diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 000000000000..9f6bd102befe --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,72 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '35 3 * * 6' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'javascript', 'python' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/package-lock.json b/package-lock.json index dcf70ceb614c..019d4ef4ca08 100644 --- a/package-lock.json +++ b/package-lock.json @@ -42,6 +42,7 @@ "html-entities": "^2.3.3", "imurmurhash": "^0.1.4", "javascript-stringify": "^2.1.0", + "jest-puppeteer": "^6.2.0", "js-cookie": "^3.0.1", "js-yaml": "^4.1.0", "liquidjs": "9.22.1", @@ -167,7 +168,7 @@ "bottleneck": "^2.19.5", "esm": "^3.2.25", "image-size": "^1.0.1", - "jest-puppeteer": "^5.0.4", + "jest-puppeteer": "^6.2.0", "puppeteer": "^9.1.1", "website-scraper": "^5.0.0" } @@ -5199,7 +5200,7 @@ }, "node_modules/axios": { "version": "0.21.4", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "follow-redirects": "^1.14.0" @@ -8828,9 +8829,9 @@ } }, "node_modules/expect-puppeteer": { - "version": "5.0.4", - "resolved": "https://registry.npmjs.org/expect-puppeteer/-/expect-puppeteer-5.0.4.tgz", - "integrity": "sha512-NV7jSiKhK+byocxg9A+0av+Q2RSCP9bcLVRz7zhHaESeCOkuomMvl9oD+uo1K+NdqRCXhNkQlUGWlmtbrpR1qw==", + "version": "6.1.1", + "resolved": "https://registry.npmjs.org/expect-puppeteer/-/expect-puppeteer-6.1.1.tgz", + "integrity": "sha512-cnQF96qdoEcOD63j5NQMc0RtW9WRMW/WHKXEKsuDQ2tszhVH3qC7zkXXS4D0LTt9qCB3DEExioqylsQXvqPrUw==", "optional": true }, "node_modules/expect/node_modules/@jest/types": { @@ -11837,7 +11838,7 @@ }, "node_modules/jest-dev-server": { "version": "5.0.3", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "chalk": "^4.1.1", @@ -11851,7 +11852,7 @@ }, "node_modules/jest-dev-server/node_modules/chalk": { "version": "4.1.2", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "ansi-styles": "^4.1.0", @@ -12065,7 +12066,7 @@ }, "node_modules/jest-environment-puppeteer": { "version": "5.0.4", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "chalk": "^4.1.1", @@ -12077,7 +12078,7 @@ }, "node_modules/jest-environment-puppeteer/node_modules/chalk": { "version": "4.1.2", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "ansi-styles": "^4.1.0", @@ -12424,16 +12425,99 @@ } }, "node_modules/jest-puppeteer": { - "version": "5.0.4", - "resolved": "https://registry.npmjs.org/jest-puppeteer/-/jest-puppeteer-5.0.4.tgz", - "integrity": "sha512-IUOVKgHEaKsLqahZy/J/DvXB59SQx4AVpZKTRDvJzCdkvdGc3NVsNwUhovr6SK+HOK1TOiqAiXPTAPiIq3mkrg==", + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/jest-puppeteer/-/jest-puppeteer-6.2.0.tgz", + "integrity": "sha512-4Ynkgcf9FkHlTNEpdsojGLb3KtsToWqjO6SCigxb9Qj3HzIqhzJzNbDJ/XhiciNDpqDe6KHW9sZ6fjHphNLr6g==", "optional": true, "dependencies": { - "expect-puppeteer": "^5.0.4", - "jest-environment-puppeteer": "^5.0.4" + "expect-puppeteer": "^6.1.1", + "jest-environment-puppeteer": "^6.2.0" }, "peerDependencies": { - "puppeteer": ">= 1.5.0 < 10" + "puppeteer": ">= 1.5.0" + } + }, + "node_modules/jest-puppeteer/node_modules/axios": { + "version": "0.25.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.25.0.tgz", + "integrity": "sha512-cD8FOb0tRH3uuEe6+evtAbgJtfxr7ly3fQjYcMcuPlgkwVS9xboaVIpcDV+cYQe+yGykgwZCs1pzjntcGa6l5g==", + "optional": true, + "dependencies": { + "follow-redirects": "^1.14.7" + } + }, + "node_modules/jest-puppeteer/node_modules/chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "optional": true, + "dependencies": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" + } + }, + "node_modules/jest-puppeteer/node_modules/jest-dev-server": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/jest-dev-server/-/jest-dev-server-6.2.0.tgz", + "integrity": "sha512-ZWh8CuvxwjhYfvw4tGeftziqIvw/26R6AG3OTgNTQeXul8aZz48RQjDpnlDwnWX53jxJJl9fcigqIdSU5lYZuw==", + "optional": true, + "dependencies": { + "chalk": "^4.1.2", + "cwd": "^0.10.0", + "find-process": "^1.4.7", + "prompts": "^2.4.2", + "spawnd": "^6.2.0", + "tree-kill": "^1.2.2", + "wait-on": "^6.0.1" + } + }, + "node_modules/jest-puppeteer/node_modules/jest-environment-puppeteer": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/jest-environment-puppeteer/-/jest-environment-puppeteer-6.2.0.tgz", + "integrity": "sha512-a/oSu6dO9D+XoDDe3ZY/0Sk79Jl2FcJl7Q0D+3x22l1eWNOYe4ikXnPGhtmNZ3mJIpuAVIX6LytA8EraOk/aqQ==", + "optional": true, + "dependencies": { + "chalk": "^4.1.2", + "cwd": "^0.10.0", + "jest-dev-server": "^6.2.0", + "jest-environment-node": "^27.5.1", + "merge-deep": "^3.0.3" + } + }, + "node_modules/jest-puppeteer/node_modules/spawnd": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/spawnd/-/spawnd-6.2.0.tgz", + "integrity": "sha512-qX/I4lQy4KgVEcNle0kuc4FxFWHISzBhZW1YemPfwmrmQjyZmfTK/OhBKkhrD2ooAaFZEm1maEBLE6/6enwt+g==", + "optional": true, + "dependencies": { + "exit": "^0.1.2", + "signal-exit": "^3.0.7", + "tree-kill": "^1.2.2" + } + }, + "node_modules/jest-puppeteer/node_modules/wait-on": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-6.0.1.tgz", + "integrity": "sha512-zht+KASY3usTY5u2LgaNqn/Cd8MukxLGjdcZxT2ns5QzDmTFc4XoWBgC+C/na+sMRZTuVygQoMYwdcVjHnYIVw==", + "optional": true, + "dependencies": { + "axios": "^0.25.0", + "joi": "^17.6.0", + "lodash": "^4.17.21", + "minimist": "^1.2.5", + "rxjs": "^7.5.4" + }, + "bin": { + "wait-on": "bin/wait-on" + }, + "engines": { + "node": ">=10.0.0" } }, "node_modules/jest-regex-util": { @@ -17993,7 +18077,7 @@ }, "node_modules/rxjs": { "version": "7.5.5", - "dev": true, + "devOptional": true, "license": "Apache-2.0", "dependencies": { "tslib": "^2.1.0" @@ -18554,7 +18638,7 @@ }, "node_modules/spawnd": { "version": "5.0.0", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "exit": "^0.1.2", @@ -20007,7 +20091,7 @@ }, "node_modules/wait-on": { "version": "5.3.0", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "axios": "^0.21.1", @@ -20025,7 +20109,7 @@ }, "node_modules/wait-on/node_modules/rxjs": { "version": "6.6.7", - "devOptional": true, + "dev": true, "license": "Apache-2.0", "dependencies": { "tslib": "^1.9.0" @@ -20036,12 +20120,12 @@ }, "node_modules/wait-on/node_modules/tslib": { "version": "1.14.1", - "devOptional": true, + "dev": true, "license": "0BSD" }, "node_modules/wait-port": { "version": "0.2.9", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "chalk": "^2.4.2", @@ -20057,7 +20141,7 @@ }, "node_modules/wait-port/node_modules/ansi-styles": { "version": "3.2.1", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "color-convert": "^1.9.0" @@ -20068,7 +20152,7 @@ }, "node_modules/wait-port/node_modules/chalk": { "version": "2.4.2", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "ansi-styles": "^3.2.1", @@ -20081,7 +20165,7 @@ }, "node_modules/wait-port/node_modules/color-convert": { "version": "1.9.3", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "color-name": "1.1.3" @@ -20089,17 +20173,17 @@ }, "node_modules/wait-port/node_modules/color-name": { "version": "1.1.3", - "devOptional": true, + "dev": true, "license": "MIT" }, "node_modules/wait-port/node_modules/commander": { "version": "3.0.2", - "devOptional": true, + "dev": true, "license": "MIT" }, "node_modules/wait-port/node_modules/escape-string-regexp": { "version": "1.0.5", - "devOptional": true, + "dev": true, "license": "MIT", "engines": { "node": ">=0.8.0" @@ -20107,7 +20191,7 @@ }, "node_modules/wait-port/node_modules/has-flag": { "version": "3.0.0", - "devOptional": true, + "dev": true, "license": "MIT", "engines": { "node": ">=4" @@ -20115,7 +20199,7 @@ }, "node_modules/wait-port/node_modules/supports-color": { "version": "5.5.0", - "devOptional": true, + "dev": true, "license": "MIT", "dependencies": { "has-flag": "^3.0.0" @@ -24391,7 +24475,7 @@ }, "axios": { "version": "0.21.4", - "devOptional": true, + "dev": true, "requires": { "follow-redirects": "^1.14.0" } @@ -27036,9 +27120,9 @@ } }, "expect-puppeteer": { - "version": "5.0.4", - "resolved": "https://registry.npmjs.org/expect-puppeteer/-/expect-puppeteer-5.0.4.tgz", - "integrity": "sha512-NV7jSiKhK+byocxg9A+0av+Q2RSCP9bcLVRz7zhHaESeCOkuomMvl9oD+uo1K+NdqRCXhNkQlUGWlmtbrpR1qw==", + "version": "6.1.1", + "resolved": "https://registry.npmjs.org/expect-puppeteer/-/expect-puppeteer-6.1.1.tgz", + "integrity": "sha512-cnQF96qdoEcOD63j5NQMc0RtW9WRMW/WHKXEKsuDQ2tszhVH3qC7zkXXS4D0LTt9qCB3DEExioqylsQXvqPrUw==", "optional": true }, "express": { @@ -29037,7 +29121,7 @@ }, "jest-dev-server": { "version": "5.0.3", - "devOptional": true, + "dev": true, "requires": { "chalk": "^4.1.1", "cwd": "^0.10.0", @@ -29050,7 +29134,7 @@ "dependencies": { "chalk": { "version": "4.1.2", - "devOptional": true, + "dev": true, "requires": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -29219,7 +29303,7 @@ }, "jest-environment-puppeteer": { "version": "5.0.4", - "devOptional": true, + "dev": true, "requires": { "chalk": "^4.1.1", "cwd": "^0.10.0", @@ -29230,7 +29314,7 @@ "dependencies": { "chalk": { "version": "4.1.2", - "devOptional": true, + "dev": true, "requires": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -29490,13 +29574,86 @@ "requires": {} }, "jest-puppeteer": { - "version": "5.0.4", - "resolved": "https://registry.npmjs.org/jest-puppeteer/-/jest-puppeteer-5.0.4.tgz", - "integrity": "sha512-IUOVKgHEaKsLqahZy/J/DvXB59SQx4AVpZKTRDvJzCdkvdGc3NVsNwUhovr6SK+HOK1TOiqAiXPTAPiIq3mkrg==", + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/jest-puppeteer/-/jest-puppeteer-6.2.0.tgz", + "integrity": "sha512-4Ynkgcf9FkHlTNEpdsojGLb3KtsToWqjO6SCigxb9Qj3HzIqhzJzNbDJ/XhiciNDpqDe6KHW9sZ6fjHphNLr6g==", "optional": true, "requires": { - "expect-puppeteer": "^5.0.4", - "jest-environment-puppeteer": "^5.0.4" + "expect-puppeteer": "^6.1.1", + "jest-environment-puppeteer": "^6.2.0" + }, + "dependencies": { + "axios": { + "version": "0.25.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.25.0.tgz", + "integrity": "sha512-cD8FOb0tRH3uuEe6+evtAbgJtfxr7ly3fQjYcMcuPlgkwVS9xboaVIpcDV+cYQe+yGykgwZCs1pzjntcGa6l5g==", + "optional": true, + "requires": { + "follow-redirects": "^1.14.7" + } + }, + "chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "optional": true, + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } + }, + "jest-dev-server": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/jest-dev-server/-/jest-dev-server-6.2.0.tgz", + "integrity": "sha512-ZWh8CuvxwjhYfvw4tGeftziqIvw/26R6AG3OTgNTQeXul8aZz48RQjDpnlDwnWX53jxJJl9fcigqIdSU5lYZuw==", + "optional": true, + "requires": { + "chalk": "^4.1.2", + "cwd": "^0.10.0", + "find-process": "^1.4.7", + "prompts": "^2.4.2", + "spawnd": "^6.2.0", + "tree-kill": "^1.2.2", + "wait-on": "^6.0.1" + } + }, + "jest-environment-puppeteer": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/jest-environment-puppeteer/-/jest-environment-puppeteer-6.2.0.tgz", + "integrity": "sha512-a/oSu6dO9D+XoDDe3ZY/0Sk79Jl2FcJl7Q0D+3x22l1eWNOYe4ikXnPGhtmNZ3mJIpuAVIX6LytA8EraOk/aqQ==", + "optional": true, + "requires": { + "chalk": "^4.1.2", + "cwd": "^0.10.0", + "jest-dev-server": "^6.2.0", + "jest-environment-node": "^27.5.1", + "merge-deep": "^3.0.3" + } + }, + "spawnd": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/spawnd/-/spawnd-6.2.0.tgz", + "integrity": "sha512-qX/I4lQy4KgVEcNle0kuc4FxFWHISzBhZW1YemPfwmrmQjyZmfTK/OhBKkhrD2ooAaFZEm1maEBLE6/6enwt+g==", + "optional": true, + "requires": { + "exit": "^0.1.2", + "signal-exit": "^3.0.7", + "tree-kill": "^1.2.2" + } + }, + "wait-on": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-6.0.1.tgz", + "integrity": "sha512-zht+KASY3usTY5u2LgaNqn/Cd8MukxLGjdcZxT2ns5QzDmTFc4XoWBgC+C/na+sMRZTuVygQoMYwdcVjHnYIVw==", + "optional": true, + "requires": { + "axios": "^0.25.0", + "joi": "^17.6.0", + "lodash": "^4.17.21", + "minimist": "^1.2.5", + "rxjs": "^7.5.4" + } + } } }, "jest-regex-util": { @@ -33168,7 +33325,7 @@ }, "rxjs": { "version": "7.5.5", - "dev": true, + "devOptional": true, "requires": { "tslib": "^2.1.0" } @@ -33571,7 +33728,7 @@ }, "spawnd": { "version": "5.0.0", - "devOptional": true, + "dev": true, "requires": { "exit": "^0.1.2", "signal-exit": "^3.0.3", @@ -34538,7 +34695,7 @@ }, "wait-on": { "version": "5.3.0", - "devOptional": true, + "dev": true, "requires": { "axios": "^0.21.1", "joi": "^17.3.0", @@ -34549,20 +34706,20 @@ "dependencies": { "rxjs": { "version": "6.6.7", - "devOptional": true, + "dev": true, "requires": { "tslib": "^1.9.0" } }, "tslib": { "version": "1.14.1", - "devOptional": true + "dev": true } } }, "wait-port": { "version": "0.2.9", - "devOptional": true, + "dev": true, "requires": { "chalk": "^2.4.2", "commander": "^3.0.2", @@ -34571,14 +34728,14 @@ "dependencies": { "ansi-styles": { "version": "3.2.1", - "devOptional": true, + "dev": true, "requires": { "color-convert": "^1.9.0" } }, "chalk": { "version": "2.4.2", - "devOptional": true, + "dev": true, "requires": { "ansi-styles": "^3.2.1", "escape-string-regexp": "^1.0.5", @@ -34587,30 +34744,30 @@ }, "color-convert": { "version": "1.9.3", - "devOptional": true, + "dev": true, "requires": { "color-name": "1.1.3" } }, "color-name": { "version": "1.1.3", - "devOptional": true + "dev": true }, "commander": { "version": "3.0.2", - "devOptional": true + "dev": true }, "escape-string-regexp": { "version": "1.0.5", - "devOptional": true + "dev": true }, "has-flag": { "version": "3.0.0", - "devOptional": true + "dev": true }, "supports-color": { "version": "5.5.0", - "devOptional": true, + "dev": true, "requires": { "has-flag": "^3.0.0" } diff --git a/package.json b/package.json index 5eb76756a9af..380b61c46cb4 100644 --- a/package.json +++ b/package.json @@ -172,7 +172,7 @@ "bottleneck": "^2.19.5", "esm": "^3.2.25", "image-size": "^1.0.1", - "jest-puppeteer": "^5.0.4", + "jest-puppeteer": "^6.2.0", "puppeteer": "^9.1.1", "website-scraper": "^5.0.0" },