ts-node-client 1.4.3 → 2.0.0

package/.eslintrc.json

@@ -1,8 +1,10 @@
 {
     "extends": [
-        "airbnb-base"
+        "airbnb-base",
+        "plugin:sonarjs/recommended"
     ],
     "plugins": [
+        "sonarjs"
     ],
     "env": {
         "node": true
@@ -20,7 +22,8 @@
         "newline-per-chained-call": [ "off" ],
         "comma-dangle": [ "error", "never" ],
         "linebreak-style": ["off"],
-        "quotes": [ "error", "single" ]
+        "quotes": [ "error", "single" ],
+        "sonarjs/cognitive-complexity": ["error", 40]
     }
 }
 

package/.github/workflows/codeql-analysis.yml

@@ -0,0 +1,71 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '39 23 * * 1-5'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

package/README.md

@@ -1,6 +1,5 @@
 # TrustSource ts-node-client
 
-[![Travis build status](https://travis-ci.org/TrustSource/ts-node-client.svg?branch=master)](https://travis-ci.org/TrustSource/ts-node-client)
 [![Version](https://img.shields.io/npm/v/ts-node-client.svg)](http://npm.im/ts-node-client)
 [![Downloads](https://img.shields.io/npm/dm/ts-node-client.svg)](http://npm-stat.com/charts.html?package=ts-node-client)
 [![Downloads](https://img.shields.io/npm/dt/ts-node-client.svg)](http://npm-stat.com/charts.html?package=ts-node-client)
@@ -15,7 +14,7 @@ TrustSource node client
 ## Requirements
 
 * node >= 8.9.0
-* npm >= 6.0.0
+* if you are using npm < 8.0.0 we recommend switch to ts-node-client version  1.5.2 until we provide more elegant solution
 
 ## Installation
 Run: `npm install --save-dev ts-node-client` or `yarn add --dev ts-node-client`
@@ -62,7 +61,7 @@ Options:
   --binaryLinks   Binary links separated by comma                    [default: null]
   --url           url                                                [default: null]
   --config, -c    Config path                                        [default: null]
-  --proxy         Proxy url like 'http://user:password@host:port'    [default: null]
+  --proxy         Proxy url like 'https://user:password@host:port'    [default: null]
   --version, -v   Prints a version                                   [default: false]
   --debug                                                            [default: null]
   --simulate                                                         [default: null]
@@ -75,6 +74,18 @@ Options:
 
 ## Changelog
 
+#### 2.0.0 
+#### if you are using npm < 8.0.0 we recommend switch to ts-node-client version  1.5.2 until we provide more elegant solution
+- Stop usage of [`global-npm`](https://github.com/dracupid/global-npm) until we find new resolution
+- Get back `npm` as local dependency
+
+#### 1.5.2
+- Describe `Error: The programmatic API was removed in npm v8.0.0`
+
+#### 1.5.1
+- Bump devDependencies
+- Introduce sonarjs
+
 #### 1.4.3
 - Bump glob-parent from 5.1.1 to 5.1.2
 - Bump path-parse from 1.0.6 to 1.0.7
@@ -141,11 +152,11 @@ Options:
     - options: **--credentials** and **--credentialsFile** instead you should use **--config**.
     - option **--baseUrl** instead you should use **--url**.
 - Added:
-    - option **--config**. It is similar to credentials but it will contains any config information.
+    - option **--config**. It is similar to credentials, but it will contain any config information.
     - option **--url**. It is similar to baseUrl.
     - option **--apiKey** and **--userName** so it will be unnecessary to create `.tsrc.json` file.
     - options **--version** and **--help**.
-    - options shortcuts.
+    - options shortcut.
 
 ## License
 [Apache-2.0](https://github.com/TrustSource/ts-node-client/blob/master/LICENSE)

package/SECURITY.md

@@ -0,0 +1,21 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :white_check_mark: |
+| 5.0.x   | :x:                |
+| 4.0.x   | :white_check_mark: |
+| < 4.0   | :x:                |
+
+## Reporting a Vulnerability
+
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.

package/lib/cli.js

@@ -35,8 +35,7 @@ function scan(options, scanDone) {
             return meteorScanner.scan(scanResult.module).then((meteorScanResult) => {
                 // remove dependency introduced by local package.json (this will never be released)
                 const npmDependencies = scanResult.dependencies.length === 1
-                    ? scanResult.dependencies[0].dependencies
-                    : scanResult.dependencies;
+                    ? scanResult.dependencies[0].dependencies : scanResult.dependencies;
                 Array.prototype.push.apply(meteorScanResult.dependencies, npmDependencies);
                 return meteorScanResult;
             });

package/lib/dependency.js

@@ -70,7 +70,8 @@ Dependency.getFirstByName = function getFirstByName(container, dependency) {
     }
     if (Array.isArray(container)) {
         return container.find((d) => d instanceof Dependency && d.name === dependency);
-    } if (container instanceof Object && container[dependency] instanceof Dependency) {
+    }
+    if (container instanceof Object && container[dependency] instanceof Dependency) {
         return container[dependency];
     }
     return undefined;

package/lib/meteor-scanner.js

@@ -9,7 +9,7 @@
 const fs = require('fs');
 const path = require('path');
 const debuglog = (require('debuglog'))('ts-meteor-scanner');
-const ScanResult = require('./scanresult.js');
+const ScanResult = require('./scanresult');
 const { RestClient } = require('./rest-client');
 const Dependency = require('./dependency');
 
@@ -43,15 +43,15 @@ Scanner.prototype.transfer = function transfer(scan, cb) {
 };
 
 Scanner.prototype.gatherDependencies = function gatherDependencies(lines) {
-    const dependencies = lines.map((l) => {
+    // remove falsy values
+    return lines.map((l) => {
         const parts = l.split('@');
         if (parts.length === 2) {
             printDependency(parts);
             return new Dependency(parts[0], parts[1], 'atm');
         }
         return null;
-    }).filter(Boolean); // remove falsy values
-    return dependencies;
+    }).filter(Boolean);
 };
 
 

package/lib/npm-scanner.js

@@ -6,9 +6,9 @@
  *********************************************************/
 /* eslint-enable */
 
-const npm = require('global-npm');
+const npm = require('npm');
 const debuglog = (require('debuglog'))('ts-npm-scanner');
-const ScanResult = require('./scanresult.js');
+const ScanResult = require('./scanresult');
 const { RestClient } = require('./rest-client');
 const Dependency = require('./dependency');
 

package/lib/rest-client.js

@@ -121,7 +121,7 @@ RestClient.prototype.transfer = function transfer(scan, cb) {
                 getReqOpts.method = 'GET';
                 getReqOpts.uri += `/${body.scanId}`;
                 delete getReqOpts.body;
-                let i = 1;
+                let i = 1; // eslint-disable-line prefer-const
                 checkAnalysisResults(options, getReqOpts, cb, error, response, body, i);
             } else {
                 cb(null, body);

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "ts-node-client",
   "description": "npm / node module to transfer dependency information to TrustSource server.",
-  "version": "1.4.3",
+  "version": "2.0.0",
   "private": false,
   "homepage": "https://app.trustsource.io/",
   "author": {
@@ -14,8 +14,7 @@
   },
   "license": "Apache-2.0",
   "engines": {
-    "node": ">= 8.9.0",
-    "npm": ">= 6.0.0"
+    "node": ">= 8.9.0"
   },
   "main": "./lib/cli.js",
   "bin": {
@@ -32,19 +31,19 @@
   },
   "dependencies": {
     "debuglog": "^1.0.1",
-    "global-npm": "^0.4.1",
+    "npm": "6.14.15",
     "request": "^2.88.2",
     "semver": "^7.3.4",
     "yargs": "^15.4.1"
   },
   "devDependencies": {
-    "eslint": "^6.8.0",
-    "eslint-config-airbnb-base": "^14.1.0",
-    "eslint-plugin-import": "^2.20.1",
-    "husky": "^4.2.3",
-    "mocha": "^6.2.3",
+    "eslint": "^7.32.0",
+    "eslint-config-airbnb-base": "^14.2.1",
+    "eslint-plugin-import": "^2.25.2",
+    "eslint-plugin-sonarjs": "^0.10.0",
+    "mocha": "^9.1.3",
     "nock": "^12.0.3",
-    "ts-node-client": "^1.3.0"
+    "ts-node-client": "1.5.2"
   },
   "keywords": [
     "node",

package/test/error-test.js

@@ -9,11 +9,13 @@
 
 
 const assert = require('assert');
-const util = require('util');
+const util = require('util');
+
+const SHOULD_CONTAIN = 'should contain \'name\' and \'message\' fields';
 
 describe('Error object', () => {
     describe('Base object', () => {
-        it('should contain \'name\' and \'message\' fields', () => {
+        it(SHOULD_CONTAIN, () => {
             try {
                 throw new Error('test');
             } catch (err) {
@@ -24,7 +26,7 @@ describe('Error object', () => {
     });
 
     describe('TypeError object', () => {
-        it('should contain \'name\' and \'message\' fields', () => {
+        it(SHOULD_CONTAIN, () => {
             try {
                 throw new TypeError('test');
             } catch (err) {
@@ -44,7 +46,7 @@ describe('Error object', () => {
         MyError.prototype.constructor = MyError;
 
 
-        it('should contain \'name\' and \'message\' fields', () => {
+        it(SHOULD_CONTAIN, () => {
             try {
                 throw new MyError('test');
             } catch (err) {
@@ -64,7 +66,7 @@ describe('Error object', () => {
         }
         util.inherits(MyError, Error); // inherit at least better toString() method
 
-        it('should contain \'name\' and \'message\' fields', () => {
+        it(SHOULD_CONTAIN, () => {
             try {
                 throw new MyError('test');
             } catch (err) {

package/test/rest-test.js

@@ -9,8 +9,9 @@
 
 const assert = require('assert');
 const nock = require('nock');
-const { RestClient } = require('../lib/rest-client');
+const { RestClient } = require('../lib/rest-client');
 
+const JSON_TYPE = 'application/json';
 const url = 'http://localhost:3000';
 
 /* eslint-disable no-new */
@@ -44,7 +45,7 @@ describe('RestClient', () => {
         it('should call callback with response data if no error orccurs', (done) => {
             nock(url, {
                 reqheaders: {
-                    'Content-Type': 'application/json'
+                    'Content-Type': JSON_TYPE
                 }
             }).post('/api/v1/scans').reply(201, 'Test response');
 
@@ -58,10 +59,10 @@ describe('RestClient', () => {
         it('response should be parsed as json object, if \'content-type\': \'application/json\'', (done) => {
             nock(url, {
                 reqheaders: {
-                    'Content-Type': 'application/json'
+                    'Content-Type': JSON_TYPE
                 }
             }).defaultReplyHeaders({
-                'Content-Type': 'application/json'
+                'Content-Type': JSON_TYPE
             }).post('/api/v1/scans').reply(201, '{"bli": "blub"}');
 
             restClient.transfer({}, (err, data) => {