From a86bcb0a8a62407f431138a29606aa2223f4b827 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:41:16 -0500 Subject: [PATCH 01/25] Add .circleci/config.yml --- .circleci/config.yml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 00000000000..bb68f37ad27 --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,38 @@ +version: 2.1 +orbs: + snyk: snyk/snyk@0.0.8 + +jobs: # a collection of steps + build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + working_directory: ~/goof + docker: + - image: circleci/node@3.0.0 + steps: + - run: + name: echo "install and build npm project" + command: 'npm install' + - run: + name: echo "build project" + command: 'npm run build' + #- run: + # name: echo "build Docker image" + # command: 'docker build -t my-new-container-goof-image .' + + - snyk/scan: + fail-on-issues: false + monitor-on-build: true + token-variable: SNYKTOKEN + organization: panda-not-omar + project: circleCi-dotnet-goof + severity-threshold: high + +#workflows: + #node-tests: + #jobs: + # - node/test + #- snyk/scan: + # fail-on-issues: false + # monitor-on-build: true + # token-variable: SNYKTOKEN + # organization: panda-not-omar + # project: circleCi-dotnet-goof \ No newline at end of file From 78a80e3be2a035d99021011ed9e5653af73ef313 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:42:59 -0500 Subject: [PATCH 02/25] Updated config.yml --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index bb68f37ad27..797edeaf68f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -6,7 +6,7 @@ jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof docker: - - image: circleci/node@3.0.0 + - image: circleci/node:4.8.2 steps: - run: name: echo "install and build npm project" @@ -25,7 +25,7 @@ jobs: # a collection of steps organization: panda-not-omar project: circleCi-dotnet-goof severity-threshold: high - + workflows: null #workflows: #node-tests: #jobs: From 947b2e626577f4efffb634ebcfbc01d9d20e5845 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:45:53 -0500 Subject: [PATCH 03/25] Updated config.yml --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 797edeaf68f..2309864fdbe 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -10,7 +10,7 @@ jobs: # a collection of steps steps: - run: name: echo "install and build npm project" - command: 'npm install' + command: 'sudo npm install' - run: name: echo "build project" command: 'npm run build' @@ -23,7 +23,7 @@ jobs: # a collection of steps monitor-on-build: true token-variable: SNYKTOKEN organization: panda-not-omar - project: circleCi-dotnet-goof + project: circleCi-goof severity-threshold: high workflows: null #workflows: From 1e7b1740d27b53de18b907257c76e0078a6e3a01 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:49:02 -0500 Subject: [PATCH 04/25] Updated config.yml --- .circleci/config.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2309864fdbe..5dddf8198fa 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -7,10 +7,11 @@ jobs: # a collection of steps working_directory: ~/goof docker: - image: circleci/node:4.8.2 - steps: + steps: + - checkout - run: name: echo "install and build npm project" - command: 'sudo npm install' + command: 'sudo npm install -g npm@latest' - run: name: echo "build project" command: 'npm run build' From 01383b46f6a7bd35a35345d30bd551bf246d4aab Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 11:52:00 -0500 Subject: [PATCH 05/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 5dddf8198fa..40dba8a64ac 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -11,7 +11,7 @@ jobs: # a collection of steps - checkout - run: name: echo "install and build npm project" - command: 'sudo npm install -g npm@latest' + command: 'sudo npm install -q' - run: name: echo "build project" command: 'npm run build' From 2c54c9fe2764743d39b9f8dffc63ca092dfcff0b Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:13:10 -0500 Subject: [PATCH 06/25] Updated config.yml --- .circleci/config.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 40dba8a64ac..0825bc46073 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,6 +2,11 @@ version: 2.1 orbs: snyk: snyk/snyk@0.0.8 +workflows: + test-env-vars: + jobs: + - build: + context: Snyk # has an env var called Snyk-Token jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof @@ -18,7 +23,7 @@ jobs: # a collection of steps #- run: # name: echo "build Docker image" # command: 'docker build -t my-new-container-goof-image .' - + - snyk/scan: fail-on-issues: false monitor-on-build: true @@ -26,7 +31,7 @@ jobs: # a collection of steps organization: panda-not-omar project: circleCi-goof severity-threshold: high - workflows: null + #workflows: #node-tests: #jobs: From efef4c3ebb7573b0c42afe7563643727af65d8fb Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:32:36 -0500 Subject: [PATCH 07/25] Updated Config.yml with container scan --- .circleci/config.yml | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 0825bc46073..d97af85ae35 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,10 +2,10 @@ version: 2.1 orbs: snyk: snyk/snyk@0.0.8 -workflows: - test-env-vars: +workflows: #creating a workflow to define the context - collection of different jobs + test-env-vars: #setting up a job to define the context which this project will use jobs: - - build: + - build: #building the relevant context context: Snyk # has an env var called Snyk-Token jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run @@ -23,7 +23,6 @@ jobs: # a collection of steps #- run: # name: echo "build Docker image" # command: 'docker build -t my-new-container-goof-image .' - - snyk/scan: fail-on-issues: false monitor-on-build: true @@ -31,7 +30,30 @@ jobs: # a collection of steps organization: panda-not-omar project: circleCi-goof severity-threshold: high - + + jobs: # a collection of steps + build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + working_directory: ~/goof + docker: + - image: circleci/buildpack-deps:stretch + environment: + IMAGE_NAME: akanchhaS/goof + steps: + - checkout + - setup_remote_docker + - run: + name: echo "Build Docker image" + command: 'docker build -t my-new-container-circleCI-goof-image .' + - snyk/scan: + fail-on-issues: false + monitor-on-build: true + token-variable: SNYKTOKEN + organization: panda-not-omar + project: circleCi-goof-container + severity-threshold: low + target-file: Dockerfile + docker-image-name: my-new-container-circleCI-goof-image + #workflows: #node-tests: #jobs: From 43d561e2caa60165b49c1cfef00e59eac5bca9ef Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:36:16 -0500 Subject: [PATCH 08/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index d97af85ae35..150f8403166 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -33,7 +33,7 @@ jobs: # a collection of steps jobs: # a collection of steps build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run - working_directory: ~/goof + #working_directory: ~/goof docker: - image: circleci/buildpack-deps:stretch environment: From 0fd541e629f42567822dd21f5cc16dc3a5663c7c Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:43:56 -0500 Subject: [PATCH 09/25] Updated config.yml --- .circleci/config.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 150f8403166..0b73b687d78 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -5,10 +5,14 @@ orbs: workflows: #creating a workflow to define the context - collection of different jobs test-env-vars: #setting up a job to define the context which this project will use jobs: - - build: #building the relevant context + - build-test-monitor-app: #building the relevant context context: Snyk # has an env var called Snyk-Token + - build-test-monitor-docker: + context: Snyk + + jobs: # a collection of steps - build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + build-test-monitor-app: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof docker: - image: circleci/node:4.8.2 @@ -31,8 +35,8 @@ jobs: # a collection of steps project: circleCi-goof severity-threshold: high - jobs: # a collection of steps - build: # runs not using Workflows must have a `build` job as entry point #directory where steps will run + + build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - image: circleci/buildpack-deps:stretch From 66fcbff47f745ef79cc6527ffb5d7a14b9e4089e Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Thu, 25 Feb 2021 12:51:59 -0500 Subject: [PATCH 10/25] Updated config.yml --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 0b73b687d78..378a7a17495 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -47,7 +47,7 @@ jobs: # a collection of steps - setup_remote_docker - run: name: echo "Build Docker image" - command: 'docker build -t my-new-container-circleCI-goof-image .' + command: 'docker build -t my-new-container-circleci-goof-image .' - snyk/scan: fail-on-issues: false monitor-on-build: true @@ -56,7 +56,7 @@ jobs: # a collection of steps project: circleCi-goof-container severity-threshold: low target-file: Dockerfile - docker-image-name: my-new-container-circleCI-goof-image + docker-image-name: my-new-container-circleci-goof-image #workflows: #node-tests: From 7f66a29c84060e5a6e3d92b3a2742960716b1a49 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:13:34 +0530 Subject: [PATCH 11/25] Add .circleci/config.yml --- .circleci/config.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 378a7a17495..46317f5233c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,6 +1,6 @@ version: 2.1 orbs: - snyk: snyk/snyk@0.0.8 + snyk: snyk/snyk@1.1.1 workflows: #creating a workflow to define the context - collection of different jobs test-env-vars: #setting up a job to define the context which this project will use @@ -31,7 +31,7 @@ jobs: # a collection of steps fail-on-issues: false monitor-on-build: true token-variable: SNYKTOKEN - organization: panda-not-omar + organization: ninja-snyker project: circleCi-goof severity-threshold: high @@ -52,7 +52,7 @@ jobs: # a collection of steps fail-on-issues: false monitor-on-build: true token-variable: SNYKTOKEN - organization: panda-not-omar + organization: ninja-snyker project: circleCi-goof-container severity-threshold: low target-file: Dockerfile From f1ee77cc14c6fb74c2ce0dafe8ab50ac5f4d3721 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:15:37 +0530 Subject: [PATCH 12/25] Add .circleci/config.yml From 604222629c5153914c70b8b6010a427643f4b4ba Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:18:13 +0530 Subject: [PATCH 13/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 46317f5233c..2a81c7e75b3 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -20,7 +20,7 @@ jobs: # a collection of steps - checkout - run: name: echo "install and build npm project" - command: 'sudo npm install -q' + command: 'sudo npm install -g' - run: name: echo "build project" command: 'npm run build' From 121a0fc65e73992f44567562ee28256aa013b47a Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:21:44 +0530 Subject: [PATCH 14/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2a81c7e75b3..2e3c9fcf105 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -20,7 +20,7 @@ jobs: # a collection of steps - checkout - run: name: echo "install and build npm project" - command: 'sudo npm install -g' + command: 'npm install -g' - run: name: echo "build project" command: 'npm run build' From 2da23a71d45c830119f924dec99cb44f02f4de27 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:30:34 +0530 Subject: [PATCH 15/25] Updated config.yml --- .circleci/config.yml | 34 +++++++++++++++++++++------------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2e3c9fcf105..56ad7590e14 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -15,19 +15,11 @@ jobs: # a collection of steps build-test-monitor-app: # runs not using Workflows must have a `build` job as entry point #directory where steps will run working_directory: ~/goof docker: - - image: circleci/node:4.8.2 + - image: 'cimg/node:lts' steps: - - checkout - - run: - name: echo "install and build npm project" - command: 'npm install -g' - - run: - name: echo "build project" - command: 'npm run build' - #- run: - # name: echo "build Docker image" - # command: 'docker build -t my-new-container-goof-image .' - - snyk/scan: + - checkout + - run: npm ci + - snyk/scan: fail-on-issues: false monitor-on-build: true token-variable: SNYKTOKEN @@ -39,7 +31,7 @@ jobs: # a collection of steps build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - - image: circleci/buildpack-deps:stretch + - image: cimg/buildpack-deps:stretch environment: IMAGE_NAME: akanchhaS/goof steps: @@ -57,6 +49,22 @@ jobs: # a collection of steps severity-threshold: low target-file: Dockerfile docker-image-name: my-new-container-circleci-goof-image +docker: + - image: 'snyk/snyk-cli:npm' +parameters: + args: + default: '' + description: > + See the Snyk CLI help page for information on additional arguments: + https://support.snyk.io/hc/en-us/articles/360003812578-CLI-reference + type: string +resource_class: medium +steps: + - checkout + - scan: + additional-arguments: ' ' + command: iac test + monitor-on-build: false #workflows: #node-tests: From 103d8aff5638097d18db0f473afb2d2d352c97b4 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:32:50 +0530 Subject: [PATCH 16/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 56ad7590e14..a1358ef299b 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -31,7 +31,7 @@ jobs: # a collection of steps build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - - image: cimg/buildpack-deps:stretch + - image: circleci/buildpack-deps:stretch environment: IMAGE_NAME: akanchhaS/goof steps: From c2d60aecf59dd140f76b188fd42886163e67c82a Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 03:56:18 +0530 Subject: [PATCH 17/25] Made it alpine image --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 811932ff6b8..04d10105b9e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # FROM node:6-stretch -FROM node:14.1.0 +FROM node:current-alpine3.14 RUN mkdir /usr/src/goof RUN mkdir /tmp/extracted_files From 40915b85f3a459aa8134db79e54783170ecc79ec Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 04:08:25 +0530 Subject: [PATCH 18/25] Update Dockerfile --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 04d10105b9e..496480177a1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,7 @@ # FROM node:6-stretch FROM node:current-alpine3.14 +RUN mkdir /usr/src RUN mkdir /usr/src/goof RUN mkdir /tmp/extracted_files COPY . /usr/src/goof From 55383d738d9e32f33e9884dea4e2e63b16d613c0 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 04:10:51 +0530 Subject: [PATCH 19/25] Updated config.yml --- .circleci/config.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index a1358ef299b..9130edd2e40 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -49,6 +49,7 @@ jobs: # a collection of steps severity-threshold: low target-file: Dockerfile docker-image-name: my-new-container-circleci-goof-image + install-alpine-dependencies: true docker: - image: 'snyk/snyk-cli:npm' parameters: From 4a4df847a9a4a994fb8a8046d7ec3bfebbfd5c63 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 19:51:53 +0530 Subject: [PATCH 20/25] Updated config.yml --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 9130edd2e40..ecc936fb58d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -31,7 +31,7 @@ jobs: # a collection of steps build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - - image: circleci/buildpack-deps:stretch + - image: node:current-alpine3.14 environment: IMAGE_NAME: akanchhaS/goof steps: From e9c942179ed997a303fc86ba37ff947ccda47c66 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Tue, 14 Sep 2021 19:54:34 +0530 Subject: [PATCH 21/25] Updated config.yml --- .circleci/config.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index ecc936fb58d..198af38ae92 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -31,7 +31,7 @@ jobs: # a collection of steps build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - - image: node:current-alpine3.14 + - image: docker:19.03.13 environment: IMAGE_NAME: akanchhaS/goof steps: @@ -41,6 +41,7 @@ jobs: # a collection of steps name: echo "Build Docker image" command: 'docker build -t my-new-container-circleci-goof-image .' - snyk/scan: + os: alpine fail-on-issues: false monitor-on-build: true token-variable: SNYKTOKEN From 235a45193b0fce074fcb156eee23fdb629d0c5cb Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Fri, 17 Sep 2021 00:01:57 +0530 Subject: [PATCH 22/25] Updated config.yml --- .circleci/config.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 198af38ae92..a1358ef299b 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -31,7 +31,7 @@ jobs: # a collection of steps build-test-monitor-docker: # runs not using Workflows must have a `build` job as entry point #directory where steps will run #working_directory: ~/goof docker: - - image: docker:19.03.13 + - image: circleci/buildpack-deps:stretch environment: IMAGE_NAME: akanchhaS/goof steps: @@ -41,7 +41,6 @@ jobs: # a collection of steps name: echo "Build Docker image" command: 'docker build -t my-new-container-circleci-goof-image .' - snyk/scan: - os: alpine fail-on-issues: false monitor-on-build: true token-variable: SNYKTOKEN @@ -50,7 +49,6 @@ jobs: # a collection of steps severity-threshold: low target-file: Dockerfile docker-image-name: my-new-container-circleci-goof-image - install-alpine-dependencies: true docker: - image: 'snyk/snyk-cli:npm' parameters: From bd75be2bfbfa513887993724888137abe2d1c9ed Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Fri, 17 Sep 2021 00:06:37 +0530 Subject: [PATCH 23/25] Add .circleci/config.yml --- .circleci/config.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index a1358ef299b..ffcf77b10e7 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -49,6 +49,8 @@ jobs: # a collection of steps severity-threshold: low target-file: Dockerfile docker-image-name: my-new-container-circleci-goof-image + +build-test-monitor-iac: docker: - image: 'snyk/snyk-cli:npm' parameters: From da00ff724e70db7e58ee761c3513687b5dfd3f75 Mon Sep 17 00:00:00 2001 From: akanchhaS <32653970+akanchhaS@users.noreply.github.com> Date: Fri, 17 Sep 2021 00:07:39 +0530 Subject: [PATCH 24/25] Add .circleci/config.yml --- .circleci/config.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index ffcf77b10e7..c63c469088c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -49,7 +49,6 @@ jobs: # a collection of steps severity-threshold: low target-file: Dockerfile docker-image-name: my-new-container-circleci-goof-image - build-test-monitor-iac: docker: - image: 'snyk/snyk-cli:npm' From 04e9bb1c5c5c23090f6513200c6ae3504c4b30bc Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 12 Nov 2024 01:51:07 +0000 Subject: [PATCH 25/25] feat: upgrade mongodb from 3.5.9 to 6.10.0 Snyk has created this PR to upgrade mongodb from 3.5.9 to 6.10.0. See this package in npm: mongodb See this project in Snyk: https://app.snyk.io/org/panda-co/project/ebfb2282-581e-4b1b-afb0-8a0e07b1b540?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 165 ++++++++++++++++++++++++---------------------- package.json | 2 +- 2 files changed, 89 insertions(+), 78 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9a27820a7a2..b9bb4f970aa 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4,6 +4,14 @@ "lockfileVersion": 1, "requires": true, "dependencies": { + "@mongodb-js/saslprep": { + "version": "1.1.9", + "resolved": "https://registry.npmjs.org/@mongodb-js/saslprep/-/saslprep-1.1.9.tgz", + "integrity": "sha512-tVkljjeEaAhCqTzajSdgbQ6gE6f3oneVwa3iXR6csiEwXXOFsiC6Uh9iAjAhXPtqa/XMDHWjjeNH/77m/Yq2dw==", + "requires": { + "sparse-bitfield": "^3.0.3" + } + }, "@sindresorhus/is": { "version": "0.14.0", "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-0.14.0.tgz", @@ -193,6 +201,19 @@ "integrity": "sha512-41qEJgBH/TWgo5NFSvBCJ1qkoi3Q6ONSF2avrHq1LVEZfYpdHmj0y9SuTK+u9ZhG1sYQKBL1AWXKyLWP4RaUoQ==", "dev": true }, + "@types/webidl-conversions": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/@types/webidl-conversions/-/webidl-conversions-7.0.3.tgz", + "integrity": "sha512-CiJJvcRtIgzadHCYXw7dqEnMNRjhGZlYK05Mj9OyktqV8uVT8fD2BFOB7S1uwBE3Kj2Z+4UyPmFw/Ixgw/LAlA==" + }, + "@types/whatwg-url": { + "version": "11.0.5", + "resolved": "https://registry.npmjs.org/@types/whatwg-url/-/whatwg-url-11.0.5.tgz", + "integrity": "sha512-coYR071JRaHa+xoEvvYqvnIHaVqaYrLPbsufM9BF63HkwI5Lgmy2QR8Q5K/lYDYo5AK82wOvSOS0UsLTpTG7uQ==", + "requires": { + "@types/webidl-conversions": "*" + } + }, "@types/xml2js": { "version": "0.4.3", "resolved": "https://registry.npmjs.org/@types/xml2js/-/xml2js-0.4.3.tgz", @@ -209,16 +230,6 @@ "integrity": "sha512-GpSwvyXOcOOlV70vbnzjj4fW5xW/FdUF6nQEt1ENy7m4ZCczi1+/buVUPAqmGfqznsORNFzUMjctTIp8a9tuCQ==", "dev": true }, - "JSONStream": { - "version": "1.3.5", - "resolved": "https://registry.npmjs.org/JSONStream/-/JSONStream-1.3.5.tgz", - "integrity": "sha512-E+iruNOY8VV9s4JEbe1aNEm6MiszPRr/UfcHMz0TQh1BXSxHK+ASV1R6W4HpjBhSeS+54PIsAMCBmwD06LLsqQ==", - "dev": true, - "requires": { - "jsonparse": "^1.2.0", - "through": ">=2.2.7 <3" - } - }, "abbrev": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", @@ -637,9 +648,9 @@ "integrity": "sha512-erYug8XoqzU3IfcU8fUgyHqyOXqIE4tUTTQ+7mqUjQlvnXkOO6OlT9c/ZoJVHYoAaqGxr09CN53G7XIsO4KtWA==", "dev": true, "requires": { - "JSONStream": "^1.0.3", "combine-source-map": "~0.8.0", "defined": "^1.0.0", + "JSONStream": "^1.0.3", "safe-buffer": "^5.1.1", "through2": "^2.0.0", "umd": "^3.0.0" @@ -676,7 +687,6 @@ "integrity": "sha1-tanJAgJD8McORnW+yCI7xifkFc4=", "dev": true, "requires": { - "JSONStream": "^1.0.3", "assert": "^1.4.0", "browser-pack": "^6.0.1", "browser-resolve": "^1.11.0", @@ -698,6 +708,7 @@ "https-browserify": "~0.0.0", "inherits": "~2.0.1", "insert-module-globals": "^7.0.0", + "JSONStream": "^1.0.3", "labeled-stream-splicer": "^2.0.0", "module-deps": "^4.0.8", "os-browserify": "~0.1.1", @@ -1643,11 +1654,6 @@ "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" }, - "denque": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/denque/-/denque-1.4.1.tgz", - "integrity": "sha512-OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ==" - }, "depd": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/depd/-/depd-1.0.1.tgz", @@ -3049,11 +3055,11 @@ "integrity": "sha512-VE6NlW+WGn2/AeOMd496AHFYmE7eLKkUY6Ty31k4og5vmA3Fjuwe9v6ifH6Xx/Hz27QvdoMoviw1/pqWRB09Sw==", "dev": true, "requires": { - "JSONStream": "^1.0.3", "acorn-node": "^1.5.2", "combine-source-map": "^0.8.0", "concat-stream": "^1.6.1", "is-buffer": "^1.1.0", + "JSONStream": "^1.0.3", "path-is-absolute": "^1.0.1", "process": "~0.11.0", "through2": "^2.0.0", @@ -3358,6 +3364,16 @@ "integrity": "sha1-P02uSpH6wxX3EGL4UhzCOfE2YoA=", "dev": true }, + "JSONStream": { + "version": "1.3.5", + "resolved": "https://registry.npmjs.org/JSONStream/-/JSONStream-1.3.5.tgz", + "integrity": "sha512-E+iruNOY8VV9s4JEbe1aNEm6MiszPRr/UfcHMz0TQh1BXSxHK+ASV1R6W4HpjBhSeS+54PIsAMCBmwD06LLsqQ==", + "dev": true, + "requires": { + "jsonparse": "^1.2.0", + "through": ">=2.2.7 <3" + } + }, "jsprim": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", @@ -3634,8 +3650,7 @@ "memory-pager": { "version": "1.5.0", "resolved": "https://registry.npmjs.org/memory-pager/-/memory-pager-1.5.0.tgz", - "integrity": "sha512-ZS4Bp4r/Zoeq6+NLJpP+0Zzm0pR8whtGPf1XExKLJBAczGMnSi3It14OiNCStjQjM6NU1okjQGSxgEZN8eBYKg==", - "optional": true + "integrity": "sha512-ZS4Bp4r/Zoeq6+NLJpP+0Zzm0pR8whtGPf1XExKLJBAczGMnSi3It14OiNCStjQjM6NU1okjQGSxgEZN8eBYKg==" }, "merge-descriptors": { "version": "1.0.0", @@ -3788,7 +3803,6 @@ "integrity": "sha1-IyFYM/HaE/1gbMuAh7RIUty4If0=", "dev": true, "requires": { - "JSONStream": "^1.0.3", "browser-resolve": "^1.7.0", "cached-path-relative": "^1.0.0", "concat-stream": "~1.5.0", @@ -3796,6 +3810,7 @@ "detective": "^4.0.0", "duplexer2": "^0.1.2", "inherits": "^2.0.1", + "JSONStream": "^1.0.3", "parents": "^1.0.0", "readable-stream": "^2.0.2", "resolve": "^1.1.3", @@ -3849,34 +3864,31 @@ "integrity": "sha1-6XnCop4iiI5g85byIgphGPhc2Uw=" }, "mongodb": { - "version": "3.5.9", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.5.9.tgz", - "integrity": "sha512-vXHBY1CsGYcEPoVWhwgxIBeWqP3dSu9RuRDsoLRPTITrcrgm1f0Ubu1xqF9ozMwv53agmEiZm0YGo+7WL3Nbug==", - "requires": { - "bl": "^2.2.0", - "bson": "^1.1.4", - "denque": "^1.4.1", - "require_optional": "^1.0.1", - "safe-buffer": "^5.1.2", - "saslprep": "^1.0.0" + "version": "6.10.0", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-6.10.0.tgz", + "integrity": "sha512-gP9vduuYWb9ZkDM546M+MP2qKVk5ZG2wPF63OvSRuUbqCR+11ZCAE1mOfllhlAG0wcoJY5yDL/rV3OmYEwXIzg==", + "requires": { + "@mongodb-js/saslprep": "^1.1.5", + "bson": "^6.7.0", + "mongodb-connection-string-url": "^3.0.0" }, "dependencies": { - "bl": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/bl/-/bl-2.2.0.tgz", - "integrity": "sha512-wbgvOpqopSr7uq6fJrLH8EsvYMJf9gzfo2jCsL2eTy75qXPukA4pCgHamOQkZtY5vmfVtjB+P3LNlMHW5CEZXA==", - "requires": { - "readable-stream": "^2.3.5", - "safe-buffer": "^5.1.1" - } - }, "bson": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/bson/-/bson-1.1.4.tgz", - "integrity": "sha512-S/yKGU1syOMzO86+dGpg2qGoDL0zvzcb262G+gqEy6TgP6rt6z6qxSFX/8X6vLC91P7G7C3nLs0+bvDzmvBA3Q==" + "version": "6.9.0", + "resolved": "https://registry.npmjs.org/bson/-/bson-6.9.0.tgz", + "integrity": "sha512-X9hJeyeM0//Fus+0pc5dSUMhhrrmWwQUtdavaQeF3Ta6m69matZkGWV/MrBcnwUeLC8W9kwwc2hfkZgUuCX3Ig==" } } }, + "mongodb-connection-string-url": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/mongodb-connection-string-url/-/mongodb-connection-string-url-3.0.1.tgz", + "integrity": "sha512-XqMGwRX0Lgn05TDB4PyG2h2kKO/FfWJyCzYQbIhXUxz7ETt0I/FqHjUeqj37irJ+Dl1ZtU82uYyj14u2XsZKfg==", + "requires": { + "@types/whatwg-url": "^11.0.2", + "whatwg-url": "^13.0.0" + } + }, "mongodb-core": { "version": "1.2.19", "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-1.2.19.tgz", @@ -7485,9 +7497,9 @@ } }, "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", + "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==" }, "pupa": { "version": "2.1.1", @@ -7745,15 +7757,6 @@ "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz", "integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==" }, - "require_optional": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/require_optional/-/require_optional-1.0.1.tgz", - "integrity": "sha512-qhM/y57enGWHAe3v/NcwML6a3/vfESLe/sGM2dII+gEO0BpKRUkWZow/tyloNqJyN6kXSl3RyyM8Ll5D/sJP8g==", - "requires": { - "resolve-from": "^2.0.0", - "semver": "^5.1.0" - } - }, "resolve": { "version": "1.10.0", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.10.0.tgz", @@ -7763,11 +7766,6 @@ "path-parse": "^1.0.6" } }, - "resolve-from": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-2.0.0.tgz", - "integrity": "sha1-lICrIOlP+h2egKgEx+oUdhGWa1c=" - }, "responselike": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/responselike/-/responselike-1.0.2.tgz", @@ -7833,15 +7831,6 @@ "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, - "saslprep": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/saslprep/-/saslprep-1.0.3.tgz", - "integrity": "sha512-/MY/PEMbk2SuY5sScONwhUDsV2p77Znkb/q3nSVstq/yQzYJOH/Azh29p9oJLsl3LnQwSvZDKagDGBsBwSooag==", - "optional": true, - "requires": { - "sparse-bitfield": "^3.0.3" - } - }, "sax": { "version": "1.2.4", "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz", @@ -7856,7 +7845,8 @@ "semver": { "version": "5.7.0", "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.0.tgz", - "integrity": "sha512-Ya52jSX2u7QKghxeoFGpLwCtGlt7j0oY9DYb5apt9nPlJ42ID+ulTXESnt/qAQcoSERyZ5sl3LDIOw0nAn/5DA==" + "integrity": "sha512-Ya52jSX2u7QKghxeoFGpLwCtGlt7j0oY9DYb5apt9nPlJ42ID+ulTXESnt/qAQcoSERyZ5sl3LDIOw0nAn/5DA==", + "dev": true }, "semver-diff": { "version": "2.1.0", @@ -8707,8 +8697,7 @@ "sparse-bitfield": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/sparse-bitfield/-/sparse-bitfield-3.0.3.tgz", - "integrity": "sha1-/0rm5oZWBWuks+eSqzM004JzyhE=", - "optional": true, + "integrity": "sha512-kvzhi7vqKTfkh0PZU+2D2PIllw2ymqJKujUcyPMd9Y75Nv4nPbGJZXNhxsgdQab2BmlDct1YnfQCguEvHr7VsQ==", "requires": { "memory-pager": "^1.0.2" } @@ -8966,6 +8955,11 @@ "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-0.1.2.tgz", "integrity": "sha1-gIudDlb8Jz2Am6VzOOkpkZoanxo=" }, + "string_decoder": { + "version": "0.10.31", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", + "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=" + }, "string-width": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz", @@ -8993,11 +8987,6 @@ } } }, - "string_decoder": { - "version": "0.10.31", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", - "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=" - }, "strip-ansi": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", @@ -9463,6 +9452,14 @@ } } }, + "tr46": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-4.1.1.tgz", + "integrity": "sha512-2lv/66T7e5yNyhAAC4NaKe5nVavzuGJQVVtRYLyQ2OI8tsJ61PMLlelehb0wi2Hx6+hT/OJUWZcw8MjlSRnxvw==", + "requires": { + "punycode": "^2.3.0" + } + }, "tree-kill": { "version": "1.2.2", "resolved": "https://registry.npmjs.org/tree-kill/-/tree-kill-1.2.2.tgz", @@ -9908,6 +9905,20 @@ "foreachasync": "^3.0.0" } }, + "webidl-conversions": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-7.0.0.tgz", + "integrity": "sha512-VwddBukDzu71offAQR975unBIGqfKZpM+8ZX6ySk8nYhVoo5CYaZyzt3YBvYtRtO+aoGlqxPg/B87NGVZ/fu6g==" + }, + "whatwg-url": { + "version": "13.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-13.0.0.tgz", + "integrity": "sha512-9WWbymnqj57+XEuqADHrCJ2eSXzn8WXIW/YSGaZtb2WKAInQ6CHfaUUcTyyver0p8BDg5StLQq8h1vtZuwmOig==", + "requires": { + "tr46": "^4.1.1", + "webidl-conversions": "^7.0.0" + } + }, "which": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", diff --git a/package.json b/package.json index 23795fb4736..94f10c4b239 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "marked": "0.3.5", "method-override": "latest", "moment": "2.15.1", - "mongodb": "^3.5.9", + "mongodb": "^6.10.0", "mongoose": "4.2.4", "morgan": "latest", "ms": "^0.7.1",