robojerk/codeql-action

Bump eslint-plugin-import to avoid vulnerability in dependency

Browse source
This commit is contained in:
Henry Mercer 2023-01-18 20:26:59 +00:00
parent 10695e6a20
commit ed9506bbaf
1660 changed files with 67726 additions and 27926 deletions
Download patch file Download diff file Expand all files Collapse all files

69
node_modules/is-core-module/test/index.js generated vendored
View file

@ -3,10 +3,12 @@
var test = require('tape');
var keys = require('object-keys');
var semver = require('semver');
var mockProperty = require('mock-property');
var isCore = require('../');
var data = require('../core.json');
var supportsNodePrefix = semver.satisfies(process.versions.node, '>= 16');
var supportsNodePrefix = semver.satisfies(process.versions.node, '^14.18 || >= 16', { includePrerelease: true });
test('core modules', function (t) {
t.test('isCore()', function (st) {
@ -42,7 +44,7 @@ test('core modules', function (t) {
t.test('core via repl module', { skip: !data.repl }, function (st) {
var libs = require('repl')._builtinLibs; // eslint-disable-line no-underscore-dangle
if (!libs) {
st.skip('module.builtinModules does not exist');
st.skip('repl._builtinLibs does not exist');
} else {
for (var i = 0; i < libs.length; ++i) {
var mod = libs[i];
@ -51,16 +53,18 @@ test('core modules', function (t) {
function () { require(mod); }, // eslint-disable-line no-loop-func
'requiring ' + mod + ' does not throw'
);
if (supportsNodePrefix) {
st.doesNotThrow(
function () { require('node:' + mod); }, // eslint-disable-line no-loop-func
'requiring node:' + mod + ' does not throw'
);
} else {
st['throws'](
function () { require('node:' + mod); }, // eslint-disable-line no-loop-func
'requiring node:' + mod + ' throws'
);
if (mod.slice(0, 5) !== 'node:') {
if (supportsNodePrefix) {
st.doesNotThrow(
function () { require('node:' + mod); }, // eslint-disable-line no-loop-func
'requiring node:' + mod + ' does not throw'
);
} else {
st['throws'](
function () { require('node:' + mod); }, // eslint-disable-line no-loop-func
'requiring node:' + mod + ' throws'
);
}
}
}
}
@ -79,6 +83,10 @@ test('core modules', function (t) {
'v8/tools/tickprocessor',
'v8/tools/profile'
];
// see https://github.com/nodejs/node/issues/42785
if (semver.satisfies(process.version, '>= 18')) {
libs = libs.concat('node:test');
}
for (var i = 0; i < libs.length; ++i) {
var mod = libs[i];
if (excludeList.indexOf(mod) === -1) {
@ -87,16 +95,18 @@ test('core modules', function (t) {
function () { require(mod); }, // eslint-disable-line no-loop-func
'requiring ' + mod + ' does not throw'
);
if (supportsNodePrefix) {
st.doesNotThrow(
function () { require('node:' + mod); }, // eslint-disable-line no-loop-func
'requiring node:' + mod + ' does not throw'
);
} else {
st['throws'](
function () { require('node:' + mod); }, // eslint-disable-line no-loop-func
'requiring node:' + mod + ' throws'
);
if (mod.slice(0, 5) !== 'node:') {
if (supportsNodePrefix) {
st.doesNotThrow(
function () { require('node:' + mod); }, // eslint-disable-line no-loop-func
'requiring node:' + mod + ' does not throw'
);
} else {
st['throws'](
function () { require('node:' + mod); }, // eslint-disable-line no-loop-func
'requiring node:' + mod + ' throws'
);
}
}
}
}
@ -104,5 +114,20 @@ test('core modules', function (t) {
st.end();
});
t.test('Object.prototype pollution', function (st) {
var nonKey = 'not a core module';
st.teardown(mockProperty(Object.prototype, 'fs', { value: false }));
st.teardown(mockProperty(Object.prototype, 'path', { value: '>= 999999999' }));
st.teardown(mockProperty(Object.prototype, 'http', { value: data.http }));
st.teardown(mockProperty(Object.prototype, nonKey, { value: true }));
st.equal(isCore('fs'), true, 'fs is a core module even if Object.prototype lies');
st.equal(isCore('path'), true, 'path is a core module even if Object.prototype lies');
st.equal(isCore('http'), true, 'path is a core module even if Object.prototype matches data');
st.equal(isCore(nonKey), false, '"' + nonKey + '" is not a core module even if Object.prototype lies');
st.end();
});
t.end();
});