@pixelated-tech/components 3.13.1 → 3.13.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
pxl:v1:
|
|
1
|
+
pxl:v1:70ac06651c42e04f4e82bac3:6265229bd16e0c1883871e752180ba63:a18cb6ac91da4aec707a91b27769c1ecca7b82d3e26587b4992ef0ba0d1d708ff05de4efe7d45262bad54f3bad0212f9862314e0f039144e7f573fa21cdced0f0b080fe486b38eb8fd43c31c10f9fa6058d4f987b2da3679bdd79b70967543cf1c31e76615f6c8f433d7b62a57361c64ab0c9915315011415c07f9281a94b32a4d603b135e3a202560aabb23dff299a00b147891f1a55af06247e7bc94ff47355f9310be038d0940d68424cdf1e5970f9c9bb1463bc3b5ebdcfb786d38e671365554bb3cce0d134936326148f586c118d2eaa43d496c45ffbf6c3a4d84e95b1fc5142a49bd1c0aa01e9b260adf3313c7a0dca25c186701f74f5389cff35dad3ef003235da34aceeb495fb14db7ce4e349bf9ff8186a63e659e317b030c888fb221f6eb697ce49e50b4f766a6541c5514aee61a7b413b1a712494c585e5cce55f495e27b992f75ab8cf6579007ad5daa8c794361da8f4f3dfb43cec63eea9bb0d81632d00a59ea7b2f132d9c1dd921058f17712f6ce8576bee285aa7d81784ed0e4550ed0fa4cae2a699b4d59cda4810ce5f75b4e53624ae8f471ba3ccc23d8177f8dc34807179238e33375568f6217a67594aee7fdfe96930c32107202c3a3c49b562db84cf725869f6546677bc875a86ca0621fe88d3514011a34299134662d645c110a25cac48ce351540095ce07fe6924d8fb01211fe9262e8dbebdc7c8dc28696d8ad4c874c38c7bc8c83a8eb8ce0454f5a02074ded67a823500215a87830370e5bb9e6cd66175c6683ed7100a73b6deac415a59ecf351a9f7efd5ec5352e65fc5e688adb6b70e62503435312d32bf1d48d98aa2667ce4af23dfd7d273bf690a1075fd684ae6be97fe50a30b7212bf82133022e648685123dc4155fa7017cfff8326bf01f79b6b4f35685533c708fe23d3aa78df1a8c038494ca392192939f0f9c6f22237df9465202d225a904ce6a3076d5e3483bd5ed07d0543a34253b000d799223e31f8239ef4372ba3b71c81aa7b3c10c275adecd90854d8cd935f51c00edefa3aa14e27cb906d485fa0a8a142339e0dc636bb189b32e53feeaab5f715fc23d6ce234a41c52fc12d036bca6ae81a75eb27c39b6ba22b297c977b318d40e16df7182aad8ca43ee7556e668f2582036cb8f7ef095d12e9d4750ef6e2e471e964c3bde991414d11f1c46da0ce88dee058b73db8999473af00f294bca7e1a2293c83acdcd9f973c7f3c3cee771ed37b5e6374d870d5f496b67d9ed4249f94ea41272ab3880f3f4337e310075693386f44638a03d569ba7a04ac028bb11f289aabafc95b1939c54b393a66f7ef2cb4db99ebd2741390b44b7bea4b2a2d0c165601ea0886466913e11624d4aa1ab4e92fd9788ae91d48c78b1171ddda854e9a6ee36502318037736f2e4c338c213efd80bec13b999e66c559e3a175778c660740bb8b55ee550e345d79076b5cfeaf855e66f02d8a5358d5ff90776e804b32979246055a1d639d6d8e15f01cdc456bc822e872cbeb450c5a63016c2d8e6320d1e82709020e67f0c783d26a810436db5d8ea8f6cac89846aef9c72cae88662377153bf294b3cc7b317a813561b0ec890f1673507f6ae53536c43e38bd8d1e9e25bdc7ff7aca69db713c762443626ee48f7075661d1a8bf7e6c38c4ae6c1eebf5c06b1730e92635a95ad03db7609ff476ec0f6129567d6455db9cbc57ddd714c81c285a791f4d47b159f7170e1ab4d00d2f9a5106e6ec12c8605a0be2b6b83039e5b988c26fcee5ea25ac1e4410cd2a4d33964765963f3e5ad01e313127d09c2f28a779b9425afc11640b82a536480c829728e4fa8429e737177cc5a8ace94c41be0713735e77307e492efe781ecd13416e87f7481bd8b082fff6db9533dc9a34ed9cc295528ea216aa3457e6734b3d2935c5d6c0231b312bb5e60dd86f6c3e88132fcad450b6a48553a1fc8bcead337771cfe28f44a3b6f9fb097e48881281b08661bafb3bcf4457d6fb5d4831d09226f777a7ad38127e776ac07bbb83d7d332cdac772b7253061a474fad36b14f433d8e4a95e3184b75cb5d13c5b91d2bffde22f3127882c05a104aba355f98cc6fae7772f8ab3b641ea46b952a250568f653b62806c68c8abc8f76ec12839f9dd6a1fdd61e5fb6bd8625c876af779aaedbcbba0496274d7c9df9890c5d196cdf10bf78edf10ad545edf4d3bac17432f7129825540795ec4fa1a5ba620a5cd2b5d457596dc6ff35417380508fc1ccc1e02f4802d6bf12da54b17ae0193616887c5391b7a2133e9ef92a725a79931e25a1677ff61b60962b73a53b7e4b0497a43a10d7565ae58e9b90a1d002d75c00e52ef48b5b5fd61901bc239e6e02516d47a7daa73bb194cd55eec6cbcd757711286911020e8a8644a9c8437432570fb6f5dc9f8c4d02124fcd09f56b20146901d38407977dd8062980dcb1bf0d7e20cb9286da3129f3f2a7dc73f72f55ae3250cfb641763eabd58772348f982eaed31632cbfe3015ef11b7644ccde7d3924a136bc3769454c53aa6f5c46cd3d21ca35ab666cf98ce211037724cfd0ce9d81634b9ba312721f4bd8a106499c9f552459661c7dbc0d890ed97795f87a54ae85b743289bfc8e46e9fd5fac6bd31673108d8239b15a981b4bb9cae59adec6330775bf9a8668f17c755f4c87fd096e4c5b8b3a5b4740419dadbadc84bd1668a10fbd5ff1061d516a8dd255d2b119a657d819698fa74c9649b2065cb4f3b037147d305d13319e1e8ea9005b6c21a75ae2ba5b0963e883fa60be15a5cc1fe80ea5068a5c1d1d4f0d35d17dff94cb0b5c4509a78bb4a1dce8dff79ed6453f41fa79cf95f83e605e253abae70c5062db2e399be14816ae8cf860c6508167ebf6202cf77a2bfa32a6c57285ff04a40f053eea6fe75f8ba4a31a71fd46e38874c840e65686e5cd6ccd56c295bbcd8af94be7b0f4a968710ca7ce92b671be4726f0595584a74217da1c903805ed48451b95258f7f7f2070fb71db54569d906e68a19400f4830a736efb0c318ff653e11cf6e872aacae103bf03c709e28cb2842fc449f8fb0dc111116a4563fb388c6a5664419ae3b9b246873774647ee864c7f48ef1a769572b0d88c1620da8da8a9b817b17650433abbf595bcab24fd2a4c75776c603bb854a5e926f9325114c8e586cdd954d16ab2f80d5bdd0cc8513b29f55bb1acfa2bfdc16f6efa8448ede6b48c1412e5ee0b6701220afaedf8b52a41914b6581d05d5cbec380cef8ba15ce40e8b941507888e91193e5500a0adb98b7a6e339fb07c07d0d5bd71a580c958536b3a892887e60ab41f99bdd1057945dad5e4cb7bfc419f7fd0d85161bd2afbb991976411a48d7a7c1b8de07295587d0e025e3679bc904175fd349b8bc8e8e1d7231afadf56383dead40d2959991f3b5d457e7669ec8163e3c487b8e4e37620b64dee667f8f65595d137019eea01510c4964af7c3921899255b1eddea700138fcb5229a9c14b0c907df826de211fcd3ef119078939314654d97363db37aaed2ff580df73722fa762b9e75118c3ea937b377142982b88597e9326939f1bc37d0fbd34e3b35daa0ed39de861daa6c14fadacd49134f083e36ff7f1b6a84a523e5b10cb404b9884fc205db2f5a7aa6ab5e341ff2514f93fe80a4f30f27929dd350d7e7cb511990540391311a048fe2d12c8bf9c7d56a412fc9331a9f13ddcd4c7338faeab0b898620cec34dc2ee416d575ac843f124315f1440093303284f9b8cf30b7b83d791ee6fabd9b6dd51af5e9fe293c7934a2c1272f4f6ad85f853865c8192981b8efbe39fe1e7abd07905aa0b64d170a1d8cf98886aeabee5de52afb9e9f6c797b4c0535107906ce65f9c6309ee9b1e306991193bd4517d537cbb11fbebc220bf9b461c740e0bc35b9e4908bbbeb2ac8c5d01f783c95e81fa37d25b0d5486d8b0d2781314742e7950543a8893718cf45ab99b34958e52a40945054a0932ab7afbe33e722fd50b211590864824d7a213ac49109d59424449148cb00a7d862f58d7c91477de605275141d592e4960cb450d077b6985df87f7f1eec339dbf4faaf2565e254b9c72c5ad47553c6478abb0fd3a103f9446c72d75b8d6ad7e125bd2cfd1857c549ef67596a939652ab202ed9cbe6b52646a0a74ad9690e2cd75bd4b02cd0852838ef19af9f22d27c1f15866e8c1b6caf2c260b951ddb2866d641fa180e7b4f1f5811400142fd4d1383b59ec312b89d14738e19d1628da0a55136261a5e7fda5942e3ca0fccbe0b4d227f219fba631dad771a83f4f608a0a80b3c5244b8e2af9bfe73b1a145cd7978a8b919b88dc1c9c0eaaf1e8690369eed397a78cf324f545b8ef337b861355c18954a743298f1938223240e1d1080b2b3d287540effad8f8faf2b526acd9010db9df9e52fd997ff9274a95a89c8d2f48344a14d820d0fb1870fe7fb0802e83dd53cd82c0447115f7b0adeda14e0a27cd884f90f81ccf6e2c1b172fd0f094983ca2678fa9ce3393a7423eb9be7c954714e95025ffd2e2cf0b5a697e8ffc44ef285fe6824e0d966cd731004c82dca10513343d7dd532d183898ee3f31af7543438bb13284e239a8819e43bf4062216a3620af1fd97d64b3cd91808b00157c4eabe7c659f85aa8860d4a4f103b3f89765795516d19b6a497640422003f3c7b95ebcb29280e1c620c8d6bedbc2343204bdfa947348fa1cb730f67a4186fa2c682f8eb449489b7937ea0b977ac8d6492c650df0058906a80edf0307e89dc04891516548120f39e5cc5fd5cb593420610164e36dda560a5ec0200e40a6d460004cca4d66a86a9004e6131adf579d2d2cf35effba7d2aacd402bd9a6eef83e8dbdb2a54daf33c2db029ae8b3eb18915c991c8c9c5bac75df4a7bb93426b205b503b483d8499c5540a8131d2888ce930d1a8a88fa6e3f2dea7b30da6d91f3920060c52aad2c16a712d3203fb2279acf0cd71d0745fbdfe88575e7611af4f1ad691d3250bacdaab022877f7c2dd55351d7de6c4407c830909c96aed6b2263c0682d62606b2819df5717bb5b56c9e12f2fce757fec843037c15c5340acb2045452918cfca0e3fdd1b59b38acd679bc88cc6be4e5fa6e258b33f7a2ea5b3329266da12e91ab035298ef8cbe59aa8d3230e8527ff4ca7e133df5433f563da57f
|
|
@@ -294,6 +294,255 @@ const requiredSchemasRule = {
|
|
|
294
294
|
},
|
|
295
295
|
};
|
|
296
296
|
|
|
297
|
+
/* ===== RULE: no-temp-dependency ===== */
|
|
298
|
+
const noTempDependencyRule = {
|
|
299
|
+
meta: {
|
|
300
|
+
type: 'problem',
|
|
301
|
+
docs: {
|
|
302
|
+
description: 'Disallow temporary security dependencies listed in the rule options (lockfile-only check).',
|
|
303
|
+
category: 'Security',
|
|
304
|
+
recommended: true
|
|
305
|
+
},
|
|
306
|
+
fixable: false,
|
|
307
|
+
messages: {
|
|
308
|
+
tempDepPresent: 'Temporary dependency "{{name}}" detected at version {{version}} (vulnerable: {{range}}). Remove once upstream packages are fixed.'
|
|
309
|
+
},
|
|
310
|
+
schema: [{ type: 'array', items: { type: 'object' } }]
|
|
311
|
+
},
|
|
312
|
+
create(context) {
|
|
313
|
+
let ran = false;
|
|
314
|
+
|
|
315
|
+
function cmpParts(a, b) {
|
|
316
|
+
const A = (a || '').split('.').map(n => parseInt(n,10) || 0);
|
|
317
|
+
const B = (b || '').split('.').map(n => parseInt(n,10) || 0);
|
|
318
|
+
for (let i=0;i<3;i++) {
|
|
319
|
+
if ((A[i]||0) < (B[i]||0)) return -1;
|
|
320
|
+
if ((A[i]||0) > (B[i]||0)) return 1;
|
|
321
|
+
}
|
|
322
|
+
return 0;
|
|
323
|
+
}
|
|
324
|
+
|
|
325
|
+
function normalizeVersion(v) {
|
|
326
|
+
if (!v || typeof v !== 'string') return '';
|
|
327
|
+
return v.trim().replace(/^[^0-9]*/, '').replace(/\s+.*$/, '');
|
|
328
|
+
}
|
|
329
|
+
|
|
330
|
+
function satisfiesRange(version, rangeSpec) {
|
|
331
|
+
if (!rangeSpec || typeof rangeSpec !== 'string') return false;
|
|
332
|
+
rangeSpec = rangeSpec.trim();
|
|
333
|
+
const ver = normalizeVersion(version);
|
|
334
|
+
// simple operators: <=, <, >=, >, =, exact
|
|
335
|
+
if (rangeSpec.startsWith('<=')) {
|
|
336
|
+
const v = rangeSpec.slice(2).trim();
|
|
337
|
+
return cmpParts(ver,v) <= 0;
|
|
338
|
+
}
|
|
339
|
+
if (rangeSpec.startsWith('<')) {
|
|
340
|
+
const v = rangeSpec.slice(1).trim();
|
|
341
|
+
return cmpParts(ver,v) < 0;
|
|
342
|
+
}
|
|
343
|
+
if (rangeSpec.startsWith('>=')) {
|
|
344
|
+
const v = rangeSpec.slice(2).trim();
|
|
345
|
+
return cmpParts(ver,v) >= 0;
|
|
346
|
+
}
|
|
347
|
+
if (rangeSpec.startsWith('>')) {
|
|
348
|
+
const v = rangeSpec.slice(1).trim();
|
|
349
|
+
return cmpParts(ver,v) > 0;
|
|
350
|
+
}
|
|
351
|
+
if (rangeSpec.startsWith('^')) {
|
|
352
|
+
const v = rangeSpec.slice(1).trim();
|
|
353
|
+
const [maj, min] = v.split('.').map(n=>parseInt(n,10)||0);
|
|
354
|
+
if (maj > 0) {
|
|
355
|
+
return cmpParts(ver, v) >= 0 && cmpParts(ver, (maj+1)+'.0.0') < 0;
|
|
356
|
+
}
|
|
357
|
+
if (maj === 0 && min > 0) {
|
|
358
|
+
return cmpParts(ver, v) >= 0 && cmpParts(ver, '0.'+(min+1)+'.0') < 0;
|
|
359
|
+
}
|
|
360
|
+
return cmpParts(ver, v) >= 0 && cmpParts(ver, '0.0.'+((parseInt(v.split('.')[2]||'0',10)||0)+1)) < 0;
|
|
361
|
+
}
|
|
362
|
+
if (rangeSpec.startsWith('~')) {
|
|
363
|
+
const v = rangeSpec.slice(1).trim();
|
|
364
|
+
const [maj, min] = v.split('.').map(n=>parseInt(n,10)||0);
|
|
365
|
+
return cmpParts(ver, v) >= 0 && cmpParts(ver, maj + '.' + (min+1) + '.0') < 0;
|
|
366
|
+
}
|
|
367
|
+
// exact equality
|
|
368
|
+
return cmpParts(ver, normalizeVersion(rangeSpec)) === 0 || rangeSpec === '=' + ver;
|
|
369
|
+
}
|
|
370
|
+
|
|
371
|
+
function overrideCoversTarget(overrides, targetName) {
|
|
372
|
+
if (!overrides || typeof overrides !== 'object') return false;
|
|
373
|
+
if (Object.prototype.hasOwnProperty.call(overrides, targetName)) return true;
|
|
374
|
+
for (const [k,v] of Object.entries(overrides)) {
|
|
375
|
+
if (k === targetName) return true;
|
|
376
|
+
if (v && typeof v === 'object' && Object.prototype.hasOwnProperty.call(v, targetName)) return true;
|
|
377
|
+
}
|
|
378
|
+
return false;
|
|
379
|
+
}
|
|
380
|
+
|
|
381
|
+
function collectVersions(lock, pkgName) {
|
|
382
|
+
const versions = [];
|
|
383
|
+
try {
|
|
384
|
+
// New lockfile format (package-lock v3) exposes package paths under lock.packages
|
|
385
|
+
if (lock && lock.packages && typeof lock.packages === 'object') {
|
|
386
|
+
for (const [pkgPath, pkgObj] of Object.entries(lock.packages)) {
|
|
387
|
+
if (!pkgObj || !pkgObj.version) continue;
|
|
388
|
+
if (!pkgPath || pkgPath === '') continue; // skip root
|
|
389
|
+
if (!pkgPath.startsWith('node_modules/')) continue;
|
|
390
|
+
// Handle nested package paths like 'node_modules/@aws-sdk/xml-builder/node_modules/fast-xml-parser'
|
|
391
|
+
const segments = pkgPath.split('node_modules/').slice(1);
|
|
392
|
+
for (const seg of segments) {
|
|
393
|
+
let candidate;
|
|
394
|
+
if (seg.startsWith('@')) {
|
|
395
|
+
const p = seg.split('/'); candidate = p.slice(0,2).join('/');
|
|
396
|
+
} else {
|
|
397
|
+
candidate = seg.split('/')[0];
|
|
398
|
+
}
|
|
399
|
+
if (candidate === pkgName) {
|
|
400
|
+
versions.push(pkgObj.version);
|
|
401
|
+
break;
|
|
402
|
+
}
|
|
403
|
+
}
|
|
404
|
+
}
|
|
405
|
+
}
|
|
406
|
+
|
|
407
|
+
// Also search nested dependency trees if present (older lockfile layout)
|
|
408
|
+
function walk(deps) {
|
|
409
|
+
if (!deps) return;
|
|
410
|
+
for (const [k,v] of Object.entries(deps)) {
|
|
411
|
+
if (k === pkgName) {
|
|
412
|
+
if (v && typeof v === 'string') versions.push(v);
|
|
413
|
+
else if (v && v.version) versions.push(v.version);
|
|
414
|
+
}
|
|
415
|
+
if (v && v.dependencies) walk(v.dependencies);
|
|
416
|
+
}
|
|
417
|
+
}
|
|
418
|
+
if (lock && lock.dependencies) walk(lock.dependencies);
|
|
419
|
+
} catch (e) {
|
|
420
|
+
// defensive
|
|
421
|
+
}
|
|
422
|
+
return versions;
|
|
423
|
+
}
|
|
424
|
+
|
|
425
|
+
return {
|
|
426
|
+
Program(node) {
|
|
427
|
+
if (ran) return; ran = true;
|
|
428
|
+
const projectRoot = process.cwd();
|
|
429
|
+
const lockPath = path.join(projectRoot, 'package-lock.json');
|
|
430
|
+
if (!fs.existsSync(lockPath)) return; // lockfile-only check
|
|
431
|
+
let lock;
|
|
432
|
+
try { lock = JSON.parse(fs.readFileSync(lockPath, 'utf8')); } catch (e) { return; }
|
|
433
|
+
|
|
434
|
+
const rules = context.options[0] || [{ name: 'fast-xml-parser', vulnerableRange: '<=5.3.3', note: 'temporary security pin' }];
|
|
435
|
+
for (const r of rules) {
|
|
436
|
+
// Check all installed copies (including nested) for vulnerable versions
|
|
437
|
+
const versions = collectVersions(lock, r.name);
|
|
438
|
+
const vulnerable = versions.some(v => satisfiesRange(v, r.vulnerableRange));
|
|
439
|
+
if (vulnerable) {
|
|
440
|
+
context.report({ node, messageId: 'tempDepPresent', data: { name: r.name, version: versions[0], range: r.vulnerableRange } });
|
|
441
|
+
continue;
|
|
442
|
+
}
|
|
443
|
+
|
|
444
|
+
// No vulnerable hits — do not report on overrides here; stale override checks are handled by `no-stale-override` rule.
|
|
445
|
+
// This rule only reports actual vulnerable installed copies.
|
|
446
|
+
// nothing to report here
|
|
447
|
+
}
|
|
448
|
+
}
|
|
449
|
+
};
|
|
450
|
+
}
|
|
451
|
+
};
|
|
452
|
+
|
|
453
|
+
/* ===== RULE: no-stale-override ===== */
|
|
454
|
+
const noStaleOverrideRule = {
|
|
455
|
+
meta: {
|
|
456
|
+
type: 'problem',
|
|
457
|
+
docs: {
|
|
458
|
+
description: 'Detect overrides that are now unnecessary because the target library already requires an equal-or-higher version.',
|
|
459
|
+
category: 'Security',
|
|
460
|
+
recommended: true
|
|
461
|
+
},
|
|
462
|
+
fixable: false,
|
|
463
|
+
messages: {
|
|
464
|
+
staleOverride: 'Override for "{{library}}" -> "{{dep}}" is stale: library declares "{{libConstraint}}" which satisfies or exceeds override "{{override}}". Remove the override.'
|
|
465
|
+
},
|
|
466
|
+
schema: [],
|
|
467
|
+
},
|
|
468
|
+
create(context) {
|
|
469
|
+
let ran = false;
|
|
470
|
+
|
|
471
|
+
function cmpParts(a, b) {
|
|
472
|
+
const A = (a || '').split('.').map(n => parseInt(n,10) || 0);
|
|
473
|
+
const B = (b || '').split('.').map(n => parseInt(n,10) || 0);
|
|
474
|
+
for (let i=0;i<3;i++) {
|
|
475
|
+
if ((A[i]||0) < (B[i]||0)) return -1;
|
|
476
|
+
if ((A[i]||0) > (B[i]||0)) return 1;
|
|
477
|
+
}
|
|
478
|
+
return 0;
|
|
479
|
+
}
|
|
480
|
+
|
|
481
|
+
function normalizeVersion(v) {
|
|
482
|
+
if (!v || typeof v !== 'string') return '';
|
|
483
|
+
return v.trim().replace(/^[^0-9]*/, '').replace(/\s+.*$/, '');
|
|
484
|
+
}
|
|
485
|
+
|
|
486
|
+
function parseBaseVersion(range) {
|
|
487
|
+
if (!range || typeof range !== 'string') return '';
|
|
488
|
+
const s = range.trim();
|
|
489
|
+
if (s.startsWith('^') || s.startsWith('~') || s.startsWith('>=') || s.startsWith('<=') || s.startsWith('>') || s.startsWith('<') || s.startsWith('=')) {
|
|
490
|
+
return normalizeVersion(s.replace(/^[^0-9]*/, ''));
|
|
491
|
+
}
|
|
492
|
+
return normalizeVersion(s);
|
|
493
|
+
}
|
|
494
|
+
|
|
495
|
+
function findLibraryEntry(lock, library) {
|
|
496
|
+
try {
|
|
497
|
+
if (!lock || !lock.packages) return null;
|
|
498
|
+
for (const [pkgPath, pkgObj] of Object.entries(lock.packages)) {
|
|
499
|
+
if (!pkgPath || !pkgPath.startsWith('node_modules/')) continue;
|
|
500
|
+
const after = pkgPath.split('node_modules/').pop();
|
|
501
|
+
let candidate;
|
|
502
|
+
if (after.startsWith('@')) {
|
|
503
|
+
const p = after.split('/'); candidate = p.slice(0,2).join('/');
|
|
504
|
+
} else {
|
|
505
|
+
candidate = after.split('/')[0];
|
|
506
|
+
}
|
|
507
|
+
if (candidate === library) return pkgObj;
|
|
508
|
+
}
|
|
509
|
+
} catch (e) { /* defensive */ }
|
|
510
|
+
return null;
|
|
511
|
+
}
|
|
512
|
+
|
|
513
|
+
return {
|
|
514
|
+
Program(node) {
|
|
515
|
+
if (ran) return; ran = true;
|
|
516
|
+
const projectRoot = process.cwd();
|
|
517
|
+
const lockPath = path.join(projectRoot, 'package-lock.json');
|
|
518
|
+
const pkgPath = path.join(projectRoot, 'package.json');
|
|
519
|
+
if (!fs.existsSync(lockPath) || !fs.existsSync(pkgPath)) return;
|
|
520
|
+
let lock, pkg;
|
|
521
|
+
try { lock = JSON.parse(fs.readFileSync(lockPath, 'utf8')); pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8')); } catch (e) { return; }
|
|
522
|
+
|
|
523
|
+
const overrides = pkg.overrides || pkg.resolutions || (pkg['pnpm'] && pkg['pnpm'].overrides) || {};
|
|
524
|
+
for (const [k,v] of Object.entries(overrides)) {
|
|
525
|
+
// only consider nested mapping overrides: library -> { dep: version }
|
|
526
|
+
if (v && typeof v === 'object') {
|
|
527
|
+
const library = k;
|
|
528
|
+
for (const [dep, overrideSpec] of Object.entries(v)) {
|
|
529
|
+
const libEntry = findLibraryEntry(lock, library);
|
|
530
|
+
if (!libEntry) continue;
|
|
531
|
+
const libDep = (libEntry.dependencies && libEntry.dependencies[dep]) || (libEntry.requires && libEntry.requires[dep]);
|
|
532
|
+
if (!libDep) continue;
|
|
533
|
+
const libBase = normalizeVersion(libDep);
|
|
534
|
+
const overrideBase = parseBaseVersion(overrideSpec);
|
|
535
|
+
if (libBase && overrideBase && cmpParts(libBase, overrideBase) >= 0) {
|
|
536
|
+
context.report({ node, messageId: 'staleOverride', data: { library, dep, libConstraint: libDep, override: overrideSpec } });
|
|
537
|
+
}
|
|
538
|
+
}
|
|
539
|
+
}
|
|
540
|
+
}
|
|
541
|
+
}
|
|
542
|
+
};
|
|
543
|
+
}
|
|
544
|
+
};
|
|
545
|
+
|
|
297
546
|
/* ===== RULE: prop-types-jsdoc ===== */
|
|
298
547
|
const propTypesJsdocRule = {
|
|
299
548
|
meta: {
|
|
@@ -915,6 +1164,8 @@ export default {
|
|
|
915
1164
|
'no-process-env': noProcessEnvRule,
|
|
916
1165
|
'no-debug-true': noDebugTrueRule,
|
|
917
1166
|
'required-proptypes-jsdoc': propTypesJsdocRule,
|
|
1167
|
+
'no-temp-dependency': noTempDependencyRule,
|
|
1168
|
+
'no-stale-override': noStaleOverrideRule,
|
|
918
1169
|
'file-name-kebab-case': fileNameKebabCaseRule,
|
|
919
1170
|
'no-duplicate-export-names': noDuplicateExportNamesRule,
|
|
920
1171
|
'class-name-kebab-case': classNameKebabCaseRule,
|
|
@@ -924,6 +1175,8 @@ export default {
|
|
|
924
1175
|
rules: {
|
|
925
1176
|
'pixelated/prop-types-inferprops': 'error',
|
|
926
1177
|
'pixelated/required-schemas': 'warn',
|
|
1178
|
+
'pixelated/no-temp-dependency': 'error',
|
|
1179
|
+
'pixelated/no-stale-override': 'error',
|
|
927
1180
|
'pixelated/required-files': 'warn',
|
|
928
1181
|
'pixelated/no-raw-img': 'warn',
|
|
929
1182
|
'pixelated/require-section-ids': 'error',
|
|
@@ -210,6 +210,47 @@ declare namespace _default {
|
|
|
210
210
|
AssignmentExpression(node: any): void;
|
|
211
211
|
};
|
|
212
212
|
};
|
|
213
|
+
'no-temp-dependency': {
|
|
214
|
+
meta: {
|
|
215
|
+
type: string;
|
|
216
|
+
docs: {
|
|
217
|
+
description: string;
|
|
218
|
+
category: string;
|
|
219
|
+
recommended: boolean;
|
|
220
|
+
};
|
|
221
|
+
fixable: boolean;
|
|
222
|
+
messages: {
|
|
223
|
+
tempDepPresent: string;
|
|
224
|
+
};
|
|
225
|
+
schema: {
|
|
226
|
+
type: string;
|
|
227
|
+
items: {
|
|
228
|
+
type: string;
|
|
229
|
+
};
|
|
230
|
+
}[];
|
|
231
|
+
};
|
|
232
|
+
create(context: any): {
|
|
233
|
+
Program(node: any): void;
|
|
234
|
+
};
|
|
235
|
+
};
|
|
236
|
+
'no-stale-override': {
|
|
237
|
+
meta: {
|
|
238
|
+
type: string;
|
|
239
|
+
docs: {
|
|
240
|
+
description: string;
|
|
241
|
+
category: string;
|
|
242
|
+
recommended: boolean;
|
|
243
|
+
};
|
|
244
|
+
fixable: boolean;
|
|
245
|
+
messages: {
|
|
246
|
+
staleOverride: string;
|
|
247
|
+
};
|
|
248
|
+
schema: never[];
|
|
249
|
+
};
|
|
250
|
+
create(context: any): {
|
|
251
|
+
Program(node: any): void;
|
|
252
|
+
};
|
|
253
|
+
};
|
|
213
254
|
'file-name-kebab-case': {
|
|
214
255
|
meta: {
|
|
215
256
|
type: string;
|
|
@@ -279,6 +320,8 @@ declare namespace _default {
|
|
|
279
320
|
let rules_1: {
|
|
280
321
|
'pixelated/prop-types-inferprops': string;
|
|
281
322
|
'pixelated/required-schemas': string;
|
|
323
|
+
'pixelated/no-temp-dependency': string;
|
|
324
|
+
'pixelated/no-stale-override': string;
|
|
282
325
|
'pixelated/required-files': string;
|
|
283
326
|
'pixelated/no-raw-img': string;
|
|
284
327
|
'pixelated/require-section-ids': string;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pixelated-tech/components",
|
|
3
|
-
"version": "3.13.
|
|
3
|
+
"version": "3.13.3",
|
|
4
4
|
"private": false,
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Pixelated Technologies",
|
|
@@ -105,6 +105,7 @@
|
|
|
105
105
|
},
|
|
106
106
|
"dependencies": {
|
|
107
107
|
"date-fns": "^4.1.0",
|
|
108
|
+
"fast-xml-parser": "^5.3.4",
|
|
108
109
|
"globals": "^17.2.0",
|
|
109
110
|
"html-entities": "^2.6.0"
|
|
110
111
|
},
|
|
@@ -112,10 +113,10 @@
|
|
|
112
113
|
"@aws-sdk/client-amplify": "^3.980.0",
|
|
113
114
|
"@aws-sdk/client-iam": "^3.980.0",
|
|
114
115
|
"@babel/cli": "^7.28.6",
|
|
115
|
-
"@babel/core": "^7.
|
|
116
|
+
"@babel/core": "^7.29.0",
|
|
116
117
|
"@babel/plugin-proposal-class-properties": "^7.18.6",
|
|
117
118
|
"@babel/plugin-proposal-object-rest-spread": "^7.20.7",
|
|
118
|
-
"@babel/preset-env": "^7.
|
|
119
|
+
"@babel/preset-env": "^7.29.0",
|
|
119
120
|
"@babel/preset-react": "^7.28.5",
|
|
120
121
|
"@babel/preset-typescript": "^7.28.5",
|
|
121
122
|
"@eslint/json": "^1.0.0",
|