[Snyk] Security upgrade aegir from 37.12.1 to 38.1.6

.github/workflows/test.yml

@@ -41,7 +41,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest]
-        node: [16]
+        node: [lts/*]
     steps:
       - uses: actions/checkout@v2
         with:
@@ -50,7 +50,7 @@ jobs:
         with:
           node-version: ${{ matrix.node }}
       - uses: ipfs/aegir/actions/cache-node-modules@master
-      - run: npm run test:node -- --since ${{ github.event.pull_request.base.sha }} --concurrency 1
+      - run: npm run test:node
       - uses: codecov/codecov-action@f32b3a3741e1053eb607407145bc9619351dc93b # v2.1.0
         with:
           flags: node
@@ -67,7 +67,7 @@ jobs:
         with:
           node-version: lts/*
       - uses: ipfs/aegir/actions/cache-node-modules@master
-      - run: npm run test:chrome -- --since ${{ github.event.pull_request.base.sha }} --concurrency 1
+      - run: npm run test:chrome
       - uses: codecov/codecov-action@f32b3a3741e1053eb607407145bc9619351dc93b # v2.1.0
         with:
           flags: chrome
@@ -84,7 +84,7 @@ jobs:
         with:
           node-version: lts/*
       - uses: ipfs/aegir/actions/cache-node-modules@master
-      - run: npm run test:chrome-webworker -- --since ${{ github.event.pull_request.base.sha }} --concurrency 1
+      - run: npm run test:chrome-webworker
       - uses: codecov/codecov-action@f32b3a3741e1053eb607407145bc9619351dc93b # v2.1.0
         with:
           flags: chrome-webworker
@@ -101,7 +101,7 @@ jobs:
         with:
           node-version: lts/*
       - uses: ipfs/aegir/actions/cache-node-modules@master
-      - run: npm run test:firefox -- --since ${{ github.event.pull_request.base.sha }} --concurrency 1
+      - run: npm run test:firefox
       - uses: codecov/codecov-action@f32b3a3741e1053eb607407145bc9619351dc93b # v2.1.0
         with:
           flags: firefox
@@ -119,7 +119,7 @@ jobs:
           node-version: lts/*
       - uses: ipfs/aegir/actions/cache-node-modules@master
       - run: npx playwright install --with-deps
-      - run: npm run test:firefox-webworker -- --since ${{ github.event.pull_request.base.sha }} --concurrency 1
+      - run: npm run test:firefox-webworker
       - uses: codecov/codecov-action@f32b3a3741e1053eb607407145bc9619351dc93b # v2.1.0
         with:
           flags: firefox-webworker
@@ -138,13 +138,14 @@ jobs:
       - uses: ipfs/aegir/actions/cache-node-modules@master
       - uses: GabrielBB/xvfb-action@v1
         with:
-          run: npm run test:electron-main -- --since ${{ github.event.pull_request.base.sha }} --concurrency 1 -- -- --bail
+          run: npm run test:electron-main
       - uses: codecov/codecov-action@f32b3a3741e1053eb607407145bc9619351dc93b # v2.1.0
         with:
           flags: electron-main
 
   test-interop:
     name: Interop tests ${{ matrix.project }} ${{ matrix.type }}
+    needs: build
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -160,15 +161,14 @@ jobs:
         with:
           node-version: lts/*
       - uses: ipfs/aegir/actions/cache-node-modules@master
-      - run: npm install
-      - run: npm run build
-      - run: npm run test:interop -- --since ${{ github.event.pull_request.base.sha }} --concurrency 1 -- -- -- -t ${{ matrix.type }} --bail
+      - run: npm run test:interop -- -- -- -t ${{ matrix.type }}
       - uses: codecov/codecov-action@f32b3a3741e1053eb607407145bc9619351dc93b # v2.1.0
         with:
           flags: interop-${{ matrix.type }}
 
   test-interface:
     name: Interface tests ${{ matrix.suite }} ${{ matrix.type }}
+    needs: build
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -188,9 +188,8 @@ jobs:
       - uses: actions/setup-node@v2
         with:
           node-version: lts/*
-      - run: npm install
-      - run: npm run build
-      - run: npm run ${{ matrix.suite }} -- --since ${{ github.event.pull_request.base.sha }} --concurrency 1 -- -- -t ${{ matrix.type }}
+      - uses: ipfs/aegir/actions/cache-node-modules@master
+      - run: npm run ${{ matrix.suite }} -- -- -t ${{ matrix.type }}
       - uses: codecov/codecov-action@f32b3a3741e1053eb607407145bc9619351dc93b # v2.1.0
         with:
           flags: interface-${{ matrix.type }}
@@ -208,7 +207,7 @@ jobs:
           node-version: lts/*
       - uses: ipfs/aegir/actions/cache-node-modules@master
       - run: npx playwright install --with-deps
-      - run: npm run test:interface:message-port-client -- --since ${{ github.event.pull_request.base.sha }} --concurrency 1
+      - run: npm run test:interface:message-port-client
 
   release:
     runs-on: ubuntu-latest
@@ -263,8 +262,6 @@ jobs:
       - if: ${{ !steps.release.outputs.releases_created }}
         name: Run release rc
         run: |
-            git config --global user.email "github-actions[bot]@users.noreply.github.com"
-            git config --global user.name "github-actions[bot]"
             git update-index --assume-unchanged packages/ipfs-core/src/version.js packages/ipfs-http-server/src/version.js packages/ipfs/src/package.js
             npm run --if-present release:rc
         env:

.release-please-manifest.json

@@ -1 +1 @@
-{"packages/interface-ipfs-core":"0.156.1","packages/ipfs":"0.64.2","packages/ipfs-cli":"0.14.2","packages/ipfs-client":"0.9.1","packages/ipfs-core":"0.16.1","packages/ipfs-core-config":"0.5.1","packages/ipfs-core-types":"0.12.1","packages/ipfs-core-utils":"0.16.1","packages/ipfs-daemon":"0.14.2","packages/ipfs-grpc-client":"0.11.1","packages/ipfs-grpc-protocol":"0.7.0","packages/ipfs-grpc-server":"0.10.1","packages/ipfs-http-client":"58.0.1","packages/ipfs-http-gateway":"0.11.1","packages/ipfs-http-response":"4.0.1","packages/ipfs-http-server":"0.13.2","packages/ipfs-message-port-client":"0.13.1","packages/ipfs-message-port-protocol":"0.13.1","packages/ipfs-message-port-server":"0.13.1"}
+{"packages/interface-ipfs-core":"0.158.0","packages/ipfs":"0.66.0","packages/ipfs-cli":"0.16.0","packages/ipfs-client":"0.10.0","packages/ipfs-core":"0.18.0","packages/ipfs-core-config":"0.7.0","packages/ipfs-core-types":"0.14.0","packages/ipfs-core-utils":"0.18.0","packages/ipfs-daemon":"0.16.0","packages/ipfs-grpc-client":"0.13.0","packages/ipfs-grpc-protocol":"0.8.0","packages/ipfs-grpc-server":"0.12.0","packages/ipfs-http-client":"60.0.0","packages/ipfs-http-gateway":"0.13.0","packages/ipfs-http-response":"6.0.0","packages/ipfs-http-server":"0.15.0","packages/ipfs-message-port-client":"0.15.0","packages/ipfs-message-port-protocol":"0.15.0","packages/ipfs-message-port-server":"0.15.0"}

README.md

@@ -8,7 +8,7 @@
 
 <p align="center">
   <a href="https://github.com/ipfs/js-ipfs/tree/master/packages/interface-ipfs-core"><img src="https://img.shields.io/badge/interface--ipfs--core-API%20Docs-blue.svg"></a>
-  <a href="https://travis-ci.com/ipfs/js-ipfs?branch=master"><img src="https://badgen.net/travis/ipfs/js-ipfs?branch=master" /></a>
+  <a href="https://github.com/ipfs/js-ipfs/actions/workflows/test.yml?query=branch%3Amaster"><img src="https://img.shields.io/github/actions/workflow/status/ipfs/js-ipfs/test.yml?branch=master" /></a>
   <a href="https://codecov.io/gh/ipfs/js-ipfs"><img src="https://badgen.net/codecov/c/github/ipfs/js-ipfs" /></a>
   <br>
 </p>

docs/CONFIG.md

@@ -283,7 +283,7 @@ The "basic" connection manager tries to keep between `LowWater` and `HighWater`
 
 By default when running under nodejs, libp2p will try to use [UPnP](https://en.wikipedia.org/wiki/Universal_Plug_and_Play) to open a random high port on your router for any TCP connections you have configured.
 
-Set `DisableNatPortMap` to `false` to disable this behaviour.
+Set `DisableNatPortMap` to `true` to disable this behaviour.
 
 ### Example
 

docs/DEVELOPMENT.md

@@ -31,7 +31,7 @@ $ npm install -g npm@latest
 > npm install
 ```
 
-This will install [lerna](https://www.npmjs.com/package/lerna) and bootstrap the various packages, deduping and hoisting dependencies into the root folder.
+This will install the dependencies of the various packages, deduping and hoisting dependencies into the root folder.
 
 If later you add new dependencies to submodules or just wish to remove all the `node_modules`/`dist` folders and start again, run `npm run reset && npm install` from the root.
 

docs/upgrading/v0.62-v0.63.md

@@ -1,12 +1,13 @@
 <!--Specify versions for migration below-->
 # Migrating to ipfs@0.63 and ipfs-core@0.15 <!-- omit in toc -->
 
-> A migration guide for refactoring your application code from `ipfs@0.63.x` to `ipfs@0.64.x`
+> A migration guide for refactoring your application code from `ipfs@0.62.x` to `ipfs@0.63.x`
 
 ## Table of Contents <!-- omit in toc -->
 
 - [ESM](#esm)
-- [libp2p@0.37.x](#libp2p037x)
+  - [TypeScript and ESM](#typescript-and-esm)
+- [`libp2p@0.37.x`](#libp2p037x)
 - [PeerIds](#peerids)
 - [multiaddrs](#multiaddrs)
 
@@ -34,11 +35,53 @@ async function loadIpfs () {
 }
 ```
 
+### TypeScript and ESM
+
+When authoring typescript it can often look like you are writing ESM:
+
+```ts
+import { create } from 'ipfs-core'
+
+create()
+```
+
+When this is transpiled to JavaScript the default settings will emit CJS which will fail at runtime:
+
+```js
+"use strict";
+exports.__esModule = true;
+var ipfs_core_1 = require("ipfs-core");
+(0, ipfs_core_1.create)();
+```
+
+You may also see errors about private identifiers:
+
+```console
+node_modules/@libp2p/interfaces/dist/src/events.d.ts:19:5 - error TS18028: Private identifiers are only available when targeting ECMAScript 2015 and higher.
+
+19     #private;
+       ~~~~~~~~
+```
+
+To build correctly with ESM as a target, update your `tsconfig.json` to include the following:
+
+```js
+{
+  "module": "es2020", // ensures output is ESM
+  "target": "es2020", // support modern features like private identifiers
+  // other settings
+}
+```
+
+They must both be set to `es2020` at least, more recent versions will also work.
+
+If in doubt, examine the JavaScript files `tsc` emits and ensure that any `ipfs` modules are being loaded with `import` and not `require`.
+
 ## `libp2p@0.37.x`
 
 `ipfs@0.63.x` upgrades to `libp2p@0.37.x`.  This is a significant refactor that ports the entire stack to TypeScript and publishes all modules as ESM-only code.
 
-Please see the [libp2p 0.37.x upgrade guide](https://github.com/libp2p/js-libp2p/blob/master/doc/migrations/v0.36-v.037.md) for how this may affect your application.
+Please see the [libp2p 0.37.x upgrade guide](https://github.com/libp2p/js-libp2p/blob/master/doc/migrations/v0.36-v0.37.md) for how this may affect your application.
 
 ## PeerIds
 

docs/upgrading/v0.63-v0.64.md

@@ -0,0 +1,16 @@
+<!--Specify versions for migration below-->
+# Migrating to ipfs@0.64 and ipfs-core@0.16 <!-- omit in toc -->
+
+> A migration guide for refactoring your application code from `ipfs@0.63.x` to `ipfs@0.64.x`
+
+## Table of Contents <!-- omit in toc -->
+
+- [libp2p](#libp2p)
+
+## libp2p
+
+The upgrade to `ipfs@0.64.x` incorporates an update to `libp2p@0.38.x` but no API changes.
+
+If your application uses only the default libp2p config there is nothing to do.
+
+If you supply a custom `libp2p` instance to the `ipfs` factory function you should consult the [`libp2p@0.38.x` upgrade guide](https://github.com/libp2p/js-libp2p/blob/master/doc/migrations/v0.37-v0.38.md) for any changes you need to make.

docs/upgrading/v0.64-v0.65.md

@@ -0,0 +1,23 @@
+<!--Specify versions for migration below-->
+# Migrating to ipfs@0.65 and ipfs-core@0.17 <!-- omit in toc -->
+
+> A migration guide for refactoring your application code from `ipfs@0.64.x` to `ipfs@0.65.x`
+
+## Table of Contents <!-- omit in toc -->
+
+- [libp2p](#libp2p)
+- [multiformats](#multiformats)
+
+## libp2p
+
+The upgrade to `ipfs@0.65.x` incorporates an update to `libp2p@0.40.x` but no API changes.
+
+If your application uses only the default libp2p config there is nothing to do.
+
+If you supply a custom `libp2p` instance to the `ipfs` factory function you should consult the [`libp2p@0.40.x` upgrade guide](https://github.com/libp2p/js-libp2p/blob/master/doc/migrations/v0.39-v0.40.md) for any changes you need to make.
+
+## multiformats
+
+`ipfs@0.65.x` now uses `multiformats@10.x.x`, this means instances of the `CID` class now come from that module and not `multiformats@9.x.x` so any `instanceof` checks your codebase has may break if instances are compare to the class loaded from a different module version.
+
+If your project also has a dependency on the `multiformats` module, it should be updated to `10.x.x` in line with js-ipfs.

package.json

@@ -17,40 +17,37 @@
   },
   "private": true,
   "scripts": {
-    "link": "lerna link",
-    "reset": "lerna run clean && rimraf packages/*/node_modules node_modules package-lock.json packages/*/package-lock.json",
-    "test": "lerna run test",
-    "test:node": "lerna run test:node",
-    "test:chrome": "lerna run test:chrome",
-    "test:chrome-webworker": "lerna run test:chrome-webworker",
-    "test:firefox": "lerna run test:firefox",
-    "test:firefox-webworker": "lerna run test:firefox-webworker",
-    "test:electron-main": "lerna run test:electron-main",
-    "test:external": "lerna run test:external",
-    "test:cli": "lerna run test:cli",
-    "test:interop": "lerna run test:interop",
-    "test:interface:client": "lerna run test:interface:client",
-    "test:interface:core": "lerna run test:interface:core",
-    "test:interface:http-go": "lerna run test:interface:http-go",
-    "test:interface:http-js": "lerna run test:interface:http-js",
-    "test:interface:message-port-client": "lerna run test:interface:message-port-client",
-    "coverage": "lerna run coverage",
-    "build": "lerna run build",
-    "clean": "lerna run clean",
-    "lint": "lerna run lint",
-    "dep-check": "lerna run dep-check",
+    "reset": "aegir run clean && aegir clean packages/*/node_modules node_modules package-lock.json packages/*/package-lock.json",
+    "test": "aegir run test",
+    "test:node": "aegir run test:node",
+    "test:chrome": "aegir run test:chrome",
+    "test:chrome-webworker": "aegir run test:chrome-webworker",
+    "test:firefox": "aegir run test:firefox",
+    "test:firefox-webworker": "aegir run test:firefox-webworker",
+    "test:electron-main": "aegir run test:electron-main",
+    "test:external": "aegir run test:external",
+    "test:cli": "aegir run test:cli",
+    "test:interop": "aegir run test:interop",
+    "test:interface:client": "aegir run test:interface:client",
+    "test:interface:core": "aegir run test:interface:core",
+    "test:interface:http-go": "aegir run test:interface:http-go",
+    "test:interface:http-js": "aegir run test:interface:http-js",
+    "test:interface:message-port-client": "aegir run test:interface:message-port-client",
+    "coverage": "aegir run coverage",
+    "build": "aegir run build",
+    "clean": "aegir run clean",
+    "lint": "aegir run lint",
+    "dep-check": "aegir run dep-check",
     "release": "run-s build npm:release docker:release",
-    "npm:release": "lerna publish from-package --no-push --no-private --yes",
+    "npm:release": "aegir exec npm -- publish",
     "docker:release": "run-s docker:release:*",
     "docker:release:build": "docker build . --no-cache --tag js-ipfs:latest --file ./Dockerfile.latest",
     "docker:release:tag-latest": "docker tag js-ipfs:latest docker.io/ipfs/js-ipfs:latest",
     "docker:release:tag-version": "docker tag js-ipfs:latest docker.io/ipfs/js-ipfs:v`npm show ipfs@latest version -q`",
     "docker:release:push-latest": "docker push ipfs/js-ipfs:latest",
     "docker:release:push-version": "docker push ipfs/js-ipfs:v`npm show ipfs@latest version -q`",
-    "release:rc": "run-s npm:rc:* docker:rc",
-    "npm:rc:version": "lerna version prerelease --preid `git rev-parse --short HEAD` --force-publish --no-push --yes",
-    "npm:rc:build": "npm run build",
-    "npm:rc:publish": "lerna publish from-package --no-push --no-private --dist-tag next --yes",
+    "release:rc": "run-s npm:rc docker:rc",
+    "npm:rc": "aegir release-rc",
     "docker:rc": "run-s docker:rc:*",
     "docker:rc:build": "docker build . --no-cache --tag js-ipfs:next --file ./Dockerfile.next",
     "docker:rc:tag-next": "docker tag js-ipfs:next docker.io/ipfs/js-ipfs:next",
@@ -59,10 +56,8 @@
     "docker:rc:push-rc": "docker push ipfs/js-ipfs:v`npm show ipfs@next version -q`"
   },
   "devDependencies": {
-    "lerna": "^5.0.0",
-    "node-fetch": "npm:@achingbrain/node-fetch@^2.6.4",
-    "npm-run-all": "^4.1.5",
-    "rimraf": "^3.0.2"
+    "aegir": "^37.11.0",
+    "npm-run-all": "^4.1.5"
   },
   "eslintConfig": {
     "extends": "ipfs",