fix: package upgrade (#2777)

Upgraded some packages to latest. This should resolve #2774. Fixes were
also applied after types upgrades that helped discover other errors.
This commit is contained in:
Wyatt Johnson
2020-01-06 16:14:56 +00:00
committed by GitHub
parent f900050ef4
commit 0dc3e8968a
15 changed files with 1398 additions and 657 deletions
+1322 -593
View File
File diff suppressed because it is too large Load Diff
+29 -29
View File
@@ -58,27 +58,27 @@
"license": "Apache-2.0",
"dependencies": {
"@coralproject/bunyan-prettystream": "^0.1.4",
"@fluent/bundle": "^0.14.0",
"@fluent/bundle": "^0.14.1",
"@fluent/dom": "^0.6.0",
"@metascraper/helpers": "^5.7.21",
"@types/prettier": "^1.19.0",
"abort-controller": "^3.0.0",
"akismet-api": "^4.2.0",
"apollo-server-express": "^2.8.1",
"akismet-api": "^5.0.0",
"apollo-server-express": "^2.9.15",
"archiver": "^3.0.3",
"basic-auth": "^2.0.1",
"bcryptjs": "^2.4.3",
"bull": "^3.8.1",
"bull": "^3.12.1",
"bunyan": "^1.8.12",
"cheerio": "^1.0.0-rc.2",
"consolidate": "0.14.0",
"content-security-policy-builder": "^2.0.0",
"convict": "^4.3.1",
"convict": "^5.2.0",
"cookie": "^0.4.0",
"cookie-parser": "^1.4.4",
"cors": "^2.8.4",
"cron": "^1.7.1",
"csv-stringify": "^5.3.0",
"cors": "^2.8.5",
"cron": "^1.7.2",
"csv-stringify": "^5.3.6",
"dataloader": "^1.4.0",
"dompurify": "^2.0.7",
"dotenv": "^6.0.0",
@@ -93,18 +93,18 @@
"graphql-extensions": "^0.2.1",
"graphql-fields": "^1.1.0",
"graphql-playground-html": "^1.6.0",
"graphql-redis-subscriptions": "^2.1.0",
"graphql-redis-subscriptions": "^2.1.2",
"graphql-subscriptions": "^1.1.0",
"graphql-tools": "^3.0.5",
"helmet": "^3.21.2",
"html-minifier": "^3.5.21",
"html-to-text": "^4.0.0",
"ioredis": "^4.9.0",
"joi": "^13.4.0",
"jsdom": "^15.0.0",
"jsonwebtoken": "^8.3.0",
"juice": "^5.2.0",
"jwks-rsa": "^1.3.0",
"html-minifier": "^4.0.0",
"html-to-text": "^5.1.1",
"ioredis": "^4.14.1",
"joi": "^14.3.1",
"jsdom": "^15.2.1",
"jsonwebtoken": "^8.5.1",
"juice": "^6.0.0",
"jwks-rsa": "^1.6.0",
"keymaster": "^1.6.2",
"linkifyjs": "^2.1.8",
"lodash": "^4.17.15",
@@ -118,12 +118,12 @@
"mongodb-core": "^3.2.7",
"ms": "^2.1.1",
"node-fetch": "^2.6.0",
"nodemailer": "^4.6.7",
"nodemailer": "^6.4.2",
"nunjucks": "^3.1.3",
"on-finished": "^2.3.0",
"passport": "^0.4.0",
"passport-facebook": "^2.1.1",
"passport-google-oauth2": "^0.1.6",
"passport": "^0.4.1",
"passport-facebook": "^3.0.0",
"passport-google-oauth2": "^0.2.0",
"passport-local": "^1.0.0",
"passport-oauth2": "^1.4.0",
"passport-strategy": "^1.0.0",
@@ -158,7 +158,7 @@
"@types/archiver": "^3.0.0",
"@types/basic-auth": "^1.1.2",
"@types/bcryptjs": "^2.4.1",
"@types/bull": "^3.5.12",
"@types/bull": "^3.10.6",
"@types/bunyan": "^1.8.4",
"@types/case-sensitive-paths-webpack-plugin": "^2.1.2",
"@types/cheerio": "^0.22.8",
@@ -170,10 +170,10 @@
"@types/convict": "^4.2.0",
"@types/cookie": "^0.3.3",
"@types/cookie-parser": "^1.4.1",
"@types/cors": "^2.8.4",
"@types/cors": "^2.8.6",
"@types/cron": "^1.7.1",
"@types/cross-spawn": "^6.0.0",
"@types/dompurify": "0.0.33",
"@types/dompurify": "^2.0.1",
"@types/dotenv": "^4.0.3",
"@types/enzyme": "^3.1.15",
"@types/enzyme-adapter-react-16": "^1.0.3",
@@ -187,12 +187,12 @@
"@types/html-minifier": "^3.5.2",
"@types/html-to-text": "^1.4.31",
"@types/html-webpack-plugin": "^3.2.0",
"@types/ioredis": "^4.0.10",
"@types/ioredis": "^4.14.3",
"@types/jest": "^24.0.23",
"@types/jest-axe": "^3.2.1",
"@types/joi": "^13.0.8",
"@types/joi": "^14.3.4",
"@types/jsdom": "^12.2.3",
"@types/jsonwebtoken": "^7.2.7",
"@types/jsonwebtoken": "^8.3.5",
"@types/linkifyjs": "^2.1.1",
"@types/lodash": "^4.14.118",
"@types/lru-cache": "^5.1.0",
@@ -203,11 +203,11 @@
"@types/ms": "^0.7.30",
"@types/node": "^10.5.2",
"@types/node-fetch": "^2.5.3",
"@types/nodemailer": "^4.6.2",
"@types/nodemailer": "^6.4.0",
"@types/nunjucks": "^3.1.1",
"@types/object-diff": "0.0.0",
"@types/on-finished": "^2.3.1",
"@types/passport": "^0.4.6",
"@types/passport": "^1.0.2",
"@types/passport-facebook": "^2.1.8",
"@types/passport-local": "^1.0.33",
"@types/passport-oauth2": "^1.4.5",
+5 -6
View File
@@ -1,9 +1,8 @@
import { FluentBundle } from "@fluent/bundle/compat";
import { ErrorRequestHandler } from "express";
import { CoralError, InternalError } from "coral-server/errors";
import { I18n } from "coral-server/services/i18n";
import { Request } from "coral-server/types/express";
import { ErrorRequestHandler, Request } from "coral-server/types/express";
/**
* wrapError ensures that the error being propagated is a CoralError.
@@ -45,10 +44,10 @@ export const JSONErrorHandler = (bundles?: I18n): ErrorRequestHandler => (
next
) => {
// Wrap the error if it needs to be wrapped.
err = wrapError(err);
const e = wrapError(err);
// Send the response via JSON.
res.status(err.status).json(serializeError(err, req, bundles));
res.status(e.status).json(serializeError(e, req, bundles));
};
export const HTMLErrorHandler = (bundles?: I18n): ErrorRequestHandler => (
@@ -58,8 +57,8 @@ export const HTMLErrorHandler = (bundles?: I18n): ErrorRequestHandler => (
next
) => {
// Wrap the error if it needs to be wrapped.
err = wrapError(err);
const e = wrapError(err);
// Send the response via HTML.
res.status(err.status).render("error", serializeError(err, req, bundles));
res.status(e.status).render("error", serializeError(e, req, bundles));
};
@@ -286,7 +286,9 @@ export const authenticate = (
}
// Attach the user to the request.
req.user = user;
if (user) {
req.user = user;
}
return next();
}
@@ -1,6 +1,11 @@
import Joi from "joi";
import jwt from "jsonwebtoken";
import jwks, { JwksClient } from "jwks-rsa";
import jwks, {
CertSigningKey,
JwksClient,
RsaSigningKey,
SigningKey,
} from "jwks-rsa";
import { isNil } from "lodash";
import { Db } from "mongodb";
import { Strategy as OAuth2Strategy, VerifyCallback } from "passport-oauth2";
@@ -9,7 +14,6 @@ import { Strategy } from "passport-strategy";
import { validate } from "coral-server/app/request/body";
import { reconstructURL } from "coral-server/app/url";
import { IntegrationDisabled, TokenInvalidError } from "coral-server/errors";
import { GQLUSER_ROLE } from "coral-server/graph/tenant/schema/__generated__/types";
import logger from "coral-server/logger";
import { OIDCAuthIntegration } from "coral-server/models/settings";
import { Tenant } from "coral-server/models/tenant";
@@ -25,6 +29,8 @@ import { findOrCreate } from "coral-server/services/users";
import { validateUsername } from "coral-server/services/users/helpers";
import { Request } from "coral-server/types/express";
import { GQLUSER_ROLE } from "coral-server/graph/tenant/schema/__generated__/types";
export interface Params {
id_token?: string;
}
@@ -82,6 +88,12 @@ export function isOIDCToken(token: OIDCIDToken | object): token is OIDCIDToken {
return isNil(error);
}
function isCertSigningKey(
key: SigningKey | RsaSigningKey
): key is CertSigningKey {
return Boolean((key as CertSigningKey).publicKey);
}
/**
* keyFunc will provide the secret based on the given jwkw client.
*
@@ -104,9 +116,11 @@ const signingKeyFactory = (client: jwks.JwksClient): jwt.KeyFunction => (
}
// Grab the signingKey out of the provided key.
const signingKey = key.publicKey || key.rsaPublicKey;
callback(null, signingKey);
if (isCertSigningKey(key)) {
return callback(null, key.publicKey);
} else {
return callback(null, key.rsaPublicKey);
}
});
};
+2 -2
View File
@@ -85,7 +85,7 @@ export function prefixSchemeIfRequired(secure: boolean, url: string) {
return url;
}
export function extractParentsURL(req: Request) {
export function extractParentsURL(req: Pick<Request, "headers" | "query">) {
// The only two places this could be is in the referer header or the parentUrl
// query parameter (injected by pym.js). If both of these are empty, then we
// can't find anything.
@@ -116,7 +116,7 @@ export function extractParentsURL(req: Request) {
*
* @param req the request where we want to extract the parent's hostname from.
*/
export function extractParentsOrigin(req: Request) {
export function extractParentsOrigin(req: Pick<Request, "headers" | "query">) {
const url = extractParentsURL(req);
if (!url) {
return null;
+2 -2
View File
@@ -70,7 +70,7 @@ export interface Comment extends TenantResource {
/**
* authorID stores the ID of the User that created this Comment.
*/
authorID: string;
authorID: string | null;
/**
* storyID stores the ID of the Story that this Comment was left on.
@@ -319,7 +319,7 @@ export async function editComment(
status: {
$in: EDITABLE_STATUSES,
},
deletedAt: null,
deletedAt: undefined,
createdAt: {
$gt: lastEditableCommentCreatedAt,
},
@@ -154,14 +154,7 @@ export async function retrieveSharedModerationQueueQueuesCounts(
const key = commentCountsModerationQueueQueuesKey(tenantID);
const freshKey = freshenKey(key);
// Get the values, and the freshness key.
const [[, queues], [, fresh]]: [
[
Error | undefined,
Record<keyof CommentModerationCountsPerQueue, string> | null
],
[Error | undefined, string | null]
] = await redis
const [[, fresh], [, queues]] = await redis
.pipeline()
.hgetall(key)
.get(freshKey)
+4 -1
View File
@@ -223,7 +223,10 @@ export async function retrieveTenant(mongo: Db, id: string) {
return collection(mongo).findOne({ id });
}
export async function retrieveManyTenants(mongo: Db, ids: string[]) {
export async function retrieveManyTenants(
mongo: Db,
ids: ReadonlyArray<string>
) {
const cursor = collection(mongo).find({
id: {
$in: ids,
@@ -13,7 +13,7 @@ async function processor(
): Promise<Notification | null> {
// Get the comment that was featured.
const comment = await ctx.comments.load(input.commentID);
if (!comment || !hasPublishedStatus(comment)) {
if (!comment || (!hasPublishedStatus(comment) || !comment.authorID)) {
return null;
}
@@ -19,7 +19,7 @@ async function processor(
// Load the comment in question.
const comment = await ctx.comments.load(input.commentID);
if (!comment) {
if (!comment || !comment.authorID) {
return null;
}
@@ -13,7 +13,7 @@ async function processor(
input: CommentReplyCreatedInput
): Promise<Notification | null> {
const comment = await ctx.comments.load(input.commentID);
if (!comment || !hasPublishedStatus(comment)) {
if (!comment || !hasPublishedStatus(comment) || !comment.authorID) {
return null;
}
@@ -14,7 +14,7 @@ async function processor(
input: CommentReplyCreatedInput
): Promise<Notification | null> {
const comment = await ctx.comments.load(input.commentID);
if (!comment || !hasPublishedStatus(comment)) {
if (!comment || !hasPublishedStatus(comment) || !comment.authorID) {
return null;
}
+5 -5
View File
@@ -78,17 +78,17 @@ async function postCommentToSlack(
hookURL: string
) {
const comment = await ctx.comments.load(commentID);
if (comment === null) {
return;
}
const story = await ctx.stories.load(comment.storyID);
if (story === null) {
if (comment === null || !comment.authorID) {
return;
}
const author = await ctx.users.load(comment.authorID);
if (author === null) {
return;
}
const story = await ctx.stories.load(comment.storyID);
if (story === null) {
return;
}
// Get some properties about the event.
const storyTitle = getStoryTitle(story);
+2 -1
View File
@@ -1,5 +1,6 @@
import { Collection, Db } from "mongodb";
import { ACTION_TYPE } from "coral-server/models/action/comment";
import { Story } from "coral-server/models/story";
import collections from "coral-server/services/mongodb/collections";
@@ -96,7 +97,7 @@ async function deleteUserActionCounts(
await collections.commentActions(mongo).deleteMany({
tenantID,
userID,
actionType: "REACTION",
actionType: ACTION_TYPE.REACTION,
});
}