diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index 667b66339..2900b5a2a 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -18,6 +18,8 @@ updates: interval: weekly day: sunday time: "10:00" # UTC + ignore: + - dependency-name: eslint groups: dependencies: patterns: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4c9909926..d7e408fe0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,7 +34,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1 + uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 # Override language selection by uncommenting this and choosing your languages with: languages: javascript @@ -42,7 +42,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1 + uses: github/codeql-action/autobuild@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -56,4 +56,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1 + uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml index 38ca98d4b..e7ee84d05 100644 --- a/.github/workflows/nightly.yaml +++ b/.github/workflows/nightly.yaml @@ -43,7 +43,7 @@ jobs: - name: Cache tool downloads # ubuntu runner has persistent cache if: matrix.os == 'windows-latest' - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: /tmp/plugins_testing_download_cache # No need to key on trunk version unless we change how we store downloads. @@ -75,22 +75,19 @@ jobs: # This job is used to update the list of validated versions linter_tests_release: name: Plugin Tests Release - # runs-on: [self-hosted, "${{ matrix.os }}"] TODO(Tyler): Set after Windows self-hosted are established. runs-on: ${{ matrix.os }} timeout-minutes: 150 strategy: fail-fast: false matrix: linter-version: [Snapshots, Latest] - os: [ubuntu-latest, macOS, windows-latest] + os: [ubuntu-latest, macOS] include: # Normalize the filenames as inputs for ease of parsing - os: ubuntu-latest results-file: ubuntu-latest - os: macOS results-file: macos-latest - - os: windows-latest - results-file: windows-latest outputs: plugin-version: ${{ steps.get-release.outputs.tag }} @@ -151,7 +148,7 @@ jobs: - name: Cache tool downloads # ubuntu, mac runners have persistent cache if: matrix.os == 'windows-latest' - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: /tmp/plugins_testing_download_cache # No need to key on trunk version unless we change how we store downloads. diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 75df408b3..0c007b2ea 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -251,7 +251,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Cache tool downloads - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: /tmp/plugins_testing_download_cache key: trunk-${{ runner.os }} @@ -279,7 +279,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Cache tool downloads - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: /tmp/plugins_testing_download_cache key: trunk-${{ runner.os }} diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 214b67ac4..d475c3ce1 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -65,6 +65,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1 + uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 with: sarif_file: results.sarif diff --git a/.github/workflows/upload_results.reusable.yaml b/.github/workflows/upload_results.reusable.yaml index 728a403b4..48230fec0 100644 --- a/.github/workflows/upload_results.reusable.yaml +++ b/.github/workflows/upload_results.reusable.yaml @@ -98,27 +98,21 @@ jobs: echo "::endgroup::" - name: Slack Notification For Missing Artifacts - uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 + uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 if: steps.download-ubuntu.outcome == 'failure' || steps.download-macos.outcome == 'failure' || steps.download-windows.outcome == 'failure' with: - channel-id: ${{ env.SLACK_CHANNEL_ID }} + method: chat.postMessage + token: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} payload: | - { - "text": "Artifact Download Failure", - "blocks": [ - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": "Failure: " - } - } - ] - } - env: - SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} + channel: ${{ env.SLACK_CHANNEL_ID }} + text: "Artifact Download Failure" + blocks: + - type: section + text: + type: mrkdwn + text: "Failure: " - name: Setup Node uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 @@ -139,8 +133,9 @@ jobs: id: parse run: | npm run parse - echo "failures=$([[ -f failures.json ]] && echo "true" || echo "false")" >> "$GITHUB_OUTPUT" - echo "failures-payload=$(cat failures.json)" >> "$GITHUB_OUTPUT" + echo "failures=$([[ -f failures.yaml ]] && echo "true" || echo "false")" >> "$GITHUB_OUTPUT" + failures_payload=$(cat failures.yaml) + printf "failures-payload<> "$GITHUB_OUTPUT" echo "reruns=$(cat reruns.txt)" >> "$GITHUB_OUTPUT" env: PLUGIN_VERSION: ${{ inputs.plugin-version }} @@ -148,6 +143,7 @@ jobs: RUN_ID: ${{ github.run_id }} TEST_REF: ${{ inputs.test-ref }} TEST_TYPE: ${{ inputs.test-type }} + SLACK_CHANNEL_ID: ${{ env.SLACK_CHANNEL_ID }} - name: Upload Test Results Staging if: inputs.upload-validated-versions == true @@ -181,55 +177,42 @@ jobs: # Slack notifications - name: Slack Notification For Failures - uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 + uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 if: always() && steps.parse.outputs.failures == 'true' with: - channel-id: ${{ env.SLACK_CHANNEL_ID }} + method: chat.postMessage + token: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} payload: ${{ steps.parse.outputs.failures-payload }} - env: - SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Slack Notification For Staging Upload Failure - uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 + uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 if: inputs.upload-validated-versions == true && steps.upload-staging.outcome == 'failure' with: - channel-id: ${{ env.SLACK_CHANNEL_ID }} + method: chat.postMessage + token: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} payload: | - { - "text": "Upload Failure", - "blocks": [ - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": "Failure: " - } - } - ] - } - env: - SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} + channel: ${{ env.SLACK_CHANNEL_ID }} + text: "Upload Failure" + blocks: + - type: section + text: + type: mrkdwn + text: "Failure: " - name: Slack Notification For Prod Upload Failure - uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 + uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 if: inputs.upload-validated-versions == true && steps.upload-prod.outcome == 'failure' with: - channel-id: ${{ env.SLACK_CHANNEL_ID }} + method: chat.postMessage + token: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} payload: | - { - "text": "Upload Failure", - "blocks": [ - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": "Failure: " - } - } - ] - } - env: - SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} + channel: ${{ env.SLACK_CHANNEL_ID }} + text: "Upload Failure" + blocks: + - type: section + text: + type: mrkdwn + text: "Failure: " generate_snapshots_pr: name: Generate Snapshots PR runs-on: ubuntu-latest diff --git a/.github/workflows/windows_nightly.yaml b/.github/workflows/windows_nightly.yaml index 5825a4486..0f060ea7e 100644 --- a/.github/workflows/windows_nightly.yaml +++ b/.github/workflows/windows_nightly.yaml @@ -21,7 +21,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Cache tool downloads - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: /tmp/plugins_testing_download_cache # No need to key on trunk version unless we change how we store downloads. @@ -62,7 +62,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Cache tool downloads - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: /tmp/plugins_testing_download_cache # No need to key on trunk version unless we change how we store downloads. diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index 6a23e8dc4..9178fddea 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -42,8 +42,8 @@ lint: enabled: # enabled linters inherited from github.com/trunk-io/configs plugin - definition-checker - - eslint@9.14.0 - - trunk-toolbox@0.5.3 + - eslint@9.16.0 + - trunk-toolbox@0.5.4 disabled: - pylint # pylint diagnostics are too strict - semgrep diff --git a/linters/circleci/test_data/circleci_v0.1.28811_CUSTOM.check.shot b/linters/circleci/test_data/circleci_v0.1.28811_CUSTOM.check.shot index f3c35c1f4..1926e4d4d 100644 --- a/linters/circleci/test_data/circleci_v0.1.28811_CUSTOM.check.shot +++ b/linters/circleci/test_data/circleci_v0.1.28811_CUSTOM.check.shot @@ -1,6 +1,4 @@ // Jest Snapshot v1, https://goo.gl/fbAQLP -// trunk-upgrade-validation:RELEASE - exports[`Testing linter circleci test CUSTOM 1`] = ` { @@ -37,8 +35,6 @@ exports[`Testing linter circleci test CUSTOM 1`] = ` - | | | | - environment - | | | | - aws_auth - | | | | - auth - - | | | | Passed keys: - - | | | | - foo - | | | 2. [#/jobs/install-node-example/docker/1] required key [image] not found - | | 2. [#/jobs/install-node-example/steps/3] 0 subschemas matched instead of one - | | | 1. [#/jobs/install-node-example/steps/3] expected type: String, found: Mapping @@ -53,8 +49,6 @@ exports[`Testing linter circleci test CUSTOM 1`] = ` - | | | | Permitted keys: - | | | | - when - | | | | - unless - - | | | | Passed keys: - - | | | | - rerun - | | | 3. [#/jobs/install-node-example/steps/3/rerun] no subschema matched out of the total 2 subschemas - | | | | 1. [#/jobs/install-node-example/steps/3/rerun] expected type: Mapping, found: Sequence - | | | | | SCHEMA: diff --git a/linters/detekt/detekt.test.ts b/linters/detekt/detekt.test.ts index d064c44e1..2b818af41 100644 --- a/linters/detekt/detekt.test.ts +++ b/linters/detekt/detekt.test.ts @@ -45,7 +45,7 @@ const gradlePreCheck: TestCallback = (driver) => { driver.writeFile(trunkYamlPath, newContents); driver.runTrunkSync(["install"]); - const javaPath = recurseLevels(path.resolve(DOWNLOAD_CACHE, "jdk-13"), 1); + const javaPath = recurseLevels(path.resolve(DOWNLOAD_CACHE, "jdk-23"), 1); const finalContents = newContents.concat(` environment: - name: JAVA_HOME value: ${javaPath} diff --git a/linters/ktlint/ktlint.test.ts b/linters/ktlint/ktlint.test.ts index 2f8b213e3..4afc857ee 100644 --- a/linters/ktlint/ktlint.test.ts +++ b/linters/ktlint/ktlint.test.ts @@ -4,6 +4,16 @@ import { TrunkLintDriver } from "tests/driver"; // Grab the root .editorconfig const preCheck = (driver: TrunkLintDriver) => { driver.copyFileFromRoot(".editorconfig"); + + // Older versions of ktlint require an older jdk + const trunkYamlPath = ".trunk/trunk.yaml"; + const currentContents = driver.readFile(trunkYamlPath); + const newContents = currentContents.concat(`runtimes: + definitions: + - type: java + download: jdk-13 +`); + driver.writeFile(trunkYamlPath, newContents); }; linterFmtTest({ linterName: "ktlint", preCheck }); diff --git a/linters/nixpkgs-fmt/nixpkgs_fmt.test.ts b/linters/nixpkgs-fmt/nixpkgs_fmt.test.ts index 1ce6c05c1..b72b5e68f 100644 --- a/linters/nixpkgs-fmt/nixpkgs_fmt.test.ts +++ b/linters/nixpkgs-fmt/nixpkgs_fmt.test.ts @@ -1,18 +1,6 @@ -import { linterFmtTest, TestCallback } from "tests"; +import { linterFmtTest } from "tests"; import { osTimeoutMultiplier, skipOS } from "tests/utils"; jest.setTimeout(600000 * osTimeoutMultiplier); -// Earlier nixpkgs-fmt transitive dependencies are no longer -// supported through older rust runtime installs. -const preCheck: TestCallback = (driver) => { - const trunkYamlPath = ".trunk/trunk.yaml"; - const currentContents = driver.readFile(trunkYamlPath); - const newContents = currentContents.concat(`runtimes: - enabled: - - rust@1.71.1 -`); - driver.writeFile(trunkYamlPath, newContents); -}; - -linterFmtTest({ linterName: "nixpkgs-fmt", preCheck, skipTestIf: skipOS(["win32"]) }); +linterFmtTest({ linterName: "nixpkgs-fmt", skipTestIf: skipOS(["win32"]) }); diff --git a/linters/php-cs-fixer/php-cs-fixer.test.ts b/linters/php-cs-fixer/php-cs-fixer.test.ts index 5b52856fb..44d3f1008 100644 --- a/linters/php-cs-fixer/php-cs-fixer.test.ts +++ b/linters/php-cs-fixer/php-cs-fixer.test.ts @@ -1,7 +1,9 @@ import { linterFmtTest } from "tests"; -import { skipOS } from "tests/utils"; linterFmtTest({ linterName: "php-cs-fixer", - skipTestIf: skipOS(["win32"]), + // Next release will include support for php@8.4 + // https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/releases/tag/v3.65.0 + skipTestIf: () => true, + // skipTestIf: skipOS(["win32"]), }); diff --git a/linters/phpstan/plugin.yaml b/linters/phpstan/plugin.yaml index 9f13e3501..197664e8b 100644 --- a/linters/phpstan/plugin.yaml +++ b/linters/phpstan/plugin.yaml @@ -4,7 +4,7 @@ tools: - name: phpstan runtime: php package: phpstan/phpstan - known_good_version: 1.10.58 + known_good_version: 2.0.3 shims: [phpstan] environment: - name: PATH @@ -16,7 +16,7 @@ lint: definitions: - name: phpstan main_tool: phpstan - known_good_version: 1.10.58 + known_good_version: 2.0.3 description: PHP Static Analysis Tool suggest_if: never commands: diff --git a/linters/phpstan/test_data/phpstan_v1.10.58_basic.check.shot b/linters/phpstan/test_data/phpstan_v2.0.3_basic.check.shot similarity index 100% rename from linters/phpstan/test_data/phpstan_v1.10.58_basic.check.shot rename to linters/phpstan/test_data/phpstan_v2.0.3_basic.check.shot diff --git a/linters/trivy/trivy.test.ts b/linters/trivy/trivy.test.ts index 9172f7b60..874f36a1f 100644 --- a/linters/trivy/trivy.test.ts +++ b/linters/trivy/trivy.test.ts @@ -53,7 +53,7 @@ fuzzyLinterCheckTest({ linterName: "trivy", testName: "fs-vuln", args: "-a", - fileIssueAssertionCallback: createFuzzyMatcher(() => vulnExpectedFileIssues, 20), + fileIssueAssertionCallback: createFuzzyMatcher(() => vulnExpectedFileIssues, 40), preCheck: callbackGenerator("fs-vuln"), }); diff --git a/linters/trivy/vuln_expected_issues.json b/linters/trivy/vuln_expected_issues.json index 901231bd8..cd8958803 100644 --- a/linters/trivy/vuln_expected_issues.json +++ b/linters/trivy/vuln_expected_issues.json @@ -1,502 +1,1122 @@ [ { + "file": "test_data/Gemfile.lock", "line": "5", + "message": "Vulnerability in 'actionpack': rubygem-actionpack: Denial of Service in Action Dispatch. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1 or higher.", "code": "CVE-2023-22792", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'actionpack': Denial of Service in Action Dispatch. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1 or higher.", - "file": "test_data/Gemfile.lock" + "isSecurity": true }, { + "file": "test_data/Gemfile.lock", "line": "5", + "message": "Vulnerability in 'actionpack': rubygem-actionpack: Denial of Service in Action Dispatch. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1 or higher.", "code": "CVE-2023-22795", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'actionpack': Denial of Service in Action Dispatch. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1 or higher.", - "file": "test_data/Gemfile.lock" + "isSecurity": true }, { + "file": "test_data/Gemfile.lock", "line": "5", + "message": "Vulnerability in 'actionpack': actionpack: Possible XSS via User Supplied Values to redirect_to. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7.4, >= 7.0.5.1 or higher.", "code": "CVE-2023-28362", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'actionpack': Possible XSS via User Supplied Values to redirect_to. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7.4, >= 7.0.5.1 or higher.", - "file": "test_data/Gemfile.lock" + "isSecurity": true }, { + "file": "test_data/Gemfile.lock", + "line": "5", + "message": "Vulnerability in 'actionpack': rubygem-actionpack: Possible ReDoS vulnerability in query parameter filtering in Action Dispatch. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7.9, ~> 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1 or higher.", + "code": "CVE-2024-41128", + "level": "LEVEL_LOW", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", + "line": "5", + "message": "Vulnerability in 'actionpack': rubygem-actionpack: Possible ReDoS vulnerability in HTTP Token authentication in Action Controller. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7.9, ~> 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1 or higher.", + "code": "CVE-2024-47887", + "level": "LEVEL_LOW", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", + "line": "8", + "message": "Vulnerability in 'actionmailer': rubygem-actionmailer: Possible ReDoS vulnerability in block_format in Action Mailer. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7.9, ~> 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1 or higher.", + "code": "CVE-2024-47889", + "level": "LEVEL_LOW", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", "line": "10", + "message": "Vulnerability in 'actionview': rails: DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7.3, >= 7.0.4.3 or higher.", "code": "CVE-2023-23913", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'actionview': DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7.3, >= 7.0.4.3 or higher.", - "file": "test_data/Gemfile.lock" + "isSecurity": true }, { + "file": "test_data/Gemfile.lock", "line": "16", - "code": "CVE-2023-22796", - "level": "LEVEL_HIGH", + "message": "Vulnerability in 'activesupport': rubygem-activesupport: File Disclosure of Locally Encrypted Files. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7, >= 6.1.7.5, >= 7.0.7.1 or higher.", + "code": "CVE-2023-38037", + "level": "LEVEL_LOW", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'activesupport': Regular Expression Denial of Service. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1 or higher.", - "file": "test_data/Gemfile.lock" + "isSecurity": true }, { + "file": "test_data/Gemfile.lock", "line": "16", + "message": "Vulnerability in 'activesupport': rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7, >= 6.1.7.3, >= 7.0.4.3 or higher.", "code": "CVE-2023-28120", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'activesupport': Possible XSS in SafeBuffer#bytesplice. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7, >= 6.1.7.3, >= 7.0.4.3 or higher.", - "file": "test_data/Gemfile.lock" + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", + "line": "16", + "message": "Vulnerability in 'activesupport': rubygem-activesupport: Regular Expression Denial of Service. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1 or higher.", + "code": "CVE-2023-22796", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true }, { + "file": "test_data/Gemfile.lock", "line": "34", + "message": "Vulnerability in 'activerecord': rubygem-activerecord: Denial of Service. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1 or higher.", "code": "CVE-2022-44566", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'activerecord': Denial of Service. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1 or higher.", - "file": "test_data/Gemfile.lock" + "isSecurity": true }, { + "file": "test_data/Gemfile.lock", + "line": "38", + "message": "Vulnerability in 'activestorage': rubygem-activestorage: Possible Sensitive Session Information Leak in Active Storage. Current version is vulnerable: 5.2.8.1. Patch available: upgrade to ~> 6.1.7, >= 6.1.7.7, >= 7.0.8.1 or higher.", + "code": "CVE-2024-26144", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", "line": "97", - "code": "GHSA-pxvg-2qj5-37jq", + "message": "Vulnerability in 'nokogiri': Use-after-free in libxml2 via Nokogiri::XML::Reader. Current version is vulnerable: 1.14.1. Patch available: upgrade to ~> 1.15.6, >= 1.16.2 or higher.", + "code": "GHSA-xc9x-jj77-9p9j", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", + "line": "97", + "message": "Vulnerability in 'nokogiri': Use-after-free in libxml2 via Nokogiri::XML::Reader. Current version is vulnerable: 1.14.1. Patch available: upgrade to 1.15.6, 1.16.2 or higher.", + "code": "GHSA-vcc3-rw6f-jv97", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", + "line": "97", + "message": "Vulnerability in 'nokogiri': Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459. Current version is vulnerable: 1.14.1. Patch available: upgrade to >= 1.16.5 or higher.", + "code": "GHSA-r95h-9x8f-r3f7", + "level": "LEVEL_LOW", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", + "line": "97", "message": "Vulnerability in 'nokogiri': Update packaged libxml2 to v2.10.4 to resolve multiple CVEs. Current version is vulnerable: 1.14.1. Patch available: upgrade to >= 1.14.3 or higher.", - "file": "test_data/Gemfile.lock" + "code": "GHSA-pxvg-2qj5-37jq", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true }, { + "file": "test_data/Gemfile.lock", + "line": "99", + "message": "Vulnerability in 'puma': rubygem-puma: Header normalization allows for client to clobber proxy set headers. Current version is vulnerable: 4.3.12. Patch available: upgrade to ~> 5.6.9, >= 6.4.3 or higher.", + "code": "CVE-2024-45614", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", + "line": "99", + "message": "Vulnerability in 'puma': rubygem-puma: HTTP request smuggling when parsing chunked Transfer-Encoding Bodies. Current version is vulnerable: 4.3.12. Patch available: upgrade to ~> 5.6.8, >= 6.4.2 or higher.", + "code": "CVE-2024-21647", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", + "line": "99", + "message": "Vulnerability in 'puma': rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers. Current version is vulnerable: 4.3.12. Patch available: upgrade to ~> 5.6.7, >= 6.3.1 or higher.", + "code": "CVE-2023-40175", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", "line": "102", + "message": "Vulnerability in 'rack': rubygem-rack: Denial of service in Multipart MIME parsing. Current version is vulnerable: 2.2.6.2. Patch available: upgrade to ~> 2.0.9, >= 2.0.9.3, ~> 2.1.4, >= 2.1.4.3, ~> 2.2.6, >= 2.2.6.3, >= 3.0.4.2 or higher.", "code": "CVE-2023-27530", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'rack': Denial of service in Multipart MIME parsing. Current version is vulnerable: 2.2.6.2. Patch available: upgrade to ~> 2.0.9, >= 2.0.9.3, ~> 2.1.4, >= 2.1.4.3, ~> 2.2.6, >= 2.2.6.3, >= 3.0.4.2 or higher.", - "file": "test_data/Gemfile.lock" + "isSecurity": true }, { + "file": "test_data/Gemfile.lock", "line": "102", + "message": "Vulnerability in 'rack': rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing. Current version is vulnerable: 2.2.6.2. Patch available: upgrade to ~> 2.0.9, >= 2.0.9.4, ~> 2.1.4, >= 2.1.4.4, ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1 or higher.", + "code": "CVE-2024-26146", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/Gemfile.lock", + "line": "102", + "message": "Vulnerability in 'rack': rubygem-rack: denial of service in header parsing. Current version is vulnerable: 2.2.6.2. Patch available: upgrade to ~> 2.0, >= 2.2.6.4, >= 3.0.6.1 or higher.", "code": "CVE-2023-27539", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'rack': denial of service in header parsing. Current version is vulnerable: 2.2.6.2. Patch available: upgrade to ~> 2.0, >= 2.2.6.4, >= 3.0.6.1 or higher.", - "file": "test_data/Gemfile.lock" + "isSecurity": true }, { - "line": "7", - "code": "CVE-2022-30781", - "level": "LEVEL_HIGH", + "file": "test_data/Gemfile.lock", + "line": "102", + "message": "Vulnerability in 'rack': rubygem-rack: Possible DoS Vulnerability with Range Header in Rack. Current version is vulnerable: 2.2.6.2. Patch available: upgrade to ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1 or higher.", + "code": "CVE-2024-26141", + "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'code.gitea.io/gitea': Shell command injection in gitea. Current version is vulnerable: 1.9.0-dev. Patch available: upgrade to 1.16.7 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/Gemfile.lock", + "line": "102", + "message": "Vulnerability in 'rack': rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing. Current version is vulnerable: 2.2.6.2. Patch available: upgrade to ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1 or higher.", + "code": "CVE-2024-25126", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': code.gitea.io/gitea Open Redirect vulnerability. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.19.4 or higher.", "code": "CVE-2023-3515", "level": "LEVEL_LOW", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'code.gitea.io/gitea': code.gitea.io/gitea Open Redirect vulnerability. Current version is vulnerable: 1.9.0-dev. Patch available: upgrade to 1.19.4 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "7", - "code": "CVE-2021-28378", + "message": "Vulnerability in 'code.gitea.io/gitea': Gitea erroneous repo clones. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.17.2 or higher.", + "code": "CVE-2022-38795", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': Gitea: Stored XSS due to improper sanitization. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.22.1 or higher.", + "code": "CVE-2024-6886", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': Gitea allowed assignment of private issues. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.16.9 or higher.", + "code": "CVE-2022-38183", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'code.gitea.io/gitea': Cross-site Scripting in Gitea. Current version is vulnerable: 1.9.0-dev. Patch available: upgrade to 1.13.4 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': Shell command injection in gitea. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.16.7 or higher.", + "code": "CVE-2022-30781", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': Arbitrary file deletion in gitea. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.16.4 or higher.", "code": "CVE-2022-27313", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'code.gitea.io/gitea': Arbitrary file deletion in gitea. Current version is vulnerable: 1.9.0-dev. Patch available: upgrade to 1.16.4 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': Stored Cross-site Scripting in gitea. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.16.9 or higher.", "code": "CVE-2022-1928", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'code.gitea.io/gitea': Stored Cross-site Scripting in gitea. Current version is vulnerable: 1.9.0-dev. Patch available: upgrade to 1.16.9 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "7", - "code": "CVE-2022-0905", + "message": "Vulnerability in 'code.gitea.io/gitea': Gogs and Gitea SSRF Vulnerability. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.16.0-rc1 or higher.", + "code": "CVE-2018-15192", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'code.gitea.io/gitea': Gitea Missing Authorization vulnerability. Current version is vulnerable: 1.9.0-dev. Patch available: upgrade to 1.16.4 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': Arbitrary Code Execution in Gitea. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.12.6 or higher.", + "code": "CVE-2020-14144", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': Cross-site Scripting in Gitea. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.13.4 or higher.", + "code": "CVE-2021-28378", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': Path Traversal in Gitea. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.13.6 or higher.", "code": "CVE-2021-29134", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'code.gitea.io/gitea': Path Traversal in Gitea. Current version is vulnerable: 1.9.0-dev. Patch available: upgrade to 1.13.6 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", + "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': Gitea Missing Authorization vulnerability. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.16.4 or higher.", + "code": "CVE-2022-0905", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Vulnerability in 'code.gitea.io/gitea': Gitea Open Redirect. Current version is vulnerable: v1.9.0-dev. Patch available: upgrade to 1.16.5 or higher.", + "code": "CVE-2022-1058", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", "line": "40", + "message": "Vulnerability in 'github.com/dgrijalva/jwt-go': jwt-go: access restriction bypass vulnerability. Current version is vulnerable: v3.2.0+incompatible.", "code": "CVE-2020-26160", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/dgrijalva/jwt-go': jwt-go: access restriction bypass vulnerability. Current version is vulnerable: 3.2.0+incompatible.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "58", + "message": "Vulnerability in 'github.com/go-gitea/gitea': gitea: Sanitize and Escape refs in git backend. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.17.3 or higher.", + "code": "CVE-2022-42968", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "58", + "message": "Vulnerability in 'github.com/go-gitea/gitea': Cross-site Scripting in Gitea. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.5.1 or higher.", "code": "CVE-2021-45329", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/go-gitea/gitea': Cross-site Scripting in Gitea. Current version is vulnerable: 1.2.3. Patch available: upgrade to 1.5.1 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "58", - "code": "CVE-2022-42968", - "level": "LEVEL_HIGH", + "message": "Vulnerability in 'github.com/go-gitea/gitea': Open redirect in Gitea. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.4.3 or higher.", + "code": "CVE-2021-45328", + "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/go-gitea/gitea': Sanitize and Escape refs in git backend. Current version is vulnerable: 1.2.3. Patch available: upgrade to 1.17.3 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "58", + "message": "Vulnerability in 'github.com/go-gitea/gitea': Capture-replay in Gitea. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.11.2 or higher.", "code": "CVE-2021-45327", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/go-gitea/gitea': Capture-replay in Gitea. Current version is vulnerable: 1.2.3. Patch available: upgrade to 1.11.2 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "58", + "message": "Vulnerability in 'github.com/go-gitea/gitea': Cross Site Request Forgery in Gitea. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.5.2 or higher.", "code": "CVE-2021-45326", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/go-gitea/gitea': Cross Site Request Forgery in Gitea. Current version is vulnerable: 1.2.3. Patch available: upgrade to 1.5.2 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "58", + "message": "Vulnerability in 'github.com/go-gitea/gitea': Gitea displaying raw OpenID error in UI. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.7.0 or higher.", "code": "CVE-2021-45325", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/go-gitea/gitea': Gitea displaying raw OpenID error in UI. Current version is vulnerable: 1.2.3. Patch available: upgrade to 1.7.0 or higher.", - "file": "test_data/go.mod" + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "58", + "message": "Vulnerability in 'github.com/go-gitea/gitea': Improper Access Control in Gitea. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.12.6 or higher.", + "code": "CVE-2020-28991", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "58", + "message": "Vulnerability in 'github.com/go-gitea/gitea': Denial of Service in Gitea. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.12.0 or higher.", "code": "CVE-2020-13246", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/go-gitea/gitea': Denial of Service in Gitea. Current version is vulnerable: 1.2.3. Patch available: upgrade to 1.12.0 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "58", - "code": "CVE-2021-45328", - "level": "LEVEL_MEDIUM", + "message": "Vulnerability in 'github.com/go-gitea/gitea': Gitea Remote Code Execution. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.7.6 or higher.", + "code": "CVE-2019-11229", + "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/go-gitea/gitea': Open redirect in Gitea. Current version is vulnerable: 1.2.3. Patch available: upgrade to 1.4.3 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { - "line": "84", - "code": "CVE-2022-45004", + "file": "test_data/go.mod", + "line": "58", + "message": "Vulnerability in 'github.com/go-gitea/gitea': Gitea Improper Input Validation. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.7.6 or higher.", + "code": "CVE-2019-11228", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "58", + "message": "Vulnerability in 'github.com/go-gitea/gitea': Gitea Exposes Private Email Addresses. Current version is vulnerable: v1.2.3. Patch available: upgrade to 1.5.1 or higher.", + "code": "CVE-2018-1000803", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/gophish/gophish': Gophish vulnerable to Cross-site Scripting via crafted landing page. Current version is vulnerable: 0.1.2.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "84", - "code": "CVE-2022-25295", + "message": "Vulnerability in 'github.com/gophish/gophish': Gophish vulnerable to Server-Side Request Forgery. Current version is vulnerable: v0.1.2. Patch available: upgrade to 0.11.0 or higher.", + "code": "CVE-2020-24710", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/gophish/gophish': Gophish before 0.12.0 vulnerable to Open Redirect. Current version is vulnerable: 0.1.2. Patch available: upgrade to 0.12.0 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "84", - "code": "CVE-2019-16146", + "message": "Vulnerability in 'github.com/gophish/gophish': Gophish vulnerable to Cross-site Scripting via crafted landing page. Current version is vulnerable: v0.1.2.", + "code": "CVE-2022-45004", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/gophish/gophish': Gophish XSS Vulnerability. Current version is vulnerable: 0.1.2. Patch available: upgrade to 0.9.0 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "84", + "message": "Vulnerability in 'github.com/gophish/gophish': Gophish vulnerable to Denial of Service via crafted payload involving autofocus. Current version is vulnerable: v0.1.2.", "code": "CVE-2022-45003", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/gophish/gophish': Gophish vulnerable to Denial of Service via crafted payload involving autofocus. Current version is vulnerable: 0.1.2.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "84", - "code": "CVE-2020-24710", + "message": "Vulnerability in 'github.com/gophish/gophish': Gophish before 0.12.0 vulnerable to Open Redirect. Current version is vulnerable: v0.1.2. Patch available: upgrade to 0.12.0 or higher.", + "code": "CVE-2022-25295", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "84", + "message": "Vulnerability in 'github.com/gophish/gophish': Gophish XSS Vulnerability. Current version is vulnerable: v0.1.2. Patch available: upgrade to 0.9.0 or higher.", + "code": "CVE-2019-16146", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/gophish/gophish': Gophish vulnerable to Server-Side Request Forgery. Current version is vulnerable: 0.1.2. Patch available: upgrade to 0.11.0 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "161", + "message": "Vulnerability in 'github.com/unknwon/cae': github.com/unknwon/cae Path Traversal vulnerability. Current version is vulnerable: v1.0.0. Patch available: upgrade to 1.0.1 or higher.", "code": "CVE-2020-7668", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/unknwon/cae': Path Traversal in github.com/unknwon/cae/tz. Current version is vulnerable: 1.0.0. Patch available: upgrade to 1.0.1 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "161", + "message": "Vulnerability in 'github.com/unknwon/cae': Path Traversal in github.com/unknwon/cae/zip. Current version is vulnerable: v1.0.0. Patch available: upgrade to 1.0.1 or higher.", "code": "CVE-2020-7664", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'github.com/unknwon/cae': Path Traversal in github.com/unknwon/cae/zip. Current version is vulnerable: 1.0.0. Patch available: upgrade to 1.0.1 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "172", - "code": "CVE-2022-27191", + "message": "Vulnerability in 'golang.org/x/crypto': A message-forgery issue was discovered in crypto/openpgp/clearsign/cle ... Current version is vulnerable: v0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20190424203555-c05e17bb3b2d or higher.", + "code": "CVE-2019-11841", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "172", + "message": "Vulnerability in 'golang.org/x/crypto': golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter. Current version is vulnerable: v0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20190320223903-b7391e95e576 or higher.", + "code": "CVE-2019-11840", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "172", + "message": "Vulnerability in 'golang.org/x/crypto': golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference. Current version is vulnerable: v0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20201216223049-8b5274cf687f or higher.", + "code": "CVE-2020-29652", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/crypto': crash in a golang.org/x/crypto/ssh server. Current version is vulnerable: 0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20220314234659-1baeb1ce4c0b or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "172", - "code": "CVE-2021-43565", + "message": "Vulnerability in 'golang.org/x/crypto': golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service. Current version is vulnerable: v0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20200124225646-8b5121be2f68 or higher.", + "code": "CVE-2020-7919", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/crypto': empty plaintext packet causes panic. Current version is vulnerable: 0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20211202192323-5770296d904e or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "172", + "message": "Vulnerability in 'golang.org/x/crypto': golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic. Current version is vulnerable: v0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20200220183623-bac4c82f6975 or higher.", "code": "CVE-2020-9283", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/crypto': golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic. Current version is vulnerable: 0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20200220183623-bac4c82f6975 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "172", - "code": "CVE-2020-7919", + "message": "Vulnerability in 'golang.org/x/crypto': golang.org/x/crypto: empty plaintext packet causes panic. Current version is vulnerable: v0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20211202192323-5770296d904e or higher.", + "code": "CVE-2021-43565", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/crypto': golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service. Current version is vulnerable: 0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20200124225646-8b5121be2f68 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "172", - "code": "CVE-2019-11840", - "level": "LEVEL_MEDIUM", + "message": "Vulnerability in 'golang.org/x/crypto': golang: crash in a golang.org/x/crypto/ssh server. Current version is vulnerable: v0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20220314234659-1baeb1ce4c0b or higher.", + "code": "CVE-2022-27191", + "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/crypto': golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter. Current version is vulnerable: 0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20190320223903-b7391e95e576 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "172", - "code": "CVE-2020-29652", - "level": "LEVEL_HIGH", + "message": "Vulnerability in 'golang.org/x/crypto': ssh: Prefix truncation attack on Binary Packet Protocol (BPP). Current version is vulnerable: v0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.17.0 or higher.", + "code": "CVE-2023-48795", + "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/crypto': golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference. Current version is vulnerable: 0.0.0-20190308221718-c2843e01d9a2. Patch available: upgrade to 0.0.0-20201216223049-8b5274cf687f or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "174", - "code": "CVE-2021-33194", - "level": "LEVEL_HIGH", + "message": "Vulnerability in 'golang.org/x/net': HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack). Current version is vulnerable: v0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.17.0 or higher.", + "code": "CVE-2023-44487", + "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/net': golang: x/net/html: infinite loop in ParseFragment. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.0.0-20210520170846-37e1c6afe023 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "174", + "message": "Vulnerability in 'golang.org/x/net': golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests. Current version is vulnerable: v0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.4.0 or higher.", + "code": "CVE-2022-41717", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "174", + "message": "Vulnerability in 'golang.org/x/net': golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding. Current version is vulnerable: v0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.7.0 or higher.", "code": "CVE-2022-41723", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/net': avoid quadratic complexity in HPACK decoding. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.7.0 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "174", + "message": "Vulnerability in 'golang.org/x/net': A malicious HTTP/2 client which rapidly creates requests and immediate ... Current version is vulnerable: v0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.17.0 or higher.", + "code": "CVE-2023-39325", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "174", + "message": "Vulnerability in 'golang.org/x/net': golang.org/x/net/html: Cross site scripting. Current version is vulnerable: v0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.13.0 or higher.", + "code": "CVE-2023-3978", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "174", + "message": "Vulnerability in 'golang.org/x/net': golang: net/http: handle server errors after sending GOAWAY. Current version is vulnerable: v0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.0.0-20220906165146-f3363e06e74c or higher.", "code": "CVE-2022-27664", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/net': handle server errors after sending GOAWAY. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.0.0-20220906165146-f3363e06e74c or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "174", + "message": "Vulnerability in 'golang.org/x/net': golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS. Current version is vulnerable: v0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.23.0 or higher.", + "code": "CVE-2023-45288", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "174", + "message": "Vulnerability in 'golang.org/x/net': golang: x/net/html: infinite loop in ParseFragment. Current version is vulnerable: v0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.0.0-20210520170846-37e1c6afe023 or higher.", + "code": "CVE-2021-33194", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "174", + "message": "Vulnerability in 'golang.org/x/net': golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header. Current version is vulnerable: v0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.0.0-20210428140749-89ef3d95e781 or higher.", "code": "CVE-2021-31525", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/net': golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e. Patch available: upgrade to 0.0.0-20210428140749-89ef3d95e781 or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", "line": "175", + "message": "Vulnerability in 'golang.org/x/sys': golang: syscall: faccessat checks wrong group. Current version is vulnerable: v0.0.0-20200331124033-c3d80250170d. Patch available: upgrade to 0.0.0-20220412211240-33da011f77ad or higher.", "code": "CVE-2022-29526", "level": "LEVEL_MEDIUM", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'golang.org/x/sys': faccessat checks wrong group. Current version is vulnerable: 0.0.0-20200331124033-c3d80250170d. Patch available: upgrade to 0.0.0-20220412211240-33da011f77ad or higher.", - "file": "test_data/go.mod" + "isSecurity": true }, { + "file": "test_data/go.mod", + "line": "189", + "message": "Vulnerability in 'gopkg.in/src-d/go-git.v4': go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients. Current version is vulnerable: v4.11.0.", + "code": "CVE-2023-49569", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "189", + "message": "Vulnerability in 'gopkg.in/src-d/go-git.v4': go-git: Maliciously crafted Git server replies can cause DoS on go-git clients. Current version is vulnerable: v4.11.0.", + "code": "CVE-2023-49568", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/nested/requirements.txt", "line": "1", + "message": "Vulnerability in 'pillow': Pillow before 9.2.0 performs Improper Handling of Highly Compressed GI ... Current version is vulnerable: 9.1.1. Patch available: upgrade to 9.2.0 or higher.", "code": "CVE-2022-45198", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'pillow': Pillow before 9.2.0 performs Improper Handling of Highly Compressed GI ... Current version is vulnerable: 9.1.1. Patch available: upgrade to 9.2.0 or higher.", - "file": "test_data/nested/requirements.txt" + "isSecurity": true }, { + "file": "test_data/nested/requirements.txt", "line": "1", - "code": "CVE-2022-45198", + "message": "Vulnerability in 'pillow': python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument. Current version is vulnerable: 9.1.1. Patch available: upgrade to 10.0.0 or higher.", + "code": "CVE-2023-44271", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/nested/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': libwebp: Heap buffer overflow in WebP Codec. Current version is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", + "code": "CVE-2023-4863", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/nested/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': pillow: Arbitrary Code Execution via the environment parameter. Current version is vulnerable: 9.1.1. Patch available: upgrade to 10.2.0 or higher.", + "code": "CVE-2023-50447", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/nested/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': python-pillow: buffer overflow in _imagingcms.c. Current version is vulnerable: 9.1.1. Patch available: upgrade to 10.3.0 or higher.", + "code": "CVE-2024-28219", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/nested/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': Bundled libwebp in Pillow vulnerable. Current version is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", + "code": "GHSA-56pw-mpj4-fxww", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/no_errors/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': Bundled libwebp in Pillow vulnerable. Current version is vulnerable: 9.3.0. Patch available: upgrade to 10.0.1 or higher.", + "code": "GHSA-56pw-mpj4-fxww", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, + "isSecurity": true + }, + { + "file": "test_data/no_errors/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': python-pillow: buffer overflow in _imagingcms.c. Current version is vulnerable: 9.3.0. Patch available: upgrade to 10.3.0 or higher.", + "code": "CVE-2024-28219", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/no_errors/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': pillow: Arbitrary Code Execution via the environment parameter. Current version is vulnerable: 9.3.0. Patch available: upgrade to 10.2.0 or higher.", + "code": "CVE-2023-50447", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/no_errors/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': libwebp: Heap buffer overflow in WebP Codec. Current version is vulnerable: 9.3.0. Patch available: upgrade to 10.0.1 or higher.", + "code": "CVE-2023-4863", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/no_errors/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument. Current version is vulnerable: 9.3.0. Patch available: upgrade to 10.0.0 or higher.", + "code": "CVE-2023-44271", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "1", "message": "Vulnerability in 'pillow': Pillow before 9.2.0 performs Improper Handling of Highly Compressed GI ... Current version is vulnerable: 9.1.1. Patch available: upgrade to 9.2.0 or higher.", - "file": "test_data/requirements.txt" + "code": "CVE-2022-45198", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument. Current version is vulnerable: 9.1.1. Patch available: upgrade to 10.0.0 or higher.", + "code": "CVE-2023-44271", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': libwebp: Heap buffer overflow in WebP Codec. Current version is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", + "code": "CVE-2023-4863", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true }, { + "file": "test_data/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': pillow: Arbitrary Code Execution via the environment parameter. Current version is vulnerable: 9.1.1. Patch available: upgrade to 10.2.0 or higher.", + "code": "CVE-2023-50447", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': python-pillow: buffer overflow in _imagingcms.c. Current version is vulnerable: 9.1.1. Patch available: upgrade to 10.3.0 or higher.", + "code": "CVE-2024-28219", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "1", + "message": "Vulnerability in 'pillow': Bundled libwebp in Pillow vulnerable. Current version is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", + "code": "GHSA-56pw-mpj4-fxww", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", "line": "2", + "message": "Vulnerability in 'langchain': langchain Code Injection vulnerability. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.236 or higher.", + "code": "CVE-2023-36095", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': langchain arbitrary code execution vulnerability. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "CVE-2023-36258", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': langchain SQL Injection vulnerability. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", "code": "CVE-2023-36189", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'langchain': langchain SQL Injection vulnerability. Current version is vulnerable: 0.0.171.", - "file": "test_data/requirements.txt" + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': langchain vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.236 or higher.", + "code": "CVE-2023-36188", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': langchain vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.312 or higher.", + "code": "CVE-2023-36281", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true }, { + "file": "test_data/requirements.txt", "line": "2", + "message": "Vulnerability in 'langchain': Langchain vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", "code": "CVE-2023-34541", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'langchain': Langchain vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171.", - "file": "test_data/requirements.txt" + "isSecurity": true }, { + "file": "test_data/requirements.txt", "line": "2", + "message": "Vulnerability in 'langchain': Langchain OS Command Injection vulnerability. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.225 or higher.", "code": "CVE-2023-34540", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'langchain': Langchain OS Command Injection vulnerability. Current version is vulnerable: 0.0.171.", - "file": "test_data/requirements.txt" + "isSecurity": true }, { + "file": "test_data/requirements.txt", "line": "2", - "code": "CVE-2023-36188", + "message": "Vulnerability in 'langchain': Langchain Server-Side Request Forgery vulnerability. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.329 or higher.", + "code": "CVE-2023-32786", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'langchain': langchain vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171.", - "file": "test_data/requirements.txt" + "isSecurity": true }, { + "file": "test_data/requirements.txt", "line": "2", - "code": "CVE-2023-36258", + "message": "Vulnerability in 'langchain': Langchain SQL Injection vulnerability. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "CVE-2023-32785", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': LangChain vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "CVE-2023-38860", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': LangChain vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.236 or higher.", + "code": "CVE-2023-38896", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.308 or higher.", + "code": "CVE-2023-39631", "level": "LEVEL_HIGH", "linter": "trivy", "targetType": "lockfile", - "isSecurity": true, - "message": "Vulnerability in 'langchain': langchain arbitrary code execution vulnerability. Current version is vulnerable: 0.0.171.", - "file": "test_data/requirements.txt" + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': LangChain vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.325 or higher.", + "code": "CVE-2023-39659", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': LangChain Server Side Request Forgery vulnerability. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.317 or higher.", + "code": "CVE-2023-46229", + "level": "LEVEL_HIGH", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': langchain Server-Side Request Forgery vulnerability. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.1.0 or higher.", + "code": "CVE-2024-0243", + "level": "LEVEL_LOW", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': LangChain directory traversal vulnerability. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.339 or higher.", + "code": "CVE-2024-28088", + "level": "LEVEL_LOW", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': Denial of service in langchain-community. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.2.5 or higher.", + "code": "CVE-2024-2965", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': langchain vulnerable to path traversal. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.353 or higher.", + "code": "CVE-2024-3571", + "level": "LEVEL_MEDIUM", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "Vulnerability in 'langchain': langchain: SQL Injection in langchain-ai/langchain. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.2.0 or higher.", + "code": "CVE-2024-8309", + "level": "LEVEL_LOW", + "linter": "trivy", + "targetType": "lockfile", + "isSecurity": true } ] diff --git a/linters/trunk-toolbox/plugin.yaml b/linters/trunk-toolbox/plugin.yaml index 219e4a5c1..25726eadd 100644 --- a/linters/trunk-toolbox/plugin.yaml +++ b/linters/trunk-toolbox/plugin.yaml @@ -25,6 +25,7 @@ lint: main_tool: trunk-toolbox files: [ALL] affects_cache: [toolbox.toml, log4rs.yaml] + known_good_version: 0.5.3 commands: - name: lint version: ">=0.5.3" diff --git a/linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot b/linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot index 8948a64ac..eaf35b016 100644 --- a/linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot +++ b/linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot @@ -7,7 +7,7 @@ exports[`Testing linter trunk-toolbox test do_not_land 1`] = ` "code": "do-not-land", "column": "3", "file": "test_data/do_not_land.in.txt", - "issueClass": "ISSUE_CLASS_NEW", + "issueClass": "ISSUE_CLASS_EXISTING", "level": "LEVEL_HIGH", "line": "1", "linter": "trunk-toolbox", @@ -25,7 +25,7 @@ exports[`Testing linter trunk-toolbox test do_not_land 1`] = ` "code": "do-not-land", "column": "3", "file": "test_data/do_not_land.in.txt", - "issueClass": "ISSUE_CLASS_NEW", + "issueClass": "ISSUE_CLASS_EXISTING", "level": "LEVEL_HIGH", "line": "2", "linter": "trunk-toolbox", @@ -43,7 +43,7 @@ exports[`Testing linter trunk-toolbox test do_not_land 1`] = ` "code": "do-not-land", "column": "3", "file": "test_data/do_not_land.in.txt", - "issueClass": "ISSUE_CLASS_NEW", + "issueClass": "ISSUE_CLASS_EXISTING", "level": "LEVEL_HIGH", "line": "3", "linter": "trunk-toolbox", @@ -68,16 +68,6 @@ exports[`Testing linter trunk-toolbox test do_not_land 1`] = ` ], "verb": "TRUNK_VERB_CHECK", }, - { - "command": "lint", - "fileGroupName": "ALL", - "linter": "trunk-toolbox", - "paths": [ - "test_data/do_not_land.in.txt", - ], - "upstream": true, - "verb": "TRUNK_VERB_CHECK", - }, ], "taskFailures": [], "unformattedFiles": [], diff --git a/package-lock.json b/package-lock.json index ae9be6871..20940b4eb 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,19 +16,19 @@ "@types/debug": "^4.1.12", "@types/jest": "^29.5.14", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.9.0", + "@types/node": "^22.10.1", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.13.0", - "@typescript-eslint/parser": "^8.13.0", + "@typescript-eslint/eslint-plugin": "^8.17.0", + "@typescript-eslint/parser": "^8.17.0", "caller": "^1.1.0", - "debug": "^4.3.7", - "eslint": "^8.57.0", + "debug": "^4.4.0", + "eslint": "9.14.0", "eslint-config-prettier": "^9.1.0", - "eslint-import-resolver-typescript": "^3.6.3", + "eslint-import-resolver-typescript": "^3.7.0", "eslint-plugin-import": "^2.31.0", - "eslint-plugin-import-x": "^4.4.0", + "eslint-plugin-import-x": "^4.5.0", "eslint-plugin-jest": "^28.9.0", - "eslint-plugin-n": "^17.13.1", + "eslint-plugin-n": "^17.14.0", "eslint-plugin-prettier": "^5.2.1", "eslint-plugin-simple-import-sort": "^12.1.1", "fast-sort": "^3.4.1", @@ -40,9 +40,9 @@ "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", - "typescript": "^5.6.3", - "typescript-eslint": "^8.13.0", - "yaml": "^2.6.0" + "typescript": "^5.7.2", + "typescript-eslint": "^8.17.0", + "yaml": "^2.6.1" }, "engines": { "node": ">=16" @@ -657,15 +657,39 @@ "node": "^12.0.0 || ^14.0.0 || >=16.0.0" } }, + "node_modules/@eslint/config-array": { + "version": "0.18.0", + "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.18.0.tgz", + "integrity": "sha512-fTxvnS1sRMu3+JjXwJG0j/i4RT9u4qJ+lqS/yCGap4lH4zZGzQ7tu+xZqQmcMZq5OBZDL4QRxQzRjkWcGt8IVw==", + "dev": true, + "dependencies": { + "@eslint/object-schema": "^2.1.4", + "debug": "^4.3.1", + "minimatch": "^3.1.2" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, + "node_modules/@eslint/core": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.7.0.tgz", + "integrity": "sha512-xp5Jirz5DyPYlPiKat8jaq0EmYvDXKKpzTbxXMpT9eqlRJkRKIz9AGMdlvYjih+im+QlhWrpvVjl8IPC/lHlUw==", + "dev": true, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, "node_modules/@eslint/eslintrc": { - "version": "2.1.4", + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.2.0.tgz", + "integrity": "sha512-grOjVNN8P3hjJn/eIETF1wwd12DdnwFDoyceUJLYYdkpbwq3nLi+4fqrTAONx7XDALqlL220wC/RHSC/QTI/0w==", "dev": true, - "license": "MIT", "dependencies": { "ajv": "^6.12.4", "debug": "^4.3.2", - "espree": "^9.6.0", - "globals": "^13.19.0", + "espree": "^10.0.1", + "globals": "^14.0.0", "ignore": "^5.2.0", "import-fresh": "^3.2.1", "js-yaml": "^4.1.0", @@ -673,31 +697,75 @@ "strip-json-comments": "^3.1.1" }, "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "url": "https://opencollective.com/eslint" } }, "node_modules/@eslint/js": { - "version": "8.57.0", + "version": "9.14.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.14.0.tgz", + "integrity": "sha512-pFoEtFWCPyDOl+C6Ift+wC7Ro89otjigCf5vcuWqWgqNSQbRrpjSvdeE6ofLz4dHmyxD5f7gIdGT4+p36L6Twg==", "dev": true, - "license": "MIT", "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" } }, - "node_modules/@humanwhocodes/config-array": { - "version": "0.11.14", + "node_modules/@eslint/object-schema": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.4.tgz", + "integrity": "sha512-BsWiH1yFGjXXS2yvrf5LyuoSIIbPrGUWob917o+BTKuZ7qJdxX8aJLRxs1fS9n6r7vESrq1OUqb68dANcFXuQQ==", + "dev": true, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, + "node_modules/@eslint/plugin-kit": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.3.tgz", + "integrity": "sha512-2b/g5hRmpbb1o4GnTZax9N9m0FXzz9OV42ZzI4rDDMDuHUqigAiQCEWChBWCY4ztAGVRjoWT19v0yMmc5/L5kA==", "dev": true, - "license": "Apache-2.0", "dependencies": { - "@humanwhocodes/object-schema": "^2.0.2", - "debug": "^4.3.1", - "minimatch": "^3.0.5" + "levn": "^0.4.1" }, "engines": { - "node": ">=10.10.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, + "node_modules/@humanfs/core": { + "version": "0.19.1", + "resolved": "https://registry.npmjs.org/@humanfs/core/-/core-0.19.1.tgz", + "integrity": "sha512-5DyQ4+1JEUzejeK1JGICcideyfUbGixgS9jNgex5nqkW+cY7WZhxBigmieN5Qnw9ZosSNVC9KQKyb+GUaGyKUA==", + "dev": true, + "engines": { + "node": ">=18.18.0" + } + }, + "node_modules/@humanfs/node": { + "version": "0.16.6", + "resolved": "https://registry.npmjs.org/@humanfs/node/-/node-0.16.6.tgz", + "integrity": "sha512-YuI2ZHQL78Q5HbhDiBA1X4LmYdXCKCMQIfw0pw7piHJwyREFebJUvrQN4cMssyES6x+vfUbx1CIpaQUKYdQZOw==", + "dev": true, + "dependencies": { + "@humanfs/core": "^0.19.1", + "@humanwhocodes/retry": "^0.3.0" + }, + "engines": { + "node": ">=18.18.0" + } + }, + "node_modules/@humanfs/node/node_modules/@humanwhocodes/retry": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.3.1.tgz", + "integrity": "sha512-JBxkERygn7Bv/GbN5Rv8Ul6LVknS+5Bp6RgDC/O8gEBU/yeH5Ui5C/OlWrTb6qct7LjjfT6Re2NxB0ln0yYybA==", + "dev": true, + "engines": { + "node": ">=18.18" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/nzakas" } }, "node_modules/@humanwhocodes/module-importer": { @@ -712,10 +780,18 @@ "url": "https://github.com/sponsors/nzakas" } }, - "node_modules/@humanwhocodes/object-schema": { - "version": "2.0.2", + "node_modules/@humanwhocodes/retry": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.1.tgz", + "integrity": "sha512-c7hNEllBlenFTHBky65mhq8WD2kbN9Q6gk0bTk8lSBvc554jpXSkST1iePudpt7+A/AQvuHs9EMqjHDXMY1lrA==", "dev": true, - "license": "BSD-3-Clause" + "engines": { + "node": ">=18.18" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/nzakas" + } }, "node_modules/@istanbuljs/load-nyc-config": { "version": "1.1.0", @@ -1317,6 +1393,12 @@ "@types/ms": "*" } }, + "node_modules/@types/estree": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.6.tgz", + "integrity": "sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw==", + "dev": true + }, "node_modules/@types/graceful-fs": { "version": "4.1.5", "dev": true, @@ -1364,6 +1446,12 @@ "@types/jest": "*" } }, + "node_modules/@types/json-schema": { + "version": "7.0.15", + "resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz", + "integrity": "sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==", + "dev": true + }, "node_modules/@types/json5": { "version": "0.0.29", "dev": true, @@ -1375,12 +1463,12 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "22.9.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.9.0.tgz", - "integrity": "sha512-vuyHg81vvWA1Z1ELfvLko2c8f34gyA0zaic0+Rllc5lbCnbSyuvb2Oxpm6TAUAC/2xZN3QGqxBNggD1nNR2AfQ==", + "version": "22.10.1", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.1.tgz", + "integrity": "sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ==", "dev": true, "dependencies": { - "undici-types": "~6.19.8" + "undici-types": "~6.20.0" } }, "node_modules/@types/semver": { @@ -1408,16 +1496,16 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.13.0.tgz", - "integrity": "sha512-nQtBLiZYMUPkclSeC3id+x4uVd1SGtHuElTxL++SfP47jR0zfkZBJHc+gL4qPsgTuypz0k8Y2GheaDYn6Gy3rg==", + "version": "8.17.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.17.0.tgz", + "integrity": "sha512-HU1KAdW3Tt8zQkdvNoIijfWDMvdSweFYm4hWh+KwhPstv+sCmWb89hCIP8msFm9N1R/ooh9honpSuvqKWlYy3w==", "dev": true, "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.13.0", - "@typescript-eslint/type-utils": "8.13.0", - "@typescript-eslint/utils": "8.13.0", - "@typescript-eslint/visitor-keys": "8.13.0", + "@typescript-eslint/scope-manager": "8.17.0", + "@typescript-eslint/type-utils": "8.17.0", + "@typescript-eslint/utils": "8.17.0", + "@typescript-eslint/visitor-keys": "8.17.0", "graphemer": "^1.4.0", "ignore": "^5.3.1", "natural-compare": "^1.4.0", @@ -1441,15 +1529,15 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.13.0.tgz", - "integrity": "sha512-w0xp+xGg8u/nONcGw1UXAr6cjCPU1w0XVyBs6Zqaj5eLmxkKQAByTdV/uGgNN5tVvN/kKpoQlP2cL7R+ajZZIQ==", + "version": "8.17.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.17.0.tgz", + "integrity": "sha512-Drp39TXuUlD49F7ilHHCG7TTg8IkA+hxCuULdmzWYICxGXvDXmDmWEjJYZQYgf6l/TFfYNE167m7isnc3xlIEg==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "8.13.0", - "@typescript-eslint/types": "8.13.0", - "@typescript-eslint/typescript-estree": "8.13.0", - "@typescript-eslint/visitor-keys": "8.13.0", + "@typescript-eslint/scope-manager": "8.17.0", + "@typescript-eslint/types": "8.17.0", + "@typescript-eslint/typescript-estree": "8.17.0", + "@typescript-eslint/visitor-keys": "8.17.0", "debug": "^4.3.4" }, "engines": { @@ -1469,13 +1557,13 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.13.0.tgz", - "integrity": "sha512-XsGWww0odcUT0gJoBZ1DeulY1+jkaHUciUq4jKNv4cpInbvvrtDoyBH9rE/n2V29wQJPk8iCH1wipra9BhmiMA==", + "version": "8.17.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.17.0.tgz", + "integrity": "sha512-/ewp4XjvnxaREtqsZjF4Mfn078RD/9GmiEAtTeLQ7yFdKnqwTOgRMSvFz4et9U5RiJQ15WTGXPLj89zGusvxBg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.13.0", - "@typescript-eslint/visitor-keys": "8.13.0" + "@typescript-eslint/types": "8.17.0", + "@typescript-eslint/visitor-keys": "8.17.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1486,13 +1574,13 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.13.0.tgz", - "integrity": "sha512-Rqnn6xXTR316fP4D2pohZenJnp+NwQ1mo7/JM+J1LWZENSLkJI8ID8QNtlvFeb0HnFSK94D6q0cnMX6SbE5/vA==", + "version": "8.17.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.17.0.tgz", + "integrity": "sha512-q38llWJYPd63rRnJ6wY/ZQqIzPrBCkPdpIsaCfkR3Q4t3p6sb422zougfad4TFW9+ElIFLVDzWGiGAfbb/v2qw==", "dev": true, "dependencies": { - "@typescript-eslint/typescript-estree": "8.13.0", - "@typescript-eslint/utils": "8.13.0", + "@typescript-eslint/typescript-estree": "8.17.0", + "@typescript-eslint/utils": "8.17.0", "debug": "^4.3.4", "ts-api-utils": "^1.3.0" }, @@ -1503,6 +1591,9 @@ "type": "opencollective", "url": "https://opencollective.com/typescript-eslint" }, + "peerDependencies": { + "eslint": "^8.57.0 || ^9.0.0" + }, "peerDependenciesMeta": { "typescript": { "optional": true @@ -1510,9 +1601,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.13.0.tgz", - "integrity": "sha512-4cyFErJetFLckcThRUFdReWJjVsPCqyBlJTi6IDEpc1GWCIIZRFxVppjWLIMcQhNGhdWJJRYFHpHoDWvMlDzng==", + "version": "8.17.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.17.0.tgz", + "integrity": "sha512-gY2TVzeve3z6crqh2Ic7Cr+CAv6pfb0Egee7J5UAVWCpVvDI/F71wNfolIim4FE6hT15EbpZFVUj9j5i38jYXA==", "dev": true, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1523,13 +1614,13 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.13.0.tgz", - "integrity": "sha512-v7SCIGmVsRK2Cy/LTLGN22uea6SaUIlpBcO/gnMGT/7zPtxp90bphcGf4fyrCQl3ZtiBKqVTG32hb668oIYy1g==", + "version": "8.17.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.17.0.tgz", + "integrity": "sha512-JqkOopc1nRKZpX+opvKqnM3XUlM7LpFMD0lYxTqOTKQfCWAmxw45e3qlOCsEqEB2yuacujivudOFpCnqkBDNMw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.13.0", - "@typescript-eslint/visitor-keys": "8.13.0", + "@typescript-eslint/types": "8.17.0", + "@typescript-eslint/visitor-keys": "8.17.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -1575,15 +1666,15 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.13.0.tgz", - "integrity": "sha512-A1EeYOND6Uv250nybnLZapeXpYMl8tkzYUxqmoKAWnI4sei3ihf2XdZVd+vVOmHGcp3t+P7yRrNsyyiXTvShFQ==", + "version": "8.17.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.17.0.tgz", + "integrity": "sha512-bQC8BnEkxqG8HBGKwG9wXlZqg37RKSMY7v/X8VEWD8JG2JuTHuNK0VFvMPMUKQcbk6B+tf05k+4AShAEtCtJ/w==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.13.0", - "@typescript-eslint/types": "8.13.0", - "@typescript-eslint/typescript-estree": "8.13.0" + "@typescript-eslint/scope-manager": "8.17.0", + "@typescript-eslint/types": "8.17.0", + "@typescript-eslint/typescript-estree": "8.17.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1594,16 +1685,21 @@ }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.13.0.tgz", - "integrity": "sha512-7N/+lztJqH4Mrf0lb10R/CbI1EaAMMGyF5y0oJvFoAhafwgiRA7TXyd8TFn8FC8k5y2dTsYogg238qavRGNnlw==", + "version": "8.17.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.17.0.tgz", + "integrity": "sha512-1Hm7THLpO6ww5QU6H/Qp+AusUUl+z/CAm3cNZZ0jQvon9yicgO7Rwd+/WWRpMKLYV6p2UvdbR27c86rzCPpreg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.13.0", - "eslint-visitor-keys": "^3.4.3" + "@typescript-eslint/types": "8.17.0", + "eslint-visitor-keys": "^4.2.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1613,15 +1709,23 @@ "url": "https://opencollective.com/typescript-eslint" } }, - "node_modules/@ungap/structured-clone": { - "version": "1.2.0", + "node_modules/@typescript-eslint/visitor-keys/node_modules/eslint-visitor-keys": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.0.tgz", + "integrity": "sha512-UyLnSehNt62FFhSwjZlHmeokpRK59rcz29j+F1/aDgbkbRTk7wIc9XzdoasMUbRNKDM0qQt/+BJ4BrpFeABemw==", "dev": true, - "license": "ISC" + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" + } }, "node_modules/acorn": { - "version": "8.10.0", + "version": "8.14.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz", + "integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==", "dev": true, - "license": "MIT", "bin": { "acorn": "bin/acorn" }, @@ -1631,8 +1735,9 @@ }, "node_modules/acorn-jsx": { "version": "5.3.2", + "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", + "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", "dev": true, - "license": "MIT", "peerDependencies": { "acorn": "^6.0.0 || ^7.0.0 || ^8.0.0" } @@ -1647,8 +1752,9 @@ }, "node_modules/ajv": { "version": "6.12.6", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", "dev": true, - "license": "MIT", "dependencies": { "fast-deep-equal": "^3.1.1", "fast-json-stable-stringify": "^2.0.0", @@ -1726,8 +1832,9 @@ }, "node_modules/argparse": { "version": "2.0.1", - "dev": true, - "license": "Python-2.0" + "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", + "dev": true }, "node_modules/array-buffer-byte-length": { "version": "1.0.1", @@ -2202,9 +2309,10 @@ "license": "MIT" }, "node_modules/cross-spawn": { - "version": "7.0.3", + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.5.tgz", + "integrity": "sha512-ZVJrKKYunU38/76t0RMOulHOnUcbU9GbpWKAOZ0mhjr7CX6FVrH+4FrAapSOekrgFQ3f/8gwMEuIft0aKq6Hug==", "dev": true, - "license": "MIT", "dependencies": { "path-key": "^3.1.0", "shebang-command": "^2.0.0", @@ -2266,9 +2374,9 @@ } }, "node_modules/debug": { - "version": "4.3.7", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.7.tgz", - "integrity": "sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ==", + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", + "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==", "dev": true, "dependencies": { "ms": "^2.1.3" @@ -2586,57 +2694,63 @@ } }, "node_modules/eslint": { - "version": "8.57.0", + "version": "9.14.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.14.0.tgz", + "integrity": "sha512-c2FHsVBr87lnUtjP4Yhvk4yEhKrQavGafRA/Se1ouse8PfbfC/Qh9Mxa00yWsZRlqeUB9raXip0aiiUZkgnr9g==", "dev": true, - "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.2.0", - "@eslint-community/regexpp": "^4.6.1", - "@eslint/eslintrc": "^2.1.4", - "@eslint/js": "8.57.0", - "@humanwhocodes/config-array": "^0.11.14", + "@eslint-community/regexpp": "^4.12.1", + "@eslint/config-array": "^0.18.0", + "@eslint/core": "^0.7.0", + "@eslint/eslintrc": "^3.1.0", + "@eslint/js": "9.14.0", + "@eslint/plugin-kit": "^0.2.0", + "@humanfs/node": "^0.16.6", "@humanwhocodes/module-importer": "^1.0.1", - "@nodelib/fs.walk": "^1.2.8", - "@ungap/structured-clone": "^1.2.0", + "@humanwhocodes/retry": "^0.4.0", + "@types/estree": "^1.0.6", + "@types/json-schema": "^7.0.15", "ajv": "^6.12.4", "chalk": "^4.0.0", "cross-spawn": "^7.0.2", "debug": "^4.3.2", - "doctrine": "^3.0.0", "escape-string-regexp": "^4.0.0", - "eslint-scope": "^7.2.2", - "eslint-visitor-keys": "^3.4.3", - "espree": "^9.6.1", - "esquery": "^1.4.2", + "eslint-scope": "^8.2.0", + "eslint-visitor-keys": "^4.2.0", + "espree": "^10.3.0", + "esquery": "^1.5.0", "esutils": "^2.0.2", "fast-deep-equal": "^3.1.3", - "file-entry-cache": "^6.0.1", + "file-entry-cache": "^8.0.0", "find-up": "^5.0.0", "glob-parent": "^6.0.2", - "globals": "^13.19.0", - "graphemer": "^1.4.0", "ignore": "^5.2.0", "imurmurhash": "^0.1.4", "is-glob": "^4.0.0", - "is-path-inside": "^3.0.3", - "js-yaml": "^4.1.0", "json-stable-stringify-without-jsonify": "^1.0.1", - "levn": "^0.4.1", "lodash.merge": "^4.6.2", "minimatch": "^3.1.2", "natural-compare": "^1.4.0", "optionator": "^0.9.3", - "strip-ansi": "^6.0.1", "text-table": "^0.2.0" }, "bin": { "eslint": "bin/eslint.js" }, "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { - "url": "https://opencollective.com/eslint" + "url": "https://eslint.org/donate" + }, + "peerDependencies": { + "jiti": "*" + }, + "peerDependenciesMeta": { + "jiti": { + "optional": true + } } }, "node_modules/eslint-compat-utils": { @@ -2684,19 +2798,19 @@ } }, "node_modules/eslint-import-resolver-typescript": { - "version": "3.6.3", - "resolved": "https://registry.npmjs.org/eslint-import-resolver-typescript/-/eslint-import-resolver-typescript-3.6.3.tgz", - "integrity": "sha512-ud9aw4szY9cCT1EWWdGv1L1XR6hh2PaRWif0j2QjQ0pgTY/69iw+W0Z4qZv5wHahOl8isEr+k/JnyAqNQkLkIA==", + "version": "3.7.0", + "resolved": "https://registry.npmjs.org/eslint-import-resolver-typescript/-/eslint-import-resolver-typescript-3.7.0.tgz", + "integrity": "sha512-Vrwyi8HHxY97K5ebydMtffsWAn1SCR9eol49eCd5fJS4O1WV7PaAjbcjmbfJJSMz/t4Mal212Uz/fQZrOB8mow==", "dev": true, "dependencies": { "@nolyfill/is-core-module": "1.0.39", - "debug": "^4.3.5", + "debug": "^4.3.7", "enhanced-resolve": "^5.15.0", - "eslint-module-utils": "^2.8.1", "fast-glob": "^3.3.2", "get-tsconfig": "^4.7.5", "is-bun-module": "^1.0.2", - "is-glob": "^4.0.3" + "is-glob": "^4.0.3", + "stable-hash": "^0.0.4" }, "engines": { "node": "^14.18.0 || >=16.0.0" @@ -2798,11 +2912,12 @@ } }, "node_modules/eslint-plugin-import-x": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-4.4.0.tgz", - "integrity": "sha512-me58aWTjdkPtgmOzPe+uP0bebpN5etH4bJRnYzy85Rn9g/3QyASg6kTCqdwNzyaJRqMI2ii2o8s01P2LZpREHg==", + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-4.5.0.tgz", + "integrity": "sha512-l0OTfnPF8RwmSXfjT75N8d6ZYLVrVYWpaGlgvVkVqFERCI5SyBfDP7QEMr3kt0zWi2sOa9EQ47clbdFsHkF83Q==", "dev": true, "dependencies": { + "@typescript-eslint/scope-manager": "^8.1.0", "@typescript-eslint/utils": "^8.1.0", "debug": "^4.3.4", "doctrine": "^3.0.0", @@ -2928,10 +3043,11 @@ } }, "node_modules/eslint-plugin-n": { - "version": "17.13.1", - "resolved": "https://registry.npmjs.org/eslint-plugin-n/-/eslint-plugin-n-17.13.1.tgz", - "integrity": "sha512-97qzhk1z3DdSJNCqT45EslwCu5+LB9GDadSyBItgKUfGsXAmN/aa7LRQ0ZxHffUxUzvgbTPJL27/pE9ZQWHy7A==", + "version": "17.14.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-n/-/eslint-plugin-n-17.14.0.tgz", + "integrity": "sha512-maxPLMEA0rPmRpoOlxEclKng4UpDe+N5BJS4t24I3UKnN109Qcivnfs37KMy84G0af3bxjog5lKctP5ObsvcTA==", "dev": true, + "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.4.1", "enhanced-resolve": "^5.17.1", @@ -3027,25 +3143,26 @@ "eslint": ">=5.0.0" } }, - "node_modules/eslint-visitor-keys": { - "version": "3.4.3", + "node_modules/eslint-scope": { + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-8.2.0.tgz", + "integrity": "sha512-PHlWUfG6lvPc3yvP5A4PNyBL1W8fkDUccmI21JUu/+GKZBoH/W5u6usENXUrWFRsyoW5ACUjFGgAFQp5gUlb/A==", "dev": true, - "license": "Apache-2.0", + "dependencies": { + "esrecurse": "^4.3.0", + "estraverse": "^5.2.0" + }, "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "url": "https://opencollective.com/eslint" } }, - "node_modules/eslint/node_modules/eslint-scope": { - "version": "7.2.2", + "node_modules/eslint-visitor-keys": { + "version": "3.4.3", "dev": true, - "license": "BSD-2-Clause", - "dependencies": { - "esrecurse": "^4.3.0", - "estraverse": "^5.2.0" - }, + "license": "Apache-2.0", "engines": { "node": "^12.22.0 || ^14.17.0 || >=16.0.0" }, @@ -3053,25 +3170,42 @@ "url": "https://opencollective.com/eslint" } }, - "node_modules/eslint/node_modules/estraverse": { - "version": "5.3.0", + "node_modules/eslint/node_modules/eslint-visitor-keys": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.0.tgz", + "integrity": "sha512-UyLnSehNt62FFhSwjZlHmeokpRK59rcz29j+F1/aDgbkbRTk7wIc9XzdoasMUbRNKDM0qQt/+BJ4BrpFeABemw==", "dev": true, - "license": "BSD-2-Clause", "engines": { - "node": ">=4.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" } }, "node_modules/espree": { - "version": "9.6.1", + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/espree/-/espree-10.3.0.tgz", + "integrity": "sha512-0QYC8b24HWY8zjRnDTL6RiHfDbAWn63qb4LMj1Z4b076A4une81+z03Kg7l7mn/48PUTqoLptSXez8oknU8Clg==", "dev": true, - "license": "BSD-2-Clause", "dependencies": { - "acorn": "^8.9.0", + "acorn": "^8.14.0", "acorn-jsx": "^5.3.2", - "eslint-visitor-keys": "^3.4.1" + "eslint-visitor-keys": "^4.2.0" }, "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" + } + }, + "node_modules/espree/node_modules/eslint-visitor-keys": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.0.tgz", + "integrity": "sha512-UyLnSehNt62FFhSwjZlHmeokpRK59rcz29j+F1/aDgbkbRTk7wIc9XzdoasMUbRNKDM0qQt/+BJ4BrpFeABemw==", + "dev": true, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "url": "https://opencollective.com/eslint" @@ -3100,18 +3234,11 @@ "node": ">=0.10" } }, - "node_modules/esquery/node_modules/estraverse": { - "version": "5.3.0", - "dev": true, - "license": "BSD-2-Clause", - "engines": { - "node": ">=4.0" - } - }, "node_modules/esrecurse": { "version": "4.3.0", + "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", + "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==", "dev": true, - "license": "BSD-2-Clause", "dependencies": { "estraverse": "^5.2.0" }, @@ -3119,10 +3246,11 @@ "node": ">=4.0" } }, - "node_modules/esrecurse/node_modules/estraverse": { + "node_modules/estraverse": { "version": "5.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", "dev": true, - "license": "BSD-2-Clause", "engines": { "node": ">=4.0" } @@ -3181,8 +3309,9 @@ }, "node_modules/fast-deep-equal": { "version": "3.1.3", - "dev": true, - "license": "MIT" + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", + "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", + "dev": true }, "node_modules/fast-diff": { "version": "1.2.0", @@ -3249,14 +3378,15 @@ } }, "node_modules/file-entry-cache": { - "version": "6.0.1", + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-8.0.0.tgz", + "integrity": "sha512-XXTUwCvisa5oacNGRP9SfNtYBNAMi+RPwBFmblZEF7N7swHYQS6/Zfk7SRwx4D5j3CH211YNRco1DEMNVfZCnQ==", "dev": true, - "license": "MIT", "dependencies": { - "flat-cache": "^3.0.4" + "flat-cache": "^4.0.0" }, "engines": { - "node": "^10.12.0 || >=12.0.0" + "node": ">=16.0.0" } }, "node_modules/filelist": { @@ -3316,21 +3446,23 @@ } }, "node_modules/flat-cache": { - "version": "3.0.4", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-4.0.1.tgz", + "integrity": "sha512-f7ccFPK3SXFHpx15UIGyRJ/FJQctuKZ0zVuN3frBo4HnK3cay9VEW0R6yPYFHC0AgqhukPzKjq22t5DmAyqGyw==", "dev": true, - "license": "MIT", "dependencies": { - "flatted": "^3.1.0", - "rimraf": "^3.0.2" + "flatted": "^3.2.9", + "keyv": "^4.5.4" }, "engines": { - "node": "^10.12.0 || >=12.0.0" + "node": ">=16" } }, "node_modules/flatted": { - "version": "3.2.7", - "dev": true, - "license": "ISC" + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz", + "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==", + "dev": true }, "node_modules/for-each": { "version": "0.3.3", @@ -3522,14 +3654,12 @@ } }, "node_modules/globals": { - "version": "13.24.0", + "version": "14.0.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-14.0.0.tgz", + "integrity": "sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ==", "dev": true, - "license": "MIT", - "dependencies": { - "type-fest": "^0.20.2" - }, "engines": { - "node": ">=8" + "node": ">=18" }, "funding": { "url": "https://github.com/sponsors/sindresorhus" @@ -3673,8 +3803,9 @@ }, "node_modules/import-fresh": { "version": "3.3.0", + "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", + "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", "dev": true, - "license": "MIT", "dependencies": { "parent-module": "^1.0.0", "resolve-from": "^4.0.0" @@ -3920,14 +4051,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/is-path-inside": { - "version": "3.0.3", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, "node_modules/is-regex": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.1.4.tgz", @@ -4689,8 +4812,9 @@ }, "node_modules/js-yaml": { "version": "4.1.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", "dev": true, - "license": "MIT", "dependencies": { "argparse": "^2.0.1" }, @@ -4709,6 +4833,12 @@ "node": ">=4" } }, + "node_modules/json-buffer": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", + "integrity": "sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==", + "dev": true + }, "node_modules/json-parse-even-better-errors": { "version": "2.3.1", "dev": true, @@ -4716,8 +4846,9 @@ }, "node_modules/json-schema-traverse": { "version": "0.4.1", - "dev": true, - "license": "MIT" + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true }, "node_modules/json-stable-stringify-without-jsonify": { "version": "1.0.1", @@ -4735,6 +4866,15 @@ "node": ">=6" } }, + "node_modules/keyv": { + "version": "4.5.4", + "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz", + "integrity": "sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==", + "dev": true, + "dependencies": { + "json-buffer": "3.0.1" + } + }, "node_modules/kleur": { "version": "3.0.3", "dev": true, @@ -5137,8 +5277,9 @@ }, "node_modules/parent-module": { "version": "1.0.1", + "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", + "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", "dev": true, - "license": "MIT", "dependencies": { "callsites": "^3.0.0" }, @@ -5356,8 +5497,9 @@ }, "node_modules/punycode": { "version": "2.3.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", + "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==", "dev": true, - "license": "MIT", "engines": { "node": ">=6" } @@ -5464,8 +5606,9 @@ }, "node_modules/resolve-from": { "version": "4.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", + "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", "dev": true, - "license": "MIT", "engines": { "node": ">=4" } @@ -5496,20 +5639,6 @@ "node": ">=0.10.0" } }, - "node_modules/rimraf": { - "version": "3.0.2", - "dev": true, - "license": "ISC", - "dependencies": { - "glob": "^7.1.3" - }, - "bin": { - "rimraf": "bin.js" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/run-parallel": { "version": "1.2.0", "dev": true, @@ -5930,8 +6059,9 @@ }, "node_modules/text-table": { "version": "0.2.0", - "dev": true, - "license": "MIT" + "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", + "integrity": "sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==", + "dev": true }, "node_modules/tmpl": { "version": "1.0.5", @@ -6104,17 +6234,6 @@ "node": ">=4" } }, - "node_modules/type-fest": { - "version": "0.20.2", - "dev": true, - "license": "(MIT OR CC0-1.0)", - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/typed-array-buffer": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/typed-array-buffer/-/typed-array-buffer-1.0.2.tgz", @@ -6189,10 +6308,11 @@ } }, "node_modules/typescript": { - "version": "5.6.3", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.6.3.tgz", - "integrity": "sha512-hjcS1mhfuyi4WW8IWtjP7brDrG2cuDZukyrYrSauoXGNgx0S7zceP07adYkJycEr56BOUTNPzbInooiN3fn1qw==", + "version": "5.7.2", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz", + "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==", "dev": true, + "license": "Apache-2.0", "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" @@ -6202,14 +6322,14 @@ } }, "node_modules/typescript-eslint": { - "version": "8.13.0", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.13.0.tgz", - "integrity": "sha512-vIMpDRJrQd70au2G8w34mPps0ezFSPMEX4pXkTzUkrNbRX+36ais2ksGWN0esZL+ZMaFJEneOBHzCgSqle7DHw==", + "version": "8.17.0", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.17.0.tgz", + "integrity": "sha512-409VXvFd/f1br1DCbuKNFqQpXICoTB+V51afcwG1pn1a3Cp92MqAUges3YjwEdQ0cMUoCIodjVDAYzyD8h3SYA==", "dev": true, "dependencies": { - "@typescript-eslint/eslint-plugin": "8.13.0", - "@typescript-eslint/parser": "8.13.0", - "@typescript-eslint/utils": "8.13.0" + "@typescript-eslint/eslint-plugin": "8.17.0", + "@typescript-eslint/parser": "8.17.0", + "@typescript-eslint/utils": "8.17.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -6218,6 +6338,9 @@ "type": "opencollective", "url": "https://opencollective.com/typescript-eslint" }, + "peerDependencies": { + "eslint": "^8.57.0 || ^9.0.0" + }, "peerDependenciesMeta": { "typescript": { "optional": true @@ -6239,9 +6362,9 @@ } }, "node_modules/undici-types": { - "version": "6.19.8", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.19.8.tgz", - "integrity": "sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==", + "version": "6.20.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", + "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", "dev": true }, "node_modules/update-browserslist-db": { @@ -6271,8 +6394,9 @@ }, "node_modules/uri-js": { "version": "4.4.1", + "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", + "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", "dev": true, - "license": "BSD-2-Clause", "dependencies": { "punycode": "^2.1.0" } @@ -6416,10 +6540,11 @@ "license": "ISC" }, "node_modules/yaml": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.6.0.tgz", - "integrity": "sha512-a6ae//JvKDEra2kdi1qzCyrJW/WZCgFi8ydDV+eXExl95t+5R+ijnqHJbz9tmMh8FUjx3iv2fCQ4dclAQlO2UQ==", + "version": "2.6.1", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.6.1.tgz", + "integrity": "sha512-7r0XPzioN/Q9kXBro/XPnA6kznR73DHq+GXh5ON7ZozRO6aMjbmiBuKste2wslTFkC5d1dw0GooOCepZXJ2SAg==", "dev": true, + "license": "ISC", "bin": { "yaml": "bin.mjs" }, diff --git a/package.json b/package.json index ba194beff..ef776cfbd 100644 --- a/package.json +++ b/package.json @@ -14,19 +14,19 @@ "@types/debug": "^4.1.12", "@types/jest": "^29.5.14", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.9.0", + "@types/node": "^22.10.1", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.13.0", - "@typescript-eslint/parser": "^8.13.0", + "@typescript-eslint/eslint-plugin": "^8.17.0", + "@typescript-eslint/parser": "^8.17.0", "caller": "^1.1.0", - "debug": "^4.3.7", - "eslint": "^8.57.0", + "debug": "^4.4.0", + "eslint": "9.14.0", "eslint-config-prettier": "^9.1.0", - "eslint-import-resolver-typescript": "^3.6.3", + "eslint-import-resolver-typescript": "^3.7.0", "eslint-plugin-import": "^2.31.0", - "eslint-plugin-import-x": "^4.4.0", + "eslint-plugin-import-x": "^4.5.0", "eslint-plugin-jest": "^28.9.0", - "eslint-plugin-n": "^17.13.1", + "eslint-plugin-n": "^17.14.0", "eslint-plugin-prettier": "^5.2.1", "eslint-plugin-simple-import-sort": "^12.1.1", "fast-sort": "^3.4.1", @@ -38,9 +38,9 @@ "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", - "typescript": "^5.6.3", - "typescript-eslint": "^8.13.0", - "yaml": "^2.6.0" + "typescript": "^5.7.2", + "typescript-eslint": "^8.17.0", + "yaml": "^2.6.1" }, "bundleDependencies": [ "tests" diff --git a/runtimes/java/plugin.yaml b/runtimes/java/plugin.yaml index d74abba50..d470e3f50 100644 --- a/runtimes/java/plugin.yaml +++ b/runtimes/java/plugin.yaml @@ -4,6 +4,16 @@ downloads: # implementing the Java runtime. The Temurin releases are hosted on GitHub, which would allow us # to use "latest version query" logic on them, but their release naming isn't trivially compatible # with our current schema (e.g. JDK 11.0.17+8 has URL /jdk-11.0.17+8/[...]_11.0.17_8.tar.gz). + - name: jdk-23 + downloads: + - os: + linux: linux + macos: macosx + cpu: + x86_64: x64 + arm_64: aarch64 + url: https://cdn.azul.com/zulu/bin/zulu23.30.13-ca-jdk23.0.1-${os}_${cpu}.tar.gz + strip_components: 1 - name: jdk-17 downloads: @@ -53,7 +63,7 @@ downloads: runtimes: definitions: - type: java - download: jdk-13 + download: jdk-23 runtime_environment: - name: HOME value: ${env.HOME:-} diff --git a/runtimes/node/plugin.yaml b/runtimes/node/plugin.yaml index 6720795ed..6457ca6f6 100644 --- a/runtimes/node/plugin.yaml +++ b/runtimes/node/plugin.yaml @@ -59,7 +59,7 @@ runtimes: - name: NODE_OPTIONS value: ${env.NODE_OPTIONS} optional: true - known_good_version: 18.12.1 + known_good_version: 18.20.5 version_commands: - run: node --version parse_regex: ${semver} diff --git a/runtimes/php/plugin.yaml b/runtimes/php/plugin.yaml index bd4db0d78..653287088 100644 --- a/runtimes/php/plugin.yaml +++ b/runtimes/php/plugin.yaml @@ -2,13 +2,13 @@ version: 0.1 downloads: # Needed for the php runtime to install packages - name: composer executable: true - version: 2.5.1 + version: 2.8.3 downloads: - - version: 2.5.1 + - version: 2.8.3 gpg: CBB3D576F2A0946F - name: phive executable: true - version: 0.15.1 + version: 0.15.3 downloads: - url: https://github.com/phar-io/phive/releases/download/${version}/phive-${version}.phar runtimes: diff --git a/runtimes/ruby/plugin.yaml b/runtimes/ruby/plugin.yaml index a7355bbe0..1f738f00e 100644 --- a/runtimes/ruby/plugin.yaml +++ b/runtimes/ruby/plugin.yaml @@ -1,12 +1,12 @@ version: 0.1 downloads: - name: ruby-build - version: 20240319 + version: 20241105 downloads: - os: linux: linux macos: macos - url: https://github.com/rbenv/ruby-build/archive/refs/tags/v20240319.tar.gz + url: https://github.com/rbenv/ruby-build/archive/refs/tags/v20241105.tar.gz strip_components: 1 - name: ruby-install version: 3.1.4 diff --git a/runtimes/rust/plugin.yaml b/runtimes/rust/plugin.yaml index 8dd7b4acc..1d16ec7b9 100644 --- a/runtimes/rust/plugin.yaml +++ b/runtimes/rust/plugin.yaml @@ -35,7 +35,7 @@ runtimes: linter_environment: - name: PATH list: ["${linter}/bin"] - known_good_version: 1.71.1 + known_good_version: 1.82.0 version_commands: - run: rustc --version parse_regex: ${semver} diff --git a/tests/driver/lint_driver.ts b/tests/driver/lint_driver.ts index fce56c2c5..cee8ce1c9 100644 --- a/tests/driver/lint_driver.ts +++ b/tests/driver/lint_driver.ts @@ -94,7 +94,7 @@ runtimes: enabled: # required in order to query latest - go@1.21.0 - - node@18.12.1 + - node@18.20.5 - python@3.10.8 - ruby@3.1.4 plugins: diff --git a/tests/driver/tool_driver.ts b/tests/driver/tool_driver.ts index 0090360b9..d2ae68b6a 100644 --- a/tests/driver/tool_driver.ts +++ b/tests/driver/tool_driver.ts @@ -158,13 +158,35 @@ lint: stdout: string; stderr: string; exitCode: number; + details?: string; }> => { try { const { stdout, stderr } = await this.runTrunk(["tools", "install", toolName, "--ci"]); - return { exitCode: 0, stdout, stderr }; + return { exitCode: 0, stdout, stderr, details: undefined }; } catch (e: any) { - // trunk-ignore(eslint/@typescript-eslint/no-unsafe-member-access) - return { exitCode: e.code as number, stdout: e.stdout as string, stderr: e.stderr as string }; + let details = undefined; + /* eslint-disable-next-line + @typescript-eslint/no-unsafe-call, + @typescript-eslint/no-unsafe-member-access, + @typescript-eslint/no-unsafe-assignment + */ + const detailsPath = e.stdout.match(/\.trunk\/out\/(.+\.yaml)/); + if (detailsPath) { + details = await fs.promises.readFile( + /* eslint-disable-next-line @typescript-eslint/no-unsafe-argument,@typescript-eslint/no-unsafe-member-access */ + path.resolve(this.sandboxPath ?? "", detailsPath[0]), + "utf8", + ); + } + + /* eslint-disable @typescript-eslint/no-unsafe-member-access */ + return { + exitCode: e.code as number, + stdout: e.stdout as string, + stderr: e.stderr as string, + /* eslint-enable @typescript-eslint/no-unsafe-member-access */ + details, + }; } }; diff --git a/tests/index.ts b/tests/index.ts index b08deac33..3a470bc8c 100644 --- a/tests/index.ts +++ b/tests/index.ts @@ -252,12 +252,15 @@ export const toolInstallTest = ({ describe(`Testing tool ${toolName}`, () => { const driver = setUpTrunkToolDriverForHealthCheck(dirName, {}, toolName, toolVersion, preCheck); conditionalTest(skipTestIf(toolVersion), "tool ", async () => { - const { exitCode, stdout, stderr } = await driver.runInstall(toolName); - expect(exitCode).toEqual(0); - expect(stdout).toContain(toolName); - expect(stdout).toContain(toolVersion); - expect(stderr).toEqual(""); - expect(stdout).not.toContain("Failures:"); + const installResult = await driver.runInstall(toolName); + expect(installResult).toMatchObject({ + exitCode: 0, + // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment + stdout: expect.stringMatching(`${toolName}.+${toolVersion}(?!.*trunk)`), + stderr: "", + details: undefined, + }); + expect(installResult.stdout).not.toContain("Failures:"); }); }); }; @@ -303,10 +306,14 @@ export const toolTest = ({ const driver = setupTrunkToolDriver(dirName, {}, toolName, toolVersion, preCheck); testConfigs.forEach(({ command, expectedOut, expectedErr, expectedExitCode, stdin }) => { conditionalTest(skipTestIf(toolVersion), command.join(" "), async () => { - const { stdout, stderr, exitCode } = await driver.runTool(command, stdin); - expect(stdout).toContain(expectedOut); - expect(stderr).toContain(expectedErr); - expect(exitCode).toEqual(expectedExitCode); + const installResult = await driver.runTool(command, stdin); + expect(installResult).toMatchObject({ + exitCode: expectedExitCode, + // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment + stdout: expect.stringContaining(expectedOut ?? ""), + // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment + stderr: expect.stringContaining(expectedErr ?? ""), + }); }); }); }); diff --git a/tests/parse/index.ts b/tests/parse/index.ts index a2fe0b0a1..d53cf2424 100644 --- a/tests/parse/index.ts +++ b/tests/parse/index.ts @@ -11,9 +11,10 @@ import { } from "tests/types"; import { REPO_ROOT } from "tests/utils"; import { getTrunkVersion } from "tests/utils/trunk_config"; +import YAML from "yaml"; const RESULTS_FILE = path.resolve(REPO_ROOT, "results.json"); -const FAILURES_FILE = path.resolve(REPO_ROOT, "failures.json"); +const FAILURES_FILE = path.resolve(REPO_ROOT, "failures.yaml"); const RERUN_FILE = path.resolve(REPO_ROOT, "reruns.txt"); const VALIDATED_LINTER_BLOCKLIST: string[] = []; @@ -299,10 +300,11 @@ const writeFailuresForNotification = (failures: FailedVersion[]) => { const blocks = allBlocks.length > 50 ? allBlocks.slice(0, 49).concat(remainingBlock) : allBlocks; const failuresObject = { + channel: process.env.SLACK_CHANNEL_ID, text: `${failures.length} failures encountered running plugins tests for ${TEST_REF}`, blocks, }; - const failuresString = JSON.stringify(failuresObject); + const failuresString = YAML.stringify(failuresObject); fs.writeFileSync(FAILURES_FILE, failuresString); console.log(`Wrote ${failures.length} failures out to ${FAILURES_FILE}:`); console.log(failuresString); diff --git a/tools/paratest/paratest.test.ts b/tools/paratest/paratest.test.ts index accc678bb..10dd9d245 100644 --- a/tools/paratest/paratest.test.ts +++ b/tools/paratest/paratest.test.ts @@ -3,6 +3,6 @@ import { skipOS } from "tests/utils"; toolInstallTest({ toolName: "paratest", - toolVersion: "7.4.3", + toolVersion: "7.6.0", skipTestIf: skipOS(["win32"]), }); diff --git a/tools/paratest/plugin.yaml b/tools/paratest/plugin.yaml index 5c2eac5b8..5bac06460 100644 --- a/tools/paratest/plugin.yaml +++ b/tools/paratest/plugin.yaml @@ -4,7 +4,8 @@ tools: - name: paratest runtime: php package: brianium/paratest - known_good_version: 7.4.3 + # Minimum version compatible with php@8.4 + known_good_version: 7.6.0 shims: [paratest] environment: - name: PATH