Vulnerability fixes (#54)

- (breaking) Upgrade `mssql` dependency - (breaking) Update babel configuration so output is more aligned with minimum node version support - (fix) Bump dependencies to eliminate security vulnerabilities - (tests) Fix breakage caused by mssql image changes - (tests) Add workflow to run tests in a PR and on merge to main
godaddy · Aug 20, 2024 · 6ba23dc · 6ba23dc
1 parent a5025e1
commit 6ba23dc
Show file tree

Hide file tree

Showing 23 changed files with 2,958 additions and 2,125 deletions.
diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
@@ -0,0 +1,32 @@
+name: Verify Pull Request
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  test:
+    name: Run tests on node ${{ matrix.version }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        version: [18, 20, 22]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+      - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+        with:
+          node-version: ${{ matrix.version }}
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run tests
+        run: npm run test:all
+
diff --git a/.nvmrc b/.nvmrc
@@ -0,0 +1 @@
+20
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,10 @@
+# 2.0.0 (August 20, 2024)
+
+## Breaking
+
+- `mssql` dependency has been upgraded from 9.x to 11.x.
+- The minimum Node.js version is now 18.x.
+
 # 1.0.0 (October 12, 2022)
 
 ## Breaking

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -34,24 +34,23 @@
     "name": "Grant Shively",
     "email": "gshively@godaddy.com"
   },
+  "engines": {
+    "node": ">=18"
+  },
   "dependencies": {
     "@babel/runtime": "^7.6.3",
     "aggregate-error": "^3.0.1",
     "debug": "^4.1.1",
     "lodash.partial": "^4.2.1",
-    "mssql": "^9.0.1",
+    "mssql": "^11.0.1",
     "promise-reduce": "^2.1.0",
     "promise-retry": "^1.1.1",
     "uuid": "^3.3.3"
   },
   "devDependencies": {
     "@babel/cli": "^7.19.3",
     "@babel/core": "^7.6.4",
-    "@babel/plugin-proposal-class-properties": "^7.5.5",
-    "@babel/plugin-proposal-object-rest-spread": "^7.6.2",
-    "@babel/plugin-transform-regenerator": "^7.4.5",
-    "@babel/plugin-transform-runtime": "^7.6.2",
-    "@babel/preset-env": "^7.6.3",
+    "@babel/preset-env": "^7.25.3",
     "babel-eslint": "^10.0.3",
     "babel-jest": "^29.3.1",
     "babel-plugin-add-module-exports": "^1.0.4",
@@ -73,12 +72,9 @@
     "sourceMaps": "inline",
     "retainLines": true,
     "plugins": [
-      "@babel/plugin-proposal-class-properties",
-      "@babel/plugin-proposal-object-rest-spread",
-      "@babel/plugin-transform-regenerator",
-      "@babel/plugin-transform-runtime",
       "add-module-exports"
-    ]
+    ],
+    "targets": "node 18.0"
   },
   "jest": {
     "collectCoverage": true,

diff --git a/test/mssql-setup/Dockerfile b/test/mssql-setup/Dockerfile
@@ -13,6 +13,6 @@ COPY . /usr/src/app
 RUN chmod +x /usr/src/app/entrypoint.sh
 RUN chmod +x /usr/src/app/import-data.sh
 
-RUN echo 'export "PATH=$PATH:/opt/mssql-tools/bin"' >> /root/.bashrc
+RUN echo 'export "PATH=$PATH:/opt/mssql-tools18/bin"' >> /root/.bashrc
 
 ENTRYPOINT [ "/usr/src/app/entrypoint.sh" ]
diff --git a/test/mssql-setup/import-data.sh b/test/mssql-setup/import-data.sh
@@ -5,7 +5,24 @@
 sleep 20s
 
 #run the setup script to create the DB and the schema in the DB
-/opt/mssql-tools/bin/sqlcmd -S localhost -U sa -P PoolPartyyy9000 -d master -i setup.sql
+echo Running setup command
+/opt/mssql-tools18/bin/sqlcmd \
+  -S localhost \
+  -U sa \
+  -P PoolPartyyy9000 \
+  -d master \
+  -C \
+  -N o \
+  -i setup.sql
 
 #import the data from the csv file
-/opt/mssql-tools/bin/bcp PoolParty.dbo.PartyAnimals in "/usr/src/app/party-animals-${1}.csv" -c -t',' -S localhost -U sa -P PoolPartyyy9000
+echo Importing data
+/opt/mssql-tools18/bin/bcp \
+  PoolParty.dbo.PartyAnimals in "/usr/src/app/party-animals-${1}.csv" \
+  -c \
+  -t ',' \
+  -S localhost \
+  -U sa \
+  -P PoolPartyyy9000 \
+  -u \
+  -Yo
diff --git a/test/parallel/callback-execute.test.js b/test/parallel/callback-execute.test.js
@@ -22,6 +22,7 @@ describe('execute (stored procedures) tests using callback interface', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       retries: 1,
       reconnects: 1,

diff --git a/test/parallel/callback-other.test.js b/test/parallel/callback-other.test.js
@@ -7,6 +7,7 @@ const config = {
     server: 'localhost',
     database: 'PoolParty',
     trustServerCertificate: true,
+    encrypt: false,
   },
   retries: 1,
   reconnects: 1,

diff --git a/test/parallel/callback-query.test.js b/test/parallel/callback-query.test.js
@@ -37,6 +37,7 @@ describe('query tests using callback interface', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       retries: 1,
       reconnects: 1,

diff --git a/test/parallel/healing-race.test.js b/test/parallel/healing-race.test.js
@@ -12,6 +12,7 @@ describe('healing race tests', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       reconnects: 1,
     });

diff --git a/test/parallel/multiple-dsns.test.js b/test/parallel/multiple-dsns.test.js
@@ -15,13 +15,15 @@ describe('multiple dsn tests', () => {
           server: 'localhost',
           database: 'PoolParty',
           trustServerCertificate: true,
+          encrypt: false,
         },
         {
           user: 'sa',
           password: 'PoolPartyyy9000',
           server: 'localhost',
           database: 'PoolParty',
           trustServerCertificate: true,
+          encrypt: false,
         },
       ],
     });

diff --git a/test/parallel/prioritized-pools.test.js b/test/parallel/prioritized-pools.test.js
@@ -21,6 +21,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 1,
           trustServerCertificate: true,
+          encrypt: false,
         },
         {
           user: 'sa',
@@ -29,6 +30,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 0,
           trustServerCertificate: true,
+          encrypt: false,
         },
       ],
       prioritizePools: true,
@@ -67,6 +69,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 1,
           trustServerCertificate: true,
+          encrypt: false,
         },
         {
           user: 'sa',
@@ -75,6 +78,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 0,
           trustServerCertificate: true,
+          encrypt: false,
         },
       ],
       prioritizePools: true,
@@ -121,6 +125,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 1,
           trustServerCertificate: true,
+          encrypt: false,
         },
         {
           user: 'sa',
@@ -129,6 +134,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 0,
           trustServerCertificate: true,
+          encrypt: false,
         },
       ],
       prioritizePools: true,
@@ -167,6 +173,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 2,
           trustServerCertificate: true,
+          encrypt: false,
         },
         {
           user: 'sa',
@@ -175,6 +182,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 0,
           trustServerCertificate: true,
+          encrypt: false,
         },
         {
           user: 'sa',
@@ -183,6 +191,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 1,
           trustServerCertificate: true,
+          encrypt: false,
         },
       ],
       prioritizePools: true,
@@ -233,6 +242,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 1,
           trustServerCertificate: true,
+          encrypt: false,
         },
         {
           user: 'sa',
@@ -241,6 +251,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 0,
           trustServerCertificate: true,
+          encrypt: false,
         },
         {
           user: 'sa',
@@ -249,6 +260,7 @@ describe.skip('prioritized pools tests', () => {
           database: 'PoolParty',
           priority: 2,
           trustServerCertificate: true,
+          encrypt: false,
         },
       ],
       prioritizePools: true,
@@ -303,6 +315,7 @@ describe.skip('prioritized pools tests', () => {
           server: 'localhost',
           database: 'PoolParty',
           trustServerCertificate: true,
+          encrypt: false,
         },
         {
           id: 'pool2',
@@ -311,6 +324,7 @@ describe.skip('prioritized pools tests', () => {
           server: 'localhost',
           database: 'PoolParty',
           trustServerCertificate: true,
+          encrypt: false,
         },
       ],
       prioritizePools: true,

diff --git a/test/parallel/promise-execute-TVP-writes.test.js b/test/parallel/promise-execute-TVP-writes.test.js
@@ -14,10 +14,12 @@ describe('execute TVP write using promise interface', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       connectionPoolOptions: {
         options: {
           trustServerCertificate: true,
+          encrypt: false,
         },
       },
     });

diff --git a/test/parallel/promise-execute-many-writes.test.js b/test/parallel/promise-execute-many-writes.test.js
@@ -14,12 +14,14 @@ describe('execute many writes tests using promise interface', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       retries: 1,
       reconnects: 1,
       connectionPoolOptions: {
         options: {
           trustServerCertificate: true,
+          encrypt: false,
         },
       },
     });

diff --git a/test/parallel/promise-execute.test.js b/test/parallel/promise-execute.test.js
@@ -22,6 +22,7 @@ describe('execute (stored procedures) tests using promise interface', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       retries: 1,
       reconnects: 1,

diff --git a/test/parallel/promise-query.test.js b/test/parallel/promise-query.test.js
@@ -37,6 +37,7 @@ describe('query tests using promise interface', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       retries: 1,
       reconnects: 1,

diff --git a/test/parallel/stats.test.js b/test/parallel/stats.test.js
@@ -84,11 +84,13 @@ describe('stats tests', () => {
         password: 'PoolPartyyy9000',
         server: 'localhost',
         database: 'PoolParty',
+        encrypt: false,
       }, {
         user: 'sa',
         password: 'PoolPartyyy9000',
         server: 'localhost',
         database: 'PoolParty',
+        encrypt: false,
       }],
       retries: 1,
       reconnects: 1,

diff --git a/test/parallel/stream-execute.test.js b/test/parallel/stream-execute.test.js
@@ -38,6 +38,7 @@ describe('execute (stored procedures) tests using stream interface', () => {
         password: 'PoolPartyyy9000',
         server: 'localhost',
         database: 'PoolParty',
+        encrypt: false,
         trustServerCertificate: true,
       },
       connectionPoolConfig: {
@@ -194,6 +195,7 @@ describe('execute (stored procedures) tests using stream interface', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       connectionPoolConfig: {
         stream: true,

diff --git a/test/parallel/stream-query.test.js b/test/parallel/stream-query.test.js
@@ -46,6 +46,7 @@ describe('query tests using stream interface', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       connectionPoolConfig: {
         stream: true,
@@ -198,6 +199,7 @@ describe('query tests using stream interface', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       connectionPoolConfig: {
         stream: true,

diff --git a/test/parallel/warmup-race.test.js b/test/parallel/warmup-race.test.js
@@ -15,6 +15,7 @@ describe('warmup race tests', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       },
       reconnects: 1,
       connectionPoolFactory: factorySpy,

diff --git a/test/serial/failover.test.js b/test/serial/failover.test.js
@@ -15,13 +15,15 @@ describe('failover tests', () => {
         server: 'localhost',
         database: 'PoolParty',
         trustServerCertificate: true,
+        encrypt: false,
       }, {
         user: 'sa',
         password: 'PoolPartyyy9000',
         server: 'localhost',
         database: 'PoolParty',
         port: 1434,
         trustServerCertificate: true,
+        encrypt: false,
       }],
       retries: 1,
       reconnects: 1,