cyberchef 10.22.1 → 10.24.0

package/CHANGELOG.md

@@ -13,6 +13,88 @@ All major and minor version changes will be documented in this file. Details of
 
 ## Details
 
+### [10.24.0] - 2026-04-27
+- Update CONTRIBUTING.md [@GCHQDeveloper581] | [#2333]
+- Fix, and link, Fernet tests [@GCHQDeveloper581] | [#2335]
+- [#927] added parity bit operation [@j83305] | [#1036]
+- Feature md link blanks [@BjoernAkAManf] [@GCHQDeveloper581] | [#660]
+- Accessibility - Add support for screenreaders in operations search [@mattnotmitt] | [#1862]
+- Added metadata extraction for UUID strings. [@ko80240] | [#2322]
+- chore (deps): bump the patch-updates group with 6 updates  | [#2330]
+- chore (deps): bump @codemirror/search from 6.6.0 to 6.7.0  | [#2331]
+- (Feature) Improve CI [@GCHQDeveloper581] | [#2328]
+- Update dependabot.yml [@GCHQDeveloper581] | [#2326]
+- chore (deps): bump lodash, grunt-legacy-log and grunt-legacy-util  | [#2327]
+- chore (deps): bump the patch-updates group with 6 updates [@GCHQDeveloper581] | [#2323]
+- chore (deps): bump autoprefixer from 10.4.27 to 10.5.0  | [#2324]
+- chore (deps): bump dompurify from 3.3.3 to 3.4.0  | [#2321]
+- chore (deps): bump follow-redirects from 1.15.11 to 1.16.0  | [#2320]
+- Regular Expression operation email address regex: Support IPv4 domains [@C85297] [@GCHQDeveloper581] | [#2167]
+- Rewriting fixCryptoApiImports and fixSnackbarMarkup to js to make it OS agnostic [@BigYellowHammer] | [#2298]
+- chore (deps): bump basic-ftp from 5.2.1 to 5.2.2  | [#2317]
+- chore (deps): bump axios from 1.13.6 to 1.15.0  | [#2316]
+- chore (deps): bump webpack from 5.105.4 to 5.106.0  | [#2315]
+- chore (deps): bump basic-ftp from 5.2.0 to 5.2.1  | [#2313]
+- Update vulnerable dependencies [@GCHQDeveloper581] | [#2311]
+
+### [10.23.0] - 2026-04-06
+- Properly escape HTML entities in sampleDelim to avoid XSS issue [@GCHQDeveloper581] | [#2307]
+- chore (deps): bump lodash from 4.17.23 to 4.18.1  | [#2304]
+- chore (deps): bump @codemirror/view from 6.40.0 to 6.41.0  | [#2305]
+- chore (deps): bump the patch-updates group with 2 updates  | [#2303]
+- chore (deps): bump @xmldom/xmldom from 0.8.11 to 0.8.12  | [#2302]
+- chore (deps): bump picomatch  | [#2299]
+- chore (deps): bump node-forge from 1.3.3 to 1.4.0  | [#2297]
+- chore (deps): bump the patch-updates group with 3 updates | [#2296]
+- chore (deps) bump chromedriver from 130.0.4 to 146.0.6 [@GCHQDeveloper581] | [#2292]
+- ParseEthernetFrame - Fix vlan calculation [@Kalkran] | [#2295]
+- Add pull request template with AI usage disclosure [@C85297] | [#2279]
+- fix: return empty output for zero-length To Modhex input [@saschabuehrle] | [#2249]
+- Added tab focus to top banner and navigation to About/Support Modal [@j264415] | [#1733]
+- Add Parse Ethernet frame Operation, allow Parse IPv4 Header to cascade [@Kalkran] | [#1722]
+- Selection and Deselection of autobake checkbox using keyboard [@j264415] | [#1727]
+- chore (deps): bump @babel/runtime from 7.28.6 to 7.29.2  | [#2263]
+- Add more helpful error for when numerical ingredient is left empty [@Lamby777] [@C85297] | [#1540]
+- chore (deps): bump @codemirror/view from 6.39.17 to 6.40.0  | [#2262]
+- Bump flatted from 3.3.2 to 3.4.2 [@GCHQDeveloper581] | [#2266]
+- feat: add Raw option for Jq operation [@rtpt-romankarwacik] | [#2237]
+- chore (deps): bump core-js from 3.48.0 to 3.49.0  | [#2261]
+- chore (deps): bump the patch-updates group with 6 updates  | [#2260]
+- Add Extract Audio Metadata operation [@d0s1nt] [@GCHQDeveloper581] | [#2170]
+- Fix Jq issue [@GCHQDeveloper581] | [#2210]
+- Configure dependabot updates [@GCHQDeveloper581] | [#2259]
+- fix(A1Z26): return empty string instead of empty array for empty input [@brick-pixel] | [#2257]
+- Fix broken Docker link in README [@am-periphery] | [#2250]
+- Update some dependencies, including a number causing npm audit warnings [@GCHQDeveloper581] | [#2236]
+- Bump axios from 1.7.9 to 1.13.6  | [#2234]
+- Bump jws from 3.2.2 to 3.2.3  | [#2235]
+- Bump pbkdf2 from 3.1.2 to 3.1.5  | [#2229]
+- Bump form-data from 4.0.1 to 4.0.5  | [#2228]
+- Bump basic-ftp from 5.0.5 to 5.2.0  | [#2231]
+- feat: add ARM disassembler operation [@thomasxm] | [#2156]
+- Add Text/Integer Converter operation [@p-leriche] [@GCHQDeveloper581] | [#2213]
+- Feat/rc6 add RC6 Encrypt/Decrypt operations [@thomasxm] | [#2163]
+- [bugfix] Add Bootstrap form style for CodeMirror editor [@Swonkie] | [#2161]
+- Add Flask Session operations (Decode, Sign, Verify) [@ThePlayer372-FR] | [#2208]
+- fix: `jq-web` -> `jq-wasm`, includes `jq` version `1.8.1` [@W-Floyd] [@GCHQDeveloper581] | [#2223]
+- Bump jsonwebtoken from 8.5.1 to 9.0.0 [@GCHQDeveloper581] | [#2219]
+- Bump basic-ftp from 5.0.5 to 5.2.0  | [#2218]
+- feat: add random integer generation operation [@cktgh] | [#2151]
+- Add BigInt utility functions for number theory operations [@p-leriche] [@GCHQDeveloper581] | [#2205]
+- Improve SQL Beautify: use sql-formatter and support bind variables [@aby-jo] [@GCHQDeveloper581] | [#2071]
+- update tesseract.js to 6.0.1 [@atsiv1] | [#2133]
+- Fix hint tooltip display issues [@bartvanandel] | [#2017]
+- Simplify babel dependencies [@GCHQDeveloper581] | [#2204]
+- Dependency updates [@GCHQDeveloper581] | [#2201]
+- Fix: Move Magic checks from Escape to Unescape Unicode Characters [@fjh1997] | [#2195]
+- Paste spreadsheets as text [@C85297] | [#2200]
+- Fix Roboto Mono font [@C85297] | [#2199]
+- Fix return of buffer for PNG QR image generation [@GCHQDeveloper581] [@C85297] | [#2125]
+- Update JIMP [@C85297] | [#2171]
+- Overwrite NGINX maintainer label [@C85297] | [#2194]
+- Bump v10.22.1 [@GCHQDeveloper581] | [#2193]
+- Fix npm publish - Run "npm ci" and "npm run node" under node 18 then switch to node 24.5 [@GCHQDeveloper581] | [#2192]
+
 ### [10.22.0] - 2026-02-11
 - Separate npm publish out into separate job and run with Node 24.5 [@GCHQDeveloper581] | [#2188]
 - Fixed Percent delimiter for hex encoding [@beneri] [@C85297] | [#2137]
@@ -538,6 +620,8 @@ All major and minor version changes will be documented in this file. Details of
 ## [4.0.0] - 2016-11-28
 -  Initial open source commit [@n1474335] | [b1d73a72](https://github.com/gchq/CyberChef/commit/b1d73a725dc7ab9fb7eb789296efd2b7e4b08306)
 
+[10.24.0]: https://github.com/gchq/CyberChef/releases/tag/v10.24.0
+[10.23.0]: https://github.com/gchq/CyberChef/releases/tag/v10.23.0
 [10.22.0]: https://github.com/gchq/CyberChef/releases/tag/v10.22.0
 [10.21.0]: https://github.com/gchq/CyberChef/releases/tag/v10.21.0
 [10.20.0]: https://github.com/gchq/CyberChef/releases/tag/v10.20.0
@@ -797,6 +881,26 @@ All major and minor version changes will be documented in this file. Details of
 [@t-martine]: https://github.com/t-martine
 [@wesinator]: https://github.com/wesinator
 [@Raka-loah]: https://github.com/Raka-loah
+[@Kalkran]: https://github.com/Kalkran
+[@saschabuehrle]: https://github.com/saschabuehrle
+[@j264415]: https://github.com/j264415
+[@Lamby777]: https://github.com/Lamby777
+[@rtpt-romankarwacik]: https://github.com/rtpt-romankarwacik
+[@d0s1nt]: https://github.com/d0s1nt
+[@brick-pixel]: https://github.com/brick-pixel
+[@am-periphery]: https://github.com/am-periphery
+[@p-leriche]: https://github.com/p-leriche
+[@Swonkie]: https://github.com/Swonkie
+[@ThePlayer372-FR]: https://github.com/ThePlayer372-FR
+[@W-Floyd]: https://github.com/W-Floyd
+[@cktgh]: https://github.com/cktgh
+[@aby-jo]: https://github.com/aby-jo
+[@atsiv1]: https://github.com/atsiv1
+[@fjh1997]: https://github.com/fjh1997
+[@j83305]: https://github.com/j83305
+[@BjoernAkAManf]: https://github.com/BjoernAkAManf
+[@ko80240]: https://github.com/ko80240
+[@BigYellowHammer]: https://github.com/BigYellowHammer
 
 
 [8ad18b]: https://github.com/gchq/CyberChef/commit/8ad18bc7db6d9ff184ba3518686293a7685bf7b7
@@ -1010,4 +1114,82 @@ All major and minor version changes will be documented in this file. Details of
 [#2183]: https://github.com/gchq/CyberChef/pull/2183
 [#2182]: https://github.com/gchq/CyberChef/pull/2182
 [#2181]: https://github.com/gchq/CyberChef/pull/2181
+[#2307]: https://github.com/gchq/CyberChef/pull/2307
+[#2304]: https://github.com/gchq/CyberChef/pull/2304
+[#2305]: https://github.com/gchq/CyberChef/pull/2305
+[#2303]: https://github.com/gchq/CyberChef/pull/2303
+[#2302]: https://github.com/gchq/CyberChef/pull/2302
+[#2299]: https://github.com/gchq/CyberChef/pull/2299
+[#2297]: https://github.com/gchq/CyberChef/pull/2297
+[#2296]: https://github.com/gchq/CyberChef/pull/2296
+[#2292]: https://github.com/gchq/CyberChef/pull/2292
+[#2295]: https://github.com/gchq/CyberChef/pull/2295
+[#2279]: https://github.com/gchq/CyberChef/pull/2279
+[#2249]: https://github.com/gchq/CyberChef/pull/2249
+[#1733]: https://github.com/gchq/CyberChef/pull/1733
+[#1722]: https://github.com/gchq/CyberChef/pull/1722
+[#1727]: https://github.com/gchq/CyberChef/pull/1727
+[#2263]: https://github.com/gchq/CyberChef/pull/2263
+[#1540]: https://github.com/gchq/CyberChef/pull/1540
+[#2262]: https://github.com/gchq/CyberChef/pull/2262
+[#2266]: https://github.com/gchq/CyberChef/pull/2266
+[#2237]: https://github.com/gchq/CyberChef/pull/2237
+[#2261]: https://github.com/gchq/CyberChef/pull/2261
+[#2260]: https://github.com/gchq/CyberChef/pull/2260
+[#2170]: https://github.com/gchq/CyberChef/pull/2170
+[#2210]: https://github.com/gchq/CyberChef/pull/2210
+[#2259]: https://github.com/gchq/CyberChef/pull/2259
+[#2257]: https://github.com/gchq/CyberChef/pull/2257
+[#2250]: https://github.com/gchq/CyberChef/pull/2250
+[#2236]: https://github.com/gchq/CyberChef/pull/2236
+[#2234]: https://github.com/gchq/CyberChef/pull/2234
+[#2235]: https://github.com/gchq/CyberChef/pull/2235
+[#2229]: https://github.com/gchq/CyberChef/pull/2229
+[#2228]: https://github.com/gchq/CyberChef/pull/2228
+[#2231]: https://github.com/gchq/CyberChef/pull/2231
+[#2156]: https://github.com/gchq/CyberChef/pull/2156
+[#2213]: https://github.com/gchq/CyberChef/pull/2213
+[#2163]: https://github.com/gchq/CyberChef/pull/2163
+[#2161]: https://github.com/gchq/CyberChef/pull/2161
+[#2208]: https://github.com/gchq/CyberChef/pull/2208
+[#2223]: https://github.com/gchq/CyberChef/pull/2223
+[#2219]: https://github.com/gchq/CyberChef/pull/2219
+[#2218]: https://github.com/gchq/CyberChef/pull/2218
+[#2151]: https://github.com/gchq/CyberChef/pull/2151
+[#2205]: https://github.com/gchq/CyberChef/pull/2205
+[#2071]: https://github.com/gchq/CyberChef/pull/2071
+[#2133]: https://github.com/gchq/CyberChef/pull/2133
+[#2017]: https://github.com/gchq/CyberChef/pull/2017
+[#2204]: https://github.com/gchq/CyberChef/pull/2204
+[#2201]: https://github.com/gchq/CyberChef/pull/2201
+[#2195]: https://github.com/gchq/CyberChef/pull/2195
+[#2200]: https://github.com/gchq/CyberChef/pull/2200
+[#2199]: https://github.com/gchq/CyberChef/pull/2199
+[#2125]: https://github.com/gchq/CyberChef/pull/2125
+[#2171]: https://github.com/gchq/CyberChef/pull/2171
+[#2194]: https://github.com/gchq/CyberChef/pull/2194
+[#2193]: https://github.com/gchq/CyberChef/pull/2193
+[#2192]: https://github.com/gchq/CyberChef/pull/2192
+[#2333]: https://github.com/gchq/CyberChef/pull/2333
+[#2335]: https://github.com/gchq/CyberChef/pull/2335
+[#1036]: https://github.com/gchq/CyberChef/pull/1036
+[#660]: https://github.com/gchq/CyberChef/pull/660
+[#1862]: https://github.com/gchq/CyberChef/pull/1862
+[#2322]: https://github.com/gchq/CyberChef/pull/2322
+[#2330]: https://github.com/gchq/CyberChef/pull/2330
+[#2331]: https://github.com/gchq/CyberChef/pull/2331
+[#2328]: https://github.com/gchq/CyberChef/pull/2328
+[#2326]: https://github.com/gchq/CyberChef/pull/2326
+[#2327]: https://github.com/gchq/CyberChef/pull/2327
+[#2323]: https://github.com/gchq/CyberChef/pull/2323
+[#2324]: https://github.com/gchq/CyberChef/pull/2324
+[#2321]: https://github.com/gchq/CyberChef/pull/2321
+[#2320]: https://github.com/gchq/CyberChef/pull/2320
+[#2167]: https://github.com/gchq/CyberChef/pull/2167
+[#2298]: https://github.com/gchq/CyberChef/pull/2298
+[#2317]: https://github.com/gchq/CyberChef/pull/2317
+[#2316]: https://github.com/gchq/CyberChef/pull/2316
+[#2315]: https://github.com/gchq/CyberChef/pull/2315
+[#2313]: https://github.com/gchq/CyberChef/pull/2313
+[#2311]: https://github.com/gchq/CyberChef/pull/2311
 

package/CONTRIBUTING.md

@@ -0,0 +1,40 @@
+# Contributing
+
+Take a look through the [Wiki pages](https://github.com/gchq/CyberChef/wiki) for guides on [compiling CyberChef](https://github.com/gchq/CyberChef/wiki/Getting-started) and [adding new operations](https://github.com/gchq/CyberChef/wiki/Adding-a-new-operation).
+
+There are lots of opportunities to contribute to CyberChef. If you want ideas, take a look at any [Issues](https://github.com/gchq/CyberChef/issues) tagged with '[help wanted](https://github.com/gchq/CyberChef/labels/help%20wanted)'.
+
+Before your contributions can be accepted, you must:
+
+ - Fork the CyberChef repo
+ - Create a new branch within your fork for the changes
+ - Push your changes to your fork.
+ - Sign the [GCHQ Contributor Licence Agreement](https://cla-assistant.io/gchq/CyberChef)
+ - Submit a pull request.
+
+Please note that we will ***reject*** pull requests from the master branch of your fork owing to the mess it makes of our own working repositories and the extra work entailed.
+
+## Coding conventions
+
+* Indentation: Each block should consist of 4 spaces
+* Object/namespace identifiers: CamelCase
+* Function/variable names: camelCase
+* Constants: UNDERSCORE_UPPER_CASE
+* Source code encoding: UTF-8 (without BOM)
+* All source files must end with a newline
+* Line endings: UNIX style (\n)
+
+
+## Design Principles
+
+1. If at all possible, all operations and features should be client-side and not rely on connections to an external server. This increases the utility of CyberChef on closed networks and in virtual machines that are not connected to the Internet. Calls to external APIs may be accepted if there is no other option, but not for critical components.
+2. Latency should be kept to a minimum to enhance the user experience. This means that operation code should sit on the client and be executed there. However, as a trade-off between latency and bandwidth, operation code with large dependencies can be loaded in discrete modules in order to reduce the size of the initial download. The downloading of additional modules must remain entirely transparent so that the user is not inconvenienced.
+3. Large libraries should be kept in separate modules so that they are not downloaded by everyone who uses the app, just those who specifically require the relevant operations.
+4. Use Vanilla JS if at all possible to reduce the number of libraries required and relied upon. Frameworks like jQuery, although included, should not be used unless absolutely necessary.
+
+
+With these principles in mind, any changes or additions to CyberChef should keep it:
+
+ - Standalone
+ - Efficient
+ - As small as possible

package/Dockerfile

@@ -29,4 +29,6 @@ RUN npm run build
 #########################################
 FROM nginx:stable-alpine AS cyberchef
 
+LABEL maintainer="GCHQ <oss@gchq.gov.uk>"
+
 COPY --from=builder /app/build/prod /usr/share/nginx/html/

package/Gruntfile.js

@@ -411,39 +411,13 @@ module.exports = function (grunt) {
                 stdout: false,
             },
             fixCryptoApiImports: {
-                command: function () {
-                    switch (process.platform) {
-                        case "darwin":
-                            return `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i '' -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`;
-                        default:
-                            return `find ./node_modules/crypto-api/src/ \\( -type d -name .git -prune \\) -o -type f -print0 | xargs -0 sed -i -e '/\\.mjs/!s/\\(from "\\.[^"]*\\)";/\\1.mjs";/g'`;
-                    }
-                },
+                command: `node ${nodeFlags} src/core/config/scripts/fixCryptoApiImports.mjs`,
                 stdout: false
             },
             fixSnackbarMarkup: {
-                command: function () {
-                    switch (process.platform) {
-                        case "darwin":
-                            return `sed -i '' 's/<div id=snackbar-container\\/>/<div id=snackbar-container>/g' ./node_modules/snackbarjs/src/snackbar.js`;
-                        default:
-                            return `sed -i 's/<div id=snackbar-container\\/>/<div id=snackbar-container>/g' ./node_modules/snackbarjs/src/snackbar.js`;
-                    }
-                },
+                command: `node ${nodeFlags} src/core/config/scripts/fixSnackBarMarkup.mjs`,
                 stdout: false
             },
-            fixJimpModule: {
-                command: function () {
-                    switch (process.platform) {
-                        case "darwin":
-                            // Space added before comma to prevent multiple modifications
-                            return `sed -i '' 's/"es\\/index.js",/"es\\/index.js" ,\\n  "type": "module",/' ./node_modules/jimp/package.json`;
-                        default:
-                            return `sed -i 's/"es\\/index.js",/"es\\/index.js" ,\\n  "type": "module",/' ./node_modules/jimp/package.json`;
-                    }
-                },
-                stdout: false
-            }
         },
     });
 };

package/README.md

@@ -24,7 +24,7 @@ Cryptographic operations in CyberChef should not be relied upon to provide secur
 
 **Prerequisites**
 
-- [Docker](hhttps://www.docker.com/products/docker-desktop/)
+- [Docker](https://www.docker.com/products/docker-desktop/)
   - Docker Desktop must be open and running on your machine
 
 

package/babel.config.js

@@ -10,13 +10,7 @@ module.exports = function(api) {
             }]
         ],
         "plugins": [
-            "dynamic-import-node",
             "@babel/plugin-syntax-import-assertions",
-            [
-                "babel-plugin-transform-builtin-extend", {
-                    "globals": ["Error"]
-                }
-            ],
             [
                 "@babel/plugin-transform-runtime", {
                     "regenerator": true

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberchef",
-  "version": "10.22.1",
+  "version": "10.24.0",
   "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
   "author": "n1474335 <n1474335@gmail.com>",
   "homepage": "https://gchq.github.io/CyberChef",
@@ -39,73 +39,71 @@
     "node >= 16"
   ],
   "devDependencies": {
-    "@babel/core": "^7.24.7",
-    "@babel/eslint-parser": "^7.24.7",
-    "@babel/plugin-syntax-import-assertions": "^7.24.7",
-    "@babel/plugin-transform-runtime": "^7.24.7",
-    "@babel/preset-env": "^7.24.7",
-    "@babel/runtime": "^7.24.7",
-    "@codemirror/commands": "^6.6.0",
-    "@codemirror/language": "^6.10.2",
-    "@codemirror/search": "^6.5.6",
-    "@codemirror/state": "^6.4.1",
-    "@codemirror/view": "^6.28.0",
-    "autoprefixer": "^10.4.19",
-    "babel-loader": "^9.1.3",
-    "babel-plugin-dynamic-import-node": "^2.3.3",
-    "babel-plugin-transform-builtin-extend": "1.1.2",
+    "@babel/eslint-parser": "^7.28.6",
+    "@babel/plugin-syntax-import-assertions": "^7.28.6",
+    "@babel/plugin-transform-runtime": "^7.29.0",
+    "@babel/preset-env": "^7.29.2",
+    "@babel/runtime": "^7.29.2",
+    "@codemirror/commands": "^6.10.3",
+    "@codemirror/language": "^6.12.3",
+    "@codemirror/search": "^6.7.0",
+    "@codemirror/state": "^6.5.4",
+    "@codemirror/view": "^6.41.1",
+    "autoprefixer": "^10.5.0",
+    "babel-loader": "^10.1.1",
     "base64-loader": "^1.0.0",
-    "chromedriver": "^130.0.0",
+    "chromedriver": "^146.0.6",
     "cli-progress": "^3.12.0",
     "colors": "^1.4.0",
     "compression-webpack-plugin": "^11.1.0",
-    "copy-webpack-plugin": "^12.0.2",
-    "core-js": "^3.37.1",
-    "cspell": "^8.17.3",
-    "css-loader": "7.1.2",
-    "eslint": "^9.4.0",
-    "eslint-plugin-jsdoc": "^48.2.9",
-    "globals": "^15.4.0",
-    "grunt": "^1.6.1",
+    "copy-webpack-plugin": "^13.0.1",
+    "core-js": "^3.49.0",
+    "cspell": "^8.19.4",
+    "css-loader": "7.1.4",
+    "eslint": "^9.39.4",
+    "eslint-plugin-jsdoc": "^50.8.0",
+    "globals": "^15.15.0",
+    "grunt": "^1.6.2",
     "grunt-chmod": "~1.1.1",
     "grunt-concurrent": "^3.0.0",
     "grunt-contrib-clean": "~2.0.1",
-    "grunt-contrib-connect": "^4.0.0",
+    "grunt-contrib-connect": "^5.0.1",
     "grunt-contrib-copy": "~1.0.0",
     "grunt-contrib-watch": "^1.1.0",
     "grunt-eslint": "^25.0.0",
     "grunt-exec": "~3.0.0",
     "grunt-webpack": "^6.0.0",
     "grunt-zip": "^1.0.0",
-    "html-webpack-plugin": "^5.6.0",
+    "html-webpack-plugin": "^5.6.7",
     "imports-loader": "^5.0.0",
-    "mini-css-extract-plugin": "2.9.0",
+    "mini-css-extract-plugin": "2.10.2",
     "modify-source-webpack-plugin": "^4.1.0",
-    "nightwatch": "^3.6.3",
-    "postcss": "^8.4.38",
+    "nightwatch": "^3.15.0",
+    "postcss": "^8.5.10",
     "postcss-css-variables": "^0.19.0",
-    "postcss-import": "^16.1.0",
-    "postcss-loader": "^8.1.1",
+    "postcss-import": "^16.1.1",
+    "postcss-loader": "^8.2.1",
     "prompt": "^1.3.0",
-    "sitemap": "^8.0.0",
-    "terser": "^5.31.1",
-    "webpack": "^5.91.0",
+    "sitemap": "^8.0.3",
+    "terser": "^5.46.2",
+    "webpack": "^5.106.2",
     "webpack-bundle-analyzer": "^4.10.2",
     "webpack-dev-server": "5.0.4",
     "webpack-node-externals": "^3.0.0",
     "worker-loader": "^3.0.8"
   },
   "dependencies": {
+    "@alexaltea/capstone-js": "^3.0.5",
     "@astronautlabs/amf": "^0.0.6",
-    "@babel/polyfill": "^7.12.1",
     "@blu3r4y/lzma": "^2.3.3",
     "@wavesenterprise/crypto-gost-js": "^2.1.0-RC1",
-    "@xmldom/xmldom": "^0.8.10",
+    "@xmldom/xmldom": "^0.8.13",
     "argon2-browser": "^1.18.0",
-    "arrive": "^2.4.1",
-    "avsc": "^5.7.7",
+    "arrive": "^2.5.3",
+    "assert": "^2.1.0",
+    "avsc": "^5.7.9",
     "bcryptjs": "^2.4.3",
-    "bignumber.js": "^9.1.2",
+    "bignumber.js": "^9.3.1",
     "blakejs": "^1.2.1",
     "bootstrap": "4.6.2",
     "bootstrap-colorpicker": "^3.4.0",
@@ -122,44 +120,45 @@
     "ctph.js": "0.0.5",
     "d3": "7.9.0",
     "d3-hexbin": "^0.2.2",
-    "diff": "^5.2.0",
-    "dompurify": "^3.2.5",
+    "diff": "^5.2.2",
+    "dompurify": "^3.4.1",
     "es6-promisify": "^7.0.0",
     "escodegen": "^2.1.0",
     "esprima": "^4.0.1",
+    "events": "^3.3.0",
     "exif-parser": "^0.1.12",
-    "fernet": "^0.4.0",
+    "fernet": "^0.3.3",
     "file-saver": "^2.0.5",
     "flat": "^6.0.1",
     "geodesy": "1.1.3",
-    "handlebars": "^4.7.8",
+    "handlebars": "^4.7.9",
     "hash-wasm": "^4.12.0",
-    "highlight.js": "^11.9.0",
+    "highlight.js": "^11.11.1",
     "ieee754": "^1.2.1",
-    "jimp": "^0.22.12",
+    "jimp": "1.6.0",
     "jq-web": "^0.5.1",
     "jquery": "3.7.1",
     "js-sha3": "^0.9.3",
-    "jsesc": "^3.0.2",
+    "jsesc": "^3.1.0",
     "json5": "^2.2.3",
-    "jsonata": "^2.0.3",
-    "jsonpath-plus": "^10.3.0",
-    "jsonwebtoken": "8.5.1",
+    "jsonata": "^2.1.0",
+    "jsonpath-plus": "^10.4.0",
+    "jsonwebtoken": "9.0.3",
     "jsqr": "^1.4.0",
-    "jsrsasign": "^11.1.0",
+    "jsrsasign": "^11.1.3",
     "kbpgp": "^2.1.17",
     "libbzip2-wasm": "0.0.4",
     "libyara-wasm": "^1.2.1",
-    "lodash": "^4.17.21",
-    "loglevel": "^1.9.1",
+    "lodash": "^4.18.1",
+    "loglevel": "^1.9.2",
     "loglevel-message-prefix": "^3.0.0",
     "lz-string": "^1.5.0",
     "lz4js": "^0.2.0",
-    "markdown-it": "^14.1.0",
+    "markdown-it": "^14.1.1",
     "moment": "^2.30.1",
-    "moment-timezone": "^0.5.45",
+    "moment-timezone": "^0.6.1",
     "ngeohash": "^0.6.3",
-    "node-forge": "^1.3.1",
+    "node-forge": "^1.4.0",
     "node-md6": "^0.1.0",
     "nodom": "^2.4.0",
     "notepack.io": "^3.0.1",
@@ -169,24 +168,26 @@
     "path": "^0.12.7",
     "popper.js": "^1.16.1",
     "process": "^0.11.10",
-    "protobufjs": "^7.3.1",
+    "protobufjs": "^7.5.5",
     "qr-image": "^3.2.0",
     "reflect-metadata": "^0.2.2",
     "rison": "^0.1.1",
     "scryptsy": "^2.1.0",
     "snackbarjs": "^1.1.0",
-    "sortablejs": "^1.15.2",
+    "sortablejs": "^1.15.7",
     "split.js": "^1.6.5",
+    "sql-formatter": "^15.7.3",
     "ssdeep.js": "0.0.3",
     "stream-browserify": "^3.0.0",
-    "tesseract.js": "5.1.0",
-    "ua-parser-js": "^1.0.38",
+    "tesseract.js": "^6.0.1",
+    "ua-parser-js": "^1.0.41",
     "unorm": "^1.6.0",
+    "url": "^0.11.4",
     "utf8": "^3.0.0",
-    "uuid": "^11.1.0",
+    "uuid": "^13.0.0",
     "vkbeautify": "^0.99.3",
     "xpath": "0.0.34",
-    "xregexp": "^5.1.1",
+    "xregexp": "^5.1.2",
     "zlibjs": "^0.3.1"
   },
   "scripts": {
@@ -200,7 +201,7 @@
     "testuidev": "npx nightwatch --env=dev",
     "lint": "npx grunt lint",
     "lint:grammar": "cspell ./src",
-    "postinstall": "npx grunt exec:fixCryptoApiImports && npx grunt exec:fixSnackbarMarkup && npx grunt exec:fixJimpModule",
+    "postinstall": "npx grunt exec:fixCryptoApiImports && npx grunt exec:fixSnackbarMarkup",
     "newop": "node --experimental-modules --experimental-json-modules src/core/config/scripts/newOperation.mjs",
     "minor": "node --experimental-modules --experimental-json-modules src/core/config/scripts/newMinorVersion.mjs && npm version minor --git-tag-version=false && echo \"Updated to version v$(npm pkg get version | xargs), please create a pull request and once merged use 'npm run tag'\"",
     "tag": "git tag -s \"v$(npm pkg get version | xargs)\" -m \"$(npm pkg get version | xargs)\" && echo \"Created v$(npm pkg get version | xargs), now check and push the tag\"",

package/src/core/Chef.mjs

@@ -55,8 +55,15 @@ class Chef {
             progress = await recipe.execute(this.dish, progress);
         } catch (err) {
             log.error(err);
+
+            let displayStr;
+            if ("displayStr" in err) {
+                displayStr = err.displayStr;
+            } else {
+                displayStr = err.toString();
+            }
             error = {
-                displayStr: err.displayStr,
+                displayStr: displayStr,
             };
             progress = err.progress;
         }

package/src/core/Ingredient.mjs

@@ -5,7 +5,8 @@
  */
 
 import Utils from "./Utils.mjs";
-import {fromHex} from "./lib/Hex.mjs";
+import { fromHex } from "./lib/Hex.mjs";
+import OperationError from "./errors/OperationError.mjs";
 
 /**
  * The arguments to operations.
@@ -119,7 +120,9 @@ class Ingredient {
                 number = parseFloat(data);
                 if (isNaN(number)) {
                     const sample = Utils.truncate(data.toString(), 10);
-                    throw "Invalid ingredient value. Not a number: " + sample;
+                    throw new OperationError(
+                        "Invalid ingredient value. Not a number: " + sample,
+                    );
                 }
                 return number;
             default:

package/src/core/Operation.mjs

@@ -5,6 +5,7 @@
  */
 
 import Dish from "./Dish.mjs";
+import OperationError from "./errors/OperationError.mjs";
 import Ingredient from "./Ingredient.mjs";
 
 /**
@@ -223,7 +224,11 @@ class Operation {
      */
     set ingValues(ingValues) {
         ingValues.forEach((val, i) => {
-            this._ingList[i].value = val;
+            try {
+                this._ingList[i].value = val;
+            } catch (err) {
+                throw new OperationError(`Failed to set value of ingredient '${this._ingList[i].name}': ${err}`);
+            }
         });
     }
 

package/src/core/Recipe.mjs

@@ -70,11 +70,15 @@ class Recipe  {
             if (o instanceof Operation) {
                 return o;
             } else {
-                const op = new modules[o.module][o.name]();
-                op.ingValues = o.ingValues;
-                op.breakpoint = o.breakpoint;
-                op.disabled = o.disabled;
-                return op;
+                try {
+                    const op = new modules[o.module][o.name]();
+                    op.ingValues = o.ingValues;
+                    op.breakpoint = o.breakpoint;
+                    op.disabled = o.disabled;
+                    return op;
+                } catch (err) {
+                    throw new Error(`Failed to hydrate operation '${o.name}': ${err}`);
+                }
             }
         });
     }
@@ -229,6 +233,7 @@ class Recipe  {
                 }
                 this.lastRunOp = op;
             } catch (err) {
+                log.error(err);
                 // Return expected errors as output
                 if (err instanceof OperationError || err?.type === "OperationError") {
                     // Cannot rely on `err instanceof OperationError` here as extending