@stordata/vsphere-soapify 1.0.20250624140830 → 1.0.20250723071028
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/gl-sast-report.json +37 -19
- package/gl-sbom-npm-npm.cdx.json +79 -30
- package/package.json +3 -3
package/gl-sast-report.json
CHANGED
|
@@ -55,7 +55,7 @@
|
|
|
55
55
|
"vendor": {
|
|
56
56
|
"name": "GitLab"
|
|
57
57
|
},
|
|
58
|
-
"version": "6.
|
|
58
|
+
"version": "6.5.0"
|
|
59
59
|
},
|
|
60
60
|
"scanner": {
|
|
61
61
|
"id": "semgrep",
|
|
@@ -64,7 +64,7 @@
|
|
|
64
64
|
"vendor": {
|
|
65
65
|
"name": "GitLab"
|
|
66
66
|
},
|
|
67
|
-
"version": "1.
|
|
67
|
+
"version": "1.118.0"
|
|
68
68
|
},
|
|
69
69
|
"primary_identifiers": [
|
|
70
70
|
{
|
|
@@ -620,12 +620,14 @@
|
|
|
620
620
|
{
|
|
621
621
|
"type": "semgrep_id",
|
|
622
622
|
"name": "eslint.detect-buffer-noassert-read",
|
|
623
|
-
"value": "eslint.detect-buffer-noassert-read"
|
|
623
|
+
"value": "eslint.detect-buffer-noassert-read",
|
|
624
|
+
"url": "https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-buffer-noassert.js"
|
|
624
625
|
},
|
|
625
626
|
{
|
|
626
627
|
"type": "semgrep_id",
|
|
627
628
|
"name": "eslint.detect-buffer-noassert-write",
|
|
628
|
-
"value": "eslint.detect-buffer-noassert-write"
|
|
629
|
+
"value": "eslint.detect-buffer-noassert-write",
|
|
630
|
+
"url": "https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-buffer-noassert.js"
|
|
629
631
|
},
|
|
630
632
|
{
|
|
631
633
|
"type": "semgrep_id",
|
|
@@ -635,12 +637,14 @@
|
|
|
635
637
|
{
|
|
636
638
|
"type": "semgrep_id",
|
|
637
639
|
"name": "eslint.detect-eval-with-expression",
|
|
638
|
-
"value": "eslint.detect-eval-with-expression"
|
|
640
|
+
"value": "eslint.detect-eval-with-expression",
|
|
641
|
+
"url": "https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-eval-with-expression.js"
|
|
639
642
|
},
|
|
640
643
|
{
|
|
641
644
|
"type": "semgrep_id",
|
|
642
645
|
"name": "eslint.detect-new-buffer",
|
|
643
|
-
"value": "eslint.detect-new-buffer"
|
|
646
|
+
"value": "eslint.detect-new-buffer",
|
|
647
|
+
"url": "https://github.com/eslint-community/eslint-plugin-security/blob/main/rules/detect-new-buffer.js"
|
|
644
648
|
},
|
|
645
649
|
{
|
|
646
650
|
"type": "semgrep_id",
|
|
@@ -655,7 +659,8 @@
|
|
|
655
659
|
{
|
|
656
660
|
"type": "semgrep_id",
|
|
657
661
|
"name": "eslint.detect-non-literal-require",
|
|
658
|
-
"value": "eslint.detect-non-literal-require"
|
|
662
|
+
"value": "eslint.detect-non-literal-require",
|
|
663
|
+
"url": "https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-non-literal-require.js"
|
|
659
664
|
},
|
|
660
665
|
{
|
|
661
666
|
"type": "semgrep_id",
|
|
@@ -665,7 +670,8 @@
|
|
|
665
670
|
{
|
|
666
671
|
"type": "semgrep_id",
|
|
667
672
|
"name": "eslint.detect-pseudoRandomBytes",
|
|
668
|
-
"value": "eslint.detect-pseudoRandomBytes"
|
|
673
|
+
"value": "eslint.detect-pseudoRandomBytes",
|
|
674
|
+
"url": "https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-pseudoRandomBytes.js"
|
|
669
675
|
},
|
|
670
676
|
{
|
|
671
677
|
"type": "semgrep_id",
|
|
@@ -2190,12 +2196,14 @@
|
|
|
2190
2196
|
{
|
|
2191
2197
|
"type": "semgrep_id",
|
|
2192
2198
|
"name": "java_crypto_rule_JwtDecodeWithoutVerify",
|
|
2193
|
-
"value": "java_crypto_rule_JwtDecodeWithoutVerify"
|
|
2199
|
+
"value": "java_crypto_rule_JwtDecodeWithoutVerify",
|
|
2200
|
+
"url": "https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/"
|
|
2194
2201
|
},
|
|
2195
2202
|
{
|
|
2196
2203
|
"type": "semgrep_id",
|
|
2197
2204
|
"name": "java_crypto_rule_JwtNoneAlgorithm",
|
|
2198
|
-
"value": "java_crypto_rule_JwtNoneAlgorithm"
|
|
2205
|
+
"value": "java_crypto_rule_JwtNoneAlgorithm",
|
|
2206
|
+
"url": "https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/"
|
|
2199
2207
|
},
|
|
2200
2208
|
{
|
|
2201
2209
|
"type": "semgrep_id",
|
|
@@ -2205,7 +2213,8 @@
|
|
|
2205
2213
|
{
|
|
2206
2214
|
"type": "semgrep_id",
|
|
2207
2215
|
"name": "java_csrf_rule-UnrestrictedRequestMapping",
|
|
2208
|
-
"value": "java_csrf_rule-UnrestrictedRequestMapping"
|
|
2216
|
+
"value": "java_csrf_rule-UnrestrictedRequestMapping",
|
|
2217
|
+
"url": "https://find-sec-bugs.github.io/bugs.htm#SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING"
|
|
2209
2218
|
},
|
|
2210
2219
|
{
|
|
2211
2220
|
"type": "semgrep_id",
|
|
@@ -2240,7 +2249,8 @@
|
|
|
2240
2249
|
{
|
|
2241
2250
|
"type": "semgrep_id",
|
|
2242
2251
|
"name": "java_file_rule-FilePathTraversalHttpServlet",
|
|
2243
|
-
"value": "java_file_rule-FilePathTraversalHttpServlet"
|
|
2252
|
+
"value": "java_file_rule-FilePathTraversalHttpServlet",
|
|
2253
|
+
"url": "https://find-sec-bugs.github.io/bugs.htm#PATH_TRAVERSAL_IN"
|
|
2244
2254
|
},
|
|
2245
2255
|
{
|
|
2246
2256
|
"type": "semgrep_id",
|
|
@@ -2250,7 +2260,8 @@
|
|
|
2250
2260
|
{
|
|
2251
2261
|
"type": "semgrep_id",
|
|
2252
2262
|
"name": "java_inject_rule-DangerousGroovyShell",
|
|
2253
|
-
"value": "java_inject_rule-DangerousGroovyShell"
|
|
2263
|
+
"value": "java_inject_rule-DangerousGroovyShell",
|
|
2264
|
+
"url": "https://find-sec-bugs.github.io/bugs.htm#GROOVY_SHELL"
|
|
2254
2265
|
},
|
|
2255
2266
|
{
|
|
2256
2267
|
"type": "semgrep_id",
|
|
@@ -2330,7 +2341,13 @@
|
|
|
2330
2341
|
{
|
|
2331
2342
|
"type": "semgrep_id",
|
|
2332
2343
|
"name": "javascript_exec_rule-child-process",
|
|
2333
|
-
"value": "javascript_exec_rule-child-process"
|
|
2344
|
+
"value": "javascript_exec_rule-child-process",
|
|
2345
|
+
"url": "https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-child-process.js"
|
|
2346
|
+
},
|
|
2347
|
+
{
|
|
2348
|
+
"type": "semgrep_id",
|
|
2349
|
+
"name": "kotlin_pathtraversal_rule-FilePathTraversal",
|
|
2350
|
+
"value": "kotlin_pathtraversal_rule-FilePathTraversal"
|
|
2334
2351
|
},
|
|
2335
2352
|
{
|
|
2336
2353
|
"type": "semgrep_id",
|
|
@@ -2895,7 +2912,8 @@
|
|
|
2895
2912
|
{
|
|
2896
2913
|
"type": "semgrep_id",
|
|
2897
2914
|
"name": "python_jwt_rule-jwt-none-alg",
|
|
2898
|
-
"value": "python_jwt_rule-jwt-none-alg"
|
|
2915
|
+
"value": "python_jwt_rule-jwt-none-alg",
|
|
2916
|
+
"url": "https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/"
|
|
2899
2917
|
},
|
|
2900
2918
|
{
|
|
2901
2919
|
"type": "semgrep_id",
|
|
@@ -3024,17 +3042,17 @@
|
|
|
3024
3042
|
}
|
|
3025
3043
|
],
|
|
3026
3044
|
"type": "sast",
|
|
3027
|
-
"start_time": "2025-
|
|
3028
|
-
"end_time": "2025-
|
|
3045
|
+
"start_time": "2025-07-23T07:10:05",
|
|
3046
|
+
"end_time": "2025-07-23T07:10:21",
|
|
3029
3047
|
"status": "success",
|
|
3030
3048
|
"observability": {
|
|
3031
3049
|
"events": [
|
|
3032
3050
|
{
|
|
3033
3051
|
"event": "collect_sast_scan_metrics_from_pipeline",
|
|
3034
|
-
"property": "
|
|
3052
|
+
"property": "fb019085-d05f-4779-acc8-6bff32506b32",
|
|
3035
3053
|
"label": "semgrep",
|
|
3036
3054
|
"value": 0,
|
|
3037
|
-
"version": "6.
|
|
3055
|
+
"version": "6.5.0",
|
|
3038
3056
|
"exit_code": 0,
|
|
3039
3057
|
"override_count": 0,
|
|
3040
3058
|
"passthrough_count": 0,
|
package/gl-sbom-npm-npm.cdx.json
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
{
|
|
2
2
|
"bomFormat": "CycloneDX",
|
|
3
3
|
"specVersion": "1.4",
|
|
4
|
-
"serialNumber": "urn:uuid:
|
|
4
|
+
"serialNumber": "urn:uuid:d12de1e6-eded-4818-8544-ddacf49e8b71",
|
|
5
5
|
"version": 1,
|
|
6
6
|
"metadata": {
|
|
7
|
-
"timestamp": "2025-
|
|
7
|
+
"timestamp": "2025-07-23T07:10:06Z",
|
|
8
8
|
"tools": [
|
|
9
9
|
{
|
|
10
10
|
"vendor": "GitLab",
|
|
11
11
|
"name": "Gemnasium",
|
|
12
|
-
"version": "6.1.
|
|
12
|
+
"version": "6.1.8"
|
|
13
13
|
}
|
|
14
14
|
],
|
|
15
15
|
"authors": [
|
|
@@ -323,10 +323,10 @@
|
|
|
323
323
|
},
|
|
324
324
|
{
|
|
325
325
|
"name": "axios",
|
|
326
|
-
"version": "1.
|
|
327
|
-
"purl": "pkg:npm/axios@1.
|
|
326
|
+
"version": "1.11.0",
|
|
327
|
+
"purl": "pkg:npm/axios@1.11.0",
|
|
328
328
|
"type": "library",
|
|
329
|
-
"bom-ref": "pkg:npm/axios@1.
|
|
329
|
+
"bom-ref": "pkg:npm/axios@1.11.0"
|
|
330
330
|
},
|
|
331
331
|
{
|
|
332
332
|
"name": "axios-ntlm",
|
|
@@ -384,6 +384,13 @@
|
|
|
384
384
|
"type": "library",
|
|
385
385
|
"bom-ref": "pkg:npm/call-bind@1.0.2"
|
|
386
386
|
},
|
|
387
|
+
{
|
|
388
|
+
"name": "call-bind-apply-helpers",
|
|
389
|
+
"version": "1.0.2",
|
|
390
|
+
"purl": "pkg:npm/call-bind-apply-helpers@1.0.2",
|
|
391
|
+
"type": "library",
|
|
392
|
+
"bom-ref": "pkg:npm/call-bind-apply-helpers@1.0.2"
|
|
393
|
+
},
|
|
387
394
|
{
|
|
388
395
|
"name": "callsites",
|
|
389
396
|
"version": "3.1.0",
|
|
@@ -573,6 +580,13 @@
|
|
|
573
580
|
"type": "library",
|
|
574
581
|
"bom-ref": "pkg:npm/doctrine@3.0.0"
|
|
575
582
|
},
|
|
583
|
+
{
|
|
584
|
+
"name": "dunder-proto",
|
|
585
|
+
"version": "1.0.1",
|
|
586
|
+
"purl": "pkg:npm/dunder-proto@1.0.1",
|
|
587
|
+
"type": "library",
|
|
588
|
+
"bom-ref": "pkg:npm/dunder-proto@1.0.1"
|
|
589
|
+
},
|
|
576
590
|
{
|
|
577
591
|
"name": "eastasianwidth",
|
|
578
592
|
"version": "0.2.0",
|
|
@@ -601,12 +615,33 @@
|
|
|
601
615
|
"type": "library",
|
|
602
616
|
"bom-ref": "pkg:npm/es-abstract@1.22.1"
|
|
603
617
|
},
|
|
618
|
+
{
|
|
619
|
+
"name": "es-define-property",
|
|
620
|
+
"version": "1.0.1",
|
|
621
|
+
"purl": "pkg:npm/es-define-property@1.0.1",
|
|
622
|
+
"type": "library",
|
|
623
|
+
"bom-ref": "pkg:npm/es-define-property@1.0.1"
|
|
624
|
+
},
|
|
625
|
+
{
|
|
626
|
+
"name": "es-errors",
|
|
627
|
+
"version": "1.3.0",
|
|
628
|
+
"purl": "pkg:npm/es-errors@1.3.0",
|
|
629
|
+
"type": "library",
|
|
630
|
+
"bom-ref": "pkg:npm/es-errors@1.3.0"
|
|
631
|
+
},
|
|
632
|
+
{
|
|
633
|
+
"name": "es-object-atoms",
|
|
634
|
+
"version": "1.1.1",
|
|
635
|
+
"purl": "pkg:npm/es-object-atoms@1.1.1",
|
|
636
|
+
"type": "library",
|
|
637
|
+
"bom-ref": "pkg:npm/es-object-atoms@1.1.1"
|
|
638
|
+
},
|
|
604
639
|
{
|
|
605
640
|
"name": "es-set-tostringtag",
|
|
606
|
-
"version": "2.0
|
|
607
|
-
"purl": "pkg:npm/es-set-tostringtag@2.0
|
|
641
|
+
"version": "2.1.0",
|
|
642
|
+
"purl": "pkg:npm/es-set-tostringtag@2.1.0",
|
|
608
643
|
"type": "library",
|
|
609
|
-
"bom-ref": "pkg:npm/es-set-tostringtag@2.0
|
|
644
|
+
"bom-ref": "pkg:npm/es-set-tostringtag@2.1.0"
|
|
610
645
|
},
|
|
611
646
|
{
|
|
612
647
|
"name": "es-shim-unscopables",
|
|
@@ -855,10 +890,10 @@
|
|
|
855
890
|
},
|
|
856
891
|
{
|
|
857
892
|
"name": "form-data",
|
|
858
|
-
"version": "4.0.
|
|
859
|
-
"purl": "pkg:npm/form-data@4.0.
|
|
893
|
+
"version": "4.0.4",
|
|
894
|
+
"purl": "pkg:npm/form-data@4.0.4",
|
|
860
895
|
"type": "library",
|
|
861
|
-
"bom-ref": "pkg:npm/form-data@4.0.
|
|
896
|
+
"bom-ref": "pkg:npm/form-data@4.0.4"
|
|
862
897
|
},
|
|
863
898
|
{
|
|
864
899
|
"name": "formidable",
|
|
@@ -911,10 +946,17 @@
|
|
|
911
946
|
},
|
|
912
947
|
{
|
|
913
948
|
"name": "get-intrinsic",
|
|
914
|
-
"version": "1.
|
|
915
|
-
"purl": "pkg:npm/get-intrinsic@1.
|
|
949
|
+
"version": "1.3.0",
|
|
950
|
+
"purl": "pkg:npm/get-intrinsic@1.3.0",
|
|
951
|
+
"type": "library",
|
|
952
|
+
"bom-ref": "pkg:npm/get-intrinsic@1.3.0"
|
|
953
|
+
},
|
|
954
|
+
{
|
|
955
|
+
"name": "get-proto",
|
|
956
|
+
"version": "1.0.1",
|
|
957
|
+
"purl": "pkg:npm/get-proto@1.0.1",
|
|
916
958
|
"type": "library",
|
|
917
|
-
"bom-ref": "pkg:npm/get-
|
|
959
|
+
"bom-ref": "pkg:npm/get-proto@1.0.1"
|
|
918
960
|
},
|
|
919
961
|
{
|
|
920
962
|
"name": "get-stream",
|
|
@@ -974,10 +1016,10 @@
|
|
|
974
1016
|
},
|
|
975
1017
|
{
|
|
976
1018
|
"name": "gopd",
|
|
977
|
-
"version": "1.0
|
|
978
|
-
"purl": "pkg:npm/gopd@1.0
|
|
1019
|
+
"version": "1.2.0",
|
|
1020
|
+
"purl": "pkg:npm/gopd@1.2.0",
|
|
979
1021
|
"type": "library",
|
|
980
|
-
"bom-ref": "pkg:npm/gopd@1.0
|
|
1022
|
+
"bom-ref": "pkg:npm/gopd@1.2.0"
|
|
981
1023
|
},
|
|
982
1024
|
{
|
|
983
1025
|
"name": "graphemer",
|
|
@@ -1023,24 +1065,24 @@
|
|
|
1023
1065
|
},
|
|
1024
1066
|
{
|
|
1025
1067
|
"name": "has-symbols",
|
|
1026
|
-
"version": "1.0
|
|
1027
|
-
"purl": "pkg:npm/has-symbols@1.0
|
|
1068
|
+
"version": "1.1.0",
|
|
1069
|
+
"purl": "pkg:npm/has-symbols@1.1.0",
|
|
1028
1070
|
"type": "library",
|
|
1029
|
-
"bom-ref": "pkg:npm/has-symbols@1.0
|
|
1071
|
+
"bom-ref": "pkg:npm/has-symbols@1.1.0"
|
|
1030
1072
|
},
|
|
1031
1073
|
{
|
|
1032
1074
|
"name": "has-tostringtag",
|
|
1033
|
-
"version": "1.0.
|
|
1034
|
-
"purl": "pkg:npm/has-tostringtag@1.0.
|
|
1075
|
+
"version": "1.0.2",
|
|
1076
|
+
"purl": "pkg:npm/has-tostringtag@1.0.2",
|
|
1035
1077
|
"type": "library",
|
|
1036
|
-
"bom-ref": "pkg:npm/has-tostringtag@1.0.
|
|
1078
|
+
"bom-ref": "pkg:npm/has-tostringtag@1.0.2"
|
|
1037
1079
|
},
|
|
1038
1080
|
{
|
|
1039
1081
|
"name": "hasown",
|
|
1040
|
-
"version": "2.0.
|
|
1041
|
-
"purl": "pkg:npm/hasown@2.0.
|
|
1082
|
+
"version": "2.0.2",
|
|
1083
|
+
"purl": "pkg:npm/hasown@2.0.2",
|
|
1042
1084
|
"type": "library",
|
|
1043
|
-
"bom-ref": "pkg:npm/hasown@2.0.
|
|
1085
|
+
"bom-ref": "pkg:npm/hasown@2.0.2"
|
|
1044
1086
|
},
|
|
1045
1087
|
{
|
|
1046
1088
|
"name": "he",
|
|
@@ -1371,6 +1413,13 @@
|
|
|
1371
1413
|
"type": "library",
|
|
1372
1414
|
"bom-ref": "pkg:npm/lru-cache@6.0.0"
|
|
1373
1415
|
},
|
|
1416
|
+
{
|
|
1417
|
+
"name": "math-intrinsics",
|
|
1418
|
+
"version": "1.1.0",
|
|
1419
|
+
"purl": "pkg:npm/math-intrinsics@1.1.0",
|
|
1420
|
+
"type": "library",
|
|
1421
|
+
"bom-ref": "pkg:npm/math-intrinsics@1.1.0"
|
|
1422
|
+
},
|
|
1374
1423
|
{
|
|
1375
1424
|
"name": "mime-db",
|
|
1376
1425
|
"version": "1.42.0",
|
|
@@ -1807,10 +1856,10 @@
|
|
|
1807
1856
|
},
|
|
1808
1857
|
{
|
|
1809
1858
|
"name": "soap",
|
|
1810
|
-
"version": "1.
|
|
1811
|
-
"purl": "pkg:npm/soap@1.
|
|
1859
|
+
"version": "1.2.0",
|
|
1860
|
+
"purl": "pkg:npm/soap@1.2.0",
|
|
1812
1861
|
"type": "library",
|
|
1813
|
-
"bom-ref": "pkg:npm/soap@1.
|
|
1862
|
+
"bom-ref": "pkg:npm/soap@1.2.0"
|
|
1814
1863
|
},
|
|
1815
1864
|
{
|
|
1816
1865
|
"name": "string-width",
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@stordata/vsphere-soapify",
|
|
3
|
-
"version":"1.0.
|
|
3
|
+
"version":"1.0.20250723071028",
|
|
4
4
|
"description": "A NodeJS abstraction layer for the vSphere SOAP API",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -27,10 +27,10 @@
|
|
|
27
27
|
"registry": "https://registry.npmjs.org"
|
|
28
28
|
},
|
|
29
29
|
"dependencies": {
|
|
30
|
-
"axios": "1.
|
|
30
|
+
"axios": "1.11.0",
|
|
31
31
|
"debug": "4.4.1",
|
|
32
32
|
"lodash": "4.17.21",
|
|
33
|
-
"soap": "1.
|
|
33
|
+
"soap": "1.2.0",
|
|
34
34
|
"tough-cookie": "5.1.2"
|
|
35
35
|
},
|
|
36
36
|
"devDependencies": {
|