extern/bruno
1
0
Fork 1
mirror of https://github.com/usebruno/bruno.git synced 2025-01-22 21:58:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(#263): Replace vm2 with fork of vm2 to fix security issues (#1400)

Browse Source
This commit is contained in:
Timon 2024-01-16 23:31:00 +01:00 committed by GitHub
parent b5fccef417
commit 4e34aba1ca
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 64 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
package-lock.json generated
View File

@ -4041,6 +4041,41 @@
"node": ">=12" "node": ">=12"
} }
}, },
"node_modules/@n8n/vm2": {
"version": "3.9.23",
"resolved": "https://registry.npmjs.org/@n8n/vm2/-/vm2-3.9.23.tgz",
"integrity": "sha512-yu+It+L89uljQsCJ2e9cQaXzoXJe9bU69QQIoWUOcUw0u5Zon37DuB7bdNNsjKS1ZdFD+fBWCQpq/FkqHsSjXQ==",
"dependencies": {
"acorn": "^8.7.0",
"acorn-walk": "^8.2.0"
},
"bin": {
"vm2": "bin/vm2"
},
"engines": {
"node": ">=18.10",
"pnpm": ">=8.6.12"
}
},
"node_modules/@n8n/vm2/node_modules/acorn": {
"version": "8.11.3",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz",
"integrity": "sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg==",
"bin": {
"acorn": "bin/acorn"
},
"engines": {
"node": ">=0.4.0"
}
},
"node_modules/@n8n/vm2/node_modules/acorn-walk": {
"version": "8.3.2",
"resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.2.tgz",
"integrity": "sha512-cjkyv4OtNCIeqhHrfS81QWXoCBPExR/J62oyEqepVw8WaQeSqpW2uhuLPh1m9eWhDuOo/jUXVTlifvesOWp/4A==",
"engines": {
"node": ">=0.4.0"
}
},
"node_modules/@next/env": { "node_modules/@next/env": {
"version": "12.3.3", "version": "12.3.3",
"license": "MIT" "license": "MIT"
@ -17321,37 +17356,6 @@
"license": "MIT", "license": "MIT",
"optional": true "optional": true
}, },
"node_modules/vm2": {
"version": "3.9.13",
"license": "MIT",
"dependencies": {
"acorn": "^8.7.0",
"acorn-walk": "^8.2.0"
},
"bin": {
"vm2": "bin/vm2"
},
"engines": {
"node": ">=6.0"
}
},
"node_modules/vm2/node_modules/acorn": {
"version": "8.8.2",
"license": "MIT",
"bin": {
"acorn": "bin/acorn"
},
"engines": {
"node": ">=0.4.0"
}
},
"node_modules/vm2/node_modules/acorn-walk": {
"version": "8.2.0",
"license": "MIT",
"engines": {
"node": ">=0.4.0"
}
},
"node_modules/vscode-languageserver-types": { "node_modules/vscode-languageserver-types": {
"version": "3.17.2", "version": "3.17.2",
"license": "MIT" "license": "MIT"
@ -18142,9 +18146,10 @@
}, },
"packages/bruno-electron": { "packages/bruno-electron": {
"name": "bruno", "name": "bruno",
"version": "v1.6.0", "version": "v1.6.1",
"dependencies": { "dependencies": {
"@aws-sdk/credential-providers": "^3.425.0", "@aws-sdk/credential-providers": "^3.425.0",
"@n8n/vm2": "^3.9.23",
"@usebruno/js": "0.9.4", "@usebruno/js": "0.9.4",
"@usebruno/lang": "0.9.0", "@usebruno/lang": "0.9.0",
"@usebruno/schema": "0.6.0", "@usebruno/schema": "0.6.0",
@ -18177,7 +18182,6 @@
"socks-proxy-agent": "^8.0.2", "socks-proxy-agent": "^8.0.2",
"tough-cookie": "^4.1.3", "tough-cookie": "^4.1.3",
"uuid": "^9.0.0", "uuid": "^9.0.0",
"vm2": "^3.9.13",
"yup": "^0.32.11" "yup": "^0.32.11"
}, },
"devDependencies": { "devDependencies": {
@ -18412,7 +18416,7 @@
"uuid": "^9.0.0" "uuid": "^9.0.0"
}, },
"peerDependencies": { "peerDependencies": {
"vm2": "^3.9.13" "@n8n/vm2": "^3.9.23"
} }
}, },
"packages/bruno-js/node_modules/ajv": { "packages/bruno-js/node_modules/ajv": {
@ -21386,6 +21390,27 @@
"@n1ru4l/push-pull-async-iterable-iterator": { "@n1ru4l/push-pull-async-iterable-iterator": {
"version": "3.2.0" "version": "3.2.0"
}, },
"@n8n/vm2": {
"version": "3.9.23",
"resolved": "https://registry.npmjs.org/@n8n/vm2/-/vm2-3.9.23.tgz",
"integrity": "sha512-yu+It+L89uljQsCJ2e9cQaXzoXJe9bU69QQIoWUOcUw0u5Zon37DuB7bdNNsjKS1ZdFD+fBWCQpq/FkqHsSjXQ==",
"requires": {
"acorn": "^8.7.0",
"acorn-walk": "^8.2.0"
},
"dependencies": {
"acorn": {
"version": "8.11.3",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz",
"integrity": "sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg=="
},
"acorn-walk": {
"version": "8.3.2",
"resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.2.tgz",
"integrity": "sha512-cjkyv4OtNCIeqhHrfS81QWXoCBPExR/J62oyEqepVw8WaQeSqpW2uhuLPh1m9eWhDuOo/jUXVTlifvesOWp/4A=="
}
}
},
"@next/env": { "@next/env": {
"version": "12.3.3" "version": "12.3.3"
}, },
@ -23512,6 +23537,7 @@
"version": "file:packages/bruno-electron", "version": "file:packages/bruno-electron",
"requires": { "requires": {
"@aws-sdk/credential-providers": "^3.425.0", "@aws-sdk/credential-providers": "^3.425.0",
"@n8n/vm2": "^3.9.23",
"@usebruno/js": "0.9.4", "@usebruno/js": "0.9.4",
"@usebruno/lang": "0.9.0", "@usebruno/lang": "0.9.0",
"@usebruno/schema": "0.6.0", "@usebruno/schema": "0.6.0",
@ -23548,7 +23574,6 @@
"socks-proxy-agent": "^8.0.2", "socks-proxy-agent": "^8.0.2",
"tough-cookie": "^4.1.3", "tough-cookie": "^4.1.3",
"uuid": "^9.0.0", "uuid": "^9.0.0",
"vm2": "^3.9.13",
"yup": "^0.32.11" "yup": "^0.32.11"
}, },
"dependencies": { "dependencies": {
@ -30495,21 +30520,6 @@
} }
} }
}, },
"vm2": {
"version": "3.9.13",
"requires": {
"acorn": "^8.7.0",
"acorn-walk": "^8.2.0"
},
"dependencies": {
"acorn": {
"version": "8.8.2"
},
"acorn-walk": {
"version": "8.2.0"
}
}
},
"vscode-languageserver-types": { "vscode-languageserver-types": {
"version": "3.17.2" "version": "3.17.2"
}, },

2
packages/bruno-electron/package.json
View File

@ -52,7 +52,7 @@
"socks-proxy-agent": "^8.0.2", "socks-proxy-agent": "^8.0.2",
"tough-cookie": "^4.1.3", "tough-cookie": "^4.1.3",
"uuid": "^9.0.0", "uuid": "^9.0.0",
"vm2": "^3.9.13", "@n8n/vm2": "^3.9.23",
"yup": "^0.32.11" "yup": "^0.32.11"
}, },
"optionalDependencies": { "optionalDependencies": {

2
packages/bruno-js/package.json
View File

@ -8,7 +8,7 @@
"package.json" "package.json"
], ],
"peerDependencies": { "peerDependencies": {
"vm2": "^3.9.13" "@n8n/vm2": "^3.9.23"
}, },
"scripts": { "scripts": {
"test": "jest --testPathIgnorePatterns test.js" "test": "jest --testPathIgnorePatterns test.js"

2
packages/bruno-js/src/runtime/script-runtime.js
View File

@ -1,4 +1,4 @@
const { NodeVM } = require('vm2'); const { NodeVM } = require('@n8n/vm2');
const path = require('path'); const path = require('path');
const http = require('http'); const http = require('http');
const https = require('https'); const https = require('https');

2
packages/bruno-js/src/runtime/test-runtime.js
View File

@ -1,4 +1,4 @@
const { NodeVM } = require('vm2'); const { NodeVM } = require('@n8n/vm2');
const chai = require('chai'); const chai = require('chai');
const path = require('path'); const path = require('path');
const http = require('http'); const http = require('http');