diff --git a/snykTask/package-lock.json b/snykTask/package-lock.json index 6577c4f..1db4f17 100644 --- a/snykTask/package-lock.json +++ b/snykTask/package-lock.json @@ -5,9 +5,20 @@ "packages": { "": { "dependencies": { - "azure-pipelines-task-lib": "4.7.0" + "azure-pipelines-task-lib": "4.7.0", + "azure-pipelines-tool-lib": "2.0.8" } }, + "node_modules/@types/semver": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/@types/semver/-/semver-5.5.0.tgz", + "integrity": "sha512-41qEJgBH/TWgo5NFSvBCJ1qkoi3Q6ONSF2avrHq1LVEZfYpdHmj0y9SuTK+u9ZhG1sYQKBL1AWXKyLWP4RaUoQ==" + }, + "node_modules/@types/uuid": { + "version": "3.4.13", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-3.4.13.tgz", + "integrity": "sha512-pAeZeUbLE4Z9Vi9wsWV2bYPTweEHeJJy0G4pEjOA/FSvy1Ad5U5Km8iDV6TKre1mjBiVNfAdVHKruP8bAh4Q5A==" + }, "node_modules/adm-zip": { "version": "0.5.14", "resolved": "https://registry.npmjs.org/adm-zip/-/adm-zip-0.5.14.tgz", @@ -42,6 +53,20 @@ "uuid": "^3.0.1" } }, + "node_modules/azure-pipelines-tool-lib": { + "version": "2.0.8", + "resolved": "https://registry.npmjs.org/azure-pipelines-tool-lib/-/azure-pipelines-tool-lib-2.0.8.tgz", + "integrity": "sha512-yCFxJfZeNPUDCi7dbmiqVvq5lFpZdqB9kzr/wB9sZuE0RvUEhBF51gtzdR9cI5+NOsfkAVWwQJVWvdGQR5I3Wg==", + "dependencies": { + "@types/semver": "^5.3.0", + "@types/uuid": "^3.4.5", + "azure-pipelines-task-lib": "^4.1.0", + "semver": "^5.7.0", + "semver-compare": "^1.0.0", + "typed-rest-client": "^1.8.6", + "uuid": "^3.3.2" + } + }, "node_modules/balanced-match": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", @@ -64,6 +89,33 @@ "concat-map": "0.0.1" } }, + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "dependencies": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/call-bound": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz", + "integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==", + "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "get-intrinsic": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", @@ -98,6 +150,46 @@ } } }, + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "dependencies": { + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "dependencies": { + "es-errors": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/file-uri-to-path": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz", @@ -128,9 +220,47 @@ "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==" }, "node_modules/function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==" + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "dependencies": { + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" + }, + "engines": { + "node": ">= 0.4" + } }, "node_modules/glob": { "version": "7.2.3", @@ -162,6 +292,17 @@ "node": "*" } }, + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/has": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", @@ -173,6 +314,28 @@ "node": ">= 0.4.0" } }, + "node_modules/has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "dependencies": { + "function-bind": "^1.1.2" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/https-proxy-agent": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", @@ -218,6 +381,14 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "engines": { + "node": ">= 0.4" + } + }, "node_modules/mime-db": { "version": "1.52.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", @@ -269,6 +440,17 @@ "sanitize-filename": "^1.6.3" } }, + "node_modules/object-inspect": { + "version": "1.13.4", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz", + "integrity": "sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew==", + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", @@ -299,6 +481,20 @@ "teleport": ">=0.2.0" } }, + "node_modules/qs": { + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz", + "integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==", + "dependencies": { + "side-channel": "^1.1.0" + }, + "engines": { + "node": ">=0.6" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/rechoir": { "version": "0.6.2", "resolved": "https://registry.npmjs.org/rechoir/-/rechoir-0.6.2.tgz", @@ -342,6 +538,11 @@ "semver": "bin/semver" } }, + "node_modules/semver-compare": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/semver-compare/-/semver-compare-1.0.0.tgz", + "integrity": "sha512-YM3/ITh2MJ5MtzaM429anh+x2jiLVjqILF4m4oyQB18W7Ggea7BfqdH/wGMK7dDiMghv/6WG7znWMwUDzJiXow==" + }, "node_modules/shelljs": { "version": "0.8.5", "resolved": "https://registry.npmjs.org/shelljs/-/shelljs-0.8.5.tgz", @@ -358,6 +559,74 @@ "node": ">=4" } }, + "node_modules/side-channel": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.1.0.tgz", + "integrity": "sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==", + "dependencies": { + "es-errors": "^1.3.0", + "object-inspect": "^1.13.3", + "side-channel-list": "^1.0.0", + "side-channel-map": "^1.0.1", + "side-channel-weakmap": "^1.0.2" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/side-channel-list": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/side-channel-list/-/side-channel-list-1.0.0.tgz", + "integrity": "sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA==", + "dependencies": { + "es-errors": "^1.3.0", + "object-inspect": "^1.13.3" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/side-channel-map": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/side-channel-map/-/side-channel-map-1.0.1.tgz", + "integrity": "sha512-VCjCNfgMsby3tTdo02nbjtM/ewra6jPHmpThenkTYh8pG9ucZ/1P8So4u4FGBek/BjpOVsDCMoLA/iuBKIFXRA==", + "dependencies": { + "call-bound": "^1.0.2", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.5", + "object-inspect": "^1.13.3" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/side-channel-weakmap": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/side-channel-weakmap/-/side-channel-weakmap-1.0.2.tgz", + "integrity": "sha512-WPS/HvHQTYnHisLo9McqBHOJk2FkHO/tlpvldyrnem4aeQp4hai3gythswg6p01oSoTl58rcpiFAjF2br2Ak2A==", + "dependencies": { + "call-bound": "^1.0.2", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.5", + "object-inspect": "^1.13.3", + "side-channel-map": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/supports-preserve-symlinks-flag": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", @@ -377,6 +646,29 @@ "utf8-byte-length": "^1.0.1" } }, + "node_modules/tunnel": { + "version": "0.0.6", + "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", + "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==", + "engines": { + "node": ">=0.6.11 <=0.7.0 || >=0.7.3" + } + }, + "node_modules/typed-rest-client": { + "version": "1.8.11", + "resolved": "https://registry.npmjs.org/typed-rest-client/-/typed-rest-client-1.8.11.tgz", + "integrity": "sha512-5UvfMpd1oelmUPRbbaVnq+rHP7ng2cE4qoQkQeAqxRL6PklkxsM0g32/HL0yfvruK6ojQ5x8EE+HF4YV6DtuCA==", + "dependencies": { + "qs": "^6.9.1", + "tunnel": "0.0.6", + "underscore": "^1.12.1" + } + }, + "node_modules/underscore": { + "version": "1.13.7", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.7.tgz", + "integrity": "sha512-GMXzWtsc57XAtguZgaQViUOzs0KTkk8ojr3/xAxXLITqf/3EMwxC0inyETfDFjH/Krbhuep0HNbbjI9i/q3F3g==" + }, "node_modules/utf8-byte-length": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/utf8-byte-length/-/utf8-byte-length-1.0.5.tgz", @@ -398,6 +690,16 @@ } }, "dependencies": { + "@types/semver": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/@types/semver/-/semver-5.5.0.tgz", + "integrity": "sha512-41qEJgBH/TWgo5NFSvBCJ1qkoi3Q6ONSF2avrHq1LVEZfYpdHmj0y9SuTK+u9ZhG1sYQKBL1AWXKyLWP4RaUoQ==" + }, + "@types/uuid": { + "version": "3.4.13", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-3.4.13.tgz", + "integrity": "sha512-pAeZeUbLE4Z9Vi9wsWV2bYPTweEHeJJy0G4pEjOA/FSvy1Ad5U5Km8iDV6TKre1mjBiVNfAdVHKruP8bAh4Q5A==" + }, "adm-zip": { "version": "0.5.14", "resolved": "https://registry.npmjs.org/adm-zip/-/adm-zip-0.5.14.tgz", @@ -426,6 +728,20 @@ "uuid": "^3.0.1" } }, + "azure-pipelines-tool-lib": { + "version": "2.0.8", + "resolved": "https://registry.npmjs.org/azure-pipelines-tool-lib/-/azure-pipelines-tool-lib-2.0.8.tgz", + "integrity": "sha512-yCFxJfZeNPUDCi7dbmiqVvq5lFpZdqB9kzr/wB9sZuE0RvUEhBF51gtzdR9cI5+NOsfkAVWwQJVWvdGQR5I3Wg==", + "requires": { + "@types/semver": "^5.3.0", + "@types/uuid": "^3.4.5", + "azure-pipelines-task-lib": "^4.1.0", + "semver": "^5.7.0", + "semver-compare": "^1.0.0", + "typed-rest-client": "^1.8.6", + "uuid": "^3.3.2" + } + }, "balanced-match": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", @@ -448,6 +764,24 @@ "concat-map": "0.0.1" } }, + "call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "requires": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" + } + }, + "call-bound": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz", + "integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==", + "requires": { + "call-bind-apply-helpers": "^1.0.2", + "get-intrinsic": "^1.3.0" + } + }, "concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", @@ -470,6 +804,34 @@ "ms": "2.1.2" } }, + "dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "requires": { + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + } + }, + "es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==" + }, + "es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==" + }, + "es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "requires": { + "es-errors": "^1.3.0" + } + }, "file-uri-to-path": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz", @@ -486,9 +848,35 @@ "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==" }, "function-bind": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", - "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==" + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==" + }, + "get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "requires": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + } + }, + "get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "requires": { + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" + } }, "glob": { "version": "7.2.3", @@ -513,6 +901,11 @@ } } }, + "gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==" + }, "has": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", @@ -521,6 +914,19 @@ "function-bind": "^1.1.1" } }, + "has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==" + }, + "hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "requires": { + "function-bind": "^1.1.2" + } + }, "https-proxy-agent": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", @@ -557,6 +963,11 @@ "has": "^1.0.3" } }, + "math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==" + }, "mime-db": { "version": "1.52.0", "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", @@ -599,6 +1010,11 @@ "sanitize-filename": "^1.6.3" } }, + "object-inspect": { + "version": "1.13.4", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz", + "integrity": "sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew==" + }, "once": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", @@ -622,6 +1038,14 @@ "resolved": "https://registry.npmjs.org/q/-/q-1.5.1.tgz", "integrity": "sha512-kV/CThkXo6xyFEZUugw/+pIOywXcDbFYgSct5cT3gqlbkBE1SJdwy6UQoZvodiWF/ckQLZyDE/Bu1M6gVu5lVw==" }, + "qs": { + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz", + "integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==", + "requires": { + "side-channel": "^1.1.0" + } + }, "rechoir": { "version": "0.6.2", "resolved": "https://registry.npmjs.org/rechoir/-/rechoir-0.6.2.tgz", @@ -653,6 +1077,11 @@ "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz", "integrity": "sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==" }, + "semver-compare": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/semver-compare/-/semver-compare-1.0.0.tgz", + "integrity": "sha512-YM3/ITh2MJ5MtzaM429anh+x2jiLVjqILF4m4oyQB18W7Ggea7BfqdH/wGMK7dDiMghv/6WG7znWMwUDzJiXow==" + }, "shelljs": { "version": "0.8.5", "resolved": "https://registry.npmjs.org/shelljs/-/shelljs-0.8.5.tgz", @@ -663,6 +1092,50 @@ "rechoir": "^0.6.2" } }, + "side-channel": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.1.0.tgz", + "integrity": "sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==", + "requires": { + "es-errors": "^1.3.0", + "object-inspect": "^1.13.3", + "side-channel-list": "^1.0.0", + "side-channel-map": "^1.0.1", + "side-channel-weakmap": "^1.0.2" + } + }, + "side-channel-list": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/side-channel-list/-/side-channel-list-1.0.0.tgz", + "integrity": "sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA==", + "requires": { + "es-errors": "^1.3.0", + "object-inspect": "^1.13.3" + } + }, + "side-channel-map": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/side-channel-map/-/side-channel-map-1.0.1.tgz", + "integrity": "sha512-VCjCNfgMsby3tTdo02nbjtM/ewra6jPHmpThenkTYh8pG9ucZ/1P8So4u4FGBek/BjpOVsDCMoLA/iuBKIFXRA==", + "requires": { + "call-bound": "^1.0.2", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.5", + "object-inspect": "^1.13.3" + } + }, + "side-channel-weakmap": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/side-channel-weakmap/-/side-channel-weakmap-1.0.2.tgz", + "integrity": "sha512-WPS/HvHQTYnHisLo9McqBHOJk2FkHO/tlpvldyrnem4aeQp4hai3gythswg6p01oSoTl58rcpiFAjF2br2Ak2A==", + "requires": { + "call-bound": "^1.0.2", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.5", + "object-inspect": "^1.13.3", + "side-channel-map": "^1.0.1" + } + }, "supports-preserve-symlinks-flag": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", @@ -676,6 +1149,26 @@ "utf8-byte-length": "^1.0.1" } }, + "tunnel": { + "version": "0.0.6", + "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", + "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==" + }, + "typed-rest-client": { + "version": "1.8.11", + "resolved": "https://registry.npmjs.org/typed-rest-client/-/typed-rest-client-1.8.11.tgz", + "integrity": "sha512-5UvfMpd1oelmUPRbbaVnq+rHP7ng2cE4qoQkQeAqxRL6PklkxsM0g32/HL0yfvruK6ojQ5x8EE+HF4YV6DtuCA==", + "requires": { + "qs": "^6.9.1", + "tunnel": "0.0.6", + "underscore": "^1.12.1" + } + }, + "underscore": { + "version": "1.13.7", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.7.tgz", + "integrity": "sha512-GMXzWtsc57XAtguZgaQViUOzs0KTkk8ojr3/xAxXLITqf/3EMwxC0inyETfDFjH/Krbhuep0HNbbjI9i/q3F3g==" + }, "utf8-byte-length": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/utf8-byte-length/-/utf8-byte-length-1.0.5.tgz", diff --git a/snykTask/package.json b/snykTask/package.json index 6e7b5dd..8cfed96 100644 --- a/snykTask/package.json +++ b/snykTask/package.json @@ -1,5 +1,6 @@ { "dependencies": { - "azure-pipelines-task-lib": "4.7.0" + "azure-pipelines-task-lib": "4.7.0", + "azure-pipelines-tool-lib": "2.0.8" } } diff --git a/snykTask/src/__tests__/install/index.test.ts b/snykTask/src/__tests__/install/index.test.ts index 4ff9b36..c97f561 100644 --- a/snykTask/src/__tests__/install/index.test.ts +++ b/snykTask/src/__tests__/install/index.test.ts @@ -17,8 +17,6 @@ import { downloadExecutable, getSnykDownloadInfo } from '../../install'; import { Platform } from 'azure-pipelines-task-lib/task'; import * as nock from 'nock'; -import * as os from 'os'; -import * as path from 'path'; import * as uuid from 'uuid/v4'; describe('getSnykDownloadInfo', () => { @@ -182,55 +180,28 @@ describe('downloadExecutable', () => { nock('https://example.com') .get('/' + fileName) .reply(500); - - const targetDirectory = path.join(os.tmpdir()); - - await downloadExecutable( - targetDirectory, - { - filename: fileName, - downloadUrl: 'https://example.com/' + fileName, - fallbackUrl: '', - }, - 1, - ); - - // Assert that the file was not created - const calls = mockConsoleError.mock.calls; - console.log(mockConsoleError.mock.calls); - expect(mockConsoleError).toBeCalledTimes(4); - expect(calls[0]).toEqual([`Download of ${fileName} failed: HTTP 500`]); - expect(calls[1]).toEqual([ - `All retries failed for ${fileName} from https://example.com/${fileName}: HTTP 500`, - ]); - }); - - it('gives up after all retries fail with 404 errors with meaningful error', async () => { - // Mock the server to always respond with 404 errors - const fileName = `test-file-${uuid()}.exe`; - nock('https://example.com') + nock('https://fallback.com') .get('/' + fileName) - .times(2) - .reply(404); - - const targetDirectory = path.join(os.tmpdir()); + .reply(500); - await downloadExecutable( - targetDirectory, - { + try { + await downloadExecutable({ filename: fileName, downloadUrl: 'https://example.com/' + fileName, - fallbackUrl: '' + fileName, - }, - 1, - ); - - // Assert that the file was not created - const calls = mockConsoleError.mock.calls; - expect(mockConsoleError).toBeCalledTimes(4); - expect(calls[0]).toEqual([`Download of ${fileName} failed: HTTP 404`]); - expect(calls[1]).toEqual([ - `All retries failed for ${fileName} from https://example.com/${fileName}: HTTP 404`, - ]); + fallbackUrl: 'https://fallback.com/' + fileName, + }); + } catch (err) { + // Assert that the file was not created + const calls = mockConsoleError.mock.calls; + console.log(mockConsoleError.mock.calls); + expect(mockConsoleError).toBeCalledTimes(2); + + expect(calls[0][0]).toContain( + `Download of ${fileName} from https://example.com/${fileName} failed`, + ); + expect(calls[1][0]).toContain( + `Download of ${fileName} from https://fallback.com/${fileName} failed`, + ); + } }); }); diff --git a/snykTask/src/__tests__/task-lib.test.ts b/snykTask/src/__tests__/task-lib.test.ts index 964bdeb..1680dde 100644 --- a/snykTask/src/__tests__/task-lib.test.ts +++ b/snykTask/src/__tests__/task-lib.test.ts @@ -55,10 +55,11 @@ beforeAll(async () => { path.resolve(os.tmpdir(), 'snyk-azure-pipelines-task-test'), ); - const dlInfo = getSnykDownloadInfo(tl.getPlatform()); - await downloadExecutable(tempFolder, dlInfo.snyk); + process.env['AGENT_TEMPDIRECTORY'] = tempFolder; - snykCliPath = path.resolve(tempFolder, dlInfo.snyk.filename); + snykCliPath = await downloadExecutable( + getSnykDownloadInfo(tl.getPlatform()).snyk, + ); }); afterEach(() => { diff --git a/snykTask/src/index.ts b/snykTask/src/index.ts index 3f6d646..12da0ec 100644 --- a/snykTask/src/index.ts +++ b/snykTask/src/index.ts @@ -425,17 +425,25 @@ async function run() { platform, distributionChannel, ); - await downloadExecutable(agentTempDirectory, snykToolDownloads.snyk); - await downloadExecutable(agentTempDirectory, snykToolDownloads.snykToHtml); - const snykPath = path.resolve( + + const maybeSnykPath = path.join( agentTempDirectory, snykToolDownloads.snyk.filename, ); - const snykToHtmlPath = path.resolve( + const maybeSnykToHtmlPath = path.join( agentTempDirectory, snykToolDownloads.snykToHtml.filename, ); + // the binaries might exist already in the agent temp directory + const snykPath = fs.existsSync(maybeSnykPath) + ? maybeSnykPath + : await downloadExecutable(snykToolDownloads.snyk); + + const snykToHtmlPath = fs.existsSync(maybeSnykToHtmlPath) + ? maybeSnykToHtmlPath + : await downloadExecutable(snykToolDownloads.snykToHtml); + if (isDebugMode()) { console.log('snykPath: ' + snykPath); console.log('snykToHtmlPath: ' + snykToHtmlPath); diff --git a/snykTask/src/install/index.ts b/snykTask/src/install/index.ts index 3803969..d566867 100644 --- a/snykTask/src/install/index.ts +++ b/snykTask/src/install/index.ts @@ -15,10 +15,10 @@ */ import { Platform } from 'azure-pipelines-task-lib/task'; -import * as fs from 'fs'; -import * as path from 'path'; -import * as https from 'https'; +import { downloadToolWithRetries, debug } from 'azure-pipelines-tool-lib/tool'; import { sanitizeVersionInput } from '../lib/sanitize-version-input'; +import * as fs from 'fs'; +import * as os from 'os'; export type Executable = { filename: string; @@ -64,127 +64,53 @@ export function getSnykDownloadInfo( } export async function downloadExecutable( - targetDirectory: string, executable: Executable, - maxRetries = 5, -) { - const filePath = path.join(targetDirectory, executable.filename); - console.log(`Downloading executable to: ${filePath}`); - - // Check if the file already exists - if (fs.existsSync(filePath)) { - console.log( - `File ${executable.filename} already exists, skipping download.`, +): Promise { + try { + // https://downloads.snyk.io + return await download(executable.downloadUrl, executable.filename); + } catch (err) { + console.error( + `Download of ${executable.filename} from ${executable.downloadUrl} failed: ${err.message}`, ); - return; } - const fileWriter = fs.createWriteStream(filePath, { - mode: 0o766, - }); - - // Wrapping the download in a function for easy retrying - const doDownload = (urlString, filename) => - new Promise((resolve, reject) => { - const url = new URL(urlString); - const requestOpts: https.RequestOptions = { - host: url.hostname, - path: url.pathname, - timeout: 300000, // 5mins - }; - https - .get(requestOpts, (response) => { - const isResponseError = response.statusCode !== 200; - - response.on('finish', () => { - console.log(`Response finished for ${urlString}`); - }); - response.on('close', () => { - console.log(`Download connection closed for ${urlString}`); - }); - response.on('error', (err) => { - console.error(`Download of ${filename} failed: ${err.message}`); - reject(err); - }); - - if (response.statusCode !== 200) { - fileWriter.close(); - } - - fileWriter.on('close', () => { - console.log(`File.close ${filename} saved to ${filePath}`); - if (isResponseError) { - reject(new Error(`HTTP ${response.statusCode}`)); - } else { - resolve(); - } - }); + try { + // https://static.snyk.io + return await download(executable.fallbackUrl, executable.filename); + } catch (err) { + console.error( + `Download of ${executable.filename} from ${executable.fallbackUrl} failed: ${err.message}`, + ); - response.pipe(fileWriter); - }) - .on('timeout', () => { - console.error(`Download of ${filename} timed out`); - reject(); - }) - .on('error', (err) => { - console.error(`Request for ${filename} failed: ${err.message}`); - reject(err); - }); - }); + throw err; + } +} - // Try to download the file, retry up to `maxRetries` times if the attempt fails - for (let attempt = 0; attempt < maxRetries; attempt++) { - try { - console.log( - `Downloading: ${executable.filename} from: ${executable.downloadUrl}`, - ); - await doDownload(executable.downloadUrl, executable.filename); - console.log(`Download successful for ${executable.filename}`); - return; - } catch (err) { - console.error( - `Download of ${executable.filename} failed: ${err.message}`, - ); +async function download( + downloadUrl: string, + fileName: string, + maxRetries: number = 5, +) { + console.log(`Downloading: ${fileName} from: ${downloadUrl} with retries.`); + const filePath = await downloadToolWithRetries( + downloadUrl, + fileName, + [], + {}, + maxRetries, + ); + console.log(`Downloaded executable to: ${filePath}`); - // Don't wait before retrying the last attempt - if (attempt < maxRetries - 1) { - console.log( - `Retrying download of ${executable.filename} from ${executable.downloadUrl} after 5 seconds...`, - ); - await new Promise((resolve) => setTimeout(resolve, 5000)); - } else { - console.error( - `All retries failed for ${executable.filename} from ${executable.downloadUrl}: ${err.message}`, - ); - } - } - } + // the azure-pipelines-tool-lib/tool is not setting the executable permissions on the downloaded files for Unix + setExecutablePermissions(filePath); - // Try to download the file from fallback url, retry up to `maxRetries` times if the attempt fails - for (let attempt = 0; attempt < maxRetries; attempt++) { - try { - console.log( - `Downloading: ${executable.filename} from: ${executable.downloadUrl}`, - ); - await doDownload(executable.fallbackUrl, executable.filename); - console.log(`Download successful for ${executable.filename}`); - return; - } catch (err) { - console.error( - `Download of ${executable.filename} failed: ${err.message}`, - ); + return filePath; +} - // Don't wait before retrying the last attempt - if (attempt < maxRetries - 1) { - console.log( - `Retrying download of ${executable.filename} from ${executable.fallbackUrl} after 5 seconds...`, - ); - await new Promise((resolve) => setTimeout(resolve, 5000)); - } else { - console.error( - `All retries failed for ${executable.filename} from ${executable.fallbackUrl}: ${err.message}`, - ); - } - } +function setExecutablePermissions(filePath: string) { + if (os.platform() !== 'win32') { + fs.chmodSync(filePath, 0o111); + console.log(`Set executable permissions for ${filePath}`); } } diff --git a/snykTask/src/lib/sanitize-version-input.ts b/snykTask/src/lib/sanitize-version-input.ts index ab7d73a..6f45eb7 100644 --- a/snykTask/src/lib/sanitize-version-input.ts +++ b/snykTask/src/lib/sanitize-version-input.ts @@ -4,13 +4,15 @@ export function sanitizeVersionInput(versionString: string = ''): string { const version = versionString.toLowerCase().trim(); const validDistributionChannels = ['stable', 'preview']; - if (semver.valid(semver.clean(version))) { - return `v${semver.clean(version)}`; - } - if (validDistributionChannels.includes(version)) { return version; } + const cleanedVersion = semver.clean(version); + if (cleanedVersion && semver.valid(cleanedVersion)) { + return `v${cleanedVersion}`; + } + + console.log('Invalid version format. Defaulting to "stable".'); return 'stable'; }