From 6042627a875e18b20c9917b94863e7db19d093a4 Mon Sep 17 00:00:00 2001 From: Nevada Perry Date: Tue, 20 May 2025 21:34:02 +0000 Subject: [PATCH 1/2] Add `//nodejs:audit` target; update vulnerabilities --- BUILD.bazel | 2 +- nodejs/BUILD.bazel | 14 ++++++ package.json | 6 +-- tools/npm/npm.bzl | 123 ++++++++++++++++++++++++--------------------- yarn.lock | 98 +++++++++++++++++++----------------- 5 files changed, 137 insertions(+), 106 deletions(-) diff --git a/BUILD.bazel b/BUILD.bazel index ce15ea8..ea956f8 100644 --- a/BUILD.bazel +++ b/BUILD.bazel @@ -2,7 +2,7 @@ load("//commonjs:rules.bzl", "cjs_root") load("//javascript:rules.bzl", "js_library") exports_files( - ["yarn.lock"], + ["package.json", "yarn.lock"], visibility = ["//visibility:public"], # tests ) diff --git a/nodejs/BUILD.bazel b/nodejs/BUILD.bazel index 03e9fae..d5cd162 100644 --- a/nodejs/BUILD.bazel +++ b/nodejs/BUILD.bazel @@ -1,4 +1,5 @@ load("@bazel_skylib//:bzl_library.bzl", "bzl_library") +load("//npm:rules.bzl", "yarn_audit_test") exports_files( glob(["**/*.bzl"]), @@ -54,3 +55,16 @@ test_suite( tests = ["//nodejs/test"], visibility = ["//:__subpackages__"], ) + +yarn_audit_test( + name = "audit", + data = [ + "//:package.json", + "//:yarn.lock", + ], + tags = [ + "external", + "no-sandbox", + "supports-graceful-termination", + ], +) diff --git a/package.json b/package.json index 7bdee24..b1520fd 100644 --- a/package.json +++ b/package.json @@ -36,12 +36,12 @@ "npm-registry-fetch": "~14.0.2", "prettier": "^3.4.2", "prettier-plugin-organize-imports": "^3", - "protobufjs": "~6.11.2", + "protobufjs": "~6.11.4", "reflect-metadata": "0.1.13", - "rollup": "^2.78.0", + "rollup": "^2.79.2", "rxjs": "~7.4.0", "tar-stream": "~2.2.0", - "ts-proto": "~1.83.0", + "ts-proto": "~1.148.2", "tslib": "~2.0.0", "typescript": "~5.0.0", "zone.js": "~0.11.4" diff --git a/tools/npm/npm.bzl b/tools/npm/npm.bzl index 53ebf60..a7913aa 100644 --- a/tools/npm/npm.bzl +++ b/tools/npm/npm.bzl @@ -4759,7 +4759,7 @@ PACKAGES = { "id": "@xml-tools/parser@1.0.11", }, { - "id": "prettier@3.1.1", + "id": "prettier@3.4.2", }, ], "extra_deps": { @@ -4888,7 +4888,7 @@ PACKAGES = { "id": "resolve@1.20.0-02071924", }, { - "id": "rollup@2.79.1", + "id": "rollup@2.79.2", }, ], "extra_deps": { @@ -4918,7 +4918,7 @@ PACKAGES = { "id": "resolve@1.22.1-0c52e0e4", }, { - "id": "rollup@2.79.1", + "id": "rollup@2.79.2", }, ], "extra_deps": { @@ -4939,7 +4939,7 @@ PACKAGES = { "id": "picomatch@2.3.0", }, { - "id": "rollup@2.79.1", + "id": "rollup@2.79.2", }, ], "extra_deps": { @@ -4960,7 +4960,7 @@ PACKAGES = { "id": "picomatch@2.3.1", }, { - "id": "rollup@2.79.1", + "id": "rollup@2.79.2", }, ], "extra_deps": { @@ -5392,15 +5392,6 @@ PACKAGES = { "name": "@types/object-hash", "url": "https://registry.npmjs.org/@types/object-hash/-/object-hash-1.3.4.tgz", }, - "@types/prettier@1.19.1": { - "deps": [ - ], - "extra_deps": { - }, - "integrity": "sha512-5qOlnZscTn4xxM5MeGXAMOsIOIKIbh9e85zJWfBRVPlRMEVawzoPhINYbRGkBZCI8LxvBe7tJCdWiarA99OZfQ==", - "name": "@types/prettier", - "url": "https://registry.npmjs.org/@types/prettier/-/prettier-1.19.1.tgz", - }, "@types/prettier@2.4.2": { "deps": [ ], @@ -9751,6 +9742,15 @@ PACKAGES = { "name": "caniuse-lite", "url": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001482.tgz", }, + "case-anything@2.1.13": { + "deps": [ + ], + "extra_deps": { + }, + "integrity": "sha512-zlOQ80VrQ2Ue+ymH5OuM/DlDq64mEm+B9UTdHULv5osUMD6HalNTblf2b1u/m6QecjsnOkBpqVZ+XPwIVsy7Ng==", + "name": "case-anything", + "url": "https://registry.npmjs.org/case-anything/-/case-anything-2.1.13.tgz", + }, "chalk@2.4.2": { "deps": [ { @@ -10357,6 +10357,15 @@ PACKAGES = { "name": "depd", "url": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", }, + "detect-libc@1.0.3": { + "deps": [ + ], + "extra_deps": { + }, + "integrity": "sha512-pGjwhsmsp4kL2RTz08wcOlGN83otlqHeD/Z5T8GXZB+/YcpQ/dgo+lbU8ZsGxV0HIvqqxo9l7mqYwyYMD9bKDg==", + "name": "detect-libc", + "url": "https://registry.npmjs.org/detect-libc/-/detect-libc-1.0.3.tgz", + }, "detect-newline@3.1.0": { "deps": [ ], @@ -10540,6 +10549,18 @@ PACKAGES = { "name": "dot-case", "url": "https://registry.npmjs.org/dot-case/-/dot-case-3.0.4.tgz", }, + "dprint-node@1.0.8": { + "deps": [ + { + "id": "detect-libc@1.0.3", + }, + ], + "extra_deps": { + }, + "integrity": "sha512-iVKnUtYfGrYcW1ZAlfR/F59cUVL8QIhWoBJoSjkkdua/dkWIgjZfiLMeTjiB06X0ZLkQ0M2C1VbUj/CxkIf1zg==", + "name": "dprint-node", + "url": "https://registry.npmjs.org/dprint-node/-/dprint-node-1.0.8.tgz", + }, "electron-to-chromium@1.4.11": { "deps": [ ], @@ -15317,7 +15338,7 @@ PACKAGES = { "prettier-plugin-organize-imports@3.2.4-dc3fc578": { "deps": [ { - "id": "prettier@3.1.1", + "id": "prettier@3.4.2", }, { "id": "typescript@5.0.4-6832550a", @@ -15329,23 +15350,14 @@ PACKAGES = { "name": "prettier-plugin-organize-imports", "url": "https://registry.npmjs.org/prettier-plugin-organize-imports/-/prettier-plugin-organize-imports-3.2.4.tgz", }, - "prettier@2.5.1": { - "deps": [ - ], - "extra_deps": { - }, - "integrity": "sha512-vBZcPRUR5MZJwoyi3ZoyQlc1rXeEck8KgeC9AwwOn+exuxLxq5toTRDTSaVrXHxelDMHy9zlicw8u66yxoSUFg==", - "name": "prettier", - "url": "https://registry.npmjs.org/prettier/-/prettier-2.5.1.tgz", - }, - "prettier@3.1.1": { + "prettier@3.4.2": { "deps": [ ], "extra_deps": { }, - "integrity": "sha512-22UbSzg8luF4UuZtzgiUOfcGM8s4tjBv6dJRT7j275NXsy2jb4aJa4NNveul5x4eqlF1wuhuR2RElK71RvmVaw==", + "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", "name": "prettier", - "url": "https://registry.npmjs.org/prettier/-/prettier-3.1.1.tgz", + "url": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", }, "pretty-bytes@5.6.0": { "deps": [ @@ -15506,7 +15518,7 @@ PACKAGES = { "name": "property-expr", "url": "https://registry.npmjs.org/property-expr/-/property-expr-2.0.5.tgz", }, - "protobufjs@6.11.2": { + "protobufjs@6.11.4": { "deps": [ { "id": "@protobufjs/aspromise@1.1.2", @@ -15550,9 +15562,9 @@ PACKAGES = { ], "extra_deps": { }, - "integrity": "sha512-4BQJoPooKJl2G9j3XftkIXjoC9C0Av2NOrWmbLWT1vH32GcSUHjM0Arra6UfTsVyfMAuFzaLucXn1sadxJydAw==", + "integrity": "sha512-5kQWPaJHi1WoCpjTGszzQ32PG2F4+wRY6BmAT4Vfw56Q2FZ4YZzK20xUYQH4YkfehY1e6QSICrJquM6xXZNcrw==", "name": "protobufjs", - "url": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.2.tgz", + "url": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.4.tgz", }, "protocols@2.0.1": { "deps": [ @@ -15992,7 +16004,7 @@ PACKAGES = { "name": "rimraf", "url": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", }, - "rollup@2.79.1": { + "rollup@2.79.2": { "deps": [ { "id": "fsevents@2.3.2-2882183f", @@ -16000,9 +16012,9 @@ PACKAGES = { ], "extra_deps": { }, - "integrity": "sha512-uKxbd0IhMZOhjAiD5oAFp7BqvkA4Dv47qpOCtaNvng4HBwdbWtdOh8f5nZNuk2rp51PMGk3bzfWu5oayNEuYnw==", + "integrity": "sha512-fS6iqSPZDs3dr/y7Od6y5nha8dW1YnbgtsyotCVvoFGKbERG++CVRFv1meyGDE1SNItQA8BrnCw7ScdAhRJ3XQ==", "name": "rollup", - "url": "https://registry.npmjs.org/rollup/-/rollup-2.79.1.tgz", + "url": "https://registry.npmjs.org/rollup/-/rollup-2.79.2.tgz", }, "run-parallel@1.2.0": { "deps": [ @@ -16889,44 +16901,41 @@ PACKAGES = { "name": "trough", "url": "https://registry.npmjs.org/trough/-/trough-1.0.5.tgz", }, - "ts-poet@4.6.1": { + "ts-poet@6.11.0": { "deps": [ { - "id": "@types/prettier@1.19.1", - }, - { - "id": "lodash@4.17.21", - }, - { - "id": "prettier@2.5.1", + "id": "dprint-node@1.0.8", }, ], "extra_deps": { }, - "integrity": "sha512-DXJ+mBJIDp+jiaUgB4N5I/sczHHDU2FWacdbDNVAVS4Mh4hb7ckpvUWVW7m7/nAOcjR0r4Wt+7AoO7FeJKExfA==", + "integrity": "sha512-r5AGF8vvb+GjBsnqiTqbLhN1/U2FJt6BI+k0dfCrkKzWvUhNlwMmq9nDHuucHs45LomgHjZPvYj96dD3JawjJA==", "name": "ts-poet", - "url": "https://registry.npmjs.org/ts-poet/-/ts-poet-4.6.1.tgz", + "url": "https://registry.npmjs.org/ts-poet/-/ts-poet-6.11.0.tgz", }, - "ts-proto-descriptors@1.3.1": { + "ts-proto-descriptors@1.9.0": { "deps": [ { "id": "long@4.0.0", }, { - "id": "protobufjs@6.11.2", + "id": "protobufjs@6.11.4", }, ], "extra_deps": { }, - "integrity": "sha512-Cybb3fqceMwA6JzHdC32dIo8eVGVmXrM6TWhdk1XQVVHT/6OQqk0ioyX1dIdu3rCIBhRmWUhUE4HsyK+olmgMw==", + "integrity": "sha512-Ui8zA5Q4Jnq6JIGRraUWvECrqixxtwwin8GkhIkvwCpR+JcSPsxWe8HfTj5eHfyruGYI6Zjf96XlC87hTakHfQ==", "name": "ts-proto-descriptors", - "url": "https://registry.npmjs.org/ts-proto-descriptors/-/ts-proto-descriptors-1.3.1.tgz", + "url": "https://registry.npmjs.org/ts-proto-descriptors/-/ts-proto-descriptors-1.9.0.tgz", }, - "ts-proto@1.83.3": { + "ts-proto@1.148.2": { "deps": [ { "id": "@types/object-hash@1.3.4", }, + { + "id": "case-anything@2.1.13", + }, { "id": "dataloader@1.4.0", }, @@ -16934,20 +16943,20 @@ PACKAGES = { "id": "object-hash@1.3.1", }, { - "id": "protobufjs@6.11.2", + "id": "protobufjs@6.11.4", }, { - "id": "ts-poet@4.6.1", + "id": "ts-poet@6.11.0", }, { - "id": "ts-proto-descriptors@1.3.1", + "id": "ts-proto-descriptors@1.9.0", }, ], "extra_deps": { }, - "integrity": "sha512-r6MKFjoc4Og2kB4cNJ/bddLebdIwhouG5plu0Rry1jJMEqp2GKA7AE4FrR/FnTCIGbNPYP4622lBqckZd7UHcQ==", + "integrity": "sha512-sd3STxwE6/6VpASSFnIySID2lkVGwqUU9gnz0Vr1DmB83VjlJpVSeCuEj6UHsrKy7AU2UxchOfcM95LJh0uwjg==", "name": "ts-proto", - "url": "https://registry.npmjs.org/ts-proto/-/ts-proto-1.83.3.tgz", + "url": "https://registry.npmjs.org/ts-proto/-/ts-proto-1.148.2.tgz", }, "tslib@1.14.1": { "deps": [ @@ -17889,11 +17898,11 @@ ROOTS = [ "name": "prettier-plugin-organize-imports", }, { - "id": "prettier@3.1.1", + "id": "prettier@3.4.2", "name": "prettier", }, { - "id": "protobufjs@6.11.2", + "id": "protobufjs@6.11.4", "name": "protobufjs", }, { @@ -17901,7 +17910,7 @@ ROOTS = [ "name": "reflect-metadata", }, { - "id": "rollup@2.79.1", + "id": "rollup@2.79.2", "name": "rollup", }, { @@ -17913,7 +17922,7 @@ ROOTS = [ "name": "tar-stream", }, { - "id": "ts-proto@1.83.3", + "id": "ts-proto@1.148.2", "name": "ts-proto", }, { diff --git a/yarn.lock b/yarn.lock index 17b5343..ab49630 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2924,13 +2924,6 @@ __metadata: languageName: node linkType: hard -"@types/prettier@npm:^1.19.0": - version: 1.19.1 - resolution: "@types/prettier@npm:1.19.1" - checksum: d34229c37d3419b01efa31968b68c33b8b9b717bdf961e48f68e89821864b1329c45323d28e1200a204e7b2eefca1dabdac4aa0c3d698dbc8c60247322103b11 - languageName: node - linkType: hard - "@types/prettier@npm:^2.1.5": version: 2.4.2 resolution: "@types/prettier@npm:2.4.2" @@ -4209,6 +4202,13 @@ __metadata: languageName: node linkType: hard +"case-anything@npm:^2.1.10": + version: 2.1.13 + resolution: "case-anything@npm:2.1.13" + checksum: c39c69d7e418337b6006a9692f13c2b257e907e867149a102e9beb7e9d2d52da14e754da1f4e4ce82a866d86d93047e522f64360bda54e7d7c308f4cdd736c3d + languageName: node + linkType: hard + "chalk@npm:^2.0.0": version: 2.4.2 resolution: "chalk@npm:2.4.2" @@ -4649,6 +4649,15 @@ __metadata: languageName: node linkType: hard +"detect-libc@npm:^1.0.3": + version: 1.0.3 + resolution: "detect-libc@npm:1.0.3" + bin: + detect-libc: ./bin/detect-libc.js + checksum: daaaed925ffa7889bd91d56e9624e6c8033911bb60f3a50a74a87500680652969dbaab9526d1e200a4c94acf80fc862a22131841145a0a8482d60a99c24f4a3e + languageName: node + linkType: hard + "detect-newline@npm:^3.0.0": version: 3.1.0 resolution: "detect-newline@npm:3.1.0" @@ -4777,6 +4786,15 @@ __metadata: languageName: node linkType: hard +"dprint-node@npm:^1.0.8": + version: 1.0.8 + resolution: "dprint-node@npm:1.0.8" + dependencies: + detect-libc: ^1.0.3 + checksum: ac53b71296d155664319877f0e8c9fe94e084457ce9aae68081b9dd7165916f2829222923c59b1399d95680362f18a8da5994e7f76a8f52035e02bbd14ba76bc + languageName: node + linkType: hard + "electron-to-chromium@npm:^1.3.896": version: 1.4.11 resolution: "electron-to-chromium@npm:1.4.11" @@ -7837,15 +7855,6 @@ __metadata: languageName: node linkType: hard -"prettier@npm:^2.0.2": - version: 2.5.1 - resolution: "prettier@npm:2.5.1" - bin: - prettier: bin-prettier.js - checksum: 21b9408476ea1c544b0e45d51ceb94a84789ff92095abb710942d780c862d0daebdb29972d47f6b4d0f7ebbfb0ffbf56cc2cfa3e3e9d1cca54864af185b15b66 - languageName: node - linkType: hard - "prettier@npm:^3.4.2": version: 3.4.2 resolution: "prettier@npm:3.4.2" @@ -7964,9 +7973,9 @@ __metadata: languageName: node linkType: hard -"protobufjs@npm:^6.8.8, protobufjs@npm:~6.11.2": - version: 6.11.2 - resolution: "protobufjs@npm:6.11.2" +"protobufjs@npm:^6.11.3, protobufjs@npm:^6.8.8, protobufjs@npm:~6.11.4": + version: 6.11.4 + resolution: "protobufjs@npm:6.11.4" dependencies: "@protobufjs/aspromise": ^1.1.2 "@protobufjs/base64": ^1.1.2 @@ -7984,7 +7993,7 @@ __metadata: bin: pbjs: bin/pbjs pbts: bin/pbts - checksum: 80e9d9610c3eb66f9eae4e44a1ae30381cedb721b7d5f635d781fe4c507e2c77bb7c879addcd1dda79733d3ae589d9e66fd18d42baf99b35df7382a0f9920795 + checksum: b2fc6a01897b016c2a7e43a854ab4a3c57080f61be41e552235436e7a730711b8e89e47cb4ae52f0f065b5ab5d5989fc932f390337ce3a8ccf07203415700850 languageName: node linkType: hard @@ -8315,9 +8324,9 @@ __metadata: languageName: node linkType: hard -"rollup@npm:^2.78.0": - version: 2.79.1 - resolution: "rollup@npm:2.79.1" +"rollup@npm:^2.79.2": + version: 2.79.2 + resolution: "rollup@npm:2.79.2" dependencies: fsevents: ~2.3.2 dependenciesMeta: @@ -8325,7 +8334,7 @@ __metadata: optional: true bin: rollup: dist/bin/rollup - checksum: 6a2bf167b3587d4df709b37d149ad0300692cc5deb510f89ac7bdc77c8738c9546ae3de9322b0968e1ed2b0e984571f5f55aae28fa7de4cfcb1bc5402a4e2be6 + checksum: df7aa4c8b95245dede157b06ab71e1921de6080757d30e9bf31f8fb142064d12dda865e2bafbab4349588f43425b2965a290c9a5da1c048246a70fc21734ebd7 languageName: node linkType: hard @@ -8377,12 +8386,12 @@ __metadata: npm-registry-fetch: ~14.0.2 prettier: ^3.4.2 prettier-plugin-organize-imports: ^3 - protobufjs: ~6.11.2 + protobufjs: ~6.11.4 reflect-metadata: 0.1.13 - rollup: ^2.78.0 + rollup: ^2.79.2 rxjs: ~7.4.0 tar-stream: ~2.2.0 - ts-proto: ~1.83.0 + ts-proto: ~1.148.2 tslib: ~2.0.0 typescript: ~5.0.0 zone.js: ~0.11.4 @@ -9031,40 +9040,39 @@ __metadata: languageName: node linkType: hard -"ts-poet@npm:^4.5.0": - version: 4.6.1 - resolution: "ts-poet@npm:4.6.1" +"ts-poet@npm:^6.4.1": + version: 6.11.0 + resolution: "ts-poet@npm:6.11.0" dependencies: - "@types/prettier": ^1.19.0 - lodash: ^4.17.15 - prettier: ^2.0.2 - checksum: 1bb4aa4f8f21ebc68a4b0416d152431b2b0f905e7cc361edb20e5b2583aaa75de539bdbca15f4990e012a3606e54119b8f28ba5371efbfba7adbc64854beeb57 + dprint-node: ^1.0.8 + checksum: 059df95050d5ce9e235a6dc2e80f97988682465db5f9220c76c16d1091340428a0e1fe65d885acc6e68aebaf265289455e23d53727b3139dfb1924080b60c16d languageName: node linkType: hard -"ts-proto-descriptors@npm:^1.2.1": - version: 1.3.1 - resolution: "ts-proto-descriptors@npm:1.3.1" +"ts-proto-descriptors@npm:1.9.0": + version: 1.9.0 + resolution: "ts-proto-descriptors@npm:1.9.0" dependencies: long: ^4.0.0 protobufjs: ^6.8.8 - checksum: ef8acf9231375dd00cfa667c688746ae24fb8012a3875d1447cb6a6e9e0311150681719072716f58a24b1df801bcc35e56faca11ea4bac1f8146038b524b93c4 + checksum: 6818c03c7688db0ceb74d3b5108b127afa2994854113fbb599de4e7610d0c725601feb9ba0d8cd718a2f9d729172865d80d0b0797995b6515e03c5df69bf793c languageName: node linkType: hard -"ts-proto@npm:~1.83.0": - version: 1.83.3 - resolution: "ts-proto@npm:1.83.3" +"ts-proto@npm:~1.148.2": + version: 1.148.2 + resolution: "ts-proto@npm:1.148.2" dependencies: "@types/object-hash": ^1.3.0 + case-anything: ^2.1.10 dataloader: ^1.4.0 object-hash: ^1.3.1 - protobufjs: ^6.8.8 - ts-poet: ^4.5.0 - ts-proto-descriptors: ^1.2.1 + protobufjs: ^6.11.3 + ts-poet: ^6.4.1 + ts-proto-descriptors: 1.9.0 bin: protoc-gen-ts_proto: protoc-gen-ts_proto - checksum: 955c73e9f50adfb485de043f9544a01bc7242c5774788df9a1f953c3de43adae8f97d846739412380339bec3afac61986115d10c2c45e0227b2be5942957d35a + checksum: dcf65f6a4567b01400e5900ac3c1441f150d050c8df2c136beda6b0ce8f991b3a40d3692618a66cbcfe0c9dffe7c55e42345b6657963ffdc93273249bc532cbc languageName: node linkType: hard From 1ae85ce9dd59a933384666443f6ca2deba0a1df2 Mon Sep 17 00:00:00 2001 From: Nevada Perry Date: Tue, 20 May 2025 21:39:56 +0000 Subject: [PATCH 2/2] Fix lint --- BUILD.bazel | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/BUILD.bazel b/BUILD.bazel index ea956f8..df2815b 100644 --- a/BUILD.bazel +++ b/BUILD.bazel @@ -2,7 +2,10 @@ load("//commonjs:rules.bzl", "cjs_root") load("//javascript:rules.bzl", "js_library") exports_files( - ["package.json", "yarn.lock"], + [ + "package.json", + "yarn.lock", + ], visibility = ["//visibility:public"], # tests )