Skip to content

Commit

Permalink
Resolve vulnerabilities (#401)
Browse files Browse the repository at this point in the history 
* Resolve vulnerabilities

* fix updated mkdirp usage

mkdirp major bump caused breaking changes, which broke some commands

* fix shelljs types

Co-authored-by: DaniilShmelev <[email protected]>
  • Loading branch information
@DaniilShmelev
Ivan Golubev and DaniilShmelev authored Feb 18, 2022
1 parent d49fb32 commit 30ffb29
Show file tree
Hide file tree
Showing 6 changed files with 80 additions and 63 deletions.
10 changes: 1 addition & 9 deletions app/exec/extension/_lib/loc.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,15 +69,7 @@ export namespace LocPrep {
}
})
.then(determinedPath => {
return new Promise((resolve, reject) => {
mkdirp(path.dirname(determinedPath), (err, made) => {
if (err) {
reject(err);
} else {
resolve(made);
}
});
}).then(() => {
return mkdirp(path.dirname(determinedPath)).then(() => {
return promisify(writeFile)(determinedPath, JSON.stringify(resources, null, 4), "utf8");
});
});
Expand Down
14 changes: 3 additions & 11 deletions app/exec/extension/_lib/vsix-writer.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@ export class VsixWriter {
throw new Error("--output-path must be a directory when using --metadata-only.");
}
if (!pathExists) {
await promisify(mkdirp)(outputPath, undefined);
await mkdirp(outputPath);
}

for (const builder of this.manifestBuilders) {
Expand All @@ -138,7 +138,7 @@ export class VsixWriter {
const content = fileObj.content || (await promisify(readFile)(fileObj.path, "utf-8"));
const writePath = path.join(this.settings.outputPath, fileObj.partName);
const folder = path.dirname(writePath);
await promisify(mkdirp)(folder, undefined);
await mkdirp(folder);
await promisify(writeFile)(writePath, content, "utf-8");
}
}
Expand Down Expand Up @@ -245,15 +245,7 @@ export class VsixWriter {
return Promise.all(builderPromises).then(() => {
trace.debug("Writing vsix to: %s", outputPath);

return new Promise((resolve, reject) => {
mkdirp(path.dirname(outputPath), (err, made) => {
if (err) {
reject(err);
} else {
resolve(made);
}
});
}).then(async () => {
return mkdirp(path.dirname(outputPath)).then(async () => {
let buffer = await vsix.generateAsync({
type: "nodebuffer",
compression: "DEFLATE",
Expand Down
10 changes: 1 addition & 9 deletions app/exec/extension/init.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -465,15 +465,7 @@ export class ExtensionInit extends extBase.ExtensionBase<InitResult> {

private async createFolderIfNotExists(folderPath: string) {
try {
await new Promise((resolve, reject) => {
mkdirp(folderPath, err => {
if (err) {
reject(err);
} else {
resolve();
}
});
});
await mkdirp(folderPath);
} catch {
// folder already exists, perhaps. Or maybe we can't write to it.
}
Expand Down
1 change: 0 additions & 1 deletion app/lib/jsonvalidate.ts
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { defer } from "./promiseUtils";

var fs = require("fs");
var shell = require("shelljs");
var check = require("validator");
var trace = require("./trace");

Expand Down
96 changes: 69 additions & 27 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 6 additions & 6 deletions package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "tfx-cli",
"version": "0.10.0",
"version": "0.11.0",
"description": "CLI for Azure DevOps Services and Team Foundation Server",
"repository": {
"type": "git",
Expand Down Expand Up @@ -30,17 +30,17 @@
"jszip": "^3.7.1",
"lodash": "^4.17.21",
"minimist": "^1.2.5",
"mkdirp": "^0.5.1",
"mkdirp": "^1.0.4",
"onecolor": "^2.5.0",
"os-homedir": "^1.0.1",
"prompt": "^1.2.0",
"read": "^1.0.6",
"shelljs": "^0.5.1",
"shelljs": "^0.8.5",
"tmp": "0.0.26",
"tracer": "0.7.4",
"util.promisify": "^1.0.0",
"uuid": "^3.0.1",
"validator": "^3.43.0",
"validator": "^13.7.0",
"winreg": "0.0.12",
"xml2js": "^0.4.16"
},
Expand All @@ -50,9 +50,9 @@
"@types/jju": "^1.4.1",
"@types/jszip": "~3.1.2",
"@types/lodash": "~4.14.110",
"@types/mkdirp": "^0.3.28",
"@types/mkdirp": "^1.0.2",
"@types/node": "~8.5.1",
"@types/shelljs": "^0.3.30",
"@types/shelljs": "^0.8.11",
"@types/uuid": "^2.0.29",
"@types/validator": "^4.5.27",
"@types/winreg": "^1.2.29",
Expand Down

0 comments on commit 30ffb29

Please sign in to comment.