@contentstack/datasync-manager 1.2.1 → 1.2.3

package/.github/workflows/codeql-analysis.yml

@@ -0,0 +1,68 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: '*'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+        
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines. 
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    # - run: |
+    #   echo "Run, Build Application using script"
+    #   ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2

package/.github/workflows/jira.yml

@@ -0,0 +1,27 @@
+name: Create JIRA ISSUE
+on:
+  pull_request:
+    types: [opened]
+jobs:
+  security:
+    if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-')  || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Login into JIRA
+        uses: atlassian/gajira-login@master
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+      - name: Create a JIRA Issue
+        id: create
+        uses: atlassian/gajira-create@master
+        with:
+          project: ${{ secrets.JIRA_PROJECT }}
+          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+          summary: |
+            ${{ github.event.pull_request.title }}
+          description: |
+            PR: ${{ github.event.pull_request.html_url }}
+

package/.github/workflows/release.yml

@@ -0,0 +1,53 @@
+name: Release
+on:
+  push:
+    branches:
+      - master
+jobs:
+  build:
+    name: Build and upload
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Setup Node.js
+        uses: actions/setup-node@v1
+        with:
+          node-version: 12
+      - name: Install dependencies
+        run: npm install
+      - name: Build
+        run: npm run build-ts
+      - name: Upload dist
+        uses: actions/upload-artifact@v3
+        with:
+          name: dist
+          path: dist
+
+  release:
+    name: Download dist and release
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Setup Node.js
+        uses: actions/setup-node@v1
+        with:
+          node-version: 12
+      - name: Install dependencies
+        run: npm install
+      - name: Download dist
+        uses: actions/download-artifact@v3
+        with:
+          name: dist
+          run: ls dist
+      - name: Release
+        env:
+          GH_TOKEN: ${{ secrets.GH_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: npx semantic-release

package/.github/workflows/sast-scan.yml

@@ -0,0 +1,11 @@
+name: SAST Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Horusec Scan
+        run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src horuszup/horusec-cli:latest horusec start -p /src -P $(pwd)

package/.github/workflows/sca-scan.yml

@@ -0,0 +1,15 @@
+name: Source Composition Analysis Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --all-projects

package/.github/workflows/secrets-scan.yml

@@ -0,0 +1,11 @@
+name: Secrets Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Gittyleaks
+        uses: gupy-io/gittyleaks-action@v0.1

package/.releaserc

@@ -0,0 +1,9 @@
+{
+    "branches": ["master"],
+    "plugins": [
+        "@semantic-release/commit-analyzer",
+        "@semantic-release/release-notes-generator",
+        "@semantic-release/npm",
+        "@semantic-release/git"
+    ]
+}

package/.talismanrc

@@ -0,0 +1,4 @@
+fileignoreconfig:
+- filename: package-lock.json
+  checksum: c95ab8723f7a15c72d1e6f2f6b2eb173ce46b14e4bcd864cc47119b60e1866de
+version: ""

package/CODEOWNERS

@@ -0,0 +1 @@
+* @contentstack/security-admin @contentstack/cli-admin

package/LICENSE

@@ -1,6 +1,6 @@
 The MIT License
 
-Copyright (c) 2019 Contentstack LLC <https://www.contentstack.com/>
+Copyright (c) 2022 Contentstack LLC <https://www.contentstack.com/>
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/SECURITY.md

@@ -0,0 +1,27 @@
+## Security
+
+Contentstack takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations.
+
+If you believe you have found a security vulnerability in any Contentstack-owned repository, please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Send email to [security@contentstack.com](mailto:security@contentstack.com).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message.
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+[https://www.contentstack.com/trust/](https://www.contentstack.com/trust/)

package/dist/core/inet.js

@@ -65,10 +65,7 @@ exports.checkNetConnectivity = () => {
     });
 };
 exports.netConnectivityIssues = (error) => {
-    if (error.code === 'ENOTFOUND') {
-        return true;
-    }
-    else if (error.code === 'ETIMEDOUT') {
+    if (error.code === 'ENOTFOUND' || error.code === 'ETIMEDOUT') {
         return true;
     }
     return false;

package/dist/core/q.js

@@ -142,17 +142,7 @@ class Q extends events_1.EventEmitter {
      */
     process(data) {
         notify(data._type, data);
-        switch (data._type) {
-            case 'publish':
-                this.exec(data, data._type);
-                break;
-            case 'unpublish':
-                this.exec(data, data._type);
-                break;
-            default:
-                this.exec(data, data._type);
-                break;
-        }
+        this.exec(data, data._type);
     }
     /**
      * @description Execute and manager current processing item. Calling 'before' and 'after' hooks appropriately

package/dist/plugins/helper.js

@@ -57,7 +57,7 @@ exports.buildReferencePaths = (schema, entryReferences = {}, assetReferences = {
                 this.buildReferencePaths(field.schema, entryReferences, assetReferences, ((parent) ? `${parent}.${field.uid}` : field.uid));
             }
             else if (field.data_type === fieldType.BLOCKS && Array.isArray(field.blocks)) {
-                const blockParent = ((parent)) ? `${parent}.${field.uid}` : `${field.uid}`;
+                const blockParent = parent ? `${parent}.${field.uid}` : `${field.uid}`;
                 field.blocks.forEach((block) => {
                     if (block && block.schema && Array.isArray(block.schema)) {
                         let subBlockParent = `${blockParent}.${block.uid}`;

package/dist/plugins/save_rte_markdown_assets/index.js

@@ -3,7 +3,6 @@ const helper = require('../helper');
 const index = require('../../index');
 const util = require('../../util/index');
 module.exports = function SaveRteMarkdownAssets() {
-    const options = SaveRteMarkdownAssets.options;
     SaveRteMarkdownAssets.beforeSync = (action, data, schema) => {
         return new Promise((resolve, reject) => {
             try {

package/dist/plugins/transform_entries/index.js

@@ -1,7 +1,6 @@
 "use strict";
 const helper = require('../helper');
 module.exports = function TransformEntries() {
-    const options = TransformEntries.options;
     TransformEntries.beforeSync = (action, data, schema) => {
         return new Promise((resolve, reject) => {
             try {

package/dist/util/index.js

@@ -260,7 +260,7 @@ const findAssets = (parentEntry, key, schema, entry, bucket, isFindNotReplace) =
         let matches;
         let convertedText;
         if (isMarkdown) {
-            convertedText = marked_1.default(entry);
+            convertedText = marked_1.default.marked(entry);
         }
         else {
             convertedText = entry;
@@ -312,7 +312,7 @@ const iterate = (schema, entry, bucket, findNoteReplace, parentKeys) => {
             const parentKey = parentKeys[index];
             const subEntry = entry[parentKey];
             if (subEntry && !(lodash_1.isEmpty(subEntry)) && index === (parentKeys.length - 1)) {
-                if (subEntry && subEntry instanceof Array && subEntry.length) {
+                if (subEntry && subEntry.length) {
                     subEntry.forEach((subEntryItem, idx) => {
                         // tricky!
                         if (!(lodash_1.isEmpty(subEntryItem))) {

package/package.json

@@ -1,33 +1,40 @@
 {
   "name": "@contentstack/datasync-manager",
   "author": "Contentstack LLC <support@contentstack.com>",
-  "version": "1.2.1",
+  "version": "1.2.3",
   "description": "The primary module of Contentstack DataSync. Syncs Contentstack data with your server using Contentstack Sync API",
   "main": "dist/index.js",
   "dependencies": {
-    "debug": "4.1.1",
-    "dns-socket": "4.2.0",
-    "lodash": "4.17.15",
-    "marked": "1.1.1",
-    "write-file-atomic": "2.4.2"
+    "debug": "^4.3.4",
+    "dns-socket": "^4.2.2",
+    "lodash": "^4.17.21",
+    "marked": "^4.1.0",
+    "write-file-atomic": "4.0.2"
   },
   "devDependencies": {
+    "@semantic-release/commit-analyzer": "^9.0.2",
+    "@semantic-release/git": "^10.0.1",
+    "@semantic-release/npm": "^9.0.1",
+    "@semantic-release/release-notes-generator": "^10.0.3",
     "@types/debug": "0.0.31",
     "@types/jest": "23.3.11",
     "@types/lodash": "4.14.119",
+    "@types/marked": "^4.0.7",
     "@types/mkdirp": "0.5.2",
     "@types/nock": "9.3.0",
     "@types/node": "10.12.12",
     "@types/rimraf": "2.0.2",
     "@types/write-file-atomic": "2.1.1",
-    "jest": "24.8.0",
+    "eslint": "^8.14.0",
+    "jest": "^29.0.3",
     "jest-html-reporter": "^2.5.0",
-    "mkdirp": "0.5.1",
-    "nock": "10.0.6",
-    "rimraf": "2.6.2",
-    "ts-jest": "24.0.2",
-    "tslint": "5.18.0",
-    "typescript": "3.5.2"
+    "mkdirp": "^1.0.4",
+    "nock": "^10.0.6",
+    "rimraf": "^2.6.2",
+    "semantic-release": "^19.0.5",
+    "ts-jest": "^29.0.1",
+    "tslint": "^5.18.0",
+    "typescript": "^3.5.2"
   },
   "scripts": {
     "clean": "rimraf dist typings coverage .tokens .ledger .checkpoint",
@@ -37,7 +44,9 @@
     "prepare": "npm run compile",
     "start": "dist",
     "tslint": "npx tslint -c tslint.json 'src/**/*.ts' --fix",
-    "test": "PLUGIN_PATH=./test/dummy jest --colors --coverage --verbose"
+    "test": "PLUGIN_PATH=./test/dummy jest --colors --coverage --verbose",
+    "lint": "eslint",
+    "semantic-release": "semantic-release"
   },
   "engines": {
     "node": ">=8"
@@ -57,4 +66,4 @@
     "url": "https://github.com/contentstack/datasync-manager/issues"
   },
   "homepage": "https://www.contentstack.com/docs/guide/synchronization/contentstack-datasync"
-}
+}

package/test/dummy/plugins/myplugin1/index.js

@@ -1,5 +1,4 @@
 module.exports = function Myplugin1 () {
-  const options = Myplugin1.options
 
   Myplugin1.beforeSync = (action, data, schema) => {
     return new Promise((resolve) => {

package/test/dummy/plugins/myplugin2/index.js

@@ -1,5 +1,4 @@
 module.exports = function Myplugin1 () {
-  const options = Myplugin1.options
 
   Myplugin1.beforeSync = (action, data, schema) => {
     return new Promise((resolve) => {

package/coverage/base.css

@@ -1,224 +0,0 @@
-body, html {
-  margin:0; padding: 0;
-  height: 100%;
-}
-body {
-    font-family: Helvetica Neue, Helvetica, Arial;
-    font-size: 14px;
-    color:#333;
-}
-.small { font-size: 12px; }
-*, *:after, *:before {
-  -webkit-box-sizing:border-box;
-     -moz-box-sizing:border-box;
-          box-sizing:border-box;
-  }
-h1 { font-size: 20px; margin: 0;}
-h2 { font-size: 14px; }
-pre {
-    font: 12px/1.4 Consolas, "Liberation Mono", Menlo, Courier, monospace;
-    margin: 0;
-    padding: 0;
-    -moz-tab-size: 2;
-    -o-tab-size:  2;
-    tab-size: 2;
-}
-a { color:#0074D9; text-decoration:none; }
-a:hover { text-decoration:underline; }
-.strong { font-weight: bold; }
-.space-top1 { padding: 10px 0 0 0; }
-.pad2y { padding: 20px 0; }
-.pad1y { padding: 10px 0; }
-.pad2x { padding: 0 20px; }
-.pad2 { padding: 20px; }
-.pad1 { padding: 10px; }
-.space-left2 { padding-left:55px; }
-.space-right2 { padding-right:20px; }
-.center { text-align:center; }
-.clearfix { display:block; }
-.clearfix:after {
-  content:'';
-  display:block;
-  height:0;
-  clear:both;
-  visibility:hidden;
-  }
-.fl { float: left; }
-@media only screen and (max-width:640px) {
-  .col3 { width:100%; max-width:100%; }
-  .hide-mobile { display:none!important; }
-}
-
-.quiet {
-  color: #7f7f7f;
-  color: rgba(0,0,0,0.5);
-}
-.quiet a { opacity: 0.7; }
-
-.fraction {
-  font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;
-  font-size: 10px;
-  color: #555;
-  background: #E8E8E8;
-  padding: 4px 5px;
-  border-radius: 3px;
-  vertical-align: middle;
-}
-
-div.path a:link, div.path a:visited { color: #333; }
-table.coverage {
-  border-collapse: collapse;
-  margin: 10px 0 0 0;
-  padding: 0;
-}
-
-table.coverage td {
-  margin: 0;
-  padding: 0;
-  vertical-align: top;
-}
-table.coverage td.line-count {
-    text-align: right;
-    padding: 0 5px 0 20px;
-}
-table.coverage td.line-coverage {
-    text-align: right;
-    padding-right: 10px;
-    min-width:20px;
-}
-
-table.coverage td span.cline-any {
-    display: inline-block;
-    padding: 0 5px;
-    width: 100%;
-}
-.missing-if-branch {
-    display: inline-block;
-    margin-right: 5px;
-    border-radius: 3px;
-    position: relative;
-    padding: 0 4px;
-    background: #333;
-    color: yellow;
-}
-
-.skip-if-branch {
-    display: none;
-    margin-right: 10px;
-    position: relative;
-    padding: 0 4px;
-    background: #ccc;
-    color: white;
-}
-.missing-if-branch .typ, .skip-if-branch .typ {
-    color: inherit !important;
-}
-.coverage-summary {
-  border-collapse: collapse;
-  width: 100%;
-}
-.coverage-summary tr { border-bottom: 1px solid #bbb; }
-.keyline-all { border: 1px solid #ddd; }
-.coverage-summary td, .coverage-summary th { padding: 10px; }
-.coverage-summary tbody { border: 1px solid #bbb; }
-.coverage-summary td { border-right: 1px solid #bbb; }
-.coverage-summary td:last-child { border-right: none; }
-.coverage-summary th {
-  text-align: left;
-  font-weight: normal;
-  white-space: nowrap;
-}
-.coverage-summary th.file { border-right: none !important; }
-.coverage-summary th.pct { }
-.coverage-summary th.pic,
-.coverage-summary th.abs,
-.coverage-summary td.pct,
-.coverage-summary td.abs { text-align: right; }
-.coverage-summary td.file { white-space: nowrap;  }
-.coverage-summary td.pic { min-width: 120px !important;  }
-.coverage-summary tfoot td { }
-
-.coverage-summary .sorter {
-    height: 10px;
-    width: 7px;
-    display: inline-block;
-    margin-left: 0.5em;
-    background: url(sort-arrow-sprite.png) no-repeat scroll 0 0 transparent;
-}
-.coverage-summary .sorted .sorter {
-    background-position: 0 -20px;
-}
-.coverage-summary .sorted-desc .sorter {
-    background-position: 0 -10px;
-}
-.status-line {  height: 10px; }
-/* yellow */
-.cbranch-no { background: yellow !important; color: #111; }
-/* dark red */
-.red.solid, .status-line.low, .low .cover-fill { background:#C21F39 }
-.low .chart { border:1px solid #C21F39 }
-.highlighted,
-.highlighted .cstat-no, .highlighted .fstat-no, .highlighted .cbranch-no{
-  background: #C21F39 !important;
-}
-/* medium red */
-.cstat-no, .fstat-no, .cbranch-no, .cbranch-no { background:#F6C6CE }
-/* light red */
-.low, .cline-no { background:#FCE1E5 }
-/* light green */
-.high, .cline-yes { background:rgb(230,245,208) }
-/* medium green */
-.cstat-yes { background:rgb(161,215,106) }
-/* dark green */
-.status-line.high, .high .cover-fill { background:rgb(77,146,33) }
-.high .chart { border:1px solid rgb(77,146,33) }
-/* dark yellow (gold) */
-.status-line.medium, .medium .cover-fill { background: #f9cd0b; }
-.medium .chart { border:1px solid #f9cd0b; }
-/* light yellow */
-.medium { background: #fff4c2; }
-
-.cstat-skip { background: #ddd; color: #111; }
-.fstat-skip { background: #ddd; color: #111 !important; }
-.cbranch-skip { background: #ddd !important; color: #111; }
-
-span.cline-neutral { background: #eaeaea; }
-
-.coverage-summary td.empty {
-    opacity: .5;
-    padding-top: 4px;
-    padding-bottom: 4px;
-    line-height: 1;
-    color: #888;
-}
-
-.cover-fill, .cover-empty {
-  display:inline-block;
-  height: 12px;
-}
-.chart {
-  line-height: 0;
-}
-.cover-empty {
-    background: white;
-}
-.cover-full {
-    border-right: none !important;
-}
-pre.prettyprint {
-    border: none !important;
-    padding: 0 !important;
-    margin: 0 !important;
-}
-.com { color: #999 !important; }
-.ignore-none { color: #999; font-weight: normal; }
-
-.wrapper {
-  min-height: 100%;
-  height: auto !important;
-  height: 100%;
-  margin: 0 auto -48px;
-}
-.footer, .push {
-  height: 48px;
-}