://osv.dev/GHSA-44wm-f244-xhp3", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "Segv on unknown address in jpeg_read_scanlines. Current version of 'pillow' is vulnerable: 9.1.1.", - "code": "OSV-2022-715", + "message": "Bundled libwebp in 'Pillow' vulnerable. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", + "code": "GHSA-56pw-mpj4-fxww", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/OSV-2022-715", + "issueUrl": "https://osv.dev/GHSA-56pw-mpj4-fxww", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "libwebp: OOB write in BuildHuffmanTable. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", - "code": "GHSA-j7hp-h8jx-5ppr", + "message": "An issue was discovered in 'Pillow' before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.0 or higher.", + "code": "GHSA-8ghj-p4vj-mr35", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-j7hp-h8jx-5ppr", + "issueUrl": "https://osv.dev/GHSA-8ghj-p4vj-mr35", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "An issue was discovered in 'Pillow' before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.0 or higher.", - "code": "GHSA-8ghj-p4vj-mr35", + "message": "libwebp: OOB write in BuildHuffmanTable. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", + "code": "GHSA-j7hp-h8jx-5ppr", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-8ghj-p4vj-mr35", + "issueUrl": "https://osv.dev/GHSA-j7hp-h8jx-5ppr", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "Bundled libwebp in 'Pillow' vulnerable. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", - "code": "GHSA-56pw-mpj4-fxww", + "message": "'Pillow' before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 9.2.0 or higher.", + "code": "GHSA-m2vv-5vj5-2hm7", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-56pw-mpj4-fxww", + "issueUrl": "https://osv.dev/GHSA-m2vv-5vj5-2hm7", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "'Pillow' versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 (previously CVE-2023-4863). 'Pillow' v10.0.1 upgrades the bundled libwebp binary to v1.3.2. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", - "code": "PYSEC-2023-175", + "message": "Invalid-free in _dealloc. Current version of 'pillow' is vulnerable: 9.1.1.", + "code": "OSV-2022-1074", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/PYSEC-2023-175", + "issueUrl": "https://osv.dev/OSV-2022-1074", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "Arbitrary Code Execution in 'Pillow'. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.2.0 or higher.", - "code": "GHSA-3f63-hfp8-52jq", + "message": "Segv on unknown address in jpeg_read_scanlines. Current version of 'pillow' is vulnerable: 9.1.1.", + "code": "OSV-2022-715", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-3f63-hfp8-52jq", + "issueUrl": "https://osv.dev/OSV-2022-715", "targetType": "lockfile", "isSecurity": true }, @@ -1758,11 +1865,11 @@ { "file": "test_data/requirements.txt", "line": "2", - "message": "'Langchain' 0.0.171 is vulnerable to Arbitrary code execution in load_prompt. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", - "code": "GHSA-6643-h7h5-x9wh", + "message": "'Langchain' 0.0.171 is vulnerable to Arbitrary Code Execution. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.225 or higher.", + "code": "GHSA-x32c-59v5-h7fg", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-6643-h7h5-x9wh", + "issueUrl": "https://osv.dev/GHSA-x32c-59v5-h7fg", "targetType": "lockfile", "isSecurity": true }, @@ -1780,44 +1887,66 @@ { "file": "test_data/requirements.txt", "line": "2", - "message": "'langchain' vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.312 or higher.", - "code": "GHSA-7gfq-f96f-g85j", + "message": "'Langchain' 0.0.171 is vulnerable to Arbitrary code execution in load_prompt. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "GHSA-6643-h7h5-x9wh", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-7gfq-f96f-g85j", + "issueUrl": "https://osv.dev/GHSA-6643-h7h5-x9wh", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "2", - "message": "SQL injection vulnerability in 'langchain' v.0.0.64 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", - "code": "GHSA-7q94-qpjr-xpgm", + "message": "'LangChain' before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.317 or higher.", + "code": "GHSA-655w-fm8m-m478", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-7q94-qpjr-xpgm", + "issueUrl": "https://osv.dev/GHSA-655w-fm8m-m478", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "2", - "message": "An issue in Harrison Chase 'langchain' v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.195 or higher.", - "code": "GHSA-92j5-3459-qgp4", + "message": "An issue in 'langchain' v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "GHSA-57fc-8q82-gfp3", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-92j5-3459-qgp4", + "issueUrl": "https://osv.dev/GHSA-57fc-8q82-gfp3", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "2", - "message": "'Langchain' 0.0.171 is vulnerable to Arbitrary Code Execution. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.225 or higher.", - "code": "GHSA-x32c-59v5-h7fg", + "message": "An issue in 'langchain' v.0.0.199 allows an attacker to execute arbitrary code via the PALChain in the python exec method. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "GHSA-2qmj-7962-cjq8", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-x32c-59v5-h7fg", + "issueUrl": "https://osv.dev/GHSA-2qmj-7962-cjq8", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "SQL injection vulnerability in 'langchain' v.0.0.64 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "GHSA-7q94-qpjr-xpgm", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-7q94-qpjr-xpgm", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "An issue in Harrison Chase 'langchain' v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.195 or higher.", + "code": "GHSA-92j5-3459-qgp4", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-92j5-3459-qgp4", "targetType": "lockfile", "isSecurity": true }, @@ -1890,33 +2019,11 @@ { "file": "test_data/requirements.txt", "line": "2", - "message": "An issue in 'langchain' v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", - "code": "GHSA-57fc-8q82-gfp3", - "level": "LEVEL_HIGH", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-57fc-8q82-gfp3", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/requirements.txt", - "line": "2", - "message": "An issue in 'langchain' v.0.0.199 allows an attacker to execute arbitrary code via the PALChain in the python exec method. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", - "code": "GHSA-2qmj-7962-cjq8", - "level": "LEVEL_HIGH", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-2qmj-7962-cjq8", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/requirements.txt", - "line": "2", - "message": "'LangChain' before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.317 or higher.", - "code": "GHSA-655w-fm8m-m478", + "message": "'langchain' vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.312 or higher.", + "code": "GHSA-7gfq-f96f-g85j", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-655w-fm8m-m478", + "issueUrl": "https://osv.dev/GHSA-7gfq-f96f-g85j", "targetType": "lockfile", "isSecurity": true } diff --git a/linters/pyright/plugin.yaml b/linters/pyright/plugin.yaml index 9939a4d07..9625a550f 100644 --- a/linters/pyright/plugin.yaml +++ b/linters/pyright/plugin.yaml @@ -19,7 +19,7 @@ lint: success_codes: [0, 1] read_output_from: stdout batch: true - cache_results: true + cache_results: false parser: runtime: python run: python3 ${plugin}/linters/pyright/pyright_to_sarif.py diff --git a/linters/pyright/test_data/pyright_v1.1.378_basic.check.shot b/linters/pyright/test_data/pyright_v1.1.378_basic.check.shot new file mode 100644 index 000000000..1d230608a --- /dev/null +++ b/linters/pyright/test_data/pyright_v1.1.378_basic.check.shot @@ -0,0 +1,226 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing linter pyright test basic 1`] = ` +{ + "issues": [ + { + "code": "reportAttributeAccessIssue", + "column": "57", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportAttributeAccessIssue", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "pyright", + "message": ""Enum" is unknown import symbol", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "4", + "offset": "56", + }, + ], + "targetType": "python", + }, + { + "column": "13", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#", + "level": "LEVEL_LOW", + "line": "15", + "linter": "pyright", + "message": "Type of "a.x" is "int | str"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "3", + "offset": "384", + }, + ], + "targetType": "python", + }, + { + "code": "reportAttributeAccessIssue", + "column": "3", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportAttributeAccessIssue", + "level": "LEVEL_HIGH", + "line": "18", + "linter": "pyright", + "message": "Cannot assign to attribute "x" for class "A" +  Expression of type "float" cannot be assigned to attribute "x" of class "A" +    Type "float" is not assignable to type "int | str" +      "float" is not assignable to "int" +      "float" is not assignable to "str"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "1", + "offset": "462", + }, + ], + "targetType": "python", + }, + { + "code": "reportUndefinedVariable", + "column": "8", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportUndefinedVariable", + "level": "LEVEL_HIGH", + "line": "24", + "linter": "pyright", + "message": ""ClassVar" is not defined", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "8", + "offset": "602", + }, + ], + "targetType": "python", + }, + { + "code": "reportAttributeAccessIssue", + "column": "9", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportAttributeAccessIssue", + "level": "LEVEL_HIGH", + "line": "31", + "linter": "pyright", + "message": "Cannot access attribute "z" for class "type[A]" +  Attribute "z" is unknown", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "1", + "offset": "742", + }, + ], + "targetType": "python", + }, + { + "code": "reportReturnType", + "column": "29", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportReturnType", + "level": "LEVEL_HIGH", + "line": "39", + "linter": "pyright", + "message": "Function with declared return type "bool" must return value on all code paths +  "None" is not assignable to "bool"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "4", + "offset": "864", + }, + ], + "targetType": "python", + }, + { + "code": "reportReturnType", + "column": "12", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportReturnType", + "level": "LEVEL_HIGH", + "line": "5", + "linter": "pyright", + "message": "Type "int" is not assignable to return type "str" +  "int" is not assignable to "str"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "1", + "offset": "105", + }, + ], + "targetType": "python", + }, + { + "column": "25", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#", + "level": "LEVEL_LOW", + "line": "51", + "linter": "pyright", + "message": "Type of "val" is "int"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "3", + "offset": "1128", + }, + ], + "targetType": "python", + }, + { + "column": "39", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#", + "level": "LEVEL_LOW", + "line": "54", + "linter": "pyright", + "message": "Type of "val" is "int"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "3", + "offset": "1244", + }, + ], + "targetType": "python", + }, + { + "code": "reportRedeclaration", + "column": "7", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportRedeclaration", + "level": "LEVEL_HIGH", + "line": "7", + "linter": "pyright", + "message": "Class declaration "A" is obscured by a declaration of the same name", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "1", + "offset": "183", + }, + ], + "targetType": "python", + }, + ], + "lintActions": [ + { + "command": "lint", + "fileGroupName": "python", + "linter": "pyright", + "paths": [ + "test_data/basic.in.py", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "lint", + "fileGroupName": "python", + "linter": "pyright", + "paths": [ + "test_data/basic.in.py", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [], +} +`; diff --git a/linters/regal/test_data/regal_v0.26.0_basic.check.shot b/linters/regal/test_data/regal_v0.26.0_basic.check.shot new file mode 100644 index 000000000..f848c5b2b --- /dev/null +++ b/linters/regal/test_data/regal_v0.26.0_basic.check.shot @@ -0,0 +1,101 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing linter regal test basic 1`] = ` +{ + "issues": [ + { + "code": "opa-fmt", + "column": "1", + "file": "test_data/basic.in.rego", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "regal", + "message": "File should be formatted with \`opa fmt\`", + "targetType": "rego", + }, + { + "code": "directory-package-mismatch", + "column": "9", + "file": "test_data/basic.in.rego", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "regal", + "message": "Directory structure should mirror package", + "targetType": "rego", + }, + { + "code": "prefer-snake-case", + "column": "1", + "file": "test_data/basic.in.rego", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "12", + "linter": "regal", + "message": "Prefer snake_case for names", + "ranges": [ + { + "filePath": "test_data/basic.in.rego", + "length": "10", + "offset": "119", + }, + ], + "targetType": "rego", + }, + { + "code": "non-raw-regex-pattern", + "column": "27", + "file": "test_data/basic.in.rego", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "12", + "linter": "regal", + "message": "Use raw strings for regex patterns", + "ranges": [ + { + "filePath": "test_data/basic.in.rego", + "length": "18", + "offset": "145", + }, + ], + "targetType": "rego", + }, + { + "code": "use-assignment-operator", + "column": "15", + "file": "test_data/basic.in.rego", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "5", + "linter": "regal", + "message": "Prefer := over = for assignment", + "targetType": "rego", + }, + ], + "lintActions": [ + { + "command": "lint", + "fileGroupName": "rego", + "linter": "regal", + "paths": [ + "test_data/basic.in.rego", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "lint", + "fileGroupName": "rego", + "linter": "regal", + "paths": [ + "test_data/basic.in.rego", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [], +} +`; diff --git a/linters/squawk/plugin.yaml b/linters/squawk/plugin.yaml new file mode 100644 index 000000000..23ad5f8ac --- /dev/null +++ b/linters/squawk/plugin.yaml @@ -0,0 +1,38 @@ +version: 0.1 +tools: + definitions: + - name: squawk + runtime: node + package: squawk-cli + # First version to include Windows install and linux arm64 + known_good_version: 1.4.0 + shims: [squawk] +lint: + definitions: + - name: squawk + description: A linter for Postgres migrations + files: [sql] + tools: [squawk] + known_good_version: 1.4.0 + suggest_if: config_present + direct_configs: [.squawk.toml] + commands: + - name: lint + platforms: [windows] + run: ${linter}/node_modules/squawk-cli/js/binaries/squawk --reporter Gcc ${target} + output: regex + success_codes: [0, 1] + batch: true + cache_results: true + parse_regex: + "(?P.*):(?P\\d+):(?P\\d+): (?P\\S*) (?P\\S*) + (?P.*)" + - name: lint + run: squawk --reporter Gcc ${target} + output: regex + success_codes: [0, 1] + batch: true + cache_results: true + parse_regex: + "(?P.*):(?P\\d+):(?P\\d+): (?P\\S*) (?P\\S*) + (?P.*)" diff --git a/linters/squawk/squawk.test.ts b/linters/squawk/squawk.test.ts new file mode 100644 index 000000000..f279b9c19 --- /dev/null +++ b/linters/squawk/squawk.test.ts @@ -0,0 +1,12 @@ +import semver from "semver"; +import { linterCheckTest } from "tests"; + +// Squawk first supported linux arm in 1.4.0 https://github.com/sbdchd/squawk/issues/372 +linterCheckTest({ + linterName: "squawk", + skipTestIf: (version) => + process.arch === "arm64" && + process.platform === "linux" && + version !== undefined && + semver.lt(version, "1.4.0"), +}); diff --git a/linters/squawk/test_data/basic.in.sql b/linters/squawk/test_data/basic.in.sql new file mode 100644 index 000000000..2476e616d --- /dev/null +++ b/linters/squawk/test_data/basic.in.sql @@ -0,0 +1,8 @@ +CREATE TABLE "core_bar" ( + "id" serial NOT NULL PRIMARY KEY, + "alpha" varchar(100) NOT NULL +); + +CREATE INDEX "field_name_idx" ON "table_name" ("field_name"); + +ALTER TABLE table_name ADD CONSTRAINT field_name_constraint UNIQUE (field_name); diff --git a/linters/squawk/test_data/squawk_v1.4.0_basic.check.shot b/linters/squawk/test_data/squawk_v1.4.0_basic.check.shot new file mode 100644 index 000000000..16e369f92 --- /dev/null +++ b/linters/squawk/test_data/squawk_v1.4.0_basic.check.shot @@ -0,0 +1,125 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`Testing linter squawk test basic 1`] = ` +{ + "issues": [ + { + "code": "prefer-big-int", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "squawk", + "message": "Hitting the max 32 bit integer is possible and may break your application. Use 64bit integer values instead to prevent hitting this limit.", + "targetType": "sql", + }, + { + "code": "prefer-bigint-over-int", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "squawk", + "message": "Hitting the max 32 bit integer is possible and may break your application. Use 64bit integer values instead to prevent hitting this limit.", + "targetType": "sql", + }, + { + "code": "prefer-identity", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "squawk", + "message": "Serial types have confusing behaviors that make schema management difficult. Use identity columns instead for more features and better usability.", + "targetType": "sql", + }, + { + "code": "prefer-robust-stmts", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "squawk", + "message": "Consider wrapping in a transaction or adding a IF NOT EXISTS clause if the statement supports it.", + "targetType": "sql", + }, + { + "code": "prefer-text-field", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "squawk", + "message": "Changing the size of a varchar field requires an ACCESS EXCLUSIVE lock. Use a text field with a check constraint.", + "targetType": "sql", + }, + { + "code": "prefer-robust-stmts", + "column": "2", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "5", + "linter": "squawk", + "message": "Consider wrapping in a transaction or adding a IF NOT EXISTS clause if the statement supports it.", + "targetType": "sql", + }, + { + "code": "require-concurrent-index-creation", + "column": "2", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "5", + "linter": "squawk", + "message": "Creating an index blocks writes. Create the index CONCURRENTLY.", + "targetType": "sql", + }, + { + "code": "disallowed-unique-constraint", + "column": "2", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "7", + "linter": "squawk", + "message": "Adding a UNIQUE constraint requires an ACCESS EXCLUSIVE lock which blocks reads. Create an index CONCURRENTLY and create the constraint using the index.", + "targetType": "sql", + }, + { + "code": "prefer-robust-stmts", + "column": "2", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "7", + "linter": "squawk", + "message": "Consider wrapping in a transaction or adding a IF NOT EXISTS clause if the statement supports it.", + "targetType": "sql", + }, + ], + "lintActions": [ + { + "command": "lint", + "fileGroupName": "sql", + "linter": "squawk", + "paths": [ + "test_data/basic.in.sql", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "lint", + "fileGroupName": "sql", + "linter": "squawk", + "paths": [ + "test_data/basic.in.sql", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [], +} +`; diff --git a/linters/terrascan/terrascan.test.ts b/linters/terrascan/terrascan.test.ts index 8089ac57c..5aadbec40 100644 --- a/linters/terrascan/terrascan.test.ts +++ b/linters/terrascan/terrascan.test.ts @@ -20,4 +20,5 @@ const preCheck = (driver: TrunkLintDriver) => { driver.writeFile(trunkYamlPath, newContents); }; -linterCheckTest({ linterName: "terrascan", preCheck }); +// TODO(Tyler): Fix flakiness with this test. +linterCheckTest({ linterName: "terrascan", preCheck, skipTestIf: () => true }); diff --git a/linters/trunk-toolbox/plugin.yaml b/linters/trunk-toolbox/plugin.yaml index 5be873d4a..561c98a7d 100644 --- a/linters/trunk-toolbox/plugin.yaml +++ b/linters/trunk-toolbox/plugin.yaml @@ -2,7 +2,7 @@ version: 0.1 downloads: - name: trunk-toolbox - version: 0.3.1 + version: 0.4.1 downloads: - os: linux: unknown-linux-gnu @@ -17,21 +17,30 @@ tools: - name: trunk-toolbox download: trunk-toolbox shims: [trunk-toolbox] - known_good_version: 0.3.1 + known_good_version: 0.4.1 lint: definitions: - name: trunk-toolbox + description: Repository level linting tools main_tool: trunk-toolbox files: [ALL] - description: Collection of universal linting tools commands: - name: lint - run: trunk-toolbox --upstream=${upstream-ref} --results=${tmpfile} ${target} + version: ">=0.4.1" + run: + trunk-toolbox --upstream=${upstream-ref} --cache-dir=${cachedir} --results=${tmpfile} + ${target} output: sarif batch: true success_codes: [0] read_output_from: tmp_file + - name: lint + run: trunk-toolbox --upstream=${upstream-ref} --results=${tmpfile} ${target} + output: sarif + batch: true + success_codes: [0] disable_upstream: true + read_output_from: tmp_file suggest_if: never version_command: parse_regex: ${semver} diff --git a/linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot b/linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot new file mode 100644 index 000000000..8948a64ac --- /dev/null +++ b/linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot @@ -0,0 +1,85 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`Testing linter trunk-toolbox test do_not_land 1`] = ` +{ + "issues": [ + { + "code": "do-not-land", + "column": "3", + "file": "test_data/do_not_land.in.txt", + "issueClass": "ISSUE_CLASS_NEW", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "trunk-toolbox", + "message": "Found 'DONOTLAND'", + "ranges": [ + { + "filePath": "test_data/do_not_land.in.txt", + "length": "9", + "offset": "2", + }, + ], + "targetType": "ALL", + }, + { + "code": "do-not-land", + "column": "3", + "file": "test_data/do_not_land.in.txt", + "issueClass": "ISSUE_CLASS_NEW", + "level": "LEVEL_HIGH", + "line": "2", + "linter": "trunk-toolbox", + "message": "Found 'do-not-land'", + "ranges": [ + { + "filePath": "test_data/do_not_land.in.txt", + "length": "11", + "offset": "14", + }, + ], + "targetType": "ALL", + }, + { + "code": "do-not-land", + "column": "3", + "file": "test_data/do_not_land.in.txt", + "issueClass": "ISSUE_CLASS_NEW", + "level": "LEVEL_HIGH", + "line": "3", + "linter": "trunk-toolbox", + "message": "Found 'do_not_land'", + "ranges": [ + { + "filePath": "test_data/do_not_land.in.txt", + "length": "11", + "offset": "28", + }, + ], + "targetType": "ALL", + }, + ], + "lintActions": [ + { + "command": "lint", + "fileGroupName": "ALL", + "linter": "trunk-toolbox", + "paths": [ + "test_data/do_not_land.in.txt", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "lint", + "fileGroupName": "ALL", + "linter": "trunk-toolbox", + "paths": [ + "test_data/do_not_land.in.txt", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [], +} +`; diff --git a/package-lock.json b/package-lock.json index b16999191..a70970f63 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11,24 +11,24 @@ "@jest/console": "^29.4.1", "@jest/reporters": "^29.4.1", "@jest/test-result": "^29.4.1", - "@trunkio/launcher": "^1.3.1", + "@trunkio/launcher": "^1.3.2", "@types/caller": "^1.0.2", "@types/debug": "^4.1.12", - "@types/jest": "^29.5.12", + "@types/jest": "^29.5.13", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.4.0", + "@types/node": "^22.7.4", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.1.0", - "@typescript-eslint/parser": "^8.1.0", + "@typescript-eslint/eslint-plugin": "^8.7.0", + "@typescript-eslint/parser": "^8.7.0", "caller": "^1.1.0", - "debug": "^4.3.6", + "debug": "^4.3.7", "eslint": "^8.57.0", "eslint-config-prettier": "^9.1.0", - "eslint-import-resolver-typescript": "^3.5.2", - "eslint-plugin-import": "^2.29.1", - "eslint-plugin-import-x": "^3.1.0", - "eslint-plugin-jest": "^28.8.0", - "eslint-plugin-n": "^17.10.2", + "eslint-import-resolver-typescript": "^3.6.3", + "eslint-plugin-import": "^2.30.0", + "eslint-plugin-import-x": "^4.3.0", + "eslint-plugin-jest": "^28.8.3", + "eslint-plugin-n": "^17.10.3", "eslint-plugin-prettier": "^5.2.1", "eslint-plugin-simple-import-sort": "^12.1.1", "fast-sort": "^3.4.1", @@ -36,13 +36,13 @@ "jest-junit": "^16.0.0", "jest-specific-snapshot": "^8.0.0", "semver": "^7.6.3", - "simple-git": "^3.25.0", - "ts-jest": "^29.2.4", + "simple-git": "^3.27.0", + "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", - "typescript": "^5.5.4", - "typescript-eslint": "^8.1.0", - "yaml": "^2.5.0" + "typescript": "^5.6.2", + "typescript-eslint": "^8.7.0", + "yaml": "^2.5.1" }, "engines": { "node": ">=16" @@ -1177,6 +1177,15 @@ "node": ">= 8" } }, + "node_modules/@nolyfill/is-core-module": { + "version": "1.0.39", + "resolved": "https://registry.npmjs.org/@nolyfill/is-core-module/-/is-core-module-1.0.39.tgz", + "integrity": "sha512-nn5ozdjYQpUCZlWGuxcJY/KpxkWQs4DcbMCmKojjyrYDEAGy4Ce19NN4v5MduafTwJlbKc99UA8YhSVqq9yPZA==", + "dev": true, + "engines": { + "node": ">=12.4.0" + } + }, "node_modules/@pkgr/core": { "version": "0.1.1", "resolved": "https://registry.npmjs.org/@pkgr/core/-/core-0.1.1.tgz", @@ -1189,6 +1198,12 @@ "url": "https://opencollective.com/unts" } }, + "node_modules/@rtsao/scc": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@rtsao/scc/-/scc-1.1.0.tgz", + "integrity": "sha512-zt6OdqaDoOnJ1ZYsCYGt9YmWzDXl4vQdKTyJev62gFhRGKdx7mcT54V9KIjg+d2wi9EXsPvAPKe7i7WjfVWB8g==", + "dev": true + }, "node_modules/@sinclair/typebox": { "version": "0.27.8", "dev": true, @@ -1211,17 +1226,17 @@ } }, "node_modules/@trunkio/launcher": { - "version": "1.3.1", + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@trunkio/launcher/-/launcher-1.3.2.tgz", + "integrity": "sha512-b5XTWaCjfXDk1wrFKutBqhoc3jVBEjD6l36aUc9AI+QFWWOqX5bLjkgOMAa2krN1QqAjP834wDYIW4n3PvXhCA==", "dev": true, - "license": "ISC", "dependencies": { "semver": "^7.5.4", "tar": "^6.2.0", "yaml": "^2.2.0" }, "bin": { - "trunk": "trunk.js", - "trunk_bash": "trunk" + "trunk": "trunk.js" }, "engines": { "node": ">=18.0.0" @@ -1327,9 +1342,10 @@ } }, "node_modules/@types/jest": { - "version": "29.5.12", + "version": "29.5.13", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.13.tgz", + "integrity": "sha512-wd+MVEZCHt23V0/L642O5APvspWply/rGY5BcW4SUETo2UzPU3Z26qr8jC2qxpimI2jjx9h7+2cj2FwIr01bXg==", "dev": true, - "license": "MIT", "dependencies": { "expect": "^29.0.0", "pretty-format": "^29.0.0" @@ -1354,9 +1370,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "22.4.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.4.0.tgz", - "integrity": "sha512-49AbMDwYUz7EXxKU/r7mXOsxwFr4BYbvB7tWYxVuLdb2ibd30ijjXINSMAHiEEZk5PCRBmW1gUeisn2VMKt3cQ==", + "version": "22.7.4", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.7.4.tgz", + "integrity": "sha512-y+NPi1rFzDs1NdQHHToqeiX2TIS79SWEAw9GYhkkx8bD0ChpfqC+n2j5OXOCpzfojBEBt6DnEnnG9MY0zk1XLg==", "dev": true, "dependencies": { "undici-types": "~6.19.2" @@ -1387,16 +1403,16 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.1.0.tgz", - "integrity": "sha512-LlNBaHFCEBPHyD4pZXb35mzjGkuGKXU5eeCA1SxvHfiRES0E82dOounfVpL4DCqYvJEKab0bZIA0gCRpdLKkCw==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.7.0.tgz", + "integrity": "sha512-RIHOoznhA3CCfSTFiB6kBGLQtB/sox+pJ6jeFu6FxJvqL8qRxq/FfGO/UhsGgQM9oGdXkV4xUgli+dt26biB6A==", "dev": true, "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.1.0", - "@typescript-eslint/type-utils": "8.1.0", - "@typescript-eslint/utils": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", + "@typescript-eslint/scope-manager": "8.7.0", + "@typescript-eslint/type-utils": "8.7.0", + "@typescript-eslint/utils": "8.7.0", + "@typescript-eslint/visitor-keys": "8.7.0", "graphemer": "^1.4.0", "ignore": "^5.3.1", "natural-compare": "^1.4.0", @@ -1419,137 +1435,16 @@ } } }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.1.0.tgz", - "integrity": "sha512-DsuOZQji687sQUjm4N6c9xABJa7fjvfIdjqpSIIVOgaENf2jFXiM9hIBZOL3hb6DHK9Nvd2d7zZnoMLf9e0OtQ==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.1.0.tgz", - "integrity": "sha512-q2/Bxa0gMOu/2/AKALI0tCKbG2zppccnRIRCW6BaaTlRVaPKft4oVYPp7WOPpcnsgbr0qROAVCVKCvIQ0tbWog==", - "dev": true, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.1.0.tgz", - "integrity": "sha512-NTHhmufocEkMiAord/g++gWKb0Fr34e9AExBRdqgWdVBaKoei2dIyYKD9Q0jBnvfbEA5zaf8plUFMUH6kQ0vGg==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", - "debug": "^4.3.4", - "globby": "^11.1.0", - "is-glob": "^4.0.3", - "minimatch": "^9.0.4", - "semver": "^7.6.0", - "ts-api-utils": "^1.3.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependenciesMeta": { - "typescript": { - "optional": true - } - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/utils": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.1.0.tgz", - "integrity": "sha512-ypRueFNKTIFwqPeJBfeIpxZ895PQhNyH4YID6js0UoBImWYoSjBsahUn9KMiJXh94uOjVBgHD9AmkyPsPnFwJA==", - "dev": true, - "dependencies": { - "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.1.0", - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/typescript-estree": "8.1.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependencies": { - "eslint": "^8.57.0 || ^9.0.0" - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.1.0.tgz", - "integrity": "sha512-ba0lNI19awqZ5ZNKh6wCModMwoZs457StTebQ0q1NP58zSi2F6MOZRXwfKZy+jB78JNJ/WH8GSh2IQNzXX8Nag==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.1.0", - "eslint-visitor-keys": "^3.4.3" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/@typescript-eslint/parser": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.1.0.tgz", - "integrity": "sha512-U7iTAtGgJk6DPX9wIWPPOlt1gO57097G06gIcl0N0EEnNw8RGD62c+2/DiP/zL7KrkqnnqF7gtFGR7YgzPllTA==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.7.0.tgz", + "integrity": "sha512-lN0btVpj2unxHlNYLI//BQ7nzbMJYBVQX5+pbNXvGYazdlgYonMn4AhhHifQ+J4fGRYA/m1DjaQjx+fDetqBOQ==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "8.1.0", - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/typescript-estree": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", + "@typescript-eslint/scope-manager": "8.7.0", + "@typescript-eslint/types": "8.7.0", + "@typescript-eslint/typescript-estree": "8.7.0", + "@typescript-eslint/visitor-keys": "8.7.0", "debug": "^4.3.4" }, "engines": { @@ -1568,132 +1463,14 @@ } } }, - "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/scope-manager": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.1.0.tgz", - "integrity": "sha512-DsuOZQji687sQUjm4N6c9xABJa7fjvfIdjqpSIIVOgaENf2jFXiM9hIBZOL3hb6DHK9Nvd2d7zZnoMLf9e0OtQ==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/types": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.1.0.tgz", - "integrity": "sha512-q2/Bxa0gMOu/2/AKALI0tCKbG2zppccnRIRCW6BaaTlRVaPKft4oVYPp7WOPpcnsgbr0qROAVCVKCvIQ0tbWog==", - "dev": true, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.1.0.tgz", - "integrity": "sha512-NTHhmufocEkMiAord/g++gWKb0Fr34e9AExBRdqgWdVBaKoei2dIyYKD9Q0jBnvfbEA5zaf8plUFMUH6kQ0vGg==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", - "debug": "^4.3.4", - "globby": "^11.1.0", - "is-glob": "^4.0.3", - "minimatch": "^9.0.4", - "semver": "^7.6.0", - "ts-api-utils": "^1.3.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependenciesMeta": { - "typescript": { - "optional": true - } - } - }, - "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.1.0.tgz", - "integrity": "sha512-ba0lNI19awqZ5ZNKh6wCModMwoZs457StTebQ0q1NP58zSi2F6MOZRXwfKZy+jB78JNJ/WH8GSh2IQNzXX8Nag==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.1.0", - "eslint-visitor-keys": "^3.4.3" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/parser/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/@typescript-eslint/parser/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/@typescript-eslint/scope-manager": { - "version": "7.17.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.17.0.tgz", - "integrity": "sha512-0P2jTTqyxWp9HiKLu/Vemr2Rg1Xb5B7uHItdVZ6iAenXmPo4SZ86yOPCJwMqpCyaMiEHTNqizHfsbmCFT1x9SA==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "7.17.0", - "@typescript-eslint/visitor-keys": "7.17.0" - }, - "engines": { - "node": "^18.18.0 || >=20.0.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/type-utils": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.1.0.tgz", - "integrity": "sha512-oLYvTxljVvsMnldfl6jIKxTaU7ok7km0KDrwOt1RHYu6nxlhN3TIx8k5Q52L6wR33nOwDgM7VwW1fT1qMNfFIA==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.7.0.tgz", + "integrity": "sha512-87rC0k3ZlDOuz82zzXRtQ7Akv3GKhHs0ti4YcbAJtaomllXoSO8hi7Ix3ccEvCd824dy9aIX+j3d2UMAfCtVpg==", "dev": true, "dependencies": { - "@typescript-eslint/typescript-estree": "8.1.0", - "@typescript-eslint/utils": "8.1.0", - "debug": "^4.3.4", - "ts-api-utils": "^1.3.0" + "@typescript-eslint/types": "8.7.0", + "@typescript-eslint/visitor-keys": "8.7.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1701,56 +1478,17 @@ "funding": { "type": "opencollective", "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependenciesMeta": { - "typescript": { - "optional": true - } } }, - "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/scope-manager": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.1.0.tgz", - "integrity": "sha512-DsuOZQji687sQUjm4N6c9xABJa7fjvfIdjqpSIIVOgaENf2jFXiM9hIBZOL3hb6DHK9Nvd2d7zZnoMLf9e0OtQ==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/types": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.1.0.tgz", - "integrity": "sha512-q2/Bxa0gMOu/2/AKALI0tCKbG2zppccnRIRCW6BaaTlRVaPKft4oVYPp7WOPpcnsgbr0qROAVCVKCvIQ0tbWog==", - "dev": true, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.1.0.tgz", - "integrity": "sha512-NTHhmufocEkMiAord/g++gWKb0Fr34e9AExBRdqgWdVBaKoei2dIyYKD9Q0jBnvfbEA5zaf8plUFMUH6kQ0vGg==", + "node_modules/@typescript-eslint/type-utils": { + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.7.0.tgz", + "integrity": "sha512-tl0N0Mj3hMSkEYhLkjREp54OSb/FI6qyCzfiiclvJvOqre6hsZTGSnHtmFLDU8TIM62G7ygEa1bI08lcuRwEnQ==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", + "@typescript-eslint/typescript-estree": "8.7.0", + "@typescript-eslint/utils": "8.7.0", "debug": "^4.3.4", - "globby": "^11.1.0", - "is-glob": "^4.0.3", - "minimatch": "^9.0.4", - "semver": "^7.6.0", "ts-api-utils": "^1.3.0" }, "engines": { @@ -1766,76 +1504,13 @@ } } }, - "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/utils": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.1.0.tgz", - "integrity": "sha512-ypRueFNKTIFwqPeJBfeIpxZ895PQhNyH4YID6js0UoBImWYoSjBsahUn9KMiJXh94uOjVBgHD9AmkyPsPnFwJA==", - "dev": true, - "dependencies": { - "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.1.0", - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/typescript-estree": "8.1.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependencies": { - "eslint": "^8.57.0 || ^9.0.0" - } - }, - "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.1.0.tgz", - "integrity": "sha512-ba0lNI19awqZ5ZNKh6wCModMwoZs457StTebQ0q1NP58zSi2F6MOZRXwfKZy+jB78JNJ/WH8GSh2IQNzXX8Nag==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.1.0", - "eslint-visitor-keys": "^3.4.3" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/type-utils/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/@typescript-eslint/type-utils/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/@typescript-eslint/types": { - "version": "7.17.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.17.0.tgz", - "integrity": "sha512-a29Ir0EbyKTKHnZWbNsrc/gqfIBqYPwj3F2M+jWE/9bqfEHg0AMtXzkbUkOG6QgEScxh2+Pz9OXe11jHDnHR7A==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.7.0.tgz", + "integrity": "sha512-LLt4BLHFwSfASHSF2K29SZ+ZCsbQOM+LuarPjRUuHm+Qd09hSe3GCeaQbcCr+Mik+0QFRmep/FyZBO6fJ64U3w==", "dev": true, "engines": { - "node": "^18.18.0 || >=20.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "type": "opencollective", @@ -1843,22 +1518,22 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "7.17.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.17.0.tgz", - "integrity": "sha512-72I3TGq93t2GoSBWI093wmKo0n6/b7O4j9o8U+f65TVD0FS6bI2180X5eGEr8MA8PhKMvYe9myZJquUT2JkCZw==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.7.0.tgz", + "integrity": "sha512-MC8nmcGHsmfAKxwnluTQpNqceniT8SteVwd2voYlmiSWGOtjvGXdPl17dYu2797GVscK30Z04WRM28CrKS9WOg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "7.17.0", - "@typescript-eslint/visitor-keys": "7.17.0", + "@typescript-eslint/types": "8.7.0", + "@typescript-eslint/visitor-keys": "8.7.0", "debug": "^4.3.4", - "globby": "^11.1.0", + "fast-glob": "^3.3.2", "is-glob": "^4.0.3", "minimatch": "^9.0.4", "semver": "^7.6.0", "ts-api-utils": "^1.3.0" }, "engines": { - "node": "^18.18.0 || >=20.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "type": "opencollective", @@ -1895,38 +1570,38 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "7.17.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.17.0.tgz", - "integrity": "sha512-r+JFlm5NdB+JXc7aWWZ3fKSm1gn0pkswEwIYsrGPdsT2GjsRATAKXiNtp3vgAAO1xZhX8alIOEQnNMl3kbTgJw==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.7.0.tgz", + "integrity": "sha512-ZbdUdwsl2X/s3CiyAu3gOlfQzpbuG3nTWKPoIvAu1pu5r8viiJvv2NPN2AqArL35NCYtw/lrPPfM4gxrMLNLPw==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "7.17.0", - "@typescript-eslint/types": "7.17.0", - "@typescript-eslint/typescript-estree": "7.17.0" + "@typescript-eslint/scope-manager": "8.7.0", + "@typescript-eslint/types": "8.7.0", + "@typescript-eslint/typescript-estree": "8.7.0" }, "engines": { - "node": "^18.18.0 || >=20.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "type": "opencollective", "url": "https://opencollective.com/typescript-eslint" }, "peerDependencies": { - "eslint": "^8.56.0" + "eslint": "^8.57.0 || ^9.0.0" } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "7.17.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.17.0.tgz", - "integrity": "sha512-RVGC9UhPOCsfCdI9pU++K4nD7to+jTcMIbXTSOcrLqUEW6gF2pU1UUbYJKc9cvcRSK1UDeMJ7pdMxf4bhMpV/A==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.7.0.tgz", + "integrity": "sha512-b1tx0orFCCh/THWPQa2ZwWzvOeyzzp36vkJYOpVg0u8UVOIsfVrnuC9FqAw9gRKn+rG2VmWQ/zDJZzkxUnj/XQ==", "dev": true, "dependencies": { - "@typescript-eslint/types": "7.17.0", + "@typescript-eslint/types": "8.7.0", "eslint-visitor-keys": "^3.4.3" }, "engines": { - "node": "^18.18.0 || >=20.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "type": "opencollective", @@ -2050,26 +1725,32 @@ "license": "Python-2.0" }, "node_modules/array-buffer-byte-length": { - "version": "1.0.0", + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/array-buffer-byte-length/-/array-buffer-byte-length-1.0.1.tgz", + "integrity": "sha512-ahC5W1xgou+KTXix4sAO8Ki12Q+jf4i0+tmk3sC+zgcynshkHxzpXdImBehiUYKKKDwvfFiJl1tZt6ewscS1Mg==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "is-array-buffer": "^3.0.1" + "call-bind": "^1.0.5", + "is-array-buffer": "^3.0.4" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" } }, "node_modules/array-includes": { - "version": "3.1.7", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/array-includes/-/array-includes-3.1.8.tgz", + "integrity": "sha512-itaWrbYbqpGXkGhZPGUulwnhVf5Hpy1xiCFsGqyIGglbBxmG5vSjxQen3/WGOjPpNEv1RtBLKxbmVXm8HpJStQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "es-abstract": "^1.22.1", - "get-intrinsic": "^1.2.1", + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-abstract": "^1.23.2", + "es-object-atoms": "^1.0.0", + "get-intrinsic": "^1.2.4", "is-string": "^1.0.7" }, "engines": { @@ -2079,24 +1760,18 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/array-union": { - "version": "2.1.0", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, "node_modules/array.prototype.findlastindex": { - "version": "1.2.3", + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/array.prototype.findlastindex/-/array.prototype.findlastindex-1.2.5.tgz", + "integrity": "sha512-zfETvRFA8o7EiNn++N5f/kaCw221hrpGsDmcpndVupkPzEc1Wuf3VgC0qby1BbHs7f5DVYjgtEU2LLh5bqeGfQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "es-abstract": "^1.22.1", - "es-shim-unscopables": "^1.0.0", - "get-intrinsic": "^1.2.1" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-abstract": "^1.23.2", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.0.0", + "es-shim-unscopables": "^1.0.2" }, "engines": { "node": ">= 0.4" @@ -2140,15 +1815,18 @@ } }, "node_modules/arraybuffer.prototype.slice": { - "version": "1.0.1", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/arraybuffer.prototype.slice/-/arraybuffer.prototype.slice-1.0.3.tgz", + "integrity": "sha512-bMxMKAjg13EBSVscxTaYA4mRc5t1UAXa2kXiGTNfZ079HIWXEkKmkgFrh/nJqamaLSrXO5H4WFFkPEaLJWbs3A==", "dev": true, - "license": "MIT", "dependencies": { - "array-buffer-byte-length": "^1.0.0", - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "get-intrinsic": "^1.2.1", - "is-array-buffer": "^3.0.2", + "array-buffer-byte-length": "^1.0.1", + "call-bind": "^1.0.5", + "define-properties": "^1.2.1", + "es-abstract": "^1.22.3", + "es-errors": "^1.2.1", + "get-intrinsic": "^1.2.3", + "is-array-buffer": "^3.0.4", "is-shared-array-buffer": "^1.0.2" }, "engines": { @@ -2165,9 +1843,13 @@ "dev": true }, "node_modules/available-typed-arrays": { - "version": "1.0.5", + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/available-typed-arrays/-/available-typed-arrays-1.0.7.tgz", + "integrity": "sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==", "dev": true, - "license": "MIT", + "dependencies": { + "possible-typed-array-names": "^1.0.0" + }, "engines": { "node": ">= 0.4" }, @@ -2338,12 +2020,19 @@ "license": "MIT" }, "node_modules/call-bind": { - "version": "1.0.2", + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", + "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==", "dev": true, - "license": "MIT", "dependencies": { - "function-bind": "^1.1.1", - "get-intrinsic": "^1.0.2" + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "set-function-length": "^1.2.1" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -2520,13 +2209,64 @@ "node": ">= 8" } }, + "node_modules/data-view-buffer": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/data-view-buffer/-/data-view-buffer-1.0.1.tgz", + "integrity": "sha512-0lht7OugA5x3iJLOWFhWK/5ehONdprk0ISXqVFn/NFrDu+cuc8iADFrGQz5BnRK7LLU3JmkbXSxaqX+/mXYtUA==", + "dev": true, + "dependencies": { + "call-bind": "^1.0.6", + "es-errors": "^1.3.0", + "is-data-view": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/data-view-byte-length": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/data-view-byte-length/-/data-view-byte-length-1.0.1.tgz", + "integrity": "sha512-4J7wRJD3ABAzr8wP+OcIcqq2dlUKp4DVflx++hs5h5ZKydWMI6/D/fAot+yh6g2tHh8fLFTvNOaVN357NvSrOQ==", + "dev": true, + "dependencies": { + "call-bind": "^1.0.7", + "es-errors": "^1.3.0", + "is-data-view": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/data-view-byte-offset": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/data-view-byte-offset/-/data-view-byte-offset-1.0.0.tgz", + "integrity": "sha512-t/Ygsytq+R995EJ5PZlD4Cu56sWa8InXySaViRzw9apusqsOO2bQP+SbYzAhR0pFKoB+43lYy8rWban9JSuXnA==", + "dev": true, + "dependencies": { + "call-bind": "^1.0.6", + "es-errors": "^1.3.0", + "is-data-view": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/debug": { - "version": "4.3.6", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.6.tgz", - "integrity": "sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==", + "version": "4.3.7", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.7.tgz", + "integrity": "sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ==", "dev": true, "dependencies": { - "ms": "2.1.2" + "ms": "^2.1.3" }, "engines": { "node": ">=6.0" @@ -2563,11 +2303,30 @@ "node": ">=0.10.0" } }, + "node_modules/define-data-property": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", + "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==", + "dev": true, + "dependencies": { + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "gopd": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/define-properties": { - "version": "1.2.0", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.2.1.tgz", + "integrity": "sha512-8QmQKqEASLd5nx0U1B1okLElbUuuttJ/AnYmRXbbbGDWh6uS208EjD4Xqq/I9wK7u0v6O08XhTWnt5XtEbR6Dg==", "dev": true, - "license": "MIT", "dependencies": { + "define-data-property": "^1.0.1", "has-property-descriptors": "^1.0.0", "object-keys": "^1.1.1" }, @@ -2602,17 +2361,6 @@ "node": "^14.15.0 || ^16.10.0 || >=18.0.0" } }, - "node_modules/dir-glob": { - "version": "3.0.1", - "dev": true, - "license": "MIT", - "dependencies": { - "path-type": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, "node_modules/doctrine": { "version": "3.0.0", "dev": true, @@ -2682,49 +2430,57 @@ } }, "node_modules/es-abstract": { - "version": "1.22.1", - "dev": true, - "license": "MIT", - "dependencies": { - "array-buffer-byte-length": "^1.0.0", - "arraybuffer.prototype.slice": "^1.0.1", - "available-typed-arrays": "^1.0.5", - "call-bind": "^1.0.2", - "es-set-tostringtag": "^2.0.1", + "version": "1.23.3", + "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.23.3.tgz", + "integrity": "sha512-e+HfNH61Bj1X9/jLc5v1owaLYuHdeHHSQlkhCBiTK8rBvKaULl/beGMxwrMXjpYrv4pz22BlY570vVePA2ho4A==", + "dev": true, + "dependencies": { + "array-buffer-byte-length": "^1.0.1", + "arraybuffer.prototype.slice": "^1.0.3", + "available-typed-arrays": "^1.0.7", + "call-bind": "^1.0.7", + "data-view-buffer": "^1.0.1", + "data-view-byte-length": "^1.0.1", + "data-view-byte-offset": "^1.0.0", + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.0.0", + "es-set-tostringtag": "^2.0.3", "es-to-primitive": "^1.2.1", - "function.prototype.name": "^1.1.5", - "get-intrinsic": "^1.2.1", - "get-symbol-description": "^1.0.0", + "function.prototype.name": "^1.1.6", + "get-intrinsic": "^1.2.4", + "get-symbol-description": "^1.0.2", "globalthis": "^1.0.3", "gopd": "^1.0.1", - "has": "^1.0.3", - "has-property-descriptors": "^1.0.0", - "has-proto": "^1.0.1", + "has-property-descriptors": "^1.0.2", + "has-proto": "^1.0.3", "has-symbols": "^1.0.3", - "internal-slot": "^1.0.5", - "is-array-buffer": "^3.0.2", + "hasown": "^2.0.2", + "internal-slot": "^1.0.7", + "is-array-buffer": "^3.0.4", "is-callable": "^1.2.7", - "is-negative-zero": "^2.0.2", + "is-data-view": "^1.0.1", + "is-negative-zero": "^2.0.3", "is-regex": "^1.1.4", - "is-shared-array-buffer": "^1.0.2", + "is-shared-array-buffer": "^1.0.3", "is-string": "^1.0.7", - "is-typed-array": "^1.1.10", + "is-typed-array": "^1.1.13", "is-weakref": "^1.0.2", - "object-inspect": "^1.12.3", + "object-inspect": "^1.13.1", "object-keys": "^1.1.1", - "object.assign": "^4.1.4", - "regexp.prototype.flags": "^1.5.0", - "safe-array-concat": "^1.0.0", - "safe-regex-test": "^1.0.0", - "string.prototype.trim": "^1.2.7", - "string.prototype.trimend": "^1.0.6", - "string.prototype.trimstart": "^1.0.6", - "typed-array-buffer": "^1.0.0", - "typed-array-byte-length": "^1.0.0", - "typed-array-byte-offset": "^1.0.0", - "typed-array-length": "^1.0.4", + "object.assign": "^4.1.5", + "regexp.prototype.flags": "^1.5.2", + "safe-array-concat": "^1.1.2", + "safe-regex-test": "^1.0.3", + "string.prototype.trim": "^1.2.9", + "string.prototype.trimend": "^1.0.8", + "string.prototype.trimstart": "^1.0.8", + "typed-array-buffer": "^1.0.2", + "typed-array-byte-length": "^1.0.1", + "typed-array-byte-offset": "^1.0.2", + "typed-array-length": "^1.0.6", "unbox-primitive": "^1.0.2", - "which-typed-array": "^1.1.10" + "which-typed-array": "^1.1.15" }, "engines": { "node": ">= 0.4" @@ -2733,25 +2489,60 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/es-define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", + "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==", + "dev": true, + "dependencies": { + "get-intrinsic": "^1.2.4" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-object-atoms": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.0.0.tgz", + "integrity": "sha512-MZ4iQ6JwHOBQjahnjwaC1ZtIBH+2ohjamzAO3oaHcXYup7qxjF2fixyH+Q71voWHeOkI2q/TnJao/KfXYIZWbw==", + "dev": true, + "dependencies": { + "es-errors": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/es-set-tostringtag": { - "version": "2.0.1", + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.0.3.tgz", + "integrity": "sha512-3T8uNMC3OQTHkFUsFq8r/BwAXLHvU/9O9mE0fBc/MY5iq/8H7ncvO947LmYA6ldWw9Uh8Yhf25zu6n7nML5QWQ==", "dev": true, - "license": "MIT", "dependencies": { - "get-intrinsic": "^1.1.3", - "has": "^1.0.3", - "has-tostringtag": "^1.0.0" + "get-intrinsic": "^1.2.4", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.1" }, "engines": { "node": ">= 0.4" } }, "node_modules/es-shim-unscopables": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/es-shim-unscopables/-/es-shim-unscopables-1.0.2.tgz", + "integrity": "sha512-J3yBRXCzDu4ULnQwxyToo/OjdMx6akgVC7K6few0a7F/0wLtmKKN7I73AH5T2836UuXRqN7Qg+IIUw/+YJksRw==", "dev": true, - "license": "MIT", "dependencies": { - "has": "^1.0.3" + "hasown": "^2.0.0" } }, "node_modules/es-to-primitive": { @@ -2888,16 +2679,18 @@ } }, "node_modules/eslint-import-resolver-typescript": { - "version": "3.6.1", - "dev": true, - "license": "ISC", - "dependencies": { - "debug": "^4.3.4", - "enhanced-resolve": "^5.12.0", - "eslint-module-utils": "^2.7.4", - "fast-glob": "^3.3.1", - "get-tsconfig": "^4.5.0", - "is-core-module": "^2.11.0", + "version": "3.6.3", + "resolved": "https://registry.npmjs.org/eslint-import-resolver-typescript/-/eslint-import-resolver-typescript-3.6.3.tgz", + "integrity": "sha512-ud9aw4szY9cCT1EWWdGv1L1XR6hh2PaRWif0j2QjQ0pgTY/69iw+W0Z4qZv5wHahOl8isEr+k/JnyAqNQkLkIA==", + "dev": true, + "dependencies": { + "@nolyfill/is-core-module": "1.0.39", + "debug": "^4.3.5", + "enhanced-resolve": "^5.15.0", + "eslint-module-utils": "^2.8.1", + "fast-glob": "^3.3.2", + "get-tsconfig": "^4.7.5", + "is-bun-module": "^1.0.2", "is-glob": "^4.0.3" }, "engines": { @@ -2908,13 +2701,23 @@ }, "peerDependencies": { "eslint": "*", - "eslint-plugin-import": "*" + "eslint-plugin-import": "*", + "eslint-plugin-import-x": "*" + }, + "peerDependenciesMeta": { + "eslint-plugin-import": { + "optional": true + }, + "eslint-plugin-import-x": { + "optional": true + } } }, "node_modules/eslint-module-utils": { - "version": "2.8.0", + "version": "2.11.0", + "resolved": "https://registry.npmjs.org/eslint-module-utils/-/eslint-module-utils-2.11.0.tgz", + "integrity": "sha512-gbBE5Hitek/oG6MUVj6sFuzEjA/ClzNflVrLovHi/JgLdC7fiN5gLAY1WIPW1a0V5I999MnsrvVrCOGmmVqDBQ==", "dev": true, - "license": "MIT", "dependencies": { "debug": "^3.2.7" }, @@ -2956,25 +2759,27 @@ } }, "node_modules/eslint-plugin-import": { - "version": "2.29.1", + "version": "2.30.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-import/-/eslint-plugin-import-2.30.0.tgz", + "integrity": "sha512-/mHNE9jINJfiD2EKkg1BKyPyUk4zdnT54YgbOgfjSakWT5oyX/qQLVNTkehyfpcMxZXMy1zyonZ2v7hZTX43Yw==", "dev": true, - "license": "MIT", "dependencies": { - "array-includes": "^3.1.7", - "array.prototype.findlastindex": "^1.2.3", + "@rtsao/scc": "^1.1.0", + "array-includes": "^3.1.8", + "array.prototype.findlastindex": "^1.2.5", "array.prototype.flat": "^1.3.2", "array.prototype.flatmap": "^1.3.2", "debug": "^3.2.7", "doctrine": "^2.1.0", "eslint-import-resolver-node": "^0.3.9", - "eslint-module-utils": "^2.8.0", - "hasown": "^2.0.0", - "is-core-module": "^2.13.1", + "eslint-module-utils": "^2.9.0", + "hasown": "^2.0.2", + "is-core-module": "^2.15.1", "is-glob": "^4.0.3", "minimatch": "^3.1.2", - "object.fromentries": "^2.0.7", - "object.groupby": "^1.0.1", - "object.values": "^1.1.7", + "object.fromentries": "^2.0.8", + "object.groupby": "^1.0.3", + "object.values": "^1.2.0", "semver": "^6.3.1", "tsconfig-paths": "^3.15.0" }, @@ -2986,27 +2791,27 @@ } }, "node_modules/eslint-plugin-import-x": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-3.1.0.tgz", - "integrity": "sha512-/UbPA+bYY7nIxcjL3kpcDY3UNdoLHFhyBFzHox2M0ypcUoueTn6woZUUmzzi5et/dXChksasYYFeKE2wshOrhg==", + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-4.3.0.tgz", + "integrity": "sha512-PxGzP7gAjF2DLeRnQtbYkkgZDg1intFyYr/XS1LgTYXUDrSXMHGkXx8++6i2eDv2jMs0jfeO6G6ykyeWxiFX7w==", "dev": true, "dependencies": { - "@typescript-eslint/utils": "^7.4.0", + "@typescript-eslint/utils": "^8.1.0", "debug": "^4.3.4", "doctrine": "^3.0.0", "eslint-import-resolver-node": "^0.3.9", "get-tsconfig": "^4.7.3", "is-glob": "^4.0.3", "minimatch": "^9.0.3", - "semver": "^7.6.0", + "semver": "^7.6.3", "stable-hash": "^0.0.4", - "tslib": "^2.6.2" + "tslib": "^2.6.3" }, "engines": { - "node": ">=16" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "peerDependencies": { - "eslint": "^8.56.0 || ^9.0.0-0" + "eslint": "^8.57.0 || ^9.0.0" } }, "node_modules/eslint-plugin-import-x/node_modules/brace-expansion": { @@ -3091,9 +2896,9 @@ } }, "node_modules/eslint-plugin-jest": { - "version": "28.8.0", - "resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.8.0.tgz", - "integrity": "sha512-Tubj1hooFxCl52G4qQu0edzV/+EZzPUeN8p2NnW5uu4fbDs+Yo7+qDVDc4/oG3FbCqEBmu/OC3LSsyiU22oghw==", + "version": "28.8.3", + "resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.8.3.tgz", + "integrity": "sha512-HIQ3t9hASLKm2IhIOqnu+ifw7uLZkIlR7RYNv7fMcEi/p0CIiJmfriStQS2LDkgtY4nyLbIZAD+JL347Yc2ETQ==", "dev": true, "dependencies": { "@typescript-eslint/utils": "^6.0.0 || ^7.0.0 || ^8.0.0" @@ -3116,9 +2921,9 @@ } }, "node_modules/eslint-plugin-n": { - "version": "17.10.2", - "resolved": "https://registry.npmjs.org/eslint-plugin-n/-/eslint-plugin-n-17.10.2.tgz", - "integrity": "sha512-e+s4eAf5NtJaxPhTNu3qMO0Iz40WANS93w9LQgYcvuljgvDmWi/a3rh+OrNyMHeng6aOWGJO0rCg5lH4zi8yTw==", + "version": "17.10.3", + "resolved": "https://registry.npmjs.org/eslint-plugin-n/-/eslint-plugin-n-17.10.3.tgz", + "integrity": "sha512-ySZBfKe49nQZWR1yFaA0v/GsH6Fgp8ah6XV0WDz6CN8WO0ek4McMzb7A2xnf4DCYV43frjCygvb9f/wx7UUxRw==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", @@ -3378,9 +3183,10 @@ "license": "Apache-2.0" }, "node_modules/fast-glob": { - "version": "3.3.1", + "version": "3.3.2", + "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.2.tgz", + "integrity": "sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==", "dev": true, - "license": "MIT", "dependencies": { "@nodelib/fs.stat": "^2.0.2", "@nodelib/fs.walk": "^1.2.3", @@ -3521,8 +3327,9 @@ }, "node_modules/for-each": { "version": "0.3.3", + "resolved": "https://registry.npmjs.org/for-each/-/for-each-0.3.3.tgz", + "integrity": "sha512-jqYfLp7mo9vIyQf8ykW2v7A+2N4QjeCeI5+Dz9XraiO1ign81wjiH7Fb9vSOWvQfNtmSa4H2RoQTrrXivdUZmw==", "dev": true, - "license": "MIT", "dependencies": { "is-callable": "^1.1.3" } @@ -3568,14 +3375,15 @@ } }, "node_modules/function.prototype.name": { - "version": "1.1.5", + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/function.prototype.name/-/function.prototype.name-1.1.6.tgz", + "integrity": "sha512-Z5kx79swU5P27WEayXM1tBi5Ze/lbIyiNgU3qyXUOf9b2rgXYyF9Dy9Cx+IQv/Lc8WCG6L82zwUPpSS9hGehIg==", "dev": true, - "license": "MIT", "dependencies": { "call-bind": "^1.0.2", - "define-properties": "^1.1.3", - "es-abstract": "^1.19.0", - "functions-have-names": "^1.2.2" + "define-properties": "^1.2.0", + "es-abstract": "^1.22.1", + "functions-have-names": "^1.2.3" }, "engines": { "node": ">= 0.4" @@ -3586,8 +3394,9 @@ }, "node_modules/functions-have-names": { "version": "1.2.3", + "resolved": "https://registry.npmjs.org/functions-have-names/-/functions-have-names-1.2.3.tgz", + "integrity": "sha512-xckBUXyTIqT97tq2x2AMb+g163b5JFysYk0x4qxNFwbfQkmNZoiRHb6sPzI9/QV33WeuvVYBUIiD4NzNIyqaRQ==", "dev": true, - "license": "MIT", "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -3609,14 +3418,19 @@ } }, "node_modules/get-intrinsic": { - "version": "1.2.1", + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", + "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==", "dev": true, - "license": "MIT", "dependencies": { - "function-bind": "^1.1.1", - "has": "^1.0.3", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", "has-proto": "^1.0.1", - "has-symbols": "^1.0.3" + "has-symbols": "^1.0.3", + "hasown": "^2.0.0" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -3642,12 +3456,14 @@ } }, "node_modules/get-symbol-description": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/get-symbol-description/-/get-symbol-description-1.0.2.tgz", + "integrity": "sha512-g0QYk1dZBxGwk+Ngc+ltRH2IBp2f7zBkBMBJZCDerh6EhlhSR6+9irMCuT/09zD6qkarHUSn529sK/yL4S27mg==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.1.1" + "call-bind": "^1.0.5", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.4" }, "engines": { "node": ">= 0.4" @@ -3726,29 +3542,11 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/globby": { - "version": "11.1.0", - "dev": true, - "license": "MIT", - "dependencies": { - "array-union": "^2.1.0", - "dir-glob": "^3.0.1", - "fast-glob": "^3.2.9", - "ignore": "^5.2.0", - "merge2": "^1.4.1", - "slash": "^3.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/gopd": { "version": "1.0.1", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", + "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==", "dev": true, - "license": "MIT", "dependencies": { "get-intrinsic": "^1.1.3" }, @@ -3766,17 +3564,6 @@ "dev": true, "license": "MIT" }, - "node_modules/has": { - "version": "1.0.3", - "dev": true, - "license": "MIT", - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, "node_modules/has-bigints": { "version": "1.0.2", "dev": true, @@ -3794,20 +3581,22 @@ } }, "node_modules/has-property-descriptors": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", + "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==", "dev": true, - "license": "MIT", "dependencies": { - "get-intrinsic": "^1.1.1" + "es-define-property": "^1.0.0" }, "funding": { "url": "https://github.com/sponsors/ljharb" } }, "node_modules/has-proto": { - "version": "1.0.1", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", + "integrity": "sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==", "dev": true, - "license": "MIT", "engines": { "node": ">= 0.4" }, @@ -3827,11 +3616,12 @@ } }, "node_modules/has-tostringtag": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", "dev": true, - "license": "MIT", "dependencies": { - "has-symbols": "^1.0.2" + "has-symbols": "^1.0.3" }, "engines": { "node": ">= 0.4" @@ -3841,9 +3631,10 @@ } }, "node_modules/hasown": { - "version": "2.0.0", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", "dev": true, - "license": "MIT", "dependencies": { "function-bind": "^1.1.2" }, @@ -3928,12 +3719,13 @@ "license": "ISC" }, "node_modules/internal-slot": { - "version": "1.0.5", + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/internal-slot/-/internal-slot-1.0.7.tgz", + "integrity": "sha512-NGnrKwXzSms2qUUih/ILZ5JBqNTSa1+ZmP6flaIp6KmSElgE9qdndzS3cqjrDovwFdmwsGsLdeFgB6suw+1e9g==", "dev": true, - "license": "MIT", "dependencies": { - "get-intrinsic": "^1.2.0", - "has": "^1.0.3", + "es-errors": "^1.3.0", + "hasown": "^2.0.0", "side-channel": "^1.0.4" }, "engines": { @@ -3941,13 +3733,16 @@ } }, "node_modules/is-array-buffer": { - "version": "3.0.2", + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/is-array-buffer/-/is-array-buffer-3.0.4.tgz", + "integrity": "sha512-wcjaerHw0ydZwfhiKbXJWLDY8A7yV7KhjQOpb83hGgGfId/aQa4TOvwyzn2PuswW2gPCYEL/nEAiSVpdOj1lXw==", "dev": true, - "license": "MIT", "dependencies": { "call-bind": "^1.0.2", - "get-intrinsic": "^1.2.0", - "is-typed-array": "^1.1.10" + "get-intrinsic": "^1.2.1" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -3984,6 +3779,15 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/is-bun-module": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-bun-module/-/is-bun-module-1.1.0.tgz", + "integrity": "sha512-4mTAVPlrXpaN3jtF0lsnPCMGnq4+qZjVIKq0HCpfcqf8OC1SM5oATCIAPM5V5FN05qp2NNnFndphmdZS9CV3hA==", + "dev": true, + "dependencies": { + "semver": "^7.6.3" + } + }, "node_modules/is-callable": { "version": "1.2.7", "dev": true, @@ -3996,11 +3800,30 @@ } }, "node_modules/is-core-module": { - "version": "2.13.1", + "version": "2.15.1", + "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", + "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", "dev": true, - "license": "MIT", "dependencies": { - "hasown": "^2.0.0" + "hasown": "^2.0.2" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/is-data-view": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-data-view/-/is-data-view-1.0.1.tgz", + "integrity": "sha512-AHkaJrsUVW6wq6JS8y3JnM/GJF/9cf+k20+iDzlSaJrinEo5+7vRiteOSwBhHRiAyQATN1AmY4hwzxJKPmYf+w==", + "dev": true, + "dependencies": { + "is-typed-array": "^1.1.13" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -4056,9 +3879,10 @@ } }, "node_modules/is-negative-zero": { - "version": "2.0.2", + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/is-negative-zero/-/is-negative-zero-2.0.3.tgz", + "integrity": "sha512-5KoIu2Ngpyek75jXodFvnafB6DJgr3u8uuK0LEZJjrU19DrMD3EVERaR8sjz8CCGgpZvxPl9SuE1GMVPFHx1mw==", "dev": true, - "license": "MIT", "engines": { "node": ">= 0.4" }, @@ -4098,8 +3922,9 @@ }, "node_modules/is-regex": { "version": "1.1.4", + "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.1.4.tgz", + "integrity": "sha512-kvRdxDsxZjhzUX07ZnLydzS1TU/TJlTUHHY4YLL87e37oUA49DfkLqgy+VjFocowy29cKvcSiu+kIv728jTTVg==", "dev": true, - "license": "MIT", "dependencies": { "call-bind": "^1.0.2", "has-tostringtag": "^1.0.0" @@ -4112,11 +3937,15 @@ } }, "node_modules/is-shared-array-buffer": { - "version": "1.0.2", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/is-shared-array-buffer/-/is-shared-array-buffer-1.0.3.tgz", + "integrity": "sha512-nA2hv5XIhLR3uVzDDfCIknerhx8XUKnstuOERPNNIinXG7v9u+ohXF67vxm4TPTEPU6lm61ZkwP3c9PCB97rhg==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2" + "call-bind": "^1.0.7" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -4162,11 +3991,12 @@ } }, "node_modules/is-typed-array": { - "version": "1.1.12", + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/is-typed-array/-/is-typed-array-1.1.13.tgz", + "integrity": "sha512-uZ25/bUAlUY5fR4OKT4rZQEBrzQWYV9ZJYGGsUmEJ6thodVJ1HX64ePQ6Z0qPWP+m+Uq6e9UugrE38jeYsDSMw==", "dev": true, - "license": "MIT", "dependencies": { - "which-typed-array": "^1.1.11" + "which-typed-array": "^1.1.14" }, "engines": { "node": ">= 0.4" @@ -4188,8 +4018,9 @@ }, "node_modules/isarray": { "version": "2.0.5", - "dev": true, - "license": "MIT" + "resolved": "https://registry.npmjs.org/isarray/-/isarray-2.0.5.tgz", + "integrity": "sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw==", + "dev": true }, "node_modules/isexe": { "version": "2.0.0", @@ -5096,9 +4927,10 @@ } }, "node_modules/ms": { - "version": "2.1.2", - "dev": true, - "license": "MIT" + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "dev": true }, "node_modules/natural-compare": { "version": "1.4.0", @@ -5135,9 +4967,13 @@ } }, "node_modules/object-inspect": { - "version": "1.12.3", + "version": "1.13.2", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.2.tgz", + "integrity": "sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==", "dev": true, - "license": "MIT", + "engines": { + "node": ">= 0.4" + }, "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -5151,12 +4987,13 @@ } }, "node_modules/object.assign": { - "version": "4.1.4", + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/object.assign/-/object.assign-4.1.5.tgz", + "integrity": "sha512-byy+U7gp+FVwmyzKPYhW2h5l3crpmGsxl7X2s8y43IgxvG4g3QZ6CffDtsNQy1WsmZpQbO+ybo0AlW7TY6DcBQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.1.4", + "call-bind": "^1.0.5", + "define-properties": "^1.2.1", "has-symbols": "^1.0.3", "object-keys": "^1.1.1" }, @@ -5168,13 +5005,15 @@ } }, "node_modules/object.fromentries": { - "version": "2.0.7", + "version": "2.0.8", + "resolved": "https://registry.npmjs.org/object.fromentries/-/object.fromentries-2.0.8.tgz", + "integrity": "sha512-k6E21FzySsSK5a21KRADBd/NGneRegFO5pLHfdQLpRDETUNJueLXs3WCzyQ3tFRDYgbq3KHGXfTbi2bs8WQ6rQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "es-abstract": "^1.22.1" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-abstract": "^1.23.2", + "es-object-atoms": "^1.0.0" }, "engines": { "node": ">= 0.4" @@ -5184,24 +5023,28 @@ } }, "node_modules/object.groupby": { - "version": "1.0.1", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/object.groupby/-/object.groupby-1.0.3.tgz", + "integrity": "sha512-+Lhy3TQTuzXI5hevh8sBGqbmurHbbIjAi0Z4S63nthVLmLxfbj4T54a4CfZrXIrt9iP4mVAPYMo/v99taj3wjQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "es-abstract": "^1.22.1", - "get-intrinsic": "^1.2.1" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-abstract": "^1.23.2" + }, + "engines": { + "node": ">= 0.4" } }, "node_modules/object.values": { - "version": "1.1.7", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/object.values/-/object.values-1.2.0.tgz", + "integrity": "sha512-yBYjY9QX2hnRmZHAjG/f13MzmBzxzYgQhFrke06TTyKY5zSTEqkOeukBzIdVA3j3ulu8Qa3MbVFShV7T2RmGtQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "es-abstract": "^1.22.1" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-object-atoms": "^1.0.0" }, "engines": { "node": ">= 0.4" @@ -5341,14 +5184,6 @@ "dev": true, "license": "MIT" }, - "node_modules/path-type": { - "version": "4.0.0", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, "node_modules/picocolors": { "version": "1.0.0", "dev": true, @@ -5432,6 +5267,15 @@ "node": ">=8" } }, + "node_modules/possible-typed-array-names": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/possible-typed-array-names/-/possible-typed-array-names-1.0.0.tgz", + "integrity": "sha512-d7Uw+eZoloe0EHDIYoe+bQ5WXnGMOpmiZFTuMWCwpjzzkL2nTjcKiAk4hh8TjnGye2TwWOk3UXucZ+3rbmBa8Q==", + "dev": true, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/prelude-ls": { "version": "1.2.1", "dev": true, @@ -5550,13 +5394,15 @@ "license": "MIT" }, "node_modules/regexp.prototype.flags": { - "version": "1.5.0", + "version": "1.5.2", + "resolved": "https://registry.npmjs.org/regexp.prototype.flags/-/regexp.prototype.flags-1.5.2.tgz", + "integrity": "sha512-NcDiDkTLuPR+++OCKB0nWafEmhg/Da8aUPLPMQbK+bxKKCm1/S5he+AqYa4PlMCVBalb4/yxIRub6qkEx5yJbw==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "functions-have-names": "^1.2.3" + "call-bind": "^1.0.6", + "define-properties": "^1.2.1", + "es-errors": "^1.3.0", + "set-function-name": "^2.0.1" }, "engines": { "node": ">= 0.4" @@ -5679,12 +5525,13 @@ } }, "node_modules/safe-array-concat": { - "version": "1.0.0", + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/safe-array-concat/-/safe-array-concat-1.1.2.tgz", + "integrity": "sha512-vj6RsCsWBCf19jIeHEfkRMw8DPiBb+DMXklQ/1SGDHOMlHdPUkZXFQ2YdplS23zESTijAcurb1aSgJA3AgMu1Q==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.2.0", + "call-bind": "^1.0.7", + "get-intrinsic": "^1.2.4", "has-symbols": "^1.0.3", "isarray": "^2.0.5" }, @@ -5696,14 +5543,18 @@ } }, "node_modules/safe-regex-test": { - "version": "1.0.0", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/safe-regex-test/-/safe-regex-test-1.0.3.tgz", + "integrity": "sha512-CdASjNJPvRa7roO6Ra/gLYBTzYzzPyyBXxIMdGW3USQLyjWEls2RgW5UBTXaQVp+OrpeCK3bLem8smtmheoRuw==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.1.3", + "call-bind": "^1.0.6", + "es-errors": "^1.3.0", "is-regex": "^1.1.4" }, + "engines": { + "node": ">= 0.4" + }, "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -5720,6 +5571,38 @@ "node": ">=10" } }, + "node_modules/set-function-length": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", + "integrity": "sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==", + "dev": true, + "dependencies": { + "define-data-property": "^1.1.4", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "gopd": "^1.0.1", + "has-property-descriptors": "^1.0.2" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/set-function-name": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/set-function-name/-/set-function-name-2.0.2.tgz", + "integrity": "sha512-7PGFlmtwsEADb0WYyvCMa1t+yke6daIG4Wirafur5kcf+MhUnPms1UeR0CKQdTZD81yESwMHbtn+TR+dMviakQ==", + "dev": true, + "dependencies": { + "define-data-property": "^1.1.4", + "es-errors": "^1.3.0", + "functions-have-names": "^1.2.3", + "has-property-descriptors": "^1.0.2" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/shebang-command": { "version": "2.0.0", "dev": true, @@ -5740,13 +5623,18 @@ } }, "node_modules/side-channel": { - "version": "1.0.4", + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", + "integrity": "sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.0", - "get-intrinsic": "^1.0.2", - "object-inspect": "^1.9.0" + "call-bind": "^1.0.7", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.4", + "object-inspect": "^1.13.1" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -5758,9 +5646,9 @@ "license": "ISC" }, "node_modules/simple-git": { - "version": "3.25.0", - "resolved": "https://registry.npmjs.org/simple-git/-/simple-git-3.25.0.tgz", - "integrity": "sha512-KIY5sBnzc4yEcJXW7Tdv4viEz8KyG+nU0hay+DWZasvdFOYKeUZ6Xc25LUHHjw0tinPT7O1eY6pzX7pRT1K8rw==", + "version": "3.27.0", + "resolved": "https://registry.npmjs.org/simple-git/-/simple-git-3.27.0.tgz", + "integrity": "sha512-ivHoFS9Yi9GY49ogc6/YAi3Fl9ROnF4VyubNylgCkA+RVqLaKWnDSzXOVzya8csELIaWaYNutsEuAhZrtOjozA==", "dev": true, "dependencies": { "@kwsites/file-exists": "^1.1.1", @@ -5858,13 +5746,15 @@ } }, "node_modules/string.prototype.trim": { - "version": "1.2.7", + "version": "1.2.9", + "resolved": "https://registry.npmjs.org/string.prototype.trim/-/string.prototype.trim-1.2.9.tgz", + "integrity": "sha512-klHuCNxiMZ8MlsOihJhJEBJAiMVqU3Z2nEXWfWnIqjN0gEFS9J9+IxKozWWtQGcgoa1WUZzLjKPTr4ZHNFTFxw==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.1.4", - "es-abstract": "^1.20.4" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-abstract": "^1.23.0", + "es-object-atoms": "^1.0.0" }, "engines": { "node": ">= 0.4" @@ -5874,26 +5764,31 @@ } }, "node_modules/string.prototype.trimend": { - "version": "1.0.6", + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/string.prototype.trimend/-/string.prototype.trimend-1.0.8.tgz", + "integrity": "sha512-p73uL5VCHCO2BZZ6krwwQE3kCzM7NKmis8S//xEC6fQonchbum4eP6kR4DLEjQFO3Wnj3Fuo8NM0kOSjVdHjZQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.1.4", - "es-abstract": "^1.20.4" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-object-atoms": "^1.0.0" }, "funding": { "url": "https://github.com/sponsors/ljharb" } }, "node_modules/string.prototype.trimstart": { - "version": "1.0.6", + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/string.prototype.trimstart/-/string.prototype.trimstart-1.0.8.tgz", + "integrity": "sha512-UXSH262CSZY1tfu3G3Secr6uGLCFVPMhIqHjlgCUtCCcgihYc/xKs9djMTMUOb2j1mVSeU8EU6NWc/iQKU6Gfg==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.1.4", - "es-abstract": "^1.20.4" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-object-atoms": "^1.0.0" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -6066,20 +5961,20 @@ } }, "node_modules/ts-jest": { - "version": "29.2.4", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.4.tgz", - "integrity": "sha512-3d6tgDyhCI29HlpwIq87sNuI+3Q6GLTTCeYRHCs7vDz+/3GCMwEtV9jezLyl4ZtnBgx00I7hm8PCP8cTksMGrw==", + "version": "29.2.5", + "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", + "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", "dev": true, "dependencies": { - "bs-logger": "0.x", + "bs-logger": "^0.2.6", "ejs": "^3.1.10", - "fast-json-stable-stringify": "2.x", + "fast-json-stable-stringify": "^2.1.0", "jest-util": "^29.0.0", "json5": "^2.2.3", - "lodash.memoize": "4.x", - "make-error": "1.x", - "semver": "^7.5.3", - "yargs-parser": "^21.0.1" + "lodash.memoize": "^4.1.2", + "make-error": "^1.3.6", + "semver": "^7.6.3", + "yargs-parser": "^21.1.1" }, "bin": { "ts-jest": "cli.js" @@ -6177,9 +6072,10 @@ } }, "node_modules/tslib": { - "version": "2.6.2", - "dev": true, - "license": "0BSD" + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.7.0.tgz", + "integrity": "sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==", + "dev": true }, "node_modules/type-check": { "version": "0.4.0", @@ -6212,27 +6108,30 @@ } }, "node_modules/typed-array-buffer": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/typed-array-buffer/-/typed-array-buffer-1.0.2.tgz", + "integrity": "sha512-gEymJYKZtKXzzBzM4jqa9w6Q1Jjm7x2d+sh19AdsD4wqnMPDYyvwpsIc2Q/835kHuo3BEQ7CjelGhfTsoBb2MQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.2.1", - "is-typed-array": "^1.1.10" + "call-bind": "^1.0.7", + "es-errors": "^1.3.0", + "is-typed-array": "^1.1.13" }, "engines": { "node": ">= 0.4" } }, "node_modules/typed-array-byte-length": { - "version": "1.0.0", + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/typed-array-byte-length/-/typed-array-byte-length-1.0.1.tgz", + "integrity": "sha512-3iMJ9q0ao7WE9tWcaYKIptkNBuOIcZCCT0d4MRvuuH88fEoEH62IuQe0OtraD3ebQEoTRk8XCBoknUNc1Y67pw==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", + "call-bind": "^1.0.7", "for-each": "^0.3.3", - "has-proto": "^1.0.1", - "is-typed-array": "^1.1.10" + "gopd": "^1.0.1", + "has-proto": "^1.0.3", + "is-typed-array": "^1.1.13" }, "engines": { "node": ">= 0.4" @@ -6242,15 +6141,17 @@ } }, "node_modules/typed-array-byte-offset": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/typed-array-byte-offset/-/typed-array-byte-offset-1.0.2.tgz", + "integrity": "sha512-Ous0vodHa56FviZucS2E63zkgtgrACj7omjwd/8lTEMEPFFyjfixMZ1ZXenpgCFBBt4EC1J2XsyVS2gkG0eTFA==", "dev": true, - "license": "MIT", "dependencies": { - "available-typed-arrays": "^1.0.5", - "call-bind": "^1.0.2", + "available-typed-arrays": "^1.0.7", + "call-bind": "^1.0.7", "for-each": "^0.3.3", - "has-proto": "^1.0.1", - "is-typed-array": "^1.1.10" + "gopd": "^1.0.1", + "has-proto": "^1.0.3", + "is-typed-array": "^1.1.13" }, "engines": { "node": ">= 0.4" @@ -6260,22 +6161,29 @@ } }, "node_modules/typed-array-length": { - "version": "1.0.4", + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/typed-array-length/-/typed-array-length-1.0.6.tgz", + "integrity": "sha512-/OxDN6OtAk5KBpGb28T+HZc2M+ADtvRxXrKKbUwtsLgdoxgX13hyy7ek6bFRl5+aBs2yZzB0c4CnQfAtVypW/g==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", + "call-bind": "^1.0.7", "for-each": "^0.3.3", - "is-typed-array": "^1.1.9" + "gopd": "^1.0.1", + "has-proto": "^1.0.3", + "is-typed-array": "^1.1.13", + "possible-typed-array-names": "^1.0.0" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" } }, "node_modules/typescript": { - "version": "5.5.4", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.5.4.tgz", - "integrity": "sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==", + "version": "5.6.2", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.6.2.tgz", + "integrity": "sha512-NW8ByodCSNCwZeghjN3o+JX5OFH0Ojg6sadjEKY4huZ52TqbJTJnDo5+Tw98lSy63NZvi4n+ez5m2u5d4PkZyw==", "dev": true, "bin": { "tsc": "bin/tsc", @@ -6286,72 +6194,14 @@ } }, "node_modules/typescript-eslint": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.1.0.tgz", - "integrity": "sha512-prB2U3jXPJLpo1iVLN338Lvolh6OrcCZO+9Yv6AR+tvegPPptYCDBIHiEEUdqRi8gAv2bXNKfMUrgAd2ejn/ow==", - "dev": true, - "dependencies": { - "@typescript-eslint/eslint-plugin": "8.1.0", - "@typescript-eslint/parser": "8.1.0", - "@typescript-eslint/utils": "8.1.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependenciesMeta": { - "typescript": { - "optional": true - } - } - }, - "node_modules/typescript-eslint/node_modules/@typescript-eslint/scope-manager": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.1.0.tgz", - "integrity": "sha512-DsuOZQji687sQUjm4N6c9xABJa7fjvfIdjqpSIIVOgaENf2jFXiM9hIBZOL3hb6DHK9Nvd2d7zZnoMLf9e0OtQ==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/typescript-eslint/node_modules/@typescript-eslint/types": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.1.0.tgz", - "integrity": "sha512-q2/Bxa0gMOu/2/AKALI0tCKbG2zppccnRIRCW6BaaTlRVaPKft4oVYPp7WOPpcnsgbr0qROAVCVKCvIQ0tbWog==", - "dev": true, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/typescript-eslint/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.1.0.tgz", - "integrity": "sha512-NTHhmufocEkMiAord/g++gWKb0Fr34e9AExBRdqgWdVBaKoei2dIyYKD9Q0jBnvfbEA5zaf8plUFMUH6kQ0vGg==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.7.0.tgz", + "integrity": "sha512-nEHbEYJyHwsuf7c3V3RS7Saq+1+la3i0ieR3qP0yjqWSzVmh8Drp47uOl9LjbPANac4S7EFSqvcYIKXUUwIfIQ==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", - "debug": "^4.3.4", - "globby": "^11.1.0", - "is-glob": "^4.0.3", - "minimatch": "^9.0.4", - "semver": "^7.6.0", - "ts-api-utils": "^1.3.0" + "@typescript-eslint/eslint-plugin": "8.7.0", + "@typescript-eslint/parser": "8.7.0", + "@typescript-eslint/utils": "8.7.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -6366,69 +6216,6 @@ } } }, - "node_modules/typescript-eslint/node_modules/@typescript-eslint/utils": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.1.0.tgz", - "integrity": "sha512-ypRueFNKTIFwqPeJBfeIpxZ895PQhNyH4YID6js0UoBImWYoSjBsahUn9KMiJXh94uOjVBgHD9AmkyPsPnFwJA==", - "dev": true, - "dependencies": { - "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.1.0", - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/typescript-estree": "8.1.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependencies": { - "eslint": "^8.57.0 || ^9.0.0" - } - }, - "node_modules/typescript-eslint/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.1.0.tgz", - "integrity": "sha512-ba0lNI19awqZ5ZNKh6wCModMwoZs457StTebQ0q1NP58zSi2F6MOZRXwfKZy+jB78JNJ/WH8GSh2IQNzXX8Nag==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.1.0", - "eslint-visitor-keys": "^3.4.3" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/typescript-eslint/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/typescript-eslint/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/unbox-primitive": { "version": "1.0.2", "dev": true, @@ -6551,15 +6338,16 @@ } }, "node_modules/which-typed-array": { - "version": "1.1.11", + "version": "1.1.15", + "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.15.tgz", + "integrity": "sha512-oV0jmFtUky6CXfkqehVvBP/LSWJ2sy4vWMioiENyJLePrBO/yKyV9OyJySfAKosh+RYkIl5zJCNZ8/4JncrpdA==", "dev": true, - "license": "MIT", "dependencies": { - "available-typed-arrays": "^1.0.5", - "call-bind": "^1.0.2", + "available-typed-arrays": "^1.0.7", + "call-bind": "^1.0.7", "for-each": "^0.3.3", "gopd": "^1.0.1", - "has-tostringtag": "^1.0.0" + "has-tostringtag": "^1.0.2" }, "engines": { "node": ">= 0.4" @@ -6620,9 +6408,9 @@ "license": "ISC" }, "node_modules/yaml": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.5.0.tgz", - "integrity": "sha512-2wWLbGbYDiSqqIKoPjar3MPgB94ErzCtrNE1FdqGuaO0pi2JGjmE8aW8TDZwzU7vuxcGRdL/4gPQwQ7hD5AMSw==", + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.5.1.tgz", + "integrity": "sha512-bLQOjaX/ADgQ20isPJRvF0iRUHIxVhYvr53Of7wGcWlO2jvtUlH5m87DsmulFVxRpNLOnI4tB6p/oh8D7kpn9Q==", "dev": true, "bin": { "yaml": "bin.mjs" diff --git a/package.json b/package.json index 922026a1c..1e5bc3887 100644 --- a/package.json +++ b/package.json @@ -9,24 +9,24 @@ "@jest/console": "^29.4.1", "@jest/reporters": "^29.4.1", "@jest/test-result": "^29.4.1", - "@trunkio/launcher": "^1.3.1", + "@trunkio/launcher": "^1.3.2", "@types/caller": "^1.0.2", "@types/debug": "^4.1.12", - "@types/jest": "^29.5.12", + "@types/jest": "^29.5.13", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.4.0", + "@types/node": "^22.7.4", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.1.0", - "@typescript-eslint/parser": "^8.1.0", + "@typescript-eslint/eslint-plugin": "^8.7.0", + "@typescript-eslint/parser": "^8.7.0", "caller": "^1.1.0", - "debug": "^4.3.6", + "debug": "^4.3.7", "eslint": "^8.57.0", "eslint-config-prettier": "^9.1.0", - "eslint-import-resolver-typescript": "^3.5.2", - "eslint-plugin-import": "^2.29.1", - "eslint-plugin-import-x": "^3.1.0", - "eslint-plugin-jest": "^28.8.0", - "eslint-plugin-n": "^17.10.2", + "eslint-import-resolver-typescript": "^3.6.3", + "eslint-plugin-import": "^2.30.0", + "eslint-plugin-import-x": "^4.3.0", + "eslint-plugin-jest": "^28.8.3", + "eslint-plugin-n": "^17.10.3", "eslint-plugin-prettier": "^5.2.1", "eslint-plugin-simple-import-sort": "^12.1.1", "fast-sort": "^3.4.1", @@ -34,13 +34,13 @@ "jest-junit": "^16.0.0", "jest-specific-snapshot": "^8.0.0", "semver": "^7.6.3", - "simple-git": "^3.25.0", - "ts-jest": "^29.2.4", + "simple-git": "^3.27.0", + "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", - "typescript": "^5.5.4", - "typescript-eslint": "^8.1.0", - "yaml": "^2.5.0" + "typescript": "^5.6.2", + "typescript-eslint": "^8.7.0", + "yaml": "^2.5.1" }, "bundleDependencies": [ "tests" diff --git a/runtimes/node/plugin.yaml b/runtimes/node/plugin.yaml index 09657f4b5..6720795ed 100644 --- a/runtimes/node/plugin.yaml +++ b/runtimes/node/plugin.yaml @@ -47,6 +47,10 @@ runtimes: - name: NPM_CONFIG_USERCONFIG value: ${env.NPM_CONFIG_USERCONFIG} optional: true + # Necessary for some Windows install scripts + - name: COMSPEC + value: ${env.COMSPEC} + optional: true linter_environment: - name: PATH list: ["${linter}/node_modules/.bin"] diff --git a/tools/dbt-cli/dbt_cli.test.ts b/tools/dbt-cli/dbt_cli.test.ts new file mode 100644 index 000000000..86fe7224a --- /dev/null +++ b/tools/dbt-cli/dbt_cli.test.ts @@ -0,0 +1,6 @@ +import { toolInstallTest } from "tests"; + +toolInstallTest({ + toolName: "dbt-cli", + toolVersion: "0.38.14", +}); diff --git a/tools/dbt-cli/plugin.yaml b/tools/dbt-cli/plugin.yaml new file mode 100644 index 000000000..a9d14650c --- /dev/null +++ b/tools/dbt-cli/plugin.yaml @@ -0,0 +1,26 @@ +version: 0.1 +downloads: + - name: dbt-cli + version: 0.38.14 + downloads: + - os: + linux: linux + cpu: + x86_64: amd64 + arm_64: arm64 + url: https://github.com/dbt-labs/dbt-cli/releases/download/v${version}/dbt_${version}_${os}_${cpu}.tar.gz + - os: + macos: darwin + url: https://github.com/dbt-labs/dbt-cli/releases/download/v${version}/dbt_${version}_darwin_all.tar.gz + - os: + windows: windows + url: https://github.com/dbt-labs/dbt-cli/releases/download/v${version}/dbt_${version}_windows_amd64.tar.gz +tools: + definitions: + - name: dbt-cli + download: dbt-cli + known_good_version: 0.38.14 + shims: [dbt] + health_checks: + - command: dbt --version + parse_regex: dbt Cloud CLI - ${semver}