chore: upgrade dependencies to fix security vulnerabilities (#3281)

Author: SkyeYoung

e2e/server/Dockerfile

@@ -28,6 +28,7 @@ RUN \
 
 # build ui
 FROM base AS builder
+ENV NODE_ENV=test
 WORKDIR /app
 COPY --from=deps /app/node_modules ./node_modules
 COPY . .

e2e/tests/routes.crud-all-fields.spec.ts

@@ -172,7 +172,7 @@ test('should CRUD route with all fields', async ({ page }) => {
     ).toBeVisible();
 
     // clear the editor, will show JSON format is not valid
-    await uiClearMonacoEditor(page, pluginEditor);
+    await uiClearMonacoEditor(page);
     await expect(
       addPluginDialog.getByText('JSON format is not valid')
     ).toBeVisible();

e2e/tests/ssls.crud-all-fields.spec.ts

@@ -31,29 +31,30 @@ const snis = [
   'www.full-test.example.com',
   'api.full-test.example.com',
 ];
-const { cert, key } = genTLS();
 
 const initialLabels = {
   env: 'production',
   version: 'v1',
   team: 'backend',
 };
 
-const sslDataAllFields: Partial<APISIXType['SSL']> = {
-  snis,
-  cert,
-  key,
-  labels: initialLabels,
-  status: 1, // Enabled
-};
-
 test.beforeAll(async () => {
   await deleteAllSSLs(e2eReq);
 });
 
 test('should CRUD SSL with all fields', async ({ page }) => {
   test.slow();
 
+  // Generate TLS certificates at runtime
+  const { cert, key } = await genTLS();
+  const sslDataAllFields: Partial<APISIXType['SSL']> = {
+    snis,
+    cert,
+    key,
+    labels: initialLabels,
+    status: 1, // Enabled
+  };
+
   await sslsPom.toIndex(page);
   await sslsPom.isIndexPage(page);
 

e2e/tests/ssls.crud-required-fields.spec.ts

@@ -26,18 +26,20 @@ import { deleteAllSSLs } from '@/apis/ssls';
 import type { APISIXType } from '@/types/schema/apisix';
 
 const snis = ['test.example.com', 'www.test.example.com'];
-const { cert, key } = genTLS();
-const sslData: Partial<APISIXType['SSL']> = {
-  snis,
-  cert,
-  key,
-};
 
 test.beforeAll(async () => {
   await deleteAllSSLs(e2eReq);
 });
 
 test('should CRUD SSL with required fields', async ({ page }) => {
+  // Generate TLS certificates at runtime
+  const { cert, key } = await genTLS();
+  const sslData: Partial<APISIXType['SSL']> = {
+    snis,
+    cert,
+    key,
+  };
+
   await sslsPom.toIndex(page);
   await sslsPom.isIndexPage(page);
 

e2e/tests/ssls.list.spec.ts

@@ -45,23 +45,26 @@ test('should navigate to SSLs page', async ({ page }) => {
   });
 });
 
-const { cert, key } = genTLS();
-
-const ssls: APISIXType['SSL'][] = Array.from({ length: 11 }, (_, i) => ({
-  id: randomId('ssl_id'),
-  snis: [`ssl-${i + 1}.example.com`, `www.ssl-${i + 1}.example.com`],
-  cert,
-  key,
-  labels: {
-    env: 'test',
-    version: `v${i + 1}`,
-  },
-  status: 1,
-}));
+let ssls: APISIXType['SSL'][] = [];
 
 test.describe('page and page_size should work correctly', () => {
   test.describe.configure({ mode: 'serial' });
+
   test.beforeAll(async () => {
+    // Generate TLS certificates at runtime
+    const { cert, key } = await genTLS();
+    ssls = Array.from({ length: 11 }, (_, i) => ({
+      id: randomId('ssl_id'),
+      snis: [`ssl-${i + 1}.example.com`, `www.ssl-${i + 1}.example.com`],
+      cert,
+      key,
+      labels: {
+        env: 'test',
+        version: `v${i + 1}`,
+      },
+      status: 1,
+    }));
+
     await deleteAllSSLs(e2eReq);
     await Promise.all(ssls.map((d) => putSSLReq(e2eReq, d)));
   });

e2e/tsconfig.json

@@ -27,5 +27,6 @@
   },
   "include": [
     "./**/*.ts",
+    "../src/types/global.d.ts"
   ]
 }

e2e/utils/common.ts

@@ -43,7 +43,7 @@ export const fileExists = async (filePath: string) => {
 
 export const randomId = (info: string) => `${info}_${nanoid()}`;
 
-export const genTLS = () => {
-  const { cert, private: key } = selfsigned.generate();
+export const genTLS = async () => {
+  const { cert, private: key } = await selfsigned.generate();
   return { cert, key };
 };

e2e/utils/ui/index.ts

@@ -64,11 +64,11 @@ export async function uiFillHTTPStatuses(
   }
 }
 
-export const uiClearMonacoEditor = async (page: Page, editor: Locator) => {
-  await editor.click();
-  await page.keyboard.press('ControlOrMeta+A');
-  await page.keyboard.press('Backspace');
-  await editor.blur();
+export const uiClearMonacoEditor = async (page: Page) => {
+  await page.evaluate(() => {
+    const editor = window.__monacoEditor__;
+    editor.getModel()?.setValue('');
+  });
 };
 
 export const uiGetMonacoEditor = async (
@@ -83,7 +83,7 @@ export const uiGetMonacoEditor = async (
   await expect(editor).toBeVisible({ timeout: 10000 });
 
   if (clear) {
-    await uiClearMonacoEditor(page, editor);
+    await uiClearMonacoEditor(page);
   }
 
   return editor;
@@ -95,7 +95,9 @@ export const uiFillMonacoEditor = async (
   value: string
 ) => {
   await editor.click();
-  await editor.getByRole('textbox').pressSequentially(value);
+  const editorTextbox = editor.getByRole('textbox');
+  // Use fill() instead of pressSequentially() for reliability
+  await editorTextbox.fill(value);
   await editor.blur();
   await page.waitForTimeout(800);
 };

e2e/utils/ui/ssls.ts

@@ -27,7 +27,7 @@ export async function uiFillSSLRequiredFields(
   ssl: Partial<APISIXType['SSL']>
 ) {
   // Generate TLS certificate if not provided
-  const tls = ssl.cert && ssl.key ? ssl : genTLS();
+  const tls = ssl.cert && ssl.key ? ssl : await genTLS();
 
   await ctx.getByRole('textbox', { name: 'Certificate 1' }).fill(tls.cert);
   await ctx.getByRole('textbox', { name: 'Private Key 1' }).fill(tls.key);

e2e/utils/ui/upstreams.ts

@@ -227,7 +227,7 @@ export async function uiFillUpstreamAllFields(
 
     // 11. TLS client verification settings
     const tlsSection = ctx.getByRole('group', { name: 'TLS' });
-    const tls = genTLS();
+    const tls = await genTLS();
     await tlsSection
       .getByRole('textbox', { name: 'Client Cert', exact: true })
       .fill(tls.cert);