From 944edd97b60e9597e7a43e6874575cf5d410f299 Mon Sep 17 00:00:00 2001 From: Georges Lebreton <102960844+Georges-GNM@users.noreply.github.com> Date: Tue, 17 Dec 2024 14:37:50 +0000 Subject: [PATCH] Delete snyk action (#1744) * Delete snyk action * Remove other snyk related files --- .github/workflows/snyk.yml | 29 --- .gitignore | 3 - .snyk | 175 ------------------ .../jspm-snyk-workaround.js | 33 ---- v1_jspm_snyk_workaround/package.json | 6 - 5 files changed, 246 deletions(-) delete mode 100644 .github/workflows/snyk.yml delete mode 100644 .snyk delete mode 100644 v1_jspm_snyk_workaround/jspm-snyk-workaround.js delete mode 100644 v1_jspm_snyk_workaround/package.json diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml deleted file mode 100644 index 4022d8263c9..00000000000 --- a/.github/workflows/snyk.yml +++ /dev/null @@ -1,29 +0,0 @@ -# This action submits a report to snyk on every push - -name: Snyk -on: - push: - branches: - - main - workflow_dispatch: - - -jobs: - snyk-V2-and-scala: - uses: guardian/.github/.github/workflows/sbt-node-snyk.yml@main - with: - ORG: guardian - JAVA_VERSION: 11 - EXCLUDE: package-lock.json # exclude V1, since it has its own special job below (because of JSPM) - secrets: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - - snyk-V1-only: - uses: guardian/.github/.github/workflows/sbt-node-snyk.yml@main - with: - ORG: guardian - EXCLUDE: fronts-client # exclude V2, since it's captured by the main job above - SKIP_SBT: true # exclude scala, since it's captured by the main job above - NODE_PACKAGE_JSON_FILES_MISSING_LOCK: v1_jspm_snyk_workaround/package.json v1_jspm_snyk_workaround/result/package.json - secrets: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} diff --git a/.gitignore b/.gitignore index d9c92bc377c..73b67204ec4 100644 --- a/.gitignore +++ b/.gitignore @@ -62,6 +62,3 @@ metals.sbt .metals .bloop .bsp - -v1_jspm_snyk_workaround/package-lock.json -v1_jspm_snyk_workaround/result diff --git a/.snyk b/.snyk deleted file mode 100644 index d48bcbfd1a0..00000000000 --- a/.snyk +++ /dev/null @@ -1,175 +0,0 @@ -# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. -version: v1.22.1 -# ignores vulnerabilities until expiry date; change duration by modifying expiry date -ignore: - SNYK-JS-INI-1048974: - - jspm > liftoff > findup-sync > resolve-dir > global-modules > global-prefix > ini: - reason: 'no patch available, we''ll notify you when there is one' - expires: '2021-12-01T14:50:19.227Z' - - grunt > grunt-cli > liftup > findup-sync > resolve-dir > global-modules > global-prefix > ini: - reason: 'no patch available, we''ll notify you when there is one' - expires: '2021-12-01T14:50:19.227Z' - SNYK-JS-KINDOF-537849: - - jspm > liftoff > findup-sync > micromatch > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: 'no patch available, we''ll notify you when there is one' - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > extglob > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > to-regex > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > nanomatch > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > extglob > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > to-regex > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > nanomatch > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > snapdragon > base > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > braces > snapdragon-node > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > braces > to-regex > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > extglob > to-regex > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > nanomatch > to-regex > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > snapdragon > base > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > braces > snapdragon-node > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > braces > to-regex > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > extglob > to-regex > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.227Z' - - jspm > liftoff > findup-sync > micromatch > nanomatch > to-regex > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > braces > snapdragon > base > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > extglob > snapdragon > base > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > nanomatch > snapdragon > base > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > extglob > expand-brackets > to-regex > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > braces > snapdragon > base > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > extglob > snapdragon > base > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > nanomatch > snapdragon > base > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > extglob > expand-brackets > to-regex > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > extglob > expand-brackets > snapdragon > base > define-property > is-descriptor > is-accessor-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > extglob > expand-brackets > snapdragon > base > define-property > is-descriptor > is-data-descriptor > kind-of: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - SNYK-JS-SETVALUE-1540541: - - jspm > liftoff > findup-sync > micromatch > snapdragon > base > cache-base > union-value > set-value: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > braces > snapdragon > base > cache-base > union-value > set-value: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > extglob > snapdragon > base > cache-base > union-value > set-value: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > nanomatch > snapdragon > base > cache-base > union-value > set-value: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > extglob > expand-brackets > snapdragon > base > cache-base > union-value > set-value: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - SNYK-JS-SETVALUE-450213: - - jspm > liftoff > findup-sync > micromatch > snapdragon > base > cache-base > union-value > set-value: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > braces > snapdragon > base > cache-base > union-value > set-value: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > extglob > snapdragon > base > cache-base > union-value > set-value: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > nanomatch > snapdragon > base > cache-base > union-value > set-value: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > liftoff > findup-sync > micromatch > extglob > expand-brackets > snapdragon > base > cache-base > union-value > set-value: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - SNYK-JS-TAR-1536528: - - jspm > jspm-github > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > jspm-npm > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - SNYK-JS-TAR-1536531: - - jspm > jspm-github > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > jspm-npm > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - SNYK-JS-TAR-1536758: - - jspm > jspm-github > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > jspm-npm > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - SNYK-JS-TAR-1579147: - - jspm > jspm-github > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > jspm-npm > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - SNYK-JS-TAR-1579152: - - jspm > jspm-github > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > jspm-npm > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - SNYK-JS-TAR-1579155: - - jspm > jspm-github > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - - jspm > jspm-npm > tar: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' - 'npm:underscore.string:20170908': - - grunt > grunt-legacy-util > underscore.string: - reason: no patch available - expires: '2021-12-01T14:50:19.228Z' -patch: {} diff --git a/v1_jspm_snyk_workaround/jspm-snyk-workaround.js b/v1_jspm_snyk_workaround/jspm-snyk-workaround.js deleted file mode 100644 index 4d3cd471b4b..00000000000 --- a/v1_jspm_snyk_workaround/jspm-snyk-workaround.js +++ /dev/null @@ -1,33 +0,0 @@ -const fs = require("fs"); - -const outputDirName = "result" -const outputPath = `${outputDirName}/package.json`; - -const packageJson = JSON.parse(String(fs.readFileSync("../package.json"))); - -const jspmDependencies = Object.fromEntries( - Object.values(packageJson.jspm.dependencies) // values because we don't care about what JSPM called them (i.e. the keys) - .filter(_ => !_.includes("systemjs")) - .map(jspmDepString => { - const [source, nameAtVersion] = jspmDepString.split(":"); - const [name, version] = nameAtVersion.split("@"); - const finalVersion = name.endsWith("panda-session") ? `v${version}` : version; - return [ - name.split("/").slice(-1), // last part (e.g. 'fastselect' if 'dbrekalo/fastselect') - source === "github" ? `git+https://github.com/${name}.git#${finalVersion}` : finalVersion - ] - }) -); - -const newPackageJson = { - ...packageJson, - dependencies: { - ...packageJson.dependencies, - ...jspmDependencies - } -}; - -fs.mkdirSync(outputDirName, {recursive: true}); -fs.writeFileSync(outputPath, JSON.stringify(newPackageJson, null, 2)); - -console.log(`Wrote alternate package.json for V1 to v1_jspm_workaround/${outputPath} , which surfaces the JSPM dependencies`) diff --git a/v1_jspm_snyk_workaround/package.json b/v1_jspm_snyk_workaround/package.json deleted file mode 100644 index e29eb87632c..00000000000 --- a/v1_jspm_snyk_workaround/package.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "scripts": { - "preinstall": "node jspm-snyk-workaround.js", - "audit": "cd ./result && npm i --package-lock-only && npm audit" - } -}