elasticio-sailor-nodejs 2.7.5 → 2.7.6-dev.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/.nsprc +0 -12
  2. package/CHANGELOG.md +5 -0
  3. package/lib/hooksData.js +10 -12
  4. package/lib/service.js +21 -12
  5. package/package.json +3 -4
package/.nsprc CHANGED
@@ -1,18 +1,6 @@
1
1
  {
2
- "GHSA-wc69-rhjr-hc9g": {
3
- "active": true,
4
- "notes": "Bunyan library set only new Date to momentjs as parameter"
5
- },
6
2
  "GHSA-f8q6-p94x-37v3": {
7
3
  "active": true,
8
4
  "notes": "braceExpand is not used in rimraf"
9
- },
10
- "GHSA-hrpp-h998-j3pp": {
11
- "active": true,
12
- "notes": "There is no query-string user input in sailor"
13
- },
14
- "GHSA-27h2-hvpr-p74q": {
15
- "active": true,
16
- "notes": "The vulnerability is in maester-client. Maester-client doesn't use jwt.verify function."
17
5
  }
18
6
  }
package/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## 2.7.6 (August 1, 2025)
2
+
3
+ * Updated `elasticio-rest-node` to version 2.0.0 to address a vulnerability
4
+ * Removed `request` related libraries from main dependencies
5
+
1
6
  ## 2.7.5 (March 21, 2025)
2
7
 
3
8
  * @elastic.io/maester-client updated to 6.0.0 to get rid of the vulnerability
package/lib/hooksData.js CHANGED
@@ -1,6 +1,6 @@
1
1
  'use strict';
2
2
 
3
- const request = require('requestretry');
3
+ const { axiosReqWithRetryOnServerError } = require('elasticio-rest-node');
4
4
 
5
5
  class HooksData {
6
6
 
@@ -25,22 +25,20 @@ class HooksData {
25
25
  url: `${this.basePath}/sailor-support/hooks/task/${this.taskId}/startup/data`,
26
26
  method,
27
27
  auth: {
28
- user: this.user,
29
- pass: this.pass
28
+ username: this.user,
29
+ password: this.pass
30
30
  },
31
- json: true,
32
- forever: true,
33
31
  headers: {
34
32
  Connection: 'Keep-Alive'
35
33
  },
36
- maxAttempts: this.maxAttempts,
37
- retryDelay: this.retryDelay,
38
- retryStrategy: request.RetryStrategies.HTTPOrNetworkError
34
+ data,
35
+ validateStatus: (status) => (status >= 200 && status < 500)
39
36
  };
40
- if (data) {
41
- options.body = data;
42
- }
43
- const { statusCode, body } = await request(options);
37
+ const config = {
38
+ retriesCount: this.maxAttempts,
39
+ retryDelay: this.retryDelay
40
+ };
41
+ const { statusCode, body } = await axiosReqWithRetryOnServerError(options, config);
44
42
 
45
43
  if (statusCode >= 400) {
46
44
  throw Object.assign(new Error(body.error), { statusCode });
package/lib/service.js CHANGED
@@ -1,12 +1,12 @@
1
1
  const Q = require('q');
2
2
  const _ = require('lodash');
3
3
  const assert = require('assert');
4
- const request = require('requestretry');
5
4
  const util = require('util');
6
5
  const ComponentReader = require('./component_reader').ComponentReader;
7
6
  const EventEmitter = require('events').EventEmitter;
8
7
  const debug = require('debug')('sailor');
9
8
  const RestApiClient = require('elasticio-rest-node');
9
+ const { axiosReqWithRetryOnServerError } = require('elasticio-rest-node');
10
10
  const log = require('./logging');
11
11
  const { ComponentLogger } = log;
12
12
 
@@ -130,25 +130,34 @@ function processService(serviceMethod, env) {
130
130
  }
131
131
 
132
132
  function sendResponse(responseBody) {
133
- var opts = {
133
+ const opts = {
134
134
  url: POST_RESULT_URL,
135
- json: true,
136
- forever: true,
135
+ method: 'POST',
137
136
  headers: {
138
137
  Connection: 'Keep-Alive'
139
138
  },
140
- rejectUnauthorized: false,
141
- body: responseBody,
142
- simple: false,
143
- maxAttempts: parseInt(env.ELASTICIO_API_REQUEST_RETRY_ATTEMPTS),
144
- retryDelay: parseInt(env.ELASTICIO_API_REQUEST_RETRY_DELAY),
145
- retryStrategy: request.RetryStrategies.HTTPOrNetworkError,
146
- fullResponse: true
139
+ data: responseBody,
140
+ validateStatus: (status) => (status >= 200 && status < 500)
141
+ };
142
+ const parsedUrl = new URL(POST_RESULT_URL);
143
+ if (parsedUrl.username && parsedUrl.password) {
144
+ opts.auth = {
145
+ username: decodeURIComponent(parsedUrl.username),
146
+ password: decodeURIComponent(parsedUrl.password)
147
+ };
148
+ parsedUrl.username = '';
149
+ parsedUrl.password = '';
150
+ opts.url = parsedUrl.toString();
151
+ }
152
+
153
+ const config = {
154
+ retriesCount: parseInt(env.ELASTICIO_API_REQUEST_RETRY_ATTEMPTS),
155
+ retryDelay: parseInt(env.ELASTICIO_API_REQUEST_RETRY_DELAY)
147
156
  };
148
157
 
149
158
  debug('About to send response back to the API');
150
159
 
151
- return request.post(opts)
160
+ return axiosReqWithRetryOnServerError(opts, config)
152
161
  .then(checkStatusCode)
153
162
  .then(() => responseBody);
154
163
 
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "elasticio-sailor-nodejs",
3
3
  "description": "The official elastic.io library for bootstrapping and executing for Node.js connectors",
4
- "version": "2.7.5",
4
+ "version": "2.7.6-dev.2",
5
5
  "main": "run.js",
6
6
  "scripts": {
7
7
  "audit": "better-npm-audit audit --level high --production",
@@ -21,13 +21,11 @@
21
21
  "bunyan": "1.8.10",
22
22
  "co": "4.6.0",
23
23
  "debug": "3.1.0",
24
- "elasticio-rest-node": "1.2.7",
24
+ "elasticio-rest-node": "2.0.0-dev.3",
25
25
  "event-to-promise": "0.8.0",
26
26
  "lodash": "4.17.21",
27
27
  "p-throttle": "2.1.0",
28
28
  "q": "1.5.1",
29
- "request-promise-native": "1.0.5",
30
- "requestretry": "7.0.2",
31
29
  "uuid": "3.0.1"
32
30
  },
33
31
  "devDependencies": {
@@ -45,6 +43,7 @@
45
43
  "nock": "12.0.3",
46
44
  "rabbitmq-stats": "1.2.4",
47
45
  "request": "2.88.0",
46
+ "request-promise-native": "1.0.5",
48
47
  "sinon": "9.0.2",
49
48
  "sinon-chai": "3.5.0"
50
49
  },