Skip to content

Commit f3dbef1

Browse files
author
Akos Kitta
committed
chore(deps): update dependencies
To fix all security vulnerabilities detected by `Dependabot`. - remove `shelljs`. replace with `fs` and `console`. - remove `uuid`. replace with `@phosphor/coreutils`. Signed-off-by: Akos Kitta <a.kitta@arduino.cc>
1 parent 8f4bcc8 commit f3dbef1

File tree

17 files changed

+1475
-2751
lines changed

17 files changed

+1475
-2751
lines changed

arduino-ide-extension/package.json

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -109,7 +109,7 @@
109109
"devDependencies": {
110110
"@octokit/rest": "^18.12.0",
111111
"@types/chai": "^4.2.7",
112-
"@types/mocha": "^5.2.7",
112+
"@types/mocha": "^10.0.0",
113113
"@types/react-window": "^1.8.5",
114114
"@xhmikosr/downloader": "^13.0.1",
115115
"chai": "^4.2.0",
@@ -118,18 +118,15 @@
118118
"decompress-tarbz2": "^4.1.1",
119119
"decompress-targz": "^4.1.1",
120120
"decompress-unzip": "^4.0.1",
121-
"grpc_tools_node_protoc_ts": "^4.1.0",
122-
"mocha": "^7.0.0",
121+
"grpc_tools_node_protoc_ts": "^5.3.3",
122+
"mocha": "^10.2.0",
123123
"mockdate": "^3.0.5",
124124
"moment": "^2.24.0",
125125
"ncp": "^2.0.0",
126-
"rimraf": "^2.6.1",
127-
"shelljs": "^0.8.3",
128-
"uuid": "^3.2.1",
129-
"yargs": "^11.1.0"
126+
"rimraf": "^2.6.1"
130127
},
131128
"optionalDependencies": {
132-
"grpc-tools": "^1.9.0",
129+
"grpc-tools": "^1.12.4",
133130
"protoc": "^1.0.4"
134131
},
135132
"mocha": {

arduino-ide-extension/scripts/download-cli.js

Lines changed: 8 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,6 @@
22

33
(async () => {
44
const path = require('path');
5-
const shell = require('shelljs');
65
const semver = require('semver');
76
const moment = require('moment');
87
const downloader = require('./downloader');
@@ -29,8 +28,8 @@
2928
})();
3029

3130
if (!version) {
32-
shell.echo(`Could not retrieve CLI version info from the 'package.json'.`);
33-
shell.exit(1);
31+
console.log(`Could not retrieve CLI version info from the 'package.json'.`);
32+
process.exit(1);
3433
}
3534

3635
const { platform, arch } = process;
@@ -71,24 +70,24 @@
7170
}
7271
})();
7372
if (!suffix) {
74-
shell.echo(`The CLI is not available for ${platform} ${arch}.`);
75-
shell.exit(1);
73+
console.log(`The CLI is not available for ${platform} ${arch}.`);
74+
process.exit(1);
7675
}
7776
if (semver.valid(version)) {
7877
const url = `https://downloads.arduino.cc/arduino-cli/arduino-cli_${version}_${suffix}`;
79-
shell.echo(
78+
console.log(
8079
`📦 Identified released version of the CLI. Downloading version ${version} from '${url}'`
8180
);
8281
await downloader.downloadUnzipFile(url, destinationPath, 'arduino-cli');
8382
} else if (moment(version, 'YYYYMMDD', true).isValid()) {
8483
const url = `https://downloads.arduino.cc/arduino-cli/nightly/arduino-cli_nightly-${version}_${suffix}`;
85-
shell.echo(
84+
console.log(
8685
`🌙 Identified nightly version of the CLI. Downloading version ${version} from '${url}'`
8786
);
8887
await downloader.downloadUnzipFile(url, destinationPath, 'arduino-cli');
8988
} else {
90-
shell.echo(`🔥 Could not interpret 'version': ${version}`);
91-
shell.exit(1);
89+
console.log(`🔥 Could not interpret 'version': ${version}`);
90+
process.exit(1);
9291
}
9392
} else {
9493
taskBuildFromGit(version, destinationPath, 'CLI');

arduino-ide-extension/scripts/download-examples.js

Lines changed: 24 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -5,10 +5,14 @@ const version = '1.10.0';
55

66
(async () => {
77
const os = require('node:os');
8-
const { existsSync, promises: fs } = require('node:fs');
8+
const {
9+
existsSync,
10+
promises: fs,
11+
mkdirSync,
12+
readdirSync,
13+
cpSync,
14+
} = require('node:fs');
915
const path = require('node:path');
10-
const shell = require('shelljs');
11-
const { v4 } = require('uuid');
1216
const { exec } = require('./utils');
1317

1418
const destination = path.join(
@@ -20,31 +24,38 @@ const version = '1.10.0';
2024
'Examples'
2125
);
2226
if (existsSync(destination)) {
23-
shell.echo(
27+
console.log(
2428
`Skipping Git checkout of the examples because the repository already exists: ${destination}`
2529
);
2630
return;
2731
}
2832

29-
const repository = path.join(os.tmpdir(), `${v4()}-arduino-examples`);
30-
if (shell.mkdir('-p', repository).code !== 0) {
31-
shell.exit(1);
32-
}
33+
const repository = await fs.mkdtemp(
34+
path.join(os.tmpdir(), 'arduino-examples-')
35+
);
3336

3437
exec(
3538
'git',
3639
['clone', 'https://github.com/arduino/arduino-examples.git', repository],
37-
shell
40+
{ logStdout: true }
3841
);
3942

4043
exec(
4144
'git',
4245
['-C', repository, 'checkout', `tags/${version}`, '-b', version],
43-
shell
46+
{ logStdout: true }
4447
);
4548

46-
shell.mkdir('-p', destination);
47-
shell.cp('-fR', path.join(repository, 'examples', '*'), destination);
49+
mkdirSync(destination, { recursive: true });
50+
const examplesPath = path.join(repository, 'examples');
51+
const exampleResources = readdirSync(examplesPath);
52+
for (const exampleResource of exampleResources) {
53+
cpSync(
54+
path.join(examplesPath, exampleResource),
55+
path.join(destination, exampleResource),
56+
{ recursive: true }
57+
);
58+
}
4859

4960
const isSketch = async (pathLike) => {
5061
try {
@@ -104,5 +115,5 @@ const version = '1.10.0';
104115
JSON.stringify(examples, null, 2),
105116
{ encoding: 'utf8' }
106117
);
107-
shell.echo(`Generated output to ${path.join(destination, 'examples.json')}`);
118+
console.log(`Generated output to ${path.join(destination, 'examples.json')}`);
108119
})();

arduino-ide-extension/scripts/download-fwuploader.js

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,6 @@
22

33
(async () => {
44
const path = require('node:path');
5-
const shell = require('shelljs');
65
const semver = require('semver');
76
const downloader = require('./downloader');
87
const { taskBuildFromGit } = require('./utils');
@@ -28,10 +27,10 @@
2827
})();
2928

3029
if (!version) {
31-
shell.echo(
30+
console.log(
3231
`Could not retrieve Firmware Uploader version info from the 'package.json'.`
3332
);
34-
shell.exit(1);
33+
process.exit(1);
3534
}
3635

3736
const { platform, arch } = process;
@@ -71,14 +70,14 @@
7170
}
7271
})();
7372
if (!suffix) {
74-
shell.echo(
73+
console.log(
7574
`The Firmware Uploader is not available for ${platform} ${arch}.`
7675
);
77-
shell.exit(1);
76+
process.exit(1);
7877
}
7978
if (semver.valid(version)) {
8079
const url = `https://downloads.arduino.cc/arduino-fwuploader/arduino-fwuploader_${version}_${suffix}`;
81-
shell.echo(
80+
console.log(
8281
`📦 Identified released version of the Firmware Uploader. Downloading version ${version} from '${url}'`
8382
);
8483
await downloader.downloadUnzipFile(
@@ -87,8 +86,8 @@
8786
'arduino-fwuploader'
8887
);
8988
} else {
90-
shell.echo(`🔥 Could not interpret 'version': ${version}`);
91-
shell.exit(1);
89+
console.log(`🔥 Could not interpret 'version': ${version}`);
90+
process.exit(1);
9291
}
9392
} else {
9493
taskBuildFromGit(version, destinationPath, 'Firmware Uploader');

arduino-ide-extension/scripts/download-ls.js

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,6 @@
55

66
(() => {
77
const path = require('path');
8-
const shell = require('shelljs');
98
const downloader = require('./downloader');
109
const { goBuildFromGit } = require('./utils');
1110

@@ -25,20 +24,20 @@
2524
})();
2625

2726
if (!DEFAULT_LS_VERSION) {
28-
shell.echo(
27+
console.log(
2928
`Could not retrieve Arduino Language Server version info from the 'package.json'.`
3029
);
31-
shell.exit(1);
30+
process.exit(1);
3231
}
3332

3433
if (!DEFAULT_CLANGD_VERSION) {
35-
shell.echo(
34+
console.log(
3635
`Could not retrieve clangd version info from the 'package.json'.`
3736
);
38-
shell.exit(1);
37+
process.exit(1);
3938
}
4039

41-
const yargs = require('yargs')
40+
const yargs = require('@theia/core/shared/yargs')
4241
.option('ls-version', {
4342
alias: 'lv',
4443
default: DEFAULT_LS_VERSION,
@@ -114,10 +113,10 @@
114113
throw new Error(`Unsupported platform/arch: ${platformArch}.`);
115114
}
116115
if (!lsSuffix || !clangdSuffix) {
117-
shell.echo(
116+
console.log(
118117
`The arduino-language-server is not available for ${platform} ${arch}.`
119118
);
120-
shell.exit(1);
119+
process.exit(1);
121120
}
122121

123122
if (typeof lsVersion === 'string') {

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy