@automattic/vip 2.18.0 → 2.19.0

package/CHANGELOG.md

@@ -1,5 +1,11 @@
 ## Changelog
 
+### 2.19.0 (23 Sep 2022)
+- #1108 [dev-env] Validate import file and add debug lines
+- #1107 [dev-env] Validate dns lookup
+- #1104 [dev-env] fetch php and wordpress versions for creation wizard
+- #1049 Fix security issues
+
 ### 2.18.0 (15 Sep 2022)
 - #1103	Force the preference for WebSocket in case we see an error during connection
 - #1102	Remove http proxy support

package/dist/bin/vip-dev-env-create.js

@@ -56,7 +56,6 @@ const cmd = (0, _command.default)().option('slug', 'Custom name of the dev envir
 (0, _devEnvironmentCli.addDevEnvConfigurationOptions)(cmd);
 cmd.examples(examples);
 cmd.argv(process.argv, async (arg, opt) => {
-  await (0, _devEnvironmentCli.validateDependencies)();
   const environmentNameOptions = {
     slug: opt.slug,
     app: opt.app,
@@ -64,6 +63,7 @@ cmd.argv(process.argv, async (arg, opt) => {
     allowAppEnv: true
   };
   const slug = (0, _devEnvironmentCli.getEnvironmentName)(environmentNameOptions);
+  await (0, _devEnvironmentCli.validateDependencies)(slug);
   debug('Args: ', arg, 'Options: ', opt);
   const trackingInfo = {
     slug

package/dist/bin/vip-dev-env-destroy.js

@@ -38,8 +38,8 @@ const examples = [{
   description: 'Destroys a local dev environment named foo'
 }];
 (0, _command.default)().option('slug', 'Custom name of the dev environment').option('soft', 'Keep config files needed to start an environment intact').examples(examples).argv(process.argv, async (arg, opt) => {
-  await (0, _devEnvironmentCli.validateDependencies)();
   const slug = (0, _devEnvironmentCli.getEnvironmentName)(opt);
+  await (0, _devEnvironmentCli.validateDependencies)(slug);
   const trackingInfo = (0, _devEnvironmentCli.getEnvTrackingInfo)(slug);
   await (0, _tracker.trackEvent)('dev_env_destroy_command_execute', trackingInfo);
   debug('Args: ', arg, 'Options: ', opt);

package/dist/bin/vip-dev-env-exec.js

@@ -43,8 +43,8 @@ const examples = [{
 
   return 'false' !== (value === null || value === void 0 ? void 0 : (_value$toLowerCase = value.toLowerCase) === null || _value$toLowerCase === void 0 ? void 0 : _value$toLowerCase.call(value));
 }).examples(examples).argv(process.argv, async (unmatchedArgs, opt) => {
-  await (0, _devEnvironmentCli.validateDependencies)();
   const slug = (0, _devEnvironmentCli.getEnvironmentName)(opt);
+  await (0, _devEnvironmentCli.validateDependencies)(slug);
   const trackingInfo = (0, _devEnvironmentCli.getEnvTrackingInfo)(slug);
   await (0, _tracker.trackEvent)('dev_env_exec_command_execute', trackingInfo);
 

package/dist/bin/vip-dev-env-import-media.js

@@ -36,9 +36,9 @@ const examples = [{
 (0, _command.default)({
   requiredArgs: 1
 }).examples(examples).option('slug', 'Custom name of the dev environment').argv(process.argv, async (unmatchedArgs, opt) => {
-  await (0, _devEnvironmentCli.validateDependencies)();
   const [filePath] = unmatchedArgs;
   const slug = (0, _devEnvironmentCli.getEnvironmentName)(opt);
+  await (0, _devEnvironmentCli.validateDependencies)(slug);
   const trackingInfo = (0, _devEnvironmentCli.getEnvTrackingInfo)(slug);
   await (0, _tracker.trackEvent)('dev_env_import_media_command_execute', trackingInfo);
 

package/dist/bin/vip-dev-env-import-sql.js

@@ -45,13 +45,13 @@ const examples = [{
 (0, _command.default)({
   requiredArgs: 1
 }).option('slug', 'Custom name of the dev environment').option(['r', 'search-replace'], 'Perform Search and Replace on the specified SQL file').option('in-place', 'Search and Replace explicitly on the given input file').option('skip-validate', 'Do not perform file validation.').examples(examples).argv(process.argv, async (unmatchedArgs, opt) => {
-  await (0, _devEnvironmentCli.validateDependencies)();
   const [fileName] = unmatchedArgs;
   const {
     searchReplace,
     inPlace
   } = opt;
   const slug = (0, _devEnvironmentCli.getEnvironmentName)(opt);
+  await (0, _devEnvironmentCli.validateDependencies)(slug);
   const trackingInfo = (0, _devEnvironmentCli.getEnvTrackingInfo)(slug);
   await (0, _tracker.trackEvent)('dev_env_import_sql_command_execute', trackingInfo);
 

package/dist/bin/vip-dev-env-info.js

@@ -36,8 +36,8 @@ const examples = [{
   description: 'Return information about a local dev environment named "my_site"'
 }];
 (0, _command.default)().option('slug', 'Custom name of the dev environment').option('all', 'Show Info for all local dev environments').option('extended', 'Show extended information about the dev environment').examples(examples).argv(process.argv, async (arg, opt) => {
-  await (0, _devEnvironmentCli.validateDependencies)();
   const slug = (0, _devEnvironmentCli.getEnvironmentName)(opt);
+  await (0, _devEnvironmentCli.validateDependencies)(slug);
   const trackingInfo = opt.all ? {
     all: true
   } : (0, _devEnvironmentCli.getEnvTrackingInfo)(slug);

package/dist/bin/vip-dev-env-list.js

@@ -38,7 +38,7 @@ const examples = [{
   await (0, _tracker.trackEvent)('dev_env_list_command_execute', trackingInfo);
 
   try {
-    await (0, _devEnvironmentCore.printAllEnvironmentsInfo)();
+    await (0, _devEnvironmentCore.printAllEnvironmentsInfo)({});
     await (0, _tracker.trackEvent)('dev_env_list_command_success', trackingInfo);
   } catch (error) {
     (0, _devEnvironmentCli.handleCLIException)(error, 'dev_env_list_command_error', trackingInfo);

package/dist/bin/vip-dev-env-start.js

@@ -39,9 +39,9 @@ const examples = [{
   description: 'Starts a local dev environment'
 }];
 (0, _command.default)().option('slug', 'Custom name of the dev environment').option('skip-rebuild', 'Only start stopped services').option(['w', 'skip-wp-versions-check'], 'Skip propting for wordpress update if non latest').examples(examples).argv(process.argv, async (arg, opt) => {
-  await (0, _devEnvironmentCli.validateDependencies)();
-  const startProcessing = new Date();
   const slug = (0, _devEnvironmentCli.getEnvironmentName)(opt);
+  await (0, _devEnvironmentCli.validateDependencies)(slug);
+  const startProcessing = new Date();
   const trackingInfo = (0, _devEnvironmentCli.getEnvTrackingInfo)(slug);
   await (0, _tracker.trackEvent)('dev_env_start_command_execute', trackingInfo);
   debug('Args: ', arg, 'Options: ', opt);

package/dist/bin/vip-dev-env-stop.js

@@ -35,8 +35,8 @@ const examples = [{
   description: 'Stops a local dev environment'
 }];
 (0, _command.default)().option('slug', 'Custom name of the dev environment').examples(examples).argv(process.argv, async (arg, opt) => {
-  await (0, _devEnvironmentCli.validateDependencies)();
   const slug = (0, _devEnvironmentCli.getEnvironmentName)(opt);
+  await (0, _devEnvironmentCli.validateDependencies)(slug);
   debug('Args: ', arg, 'Options: ', opt);
   const trackingInfo = (0, _devEnvironmentCli.getEnvTrackingInfo)(slug);
   await (0, _tracker.trackEvent)('dev_env_stop_command_execute', trackingInfo);

package/dist/bin/vip-dev-env-update.js

@@ -38,8 +38,8 @@ const cmd = (0, _command.default)().option('slug', 'Custom name of the dev envir
 (0, _devEnvironmentCli.addDevEnvConfigurationOptions)(cmd);
 cmd.examples(examples);
 cmd.argv(process.argv, async (arg, opt) => {
-  await (0, _devEnvironmentCli.validateDependencies)();
   const slug = (0, _devEnvironmentCli.getEnvironmentName)(opt);
+  await (0, _devEnvironmentCli.validateDependencies)(slug);
   const trackingInfo = (0, _devEnvironmentCli.getEnvTrackingInfo)(slug);
   await (0, _tracker.trackEvent)('dev_env_update_command_execute', trackingInfo);
 

package/dist/lib/dev-environment/dev-environment-cli.js

@@ -71,7 +71,10 @@ const DEFAULT_SLUG = 'vip-local';
 async function handleCLIException(exception, trackKey, trackBaseInfo = {}) {
   const errorPrefix = _chalk.default.red('Error:');
 
-  if (_devEnvironment.DEV_ENVIRONMENT_NOT_FOUND === exception.message) {
+  if (exception instanceof _userError.default) {
+    // User errors are handled in global error handler
+    throw exception;
+  } else if (_devEnvironment.DEV_ENVIRONMENT_NOT_FOUND === exception.message) {
     const createCommand = _chalk.default.bold(_devEnvironment.DEV_ENVIRONMENT_FULL_COMMAND + ' create');
 
     const message = `Environment doesn't exist.\n\n\nTo create a new environment run:\n\n${createCommand}\n`;
@@ -104,12 +107,38 @@ async function handleCLIException(exception, trackKey, trackBaseInfo = {}) {
   }
 }
 
-const validateDependencies = async () => {
+const verifyDNSResolution = slug => {
+  const dns = require('dns');
+
+  const expectedIP = '127.0.0.1';
+  const testDomain = `${slug}.vipdev.lndo.site`;
+  const advice = `Please add following line to hosts file on your system:\n${expectedIP} ${testDomain}`;
+  debug(`Verifying DNS resolution for ${testDomain}`);
+  return new Promise((resolve, reject) => {
+    dns.lookup(testDomain, (error, address) => {
+      debug(`Got DNS response ${address}`);
+
+      if (error) {
+        reject(new _userError.default(`DNS resolution for ${testDomain} failed. ${advice}`));
+      }
+
+      if (address !== expectedIP) {
+        reject(new _userError.default(`DNS resolution for ${testDomain} returned unexpected IP ${address}. Expected value is ${expectedIP}. ${advice}`));
+      }
+
+      resolve();
+    });
+  });
+};
+
+const validateDependencies = async slug => {
   try {
     await (0, _devEnvironmentLando.validateDockerInstalled)();
   } catch (exception) {
-    exit.withError(exception.message);
+    throw new _userError.default(exception.message);
   }
+
+  await verifyDNSResolution(slug);
 };
 
 exports.validateDependencies = validateDependencies;
@@ -170,12 +199,14 @@ function processComponentOptionInput(passedParam, allowLocal) {
 }
 
 function getOptionsFromAppInfo(appInfo) {
-  var _appInfo$environment, _appInfo$environment2, _appInfo$environment3;
+  var _appInfo$environment, _appInfo$environment2, _appInfo$environment3, _appInfo$environment4, _appInfo$environment5;
 
   return {
     title: ((_appInfo$environment = appInfo.environment) === null || _appInfo$environment === void 0 ? void 0 : _appInfo$environment.name) || appInfo.name || '',
     multisite: !!(appInfo !== null && appInfo !== void 0 && (_appInfo$environment2 = appInfo.environment) !== null && _appInfo$environment2 !== void 0 && _appInfo$environment2.isMultisite),
-    mediaRedirectDomain: (_appInfo$environment3 = appInfo.environment) === null || _appInfo$environment3 === void 0 ? void 0 : _appInfo$environment3.primaryDomain
+    mediaRedirectDomain: (_appInfo$environment3 = appInfo.environment) === null || _appInfo$environment3 === void 0 ? void 0 : _appInfo$environment3.primaryDomain,
+    php: ((_appInfo$environment4 = appInfo.environment) === null || _appInfo$environment4 === void 0 ? void 0 : _appInfo$environment4.php) || '',
+    wordpress: ((_appInfo$environment5 = appInfo.environment) === null || _appInfo$environment5 === void 0 ? void 0 : _appInfo$environment5.wordpress) || ''
   };
 }
 /**

package/dist/lib/dev-environment/dev-environment-core.js

@@ -50,6 +50,10 @@ var _app = _interopRequireDefault(require("../api/app"));
 
 var _devEnvironment = require("../constants/dev-environment");
 
+var _software = require("../config/software");
+
+var _userError = _interopRequireDefault(require("../user-error"));
+
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
 
 /**
@@ -380,9 +384,17 @@ async function getApplicationInformation(appId, envType) {
 			isMultisite,
 			primaryDomain {
 				name
+			},
+			softwareSettings {
+				php {
+				  ...Software
+				}
+				wordpress {
+				  ...Software
+				}
 			}
 		}`;
-  const queryResult = await (0, _app.default)(appId, fieldsQuery);
+  const queryResult = await (0, _app.default)(appId, fieldsQuery, _software.appQueryFragments);
   const appData = {};
 
   if (queryResult) {
@@ -412,14 +424,16 @@ async function getApplicationInformation(appId, envType) {
     }
 
     if (envData) {
-      var _envData$primaryDomai;
+      var _envData$primaryDomai, _envData$softwareSett, _envData$softwareSett2, _envData$softwareSett3, _envData$softwareSett4, _envData$softwareSett5, _envData$softwareSett6;
 
       appData.environment = {
         name: envData.name,
         branch: envData.branch,
         type: envData.type,
         isMultisite: envData.isMultisite,
-        primaryDomain: ((_envData$primaryDomai = envData.primaryDomain) === null || _envData$primaryDomai === void 0 ? void 0 : _envData$primaryDomai.name) || ''
+        primaryDomain: ((_envData$primaryDomai = envData.primaryDomain) === null || _envData$primaryDomai === void 0 ? void 0 : _envData$primaryDomai.name) || '',
+        php: ((_envData$softwareSett = envData.softwareSettings) === null || _envData$softwareSett === void 0 ? void 0 : (_envData$softwareSett2 = _envData$softwareSett.php) === null || _envData$softwareSett2 === void 0 ? void 0 : (_envData$softwareSett3 = _envData$softwareSett2.current) === null || _envData$softwareSett3 === void 0 ? void 0 : _envData$softwareSett3.version) || '',
+        wordpress: ((_envData$softwareSett4 = envData.softwareSettings) === null || _envData$softwareSett4 === void 0 ? void 0 : (_envData$softwareSett5 = _envData$softwareSett4.wordpress) === null || _envData$softwareSett5 === void 0 ? void 0 : (_envData$softwareSett6 = _envData$softwareSett5.current) === null || _envData$softwareSett6 === void 0 ? void 0 : _envData$softwareSett6.version) || ''
       };
     }
   }
@@ -428,10 +442,16 @@ async function getApplicationInformation(appId, envType) {
 }
 
 async function resolveImportPath(slug, fileName, searchReplace, inPlace) {
+  debug(`Will try to resolve path - ${fileName}`);
   let resolvedPath = (0, _devEnvironmentCli.resolvePath)(fileName);
+  debug(`Filename ${fileName} resolved to ${resolvedPath}`);
 
   if (!_fs.default.existsSync(resolvedPath)) {
-    throw new Error('The provided file does not exist or it is not valid (see "--help" for examples)');
+    throw new _userError.default(`The provided file ${resolvedPath} does not exist or it is not valid (see "--help" for examples)`);
+  }
+
+  if (_fs.default.lstatSync(resolvedPath).isDirectory()) {
+    throw new _userError.default(`The provided file ${resolvedPath} is a directory. Please point to a sql file.`);
   } // Run Search and Replace if the --search-replace flag was provided