diff --git a/package-lock.json b/package-lock.json index ed39854679..7d5096a34d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -68,7 +68,7 @@ "semver": "^6.0.0", "snyk-config": "^5.0.0", "snyk-cpp-plugin": "2.24.0", - "snyk-docker-plugin": "6.12.3", + "snyk-docker-plugin": "6.13.1", "snyk-go-plugin": "1.23.0", "snyk-gradle-plugin": "4.1.0", "snyk-module": "3.1.0", @@ -3066,9 +3066,9 @@ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "node_modules/@snyk/docker-registry-v2-client": { - "version": "2.11.0", - "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.11.0.tgz", - "integrity": "sha512-X3eJWJzdwjUHb2alXg0njY1CilDx9og1O242f2Qx4BiUxnw73VPjKnOinU9QQNcImIxSjLAaTxwZczm/oC0WcQ==", + "version": "2.15.0", + "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.15.0.tgz", + "integrity": "sha512-h81cwwoX6rxYHuCSD4+KeTHSIQZz8RSOuszS8QfC+FDoKROmM2H02hnqxsYPY247GZVTK+NN1iK5cHwBQeBP+Q==", "dependencies": { "needle": "^3.2.0", "parse-link-header": "^2.0.0", @@ -3392,11 +3392,11 @@ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "node_modules/@snyk/snyk-docker-pull": { - "version": "3.11.0", - "resolved": "https://registry.npmjs.org/@snyk/snyk-docker-pull/-/snyk-docker-pull-3.11.0.tgz", - "integrity": "sha512-QBCRcEEqpeA0MWXD+BZ7YFdURBfrVJ77YFRLmi6jCZCnvNID0jGnz2QKZrfAT4GboB72VXYcmrSjo6+kXpBa8Q==", + "version": "3.13.0", + "resolved": "https://registry.npmjs.org/@snyk/snyk-docker-pull/-/snyk-docker-pull-3.13.0.tgz", + "integrity": "sha512-S0UyBnhozdP03Qfu10gCCCRmnDLMPbbEEpCjogsPywjLFOjpG3EYa2x8H84S+Wu/a0Ft8uw9ng4QGD555pDdAg==", "dependencies": { - "@snyk/docker-registry-v2-client": "^2.11.0", + "@snyk/docker-registry-v2-client": "2.15.0", "child-process": "^1.0.2", "tar-fs": "^3.0.4" }, @@ -3405,19 +3405,22 @@ } }, "node_modules/@snyk/snyk-docker-pull/node_modules/tar-fs": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.4.tgz", - "integrity": "sha512-5AFQU8b9qLfZCX9zp2duONhPmZv0hGYiBPJsyUdqMjzq/mqVpy/rEUSeHk1+YitmxugaptgBh5oDGU3VsAJq4w==", + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.6.tgz", + "integrity": "sha512-iokBDQQkUyeXhgPYaZxmczGPhnhXZ0CmrqI+MOb/WFGS9DW5wnfrLgtjUJBvz50vQ3qfRwJ62QVoCFu8mPVu5w==", "dependencies": { - "mkdirp-classic": "^0.5.2", "pump": "^3.0.0", "tar-stream": "^3.1.5" + }, + "optionalDependencies": { + "bare-fs": "^2.1.1", + "bare-path": "^2.1.0" } }, "node_modules/@snyk/snyk-docker-pull/node_modules/tar-stream": { - "version": "3.1.6", - "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.6.tgz", - "integrity": "sha512-B/UyjYwPpMBv+PaFSWAmtYjwdrlEaZQEhMIBFNC5oEG8lpiW8XjcSdmEaClj28ArfKScKHs2nshz3k2le6crsg==", + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", "dependencies": { "b4a": "^1.6.4", "fast-fifo": "^1.2.0", @@ -6668,9 +6671,9 @@ } }, "node_modules/b4a": { - "version": "1.6.4", - "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.4.tgz", - "integrity": "sha512-fpWrvyVHEKyeEvbKZTVOeZF3VSKKWtJxFIxX/jaVPf+cLbGUSitjb49pHLqPV2BUNNZ0LcoeEGfE/YCpyDYHIw==" + "version": "1.6.6", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.6.tgz", + "integrity": "sha512-5Tk1HLk6b6ctmjIkAcU/Ujv/1WqiDl0F0JdRCR80VsOcUlHcu7pWeWRlOqQLHfDEsVx9YH/aif5AG4ehoCtTmg==" }, "node_modules/babel-plugin-istanbul": { "version": "6.1.1", @@ -6732,6 +6735,47 @@ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" }, + "node_modules/bare-events": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.4.2.tgz", + "integrity": "sha512-qMKFd2qG/36aA4GwvKq8MxnPgCQAmBWmSyLWsJcbn8v03wvIPQ/hG1Ms8bPzndZxMDoHpxez5VOS+gC9Yi24/Q==", + "optional": true + }, + "node_modules/bare-fs": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-2.3.1.tgz", + "integrity": "sha512-W/Hfxc/6VehXlsgFtbB5B4xFcsCl+pAh30cYhoFyXErf6oGrwjh8SwiPAdHgpmWonKuYpZgGywN0SXt7dgsADA==", + "optional": true, + "dependencies": { + "bare-events": "^2.0.0", + "bare-path": "^2.0.0", + "bare-stream": "^2.0.0" + } + }, + "node_modules/bare-os": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-2.4.0.tgz", + "integrity": "sha512-v8DTT08AS/G0F9xrhyLtepoo9EJBJ85FRSMbu1pQUlAf6A8T0tEEQGMVObWeqpjhSPXsE0VGlluFBJu2fdoTNg==", + "optional": true + }, + "node_modules/bare-path": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-2.1.3.tgz", + "integrity": "sha512-lh/eITfU8hrj9Ru5quUp0Io1kJWIk1bTjzo7JH1P5dWmQ2EL4hFUlfI8FonAhSlgIfhn63p84CDY/x+PisgcXA==", + "optional": true, + "dependencies": { + "bare-os": "^2.1.0" + } + }, + "node_modules/bare-stream": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.1.3.tgz", + "integrity": "sha512-tiDAH9H/kP+tvNO5sczyn9ZAA7utrSMobyDchsnyyXBuUe2FSQWbxhtuHB8jwpHYYevVo2UJpcmvvjrbHboUUQ==", + "optional": true, + "dependencies": { + "streamx": "^2.18.0" + } + }, "node_modules/base64-js": { "version": "1.5.1", "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", @@ -16248,7 +16292,8 @@ "node_modules/mkdirp-classic": { "version": "0.5.3", "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz", - "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==" + "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==", + "dev": true }, "node_modules/mock-fs": { "version": "4.14.0", @@ -20236,15 +20281,15 @@ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "node_modules/snyk-docker-plugin": { - "version": "6.12.3", - "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-6.12.3.tgz", - "integrity": "sha512-PU2vHUuZ9hprSlqe/DjKXqOffqhmBnDpZH6RqVdEb+RrEOxF3pHJ+JrqCl8npw8KKbassaXXuNoJ7CgJvgCW0A==", + "version": "6.13.1", + "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-6.13.1.tgz", + "integrity": "sha512-BojEnE0Rb8a00A2P/INXPDAE6rXL5pghv/6NRfrGjoc1OPu7HWbA/a+Vv5loAi2MYCRLryrA7IN6TlzMW7T/+A==", "dependencies": { "@snyk/composer-lockfile-parser": "^1.4.1", "@snyk/dep-graph": "^2.8.1", - "@snyk/docker-registry-v2-client": "^2.11.0", + "@snyk/docker-registry-v2-client": "2.15.0", "@snyk/rpm-parser": "3.1.0", - "@snyk/snyk-docker-pull": "^3.11.0", + "@snyk/snyk-docker-pull": "3.13.0", "@swimlane/docker-reference": "^2.0.1", "adm-zip": "^0.5.5", "chalk": "^2.4.2", @@ -20324,18 +20369,6 @@ "node": ">=10" } }, - "node_modules/snyk-docker-plugin/node_modules/micromatch": { - "version": "4.0.7", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", - "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", - "dependencies": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, "node_modules/snyk-docker-plugin/node_modules/mkdirp": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", @@ -21769,12 +21802,16 @@ } }, "node_modules/streamx": { - "version": "2.15.6", - "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.15.6.tgz", - "integrity": "sha512-q+vQL4AAz+FdfT137VF69Cc/APqUbxy+MDOImRrMvchJpigHj9GksgDU2LYbO9rx7RX6osWgxJB2WxhYv4SZAw==", + "version": "2.18.0", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.18.0.tgz", + "integrity": "sha512-LLUC1TWdjVdn1weXGcSxyTR3T4+acB6tVGXT95y0nGbca4t4o/ng1wKAGTljm9VicuCVLvRlqFYXYy5GwgM7sQ==", "dependencies": { - "fast-fifo": "^1.1.0", - "queue-tick": "^1.0.1" + "fast-fifo": "^1.3.2", + "queue-tick": "^1.0.1", + "text-decoder": "^1.1.0" + }, + "optionalDependencies": { + "bare-events": "^2.2.0" } }, "node_modules/strict-uri-encode": { @@ -22469,6 +22506,14 @@ "node": ">=8" } }, + "node_modules/text-decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.1.1.tgz", + "integrity": "sha512-8zll7REEv4GDD3x4/0pW+ppIxSNs7H1J10IKFZsuOMscumCdM2a+toDGLPA3T+1+fLBql4zbt5z83GEQGGV5VA==", + "dependencies": { + "b4a": "^1.6.4" + } + }, "node_modules/text-extensions": { "version": "2.4.0", "resolved": "https://registry.npmjs.org/text-extensions/-/text-extensions-2.4.0.tgz", @@ -26649,9 +26694,9 @@ } }, "@snyk/docker-registry-v2-client": { - "version": "2.11.0", - "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.11.0.tgz", - "integrity": "sha512-X3eJWJzdwjUHb2alXg0njY1CilDx9og1O242f2Qx4BiUxnw73VPjKnOinU9QQNcImIxSjLAaTxwZczm/oC0WcQ==", + "version": "2.15.0", + "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.15.0.tgz", + "integrity": "sha512-h81cwwoX6rxYHuCSD4+KeTHSIQZz8RSOuszS8QfC+FDoKROmM2H02hnqxsYPY247GZVTK+NN1iK5cHwBQeBP+Q==", "requires": { "needle": "^3.2.0", "parse-link-header": "^2.0.0", @@ -27017,29 +27062,30 @@ } }, "@snyk/snyk-docker-pull": { - "version": "3.11.0", - "resolved": "https://registry.npmjs.org/@snyk/snyk-docker-pull/-/snyk-docker-pull-3.11.0.tgz", - "integrity": "sha512-QBCRcEEqpeA0MWXD+BZ7YFdURBfrVJ77YFRLmi6jCZCnvNID0jGnz2QKZrfAT4GboB72VXYcmrSjo6+kXpBa8Q==", + "version": "3.13.0", + "resolved": "https://registry.npmjs.org/@snyk/snyk-docker-pull/-/snyk-docker-pull-3.13.0.tgz", + "integrity": "sha512-S0UyBnhozdP03Qfu10gCCCRmnDLMPbbEEpCjogsPywjLFOjpG3EYa2x8H84S+Wu/a0Ft8uw9ng4QGD555pDdAg==", "requires": { - "@snyk/docker-registry-v2-client": "^2.11.0", + "@snyk/docker-registry-v2-client": "2.15.0", "child-process": "^1.0.2", "tar-fs": "^3.0.4" }, "dependencies": { "tar-fs": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.4.tgz", - "integrity": "sha512-5AFQU8b9qLfZCX9zp2duONhPmZv0hGYiBPJsyUdqMjzq/mqVpy/rEUSeHk1+YitmxugaptgBh5oDGU3VsAJq4w==", + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.6.tgz", + "integrity": "sha512-iokBDQQkUyeXhgPYaZxmczGPhnhXZ0CmrqI+MOb/WFGS9DW5wnfrLgtjUJBvz50vQ3qfRwJ62QVoCFu8mPVu5w==", "requires": { - "mkdirp-classic": "^0.5.2", + "bare-fs": "^2.1.1", + "bare-path": "^2.1.0", "pump": "^3.0.0", "tar-stream": "^3.1.5" } }, "tar-stream": { - "version": "3.1.6", - "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.6.tgz", - "integrity": "sha512-B/UyjYwPpMBv+PaFSWAmtYjwdrlEaZQEhMIBFNC5oEG8lpiW8XjcSdmEaClj28ArfKScKHs2nshz3k2le6crsg==", + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", "requires": { "b4a": "^1.6.4", "fast-fifo": "^1.2.0", @@ -29492,9 +29538,9 @@ } }, "b4a": { - "version": "1.6.4", - "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.4.tgz", - "integrity": "sha512-fpWrvyVHEKyeEvbKZTVOeZF3VSKKWtJxFIxX/jaVPf+cLbGUSitjb49pHLqPV2BUNNZ0LcoeEGfE/YCpyDYHIw==" + "version": "1.6.6", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.6.tgz", + "integrity": "sha512-5Tk1HLk6b6ctmjIkAcU/Ujv/1WqiDl0F0JdRCR80VsOcUlHcu7pWeWRlOqQLHfDEsVx9YH/aif5AG4ehoCtTmg==" }, "babel-plugin-istanbul": { "version": "6.1.1", @@ -29549,6 +29595,47 @@ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" }, + "bare-events": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.4.2.tgz", + "integrity": "sha512-qMKFd2qG/36aA4GwvKq8MxnPgCQAmBWmSyLWsJcbn8v03wvIPQ/hG1Ms8bPzndZxMDoHpxez5VOS+gC9Yi24/Q==", + "optional": true + }, + "bare-fs": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-2.3.1.tgz", + "integrity": "sha512-W/Hfxc/6VehXlsgFtbB5B4xFcsCl+pAh30cYhoFyXErf6oGrwjh8SwiPAdHgpmWonKuYpZgGywN0SXt7dgsADA==", + "optional": true, + "requires": { + "bare-events": "^2.0.0", + "bare-path": "^2.0.0", + "bare-stream": "^2.0.0" + } + }, + "bare-os": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-2.4.0.tgz", + "integrity": "sha512-v8DTT08AS/G0F9xrhyLtepoo9EJBJ85FRSMbu1pQUlAf6A8T0tEEQGMVObWeqpjhSPXsE0VGlluFBJu2fdoTNg==", + "optional": true + }, + "bare-path": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-2.1.3.tgz", + "integrity": "sha512-lh/eITfU8hrj9Ru5quUp0Io1kJWIk1bTjzo7JH1P5dWmQ2EL4hFUlfI8FonAhSlgIfhn63p84CDY/x+PisgcXA==", + "optional": true, + "requires": { + "bare-os": "^2.1.0" + } + }, + "bare-stream": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.1.3.tgz", + "integrity": "sha512-tiDAH9H/kP+tvNO5sczyn9ZAA7utrSMobyDchsnyyXBuUe2FSQWbxhtuHB8jwpHYYevVo2UJpcmvvjrbHboUUQ==", + "optional": true, + "requires": { + "streamx": "^2.18.0" + } + }, "base64-js": { "version": "1.5.1", "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", @@ -36697,7 +36784,8 @@ "mkdirp-classic": { "version": "0.5.3", "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz", - "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==" + "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==", + "dev": true }, "mock-fs": { "version": "4.14.0", @@ -39646,15 +39734,15 @@ } }, "snyk-docker-plugin": { - "version": "6.12.3", - "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-6.12.3.tgz", - "integrity": "sha512-PU2vHUuZ9hprSlqe/DjKXqOffqhmBnDpZH6RqVdEb+RrEOxF3pHJ+JrqCl8npw8KKbassaXXuNoJ7CgJvgCW0A==", + "version": "6.13.1", + "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-6.13.1.tgz", + "integrity": "sha512-BojEnE0Rb8a00A2P/INXPDAE6rXL5pghv/6NRfrGjoc1OPu7HWbA/a+Vv5loAi2MYCRLryrA7IN6TlzMW7T/+A==", "requires": { "@snyk/composer-lockfile-parser": "^1.4.1", "@snyk/dep-graph": "^2.8.1", - "@snyk/docker-registry-v2-client": "^2.11.0", + "@snyk/docker-registry-v2-client": "2.15.0", "@snyk/rpm-parser": "3.1.0", - "@snyk/snyk-docker-pull": "^3.11.0", + "@snyk/snyk-docker-pull": "3.13.0", "@swimlane/docker-reference": "^2.0.1", "adm-zip": "^0.5.5", "chalk": "^2.4.2", @@ -39720,15 +39808,6 @@ "yallist": "^4.0.0" } }, - "micromatch": { - "version": "4.0.7", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", - "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", - "requires": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - } - }, "mkdirp": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", @@ -40927,12 +41006,14 @@ } }, "streamx": { - "version": "2.15.6", - "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.15.6.tgz", - "integrity": "sha512-q+vQL4AAz+FdfT137VF69Cc/APqUbxy+MDOImRrMvchJpigHj9GksgDU2LYbO9rx7RX6osWgxJB2WxhYv4SZAw==", + "version": "2.18.0", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.18.0.tgz", + "integrity": "sha512-LLUC1TWdjVdn1weXGcSxyTR3T4+acB6tVGXT95y0nGbca4t4o/ng1wKAGTljm9VicuCVLvRlqFYXYy5GwgM7sQ==", "requires": { - "fast-fifo": "^1.1.0", - "queue-tick": "^1.0.1" + "bare-events": "^2.2.0", + "fast-fifo": "^1.3.2", + "queue-tick": "^1.0.1", + "text-decoder": "^1.1.0" } }, "strict-uri-encode": { @@ -41419,6 +41500,14 @@ "minimatch": "^3.0.4" } }, + "text-decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.1.1.tgz", + "integrity": "sha512-8zll7REEv4GDD3x4/0pW+ppIxSNs7H1J10IKFZsuOMscumCdM2a+toDGLPA3T+1+fLBql4zbt5z83GEQGGV5VA==", + "requires": { + "b4a": "^1.6.4" + } + }, "text-extensions": { "version": "2.4.0", "resolved": "https://registry.npmjs.org/text-extensions/-/text-extensions-2.4.0.tgz", diff --git a/package.json b/package.json index 96bda68515..ee9a36679b 100644 --- a/package.json +++ b/package.json @@ -116,7 +116,7 @@ "semver": "^6.0.0", "snyk-config": "^5.0.0", "snyk-cpp-plugin": "2.24.0", - "snyk-docker-plugin": "6.12.3", + "snyk-docker-plugin": "6.13.1", "snyk-go-plugin": "1.23.0", "snyk-gradle-plugin": "4.1.0", "snyk-module": "3.1.0", diff --git a/test/fixtures/container-projects/multi-project-image.tar b/test/fixtures/container-projects/multi-project-image.tar new file mode 100644 index 0000000000..e12bc4d72c Binary files /dev/null and b/test/fixtures/container-projects/multi-project-image.tar differ diff --git a/test/jest/acceptance/snyk-container/container.spec.ts b/test/jest/acceptance/snyk-container/container.spec.ts index 8194fb3e38..be553c60c7 100644 --- a/test/jest/acceptance/snyk-container/container.spec.ts +++ b/test/jest/acceptance/snyk-container/container.spec.ts @@ -145,6 +145,20 @@ describe('snyk container', () => { expect(stdout).toContain('Package manager: npm'); }); + it('npm projects target file are found in container image', async () => { + const { code, stdout, stderr } = await runSnykCLIWithDebug( + `container test docker-archive:test/fixtures/container-projects//multi-project-image.tar`, + ); + + assertCliExitCode(code, 1, stderr); + expect(stdout).toContain('Target file: /usr/goof2/package.json'); + expect(stdout).toContain('Target file: /usr/goof3/node_modules'); + expect(stdout).toContain('Target file: /usr/goof/package.json'); + expect(stdout).toContain( + 'Target file: /usr/local/lib/node_modules', + ); + }); + it('npm depGraph is generated in an npm image with lockfiles image', async () => { const { code, stdout, stderr } = await runSnykCLIWithDebug( `container test docker-archive:test/fixtures/container-projects/npm7-without-package-lock-file.tar --print-deps`, diff --git a/test/jest/acceptance/snyk-test/app-vuln-container-project.spec.ts b/test/jest/acceptance/snyk-test/app-vuln-container-project.spec.ts index 9c0efb2419..f323f3c83b 100644 --- a/test/jest/acceptance/snyk-test/app-vuln-container-project.spec.ts +++ b/test/jest/acceptance/snyk-test/app-vuln-container-project.spec.ts @@ -163,7 +163,7 @@ describe('container test projects behavior with --json flag', () => { const jsonOutput = JSON.parse(stdout); expect(Array.isArray(jsonOutput)).toBeTruthy(); - expect(jsonOutput).toHaveLength(2); + expect(jsonOutput).toHaveLength(3); expect(code).toEqual(0); }); }); diff --git a/test/jest/acceptance/snyk-test/basic-test-all-languages.spec.ts b/test/jest/acceptance/snyk-test/basic-test-all-languages.spec.ts index d2c3dd26ff..a91eb36145 100644 --- a/test/jest/acceptance/snyk-test/basic-test-all-languages.spec.ts +++ b/test/jest/acceptance/snyk-test/basic-test-all-languages.spec.ts @@ -219,19 +219,32 @@ describe('`snyk test` of basic projects for each language/ecosystem', () => { const project = await createProjectFromWorkspace(fixture); const { code, stderr, stdout } = await runSnykCLI( - 'test -d --dotnet-runtime-resolution', + 'test --dotnet-runtime-resolution --json', { cwd: project.path(), }, ); - if (code !== 0) { + // Debug output on an unexpected exit code + if (code !== 0 && code !== 1) { console.debug(stderr); console.debug('---------------------------'); console.debug(stdout); } - expect(code).toEqual(0); + // Expect an exit code of 0 or 1. Exit code 1 is possible if a new + // vulnerability is discovered in the installed version of dotnet's system + // libraries. + expect([0, 1]).toContain(code); + + // Note: dotnet plugin can print a warning about runtime resolution, which breaks JSON output. + // This replacement regex is a temporary workaround until the dotnet plugin can be fixed. + const sanitizedStdout = stdout.replace(/^[\s\S]*?{/, '{'); + const result = JSON.parse(sanitizedStdout); + expect(result?.ok).toBeDefined(); + + // Expect 'ok' to be true if exit 0, false if exit 1. + expect(result.ok).toBe(code === 0); }, );