@pixelated-tech/components 3.13.1 → 3.13.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
pxl:v1:
|
|
1
|
+
pxl:v1:34b3d5e0a88b1dbb654c3889:0892c0ca37ade083331b2d0237cd1f3c:6ac8aed535141caea852a25cfab27e6d242e67365acbe86f7e18ff17c9f1c3a1e3e07283159aca3855a948ecfc243cdbb5c158d69f3b25e1dbceb7273e738ce5c301b7d9cfba698abc2d233ea32e69fc1dbcfc714d04e5dd55559d74e72c5b0a6174074398828dace496bf656aa2c27b79c7b561aae4d5a57c298ddbfef410a560851f348de7c7afd3064411201096d5ea78d9436879d246d3aaa5db4c5ba35362cd928a24e6abf5e86f201d560d95eb585844749c3bbb96065aaf698745e2db84975c6af39a85d873ac2a8d986dd2668aabb923782c0d211f46a09ebced87aaebb4745143908ed01fe01d0703e3893b82b59f8f39a9c0f9fc57b142bde00479cee347cd69ecd0bb84aa44c9806365e012e27bb8853be8dc150ad971cf4f96a0f43c7d2bae06744929591b4ffe6f37989ff2397e8bf516b9538f05870eac7ec2be696625b3d508e017d108c9ca5505aea19f3a9b57b559e8e1caa682fc58b028f7f2ce7a7edafbd0a8bd2a5b9c5751e64298659ba3cbeb10849476b28675148dc635096f115bd56d6558fededd2c4e059243fc46aef57c2d1abc006bdef3348fdf63f7b118447300c9852e9c051b3110cd7b8da1909251ab111d4beb4c9b0ff85f0106fa38352cefc04ec8da6e90a4c50884ded4365ac79eaedf6720855c855e2acca7b69dcb8728f858895c5019bda7274b2d4348168df304b7c73de670d4176add82adc5c73b924369bee53e87c0ad880575976b74e7fa58e5cb2e4d268044872d1eeb03bf7bfc1cc1a00f47b4b7c9ae27e86feef9e44778b5933b08f430463629c27054a73139ec30b5a2d39e813051f8deebb28ad39b5a2ca5a3cf1de262cde74f864ed09e9ec941ad17ede514c51a7eb780d54b97b7aad5d9123eb7387866e55ea09c4d1895b250351e585dd1a3dd63686904d6e5127d6fe499aa6d71b6c75b6479e5bba47ef93bcf945951edf90a483622687390701543f13b306e9ec77f3bfc57a62cd32b2c026d3565e59ac4742cb9b204d410ad24f83f92c8b685438f64ad1c4550a705000637b1f6830008e21924814e18469fb018403d25fc9fa20495c9ff1b68502e198ca45097e79aa801af0bd151dc667aa549697ffb7b44ae30d0bb1376b441a6f240b6057c66f4df345ad120fcc5dc4a8f27118999cf54deca02817354853512e4c3d6abf0a38c44b8be584182cedf14f143dd2b6403c6781cd574ea5024a6a68d762666bdedd58fc62954e971542fb7b243a2f8bbb067c460650f464b968a514e4b865d20d593e515f8c6194a3ba8c931cfff80bedc3386105a099d6ef3f10aec63edd9fe175219a06f28d52727f8817dfa05db5e618e8a445303fa7cf11b3fffc2bc19f42920b0b37b0d3f72b07375d27fcdbfbfbbe622ec5256f73a7aa4135512d0e681cef562f9c80bc97ed15278c3b69dc60c60f09753699167f928a0dd31434737991e6403b61068e8d47425b6c66cade802eab7c1559a0dc58ba27c06d48f0d3ecdf65c9d4b761a747657ec4b0eecf35de3f4a88aa1cadf191d4f9994a6f731bb1fbe4fa0341de4a27f34f055c2dbb4430443a4c7aa97de45e9edef08e9ce284315ba5ce49a261c339a6d09bbbe94a40c937af4fea4449651d11bf39278a11b77e2189daf016aca26b8e88d3b8fd76d86f58bf1eb811dc0c691d4aa412c979f32a7ef919bb42eecb564eff17829ecda64d539d3e83292fbb566fe59fe8970112198702602e1f4add4667446b8fdbee2521b7da63c1181655fc28e341dff33e9cbefaa9df8e616c8580ad1148b93029bf7e8d0f49ae845f2ff87756ff567e6e482ea37dc321d5171ea4ea6965434b6c13eaf68eaf8ddb3959ac404072f3d00df967d869245112e168779122b165c0bef037bc90559c9a8ff7bc0d1ca3b317982b5b83a52762c82136cc9ac489aee868e9f0b92c892e07125409b49359ff4f582be4d9e8ec3f8cf615ca9724d7a4e3a05046cb1c164a01c1a29a46cfb4314baf6321893134ea66672a7bf64cf522cb91a9150b44883dc824a0497df3aa7a6a659031666bfc3d3d8821f76c87ed8c90f9e955fb42f5e79886fa9f7d8e1cc3800ff2c76e0f77880a1ae5b57b54e298d23050e768fd59557fc3ad16eba70b17bd6089db4c9d3dd72462223e20323aae0c216691e66a8a682c9b73e3c1ef90b106aec3f86170cfef60dc87e246ae1f05c020beebc6b5eb4d458502a27b69155cf6149aed54b599d148edc3a53adbf66a01067766d5ff017abf6c1745e3fdbc6ec9f3dbf24b45898f1bee43956adb3de29555fa609095a141fa77059c4e529a333ff5c454cf3c0db3f0d3b601854875213d559aa248414356a50497bbdaaf4b8f38dbf56975e81256ec9c5496fb6a1d490ee48c51839bb34abf74df945b775d945832b25a96e3975f8ae395b252de8e45a3df7c7a4b0f3b2ae666a7184e767ba652009674b71be643e61b4cf2e8cccffab71d73d8b7ee9b39fdf264df0c25d85cc7605d7fdceca65ae3df6ea93d66bf37192e0ebabb7e651ef776e37f35645dfeeae233ff9ec0ef8ab5b5158d9688c3f532c29011a4d3778b9700da2805b4fc82b51f40cfe5f9c9c71c80809c1c12e11b24f97280c799c5cdb553a402511bd9c25c3060fca0163949054d80aad4e0fc5800bd86a65ee8f44db6321957318d633307cfe1beedf61ca392032cf8fe90d8be9ec4fdc565fd37b3d6700525ccf9a1834ebddbfd8e9897e6af041ec112064a3c90387d5d5deae26c8c60f350564bf96848bb7b41e543fb80e4836f5791f31247326a353abcf13e38f394ebf5c9aae24f2f34ca8c16520c8c9282ce47a86c284e10e4659d145bc53dc94115c4b953a398a8375fd611da39b2e1cb449ebeaa4cb34052ccd5d6c433bd6531d04ea6ecc6b8e727d212814aa0eb118a5d378b1875e54bebca8e29505fc4aa987cd0232550b1ca5d3984d758016ad28ba04d6727eeaaa143b59e0e3cd27d74bf132b4e444cca6177d622514f49c49ddc86c7861e0d3a1089e46db68519593dcb8ecda18d21d15dbabb8033eb8c9fc66118530f528b20a0429a16c24c4b800eaae601f5f20bbd39fdde5a468215eeb063502c2cc370da5353332d54e9a1aa1ef588c1634059c231b98da2939359ae79818748eb080501b3f5cf25f5358d01a2fa12003bc8a23e00b9be4c9286c2e709b2cebbb6c6c646278d0c49b96b254aedf7ff94f9633662be6347fc3b07cb97d290d0a8adfb8c6df6f2d203205ed54361c707015cbd42ffd37813118dce981ed287926c8e119222aa9c97d381ea041638bc399a100d0e1493c6aadd4538305e3ff8b376a43ea0d99c9cf3b322b9e5689746cb04593caef60a3afff9918f475053c1b056256eea740a0e8ea7776f9556b8123aefccccb21418530b0ccba6c6544d054e664db18b99d4f10ffa6a4d838803e8414a1a26fc6f19bcd969c7c03255305848ad4f441fed9a6d90dd5790924d0b89758644eb82faf36d31f8e9bb5c5fc7bee69e7ebb620f2d5bc36a1a5e38e0b852a2ce2a074956580de87cc5130b600f959315ca05eedf72be378a4d7166b30e95c79c9ed05f950bea3abd0fab19ed8ce7bab2aeaa0713795b29e2ef4f88bda3dd7463c00dc5c42bfb0b5c67151a23dcc5b7f82c33ab703a0bdc3d2f82232f19f2e1c85fcb3acb83879cdf270c759eccaa8f98a364a27271b254708269e8cc4803796fa09dc78b9c0e08aa6f9c846b201d2a375815b9311a04bb5938911b17bc4a55a328e68f8018a4bba2b1ca77d029168a8c31226faef33ef576806bcc45c770490934eb97244479a9d30de2d8f61d1e03790aa85c8360325820355b1b2d49a94e9550ebdbc05f53afeb4eb18b9711dbc913c61fe6b200df583b3b0c83805615e42c05ad5d8b99a338debe481d7dd9e1d3c54f8c40fd62ef4d043ad563b00c0ca1347e9a86475933cc418140b3dba1357f32fded9c002fd4a72635688445c03cce67bbc28f6582e4418da8e047c647abdd41ec0ddc036af7ac6567be375ef4bec8c196fa44d90a4a7f762d0a404124a9295bb902c91d8189176979aae0850f412227a6003fcdf33a596448f058093fb6debbd8b999f54c127177b5eac987673c0d675d609ef29879b89ed3289e8b0987ea197543267ba90d4822c4cfe411b5dd37c14d69583a669ee12b671fb679bfd9270865aacfd3b8ebe887be182f2079d106f1b0f3eb3dafaef0f4a136b40507c4fda2ccbb169931b72ecb1a0b666e013e7299447e2a2ab0509ec8611648e812049a3f9abb773cfaece82d0a23a911fc1122607eb387bbe697be11f97fa2a70b86109ac88fcc74716e3b36f4664e00a9995c08c18ba3dafd89e22bab3b899fdbeec7c5f3148d326d2c31ab4f6313b1edc0e20bd278523e174604c905e8a62d5da49bdfc967e78a2d39df1bb66f43dd3fa7d7139542ec6a4b2b00d939047e76e078eb998614a2044d5156685d6e355c9336cf78a65979c0fb223b30a64c91e4fa53f19471462f32466dca1c80609a51cf7b598adca1cc8d96fd7ed23fada9ac3fd4ed87af92c71fdebb7531030b7d3cdffd43a664859cb097e3b39850d3393a6d3bf902c7ed3ef4eeccdbcbeb41a374adc3b40c2d91903eb2af737a1cf8138ae1e7fd3a6523027506bb9b8b5eab872c667bbdf4377f35d057ca243c1ec6657f2bd70146f15fce1470200f294bb5a082c239f1258afd9ab8e42ae379501bf2c7487e790319fed586b853f9d427d27d39c40851c1c9e08ff8d747abb3e3e463179962b3451e7bcae818a67674e28fb16fdcade2b48deb4a09800dcf9588269a27608a940f5b704c2d1ff13ac95d15c700c8039b6d754a9c25e68c1adcca8bef4d66a989542bee90368160fc5b3b6c00f33fc8b59559fcfb28477e38e304f09ffc44595516ee22e1d209841fd0a4d22206d106cbd57c366b7e82618045d5192b5dfd4b1caf971dc7bc3451e7c8115722ccea76ad28a0f9957aa826645f5330acf99cffaab3e54abac37ccf91c4bc9ba68800f5df59d030f50dd6d164ab8cfaa84137fa194b5bface8f39aef32853408b67fef849f08de9d243edc85fba32183d231ebd22522bf90b0af7e5194550267b0f5c5ac3b3da2090ebae36a414319446b12c0c77e8e6f9963fe1eb11658332780007006fcd6b50ea230d78ec6
|
|
@@ -294,6 +294,104 @@ const requiredSchemasRule = {
|
|
|
294
294
|
},
|
|
295
295
|
};
|
|
296
296
|
|
|
297
|
+
/* ===== RULE: no-temp-dependency ===== */
|
|
298
|
+
const noTempDependencyRule = {
|
|
299
|
+
meta: {
|
|
300
|
+
type: 'problem',
|
|
301
|
+
docs: {
|
|
302
|
+
description: 'Disallow temporary security dependencies listed in the rule options (lockfile-only check).',
|
|
303
|
+
category: 'Security',
|
|
304
|
+
recommended: true
|
|
305
|
+
},
|
|
306
|
+
fixable: false,
|
|
307
|
+
messages: {
|
|
308
|
+
tempDepPresent: 'Temporary dependency "{{name}}" detected at version {{version}} (vulnerable: {{range}}). Remove once upstream packages are fixed.'
|
|
309
|
+
},
|
|
310
|
+
schema: [{ type: 'array', items: { type: 'object' } }]
|
|
311
|
+
},
|
|
312
|
+
create(context) {
|
|
313
|
+
let ran = false;
|
|
314
|
+
function cmpParts(a, b) {
|
|
315
|
+
const A = a.split('.').map(n => parseInt(n,10) || 0);
|
|
316
|
+
const B = b.split('.').map(n => parseInt(n,10) || 0);
|
|
317
|
+
for (let i=0;i<3;i++) {
|
|
318
|
+
if ((A[i]||0) < (B[i]||0)) return -1;
|
|
319
|
+
if ((A[i]||0) > (B[i]||0)) return 1;
|
|
320
|
+
}
|
|
321
|
+
return 0;
|
|
322
|
+
}
|
|
323
|
+
|
|
324
|
+
function satisfiesRange(version, rangeSpec) {
|
|
325
|
+
if (!rangeSpec || typeof rangeSpec !== 'string') return false;
|
|
326
|
+
rangeSpec = rangeSpec.trim();
|
|
327
|
+
// simple operators: <=, <, >=, >, =, exact
|
|
328
|
+
if (rangeSpec.startsWith('<=')) {
|
|
329
|
+
const v = rangeSpec.slice(2).trim();
|
|
330
|
+
return cmpParts(version,v) <= 0;
|
|
331
|
+
}
|
|
332
|
+
if (rangeSpec.startsWith('<')) {
|
|
333
|
+
const v = rangeSpec.slice(1).trim();
|
|
334
|
+
return cmpParts(version,v) < 0;
|
|
335
|
+
}
|
|
336
|
+
if (rangeSpec.startsWith('>=')) {
|
|
337
|
+
const v = rangeSpec.slice(2).trim();
|
|
338
|
+
return cmpParts(version,v) >= 0;
|
|
339
|
+
}
|
|
340
|
+
if (rangeSpec.startsWith('>')) {
|
|
341
|
+
const v = rangeSpec.slice(1).trim();
|
|
342
|
+
return cmpParts(version,v) > 0;
|
|
343
|
+
}
|
|
344
|
+
if (rangeSpec.startsWith('^')) {
|
|
345
|
+
const v = rangeSpec.slice(1).trim();
|
|
346
|
+
const [maj, min] = v.split('.').map(n=>parseInt(n,10)||0);
|
|
347
|
+
if (maj > 0) {
|
|
348
|
+
return cmpParts(version, v) >= 0 && cmpParts(version, (maj+1)+'.0.0') < 0;
|
|
349
|
+
}
|
|
350
|
+
if (maj === 0 && min > 0) {
|
|
351
|
+
return cmpParts(version, v) >= 0 && cmpParts(version, '0.'+(min+1)+'.0') < 0;
|
|
352
|
+
}
|
|
353
|
+
return cmpParts(version, v) >= 0 && cmpParts(version, '0.0.'+((parseInt(v.split('.')[2]||'0',10)||0)+1)) < 0;
|
|
354
|
+
}
|
|
355
|
+
if (rangeSpec.startsWith('~')) {
|
|
356
|
+
const v = rangeSpec.slice(1).trim();
|
|
357
|
+
const [maj, min] = v.split('.').map(n=>parseInt(n,10)||0);
|
|
358
|
+
return cmpParts(version, v) >= 0 && cmpParts(version, maj + '.' + (min+1) + '.0') < 0;
|
|
359
|
+
}
|
|
360
|
+
// exact equality
|
|
361
|
+
return cmpParts(version, rangeSpec) === 0 || rangeSpec === '=' + version;
|
|
362
|
+
}
|
|
363
|
+
|
|
364
|
+
return {
|
|
365
|
+
Program(node) {
|
|
366
|
+
if (ran) return; ran = true;
|
|
367
|
+
const projectRoot = process.cwd();
|
|
368
|
+
const lockPath = path.join(projectRoot, 'package-lock.json');
|
|
369
|
+
if (!fs.existsSync(lockPath)) return; // lockfile-only check
|
|
370
|
+
let lock;
|
|
371
|
+
try { lock = JSON.parse(fs.readFileSync(lockPath, 'utf8')); } catch (e) { return; }
|
|
372
|
+
const found = [];
|
|
373
|
+
function walk(deps) {
|
|
374
|
+
if (!deps) return;
|
|
375
|
+
for (const [k,v] of Object.entries(deps)) {
|
|
376
|
+
if (v && v.version) found.push({ name: k, version: v.version });
|
|
377
|
+
if (v && v.dependencies) walk(v.dependencies);
|
|
378
|
+
}
|
|
379
|
+
}
|
|
380
|
+
walk(lock.dependencies);
|
|
381
|
+
|
|
382
|
+
const rules = context.options[0] || [{ name: 'fast-xml-parser', vulnerableRange: '<=5.3.3', note: 'temporary security pin' }];
|
|
383
|
+
for (const r of rules) {
|
|
384
|
+
const hits = found.filter(f => f.name === r.name && satisfiesRange(f.version, r.vulnerableRange));
|
|
385
|
+
if (hits.length > 0) {
|
|
386
|
+
const h = hits[0];
|
|
387
|
+
context.report({ node, messageId: 'tempDepPresent', data: { name: r.name, version: h.version, range: r.vulnerableRange } });
|
|
388
|
+
}
|
|
389
|
+
}
|
|
390
|
+
}
|
|
391
|
+
};
|
|
392
|
+
}
|
|
393
|
+
};
|
|
394
|
+
|
|
297
395
|
/* ===== RULE: prop-types-jsdoc ===== */
|
|
298
396
|
const propTypesJsdocRule = {
|
|
299
397
|
meta: {
|
|
@@ -915,6 +1013,7 @@ export default {
|
|
|
915
1013
|
'no-process-env': noProcessEnvRule,
|
|
916
1014
|
'no-debug-true': noDebugTrueRule,
|
|
917
1015
|
'required-proptypes-jsdoc': propTypesJsdocRule,
|
|
1016
|
+
'no-temp-dependency': noTempDependencyRule,
|
|
918
1017
|
'file-name-kebab-case': fileNameKebabCaseRule,
|
|
919
1018
|
'no-duplicate-export-names': noDuplicateExportNamesRule,
|
|
920
1019
|
'class-name-kebab-case': classNameKebabCaseRule,
|
|
@@ -924,6 +1023,7 @@ export default {
|
|
|
924
1023
|
rules: {
|
|
925
1024
|
'pixelated/prop-types-inferprops': 'error',
|
|
926
1025
|
'pixelated/required-schemas': 'warn',
|
|
1026
|
+
'pixelated/no-temp-dependency': 'error',
|
|
927
1027
|
'pixelated/required-files': 'warn',
|
|
928
1028
|
'pixelated/no-raw-img': 'warn',
|
|
929
1029
|
'pixelated/require-section-ids': 'error',
|
|
@@ -210,6 +210,29 @@ declare namespace _default {
|
|
|
210
210
|
AssignmentExpression(node: any): void;
|
|
211
211
|
};
|
|
212
212
|
};
|
|
213
|
+
'no-temp-dependency': {
|
|
214
|
+
meta: {
|
|
215
|
+
type: string;
|
|
216
|
+
docs: {
|
|
217
|
+
description: string;
|
|
218
|
+
category: string;
|
|
219
|
+
recommended: boolean;
|
|
220
|
+
};
|
|
221
|
+
fixable: boolean;
|
|
222
|
+
messages: {
|
|
223
|
+
tempDepPresent: string;
|
|
224
|
+
};
|
|
225
|
+
schema: {
|
|
226
|
+
type: string;
|
|
227
|
+
items: {
|
|
228
|
+
type: string;
|
|
229
|
+
};
|
|
230
|
+
}[];
|
|
231
|
+
};
|
|
232
|
+
create(context: any): {
|
|
233
|
+
Program(node: any): void;
|
|
234
|
+
};
|
|
235
|
+
};
|
|
213
236
|
'file-name-kebab-case': {
|
|
214
237
|
meta: {
|
|
215
238
|
type: string;
|
|
@@ -279,6 +302,7 @@ declare namespace _default {
|
|
|
279
302
|
let rules_1: {
|
|
280
303
|
'pixelated/prop-types-inferprops': string;
|
|
281
304
|
'pixelated/required-schemas': string;
|
|
305
|
+
'pixelated/no-temp-dependency': string;
|
|
282
306
|
'pixelated/required-files': string;
|
|
283
307
|
'pixelated/no-raw-img': string;
|
|
284
308
|
'pixelated/require-section-ids': string;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pixelated-tech/components",
|
|
3
|
-
"version": "3.13.
|
|
3
|
+
"version": "3.13.2",
|
|
4
4
|
"private": false,
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Pixelated Technologies",
|
|
@@ -106,7 +106,8 @@
|
|
|
106
106
|
"dependencies": {
|
|
107
107
|
"date-fns": "^4.1.0",
|
|
108
108
|
"globals": "^17.2.0",
|
|
109
|
-
"html-entities": "^2.6.0"
|
|
109
|
+
"html-entities": "^2.6.0",
|
|
110
|
+
"fast-xml-parser": "^5.3.4"
|
|
110
111
|
},
|
|
111
112
|
"devDependencies": {
|
|
112
113
|
"@aws-sdk/client-amplify": "^3.980.0",
|