Fixed critical vulnerabilities (#178)

* fix vulnerabilities replace npm packets * translate comments * remove ramda from dependency * fix dev dependencies @babel/traverse
testomatio · Sep 17, 2024 · 029e700 · 029e700
1 parent 740cce5
commit 029e700
Show file tree

Hide file tree

Showing 11 changed files with 5,870 additions and 10,739 deletions.
diff --git a/index.js b/index.js
@@ -1,7 +1,7 @@
 const core = require('@actions/core');
 const exec = require('@actions/exec');
 const github = require('@actions/github');
-const arrayCompare = require('array-compare');
+const { arrayCompare } = require('./src/lib/utils');
 
 const PullRequest = require('./src/pullRequest');
 const Comment = require('./src/comment');
@@ -21,15 +21,15 @@ async function run() {
   const [owner, repo] = repoUrl.split('/');
   const octokit = new github.GitHub(core.getInput('token', { required: true }));
 
-  let nodiff = core.getInput('nodiff');
+  const nodiff = core.getInput('nodiff');
   const framework = core.getInput('framework', { required: true });
   const pattern = core.getInput('tests', { required: true });
   const apiKey = core.getInput('testomatio-key');
   const ghPat = core.getInput('github-pat');
   const enableDocumentation = core.getInput('enable-documentation');
   const wikiFile = core.getInput('wiki-doc-name') || 'Tests';
-  const docBranch =
-    core.getInput('documentation-branch') || (await octokit.repos.get({ owner, repo })).data.default_branch;
+  /* prettier-ignore */
+  const docBranch = core.getInput('documentation-branch') || (await octokit.repos.get({ owner, repo })).data.default_branch;
   const pullRequest = new PullRequest(core.getInput('token', { required: true }));
   const analyzer = new Analyzer(framework, mainRepoPath);
 
@@ -89,9 +89,8 @@ async function run() {
     const commentOnSkipped = core.getInput('comment-on-skipped');
     const closeOnEmpty = core.getInput('close-on-empty');
     const closeOnSkipped = core.getInput('close-on-skipped');
-
-    const isEmpty =
-      !diff.added.length && !diff.missing.length && !skippedDiff.added.length && !skippedDiff.missing.length;
+    /* prettier-ignore */
+    const isEmpty = !diff.added.length && !diff.missing.length && !skippedDiff.added.length && !skippedDiff.missing.length;
 
     if (commentOnEmpty && commentOnEmpty !== 'true' && isEmpty) {
       comment.write(commentOnEmpty);

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -34,9 +34,8 @@
     "@babel/core": "^7.15.5",
     "@babel/parser": "^7.15.7",
     "@typescript-eslint/typescript-estree": "^5.3.1",
-    "array-compare": "^2.0.0",
     "babel-eslint": "^10.1.0",
-    "babel-traverse": "^6.26.0",
+    "@babel/traverse": "^7.23.2",
     "chalk": "^4.1.2",
     "commander": "^8.2.0",
     "debug": "^4.3.4",
@@ -52,7 +51,7 @@
     "@actions/github": "^5.0.0",
     "@actions/io": "^1.1.1",
     "@actions/tool-cache": "^1.7.1",
-    "@testomatio/reporter": "^0.8.0-beta.15",
+    "@testomatio/reporter": "^1.5.1",
     "@zeit/ncc": "^0.22.3",
     "babel-preset-es2015": "^6.24.1",
     "chai": "^4.3.4",

diff --git a/src/lib/frameworks/codeceptjs.js b/src/lib/frameworks/codeceptjs.js
@@ -1,4 +1,4 @@
-const traverse = require('babel-traverse');
+const traverse = require('@babel/traverse');
 const CommentError = require('../../errors/comment.error');
 const {
   getUpdatePoint,
@@ -27,13 +27,13 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
     beforeCode = beforeCode ?? '';
     beforeSuiteCode = beforeSuiteCode ?? '';
     afterSuiteCode = afterSuiteCode ?? '';
-
+    /* prettier-ignore */
     code = noHooks
       ? getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
       : beforeSuiteCode
-        + beforeCode
-        + getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
-        + afterSuiteCode;
+      + beforeCode
+      + getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
+      + afterSuiteCode;
 
     if (hasStringOrTemplateArgument(path.container)) {
       const testName = getStringValue(path.container);
@@ -83,9 +83,10 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
         if (['Scenario'].includes(name)) {
           const line = getLineNumber(path);
           throw new CommentError(
+            /* prettier-ignore */
             'Exclusive tests detected. `.only` call found in '
-              + `${file}:${line}\n`
-              + 'Remove `.only` to restore test checks',
+            + `${file}:${line}\n`
+            + 'Remove `.only` to restore test checks',
           );
         }
       }
@@ -128,6 +129,7 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
 
       if (path.isIdentifier({ name: 'tag' })) {
         if (
+          /* prettier-ignore */
           !path.parentPath.container
           || !path.parentPath.container.arguments
           || !path.parentPath.container.arguments[0]

diff --git a/src/lib/frameworks/jasmine.js b/src/lib/frameworks/jasmine.js
@@ -1,4 +1,4 @@
-const traverse = require('babel-traverse');
+const traverse = require('@babel/traverse');
 const CommentError = require('../../errors/comment.error');
 const {
   getUpdatePoint,
@@ -36,18 +36,20 @@ module.exports = (ast, file = '', source = '') => {
       if (path.isIdentifier({ name: 'fdescribe' })) {
         const line = getLineNumber(path);
         throw new CommentError(
+          /* prettier-ignore */
           'Exclusive tests detected. `fdescribe` call found in '
-            + `${file}:${line}\n`
-            + 'Remove `fdescibe` to restore test checks',
+          + `${file}:${line}\n`
+          + 'Remove `fdescibe` to restore test checks',
         );
       }
 
       if (path.isIdentifier({ name: 'fit' })) {
         const line = getLineNumber(path);
         throw new CommentError(
+          /* prettier-ignore */
           'Exclusive tests detected. `fit` call found in '
-            + `${file}:${line}\n`
-            + 'Remove `fit` to restore test checks',
+          + `${file}:${line}\n`
+          + 'Remove `fit` to restore test checks',
         );
       }
 

diff --git a/src/lib/frameworks/jest.js b/src/lib/frameworks/jest.js
@@ -1,4 +1,4 @@
-const traverse = require('babel-traverse');
+const traverse = require('@babel/traverse');
 const CommentError = require('../../errors/comment.error');
 const {
   getStringValue,
@@ -68,9 +68,10 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
         if (['describe', 'it', 'context', 'test'].includes(name)) {
           const line = getLineNumber(path);
           throw new CommentError(
+            /* prettier-ignore */
             'Exclusive tests detected. `.only` call found in '
-              + `${file}:${line}\n`
-              + 'Remove `.only` to restore test checks',
+            + `${file}:${line}\n`
+            + 'Remove `.only` to restore test checks',
           );
         }
       }
@@ -134,13 +135,13 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
         beforeCode = beforeCode ?? '';
         beforeEachCode = beforeEachCode ?? '';
         afterCode = afterCode ?? '';
-
+        /* prettier-ignore */
         code = noHooks
           ? getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
           : beforeEachCode
-            + beforeCode
-            + getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
-            + afterCode;
+          + beforeCode
+          + getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
+          + afterCode;
 
         const testName = getStringValue(path.parent);
         tests.push({

diff --git a/src/lib/frameworks/mocha.js b/src/lib/frameworks/mocha.js
@@ -1,4 +1,4 @@
-const traverse = require('babel-traverse');
+const traverse = require('@babel/traverse');
 const CommentError = require('../../errors/comment.error');
 const {
   getStringValue,
@@ -43,7 +43,12 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
       }
 
       if (path.isIdentifier({ name: 'beforeEach' })) {
-        beforeEachCode = getCode(source, getLineNumber(path.parentPath), getEndLineNumber(path.parentPath), isLineNumber);
+        beforeEachCode = getCode(
+          source,
+          getLineNumber(path.parentPath),
+          getEndLineNumber(path.parentPath),
+          isLineNumber,
+        );
       }
 
       if (path.isIdentifier({ name: 'after' })) {
@@ -64,9 +69,10 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
         if (['describe', 'it', 'context'].includes(name)) {
           const line = getLineNumber(path);
           throw new CommentError(
+            /* prettier-ignore */
             'Exclusive tests detected. `.only` call found in '
-              + `${file}:${line}\n`
-              + 'Remove `.only` to restore test checks',
+            + `${file}:${line}\n`
+            + 'Remove `.only` to restore test checks',
           );
         }
       }
@@ -126,13 +132,13 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
         beforeCode = beforeCode ?? '';
         beforeEachCode = beforeEachCode ?? '';
         afterCode = afterCode ?? '';
-
+        /* prettier-ignore */
         code = noHooks
           ? getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
           : beforeEachCode
-            + beforeCode
-            + getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
-            + afterCode;
+          + beforeCode
+          + getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
+          + afterCode;
 
         tests.push({
           name: testName,

diff --git a/src/lib/frameworks/playwright.js b/src/lib/frameworks/playwright.js
@@ -1,4 +1,4 @@
-const traverse = require('babel-traverse');
+const traverse = require('@babel/traverse');
 const CommentError = require('../../errors/comment.error');
 const {
   getStringValue,
@@ -77,18 +77,16 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
         if (!path.parent || !path.parent.object) {
           return;
         }
-
-        const name =
-          path.parent?.object?.name ||
-          path.parent?.object?.callee?.object?.name ||
-          path.container?.object?.property?.name;
+        /* prettier-ignore */
+        const name = path.parent?.object?.name || path.parent?.object?.callee?.object?.name || path.container?.object?.property?.name;
 
         if (['describe', 'it', 'context', 'test'].includes(name)) {
           const line = getLineNumber(path);
           throw new CommentError(
-            'Exclusive tests detected. `.only` call found in ' +
-              `${file}:${line}\n` +
-              'Remove `.only` to restore test checks',
+            /* prettier-ignore */
+            'Exclusive tests detected. `.only` call found in '
+            + `${file}:${line}\n`
+            + 'Remove `.only` to restore test checks',
           );
         }
       }
@@ -97,9 +95,8 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
         if (!path.parent || !path.parent.object) {
           return;
         }
-
-        const name =
-          path.parent.object.name || path.parent.object.property.name || path.parent.object.callee.object.name;
+        /* prettier-ignore */
+        const name = path.parent.object.name || path.parent.object.property.name || path.parent.object.callee.object.name;
 
         if (name === 'test' || name === 'it') {
           // test or it
@@ -133,9 +130,8 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
         if (!path.parent || !path.parent.object) {
           return;
         }
-
-        const name =
-          path.parent.object.name || path.parent.object.property.name || path.parent.object.callee.object.name;
+        /* prettier-ignore */
+        const name = path.parent.object.name || path.parent.object.property.name || path.parent.object.callee.object.name;
 
         if (name === 'test' || name === 'it') {
           // test or it
@@ -196,13 +192,13 @@ module.exports = (ast, file = '', source = '', opts = {}) => {
         beforeCode = beforeCode ?? '';
         beforeEachCode = beforeEachCode ?? '';
         afterCode = afterCode ?? '';
-
+        /* prettier-ignore */
         code = noHooks
           ? getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
-          : beforeEachCode +
-            beforeCode +
-            getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber) +
-            afterCode;
+          : beforeEachCode
+          + beforeCode
+          + getCode(source, getLineNumber(path), getEndLineNumber(path), isLineNumber)
+          + afterCode;
 
         const testName = getStringValue(path.parent);
 

diff --git a/src/lib/frameworks/qunit.js b/src/lib/frameworks/qunit.js
@@ -1,4 +1,4 @@
-const traverse = require('babel-traverse');
+const traverse = require('@babel/traverse');
 const CommentError = require('../../errors/comment.error');
 const {
   getStringValue,
@@ -33,9 +33,10 @@ module.exports = (ast, file = '', source = '') => {
         if (['describe', 'it', 'context', 'test'].includes(name)) {
           const line = getLineNumber(path);
           throw new CommentError(
+            /* prettier-ignore */
             'Exclusive tests detected. `.only` call found in '
-              + `${file}:${line}\n`
-              + 'Remove `.only` to restore test checks',
+            + `${file}:${line}\n`
+            + 'Remove `.only` to restore test checks',
           );
         }
       }

diff --git a/src/lib/frameworks/testcafe.js b/src/lib/frameworks/testcafe.js
@@ -1,4 +1,4 @@
-const traverse = require('babel-traverse');
+const traverse = require('@babel/traverse');
 const {
   getLineNumber,
   getEndLineNumber,

diff --git a/src/lib/utils.js b/src/lib/utils.js
@@ -118,6 +118,7 @@ function replaceAtPoint(subject, replaceAt, replaceTo) {
   if (updateLine.includes('|')) {
     lines[replaceAt.line - 1] = updateLine.replace(' |', `${replaceTo} |`);
   } else {
+    /* prettier-ignore */
     lines[replaceAt.line - 1] = updateLine.substring(0, replaceAt.column) + replaceTo + updateLine.substring(replaceAt.column);
   }
   return lines.join('\n');
@@ -159,6 +160,54 @@ const playwright = {
   },
 };
 
+const arrayCompare = function (a, b, id) {
+  const missing = [];
+  const found = [];
+  let added = [];
+
+  // If 'a' is an object, extract fields a, b, and id
+  if (typeof a === 'object' && !Array.isArray(a)) {
+    ({ a, b, id } = a);
+  }
+
+  // Create a copy of 'b' for modification
+  const bCopy = [...b];
+
+  // Iterate over array 'a' to find matches
+  a.forEach(aItem => {
+    let bIndex = -1;
+
+    if (id) {
+      // If an identifier is specified, find an object with the same 'id'
+      bIndex = bCopy.findIndex(bItem => bItem[id] === aItem[id]);
+    } else {
+      // If no identifier is specified, find an exact match
+      bIndex = bCopy.indexOf(aItem);
+    }
+
+    if (bIndex !== -1) {
+      // Add to 'found' and remove the found element from bCopy
+      found.push({
+        a: aItem,
+        b: bCopy[bIndex],
+      });
+      bCopy.splice(bIndex, 1); // Remove element from bCopy
+    } else {
+      // Add to 'missing' if the element is not found
+      missing.push({ a: aItem });
+    }
+  });
+
+  // Everything left in bCopy is added to 'added'
+  added = bCopy.map(bItem => ({ b: bItem }));
+
+  return {
+    found,
+    missing,
+    added,
+  };
+};
+
 module.exports = {
   hasStringArgument,
   hasTemplateQuasi,
@@ -174,4 +223,5 @@ module.exports = {
   replaceAtPoint,
   cleanAtPoint,
   playwright,
+  arrayCompare,
 };