Merge branch 'main' into CVE-2022-25881

opensearch-project · Feb 9, 2023 · a33a7cc · a33a7cc
2 parents 8769809 + c42f9dc
commit a33a7cc
Show file tree

Hide file tree

Showing 6 changed files with 22 additions and 20 deletions.
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -459,7 +459,7 @@ module.exports = {
      * Files that run BEFORE node version check
      */
     {
-      files: ['scripts/**/*.js', 'src/setup_node_env/**/*.js'],
+      files: ['scripts/**/*.js', 'src/setup_node_env/**/!(*.test).js'],
       rules: {
         'import/no-commonjs': 'off',
         'prefer-object-spread/prefer-object-spread': 'off',

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -17,6 +17,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 - [CVE-2022-35256] Bumps node version from 14.20.0 to 14.20.1 [#3166](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3166))
 - [CVE-2022-46175] Bumps json5 version from 1.0.1 and 2.2.1 to 1.0.2 and 2.2.3 ([#3201](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3201))
 - [CVE-2022-25860] Bumps simple-git from 3.15.1 to 3.16.0 ([#3345](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3345))
+- [Security] Bumps hapi/statehood to 7.0.4 ([#3411](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3411))
 
 ### 📈 Features/Enhancements
 
@@ -142,6 +143,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 - [Tests] Bumps `chromedriver` to v107 ([#3017](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3017))
 - [Vis Builder] Adds field unit tests ([#3211](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3211))
 - [BWC Tests] Add BWC tests for 2.6.0 ([#3356](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3356))
+- Prevent primitive linting limitations from being applied to unit tests found under `src/setup_node_env` ([#3403](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3403))
 
 ## [2.x]
 

diff --git a/src/setup_node_env/node_version_validator.test.js b/src/setup_node_env/node_version_validator.test.js
@@ -28,10 +28,10 @@
  * under the License.
  */
 
-var exec = require('child_process').exec;
-var pkg = require('../../package.json');
+const exec = require('child_process').exec;
+const pkg = require('../../package.json');
 
-var REQUIRED_NODE_JS_VERSION = 'v' + pkg.engines.node;
+const REQUIRED_NODE_JS_VERSION = 'v' + pkg.engines.node;
 
 describe('NodeVersionValidator', function () {
   it('should run the script WITHOUT error when the version is the same', function (done) {
@@ -43,7 +43,7 @@ describe('NodeVersionValidator', function () {
   });
 
   it('should run the script WITH error if the patch version is lower', function (done) {
-    var lowerPatchversion = requiredNodeVersionWithDiff(0, 0, -1);
+    const lowerPatchversion = requiredNodeVersionWithDiff(0, 0, -1);
     testValidateNodeVersion(
       done,
       lowerPatchversion,
@@ -56,7 +56,7 @@ describe('NodeVersionValidator', function () {
   });
 
   it('should run the script WITH error if the major version is lower', function (done) {
-    var lowerMajorVersion = requiredNodeVersionWithDiff(-1, 0, 0);
+    const lowerMajorVersion = requiredNodeVersionWithDiff(-1, 0, 0);
     testValidateNodeVersion(
       done,
       lowerMajorVersion,
@@ -69,7 +69,7 @@ describe('NodeVersionValidator', function () {
   });
 
   it('should run the script WITH error if the minor version is lower', function (done) {
-    var lowerMinorVersion = requiredNodeVersionWithDiff(0, -1, 0);
+    const lowerMinorVersion = requiredNodeVersionWithDiff(0, -1, 0);
     testValidateNodeVersion(
       done,
       lowerMinorVersion,
@@ -79,24 +79,24 @@ describe('NodeVersionValidator', function () {
 });
 
 function requiredNodeVersionWithDiff(majorDiff, minorDiff, patchDiff) {
-  var matches = REQUIRED_NODE_JS_VERSION.match(/^v(\d+)\.(\d+)\.(\d+)/);
-  var major = Math.max(parseInt(matches[1], 10) + majorDiff, 0);
-  var minor = Math.max(parseInt(matches[2], 10) + minorDiff, 0);
-  var patch = Math.max(parseInt(matches[3], 10) + patchDiff, 0);
+  const matches = REQUIRED_NODE_JS_VERSION.match(/^v(\d+)\.(\d+)\.(\d+)/);
+  const major = Math.max(parseInt(matches[1], 10) + majorDiff, 0);
+  const minor = Math.max(parseInt(matches[2], 10) + minorDiff, 0);
+  const patch = Math.max(parseInt(matches[3], 10) + patchDiff, 0);
 
   return `v${major}.${minor}.${patch}`;
 }
 
 function testValidateNodeVersion(done, versionToTest, expectError = false) {
-  var processVersionOverwrite = `Object.defineProperty(process, 'version', { value: '${versionToTest}', writable: true });`;
-  var command = `node -e "${processVersionOverwrite}require('./node_version_validator.js')"`;
+  const processVersionOverwrite = `Object.defineProperty(process, 'version', { value: '${versionToTest}', writable: true });`;
+  const command = `node -e "${processVersionOverwrite}require('./node_version_validator.js')"`;
 
   exec(command, { cwd: __dirname }, function (error, _stdout, stderr) {
     expect(stderr).toBeDefined();
     if (expectError) {
       expect(error.code).toBe(1);
 
-      var speficicErrorMessage =
+      const speficicErrorMessage =
         `OpenSearch Dashboards was built with ${REQUIRED_NODE_JS_VERSION} and does not support the current Node.js version ${versionToTest}. ` +
         `Please use Node.js ${REQUIRED_NODE_JS_VERSION} or a higher patch version.\n`;
 

diff --git a/src/setup_node_env/root/force.test.js b/src/setup_node_env/root/force.test.js
@@ -28,7 +28,7 @@
  * under the License.
  */
 
-var forceRoot = require('./force');
+const forceRoot = require('./force');
 
 describe('forceRoot', function () {
   it('with flag', function () {
@@ -40,7 +40,7 @@ describe('forceRoot', function () {
   });
 
   test('remove argument', function () {
-    var args = ['--allow-root', 'foo'];
+    const args = ['--allow-root', 'foo'];
     forceRoot(args);
     expect(args.includes('--allow-root')).toBeFalsy();
   });

diff --git a/src/setup_node_env/root/is_root.test.js b/src/setup_node_env/root/is_root.test.js
@@ -28,7 +28,7 @@
  * under the License.
  */
 
-var isRoot = require('./is_root');
+const isRoot = require('./is_root');
 
 describe('isRoot', function () {
   test('0 is root', function () {

diff --git a/yarn.lock b/yarn.lock
@@ -1645,9 +1645,9 @@
     "@hapi/hoek" "9.x.x"
 
 "@hapi/statehood@^7.0.3":
-  version "7.0.3"
-  resolved "https://registry.yarnpkg.com/@hapi/statehood/-/statehood-7.0.3.tgz#655166f3768344ed3c3b50375a303cdeca8040d9"
-  integrity sha512-pYB+pyCHkf2Amh67QAXz7e/DN9jcMplIL7Z6N8h0K+ZTy0b404JKPEYkbWHSnDtxLjJB/OtgElxocr2fMH4G7w==
+  version "7.0.4"
+  resolved "https://registry.yarnpkg.com/@hapi/statehood/-/statehood-7.0.4.tgz#6acb9d0817b5c657089356f7d9fd60af0bce4f41"
+  integrity sha512-Fia6atroOVmc5+2bNOxF6Zv9vpbNAjEXNcUbWXavDqhnJDlchwUUwKS5LCi5mGtCTxRhUKKHwuxuBZJkmLZ7fw==
   dependencies:
     "@hapi/boom" "9.x.x"
     "@hapi/bounce" "2.x.x"