From 9b8f9f8afdae3981a9cc076520173a51c8bf4e9c Mon Sep 17 00:00:00 2001 From: Francois Ferrand Date: Wed, 29 Jun 2022 11:49:46 +0200 Subject: [PATCH 1/2] Bump aws-sdk to 2.1005+ Use same spec as other packages (utapi, vault...), and allow automatic version bump (dependabot). Issue: ARSN-234 --- package.json | 2 +- yarn.lock | 84 +++++++++++++++++++++++++--------------------------- 2 files changed, 42 insertions(+), 44 deletions(-) diff --git a/package.json b/package.json index ab12bb969..4b6f8f6ba 100644 --- a/package.json +++ b/package.json @@ -23,7 +23,7 @@ "agentkeepalive": "^4.1.3", "ajv": "6.12.2", "async": "~2.1.5", - "aws-sdk": "2.80.0", + "aws-sdk": "^2.1005.0", "azure-storage": "~2.10.7", "backo": "^1.1.0", "base-x": "3.0.8", diff --git a/yarn.lock b/yarn.lock index 72aacbf31..1113c9407 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1704,20 +1704,20 @@ asynckit@^0.4.0: resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" integrity sha1-x57Zf380y48robyXkLzDZkdLS3k= -aws-sdk@2.80.0: - version "2.80.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.80.0.tgz#61ced747eb981609483aec53e8d654d3cc9d1435" - integrity sha1-Yc7XR+uYFglIOuxT6NZU08ydFDU= - dependencies: - buffer "4.9.1" - crypto-browserify "1.0.9" - jmespath "0.15.0" +aws-sdk@^2.1005.0: + version "2.1165.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1165.0.tgz#4da669d1e9020344cef75d961882f52a7931a379" + integrity sha512-2oVkSuXsLeErt+H4M2OGIz4p1LPS+QRfY2WnW4QKMndASOcvHKZTfzuY8jmc9ZnDGyguiGdT3idYU8KpNg0sGw== + dependencies: + buffer "4.9.2" + events "1.1.1" + ieee754 "1.1.13" + jmespath "0.16.0" querystring "0.2.0" sax "1.2.1" url "0.10.3" - uuid "3.0.1" - xml2js "0.4.17" - xmlbuilder "4.2.1" + uuid "8.0.0" + xml2js "0.4.19" aws-sign2@~0.7.0: version "0.7.0" @@ -2033,10 +2033,10 @@ buffer-from@^1.0.0: resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.2.tgz#2b146a6fd72e80b4f55d255f35ed59a3a9a41bd5" integrity sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ== -buffer@4.9.1: - version "4.9.1" - resolved "https://registry.yarnpkg.com/buffer/-/buffer-4.9.1.tgz#6d1bb601b07a4efced97094132093027c95bc298" - integrity sha1-bRu2AbB6TvztlwlBMgkwJ8lbwpg= +buffer@4.9.2: + version "4.9.2" + resolved "https://registry.yarnpkg.com/buffer/-/buffer-4.9.2.tgz#230ead344002988644841ab0244af8c44bbe3ef8" + integrity sha512-xq+q3SRMOxGivLhBNaUdC64hDTQwejJ+H0T/NB1XMtTVEwNTrfFF3gAxiyW0Bu/xWEGhjVKgUcMhCrUy2+uCWg== dependencies: base64-js "^1.0.2" ieee754 "^1.1.4" @@ -2344,11 +2344,6 @@ cross-spawn@^7.0.1, cross-spawn@^7.0.2, cross-spawn@^7.0.3: shebang-command "^2.0.0" which "^2.0.1" -crypto-browserify@1.0.9: - version "1.0.9" - resolved "https://registry.yarnpkg.com/crypto-browserify/-/crypto-browserify-1.0.9.tgz#cc5449685dfb85eb11c9828acc7cb87ab5bbfcc0" - integrity sha1-zFRJaF37hesRyYKKzHy4erW7/MA= - cssom@^0.4.4: version "0.4.4" resolved "https://registry.yarnpkg.com/cssom/-/cssom-0.4.4.tgz#5a66cf93d2d0b661d80bf6a44fb65f5c2e4e0a10" @@ -2928,6 +2923,11 @@ esutils@^2.0.2: resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64" integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g== +events@1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/events/-/events-1.1.1.tgz#9ebdb7635ad099c70dcc4c2a1f5004288e8bd924" + integrity sha512-kEcvvCBByWXGnZy6JUlgAp2gBIUjfCAV6P6TgT1/aaQKcmuAEC4OZTV1I4EWQLz2gxZw76atuVyvHhTxvi0Flw== + execa@^5.0.0: version "5.1.1" resolved "https://registry.yarnpkg.com/execa/-/execa-5.1.1.tgz#f80ad9cbf4298f7bd1d4c9555c21e93741c411dd" @@ -3460,6 +3460,11 @@ iconv-lite@^0.6.2: dependencies: safer-buffer ">= 2.1.2 < 3.0.0" +ieee754@1.1.13: + version "1.1.13" + resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.1.13.tgz#ec168558e95aa181fd87d37f55c32bbcb6708b84" + integrity sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg== + ieee754@^1.1.13, ieee754@^1.1.4: version "1.2.1" resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352" @@ -4240,10 +4245,10 @@ jest@^27.5.1: import-local "^3.0.2" jest-cli "^27.5.1" -jmespath@0.15.0: - version "0.15.0" - resolved "https://registry.yarnpkg.com/jmespath/-/jmespath-0.15.0.tgz#a3f222a9aae9f966f5d27c796510e28091764217" - integrity sha1-o/Iiqarp+Wb10nx5ZRDigJF2Qhc= +jmespath@0.16.0: + version "0.16.0" + resolved "https://registry.yarnpkg.com/jmespath/-/jmespath-0.16.0.tgz#b15b0a85dfd4d930d43e69ed605943c802785076" + integrity sha512-9FzQjJ7MATs1tSpnco1K6ayiYE3figslrXA72G2HQ/n76RzvYlofyi5QM+iX4YRs/pu3yzxlVQSST23+dMDknw== joi@^17.6.0: version "17.6.0" @@ -4624,7 +4629,7 @@ lodash.union@^4.6.0: resolved "https://registry.yarnpkg.com/lodash.union/-/lodash.union-4.6.0.tgz#48bb5088409f16f1821666641c44dd1aaae3cd88" integrity sha1-SLtQiECfFvGCFmZkHETdGqrjzYg= -lodash@^4.0.0, lodash@^4.14.0, lodash@^4.17.15, lodash@^4.7.0: +lodash@^4.14.0, lodash@^4.17.15, lodash@^4.7.0: version "4.17.21" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== @@ -6545,10 +6550,10 @@ util-deprecate@^1.0.1, util-deprecate@~1.0.1: resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8= -uuid@3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1" - integrity sha1-ZUS7ot/ajBzxfmKaOjBeK7H+5sE= +uuid@8.0.0: + version "8.0.0" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.0.0.tgz#bc6ccf91b5ff0ac07bbcdbf1c7c4e150db4dbb6c" + integrity sha512-jOXGuXZAWdsTH7eZLtyXMqUb9EcWMGZNbL9YcGBJl4MH4nrxHmZJhEHvyLFrkxo+28uLb/NYRcStH48fnD0Vzw== uuid@^3.0.0, uuid@^3.0.1, uuid@^3.3.2, uuid@^3.3.3: version "3.4.0" @@ -6754,13 +6759,13 @@ xml-name-validator@^3.0.0: resolved "https://registry.yarnpkg.com/xml-name-validator/-/xml-name-validator-3.0.0.tgz#6ae73e06de4d8c6e47f9fb181f78d648ad457c6a" integrity sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw== -xml2js@0.4.17: - version "0.4.17" - resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.17.tgz#17be93eaae3f3b779359c795b419705a8817e868" - integrity sha1-F76T6q4/O3eTWceVtBlwWogX6Gg= +xml2js@0.4.19: + version "0.4.19" + resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.19.tgz#686c20f213209e94abf0d1bcf1efaa291c7827a7" + integrity sha512-esZnJZJOiJR9wWKMyuvSE1y6Dq5LCuJanqhxslH2bxM6duahNZ+HMpCLhBQGZkbX6xRf8x1Y2eJlgt2q3qo49Q== dependencies: sax ">=0.6.0" - xmlbuilder "^4.1.0" + xmlbuilder "~9.0.1" xml2js@~0.2.8: version "0.2.8" @@ -6777,17 +6782,10 @@ xml2js@~0.4.23: sax ">=0.6.0" xmlbuilder "~11.0.0" -xmlbuilder@4.2.1, xmlbuilder@^4.1.0: - version "4.2.1" - resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-4.2.1.tgz#aa58a3041a066f90eaa16c2f5389ff19f3f461a5" - integrity sha1-qlijBBoGb5DqoWwvU4n/GfP0YaU= - dependencies: - lodash "^4.0.0" - -xmlbuilder@^9.0.7: +xmlbuilder@^9.0.7, xmlbuilder@~9.0.1: version "9.0.7" resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-9.0.7.tgz#132ee63d2ec5565c557e20f4c22df9aca686b10d" - integrity sha1-Ey7mPS7FVlxVfiD0wi35rKaGsQ0= + integrity sha512-7YXTQc3P2l9+0rjaUbLwMKRhtmwg1M1eDf6nag7urC7pIPYLD9W/jmzQ4ptRSUbodw5S0jfoGTflLemQibSpeQ== xmlbuilder@~11.0.0: version "11.0.1" From a206b5f95e29e3de1a05f6ca4dab08c7bb911036 Mon Sep 17 00:00:00 2001 From: Francois Ferrand Date: Fri, 1 Jul 2022 18:18:05 +0200 Subject: [PATCH 2/2] Remove check with empty bucket name This test is not relevant, since a bucket cannot have an empty name; and there is now a check in AWS SDK which rejects the request directly. Issue: ARSN-234 --- .../storage/data/external/GcpService.spec.js | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/tests/unit/storage/data/external/GcpService.spec.js b/tests/unit/storage/data/external/GcpService.spec.js index af3b712c3..875edeab1 100644 --- a/tests/unit/storage/data/external/GcpService.spec.js +++ b/tests/unit/storage/data/external/GcpService.spec.js @@ -26,21 +26,20 @@ function handler(isPathStyle) { }; } -const invalidBucketNames = [ +const invalidDnsBucketNames = [ '..', '.bucketname', 'bucketname.', 'bucketName.', 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa', '256.256.256.256', - '', ]; -function badBucketNameHandler(req, res) { +function invalidDnsBucketNameHandler(req, res) { assert(req.headers.host, host); const bucketFromUrl = req.url.split('/')[1]; assert.strictEqual(typeof bucketFromUrl, 'string'); - assert(invalidBucketNames.includes(bucketFromUrl)); + assert(invalidDnsBucketNames.includes(bucketFromUrl)); res.end(); } @@ -101,7 +100,7 @@ describe('GcpService request behavior', () => { secretAccessKey, }); httpServer = - http.createServer(badBucketNameHandler).listen(httpPort); + http.createServer(invalidDnsBucketNameHandler).listen(httpPort); httpServer.on('listening', done); httpServer.on('error', err => { process.stdout.write(`https server: ${err.stack}\n`); @@ -114,10 +113,15 @@ describe('GcpService request behavior', () => { }); - invalidBucketNames.forEach(bucket => { + invalidDnsBucketNames.forEach(bucket => { + // This test verifies that populateURI() properly sticks to path-based bucket name, + // when the bucket is not DNS-compatible it(`should not use dns-style if bucket isn't dns compatible: ${bucket}`, done => { client.headBucket({ Bucket: bucket }, err => { + // We expect no error here: the invalidDnsBucketNameHandler() function + // will verify that the `host` has indeed not be updated and that + // bucket name is provided through the `path`. assert.ifError(err); done(); });