fix latest sec vulnerabilities; run audit during ci (#250)

Co-authored-by: Ben Polinsky <ben-polinsky@users.noreply.github.com>
iTwin · Jun 18, 2024 · f1465b0 · f1465b0
1 parent 198b006
commit f1465b0
Show file tree

Hide file tree

Showing 14 changed files with 1,088 additions and 1,855 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -40,6 +40,9 @@ jobs:
       - name: Install packages
         run: pnpm install
 
+      - name: Audit packages
+        run: pnpm audit --audit-level=high
+
       - name: Beachball check
         run: pnpm check
 

diff --git a/.gitignore b/.gitignore
@@ -27,4 +27,4 @@ pnpm-debug.log
 *.build.log
 *.build.error.log
 
-.env
+*.env
diff --git a/change/@itwin-browser-authorization-c6c84dcf-1365-4f79-9889-33c61eae0474.json b/change/@itwin-browser-authorization-c6c84dcf-1365-4f79-9889-33c61eae0474.json
@@ -0,0 +1,7 @@
+{
+  "type": "patch",
+  "comment": "fix latest sec vulnerabilities; run audit during ci",
+  "packageName": "@itwin/browser-authorization",
+  "email": "ben-polinsky@users.noreply.github.com",
+  "dependentChangeType": "patch"
+}
diff --git a/change/@itwin-electron-authorization-535bafd2-1b1c-4ed0-a677-1e6c77a22ffd.json b/change/@itwin-electron-authorization-535bafd2-1b1c-4ed0-a677-1e6c77a22ffd.json
@@ -0,0 +1,7 @@
+{
+  "type": "patch",
+  "comment": "fix latest sec vulnerabilities; run audit during ci",
+  "packageName": "@itwin/electron-authorization",
+  "email": "ben-polinsky@users.noreply.github.com",
+  "dependentChangeType": "patch"
+}
diff --git a/change/@itwin-node-cli-authorization-c4b29c8e-9cb4-4e2b-a0b8-96a7abd60c6a.json b/change/@itwin-node-cli-authorization-c4b29c8e-9cb4-4e2b-a0b8-96a7abd60c6a.json
@@ -0,0 +1,7 @@
+{
+  "type": "patch",
+  "comment": "fix latest sec vulnerabilities; run audit during ci",
+  "packageName": "@itwin/node-cli-authorization",
+  "email": "ben-polinsky@users.noreply.github.com",
+  "dependentChangeType": "patch"
+}
diff --git a/change/@itwin-oidc-signin-tool-d449530c-6a11-4b75-b27f-cef9252a893b.json b/change/@itwin-oidc-signin-tool-d449530c-6a11-4b75-b27f-cef9252a893b.json
@@ -0,0 +1,7 @@
+{
+  "type": "patch",
+  "comment": "fix latest sec vulnerabilities; run audit during ci",
+  "packageName": "@itwin/oidc-signin-tool",
+  "email": "ben-polinsky@users.noreply.github.com",
+  "dependentChangeType": "patch"
+}
diff --git a/change/@itwin-service-authorization-3a4d69d9-484b-45a4-96db-983229236678.json b/change/@itwin-service-authorization-3a4d69d9-484b-45a4-96db-983229236678.json
@@ -0,0 +1,7 @@
+{
+  "type": "patch",
+  "comment": "fix latest sec vulnerabilities; run audit during ci",
+  "packageName": "@itwin/service-authorization",
+  "email": "ben-polinsky@users.noreply.github.com",
+  "dependentChangeType": "patch"
+}
diff --git a/package.json b/package.json
@@ -9,7 +9,7 @@
     "docs": "lage docs",
     "lint": "lage lint",
     "test": "lage test",
-    "test:integration": "lage test:integration",
+    "test:integration": "lage test:integration --reset-cache",
     "cover": "lage cover",
     "change": "beachball change",
     "check": "beachball check",
@@ -33,7 +33,8 @@
     "url": "https://github.com/iTwin/auth-clients"
   },
   "devDependencies": {
-    "beachball": "^2.36.0",
-    "lage": "^2.7.14"
+    "beachball": "^2.43.1",
+    "lage": "^2.7.18",
+    "process": "^0.11.10"
   }
 }
diff --git a/packages/browser/package.json b/packages/browser/package.json
@@ -44,11 +44,11 @@
     "@types/node": "^18.11.5",
     "@types/sinon": "^10.0.13",
     "buffer": "~6.0.3",
-    "chai": "^4.2.22",
+    "chai": "^4.2.2",
     "dotenv": "~16.0.3",
     "eslint": "^8.56.0",
-    "mocha": "^8.2.3",
-    "nyc": "^15.1.0",
+    "mocha": "^10.2.0",
+    "nyc": "^17.0.0",
     "parcel": "~2.12.0",
     "process": "~0.11.10",
     "rimraf": "^3.0.2",

diff --git a/packages/electron/package.json b/packages/electron/package.json
@@ -56,15 +56,15 @@
     "@types/mocha": "^8.2.3",
     "@types/node": "~18.18.0",
     "@types/sinon": "^10.0.13",
-    "chai": "^4.2.22",
+    "chai": "^4.2.2",
     "chai-as-promised": "^7.1.1",
     "cpx2": "^5.0.0",
     "dotenv": "~16.0.3",
     "electron": "^30.0.0",
     "eslint": "^8.56.0",
-    "mocha": "^8.2.3",
-    "nyc": "^15.1.0",
-    "parcel": "~2.9.3",
+    "mocha": "^10.2.0",
+    "nyc": "^17.0.0",
+    "parcel": "~2.12.0",
     "path-browserify": "~1.0.1",
     "process": "~0.11.10",
     "rimraf": "^3.0.2",

diff --git a/packages/node-cli/package.json b/packages/node-cli/package.json
@@ -45,11 +45,11 @@
     "@types/node": "^18.11.5",
     "@types/sinon": "^10.0.16",
     "chai-as-promised": "^7.1.1",
-    "chai": "^4.2.22",
+    "chai": "^4.2.2",
     "cpx2": "^5.0.0",
     "eslint": "^8.56.0",
-    "mocha": "^8.2.3",
-    "nyc": "^15.1.0",
+    "mocha": "^10.2.0",
+    "nyc": "^17.0.0",
     "rimraf": "^3.0.2",
     "sinon": "^15.2.0",
     "source-map-support": "^0.5.9",

diff --git a/packages/oidc-signin-tool/package.json b/packages/oidc-signin-tool/package.json
@@ -37,9 +37,10 @@
     "@itwin/core-common": "^3.3.0 || ^4.0.0",
     "@itwin/service-authorization": "workspace:^",
     "@playwright/test": "~1.41.0",
+    "crypto-browserify": "^3.12.0",
     "dotenv": "^10.0.0",
     "dotenv-expand": "^5.1.0",
-    "oidc-client-ts": "^2.2.4"
+    "oidc-client-ts": "^2.4.0"
   },
   "devDependencies": {
     "@itwin/build-tools": "^4.6.0-dev.27",
@@ -51,11 +52,11 @@
     "@types/mocha": "^8.2.3",
     "@types/node": "^18.11.5",
     "@types/sinon": "^10.0.13",
-    "chai": "^4.2.22",
+    "chai": "^4.2.2",
     "chai-as-promised": "^7.1.1",
     "eslint": "^8.56.0",
-    "mocha": "^8.2.3",
-    "nyc": "^15.1.0",
+    "mocha": "^10.2.0",
+    "nyc": "^17.0.0",
     "rimraf": "^3.0.2",
     "sinon": "15.0.4",
     "typescript": "~5.3.3"

diff --git a/packages/service/package.json b/packages/service/package.json
@@ -42,10 +42,10 @@
     "@types/mocha": "^8.2.3",
     "@types/sinon": "^10.0.13",
     "eslint": "^8.56.0",
-    "chai": "^4.2.22",
+    "chai": "^4.2.2",
     "chai-as-promised": "^7.1.1",
-    "mocha": "^8.2.3",
-    "nyc": "^15.1.0",
+    "mocha": "^10.2.0",
+    "nyc": "^17.0.0",
     "rimraf": "^3.0.2",
     "sinon": "^15.0.1",
     "source-map-support": "^0.5.9",
-Original file line number
+Diff line change
@@ Expand Up / @@ -27,4 +27,4 @@ pnpm-debug.log @@
     *.build.log
     *.build.error.log
-    .env
+    *.env