From 85858708405039a920300201858f966e796a6e5c Mon Sep 17 00:00:00 2001 From: cbruno10 Date: Tue, 4 Feb 2025 01:34:59 -0500 Subject: [PATCH 1/4] Update header image in README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 767b0431..ddf8639b 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ - + [![mods](https://img.shields.io/badge/mods-52-blue)](https://hub.powerpipe.io)   [![slack](https://img.shields.io/badge/slack-2695-blue)](https://turbot.com/community/join)   From b823e13489305da37ec816dfa1de4beb3b6b1b37 Mon Sep 17 00:00:00 2001 From: Puskar Basu Date: Thu, 20 Feb 2025 18:15:28 +0530 Subject: [PATCH 2/4] Update golangci config and always use golangci latest --- .github/workflows/10-test-lint.yaml | 2 +- .golangci.yml | 32 +++++++++++++++++++++++++++-- internal/dashboardserver/output.go | 7 ++++--- 3 files changed, 35 insertions(+), 6 deletions(-) diff --git a/.github/workflows/10-test-lint.yaml b/.github/workflows/10-test-lint.yaml index 9975aa9b..fd67ed49 100644 --- a/.github/workflows/10-test-lint.yaml +++ b/.github/workflows/10-test-lint.yaml @@ -35,7 +35,7 @@ jobs: - name: golangci-lint uses: golangci/golangci-lint-action@v6 with: - version: v1.61.0 + version: latest args: --timeout=10m working-directory: powerpipe skip-cache: true diff --git a/.golangci.yml b/.golangci.yml index 5c9b05b1..b6748a19 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -13,8 +13,8 @@ linters: - asasalint - asciicheck - bidichk + - depguard - durationcheck - - exportloopref - forbidigo - gocritic - gocheckcompilerdirectives @@ -31,6 +31,13 @@ linters-settings: require-explanation: true require-specific: true + forbidigo: + forbid: + - "^(fmt\\.Print(|f|ln)|print|println)$" + - "^(fmt\\.Fprint(|f|ln)|print|println)$" + - '^zap\.Error$' + - '^grpc\.(Header|Trailer)$' # easy to misuse and create a data race + gocritic: disabled-checks: - ifElseChain # style @@ -38,7 +45,28 @@ linters-settings: - assignOp # style - commentFormatting # style + depguard: + rules: + # Name of a rule. + main: + # List of file globs that will match this list of settings to compare against. + # Default: $all + # files: + # - "!**/*_a _file.go" + # List of allowed packages. + # allow: + # - $gostd + # - github.com/OpenPeeDeeP + # Packages that are not allowed where the value is a suggestion. + deny: + - pkg: "go.uber.org/zap" + desc: do not use Uber zap directly, use the fplog package instead + - pkg: "github.com/pkg/errors" + desc: Should be replaced by standard lib errors package + run: timeout: 5m - skip-dirs: + +issues: + exclude-dirs: - "tests/acceptance" diff --git a/internal/dashboardserver/output.go b/internal/dashboardserver/output.go index 610c24ed..a7af45c2 100644 --- a/internal/dashboardserver/output.go +++ b/internal/dashboardserver/output.go @@ -3,10 +3,11 @@ package dashboardserver import ( "context" "fmt" - "github.com/fatih/color" - "github.com/mattn/go-isatty" "log/slog" "os" + + "github.com/fatih/color" + "github.com/mattn/go-isatty" ) const ( @@ -18,7 +19,7 @@ const ( ) func output(_ context.Context, prefix string, msg interface{}) { - _, _ = fmt.Fprintf(os.Stdout, "%s %v\n", prefix, msg) + _, _ = fmt.Fprintf(os.Stdout, "%s %v\n", prefix, msg) //nolint:forbidigo // printing to stdout } func OutputMessage(ctx context.Context, msg string) { From 449c4c4c9f2a3327b327d0ef551d36911aaa881b Mon Sep 17 00:00:00 2001 From: Puskar Basu <45908484+pskrbasu@users.noreply.github.com> Date: Thu, 20 Feb 2025 18:37:51 +0530 Subject: [PATCH 3/4] Upgrade elliptic, esbuild to remediate critical and moderate vulnerabilities (#728) --- ui/dashboard/package.json | 5 +- ui/dashboard/yarn.lock | 231 +++++++++++++++++++------------------- 2 files changed, 120 insertions(+), 116 deletions(-) diff --git a/ui/dashboard/package.json b/ui/dashboard/package.json index 21cd1c36..afd09cb8 100644 --- a/ui/dashboard/package.json +++ b/ui/dashboard/package.json @@ -132,7 +132,10 @@ "nth-check": "2.0.1", "semver": "7.5.2", "path-to-regexp": "0.1.12", - "nanoid": "3.3.8" + "nanoid": "3.3.8", + "elliptic": "6.6.1", + "esbuild": "0.25.0", + "serialize-javascript": "6.0.2" }, "engines": { "node": ">=20", diff --git a/ui/dashboard/yarn.lock b/ui/dashboard/yarn.lock index 24c0e43a..e06fd9ff 100644 --- a/ui/dashboard/yarn.lock +++ b/ui/dashboard/yarn.lock @@ -1930,170 +1930,177 @@ __metadata: languageName: node linkType: hard -"@esbuild/aix-ppc64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/aix-ppc64@npm:0.24.0" +"@esbuild/aix-ppc64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/aix-ppc64@npm:0.25.0" conditions: os=aix & cpu=ppc64 languageName: node linkType: hard -"@esbuild/android-arm64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/android-arm64@npm:0.24.0" +"@esbuild/android-arm64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/android-arm64@npm:0.25.0" conditions: os=android & cpu=arm64 languageName: node linkType: hard -"@esbuild/android-arm@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/android-arm@npm:0.24.0" +"@esbuild/android-arm@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/android-arm@npm:0.25.0" conditions: os=android & cpu=arm languageName: node linkType: hard -"@esbuild/android-x64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/android-x64@npm:0.24.0" +"@esbuild/android-x64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/android-x64@npm:0.25.0" conditions: os=android & cpu=x64 languageName: node linkType: hard -"@esbuild/darwin-arm64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/darwin-arm64@npm:0.24.0" +"@esbuild/darwin-arm64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/darwin-arm64@npm:0.25.0" conditions: os=darwin & cpu=arm64 languageName: node linkType: hard -"@esbuild/darwin-x64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/darwin-x64@npm:0.24.0" +"@esbuild/darwin-x64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/darwin-x64@npm:0.25.0" conditions: os=darwin & cpu=x64 languageName: node linkType: hard -"@esbuild/freebsd-arm64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/freebsd-arm64@npm:0.24.0" +"@esbuild/freebsd-arm64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/freebsd-arm64@npm:0.25.0" conditions: os=freebsd & cpu=arm64 languageName: node linkType: hard -"@esbuild/freebsd-x64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/freebsd-x64@npm:0.24.0" +"@esbuild/freebsd-x64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/freebsd-x64@npm:0.25.0" conditions: os=freebsd & cpu=x64 languageName: node linkType: hard -"@esbuild/linux-arm64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/linux-arm64@npm:0.24.0" +"@esbuild/linux-arm64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/linux-arm64@npm:0.25.0" conditions: os=linux & cpu=arm64 languageName: node linkType: hard -"@esbuild/linux-arm@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/linux-arm@npm:0.24.0" +"@esbuild/linux-arm@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/linux-arm@npm:0.25.0" conditions: os=linux & cpu=arm languageName: node linkType: hard -"@esbuild/linux-ia32@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/linux-ia32@npm:0.24.0" +"@esbuild/linux-ia32@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/linux-ia32@npm:0.25.0" conditions: os=linux & cpu=ia32 languageName: node linkType: hard -"@esbuild/linux-loong64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/linux-loong64@npm:0.24.0" +"@esbuild/linux-loong64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/linux-loong64@npm:0.25.0" conditions: os=linux & cpu=loong64 languageName: node linkType: hard -"@esbuild/linux-mips64el@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/linux-mips64el@npm:0.24.0" +"@esbuild/linux-mips64el@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/linux-mips64el@npm:0.25.0" conditions: os=linux & cpu=mips64el languageName: node linkType: hard -"@esbuild/linux-ppc64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/linux-ppc64@npm:0.24.0" +"@esbuild/linux-ppc64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/linux-ppc64@npm:0.25.0" conditions: os=linux & cpu=ppc64 languageName: node linkType: hard -"@esbuild/linux-riscv64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/linux-riscv64@npm:0.24.0" +"@esbuild/linux-riscv64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/linux-riscv64@npm:0.25.0" conditions: os=linux & cpu=riscv64 languageName: node linkType: hard -"@esbuild/linux-s390x@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/linux-s390x@npm:0.24.0" +"@esbuild/linux-s390x@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/linux-s390x@npm:0.25.0" conditions: os=linux & cpu=s390x languageName: node linkType: hard -"@esbuild/linux-x64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/linux-x64@npm:0.24.0" +"@esbuild/linux-x64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/linux-x64@npm:0.25.0" conditions: os=linux & cpu=x64 languageName: node linkType: hard -"@esbuild/netbsd-x64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/netbsd-x64@npm:0.24.0" +"@esbuild/netbsd-arm64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/netbsd-arm64@npm:0.25.0" + conditions: os=netbsd & cpu=arm64 + languageName: node + linkType: hard + +"@esbuild/netbsd-x64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/netbsd-x64@npm:0.25.0" conditions: os=netbsd & cpu=x64 languageName: node linkType: hard -"@esbuild/openbsd-arm64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/openbsd-arm64@npm:0.24.0" +"@esbuild/openbsd-arm64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/openbsd-arm64@npm:0.25.0" conditions: os=openbsd & cpu=arm64 languageName: node linkType: hard -"@esbuild/openbsd-x64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/openbsd-x64@npm:0.24.0" +"@esbuild/openbsd-x64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/openbsd-x64@npm:0.25.0" conditions: os=openbsd & cpu=x64 languageName: node linkType: hard -"@esbuild/sunos-x64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/sunos-x64@npm:0.24.0" +"@esbuild/sunos-x64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/sunos-x64@npm:0.25.0" conditions: os=sunos & cpu=x64 languageName: node linkType: hard -"@esbuild/win32-arm64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/win32-arm64@npm:0.24.0" +"@esbuild/win32-arm64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/win32-arm64@npm:0.25.0" conditions: os=win32 & cpu=arm64 languageName: node linkType: hard -"@esbuild/win32-ia32@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/win32-ia32@npm:0.24.0" +"@esbuild/win32-ia32@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/win32-ia32@npm:0.25.0" conditions: os=win32 & cpu=ia32 languageName: node linkType: hard -"@esbuild/win32-x64@npm:0.24.0": - version: 0.24.0 - resolution: "@esbuild/win32-x64@npm:0.24.0" +"@esbuild/win32-x64@npm:0.25.0": + version: 0.25.0 + resolution: "@esbuild/win32-x64@npm:0.25.0" conditions: os=win32 & cpu=x64 languageName: node linkType: hard @@ -7719,9 +7726,9 @@ __metadata: languageName: node linkType: hard -"elliptic@npm:^6.5.3, elliptic@npm:^6.5.5": - version: 6.6.0 - resolution: "elliptic@npm:6.6.0" +"elliptic@npm:6.6.1": + version: 6.6.1 + resolution: "elliptic@npm:6.6.1" dependencies: bn.js: "npm:^4.11.9" brorand: "npm:^1.1.0" @@ -7730,7 +7737,7 @@ __metadata: inherits: "npm:^2.0.4" minimalistic-assert: "npm:^1.0.1" minimalistic-crypto-utils: "npm:^1.0.1" - checksum: 10c0/42eb3492e218017bf8923a5d14a86f414952f2f771361805b3ae9f380923b5da53e203d0d92be95cb0a248858a78db7db5934a346e268abb757e6fe561d401c9 + checksum: 10c0/8b24ef782eec8b472053793ea1e91ae6bee41afffdfcb78a81c0a53b191e715cbe1292aa07165958a9bbe675bd0955142560b1a007ffce7d6c765bcaf951a867 languageName: node linkType: hard @@ -8024,34 +8031,35 @@ __metadata: languageName: node linkType: hard -"esbuild@npm:^0.18.0 || ^0.19.0 || ^0.20.0 || ^0.21.0 || ^0.22.0 || ^0.23.0 || ^0.24.0": - version: 0.24.0 - resolution: "esbuild@npm:0.24.0" - dependencies: - "@esbuild/aix-ppc64": "npm:0.24.0" - "@esbuild/android-arm": "npm:0.24.0" - "@esbuild/android-arm64": "npm:0.24.0" - "@esbuild/android-x64": "npm:0.24.0" - "@esbuild/darwin-arm64": "npm:0.24.0" - "@esbuild/darwin-x64": "npm:0.24.0" - "@esbuild/freebsd-arm64": "npm:0.24.0" - "@esbuild/freebsd-x64": "npm:0.24.0" - "@esbuild/linux-arm": "npm:0.24.0" - "@esbuild/linux-arm64": "npm:0.24.0" - "@esbuild/linux-ia32": "npm:0.24.0" - "@esbuild/linux-loong64": "npm:0.24.0" - "@esbuild/linux-mips64el": "npm:0.24.0" - "@esbuild/linux-ppc64": "npm:0.24.0" - "@esbuild/linux-riscv64": "npm:0.24.0" - "@esbuild/linux-s390x": "npm:0.24.0" - "@esbuild/linux-x64": "npm:0.24.0" - "@esbuild/netbsd-x64": "npm:0.24.0" - "@esbuild/openbsd-arm64": "npm:0.24.0" - "@esbuild/openbsd-x64": "npm:0.24.0" - "@esbuild/sunos-x64": "npm:0.24.0" - "@esbuild/win32-arm64": "npm:0.24.0" - "@esbuild/win32-ia32": "npm:0.24.0" - "@esbuild/win32-x64": "npm:0.24.0" +"esbuild@npm:0.25.0": + version: 0.25.0 + resolution: "esbuild@npm:0.25.0" + dependencies: + "@esbuild/aix-ppc64": "npm:0.25.0" + "@esbuild/android-arm": "npm:0.25.0" + "@esbuild/android-arm64": "npm:0.25.0" + "@esbuild/android-x64": "npm:0.25.0" + "@esbuild/darwin-arm64": "npm:0.25.0" + "@esbuild/darwin-x64": "npm:0.25.0" + "@esbuild/freebsd-arm64": "npm:0.25.0" + "@esbuild/freebsd-x64": "npm:0.25.0" + "@esbuild/linux-arm": "npm:0.25.0" + "@esbuild/linux-arm64": "npm:0.25.0" + "@esbuild/linux-ia32": "npm:0.25.0" + "@esbuild/linux-loong64": "npm:0.25.0" + "@esbuild/linux-mips64el": "npm:0.25.0" + "@esbuild/linux-ppc64": "npm:0.25.0" + "@esbuild/linux-riscv64": "npm:0.25.0" + "@esbuild/linux-s390x": "npm:0.25.0" + "@esbuild/linux-x64": "npm:0.25.0" + "@esbuild/netbsd-arm64": "npm:0.25.0" + "@esbuild/netbsd-x64": "npm:0.25.0" + "@esbuild/openbsd-arm64": "npm:0.25.0" + "@esbuild/openbsd-x64": "npm:0.25.0" + "@esbuild/sunos-x64": "npm:0.25.0" + "@esbuild/win32-arm64": "npm:0.25.0" + "@esbuild/win32-ia32": "npm:0.25.0" + "@esbuild/win32-x64": "npm:0.25.0" dependenciesMeta: "@esbuild/aix-ppc64": optional: true @@ -8087,6 +8095,8 @@ __metadata: optional: true "@esbuild/linux-x64": optional: true + "@esbuild/netbsd-arm64": + optional: true "@esbuild/netbsd-x64": optional: true "@esbuild/openbsd-arm64": @@ -8103,7 +8113,7 @@ __metadata: optional: true bin: esbuild: bin/esbuild - checksum: 10c0/9f1aadd8d64f3bff422ae78387e66e51a5e09de6935a6f987b6e4e189ed00fdc2d1bc03d2e33633b094008529c8b6e06c7ad1a9782fb09fec223bf95998c0683 + checksum: 10c0/5767b72da46da3cfec51661647ec850ddbf8a8d0662771139f10ef0692a8831396a0004b2be7966cecdb08264fb16bdc16290dcecd92396fac5f12d722fa013d languageName: node linkType: hard @@ -16161,16 +16171,7 @@ __metadata: languageName: node linkType: hard -"serialize-javascript@npm:^4.0.0": - version: 4.0.0 - resolution: "serialize-javascript@npm:4.0.0" - dependencies: - randombytes: "npm:^2.1.0" - checksum: 10c0/510dfe7f0311c0b2f7ab06311afa1668ba2969ab2f1faaac0a4924ede76b7f22ba85cfdeaa0052ec5a047bca42c8cd8ac8df8f0efe52f9bd290b3a39ae69fe9d - languageName: node - linkType: hard - -"serialize-javascript@npm:^6.0.0, serialize-javascript@npm:^6.0.1": +"serialize-javascript@npm:6.0.2": version: 6.0.2 resolution: "serialize-javascript@npm:6.0.2" dependencies: From c8346ae42d3c876b973aa4a07eb652e8fb1a4aac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 2 Apr 2025 11:11:55 +0000 Subject: [PATCH 4/4] [dep][dash](deps): Bump @babel/runtime in /ui/dashboard Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.26.0 to 7.27.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-runtime) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-type: indirect ... Signed-off-by: dependabot[bot] --- ui/dashboard/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ui/dashboard/yarn.lock b/ui/dashboard/yarn.lock index 3d3d1349..eec29d0a 100644 --- a/ui/dashboard/yarn.lock +++ b/ui/dashboard/yarn.lock @@ -1539,11 +1539,11 @@ __metadata: linkType: hard "@babel/runtime@npm:^7.11.2, @babel/runtime@npm:^7.12.0, @babel/runtime@npm:^7.12.5, @babel/runtime@npm:^7.16.3, @babel/runtime@npm:^7.17.8, @babel/runtime@npm:^7.18.3, @babel/runtime@npm:^7.3.1, @babel/runtime@npm:^7.5.5, @babel/runtime@npm:^7.8.4, @babel/runtime@npm:^7.8.7": - version: 7.26.0 - resolution: "@babel/runtime@npm:7.26.0" + version: 7.27.0 + resolution: "@babel/runtime@npm:7.27.0" dependencies: regenerator-runtime: "npm:^0.14.0" - checksum: 10c0/12c01357e0345f89f4f7e8c0e81921f2a3e3e101f06e8eaa18a382b517376520cd2fa8c237726eb094dab25532855df28a7baaf1c26342b52782f6936b07c287 + checksum: 10c0/35091ea9de48bd7fd26fb177693d64f4d195eb58ab2b142b893b7f3fa0f1d7c677604d36499ae0621a3703f35ba0c6a8f6c572cc8f7dc0317213841e493cf663 languageName: node linkType: hard