From 8f1f41374c24d435d92013550d55873554d19ece Mon Sep 17 00:00:00 2001 From: Anoop M D Date: Sat, 7 Oct 2023 03:20:44 +0530 Subject: [PATCH] feat(#306): module whitelisting support --- package-lock.json | 98 ++++++++++++++++++- packages/bruno-cli/package.json | 2 +- .../src/runner/run-single-request.js | 8 +- packages/bruno-electron/package.json | 2 +- .../bruno-electron/src/ipc/network/index.js | 20 ++-- 5 files changed, 109 insertions(+), 21 deletions(-) diff --git a/package-lock.json b/package-lock.json index a7f0faa74..095bdc2ea 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16779,7 +16779,7 @@ "version": "0.12.0", "license": "MIT", "dependencies": { - "@usebruno/js": "0.6.0", + "@usebruno/js": "0.8.0", "@usebruno/lang": "0.5.0", "axios": "^1.5.1", "chai": "^4.3.7", @@ -16788,6 +16788,8 @@ "form-data": "^4.0.0", "fs-extra": "^10.1.0", "handlebars": "^4.7.8", + "http-proxy-agent": "^7.0.0", + "https-proxy-agent": "^7.0.2", "inquirer": "^9.1.4", "lodash": "^4.17.21", "mustache": "^4.2.0", @@ -16798,6 +16800,17 @@ "bru": "bin/bru.js" } }, + "packages/bruno-cli/node_modules/agent-base": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.0.tgz", + "integrity": "sha512-o/zjMZRhJxny7OyEF+Op8X+efiELC7k7yOjMzgfzVqOzXqkBkWI79YoTdOtsuWd5BWhAGAuOY/Xa6xpiaWXiNg==", + "dependencies": { + "debug": "^4.3.4" + }, + "engines": { + "node": ">= 14" + } + }, "packages/bruno-cli/node_modules/axios": { "version": "1.5.1", "resolved": "https://registry.npmjs.org/axios/-/axios-1.5.1.tgz", @@ -16820,11 +16833,35 @@ "node": ">=8" } }, + "packages/bruno-cli/node_modules/http-proxy-agent": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.0.tgz", + "integrity": "sha512-+ZT+iBxVUQ1asugqnD6oWoRiS25AkjNfG085dKJGtGxkdwLQrMKU5wJr2bOOFAXzKcTuqq+7fZlTMgG3SRfIYQ==", + "dependencies": { + "agent-base": "^7.1.0", + "debug": "^4.3.4" + }, + "engines": { + "node": ">= 14" + } + }, + "packages/bruno-cli/node_modules/https-proxy-agent": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.2.tgz", + "integrity": "sha512-NmLNjm6ucYwtcUmL7JQC1ZQ57LmHP4lT15FQ8D61nak1rO6DH+fz5qNK2Ap5UN4ZapYICE3/0KodcLYSPsPbaA==", + "dependencies": { + "agent-base": "^7.0.2", + "debug": "4" + }, + "engines": { + "node": ">= 14" + } + }, "packages/bruno-electron": { "name": "bruno", "version": "v0.20.0", "dependencies": { - "@usebruno/js": "0.6.0", + "@usebruno/js": "0.8.0", "@usebruno/lang": "0.5.0", "@usebruno/schema": "0.5.0", "about-window": "^1.15.2", @@ -16841,6 +16878,7 @@ "fs-extra": "^10.1.0", "graphql": "^16.6.0", "handlebars": "^4.7.8", + "http-proxy-agent": "^7.0.0", "https-proxy-agent": "^7.0.2", "is-valid-path": "^0.1.1", "lodash": "^4.17.21", @@ -16950,6 +16988,18 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "packages/bruno-electron/node_modules/http-proxy-agent": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.0.tgz", + "integrity": "sha512-+ZT+iBxVUQ1asugqnD6oWoRiS25AkjNfG085dKJGtGxkdwLQrMKU5wJr2bOOFAXzKcTuqq+7fZlTMgG3SRfIYQ==", + "dependencies": { + "agent-base": "^7.1.0", + "debug": "^4.3.4" + }, + "engines": { + "node": ">= 14" + } + }, "packages/bruno-electron/node_modules/https-proxy-agent": { "version": "7.0.2", "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.2.tgz", @@ -17006,7 +17056,7 @@ }, "packages/bruno-js": { "name": "@usebruno/js", - "version": "0.6.0", + "version": "0.8.0", "license": "MIT", "dependencies": { "@usebruno/query": "0.1.0", @@ -20102,7 +20152,7 @@ "@usebruno/cli": { "version": "file:packages/bruno-cli", "requires": { - "@usebruno/js": "0.6.0", + "@usebruno/js": "0.8.0", "@usebruno/lang": "0.5.0", "axios": "^1.5.1", "chai": "^4.3.7", @@ -20111,6 +20161,8 @@ "form-data": "^4.0.0", "fs-extra": "^10.1.0", "handlebars": "^4.7.8", + "http-proxy-agent": "^7.0.0", + "https-proxy-agent": "^7.0.2", "inquirer": "^9.1.4", "lodash": "^4.17.21", "mustache": "^4.2.0", @@ -20118,6 +20170,14 @@ "yargs": "^17.6.2" }, "dependencies": { + "agent-base": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.0.tgz", + "integrity": "sha512-o/zjMZRhJxny7OyEF+Op8X+efiELC7k7yOjMzgfzVqOzXqkBkWI79YoTdOtsuWd5BWhAGAuOY/Xa6xpiaWXiNg==", + "requires": { + "debug": "^4.3.4" + } + }, "axios": { "version": "1.5.1", "resolved": "https://registry.npmjs.org/axios/-/axios-1.5.1.tgz", @@ -20136,6 +20196,24 @@ "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" } + }, + "http-proxy-agent": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.0.tgz", + "integrity": "sha512-+ZT+iBxVUQ1asugqnD6oWoRiS25AkjNfG085dKJGtGxkdwLQrMKU5wJr2bOOFAXzKcTuqq+7fZlTMgG3SRfIYQ==", + "requires": { + "agent-base": "^7.1.0", + "debug": "^4.3.4" + } + }, + "https-proxy-agent": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.2.tgz", + "integrity": "sha512-NmLNjm6ucYwtcUmL7JQC1ZQ57LmHP4lT15FQ8D61nak1rO6DH+fz5qNK2Ap5UN4ZapYICE3/0KodcLYSPsPbaA==", + "requires": { + "agent-base": "^7.0.2", + "debug": "4" + } } } }, @@ -21210,7 +21288,7 @@ "bruno": { "version": "file:packages/bruno-electron", "requires": { - "@usebruno/js": "0.6.0", + "@usebruno/js": "0.8.0", "@usebruno/lang": "0.5.0", "@usebruno/schema": "0.5.0", "about-window": "^1.15.2", @@ -21231,6 +21309,7 @@ "fs-extra": "^10.1.0", "graphql": "^16.6.0", "handlebars": "^4.7.8", + "http-proxy-agent": "^7.0.0", "https-proxy-agent": "^7.0.2", "is-valid-path": "^0.1.1", "lodash": "^4.17.21", @@ -21300,6 +21379,15 @@ "pump": "^3.0.0" } }, + "http-proxy-agent": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.0.tgz", + "integrity": "sha512-+ZT+iBxVUQ1asugqnD6oWoRiS25AkjNfG085dKJGtGxkdwLQrMKU5wJr2bOOFAXzKcTuqq+7fZlTMgG3SRfIYQ==", + "requires": { + "agent-base": "^7.1.0", + "debug": "^4.3.4" + } + }, "https-proxy-agent": { "version": "7.0.2", "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.2.tgz", diff --git a/packages/bruno-cli/package.json b/packages/bruno-cli/package.json index c5e213509..fd5a74faf 100644 --- a/packages/bruno-cli/package.json +++ b/packages/bruno-cli/package.json @@ -24,7 +24,7 @@ "package.json" ], "dependencies": { - "@usebruno/js": "0.6.0", + "@usebruno/js": "0.8.0", "@usebruno/lang": "0.5.0", "axios": "^1.5.1", "chai": "^4.3.7", diff --git a/packages/bruno-cli/src/runner/run-single-request.js b/packages/bruno-cli/src/runner/run-single-request.js index c658d76ca..f86e1b028 100644 --- a/packages/bruno-cli/src/runner/run-single-request.js +++ b/packages/bruno-cli/src/runner/run-single-request.js @@ -29,7 +29,7 @@ const runSingleRequest = async function ( request = prepareRequest(bruJson.request); - const allowScriptFilesystemAccess = get(brunoConfig, 'filesystemAccess.allow', false); + const scriptingConfig = get(brunoConfig, 'scripts', {}); // make axios work in node using form data // reference: https://github.com/axios/axios/issues/1006#issuecomment-320165427 @@ -68,7 +68,7 @@ const runSingleRequest = async function ( collectionPath, null, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); } @@ -210,7 +210,7 @@ const runSingleRequest = async function ( collectionPath, null, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); } @@ -252,7 +252,7 @@ const runSingleRequest = async function ( collectionPath, null, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); testResults = get(result, 'results', []); } diff --git a/packages/bruno-electron/package.json b/packages/bruno-electron/package.json index 8b1fce2af..b66dd0434 100644 --- a/packages/bruno-electron/package.json +++ b/packages/bruno-electron/package.json @@ -14,7 +14,7 @@ "test": "jest" }, "dependencies": { - "@usebruno/js": "0.6.0", + "@usebruno/js": "0.8.0", "@usebruno/lang": "0.5.0", "@usebruno/schema": "0.5.0", "about-window": "^1.15.2", diff --git a/packages/bruno-electron/src/ipc/network/index.js b/packages/bruno-electron/src/ipc/network/index.js index 43d06d6c4..0586054d1 100644 --- a/packages/bruno-electron/src/ipc/network/index.js +++ b/packages/bruno-electron/src/ipc/network/index.js @@ -109,7 +109,7 @@ const registerNetworkIpc = (mainWindow) => { const envVars = getEnvVars(environment); const processEnvVars = getProcessEnvVars(collectionUid); const brunoConfig = getBrunoConfig(collectionUid); - const allowScriptFilesystemAccess = get(brunoConfig, 'filesystemAccess.allow', false); + const scriptingConfig = get(brunoConfig, 'scripts', {}); try { // make axios work in node using form data @@ -162,7 +162,7 @@ const registerNetworkIpc = (mainWindow) => { collectionPath, onConsoleLog, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); mainWindow.webContents.send('main:script-environment-update', { @@ -296,7 +296,7 @@ const registerNetworkIpc = (mainWindow) => { collectionPath, onConsoleLog, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); mainWindow.webContents.send('main:script-environment-update', { @@ -342,7 +342,7 @@ const registerNetworkIpc = (mainWindow) => { collectionPath, onConsoleLog, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); mainWindow.webContents.send('main:run-request-event', { @@ -421,7 +421,7 @@ const registerNetworkIpc = (mainWindow) => { collectionPath, onConsoleLog, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); mainWindow.webContents.send('main:run-request-event', { @@ -514,7 +514,7 @@ const registerNetworkIpc = (mainWindow) => { const collectionPath = collection.pathname; const folderUid = folder ? folder.uid : null; const brunoConfig = getBrunoConfig(collectionUid); - const allowScriptFilesystemAccess = get(brunoConfig, 'filesystemAccess.allow', false); + const scriptingConfig = get(brunoConfig, 'scripts', {}); const onConsoleLog = (type, args) => { console[type](...args); @@ -621,7 +621,7 @@ const registerNetworkIpc = (mainWindow) => { collectionPath, onConsoleLog, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); mainWindow.webContents.send('main:script-environment-update', { @@ -735,7 +735,7 @@ const registerNetworkIpc = (mainWindow) => { collectionPath, onConsoleLog, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); mainWindow.webContents.send('main:script-environment-update', { @@ -779,7 +779,7 @@ const registerNetworkIpc = (mainWindow) => { collectionPath, onConsoleLog, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); mainWindow.webContents.send('main:run-folder-event', { @@ -859,7 +859,7 @@ const registerNetworkIpc = (mainWindow) => { collectionPath, onConsoleLog, processEnvVars, - allowScriptFilesystemAccess + scriptingConfig ); mainWindow.webContents.send('main:run-folder-event', {