npm - @netlify/build - Versions diffs - 32.0.1 → 32.1.1 - Mend

@netlify/build 32.0.1 → 32.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/lib/plugins_core/secrets_scanning/index.js +9 -1
package/lib/plugins_core/secrets_scanning/utils.d.ts +4 -0
package/lib/plugins_core/types.d.ts +3 -1
package/lib/status/validations.d.ts +9 -0
package/lib/status/validations.js +10 -0
package/lib/steps/core_step.d.ts +2 -1
package/lib/steps/core_step.js +2 -1
package/lib/steps/run_step.js +3 -1
package/package.json +8 -8

package/lib/plugins_core/secrets_scanning/index.js CHANGED Viewed

@@ -2,9 +2,10 @@ import { trace } from '@opentelemetry/api';
 import { addErrorInfo } from '../../error/info.js';
 import { log } from '../../log/logger.js';
 import { logSecretsScanFailBuildMessage, logSecretsScanSkipMessage, logSecretsScanSuccessMessage, } from '../../log/messages/core_steps.js';
+import { reportValidations } from '../../status/validations.js';
 import { getFilePathsToScan, getSecretKeysToScanFor, groupScanResultsByKey, isSecretsScanningEnabled, scanFilesForKeyValues, } from './utils.js';
 const tracer = trace.getTracer('secrets-scanning');
-const coreStep = async function ({ buildDir, logs, netlifyConfig, explicitSecretKeys, systemLog }) {
+const coreStep = async function ({ buildDir, logs, netlifyConfig, explicitSecretKeys, systemLog, deployId, api, }) {
     const stepResults = {};
     const passedSecretKeys = (explicitSecretKeys || '').split(',');
     const envVars = netlifyConfig.build.environment;
@@ -51,6 +52,13 @@ const coreStep = async function ({ buildDir, logs, netlifyConfig, explicitSecret
         span.setAttributes(attributesForLogsAndSpan);
         span.end();
     });
+    if (deployId !== '0') {
+        const secretScanResult = {
+            scannedFilesCount: scanResults?.scannedFilesCount ?? 0,
+            secretsScanMatches: scanResults?.matches ?? [],
+        };
+        reportValidations({ api, secretScanResult, deployId, systemLog });
+    }
     if (!scanResults || scanResults.matches.length === 0) {
         logSecretsScanSuccessMessage(logs, `Secrets scanning complete. ${scanResults?.scannedFilesCount} file(s) scanned. No secrets detected in build output or repo code!`);
         return stepResults;

package/lib/plugins_core/secrets_scanning/utils.d.ts CHANGED Viewed

@@ -13,6 +13,10 @@ interface MatchResult {
     key: string;
     file: string;
 }
+export type SecretScanResult = {
+    scannedFilesCount: number;
+    secretsScanMatches: MatchResult[];
+};
 /**
  * Determine if the user disabled scanning via env var
  * @param env current envars

package/lib/plugins_core/types.d.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+import { type DynamicMethods } from 'packages/js-client/lib/types.js';
 import { NetlifyPluginConstants } from '../core/constants.js';
 import { BufferedLogs } from '../log/logger.js';
 import { NetlifyConfig } from '../types/config/netlify_config.js';
@@ -13,7 +14,7 @@ export type CoreStepFunctionArgs = {
      * `undefined` if none is set.
      */
     packagePath?: string;
-    deployId?: string;
+    deployId: string;
     saveConfig: boolean;
     constants: NetlifyPluginConstants;
     quiet?: boolean;
@@ -25,6 +26,7 @@ export type CoreStepFunctionArgs = {
     netlifyConfig: NetlifyConfig;
     explicitSecretKeys: $TSFixme;
     buildbotServerSocket: $TSFixme;
+    api: DynamicMethods;
 };
 export type CoreStepFunction = (args: CoreStepFunctionArgs) => Promise<object>;
 export type CoreStepCondition = (args: CoreStepFunctionArgs) => Promise<boolean> | boolean;

package/lib/status/validations.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import { DynamicMethods } from 'packages/js-client/lib/types.js';
+import { SecretScanResult } from '../plugins_core/secrets_scanning/utils.js';
+import { SystemLogger } from '../plugins_core/types.js';
+export declare const reportValidations: ({ api, secretScanResult, deployId, systemLog, }: {
+    api: DynamicMethods;
+    secretScanResult: SecretScanResult;
+    deployId: string;
+    systemLog: SystemLogger;
+}) => Promise<void>;

package/lib/status/validations.js ADDED Viewed

@@ -0,0 +1,10 @@
+// Reports any validations completed on the deploy to the API
+export const reportValidations = async function ({ api, secretScanResult, deployId, systemLog, }) {
+    try {
+        // @ts-expect-error Property 'updateDeployValidations' does not exist on type 'DynamicMethods'. This is a private/internal-only method and isn't generated in the type definitions.
+        await api.updateDeployValidations({ deploy_id: deployId, body: { secrets_scan: secretScanResult } });
+    }
+    catch (e) {
+        systemLog(`Unable to report secrets scanning results to API. Deploy id: ${deployId}`, e);
+    }
+};

package/lib/steps/core_step.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-export declare const fireCoreStep: ({ coreStep, coreStepId, coreStepName, configPath, outputConfigPath, buildDir, repositoryRoot, packagePath, constants, buildbotServerSocket, events, logs, quiet, nodePath, childEnv, context, branch, envChanges, errorParams, configOpts, netlifyConfig, defaultConfig, configMutations, headersPath, redirectsPath, featureFlags, debug, systemLog, saveConfig, userNodeVersion, explicitSecretKeys, edgeFunctionsBootstrapURL, deployId, outputFlusher, }: {
+export declare const fireCoreStep: ({ coreStep, coreStepId, coreStepName, configPath, outputConfigPath, buildDir, repositoryRoot, packagePath, constants, buildbotServerSocket, events, logs, quiet, nodePath, childEnv, context, branch, envChanges, errorParams, configOpts, netlifyConfig, defaultConfig, configMutations, headersPath, redirectsPath, featureFlags, debug, systemLog, saveConfig, userNodeVersion, explicitSecretKeys, edgeFunctionsBootstrapURL, deployId, outputFlusher, api, }: {
     coreStep: any;
     coreStepId: any;
     coreStepName: any;
@@ -33,6 +33,7 @@ export declare const fireCoreStep: ({ coreStep, coreStepId, coreStepName, config
     edgeFunctionsBootstrapURL: any;
     deployId: any;
     outputFlusher: any;
+    api: any;
 }) => Promise<{
     newEnvChanges: any;
     netlifyConfig: any;

package/lib/steps/core_step.js CHANGED Viewed

@@ -3,12 +3,13 @@ import { addErrorInfo, isBuildError } from '../error/info.js';
 import { addOutputFlusher } from '../log/logger.js';
 import { updateNetlifyConfig, listConfigSideFiles } from './update_config.js';
 // Fire a core step
-export const fireCoreStep = async function ({ coreStep, coreStepId, coreStepName, configPath, outputConfigPath, buildDir, repositoryRoot, packagePath, constants, buildbotServerSocket, events, logs, quiet, nodePath, childEnv, context, branch, envChanges, errorParams, configOpts, netlifyConfig, defaultConfig, configMutations, headersPath, redirectsPath, featureFlags, debug, systemLog, saveConfig, userNodeVersion, explicitSecretKeys, edgeFunctionsBootstrapURL, deployId, outputFlusher, }) {
+export const fireCoreStep = async function ({ coreStep, coreStepId, coreStepName, configPath, outputConfigPath, buildDir, repositoryRoot, packagePath, constants, buildbotServerSocket, events, logs, quiet, nodePath, childEnv, context, branch, envChanges, errorParams, configOpts, netlifyConfig, defaultConfig, configMutations, headersPath, redirectsPath, featureFlags, debug, systemLog, saveConfig, userNodeVersion, explicitSecretKeys, edgeFunctionsBootstrapURL, deployId, outputFlusher, api, }) {
     const logsA = outputFlusher ? addOutputFlusher(logs, outputFlusher) : logs;
     try {
         const configSideFiles = await listConfigSideFiles([headersPath, redirectsPath]);
         const childEnvA = setEnvChanges(envChanges, { ...childEnv });
         const { newEnvChanges = {}, configMutations: newConfigMutations = [], tags, metrics, } = await coreStep({
+            api,
             configPath,
             outputConfigPath,
             buildDir,

package/lib/steps/run_step.js CHANGED Viewed

@@ -106,6 +106,7 @@ export const runStep = async function ({ event, childProcess, packageName, coreS
             explicitSecretKeys,
             edgeFunctionsBootstrapURL,
             deployId,
+            api,
         });
         const newValues = await getStepReturn({
             event,
@@ -198,7 +199,7 @@ const getFireStep = function (packageName, coreStepId, event) {
     const parentTag = normalizeTagName(packageName);
     return measureDuration(tFireStep, event, { parentTag, category: 'pluginEvent' });
 };
-const tFireStep = function ({ defaultConfig, event, childProcess, packageName, pluginPackageJson, loadedFrom, outputFlusher, origin, coreStep, coreStepId, coreStepName, configPath, outputConfigPath, buildDir, repositoryRoot, packagePath, nodePath, childEnv, context, branch, envChanges, constants, steps, buildbotServerSocket, events, error, logs, debug, quiet, systemLog, verbose, saveConfig, errorParams, configOpts, netlifyConfig, configMutations, headersPath, redirectsPath, featureFlags, userNodeVersion, explicitSecretKeys, edgeFunctionsBootstrapURL, deployId, extensionMetadata, }) {
+const tFireStep = function ({ defaultConfig, event, childProcess, packageName, pluginPackageJson, loadedFrom, outputFlusher, origin, coreStep, coreStepId, coreStepName, configPath, outputConfigPath, buildDir, repositoryRoot, packagePath, nodePath, childEnv, context, branch, envChanges, constants, steps, buildbotServerSocket, events, error, logs, debug, quiet, systemLog, verbose, saveConfig, errorParams, configOpts, netlifyConfig, configMutations, headersPath, redirectsPath, featureFlags, userNodeVersion, explicitSecretKeys, edgeFunctionsBootstrapURL, deployId, extensionMetadata, api, }) {
     if (coreStep !== undefined) {
         return fireCoreStep({
             coreStep,
@@ -235,6 +236,7 @@ const tFireStep = function ({ defaultConfig, event, childProcess, packageName, p
             explicitSecretKeys,
             edgeFunctionsBootstrapURL,
             deployId,
+            api,
         });
     }
     return firePluginStep({

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@netlify/build",
-  "version": "32.0.1",
+  "version": "32.1.1",
   "description": "Netlify build module",
   "type": "module",
   "exports": "./lib/index.js",
@@ -67,17 +67,17 @@
   "license": "MIT",
   "dependencies": {
     "@bugsnag/js": "^7.0.0",
-    "@netlify/blobs": "^8.1.2",
+    "@netlify/blobs": "^8.2.0",
     "@netlify/cache-utils": "^5.2.0",
-    "@netlify/config": "^22.0.0",
-    "@netlify/edge-bundler": "13.0.2",
+    "@netlify/config": "^22.0.1",
+    "@netlify/edge-bundler": "13.0.3",
     "@netlify/framework-info": "^9.9.3",
-    "@netlify/functions-utils": "^5.3.16",
+    "@netlify/functions-utils": "^5.3.17",
     "@netlify/git-utils": "^5.2.0",
     "@netlify/opentelemetry-utils": "^1.3.1",
     "@netlify/plugins-list": "^6.80.0",
     "@netlify/run-utils": "^5.2.0",
-    "@netlify/zip-it-and-ship-it": "10.0.7",
+    "@netlify/zip-it-and-ship-it": "10.1.0",
     "@sindresorhus/slugify": "^2.0.0",
     "ansi-escapes": "^6.0.0",
     "chalk": "^5.0.0",
@@ -143,7 +143,7 @@
     "process-exists": "^5.0.0",
     "sinon": "^13.0.0",
     "tmp-promise": "^3.0.2",
-    "tsd": "^0.31.0",
+    "tsd": "^0.32.0",
     "vitest": "^0.34.0",
     "yarn": "^1.22.22"
   },
@@ -159,5 +159,5 @@
   "engines": {
     "node": "^14.16.0 || >=16.0.0"
   },
-  "gitHead": "7692cacc83679518b78d7c50a436e691987f98bf"
+  "gitHead": "7ad3e18629779815c5f6ec35db99337c31094b93"
 }