From 276644eb3ca8923985e9f86ac09bab3a0a2bfad5 Mon Sep 17 00:00:00 2001
From: Federico Rodriguez <federico.rodriguez@wazuh.com>
Date: Fri, 17 May 2024 20:15:24 +0200
Subject: [PATCH 01/10] Add sanitization process to SVG files

---
 .../controllers/wazuh-utils/wazuh-utils.ts    | 280 ++++++++++++------
 plugins/main/server/lib/sanitizer.ts          |  10 +
 plugins/main/server/plugin.ts                 | 133 ++++++---
 plugins/main/server/start/index.ts            |   3 +-
 .../start/sanitize-uploaded-files/index.ts    |   7 +
 .../sanitize-svg.test.ts                      |   1 +
 .../sanitize-uploaded-files/sanitize-svg.ts   |  94 ++++++
 7 files changed, 406 insertions(+), 122 deletions(-)
 create mode 100644 plugins/main/server/lib/sanitizer.ts
 create mode 100644 plugins/main/server/start/sanitize-uploaded-files/index.ts
 create mode 100644 plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts
 create mode 100644 plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts

diff --git a/plugins/main/server/controllers/wazuh-utils/wazuh-utils.ts b/plugins/main/server/controllers/wazuh-utils/wazuh-utils.ts
index dfaba3b656..be5a566ee9 100644
--- a/plugins/main/server/controllers/wazuh-utils/wazuh-utils.ts
+++ b/plugins/main/server/controllers/wazuh-utils/wazuh-utils.ts
@@ -16,9 +16,17 @@ import { getConfiguration } from '../../lib/get-configuration';
 import { read } from 'read-last-lines';
 import { UpdateConfigurationFile } from '../../lib/update-configuration';
 import jwtDecode from 'jwt-decode';
-import { WAZUH_ROLE_ADMINISTRATOR_ID, WAZUH_DATA_LOGS_RAW_PATH, PLUGIN_SETTINGS } from '../../../common/constants';
+import {
+  WAZUH_ROLE_ADMINISTRATOR_ID,
+  WAZUH_DATA_LOGS_RAW_PATH,
+  PLUGIN_SETTINGS,
+} from '../../../common/constants';
 import { ManageHosts } from '../../lib/manage-hosts';
-import { OpenSearchDashboardsRequest, RequestHandlerContext, OpenSearchDashboardsResponseFactory } from 'src/core/server';
+import {
+  OpenSearchDashboardsRequest,
+  RequestHandlerContext,
+  OpenSearchDashboardsResponseFactory,
+} from 'src/core/server';
 import { getCookieValueByName } from '../../lib/cookie';
 import fs from 'fs';
 import path from 'path';
@@ -26,6 +34,8 @@ import { createDirectoryIfNotExists } from '../../lib/filesystem';
 import glob from 'glob';
 import { getFileExtensionFromBuffer } from '../../../common/services/file-extension';
 
+import { sanitizeSVG } from '../../lib/sanitizer';
+
 const updateConfigurationFile = new UpdateConfigurationFile();
 
 // TODO: these controllers have no logs. We should include them.
@@ -45,7 +55,11 @@ export class WazuhUtilsCtrl {
    * @param {Object} response
    * @returns {Object} Configuration File or ErrorResponse
    */
-  getConfigurationFile(context: RequestHandlerContext, request: OpenSearchDashboardsRequest, response: OpenSearchDashboardsResponseFactory) {
+  getConfigurationFile(
+    context: RequestHandlerContext,
+    request: OpenSearchDashboardsRequest,
+    response: OpenSearchDashboardsResponseFactory,
+  ) {
     try {
       const configFile = getConfiguration();
 
@@ -53,8 +67,8 @@ export class WazuhUtilsCtrl {
         body: {
           statusCode: 200,
           error: 0,
-          data: configFile || {}
-        }
+          data: configFile || {},
+        },
       });
     } catch (error) {
       return ErrorResponse(error.message || error, 3019, 500, response);
@@ -68,35 +82,74 @@ export class WazuhUtilsCtrl {
    * @param {Object} response
    * @returns {Object} Configuration File or ErrorResponse
    */
-  updateConfigurationFile = this.routeDecoratorProtectedAdministratorRoleValidToken(
-    async (context: RequestHandlerContext, request: OpenSearchDashboardsRequest, response: OpenSearchDashboardsResponseFactory) => {
-
-      let requiresRunningHealthCheck: boolean = false,
-        requiresReloadingBrowserTab: boolean = false,
-        requiresRestartingPluginPlatform: boolean = false;
-
-      // Plugin settings configurables in the configuration file.
-      const pluginSettingsConfigurableFile = Object.keys(request.body)
-        .filter(pluginSettingKey => PLUGIN_SETTINGS[pluginSettingKey].isConfigurableFromFile)
-        .reduce((accum, pluginSettingKey: string) => ({ ...accum, [pluginSettingKey]: request.body[pluginSettingKey] }), {});
+  updateConfigurationFile =
+    this.routeDecoratorProtectedAdministratorRoleValidToken(
+      async (
+        context: RequestHandlerContext,
+        request: OpenSearchDashboardsRequest,
+        response: OpenSearchDashboardsResponseFactory,
+      ) => {
+        let requiresRunningHealthCheck: boolean = false,
+          requiresReloadingBrowserTab: boolean = false,
+          requiresRestartingPluginPlatform: boolean = false;
 
-      if (Object.keys(pluginSettingsConfigurableFile).length) {
-        // Update the configuration file.
-        await updateConfigurationFile.updateConfiguration(pluginSettingsConfigurableFile);
+        // Plugin settings configurables in the configuration file.
+        const pluginSettingsConfigurableFile = Object.keys(request.body)
+          .filter(
+            pluginSettingKey =>
+              PLUGIN_SETTINGS[pluginSettingKey].isConfigurableFromFile,
+          )
+          .reduce(
+            (accum, pluginSettingKey: string) => ({
+              ...accum,
+              [pluginSettingKey]: request.body[pluginSettingKey],
+            }),
+            {},
+          );
 
-        requiresRunningHealthCheck = Object.keys(pluginSettingsConfigurableFile).some((pluginSettingKey: string) => Boolean(PLUGIN_SETTINGS[pluginSettingKey].requiresRunningHealthCheck)) || requiresRunningHealthCheck;
-        requiresReloadingBrowserTab = Object.keys(pluginSettingsConfigurableFile).some((pluginSettingKey: string) => Boolean(PLUGIN_SETTINGS[pluginSettingKey].requiresReloadingBrowserTab)) || requiresReloadingBrowserTab;
-        requiresRestartingPluginPlatform = Object.keys(pluginSettingsConfigurableFile).some((pluginSettingKey: string) => Boolean(PLUGIN_SETTINGS[pluginSettingKey].requiresRestartingPluginPlatform)) || requiresRestartingPluginPlatform;
-      };
+        if (Object.keys(pluginSettingsConfigurableFile).length) {
+          // Update the configuration file.
+          await updateConfigurationFile.updateConfiguration(
+            pluginSettingsConfigurableFile,
+          );
 
-      return response.ok({
-        body: {
-          data: { requiresRunningHealthCheck, requiresReloadingBrowserTab, requiresRestartingPluginPlatform, updatedConfiguration: pluginSettingsConfigurableFile }
+          requiresRunningHealthCheck =
+            Object.keys(pluginSettingsConfigurableFile).some(
+              (pluginSettingKey: string) =>
+                Boolean(
+                  PLUGIN_SETTINGS[pluginSettingKey].requiresRunningHealthCheck,
+                ),
+            ) || requiresRunningHealthCheck;
+          requiresReloadingBrowserTab =
+            Object.keys(pluginSettingsConfigurableFile).some(
+              (pluginSettingKey: string) =>
+                Boolean(
+                  PLUGIN_SETTINGS[pluginSettingKey].requiresReloadingBrowserTab,
+                ),
+            ) || requiresReloadingBrowserTab;
+          requiresRestartingPluginPlatform =
+            Object.keys(pluginSettingsConfigurableFile).some(
+              (pluginSettingKey: string) =>
+                Boolean(
+                  PLUGIN_SETTINGS[pluginSettingKey]
+                    .requiresRestartingPluginPlatform,
+                ),
+            ) || requiresRestartingPluginPlatform;
         }
-      });
-    },
-    3021
-  )
+
+        return response.ok({
+          body: {
+            data: {
+              requiresRunningHealthCheck,
+              requiresReloadingBrowserTab,
+              requiresRestartingPluginPlatform,
+              updatedConfiguration: pluginSettingsConfigurableFile,
+            },
+          },
+        });
+      },
+      3021,
+    );
 
   /**
    * Returns Wazuh app logs
@@ -105,22 +158,23 @@ export class WazuhUtilsCtrl {
    * @param {Object} response
    * @returns {Array<String>} app logs or ErrorResponse
    */
-  async getAppLogs(context: RequestHandlerContext, request: OpenSearchDashboardsRequest, response: OpenSearchDashboardsResponseFactory) {
+  async getAppLogs(
+    context: RequestHandlerContext,
+    request: OpenSearchDashboardsRequest,
+    response: OpenSearchDashboardsResponseFactory,
+  ) {
     try {
-      const lastLogs = await read(
-        WAZUH_DATA_LOGS_RAW_PATH,
-        50
-      );
+      const lastLogs = await read(WAZUH_DATA_LOGS_RAW_PATH, 50);
       const spliterLog = lastLogs.split('\n');
       return spliterLog && Array.isArray(spliterLog)
         ? response.ok({
-          body: {
-            error: 0,
-            lastLogs: spliterLog.filter(
-              item => typeof item === 'string' && item.length
-            )
-          }
-        })
+            body: {
+              error: 0,
+              lastLogs: spliterLog.filter(
+                item => typeof item === 'string' && item.length,
+              ),
+            },
+          })
         : response.ok({ error: 0, lastLogs: [] });
     } catch (error) {
       return ErrorResponse(error.message || error, 3036, 500, response);
@@ -135,25 +189,44 @@ export class WazuhUtilsCtrl {
    * @returns {Object} Configuration File or ErrorResponse
    */
   uploadFile = this.routeDecoratorProtectedAdministratorRoleValidToken(
-    async (context: RequestHandlerContext, request: KibanaRequest, response: KibanaResponseFactory) => {
+    async (
+      context: RequestHandlerContext,
+      request: KibanaRequest,
+      response: KibanaResponseFactory,
+    ) => {
       const { key } = request.params;
-      const { file: bufferFile } = request.body;
+      let { file: bufferFile } = request.body;
       const pluginSetting = PLUGIN_SETTINGS[key];
 
       // Check file extension
       const fileExtension = getFileExtensionFromBuffer(bufferFile);
 
       // Check if the extension is valid for the setting.
-      if (!pluginSetting.options.file.extensions.includes(`.${fileExtension}`)) {
+      if (
+        !pluginSetting.options.file.extensions.includes(`.${fileExtension}`)
+      ) {
         return response.badRequest({
-          body: `File extension is not valid for setting [${key}] setting. Allowed file extensions: ${pluginSetting.options.file.extensions.join(', ')}`
+          body: `File extension is not valid for setting [${key}] setting. Allowed file extensions: ${pluginSetting.options.file.extensions.join(
+            ', ',
+          )}`,
         });
-      };
+      }
+
+      // Sanitize SVG content to prevent prevents XSS attacks
+      if (fileExtension === 'svg') {
+        const svgString = bufferFile.toString();
+        const cleanSVG = sanitizeSVG(svgString);
+        bufferFile = Buffer.from(cleanSVG);
+      }
 
       const fileNamePath = `${key}.${fileExtension}`;
 
       // Create target directory
-      const targetDirectory = path.join(__dirname, '../../..', pluginSetting.options.file.store.relativePathFileSystem);
+      const targetDirectory = path.join(
+        __dirname,
+        '../../..',
+        pluginSetting.options.file.store.relativePathFileSystem,
+      );
       createDirectoryIfNotExists(targetDirectory);
       // Get the files related to the setting and remove them
       const files = glob.sync(path.join(targetDirectory, `${key}.*`));
@@ -163,24 +236,33 @@ export class WazuhUtilsCtrl {
       fs.writeFileSync(path.join(targetDirectory, fileNamePath), bufferFile);
 
       // Update the setting in the configuration cache
-      const pluginSettingValue = pluginSetting.options.file.store.resolveStaticURL(fileNamePath);
-      await updateConfigurationFile.updateConfiguration({ [key]: pluginSettingValue });
+      const pluginSettingValue =
+        pluginSetting.options.file.store.resolveStaticURL(fileNamePath);
+      await updateConfigurationFile.updateConfiguration({
+        [key]: pluginSettingValue,
+      });
 
       return response.ok({
         body: {
           data: {
-            requiresRunningHealthCheck: Boolean(pluginSetting.requiresRunningHealthCheck),
-            requiresReloadingBrowserTab: Boolean(pluginSetting.requiresReloadingBrowserTab),
-            requiresRestartingPluginPlatform: Boolean(pluginSetting.requiresRestartingPluginPlatform),
+            requiresRunningHealthCheck: Boolean(
+              pluginSetting.requiresRunningHealthCheck,
+            ),
+            requiresReloadingBrowserTab: Boolean(
+              pluginSetting.requiresReloadingBrowserTab,
+            ),
+            requiresRestartingPluginPlatform: Boolean(
+              pluginSetting.requiresRestartingPluginPlatform,
+            ),
             updatedConfiguration: {
-              [key]: pluginSettingValue
-            }
-          }
-        }
+              [key]: pluginSettingValue,
+            },
+          },
+        },
       });
     },
-    3022
-  )
+    3022,
+  );
 
   /**
    * Delete a file
@@ -190,64 +272,96 @@ export class WazuhUtilsCtrl {
    * @returns {Object} Configuration File or ErrorResponse
    */
   deleteFile = this.routeDecoratorProtectedAdministratorRoleValidToken(
-    async (context: RequestHandlerContext, request: KibanaRequest, response: KibanaResponseFactory) => {
+    async (
+      context: RequestHandlerContext,
+      request: KibanaRequest,
+      response: KibanaResponseFactory,
+    ) => {
       const { key } = request.params;
       const pluginSetting = PLUGIN_SETTINGS[key];
 
       // Get the files related to the setting and remove them
-      const targetDirectory = path.join(__dirname, '../../..', pluginSetting.options.file.store.relativePathFileSystem);
+      const targetDirectory = path.join(
+        __dirname,
+        '../../..',
+        pluginSetting.options.file.store.relativePathFileSystem,
+      );
       const files = glob.sync(path.join(targetDirectory, `${key}.*`));
       files.forEach(fs.unlinkSync);
 
       // Update the setting in the configuration cache
       const pluginSettingValue = pluginSetting.defaultValue;
-      await updateConfigurationFile.updateConfiguration({ [key]: pluginSettingValue });
+      await updateConfigurationFile.updateConfiguration({
+        [key]: pluginSettingValue,
+      });
 
       return response.ok({
         body: {
-          message: 'All files were removed and the configuration file was updated.',
+          message:
+            'All files were removed and the configuration file was updated.',
           data: {
-            requiresRunningHealthCheck: Boolean(pluginSetting.requiresRunningHealthCheck),
-            requiresReloadingBrowserTab: Boolean(pluginSetting.requiresReloadingBrowserTab),
-            requiresRestartingPluginPlatform: Boolean(pluginSetting.requiresRestartingPluginPlatform),
+            requiresRunningHealthCheck: Boolean(
+              pluginSetting.requiresRunningHealthCheck,
+            ),
+            requiresReloadingBrowserTab: Boolean(
+              pluginSetting.requiresReloadingBrowserTab,
+            ),
+            requiresRestartingPluginPlatform: Boolean(
+              pluginSetting.requiresRestartingPluginPlatform,
+            ),
             updatedConfiguration: {
-              [key]: pluginSettingValue
-            }
-          }
-        }
+              [key]: pluginSettingValue,
+            },
+          },
+        },
       });
     },
-    3023
-  )
+    3023,
+  );
 
-  private routeDecoratorProtectedAdministratorRoleValidToken(routeHandler, errorCode: number) {
+  private routeDecoratorProtectedAdministratorRoleValidToken(
+    routeHandler,
+    errorCode: number,
+  ) {
     return async (context, request, response) => {
       try {
         // Check if user has administrator role in token
         const token = getCookieValueByName(request.headers.cookie, 'wz-token');
         if (!token) {
           return ErrorResponse('No token provided', 401, 401, response);
-        };
+        }
         const decodedToken = jwtDecode(token);
         if (!decodedToken) {
           return ErrorResponse('No permissions in token', 401, 401, response);
-        };
-        if (!decodedToken.rbac_roles || !decodedToken.rbac_roles.includes(WAZUH_ROLE_ADMINISTRATOR_ID)) {
+        }
+        if (
+          !decodedToken.rbac_roles ||
+          !decodedToken.rbac_roles.includes(WAZUH_ROLE_ADMINISTRATOR_ID)
+        ) {
           return ErrorResponse('No administrator role', 401, 401, response);
-        };
+        }
         // Check the provided token is valid
-        const apiHostID = getCookieValueByName(request.headers.cookie, 'wz-api');
+        const apiHostID = getCookieValueByName(
+          request.headers.cookie,
+          'wz-api',
+        );
         if (!apiHostID) {
           return ErrorResponse('No API id provided', 401, 401, response);
-        };
-        const responseTokenIsWorking = await context.wazuh.api.client.asCurrentUser.request('GET', '/', {}, { apiHostID });
+        }
+        const responseTokenIsWorking =
+          await context.wazuh.api.client.asCurrentUser.request(
+            'GET',
+            '/',
+            {},
+            { apiHostID },
+          );
         if (responseTokenIsWorking.status !== 200) {
           return ErrorResponse('Token is not valid', 401, 401, response);
-        };
-        return await routeHandler(context, request, response)
+        }
+        return await routeHandler(context, request, response);
       } catch (error) {
         return ErrorResponse(error.message || error, errorCode, 500, response);
       }
-    }
+    };
   }
 }
diff --git a/plugins/main/server/lib/sanitizer.ts b/plugins/main/server/lib/sanitizer.ts
new file mode 100644
index 0000000000..2de6bcc909
--- /dev/null
+++ b/plugins/main/server/lib/sanitizer.ts
@@ -0,0 +1,10 @@
+import createDOMPurify from 'dompurify';
+import { JSDOM } from 'jsdom';
+
+function sanitizeCSV(svgString: string) {
+  const window = new JSDOM('').window;
+  const DOMPurify = createDOMPurify(window);
+  const cleanSVG = DOMPurify.sanitize(svgString);
+  return cleanSVG;
+}
+export { sanitizeCSV };
diff --git a/plugins/main/server/plugin.ts b/plugins/main/server/plugin.ts
index 788d281ea2..b754085f69 100644
--- a/plugins/main/server/plugin.ts
+++ b/plugins/main/server/plugin.ts
@@ -29,9 +29,16 @@ import {
 import { WazuhPluginSetup, WazuhPluginStart, PluginSetup } from './types';
 import { SecurityObj, ISecurityFactory } from './lib/security-factory';
 import { setupRoutes } from './routes';
-import { jobInitializeRun, jobMonitoringRun, jobSchedulerRun, jobQueueRun, jobMigrationTasksRun } from './start';
+import {
+  jobInitializeRun,
+  jobMonitoringRun,
+  jobSchedulerRun,
+  jobQueueRun,
+  jobMigrationTasksRun,
+  jobSanitizeUploadedFilesTasksRun,
+} from './start';
 import { getCookieValueByName } from './lib/cookie';
-import * as ApiInterceptor  from './lib/api-interceptor';
+import * as ApiInterceptor from './lib/api-interceptor';
 import { schema, TypeOf } from '@osd/config-schema';
 import type { Observable } from 'rxjs';
 import { first } from 'rxjs/operators';
@@ -39,21 +46,31 @@ import { first } from 'rxjs/operators';
 declare module 'opensearch_dashboards/server' {
   interface RequestHandlerContext {
     wazuh: {
-      logger: Logger,
-      plugins: PluginSetup,
-      security: ISecurityFactory
+      logger: Logger;
+      plugins: PluginSetup;
+      security: ISecurityFactory;
       api: {
         client: {
           asInternalUser: {
-            authenticate: (apiHostID: string) => Promise<string>
-            request: (method: string, path: string, data: any, options: {apiHostID: string, forceRefresh?:boolean}) => Promise<any>
-          },
+            authenticate: (apiHostID: string) => Promise<string>;
+            request: (
+              method: string,
+              path: string,
+              data: any,
+              options: { apiHostID: string; forceRefresh?: boolean },
+            ) => Promise<any>;
+          };
           asCurrentUser: {
-            authenticate: (apiHostID: string) => Promise<string>
-            request: (method: string, path: string, data: any, options: {apiHostID: string, forceRefresh?:boolean}) => Promise<any>
-          }
-        }
-      }
+            authenticate: (apiHostID: string) => Promise<string>;
+            request: (
+              method: string,
+              path: string,
+              data: any,
+              options: { apiHostID: string; forceRefresh?: boolean },
+            ) => Promise<any>;
+          };
+        };
+      };
     };
   }
 }
@@ -82,15 +99,35 @@ export class WazuhPlugin implements Plugin<WazuhPluginSetup, WazuhPluginStart> {
         api: {
           client: {
             asInternalUser: {
-              authenticate: async (apiHostID) => await ApiInterceptor.authenticate(apiHostID),
-              request: async (method, path, data, options) => await ApiInterceptor.requestAsInternalUser(method, path, data, options),
+              authenticate: async apiHostID =>
+                await ApiInterceptor.authenticate(apiHostID),
+              request: async (method, path, data, options) =>
+                await ApiInterceptor.requestAsInternalUser(
+                  method,
+                  path,
+                  data,
+                  options,
+                ),
             },
             asCurrentUser: {
-              authenticate: async (apiHostID) => await ApiInterceptor.authenticate(apiHostID, (await wazuhSecurity.getCurrentUser(request, context)).authContext),
-              request: async (method, path, data, options) => await ApiInterceptor.requestAsCurrentUser(method, path, data, {...options, token: getCookieValueByName(request.headers.cookie, 'wz-token')}),
-            }
-          }
-        }
+              authenticate: async apiHostID =>
+                await ApiInterceptor.authenticate(
+                  apiHostID,
+                  (
+                    await wazuhSecurity.getCurrentUser(request, context)
+                  ).authContext,
+                ),
+              request: async (method, path, data, options) =>
+                await ApiInterceptor.requestAsCurrentUser(method, path, data, {
+                  ...options,
+                  token: getCookieValueByName(
+                    request.headers.cookie,
+                    'wz-token',
+                  ),
+                }),
+            },
+          },
+        },
       };
     });
 
@@ -110,18 +147,28 @@ export class WazuhPlugin implements Plugin<WazuhPluginSetup, WazuhPluginStart> {
   }
 
   public async start(core: CoreStart) {
-    const globalConfiguration: SharedGlobalConfig = await this.initializerContext.config.legacy.globalConfig$.pipe(first()).toPromise();
+    const globalConfiguration: SharedGlobalConfig =
+      await this.initializerContext.config.legacy.globalConfig$
+        .pipe(first())
+        .toPromise();
     const wazuhApiClient = {
       client: {
         asInternalUser: {
-          authenticate: async (apiHostID) => await ApiInterceptor.authenticate(apiHostID),
-          request: async (method, path, data, options) => await ApiInterceptor.requestAsInternalUser(method, path, data, options),
-        }
-      }
+          authenticate: async apiHostID =>
+            await ApiInterceptor.authenticate(apiHostID),
+          request: async (method, path, data, options) =>
+            await ApiInterceptor.requestAsInternalUser(
+              method,
+              path,
+              data,
+              options,
+            ),
+        },
+      },
     };
 
     const contextServer = {
-      config: globalConfiguration
+      config: globalConfiguration,
     };
 
     // Initialize
@@ -129,19 +176,29 @@ export class WazuhPlugin implements Plugin<WazuhPluginSetup, WazuhPluginStart> {
       core,
       wazuh: {
         logger: this.logger.get('initialize'),
-        api: wazuhApiClient
+        api: wazuhApiClient,
       },
-      server: contextServer
+      server: contextServer,
+    });
+
+    // Sanitize uploaded files tasks
+    jobSanitizeUploadedFilesTasksRun({
+      core,
+      wazuh: {
+        logger: this.logger.get('sanitize-uploaded-files-task'),
+        api: wazuhApiClient,
+      },
+      server: contextServer,
     });
 
     // Migration tasks
     jobMigrationTasksRun({
-      core, 
+      core,
       wazuh: {
         logger: this.logger.get('migration-task'),
-        api: wazuhApiClient
+        api: wazuhApiClient,
       },
-      server: contextServer
+      server: contextServer,
     });
 
     // Monitoring
@@ -149,9 +206,9 @@ export class WazuhPlugin implements Plugin<WazuhPluginSetup, WazuhPluginStart> {
       core,
       wazuh: {
         logger: this.logger.get('monitoring'),
-        api: wazuhApiClient
+        api: wazuhApiClient,
       },
-      server: contextServer
+      server: contextServer,
     });
 
     // Scheduler
@@ -159,9 +216,9 @@ export class WazuhPlugin implements Plugin<WazuhPluginSetup, WazuhPluginStart> {
       core,
       wazuh: {
         logger: this.logger.get('cron-scheduler'),
-        api: wazuhApiClient
+        api: wazuhApiClient,
       },
-      server: contextServer
+      server: contextServer,
     });
 
     // Queue
@@ -169,12 +226,12 @@ export class WazuhPlugin implements Plugin<WazuhPluginSetup, WazuhPluginStart> {
       core,
       wazuh: {
         logger: this.logger.get('queue'),
-        api: wazuhApiClient
+        api: wazuhApiClient,
       },
-      server: contextServer
+      server: contextServer,
     });
     return {};
   }
 
-  public stop() { }
+  public stop() {}
 }
diff --git a/plugins/main/server/start/index.ts b/plugins/main/server/start/index.ts
index 39dd0a51a3..9c68b84340 100644
--- a/plugins/main/server/start/index.ts
+++ b/plugins/main/server/start/index.ts
@@ -3,4 +3,5 @@ export * from './initialize';
 export * from './monitoring';
 export * from './queue';
 export * from './tryCatchForIndexPermissionError';
-export * from './migration-tasks';
\ No newline at end of file
+export * from './migration-tasks';
+export * from './sanitize-uploaded-files';
diff --git a/plugins/main/server/start/sanitize-uploaded-files/index.ts b/plugins/main/server/start/sanitize-uploaded-files/index.ts
new file mode 100644
index 0000000000..22e0300212
--- /dev/null
+++ b/plugins/main/server/start/sanitize-uploaded-files/index.ts
@@ -0,0 +1,7 @@
+import sanitizeUploadedSVG from './sanitize-svg';
+
+export function jobSanitizeUploadedFilesTasksRun(context) {
+  const sanitizeTasks = [sanitizeUploadedSVG];
+
+  sanitizeTasks.forEach(task => task(context));
+}
diff --git a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts
new file mode 100644
index 0000000000..70b786d12e
--- /dev/null
+++ b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts
@@ -0,0 +1 @@
+// TODO
diff --git a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
new file mode 100644
index 0000000000..1c419e5b93
--- /dev/null
+++ b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
@@ -0,0 +1,94 @@
+import fs from 'fs';
+import glob from 'glob';
+import path from 'path';
+import { PLUGIN_SETTINGS, TPluginSetting } from '../../../common/constants';
+import { log } from '../../lib/logger';
+import { sanitizeSVG } from '../../lib/sanitizer';
+import { getConfiguration } from '../../lib/get-configuration';
+
+/**
+ * This task checks for custom SVG files uploaded by the user and sanitizes them.
+ * The goal is to sanitize files uploaded in previous versions.
+ * @param context
+ * @returns
+ */
+export default function sanitizeUploadedSVG(context) {
+  // Create a wrapper function that logs to plugin files and platform logging system
+  const createLog = (level: string) => message => {
+    log('sanitize:sanitizeUploadedSVG', message, level);
+    context.wazuh.logger[level](`sanitize:sanitizeUploadedSVG: ${message}`);
+  };
+
+  // Create the logger
+  const logger = {
+    info: createLog('info'),
+    warn: createLog('warn'),
+    error: createLog('error'),
+    debug: createLog('debug'),
+  };
+
+  try {
+    logger.debug('Task sanitize SVG started');
+
+    const configuration = getConfiguration();
+    const logosSettingKeys = [
+      'customization.logo.sidebar',
+      'customization.logo.app',
+      'customization.logo.healthcheck',
+    ];
+
+    // Check each of the possible custom settings uploaded files look for SVG to sanitize
+    logosSettingKeys.forEach(logoKey => {
+      const logoSetting: TPluginSetting | undefined = PLUGIN_SETTINGS[logoKey];
+      const customLogoPath = configuration[logoKey];
+      if (!logoSetting || !customLogoPath) {
+        return;
+      }
+
+      const targetDirectory = path.join(
+        __dirname,
+        '../../..',
+        logoSetting.options.file.store.relativePathFileSystem,
+      );
+
+      // If the setting folder doesn't exist abort the task
+      if (!fs.existsSync(targetDirectory)) {
+        return;
+      }
+
+      // Get the files related to the setting and remove them
+      const files = glob.sync(path.join(targetDirectory, `${logoKey}.*`));
+
+      // If there are no files saved abort the task
+      if (!files?.length) {
+        return;
+      }
+
+      // Check file extension
+      const fileName = path.basename(files[0]);
+      const fileExtension = path.extname(fileName);
+      if (fileExtension.toLocaleLowerCase() !== '.svg') {
+        return;
+      }
+
+      // Read the file contents
+      const fileFullPath = path.join(targetDirectory, fileName);
+      const originalFileBuffer = fs.readFileSync(fileFullPath);
+
+      // Sanitize the file contents
+      const svgString = originalFileBuffer.toString();
+      const cleanSVG = sanitizeSVG(svgString);
+      const cleanFileBuffer = Buffer.from(cleanSVG);
+
+      // Delete the original file
+      fs.unlinkSync(fileFullPath);
+
+      // Save the clean file in the target directory
+      fs.writeFileSync(fileFullPath, cleanFileBuffer);
+    });
+
+    logger.debug('Task finished');
+  } catch (error) {
+    logger.error(`Error: ${error.message}`);
+  }
+}

From e46401a61ab49679c3de1179134bdd4da9d19e12 Mon Sep 17 00:00:00 2001
From: Federico Rodriguez <federico.rodriguez@wazuh.com>
Date: Sun, 19 May 2024 17:11:02 +0200
Subject: [PATCH 02/10] Add log and test to sanitizer

---
 plugins/main/server/lib/sanitizer/index.ts    |  3 ++
 .../server/lib/sanitizer/sanitizer.test.ts    | 47 +++++++++++++++++++
 .../server/lib/{ => sanitizer}/sanitizer.ts   |  4 +-
 .../sanitize-svg.test.ts                      |  1 -
 .../sanitize-uploaded-files/sanitize-svg.ts   | 35 +++++++++-----
 5 files changed, 74 insertions(+), 16 deletions(-)
 create mode 100644 plugins/main/server/lib/sanitizer/index.ts
 create mode 100644 plugins/main/server/lib/sanitizer/sanitizer.test.ts
 rename plugins/main/server/lib/{ => sanitizer}/sanitizer.ts (77%)
 delete mode 100644 plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts

diff --git a/plugins/main/server/lib/sanitizer/index.ts b/plugins/main/server/lib/sanitizer/index.ts
new file mode 100644
index 0000000000..b641100eb6
--- /dev/null
+++ b/plugins/main/server/lib/sanitizer/index.ts
@@ -0,0 +1,3 @@
+import { sanitizeSVG } from './sanitizer';
+
+export { sanitizeSVG };
diff --git a/plugins/main/server/lib/sanitizer/sanitizer.test.ts b/plugins/main/server/lib/sanitizer/sanitizer.test.ts
new file mode 100644
index 0000000000..0c19883660
--- /dev/null
+++ b/plugins/main/server/lib/sanitizer/sanitizer.test.ts
@@ -0,0 +1,47 @@
+import { sanitizeSVG } from './sanitizer';
+
+const mockedFilesContents = [
+  {
+    original: `<svg xml:space="preserve" style="enable-background:new 0 0 100 100;" viewBox="0 0 100 100" height="100px" width="100px" y="0px" x="0px" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns="http://www.w3.org/2000/svg" id="Capa_1" version="1.1">
+
+  <circle id="foo" fill="green" r="45" cy="50" cx="50"></circle>
+
+
+
+</svg>`,
+    clean: `<svg version="1.1" id="Capa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="100px" height="100px" viewBox="0 0 100 100" style="enable-background:new 0 0 100 100;" xml:space="preserve">
+
+  <circle cx="50" cy="50" r="45" fill="green" id="foo"></circle>
+
+
+
+</svg>`,
+  },
+  { original: '<img src=x onerror=alert(1)//>', clean: '<img src="x">' },
+  { original: '<svg><g/onload=alert(2)//<p>', clean: '<svg><g></g></svg>' },
+  {
+    original: '<p>abc<iframe//src=jAva&Tab;script:alert(3)>def</p>',
+    clean: '<p>abc</p>',
+  },
+  {
+    original: '<math><mi//xlink:href="data:x,<script>alert(4)</script>">',
+    clean: '<math><mi></mi></math>',
+  },
+  {
+    original: '<TABLE><tr><td>HELLO</tr></TABL>',
+    clean: '<table><tbody><tr><td>HELLO</td></tr></tbody></table>',
+  },
+  {
+    original: '<UL><li><A HREF=//google.com>click</UL>',
+    clean: '<ul><li><a href="//google.com">click</a></li></ul>',
+  },
+];
+
+describe('[Sanitize SVG] SVG files sample contents are properly cleaned', () => {
+  it('Check output of sanitized sample contents', () => {
+    mockedFilesContents.forEach(mockedFileContent => {
+      const sanitizedContent = sanitizeSVG(mockedFileContent.original);
+      expect(sanitizedContent).toBe(mockedFileContent.clean);
+    });
+  });
+});
diff --git a/plugins/main/server/lib/sanitizer.ts b/plugins/main/server/lib/sanitizer/sanitizer.ts
similarity index 77%
rename from plugins/main/server/lib/sanitizer.ts
rename to plugins/main/server/lib/sanitizer/sanitizer.ts
index 2de6bcc909..14b24da825 100644
--- a/plugins/main/server/lib/sanitizer.ts
+++ b/plugins/main/server/lib/sanitizer/sanitizer.ts
@@ -1,10 +1,10 @@
 import createDOMPurify from 'dompurify';
 import { JSDOM } from 'jsdom';
 
-function sanitizeCSV(svgString: string) {
+function sanitizeSVG(svgString: string) {
   const window = new JSDOM('').window;
   const DOMPurify = createDOMPurify(window);
   const cleanSVG = DOMPurify.sanitize(svgString);
   return cleanSVG;
 }
-export { sanitizeCSV };
+export { sanitizeSVG };
diff --git a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts
deleted file mode 100644
index 70b786d12e..0000000000
--- a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts
+++ /dev/null
@@ -1 +0,0 @@
-// TODO
diff --git a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
index 1c419e5b93..3aa9caad01 100644
--- a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
+++ b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
@@ -8,7 +8,7 @@ import { getConfiguration } from '../../lib/get-configuration';
 
 /**
  * This task checks for custom SVG files uploaded by the user and sanitizes them.
- * The goal is to sanitize files uploaded in previous versions.
+ * The goal is to sanitize any previously uploaded SVG file.
  * @param context
  * @returns
  */
@@ -28,8 +28,9 @@ export default function sanitizeUploadedSVG(context) {
   };
 
   try {
-    logger.debug('Task sanitize SVG started');
+    logger.info('Task sanitize SVG started');
 
+    logger.debug('Get Wazuh configuration');
     const configuration = getConfiguration();
     const logosSettingKeys = [
       'customization.logo.sidebar',
@@ -37,6 +38,7 @@ export default function sanitizeUploadedSVG(context) {
       'customization.logo.healthcheck',
     ];
 
+    logger.debug('Check configuration for custom branding uploaded SVG files');
     // Check each of the possible custom settings uploaded files look for SVG to sanitize
     logosSettingKeys.forEach(logoKey => {
       const logoSetting: TPluginSetting | undefined = PLUGIN_SETTINGS[logoKey];
@@ -51,15 +53,15 @@ export default function sanitizeUploadedSVG(context) {
         logoSetting.options.file.store.relativePathFileSystem,
       );
 
-      // If the setting folder doesn't exist abort the task
+      // If the setting folder doesn't exist abort
       if (!fs.existsSync(targetDirectory)) {
         return;
       }
 
-      // Get the files related to the setting and remove them
+      // Get the files related to the setting
       const files = glob.sync(path.join(targetDirectory, `${logoKey}.*`));
 
-      // If there are no files saved abort the task
+      // If there are no files saved abort
       if (!files?.length) {
         return;
       }
@@ -76,19 +78,26 @@ export default function sanitizeUploadedSVG(context) {
       const originalFileBuffer = fs.readFileSync(fileFullPath);
 
       // Sanitize the file contents
-      const svgString = originalFileBuffer.toString();
-      const cleanSVG = sanitizeSVG(svgString);
+      const originalSVGString = originalFileBuffer.toString();
+      const cleanSVG = sanitizeSVG(originalSVGString);
       const cleanFileBuffer = Buffer.from(cleanSVG);
 
-      // Delete the original file
-      fs.unlinkSync(fileFullPath);
+      // Check if any changes were made in the sanitization process ignoring white spaces
+      // If any change was made then save the sanitized content
+      if (originalSVGString.replace(/\s/g, '') != cleanSVG.replace(/\s/g, '')) {
+        logger.info(
+          `[sanitize:sanitizeUploadedSVG] ${fileName} SVG file sanitized`,
+        );
+        // Delete the original file
+        fs.unlinkSync(fileFullPath);
 
-      // Save the clean file in the target directory
-      fs.writeFileSync(fileFullPath, cleanFileBuffer);
+        // Save the clean file in the target directory
+        fs.writeFileSync(fileFullPath, cleanFileBuffer);
+      }
     });
 
-    logger.debug('Task finished');
+    logger.info('[sanitize:sanitizeUploadedSVG] Task finished');
   } catch (error) {
-    logger.error(`Error: ${error.message}`);
+    logger.error(`Error [sanitize:sanitizeUploadedSVG]: ${error.message}`);
   }
 }

From b6b700e0fa6590cb9f89caf6593c0f7f0f3b81eb Mon Sep 17 00:00:00 2001
From: Federico Rodriguez <federico.rodriguez@wazuh.com>
Date: Sun, 19 May 2024 17:18:37 +0200
Subject: [PATCH 03/10] Add changelog

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a1e8955661..e25760e70a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,7 @@ All notable changes to the Wazuh app project will be documented in this file.
 ### Added
 
 - Support for Wazuh 4.7.5
+- Added sanitization to custom branding SVG files [#6687](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6687)
 
 ## Wazuh v4.7.4 - OpenSearch Dashboards 2.8.0 - Revision 02
 

From f0784e484bbdef4a4d41b77ad80bd5d219edcabf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antonio=20David=20Guti=C3=A9rrez?=
 <antonio.gutierrez@wazuh.com>
Date: Mon, 20 May 2024 12:53:52 +0200
Subject: [PATCH 04/10] fix: enhance imports

---
 plugins/main/server/lib/sanitizer/index.ts     | 4 +---
 plugins/main/server/lib/sanitizer/sanitizer.ts | 3 +--
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/plugins/main/server/lib/sanitizer/index.ts b/plugins/main/server/lib/sanitizer/index.ts
index b641100eb6..3df0a0bd2f 100644
--- a/plugins/main/server/lib/sanitizer/index.ts
+++ b/plugins/main/server/lib/sanitizer/index.ts
@@ -1,3 +1 @@
-import { sanitizeSVG } from './sanitizer';
-
-export { sanitizeSVG };
+export { sanitizeSVG } from './sanitizer';
diff --git a/plugins/main/server/lib/sanitizer/sanitizer.ts b/plugins/main/server/lib/sanitizer/sanitizer.ts
index 14b24da825..7f5f21517b 100644
--- a/plugins/main/server/lib/sanitizer/sanitizer.ts
+++ b/plugins/main/server/lib/sanitizer/sanitizer.ts
@@ -1,10 +1,9 @@
 import createDOMPurify from 'dompurify';
 import { JSDOM } from 'jsdom';
 
-function sanitizeSVG(svgString: string) {
+export function sanitizeSVG(svgString: string) {
   const window = new JSDOM('').window;
   const DOMPurify = createDOMPurify(window);
   const cleanSVG = DOMPurify.sanitize(svgString);
   return cleanSVG;
 }
-export { sanitizeSVG };

From 65f3b4b1eb9fa3565b1637dc9e8e600b25d6e562 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antonio=20David=20Guti=C3=A9rrez?=
 <antonio.gutierrez@wazuh.com>
Date: Mon, 20 May 2024 12:54:22 +0200
Subject: [PATCH 05/10] fix(sanetize-logo-files): enhance logging

---
 .../main/server/start/sanitize-uploaded-files/sanitize-svg.ts  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
index 3aa9caad01..9c7c5cd061 100644
--- a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
+++ b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
@@ -44,6 +44,7 @@ export default function sanitizeUploadedSVG(context) {
       const logoSetting: TPluginSetting | undefined = PLUGIN_SETTINGS[logoKey];
       const customLogoPath = configuration[logoKey];
       if (!logoSetting || !customLogoPath) {
+        logger.debug(`Logo [${logoKey}] not customized. Skip.`);
         return;
       }
 
@@ -96,7 +97,7 @@ export default function sanitizeUploadedSVG(context) {
       }
     });
 
-    logger.info('[sanitize:sanitizeUploadedSVG] Task finished');
+    logger.debug('[sanitize:sanitizeUploadedSVG] Task finished');
   } catch (error) {
     logger.error(`Error [sanitize:sanitizeUploadedSVG]: ${error.message}`);
   }

From 9e05f397cb87cfc5a37eb9d1becceb778b4be24c Mon Sep 17 00:00:00 2001
From: Federico Rodriguez <federico.rodriguez@wazuh.com>
Date: Tue, 21 May 2024 16:57:53 +0200
Subject: [PATCH 06/10] Check file path from the configuration

---
 plugins/main/package.json                     |  3 +-
 .../sanitize-uploaded-files/sanitize-svg.ts   | 61 ++++++++++++-------
 2 files changed, 42 insertions(+), 22 deletions(-)

diff --git a/plugins/main/package.json b/plugins/main/package.json
index 89da1b34bb..ff8817bed1 100644
--- a/plugins/main/package.json
+++ b/plugins/main/package.json
@@ -63,7 +63,8 @@
     "read-last-lines": "^1.7.2",
     "timsort": "^0.3.0",
     "typescript": "^5.0.4",
-    "winston": "3.9.0"
+    "winston": "3.9.0",
+    "dompurify": "^3.1.3"
   },
   "devDependencies": {
     "@types/node-cron": "^2.0.3",
diff --git a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
index 9c7c5cd061..7bd415f330 100644
--- a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
+++ b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
@@ -5,6 +5,7 @@ import { PLUGIN_SETTINGS, TPluginSetting } from '../../../common/constants';
 import { log } from '../../lib/logger';
 import { sanitizeSVG } from '../../lib/sanitizer';
 import { getConfiguration } from '../../lib/get-configuration';
+import { UpdateConfigurationFile } from '../../lib/update-configuration';
 
 /**
  * This task checks for custom SVG files uploaded by the user and sanitizes them.
@@ -28,9 +29,10 @@ export default function sanitizeUploadedSVG(context) {
   };
 
   try {
-    logger.info('Task sanitize SVG started');
+    logger.debug('Task sanitize SVG started');
 
     logger.debug('Get Wazuh configuration');
+    const updateConfigurationFile = new UpdateConfigurationFile();
     const configuration = getConfiguration();
     const logosSettingKeys = [
       'customization.logo.sidebar',
@@ -40,7 +42,7 @@ export default function sanitizeUploadedSVG(context) {
 
     logger.debug('Check configuration for custom branding uploaded SVG files');
     // Check each of the possible custom settings uploaded files look for SVG to sanitize
-    logosSettingKeys.forEach(logoKey => {
+    logosSettingKeys.forEach(async logoKey => {
       const logoSetting: TPluginSetting | undefined = PLUGIN_SETTINGS[logoKey];
       const customLogoPath = configuration[logoKey];
       if (!logoSetting || !customLogoPath) {
@@ -48,10 +50,23 @@ export default function sanitizeUploadedSVG(context) {
         return;
       }
 
+      // Parse the configured logo information and remove the timestamp used as version control
+      const configuredCustomLogo = {
+        subpath: path.dirname(customLogoPath),
+        fileName: path.basename(customLogoPath.replace(/\?v=[\d].*/g, '')),
+        fileExtension: path.extname(customLogoPath.replace(/\?v=[\d].*/g, '')),
+      };
+
+      // If the configured custom logo is not a SVG file there's nothing to do
+      if (configuredCustomLogo.fileExtension.toLocaleLowerCase() !== '.svg') {
+        return;
+      }
+
+      // The assets folder is the base folder used in the frontend. It's concatenated with the path configured in the
       const targetDirectory = path.join(
         __dirname,
-        '../../..',
-        logoSetting.options.file.store.relativePathFileSystem,
+        '../../../public/assets',
+        configuredCustomLogo.subpath,
       );
 
       // If the setting folder doesn't exist abort
@@ -59,23 +74,20 @@ export default function sanitizeUploadedSVG(context) {
         return;
       }
 
-      // Get the files related to the setting
-      const files = glob.sync(path.join(targetDirectory, `${logoKey}.*`));
+      // Read the file contents
+      const fileFullPath = path.join(
+        targetDirectory,
+        configuredCustomLogo.fileName,
+      );
 
-      // If there are no files saved abort
-      if (!files?.length) {
-        return;
-      }
+      // Get the files related to the setting
+      const file = glob.sync(fileFullPath);
 
-      // Check file extension
-      const fileName = path.basename(files[0]);
-      const fileExtension = path.extname(fileName);
-      if (fileExtension.toLocaleLowerCase() !== '.svg') {
+      // If the file doesn't exists abort
+      if (!file?.length) {
         return;
       }
 
-      // Read the file contents
-      const fileFullPath = path.join(targetDirectory, fileName);
       const originalFileBuffer = fs.readFileSync(fileFullPath);
 
       // Sanitize the file contents
@@ -86,19 +98,26 @@ export default function sanitizeUploadedSVG(context) {
       // Check if any changes were made in the sanitization process ignoring white spaces
       // If any change was made then save the sanitized content
       if (originalSVGString.replace(/\s/g, '') != cleanSVG.replace(/\s/g, '')) {
-        logger.info(
-          `[sanitize:sanitizeUploadedSVG] ${fileName} SVG file sanitized`,
-        );
+        logger.debug(` ${configuredCustomLogo.fileName} SVG file sanitized`);
         // Delete the original file
         fs.unlinkSync(fileFullPath);
 
         // Save the clean file in the target directory
         fs.writeFileSync(fileFullPath, cleanFileBuffer);
+
+        // Update the setting in the configuration cache
+        const pluginSettingValue =
+          logoSetting.options.file.store.resolveStaticURL(
+            configuredCustomLogo.fileName,
+          );
+        await updateConfigurationFile.updateConfiguration({
+          [logoKey]: pluginSettingValue,
+        });
       }
     });
 
-    logger.debug('[sanitize:sanitizeUploadedSVG] Task finished');
+    logger.debug(' Task finished');
   } catch (error) {
-    logger.error(`Error [sanitize:sanitizeUploadedSVG]: ${error.message}`);
+    logger.error(`Error: ${error.message}`);
   }
 }

From 800334cd56ddba0f5af5eeae32a9cbd797015a8a Mon Sep 17 00:00:00 2001
From: Federico Rodriguez <federico.rodriguez@wazuh.com>
Date: Tue, 21 May 2024 16:58:30 +0200
Subject: [PATCH 07/10] Add yarn.lock

---
 plugins/main/yarn.lock | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/plugins/main/yarn.lock b/plugins/main/yarn.lock
index 3db28ae6c7..251c94428a 100644
--- a/plugins/main/yarn.lock
+++ b/plugins/main/yarn.lock
@@ -1231,6 +1231,11 @@ doctrine@^3.0.0:
   dependencies:
     esutils "^2.0.2"
 
+dompurify@^3.1.3:
+  version "3.1.4"
+  resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.1.4.tgz#42121304b2b3a6bae22f80131ff8a8f3f3c56be2"
+  integrity sha512-2gnshi6OshmuKil8rMZuQCGiUF3cUxHY3NGDzUAdUx/NPEe5DVnO8BDoAQouvgwnx0R/+a6jUn36Z0FSdq8vww==
+
 duplexer2@~0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1"

From 762c81ad611a8da078cc1b384db9c28f0d943334 Mon Sep 17 00:00:00 2001
From: Federico Rodriguez <federico.rodriguez@wazuh.com>
Date: Tue, 21 May 2024 20:10:34 +0200
Subject: [PATCH 08/10] Add cronjob test

---
 .../malicious.customization.logo.app.svg.ts   |   9 ++
 .../sanitized.customization.logo.app.svg.ts   |   1 +
 .../sanitize-svg.test.ts                      | 138 ++++++++++++++++++
 .../sanitize-uploaded-files/sanitize-svg.ts   |   2 +-
 4 files changed, 149 insertions(+), 1 deletion(-)
 create mode 100644 plugins/main/server/start/sanitize-uploaded-files/__mocks__/malicious.customization.logo.app.svg.ts
 create mode 100644 plugins/main/server/start/sanitize-uploaded-files/__mocks__/sanitized.customization.logo.app.svg.ts
 create mode 100644 plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts

diff --git a/plugins/main/server/start/sanitize-uploaded-files/__mocks__/malicious.customization.logo.app.svg.ts b/plugins/main/server/start/sanitize-uploaded-files/__mocks__/malicious.customization.logo.app.svg.ts
new file mode 100644
index 0000000000..45b1abeaa0
--- /dev/null
+++ b/plugins/main/server/start/sanitize-uploaded-files/__mocks__/malicious.customization.logo.app.svg.ts
@@ -0,0 +1,9 @@
+export default `<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="100px" height="100px" viewBox="0 0 100 100" style="enable-background:new 0 0 100 100;" xml:space="preserve">
+
+  <circle cx="50" cy="50" r="45" fill="green" id="foo" o="foo"/>
+
+  <script>alert(document.domain);</script>
+
+</svg>
+`
diff --git a/plugins/main/server/start/sanitize-uploaded-files/__mocks__/sanitized.customization.logo.app.svg.ts b/plugins/main/server/start/sanitize-uploaded-files/__mocks__/sanitized.customization.logo.app.svg.ts
new file mode 100644
index 0000000000..7a1007f828
--- /dev/null
+++ b/plugins/main/server/start/sanitize-uploaded-files/__mocks__/sanitized.customization.logo.app.svg.ts
@@ -0,0 +1 @@
+export default `<svg xml:space="preserve" style="enable-background:new 0 0 100 100;" viewBox="0 0 100 100" height="100px" width="100px" y="0px" x="0px" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns="http://www.w3.org/2000/svg" id="Layer_1" version="1.1">\n\n  <circle id="foo" fill="green" r="45" cy="50" cx="50"></circle>\n\n  \n\n</svg>\n`;
diff --git a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts
new file mode 100644
index 0000000000..0e80c4ec9c
--- /dev/null
+++ b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.test.ts
@@ -0,0 +1,138 @@
+import fs from 'fs';
+import { execSync } from 'child_process';
+import path from 'path';
+import { PLUGIN_SETTINGS } from '../../../common/constants';
+import { createDirectoryIfNotExists } from '../../lib/filesystem';
+import sanitizeUploadedSVG from './sanitize-svg';
+import { sanitizeSVG } from '../../lib/sanitizer';
+import * as configuration from '../../lib/get-configuration';
+import maliciousMockSVG from './__mocks__/malicious.customization.logo.app.svg.ts';
+import sanitizedMockSVG from './__mocks__/sanitized.customization.logo.app.svg.ts';
+
+const customImageDirectory = path.join(
+  __dirname,
+  '../../..',
+  PLUGIN_SETTINGS['customization.logo.app'].options.file.store
+    .relativePathFileSystem,
+);
+
+function mockContextCreator(loggerLevel: string) {
+  const logs = [];
+  const levels = ['debug', 'info', 'warn', 'error'];
+
+  function createLogger(level: string) {
+    return jest.fn(function (message: string) {
+      const levelLogIncluded: number = levels.findIndex(
+        level => level === loggerLevel,
+      );
+      levelLogIncluded > -1 &&
+        levels.slice(levelLogIncluded).includes(level) &&
+        logs.push({ level, message });
+    });
+  }
+
+  const ctx = {
+    wazuh: {
+      logger: {
+        info: createLogger('info'),
+        warn: createLogger('warn'),
+        error: createLogger('error'),
+        debug: createLogger('debug'),
+      },
+    },
+    /* Mocked logs getter. It is only for testing purpose.*/
+    _getLogs(logLevel: string) {
+      return logLevel ? logs.filter(({ level }) => level === logLevel) : logs;
+    },
+  };
+  return ctx;
+}
+
+jest.mock('../../lib/logger', () => ({
+  log: jest.fn(),
+}));
+
+beforeAll(() => {
+  // Create custom images directory
+  createDirectoryIfNotExists(customImageDirectory);
+});
+
+afterAll(() => {
+  jest.clearAllMocks();
+  // Remove custom images directory
+
+  execSync(`rm -rf ${customImageDirectory}`);
+});
+
+describe('[Sanitize SVG cronjob] Sanitize different custom logos.', () => {
+  let mockContext = mockContextCreator('debug');
+  jest.fn(sanitizeSVG);
+  describe('[Sanitize SVG cronjob] No custom logos setup.', () => {
+    it('With no custom logos does not sanitize any file', () => {
+      jest
+        .spyOn(configuration, 'getConfiguration')
+        .mockImplementationOnce(() => ({}));
+      sanitizeUploadedSVG(mockContext);
+      expect(
+        mockContext
+          ._getLogs()
+          .filter(({ message }) =>
+            message.includes(
+              `[customization.logo.sidebar] not customized. Skip.`,
+            ),
+          ),
+      ).toHaveLength(1);
+      expect(
+        mockContext
+          ._getLogs()
+          .filter(({ message }) =>
+            message.includes(
+              `[customization.logo.healthcheck] not customized. Skip.`,
+            ),
+          ),
+      ).toHaveLength(1);
+      expect(
+        mockContext
+          ._getLogs()
+          .filter(({ message }) =>
+            message.includes(`[customization.logo.app] not customized. Skip.`),
+          ),
+      ).toHaveLength(1);
+    });
+  });
+
+  describe('[Sanitize SVG cronjob] No custom logos setup.', () => {
+    const filename = 'customization.logo.app.svg';
+    beforeAll(() => {
+      // Save the clean file in the target directory
+      fs.writeFileSync(
+        path.join(customImageDirectory, filename),
+        Buffer.from(maliciousMockSVG),
+      );
+    });
+    afterAll(() => {
+      fs.unlinkSync(path.join(customImageDirectory, filename));
+    });
+    it('[Sanitize SVG cronjob] Sanitize script in customization.logo.app.svg file', () => {
+      jest
+        .spyOn(configuration, 'getConfiguration')
+        .mockImplementationOnce(() => ({
+          'customization.logo.app':
+            'custom/images/customization.logo.app.svg?v=123456789',
+        }));
+      sanitizeUploadedSVG(mockContext);
+      const sanitizedFileBuffer = fs.readFileSync(
+        path.join(customImageDirectory, filename),
+      );
+      const sanitizedSVGString = sanitizedFileBuffer.toString();
+      expect(sanitizedSVGString).toEqual(sanitizedMockSVG);
+      expect(
+        mockContext
+          ._getLogs()
+          .filter(({ message }) =>
+            message.includes(`customization.logo.app.svg SVG file sanitized`),
+          ),
+      ).toHaveLength(1);
+    });
+  });
+});
diff --git a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
index 7bd415f330..bcbae1666e 100644
--- a/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
+++ b/plugins/main/server/start/sanitize-uploaded-files/sanitize-svg.ts
@@ -98,7 +98,7 @@ export default function sanitizeUploadedSVG(context) {
       // Check if any changes were made in the sanitization process ignoring white spaces
       // If any change was made then save the sanitized content
       if (originalSVGString.replace(/\s/g, '') != cleanSVG.replace(/\s/g, '')) {
-        logger.debug(` ${configuredCustomLogo.fileName} SVG file sanitized`);
+        logger.debug(`${configuredCustomLogo.fileName} SVG file sanitized`);
         // Delete the original file
         fs.unlinkSync(fileFullPath);
 

From 8d6224b59b75ada4434409d2bf71138ff7e66428 Mon Sep 17 00:00:00 2001
From: Federico Rodriguez <federico.rodriguez@wazuh.com>
Date: Tue, 21 May 2024 20:49:21 +0200
Subject: [PATCH 09/10] Add jsdom dependency latest compatible

---
 plugins/main/package.json |   3 +-
 plugins/main/yarn.lock    | 248 ++++++++++++++++++++++++++++++++++++--
 2 files changed, 243 insertions(+), 8 deletions(-)

diff --git a/plugins/main/package.json b/plugins/main/package.json
index ff8817bed1..0c846b5081 100644
--- a/plugins/main/package.json
+++ b/plugins/main/package.json
@@ -64,7 +64,8 @@
     "timsort": "^0.3.0",
     "typescript": "^5.0.4",
     "winston": "3.9.0",
-    "dompurify": "^3.1.3"
+    "dompurify": "^3.1.3",
+    "jsdom": "22.1.0"
   },
   "devDependencies": {
     "@types/node-cron": "^2.0.3",
diff --git a/plugins/main/yarn.lock b/plugins/main/yarn.lock
index 251c94428a..a03675317e 100644
--- a/plugins/main/yarn.lock
+++ b/plugins/main/yarn.lock
@@ -448,6 +448,11 @@
     "@swagger-api/apidom-parser-adapter-openapi-yaml-3-1" "^0.74.1"
     "@swagger-api/apidom-parser-adapter-yaml-1-2" "^0.74.1"
 
+"@tootallnate/once@2":
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-2.0.0.tgz#f544a148d3ab35801c1f633a7441fd87c2e484bf"
+  integrity sha512-XCuKFP5PS55gnMVu3dty8KPatLqUoy/ZYzDzAGCQ8JNFCkLXzmI7vNHCR+XpbZaMWQK/vQubr7PkYq8g470J/A==
+
 "@types/cookie@^0.3.3":
   version "0.3.3"
   resolved "https://registry.yarnpkg.com/@types/cookie/-/cookie-0.3.3.tgz#85bc74ba782fb7aa3a514d11767832b0e3bc6803"
@@ -605,6 +610,11 @@
     "@typescript-eslint/types" "6.2.1"
     eslint-visitor-keys "^3.4.1"
 
+abab@^2.0.6:
+  version "2.0.6"
+  resolved "https://registry.yarnpkg.com/abab/-/abab-2.0.6.tgz#41b80f2c871d19686216b82309231cfd3cb3d291"
+  integrity sha512-j2afSsaIENvHZN2B8GOpF566vZ5WVk5opAiMTvWgaQT8DkbOqsTfvNAvHoRGU2zzP8cPoqys+xHTRDWW8L+/BA==
+
 acorn-jsx@^5.3.2:
   version "5.3.2"
   resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-5.3.2.tgz#7ed5bb55908b3b2f1bc55c6af1653bada7f07937"
@@ -634,6 +644,13 @@ acorn@^8.9.0:
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.10.0.tgz#8be5b3907a67221a81ab23c7889c4c5526b62ec5"
   integrity sha512-F0SAmZ8iUtS//m8DmCTA0jlh6TDKkHQyK6xc6V4KDTyZKA9dnvX9/3sRTVQrWm79glUAZbnmmNcdYwUIHWVybw==
 
+agent-base@6:
+  version "6.0.2"
+  resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.2.tgz#49fff58577cfee3f37176feab4c22e00f86d7f77"
+  integrity sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==
+  dependencies:
+    debug "4"
+
 ajv@^6.12.4:
   version "6.12.6"
   resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4"
@@ -1098,6 +1115,13 @@ crypto-js@^4.0.0:
   resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.1.1.tgz#9e485bcf03521041bd85844786b83fb7619736cf"
   integrity sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==
 
+cssstyle@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/cssstyle/-/cssstyle-3.0.0.tgz#17ca9c87d26eac764bb8cfd00583cff21ce0277a"
+  integrity sha512-N4u2ABATi3Qplzf0hWbVCdjenim8F3ojEXpBDF5hBpjzW182MjNGLqfmQ0SkSPeQ+V86ZXgeH8aXj6kayd4jgg==
+  dependencies:
+    rrweb-cssom "^0.6.0"
+
 csstype@^3.0.2:
   version "3.1.2"
   resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.1.2.tgz#1d4bf9d572f11c14031f0436e1c10bc1f571f50b"
@@ -1116,20 +1140,34 @@ dash-ast@^2.0.1:
   resolved "https://registry.yarnpkg.com/dash-ast/-/dash-ast-2.0.1.tgz#8d0fd2e601c59bf874cc22877ee7dd889f54dee8"
   integrity sha512-5TXltWJGc+RdnabUGzhRae1TRq6m4gr+3K2wQX0is5/F2yS6MJXJvLyI3ErAnsAXuJoGqvfVD5icRgim07DrxQ==
 
-debug@^3.2.6, debug@^3.2.7:
-  version "3.2.7"
-  resolved "https://registry.yarnpkg.com/debug/-/debug-3.2.7.tgz#72580b7e9145fb39b6676f9c5e5fb100b934179a"
-  integrity sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==
+data-urls@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/data-urls/-/data-urls-4.0.0.tgz#333a454eca6f9a5b7b0f1013ff89074c3f522dd4"
+  integrity sha512-/mMTei/JXPqvFqQtfyTowxmJVwr2PVAeCcDxyFf6LhoOu/09TX2OX3kb2wzi4DMXcfj4OItwDOnhl5oziPnT6g==
   dependencies:
-    ms "^2.1.1"
+    abab "^2.0.6"
+    whatwg-mimetype "^3.0.0"
+    whatwg-url "^12.0.0"
 
-debug@^4.1.1, debug@^4.3.2, debug@^4.3.4:
+debug@4, debug@^4.1.1, debug@^4.3.2, debug@^4.3.4:
   version "4.3.4"
   resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865"
   integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==
   dependencies:
     ms "2.1.2"
 
+debug@^3.2.6, debug@^3.2.7:
+  version "3.2.7"
+  resolved "https://registry.yarnpkg.com/debug/-/debug-3.2.7.tgz#72580b7e9145fb39b6676f9c5e5fb100b934179a"
+  integrity sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==
+  dependencies:
+    ms "^2.1.1"
+
+decimal.js@^10.4.3:
+  version "10.4.3"
+  resolved "https://registry.yarnpkg.com/decimal.js/-/decimal.js-10.4.3.tgz#1044092884d245d1b7f65725fa4ad4c6f781cc23"
+  integrity sha512-VBBaLc1MgL5XpzgIP7ny5Z6Nx3UrRkIViUkPUdtl9aya5amy3De1gsUUSB1g3+3sExYNjCAsAznmukyxCb1GRA==
+
 decompress-response@^6.0.0:
   version "6.0.0"
   resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-6.0.0.tgz#ca387612ddb7e104bd16d85aab00d5ecf09c66fc"
@@ -1231,6 +1269,13 @@ doctrine@^3.0.0:
   dependencies:
     esutils "^2.0.2"
 
+domexception@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/domexception/-/domexception-4.0.0.tgz#4ad1be56ccadc86fc76d033353999a8037d03673"
+  integrity sha512-A2is4PLG+eeSfoTMA95/s4pvAoSo2mKtiM5jlHkAVewmiO8ISFTFKZjH7UAM1Atli/OT/7JHOrJRJiMKUZKYBw==
+  dependencies:
+    webidl-conversions "^7.0.0"
+
 dompurify@^3.1.3:
   version "3.1.4"
   resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.1.4.tgz#42121304b2b3a6bae22f80131ff8a8f3f3c56be2"
@@ -1263,6 +1308,11 @@ enhanced-resolve@^5.12.0:
     graceful-fs "^4.2.4"
     tapable "^2.2.0"
 
+entities@^4.4.0:
+  version "4.5.0"
+  resolved "https://registry.yarnpkg.com/entities/-/entities-4.5.0.tgz#5d268ea5e7113ec74c4d033b79ea5a35a488fb48"
+  integrity sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==
+
 es-abstract@^1.19.0, es-abstract@^1.20.4, es-abstract@^1.21.2:
   version "1.22.1"
   resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.22.1.tgz#8b4e5fc5cefd7f1660f0f8e1a52900dfbc9d9ccc"
@@ -2016,6 +2066,30 @@ hoist-non-react-statics@^3.0.0, hoist-non-react-statics@^3.3.0:
   dependencies:
     react-is "^16.7.0"
 
+html-encoding-sniffer@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/html-encoding-sniffer/-/html-encoding-sniffer-3.0.0.tgz#2cb1a8cf0db52414776e5b2a7a04d5dd98158de9"
+  integrity sha512-oWv4T4yJ52iKrufjnyZPkrN0CH3QnrUqdB6In1g5Fe1mia8GmF36gnfNySxoZtxD5+NmYw1EElVXiBk93UeskA==
+  dependencies:
+    whatwg-encoding "^2.0.0"
+
+http-proxy-agent@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz#5129800203520d434f142bc78ff3c170800f2b43"
+  integrity sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w==
+  dependencies:
+    "@tootallnate/once" "2"
+    agent-base "6"
+    debug "4"
+
+https-proxy-agent@^5.0.1:
+  version "5.0.1"
+  resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz#c59ef224a04fe8b754f3db0063a25ea30d0005d6"
+  integrity sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==
+  dependencies:
+    agent-base "6"
+    debug "4"
+
 human-signals@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/human-signals/-/human-signals-2.1.0.tgz#dc91fcba42e4d06e4abaed33b3e7a3c02f514ea0"
@@ -2026,7 +2100,7 @@ human-signals@^4.3.0:
   resolved "https://registry.yarnpkg.com/human-signals/-/human-signals-4.3.1.tgz#ab7f811e851fca97ffbd2c1fe9a958964de321b2"
   integrity sha512-nZXjEF2nbo7lIw3mgYjItAfgQXog3OjJogSbKa2CQIIvSGWcKgeJnQlNXip6NglNzYH45nSRiEVimMvYL8DDqQ==
 
-iconv-lite@^0.6.3:
+iconv-lite@0.6.3, iconv-lite@^0.6.3:
   version "0.6.3"
   resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501"
   integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==
@@ -2205,6 +2279,11 @@ is-plain-object@^5.0.0:
   resolved "https://registry.yarnpkg.com/is-plain-object/-/is-plain-object-5.0.0.tgz#4427f50ab3429e9025ea7d52e9043a9ef4159344"
   integrity sha512-VRSzKkbMm5jMDoKLbltAkFQ5Qr7VDiTFGXxYFXXowVj387GeGNOCsOH6Msy00SGZ3Fp84b1Naa1psqgcCIEP5Q==
 
+is-potential-custom-element-name@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/is-potential-custom-element-name/-/is-potential-custom-element-name-1.0.1.tgz#171ed6f19e3ac554394edf78caa05784a45bebb5"
+  integrity sha512-bCYeRA2rVibKZd+s2625gGnGF/t7DSqDs4dP7CrLA1m7jKWz6pps0LpYLJN8Q64HtmPKJ1hrN3nzPNKFEKOUiQ==
+
 is-regex@^1.0.4, is-regex@^1.1.4:
   version "1.1.4"
   resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.1.4.tgz#eef5663cd59fa4c0ae339505323df6854bb15958"
@@ -2299,6 +2378,35 @@ js2xmlparser@^5.0.0:
   dependencies:
     xmlcreate "^2.0.4"
 
+jsdom@22.1.0:
+  version "22.1.0"
+  resolved "https://registry.yarnpkg.com/jsdom/-/jsdom-22.1.0.tgz#0fca6d1a37fbeb7f4aac93d1090d782c56b611c8"
+  integrity sha512-/9AVW7xNbsBv6GfWho4TTNjEo9fe6Zhf9O7s0Fhhr3u+awPwAJMKwAMXnkk5vBxflqLW9hTHX/0cs+P3gW+cQw==
+  dependencies:
+    abab "^2.0.6"
+    cssstyle "^3.0.0"
+    data-urls "^4.0.0"
+    decimal.js "^10.4.3"
+    domexception "^4.0.0"
+    form-data "^4.0.0"
+    html-encoding-sniffer "^3.0.0"
+    http-proxy-agent "^5.0.0"
+    https-proxy-agent "^5.0.1"
+    is-potential-custom-element-name "^1.0.1"
+    nwsapi "^2.2.4"
+    parse5 "^7.1.2"
+    rrweb-cssom "^0.6.0"
+    saxes "^6.0.0"
+    symbol-tree "^3.2.4"
+    tough-cookie "^4.1.2"
+    w3c-xmlserializer "^4.0.0"
+    webidl-conversions "^7.0.0"
+    whatwg-encoding "^2.0.0"
+    whatwg-mimetype "^3.0.0"
+    whatwg-url "^12.0.1"
+    ws "^8.13.0"
+    xml-name-validator "^4.0.0"
+
 json-schema-traverse@^0.4.1:
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660"
@@ -2629,6 +2737,11 @@ npm-run-path@^5.1.0:
   dependencies:
     path-key "^4.0.0"
 
+nwsapi@^2.2.4:
+  version "2.2.10"
+  resolved "https://registry.yarnpkg.com/nwsapi/-/nwsapi-2.2.10.tgz#0b77a68e21a0b483db70b11fad055906e867cda8"
+  integrity sha512-QK0sRs7MKv0tKe1+5uZIQk/C8XGza4DAnztJG8iD+TpJIORARrCxczA738awHrZoHeTjSSoHqao2teO0dC/gFQ==
+
 object-assign@^4.0.1, object-assign@^4.1.1:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863"
@@ -2795,6 +2908,13 @@ parent-module@^1.0.0:
   dependencies:
     callsites "^3.0.0"
 
+parse5@^7.1.2:
+  version "7.1.2"
+  resolved "https://registry.yarnpkg.com/parse5/-/parse5-7.1.2.tgz#0736bebbfd77793823240a23b7fc5e010b7f8e32"
+  integrity sha512-Czj1WaSVpaoj0wbhMzLmWD69anp2WH7FXMB9n1Sy8/ZFF9jolSQVMu1Ij5WIyGmcBmhk7EOndpO4mIpihVqAXw==
+  dependencies:
+    entities "^4.4.0"
+
 path-exists@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-4.0.0.tgz#513bdbe2d3b95d7762e8c1137efa195c6c61b5b3"
@@ -2919,6 +3039,11 @@ proxy-from-env@^1.1.0:
   resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.1.0.tgz#e102f16ca355424865755d2c9e8ea4f24d58c3e2"
   integrity sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==
 
+psl@^1.1.33:
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/psl/-/psl-1.9.0.tgz#d0df2a137f00794565fcaf3b2c00cd09f8d5a5a7"
+  integrity sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==
+
 pump@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/pump/-/pump-3.0.0.tgz#b4a2116815bde2f4e1ea602354e8c75565107a64"
@@ -2937,6 +3062,11 @@ punycode@^2.1.0:
   resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.0.tgz#f67fa67c94da8f4d0cfff981aee4118064199b8f"
   integrity sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==
 
+punycode@^2.1.1, punycode@^2.3.0:
+  version "2.3.1"
+  resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.1.tgz#027422e2faec0b25e1549c3e1bd8309b9133b6e5"
+  integrity sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==
+
 qs@^6.10.2, qs@^6.11.0:
   version "6.11.2"
   resolved "https://registry.yarnpkg.com/qs/-/qs-6.11.2.tgz#64bea51f12c1f5da1bc01496f48ffcff7c69d7d9"
@@ -2949,6 +3079,11 @@ querystring-browser@1.0.4:
   resolved "https://registry.yarnpkg.com/querystring-browser/-/querystring-browser-1.0.4.tgz#f2e35881840a819bc7b1bf597faf0979e6622dc6"
   integrity sha512-oqPm3iZO4r4lEFM2YAJyMwCqAMIL0r3jO36ZohmHLUs9NpAfEGee7G5+PllGec/TkAnfI85FMmkPaW8UbZI0Uw==
 
+querystringify@^2.1.1:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/querystringify/-/querystringify-2.2.0.tgz#3345941b4153cb9d082d8eee4cda2016a9aef7f6"
+  integrity sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ==
+
 queue-microtask@^1.2.2:
   version "1.2.3"
   resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243"
@@ -3059,6 +3194,11 @@ regexp.prototype.flags@^1.2.0, regexp.prototype.flags@^1.4.3, regexp.prototype.f
     define-properties "^1.2.0"
     functions-have-names "^1.2.3"
 
+requires-port@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/requires-port/-/requires-port-1.0.0.tgz#925d2601d39ac485e091cf0da5c6e694dc3dcaff"
+  integrity sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ==
+
 resolve-from@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-4.0.0.tgz#4abcd852ad32dd7baabfe9b40e00a36db5f392e6"
@@ -3113,6 +3253,11 @@ rimraf@^3.0.2:
   dependencies:
     glob "^7.1.3"
 
+rrweb-cssom@^0.6.0:
+  version "0.6.0"
+  resolved "https://registry.yarnpkg.com/rrweb-cssom/-/rrweb-cssom-0.6.0.tgz#ed298055b97cbddcdeb278f904857629dec5e0e1"
+  integrity sha512-APM0Gt1KoXBz0iIkkdB/kfvGOwC4UuJFeG/c+yV7wSc7q96cG/kJ0HiYCnzivD9SB53cLV1MlHFNfOuPaadYSw==
+
 run-applescript@^5.0.0:
   version "5.0.0"
   resolved "https://registry.yarnpkg.com/run-applescript/-/run-applescript-5.0.0.tgz#e11e1c932e055d5c6b40d98374e0268d9b11899c"
@@ -3171,6 +3316,13 @@ sax@^1.2.4:
   resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
   integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==
 
+saxes@^6.0.0:
+  version "6.0.0"
+  resolved "https://registry.yarnpkg.com/saxes/-/saxes-6.0.0.tgz#fe5b4a4768df4f14a201b1ba6a65c1f3d9988cc5"
+  integrity sha512-xAg7SOnEhrm5zI3puOOKyy1OMcMlIJZYNJY7xLBwSze0UjhPLnWfj2GF2EpT0jmzaJKIWKHLsaSSajf35bcYnA==
+  dependencies:
+    xmlchars "^2.2.0"
+
 scope-analyzer@^2.0.1:
   version "2.1.2"
   resolved "https://registry.yarnpkg.com/scope-analyzer/-/scope-analyzer-2.1.2.tgz#b958162feb59823c2835c7b0229187a97c77e9cd"
@@ -3444,6 +3596,11 @@ swagger-client@^3.19.11:
     traverse "~0.6.6"
     url "~0.11.0"
 
+symbol-tree@^3.2.4:
+  version "3.2.4"
+  resolved "https://registry.yarnpkg.com/symbol-tree/-/symbol-tree-3.2.4.tgz#430637d248ba77e078883951fb9aa0eed7c63fa2"
+  integrity sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==
+
 synckit@^0.8.5:
   version "0.8.5"
   resolved "https://registry.yarnpkg.com/synckit/-/synckit-0.8.5.tgz#b7f4358f9bb559437f9f167eb6bc46b3c9818fa3"
@@ -3537,6 +3694,23 @@ to-regex-range@^5.0.1:
   dependencies:
     is-number "^7.0.0"
 
+tough-cookie@^4.1.2:
+  version "4.1.4"
+  resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-4.1.4.tgz#945f1461b45b5a8c76821c33ea49c3ac192c1b36"
+  integrity sha512-Loo5UUvLD9ScZ6jh8beX1T6sO1w2/MpCRpEP7V280GKMVUQ0Jzar2U3UJPsrdbziLEMMhu3Ujnq//rhiFuIeag==
+  dependencies:
+    psl "^1.1.33"
+    punycode "^2.1.1"
+    universalify "^0.2.0"
+    url-parse "^1.5.3"
+
+tr46@^4.1.1:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/tr46/-/tr46-4.1.1.tgz#281a758dcc82aeb4fe38c7dfe4d11a395aac8469"
+  integrity sha512-2lv/66T7e5yNyhAAC4NaKe5nVavzuGJQVVtRYLyQ2OI8tsJ61PMLlelehb0wi2Hx6+hT/OJUWZcw8MjlSRnxvw==
+  dependencies:
+    punycode "^2.3.0"
+
 tr46@~0.0.3:
   version "0.0.3"
   resolved "https://registry.yarnpkg.com/tr46/-/tr46-0.0.3.tgz#8184fd347dac9cdc185992f3a6622e14b9d9ab6a"
@@ -3725,6 +3899,11 @@ universal-cookie@^4.0.0:
     "@types/cookie" "^0.3.3"
     cookie "^0.4.0"
 
+universalify@^0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/universalify/-/universalify-0.2.0.tgz#6451760566fa857534745ab1dde952d1b1761be0"
+  integrity sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg==
+
 unraw@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/unraw/-/unraw-3.0.0.tgz#73443ed70d2ab09ccbac2b00525602d5991fbbe3"
@@ -3742,6 +3921,14 @@ uri-js@^4.2.2:
   dependencies:
     punycode "^2.1.0"
 
+url-parse@^1.5.3:
+  version "1.5.10"
+  resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.10.tgz#9d3c2f736c1d75dd3bd2be507dcc111f1e2ea9c1"
+  integrity sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==
+  dependencies:
+    querystringify "^2.1.1"
+    requires-port "^1.0.0"
+
 url@~0.11.0:
   version "0.11.1"
   resolved "https://registry.yarnpkg.com/url/-/url-0.11.1.tgz#26f90f615427eca1b9f4d6a28288c147e2302a32"
@@ -3755,6 +3942,13 @@ util-deprecate@^1.0.1, util-deprecate@~1.0.1:
   resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
   integrity sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==
 
+w3c-xmlserializer@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/w3c-xmlserializer/-/w3c-xmlserializer-4.0.0.tgz#aebdc84920d806222936e3cdce408e32488a3073"
+  integrity sha512-d+BFHzbiCx6zGfz0HyQ6Rg69w9k19nviJspaj4yNscGjrHu94sVP+aRm75yEbCh+r2/yR+7q6hux9LVtbuTGBw==
+  dependencies:
+    xml-name-validator "^4.0.0"
+
 web-streams-polyfill@4.0.0-beta.3:
   version "4.0.0-beta.3"
   resolved "https://registry.yarnpkg.com/web-streams-polyfill/-/web-streams-polyfill-4.0.0-beta.3.tgz#2898486b74f5156095e473efe989dcf185047a38"
@@ -3770,6 +3964,31 @@ webidl-conversions@^3.0.0:
   resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-3.0.1.tgz#24534275e2a7bc6be7bc86611cc16ae0a5654871"
   integrity sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==
 
+webidl-conversions@^7.0.0:
+  version "7.0.0"
+  resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-7.0.0.tgz#256b4e1882be7debbf01d05f0aa2039778ea080a"
+  integrity sha512-VwddBukDzu71offAQR975unBIGqfKZpM+8ZX6ySk8nYhVoo5CYaZyzt3YBvYtRtO+aoGlqxPg/B87NGVZ/fu6g==
+
+whatwg-encoding@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/whatwg-encoding/-/whatwg-encoding-2.0.0.tgz#e7635f597fd87020858626805a2729fa7698ac53"
+  integrity sha512-p41ogyeMUrw3jWclHWTQg1k05DSVXPLcVxRTYsXUk+ZooOCZLcoYgPZ/HL/D/N+uQPOtcp1me1WhBEaX02mhWg==
+  dependencies:
+    iconv-lite "0.6.3"
+
+whatwg-mimetype@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-3.0.0.tgz#5fa1a7623867ff1af6ca3dc72ad6b8a4208beba7"
+  integrity sha512-nt+N2dzIutVRxARx1nghPKGv1xHikU7HKdfafKkLNLindmPU/ch3U31NOCGGA/dmPcmb1VlofO0vnKAcsm0o/Q==
+
+whatwg-url@^12.0.0, whatwg-url@^12.0.1:
+  version "12.0.1"
+  resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-12.0.1.tgz#fd7bcc71192e7c3a2a97b9a8d6b094853ed8773c"
+  integrity sha512-Ed/LrqB8EPlGxjS+TrsXcpUond1mhccS3pchLhzSgPCnTimUCKj3IZE75pAs5m6heB2U2TMerKFUXheyHY+VDQ==
+  dependencies:
+    tr46 "^4.1.1"
+    webidl-conversions "^7.0.0"
+
 whatwg-url@^5.0.0:
   version "5.0.0"
   resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-5.0.0.tgz#966454e8765462e37644d3626f6742ce8b70965d"
@@ -3843,6 +4062,21 @@ wrappy@1:
   resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
   integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==
 
+ws@^8.13.0:
+  version "8.17.0"
+  resolved "https://registry.yarnpkg.com/ws/-/ws-8.17.0.tgz#d145d18eca2ed25aaf791a183903f7be5e295fea"
+  integrity sha512-uJq6108EgZMAl20KagGkzCKfMEjxmKvZHG7Tlq0Z6nOky7YF7aq4mOx6xK8TJ/i1LeK4Qus7INktacctDgY8Ow==
+
+xml-name-validator@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/xml-name-validator/-/xml-name-validator-4.0.0.tgz#79a006e2e63149a8600f15430f0a4725d1524835"
+  integrity sha512-ICP2e+jsHvAj2E2lIHxa5tjXRlKDJo4IdvPvCXbXQGdzSfmSpNVyIKMvoZHjDY9DP0zV17iI85o90vRFXNccRw==
+
+xmlchars@^2.2.0:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/xmlchars/-/xmlchars-2.2.0.tgz#060fe1bcb7f9c76fe2a17db86a9bc3ab894210cb"
+  integrity sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==
+
 xmlcreate@^2.0.4:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/xmlcreate/-/xmlcreate-2.0.4.tgz#0c5ab0f99cdd02a81065fa9cd8f8ae87624889be"

From 87a1088209ca8764819c24a7a5ed014ceee6a34a Mon Sep 17 00:00:00 2001
From: Federico Rodriguez <federico.rodriguez@wazuh.com>
Date: Tue, 21 May 2024 21:05:17 +0200
Subject: [PATCH 10/10] Change jsdom dependency to the one used in OSD

---
 plugins/main/package.json |   2 +-
 plugins/main/yarn.lock    | 314 +++++++++++++++++++++++---------------
 2 files changed, 188 insertions(+), 128 deletions(-)

diff --git a/plugins/main/package.json b/plugins/main/package.json
index 0c846b5081..0f7fc0dacb 100644
--- a/plugins/main/package.json
+++ b/plugins/main/package.json
@@ -65,7 +65,7 @@
     "typescript": "^5.0.4",
     "winston": "3.9.0",
     "dompurify": "^3.1.3",
-    "jsdom": "22.1.0"
+    "jsdom": "16.7.0"
   },
   "devDependencies": {
     "@types/node-cron": "^2.0.3",
diff --git a/plugins/main/yarn.lock b/plugins/main/yarn.lock
index a03675317e..fa11d5fc15 100644
--- a/plugins/main/yarn.lock
+++ b/plugins/main/yarn.lock
@@ -448,10 +448,10 @@
     "@swagger-api/apidom-parser-adapter-openapi-yaml-3-1" "^0.74.1"
     "@swagger-api/apidom-parser-adapter-yaml-1-2" "^0.74.1"
 
-"@tootallnate/once@2":
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-2.0.0.tgz#f544a148d3ab35801c1f633a7441fd87c2e484bf"
-  integrity sha512-XCuKFP5PS55gnMVu3dty8KPatLqUoy/ZYzDzAGCQ8JNFCkLXzmI7vNHCR+XpbZaMWQK/vQubr7PkYq8g470J/A==
+"@tootallnate/once@1":
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-1.1.2.tgz#ccb91445360179a04e7fe6aff78c00ffc1eeaf82"
+  integrity sha512-RbzJvlNzmRq5c3O09UipeuXno4tA1FE6ikOjxZK0tuxVv3412l64l5t1W5pj4+rJq9vpkm/kwiR07aZXnsKPxw==
 
 "@types/cookie@^0.3.3":
   version "0.3.3"
@@ -610,11 +610,19 @@
     "@typescript-eslint/types" "6.2.1"
     eslint-visitor-keys "^3.4.1"
 
-abab@^2.0.6:
+abab@^2.0.3, abab@^2.0.5:
   version "2.0.6"
   resolved "https://registry.yarnpkg.com/abab/-/abab-2.0.6.tgz#41b80f2c871d19686216b82309231cfd3cb3d291"
   integrity sha512-j2afSsaIENvHZN2B8GOpF566vZ5WVk5opAiMTvWgaQT8DkbOqsTfvNAvHoRGU2zzP8cPoqys+xHTRDWW8L+/BA==
 
+acorn-globals@^6.0.0:
+  version "6.0.0"
+  resolved "https://registry.yarnpkg.com/acorn-globals/-/acorn-globals-6.0.0.tgz#46cdd39f0f8ff08a876619b55f5ac8a6dc770b45"
+  integrity sha512-ZQl7LOWaF5ePqqcX4hLuv/bLXYQNfNWw2c0/yX/TsPRKamzHcTGQnlCjHT3TsmkOUVEPS3crCxiPfdzE/Trlhg==
+  dependencies:
+    acorn "^7.1.1"
+    acorn-walk "^7.1.1"
+
 acorn-jsx@^5.3.2:
   version "5.3.2"
   resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-5.3.2.tgz#7ed5bb55908b3b2f1bc55c6af1653bada7f07937"
@@ -629,16 +637,21 @@ acorn-node@^1.3.0:
     acorn-walk "^7.0.0"
     xtend "^4.0.2"
 
-acorn-walk@^7.0.0:
+acorn-walk@^7.0.0, acorn-walk@^7.1.1:
   version "7.2.0"
   resolved "https://registry.yarnpkg.com/acorn-walk/-/acorn-walk-7.2.0.tgz#0de889a601203909b0fbe07b8938dc21d2e967bc"
   integrity sha512-OPdCF6GsMIP+Az+aWfAAOEt2/+iVDKE7oy6lJ098aoe59oAmK76qV6Gw60SbZ8jHuG2wH058GF4pLFbYamYrVA==
 
-acorn@^7.0.0:
+acorn@^7.0.0, acorn@^7.1.1:
   version "7.4.1"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-7.4.1.tgz#feaed255973d2e77555b83dbc08851a6c63520fa"
   integrity sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==
 
+acorn@^8.2.4:
+  version "8.11.3"
+  resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.11.3.tgz#71e0b14e13a4ec160724b38fb7b0f233b1b81d7a"
+  integrity sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg==
+
 acorn@^8.9.0:
   version "8.10.0"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.10.0.tgz#8be5b3907a67221a81ab23c7889c4c5526b62ec5"
@@ -894,6 +907,11 @@ brotli@^1.2.0:
   dependencies:
     base64-js "^1.1.2"
 
+browser-process-hrtime@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz#3c9b4b7d782c8121e56f10106d84c0d0ffc94626"
+  integrity sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==
+
 browser-resolve@^1.8.1:
   version "1.11.3"
   resolved "https://registry.yarnpkg.com/browser-resolve/-/browser-resolve-1.11.3.tgz#9b7cbb3d0f510e4cb86bdbd796124d28b5890af6"
@@ -1115,12 +1133,22 @@ crypto-js@^4.0.0:
   resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.1.1.tgz#9e485bcf03521041bd85844786b83fb7619736cf"
   integrity sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==
 
-cssstyle@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/cssstyle/-/cssstyle-3.0.0.tgz#17ca9c87d26eac764bb8cfd00583cff21ce0277a"
-  integrity sha512-N4u2ABATi3Qplzf0hWbVCdjenim8F3ojEXpBDF5hBpjzW182MjNGLqfmQ0SkSPeQ+V86ZXgeH8aXj6kayd4jgg==
+cssom@^0.4.4:
+  version "0.4.4"
+  resolved "https://registry.yarnpkg.com/cssom/-/cssom-0.4.4.tgz#5a66cf93d2d0b661d80bf6a44fb65f5c2e4e0a10"
+  integrity sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw==
+
+cssom@~0.3.6:
+  version "0.3.8"
+  resolved "https://registry.yarnpkg.com/cssom/-/cssom-0.3.8.tgz#9f1276f5b2b463f2114d3f2c75250af8c1a36f4a"
+  integrity sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==
+
+cssstyle@^2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/cssstyle/-/cssstyle-2.3.0.tgz#ff665a0ddbdc31864b09647f34163443d90b0852"
+  integrity sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A==
   dependencies:
-    rrweb-cssom "^0.6.0"
+    cssom "~0.3.6"
 
 csstype@^3.0.2:
   version "3.1.2"
@@ -1140,14 +1168,14 @@ dash-ast@^2.0.1:
   resolved "https://registry.yarnpkg.com/dash-ast/-/dash-ast-2.0.1.tgz#8d0fd2e601c59bf874cc22877ee7dd889f54dee8"
   integrity sha512-5TXltWJGc+RdnabUGzhRae1TRq6m4gr+3K2wQX0is5/F2yS6MJXJvLyI3ErAnsAXuJoGqvfVD5icRgim07DrxQ==
 
-data-urls@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/data-urls/-/data-urls-4.0.0.tgz#333a454eca6f9a5b7b0f1013ff89074c3f522dd4"
-  integrity sha512-/mMTei/JXPqvFqQtfyTowxmJVwr2PVAeCcDxyFf6LhoOu/09TX2OX3kb2wzi4DMXcfj4OItwDOnhl5oziPnT6g==
+data-urls@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/data-urls/-/data-urls-2.0.0.tgz#156485a72963a970f5d5821aaf642bef2bf2db9b"
+  integrity sha512-X5eWTSXO/BJmpdIKCRuKUgSCgAN0OwliVK3yPKbwIWU1Tdw5BRajxlzMidvh+gwko9AfQ9zIj52pzF91Q3YAvQ==
   dependencies:
-    abab "^2.0.6"
-    whatwg-mimetype "^3.0.0"
-    whatwg-url "^12.0.0"
+    abab "^2.0.3"
+    whatwg-mimetype "^2.3.0"
+    whatwg-url "^8.0.0"
 
 debug@4, debug@^4.1.1, debug@^4.3.2, debug@^4.3.4:
   version "4.3.4"
@@ -1163,7 +1191,7 @@ debug@^3.2.6, debug@^3.2.7:
   dependencies:
     ms "^2.1.1"
 
-decimal.js@^10.4.3:
+decimal.js@^10.2.1:
   version "10.4.3"
   resolved "https://registry.yarnpkg.com/decimal.js/-/decimal.js-10.4.3.tgz#1044092884d245d1b7f65725fa4ad4c6f781cc23"
   integrity sha512-VBBaLc1MgL5XpzgIP7ny5Z6Nx3UrRkIViUkPUdtl9aya5amy3De1gsUUSB1g3+3sExYNjCAsAznmukyxCb1GRA==
@@ -1269,12 +1297,12 @@ doctrine@^3.0.0:
   dependencies:
     esutils "^2.0.2"
 
-domexception@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/domexception/-/domexception-4.0.0.tgz#4ad1be56ccadc86fc76d033353999a8037d03673"
-  integrity sha512-A2is4PLG+eeSfoTMA95/s4pvAoSo2mKtiM5jlHkAVewmiO8ISFTFKZjH7UAM1Atli/OT/7JHOrJRJiMKUZKYBw==
+domexception@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/domexception/-/domexception-2.0.1.tgz#fb44aefba793e1574b0af6aed2801d057529f304"
+  integrity sha512-yxJ2mFy/sibVQlu5qHjOkf9J3K6zgmCxgJ94u2EdvDOV09H+32LtRswEcUsmUWN72pVLOEnTSRaIVVzVQgS0dg==
   dependencies:
-    webidl-conversions "^7.0.0"
+    webidl-conversions "^5.0.0"
 
 dompurify@^3.1.3:
   version "3.1.4"
@@ -1308,11 +1336,6 @@ enhanced-resolve@^5.12.0:
     graceful-fs "^4.2.4"
     tapable "^2.2.0"
 
-entities@^4.4.0:
-  version "4.5.0"
-  resolved "https://registry.yarnpkg.com/entities/-/entities-4.5.0.tgz#5d268ea5e7113ec74c4d033b79ea5a35a488fb48"
-  integrity sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==
-
 es-abstract@^1.19.0, es-abstract@^1.20.4, es-abstract@^1.21.2:
   version "1.22.1"
   resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.22.1.tgz#8b4e5fc5cefd7f1660f0f8e1a52900dfbc9d9ccc"
@@ -1450,6 +1473,17 @@ escodegen@^1.11.1:
   optionalDependencies:
     source-map "~0.6.1"
 
+escodegen@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-2.1.0.tgz#ba93bbb7a43986d29d6041f99f5262da773e2e17"
+  integrity sha512-2NlIDTwUWJN0mRPQOdtQBzbUHvdGY2P1VXSyU83Q3xKxM7WHX2Ql8dKq782Q9TgQUNOLEzEYu9bzLNj1q88I5w==
+  dependencies:
+    esprima "^4.0.1"
+    estraverse "^5.2.0"
+    esutils "^2.0.2"
+  optionalDependencies:
+    source-map "~0.6.1"
+
 escodegen@~1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.2.0.tgz#09de7967791cc958b7f89a2ddb6d23451af327e1"
@@ -1846,6 +1880,15 @@ form-data-encoder@^1.4.3:
   resolved "https://registry.yarnpkg.com/form-data-encoder/-/form-data-encoder-1.9.0.tgz#fd18d316b1ec830d2a8be8ad86c1cf0317320b34"
   integrity sha512-rahaRMkN8P8d/tgK/BLPX+WBVM27NbvdXBxqQujBtkDAIFspaRqN7Od7lfdGQA6KAD+f82fYCLBq1ipvcu8qLw==
 
+form-data@^3.0.0:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/form-data/-/form-data-3.0.1.tgz#ebd53791b78356a99af9a300d4282c4d5eb9755f"
+  integrity sha512-RHkBKtLWUVwd7SqRIvCZMEvAMoGUp0XU+seQiZejj0COz3RI3hWP4sCv3gZWWLjJTd7rGwcsF5eKZGii0r/hbg==
+  dependencies:
+    asynckit "^0.4.0"
+    combined-stream "^1.0.8"
+    mime-types "^2.1.12"
+
 form-data@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/form-data/-/form-data-4.0.0.tgz#93919daeaf361ee529584b9b31664dc12c9fa452"
@@ -2066,23 +2109,23 @@ hoist-non-react-statics@^3.0.0, hoist-non-react-statics@^3.3.0:
   dependencies:
     react-is "^16.7.0"
 
-html-encoding-sniffer@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/html-encoding-sniffer/-/html-encoding-sniffer-3.0.0.tgz#2cb1a8cf0db52414776e5b2a7a04d5dd98158de9"
-  integrity sha512-oWv4T4yJ52iKrufjnyZPkrN0CH3QnrUqdB6In1g5Fe1mia8GmF36gnfNySxoZtxD5+NmYw1EElVXiBk93UeskA==
+html-encoding-sniffer@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/html-encoding-sniffer/-/html-encoding-sniffer-2.0.1.tgz#42a6dc4fd33f00281176e8b23759ca4e4fa185f3"
+  integrity sha512-D5JbOMBIR/TVZkubHT+OyT2705QvogUW4IBn6nHd756OwieSF9aDYFj4dv6HHEVGYbHaLETa3WggZYWWMyy3ZQ==
   dependencies:
-    whatwg-encoding "^2.0.0"
+    whatwg-encoding "^1.0.5"
 
-http-proxy-agent@^5.0.0:
-  version "5.0.0"
-  resolved "https://registry.yarnpkg.com/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz#5129800203520d434f142bc78ff3c170800f2b43"
-  integrity sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w==
+http-proxy-agent@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/http-proxy-agent/-/http-proxy-agent-4.0.1.tgz#8a8c8ef7f5932ccf953c296ca8291b95aa74aa3a"
+  integrity sha512-k0zdNgqWTGA6aeIRVpvfVob4fL52dTfaehylg0Y4UvSySvOq/Y+BOyPrgpUrA7HylqvU8vIZGsRuXmspskV0Tg==
   dependencies:
-    "@tootallnate/once" "2"
+    "@tootallnate/once" "1"
     agent-base "6"
     debug "4"
 
-https-proxy-agent@^5.0.1:
+https-proxy-agent@^5.0.0:
   version "5.0.1"
   resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz#c59ef224a04fe8b754f3db0063a25ea30d0005d6"
   integrity sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==
@@ -2100,7 +2143,14 @@ human-signals@^4.3.0:
   resolved "https://registry.yarnpkg.com/human-signals/-/human-signals-4.3.1.tgz#ab7f811e851fca97ffbd2c1fe9a958964de321b2"
   integrity sha512-nZXjEF2nbo7lIw3mgYjItAfgQXog3OjJogSbKa2CQIIvSGWcKgeJnQlNXip6NglNzYH45nSRiEVimMvYL8DDqQ==
 
-iconv-lite@0.6.3, iconv-lite@^0.6.3:
+iconv-lite@0.4.24:
+  version "0.4.24"
+  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"
+  integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==
+  dependencies:
+    safer-buffer ">= 2.1.2 < 3"
+
+iconv-lite@^0.6.3:
   version "0.6.3"
   resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501"
   integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==
@@ -2378,34 +2428,38 @@ js2xmlparser@^5.0.0:
   dependencies:
     xmlcreate "^2.0.4"
 
-jsdom@22.1.0:
-  version "22.1.0"
-  resolved "https://registry.yarnpkg.com/jsdom/-/jsdom-22.1.0.tgz#0fca6d1a37fbeb7f4aac93d1090d782c56b611c8"
-  integrity sha512-/9AVW7xNbsBv6GfWho4TTNjEo9fe6Zhf9O7s0Fhhr3u+awPwAJMKwAMXnkk5vBxflqLW9hTHX/0cs+P3gW+cQw==
-  dependencies:
-    abab "^2.0.6"
-    cssstyle "^3.0.0"
-    data-urls "^4.0.0"
-    decimal.js "^10.4.3"
-    domexception "^4.0.0"
-    form-data "^4.0.0"
-    html-encoding-sniffer "^3.0.0"
-    http-proxy-agent "^5.0.0"
-    https-proxy-agent "^5.0.1"
+jsdom@16.7.0:
+  version "16.7.0"
+  resolved "https://registry.yarnpkg.com/jsdom/-/jsdom-16.7.0.tgz#918ae71965424b197c819f8183a754e18977b710"
+  integrity sha512-u9Smc2G1USStM+s/x1ru5Sxrl6mPYCbByG1U/hUmqaVsm4tbNyS7CicOSRyuGQYZhTu0h84qkZZQ/I+dzizSVw==
+  dependencies:
+    abab "^2.0.5"
+    acorn "^8.2.4"
+    acorn-globals "^6.0.0"
+    cssom "^0.4.4"
+    cssstyle "^2.3.0"
+    data-urls "^2.0.0"
+    decimal.js "^10.2.1"
+    domexception "^2.0.1"
+    escodegen "^2.0.0"
+    form-data "^3.0.0"
+    html-encoding-sniffer "^2.0.1"
+    http-proxy-agent "^4.0.1"
+    https-proxy-agent "^5.0.0"
     is-potential-custom-element-name "^1.0.1"
-    nwsapi "^2.2.4"
-    parse5 "^7.1.2"
-    rrweb-cssom "^0.6.0"
-    saxes "^6.0.0"
+    nwsapi "^2.2.0"
+    parse5 "6.0.1"
+    saxes "^5.0.1"
     symbol-tree "^3.2.4"
-    tough-cookie "^4.1.2"
-    w3c-xmlserializer "^4.0.0"
-    webidl-conversions "^7.0.0"
-    whatwg-encoding "^2.0.0"
-    whatwg-mimetype "^3.0.0"
-    whatwg-url "^12.0.1"
-    ws "^8.13.0"
-    xml-name-validator "^4.0.0"
+    tough-cookie "^4.0.0"
+    w3c-hr-time "^1.0.2"
+    w3c-xmlserializer "^2.0.0"
+    webidl-conversions "^6.1.0"
+    whatwg-encoding "^1.0.5"
+    whatwg-mimetype "^2.3.0"
+    whatwg-url "^8.5.0"
+    ws "^7.4.6"
+    xml-name-validator "^3.0.0"
 
 json-schema-traverse@^0.4.1:
   version "0.4.1"
@@ -2506,7 +2560,7 @@ lodash.merge@^4.6.2:
   resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a"
   integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==
 
-lodash@^4.15.0, lodash@^4.17.21:
+lodash@^4.15.0, lodash@^4.17.21, lodash@^4.7.0:
   version "4.17.21"
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
   integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
@@ -2737,7 +2791,7 @@ npm-run-path@^5.1.0:
   dependencies:
     path-key "^4.0.0"
 
-nwsapi@^2.2.4:
+nwsapi@^2.2.0:
   version "2.2.10"
   resolved "https://registry.yarnpkg.com/nwsapi/-/nwsapi-2.2.10.tgz#0b77a68e21a0b483db70b11fad055906e867cda8"
   integrity sha512-QK0sRs7MKv0tKe1+5uZIQk/C8XGza4DAnztJG8iD+TpJIORARrCxczA738awHrZoHeTjSSoHqao2teO0dC/gFQ==
@@ -2908,12 +2962,10 @@ parent-module@^1.0.0:
   dependencies:
     callsites "^3.0.0"
 
-parse5@^7.1.2:
-  version "7.1.2"
-  resolved "https://registry.yarnpkg.com/parse5/-/parse5-7.1.2.tgz#0736bebbfd77793823240a23b7fc5e010b7f8e32"
-  integrity sha512-Czj1WaSVpaoj0wbhMzLmWD69anp2WH7FXMB9n1Sy8/ZFF9jolSQVMu1Ij5WIyGmcBmhk7EOndpO4mIpihVqAXw==
-  dependencies:
-    entities "^4.4.0"
+parse5@6.0.1:
+  version "6.0.1"
+  resolved "https://registry.yarnpkg.com/parse5/-/parse5-6.0.1.tgz#e1a1c085c569b3dc08321184f19a39cc27f7c30b"
+  integrity sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==
 
 path-exists@^4.0.0:
   version "4.0.0"
@@ -3062,7 +3114,7 @@ punycode@^2.1.0:
   resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.0.tgz#f67fa67c94da8f4d0cfff981aee4118064199b8f"
   integrity sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==
 
-punycode@^2.1.1, punycode@^2.3.0:
+punycode@^2.1.1:
   version "2.3.1"
   resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.1.tgz#027422e2faec0b25e1549c3e1bd8309b9133b6e5"
   integrity sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==
@@ -3253,11 +3305,6 @@ rimraf@^3.0.2:
   dependencies:
     glob "^7.1.3"
 
-rrweb-cssom@^0.6.0:
-  version "0.6.0"
-  resolved "https://registry.yarnpkg.com/rrweb-cssom/-/rrweb-cssom-0.6.0.tgz#ed298055b97cbddcdeb278f904857629dec5e0e1"
-  integrity sha512-APM0Gt1KoXBz0iIkkdB/kfvGOwC4UuJFeG/c+yV7wSc7q96cG/kJ0HiYCnzivD9SB53cLV1MlHFNfOuPaadYSw==
-
 run-applescript@^5.0.0:
   version "5.0.0"
   resolved "https://registry.yarnpkg.com/run-applescript/-/run-applescript-5.0.0.tgz#e11e1c932e055d5c6b40d98374e0268d9b11899c"
@@ -3306,7 +3353,7 @@ safe-stable-stringify@^2.3.1:
   resolved "https://registry.yarnpkg.com/safe-stable-stringify/-/safe-stable-stringify-2.4.3.tgz#138c84b6f6edb3db5f8ef3ef7115b8f55ccbf886"
   integrity sha512-e2bDA2WJT0wxseVd4lsDP4+3ONX6HpMXQa1ZhFQ7SU+GjvORCmShbCMltrtIDfkYhVHrOcPtj+KhmDBdPdZD1g==
 
-"safer-buffer@>= 2.1.2 < 3.0.0":
+"safer-buffer@>= 2.1.2 < 3", "safer-buffer@>= 2.1.2 < 3.0.0":
   version "2.1.2"
   resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
   integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
@@ -3316,10 +3363,10 @@ sax@^1.2.4:
   resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
   integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==
 
-saxes@^6.0.0:
-  version "6.0.0"
-  resolved "https://registry.yarnpkg.com/saxes/-/saxes-6.0.0.tgz#fe5b4a4768df4f14a201b1ba6a65c1f3d9988cc5"
-  integrity sha512-xAg7SOnEhrm5zI3puOOKyy1OMcMlIJZYNJY7xLBwSze0UjhPLnWfj2GF2EpT0jmzaJKIWKHLsaSSajf35bcYnA==
+saxes@^5.0.1:
+  version "5.0.1"
+  resolved "https://registry.yarnpkg.com/saxes/-/saxes-5.0.1.tgz#eebab953fa3b7608dbe94e5dadb15c888fa6696d"
+  integrity sha512-5LBh1Tls8c9xgGjw3QrMwETmTMVk0oFgvrFSvWx62llR2hcEInrKNZ2GZCCuuy2lvWrdl5jhbpeqc5hRYKFOcw==
   dependencies:
     xmlchars "^2.2.0"
 
@@ -3694,7 +3741,7 @@ to-regex-range@^5.0.1:
   dependencies:
     is-number "^7.0.0"
 
-tough-cookie@^4.1.2:
+tough-cookie@^4.0.0:
   version "4.1.4"
   resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-4.1.4.tgz#945f1461b45b5a8c76821c33ea49c3ac192c1b36"
   integrity sha512-Loo5UUvLD9ScZ6jh8beX1T6sO1w2/MpCRpEP7V280GKMVUQ0Jzar2U3UJPsrdbziLEMMhu3Ujnq//rhiFuIeag==
@@ -3704,12 +3751,12 @@ tough-cookie@^4.1.2:
     universalify "^0.2.0"
     url-parse "^1.5.3"
 
-tr46@^4.1.1:
-  version "4.1.1"
-  resolved "https://registry.yarnpkg.com/tr46/-/tr46-4.1.1.tgz#281a758dcc82aeb4fe38c7dfe4d11a395aac8469"
-  integrity sha512-2lv/66T7e5yNyhAAC4NaKe5nVavzuGJQVVtRYLyQ2OI8tsJ61PMLlelehb0wi2Hx6+hT/OJUWZcw8MjlSRnxvw==
+tr46@^2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/tr46/-/tr46-2.1.0.tgz#fa87aa81ca5d5941da8cbf1f9b749dc969a4e240"
+  integrity sha512-15Ih7phfcdP5YxqiB+iDtLoaTz4Nd35+IiAv0kQ5FNKHzXgdWqPoTIqEDDJmXceQt4JZk6lVPT8lnDlPpGDppw==
   dependencies:
-    punycode "^2.3.0"
+    punycode "^2.1.1"
 
 tr46@~0.0.3:
   version "0.0.3"
@@ -3942,12 +3989,19 @@ util-deprecate@^1.0.1, util-deprecate@~1.0.1:
   resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
   integrity sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==
 
-w3c-xmlserializer@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/w3c-xmlserializer/-/w3c-xmlserializer-4.0.0.tgz#aebdc84920d806222936e3cdce408e32488a3073"
-  integrity sha512-d+BFHzbiCx6zGfz0HyQ6Rg69w9k19nviJspaj4yNscGjrHu94sVP+aRm75yEbCh+r2/yR+7q6hux9LVtbuTGBw==
+w3c-hr-time@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz#0a89cdf5cc15822df9c360543676963e0cc308cd"
+  integrity sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==
   dependencies:
-    xml-name-validator "^4.0.0"
+    browser-process-hrtime "^1.0.0"
+
+w3c-xmlserializer@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/w3c-xmlserializer/-/w3c-xmlserializer-2.0.0.tgz#3e7104a05b75146cc60f564380b7f683acf1020a"
+  integrity sha512-4tzD0mF8iSiMiNs30BiLO3EpfGLZUT2MSX/G+o7ZywDzliWQ3OPtTZ0PTC3B3ca1UAf4cJMHB+2Bf56EriJuRA==
+  dependencies:
+    xml-name-validator "^3.0.0"
 
 web-streams-polyfill@4.0.0-beta.3:
   version "4.0.0-beta.3"
@@ -3964,30 +4018,27 @@ webidl-conversions@^3.0.0:
   resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-3.0.1.tgz#24534275e2a7bc6be7bc86611cc16ae0a5654871"
   integrity sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==
 
-webidl-conversions@^7.0.0:
-  version "7.0.0"
-  resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-7.0.0.tgz#256b4e1882be7debbf01d05f0aa2039778ea080a"
-  integrity sha512-VwddBukDzu71offAQR975unBIGqfKZpM+8ZX6ySk8nYhVoo5CYaZyzt3YBvYtRtO+aoGlqxPg/B87NGVZ/fu6g==
-
-whatwg-encoding@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/whatwg-encoding/-/whatwg-encoding-2.0.0.tgz#e7635f597fd87020858626805a2729fa7698ac53"
-  integrity sha512-p41ogyeMUrw3jWclHWTQg1k05DSVXPLcVxRTYsXUk+ZooOCZLcoYgPZ/HL/D/N+uQPOtcp1me1WhBEaX02mhWg==
-  dependencies:
-    iconv-lite "0.6.3"
+webidl-conversions@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-5.0.0.tgz#ae59c8a00b121543a2acc65c0434f57b0fc11aff"
+  integrity sha512-VlZwKPCkYKxQgeSbH5EyngOmRp7Ww7I9rQLERETtf5ofd9pGeswWiOtogpEO850jziPRarreGxn5QIiTqpb2wA==
 
-whatwg-mimetype@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-3.0.0.tgz#5fa1a7623867ff1af6ca3dc72ad6b8a4208beba7"
-  integrity sha512-nt+N2dzIutVRxARx1nghPKGv1xHikU7HKdfafKkLNLindmPU/ch3U31NOCGGA/dmPcmb1VlofO0vnKAcsm0o/Q==
+webidl-conversions@^6.1.0:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-6.1.0.tgz#9111b4d7ea80acd40f5270d666621afa78b69514"
+  integrity sha512-qBIvFLGiBpLjfwmYAaHPXsn+ho5xZnGvyGvsarywGNc8VyQJUMHJ8OBKGGrPER0okBeMDaan4mNBlgBROxuI8w==
 
-whatwg-url@^12.0.0, whatwg-url@^12.0.1:
-  version "12.0.1"
-  resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-12.0.1.tgz#fd7bcc71192e7c3a2a97b9a8d6b094853ed8773c"
-  integrity sha512-Ed/LrqB8EPlGxjS+TrsXcpUond1mhccS3pchLhzSgPCnTimUCKj3IZE75pAs5m6heB2U2TMerKFUXheyHY+VDQ==
+whatwg-encoding@^1.0.5:
+  version "1.0.5"
+  resolved "https://registry.yarnpkg.com/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz#5abacf777c32166a51d085d6b4f3e7d27113ddb0"
+  integrity sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==
   dependencies:
-    tr46 "^4.1.1"
-    webidl-conversions "^7.0.0"
+    iconv-lite "0.4.24"
+
+whatwg-mimetype@^2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz#3d4b1e0312d2079879f826aff18dbeeca5960fbf"
+  integrity sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==
 
 whatwg-url@^5.0.0:
   version "5.0.0"
@@ -3997,6 +4048,15 @@ whatwg-url@^5.0.0:
     tr46 "~0.0.3"
     webidl-conversions "^3.0.0"
 
+whatwg-url@^8.0.0, whatwg-url@^8.5.0:
+  version "8.7.0"
+  resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-8.7.0.tgz#656a78e510ff8f3937bc0bcbe9f5c0ac35941b77"
+  integrity sha512-gAojqb/m9Q8a5IV96E3fHJM70AzCkgt4uXYX2O7EmuyOnLrViCQlsEBmF9UQIu3/aeAIp2U17rtbpZWNntQqdg==
+  dependencies:
+    lodash "^4.7.0"
+    tr46 "^2.1.0"
+    webidl-conversions "^6.1.0"
+
 which-boxed-primitive@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/which-boxed-primitive/-/which-boxed-primitive-1.0.2.tgz#13757bc89b209b049fe5d86430e21cf40a89a8e6"
@@ -4062,15 +4122,15 @@ wrappy@1:
   resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
   integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==
 
-ws@^8.13.0:
-  version "8.17.0"
-  resolved "https://registry.yarnpkg.com/ws/-/ws-8.17.0.tgz#d145d18eca2ed25aaf791a183903f7be5e295fea"
-  integrity sha512-uJq6108EgZMAl20KagGkzCKfMEjxmKvZHG7Tlq0Z6nOky7YF7aq4mOx6xK8TJ/i1LeK4Qus7INktacctDgY8Ow==
+ws@^7.4.6:
+  version "7.5.9"
+  resolved "https://registry.yarnpkg.com/ws/-/ws-7.5.9.tgz#54fa7db29f4c7cec68b1ddd3a89de099942bb591"
+  integrity sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q==
 
-xml-name-validator@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/xml-name-validator/-/xml-name-validator-4.0.0.tgz#79a006e2e63149a8600f15430f0a4725d1524835"
-  integrity sha512-ICP2e+jsHvAj2E2lIHxa5tjXRlKDJo4IdvPvCXbXQGdzSfmSpNVyIKMvoZHjDY9DP0zV17iI85o90vRFXNccRw==
+xml-name-validator@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/xml-name-validator/-/xml-name-validator-3.0.0.tgz#6ae73e06de4d8c6e47f9fb181f78d648ad457c6a"
+  integrity sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==
 
 xmlchars@^2.2.0:
   version "2.2.0"