From 016eafa35dde20fd614fcf01626f7df99bdf96ff Mon Sep 17 00:00:00 2001 From: jasquat <2487833+jasquat@users.noreply.github.com> Date: Fri, 10 Nov 2023 14:13:28 -0500 Subject: [PATCH] Feature/debug snyk (#660) * try to debug snyk issue * try to correct debug env var * put the debug var in the correct area * updated autoprefixer to make snyk happy * put the rest of the ci items back * run snyk on a schedule w/ burnettk --------- Co-authored-by: jasquat --- .github/workflows/snyk-security.yml | 11 ++++-- spiffworkflow-frontend/package-lock.json | 44 +++++++++++++----------- spiffworkflow-frontend/package.json | 2 +- 3 files changed, 34 insertions(+), 23 deletions(-) diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml index 940f1a73d..aa44340fb 100644 --- a/.github/workflows/snyk-security.yml +++ b/.github/workflows/snyk-security.yml @@ -23,9 +23,13 @@ name: Snyk Security # branches: ["main" ] # pull_request: # branches: ["main"] +# on: +# - push +# - pull_request on: - - push - - pull_request + workflow_dispatch: # allow running on demand + schedule: + - cron: "0 14 * * 2" # Every Tuesday at 1PM UTC (9AM/10AM eastern) permissions: contents: read @@ -121,6 +125,9 @@ jobs: # Runs Snyk Open Source (SCA) analysis and uploads result to Snyk. - name: Snyk Open Source monitor run: snyk monitor --all-projects + # # uncomment to enable debug logs + # env: + # DEBUG: "*snyk*" # Build the docker image for testing - name: Build a Docker image diff --git a/spiffworkflow-frontend/package-lock.json b/spiffworkflow-frontend/package-lock.json index 57ff47387..4737ab1dd 100644 --- a/spiffworkflow-frontend/package-lock.json +++ b/spiffworkflow-frontend/package-lock.json @@ -33,7 +33,7 @@ "@types/react": "^18.0.17", "@types/react-dom": "^18.0.6", "@uiw/react-md-editor": "^3.20.2", - "autoprefixer": "10.4.8", + "autoprefixer": "^10.4.13", "axios": "^0.27.2", "bpmn-js": "^13.2.2", "bpmn-js-properties-panel": "^1.22.0", @@ -7591,9 +7591,9 @@ } }, "node_modules/autoprefixer": { - "version": "10.4.8", - "resolved": "https://registry.npmjs.org/autoprefixer/-/autoprefixer-10.4.8.tgz", - "integrity": "sha512-75Jr6Q/XpTqEf6D2ltS5uMewJIx5irCU1oBYJrWjFenq/m12WRRrz6g15L1EIoYvPLXTbEry7rDOwrcYNj77xw==", + "version": "10.4.16", + "resolved": "https://registry.npmjs.org/autoprefixer/-/autoprefixer-10.4.16.tgz", + "integrity": "sha512-7vd3UC6xKp0HLfua5IjZlcXvGAGy7cBAXTg2lyQ/8WpNhd6SiZ8Be+xm3FyBSYJx5GKcpRCzBh7RH4/0dnY+uQ==", "funding": [ { "type": "opencollective", @@ -7602,12 +7602,16 @@ { "type": "tidelift", "url": "https://tidelift.com/funding/github/npm/autoprefixer" + }, + { + "type": "github", + "url": "https://github.com/sponsors/ai" } ], "dependencies": { - "browserslist": "^4.21.3", - "caniuse-lite": "^1.0.30001373", - "fraction.js": "^4.2.0", + "browserslist": "^4.21.10", + "caniuse-lite": "^1.0.30001538", + "fraction.js": "^4.3.6", "normalize-range": "^0.1.2", "picocolors": "^1.0.0", "postcss-value-parser": "^4.2.0" @@ -14780,15 +14784,15 @@ } }, "node_modules/fraction.js": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/fraction.js/-/fraction.js-4.2.0.tgz", - "integrity": "sha512-MhLuK+2gUcnZe8ZHlaaINnQLl0xRIGRfcGk2yl8xoQAfHrSsL3rYu6FCmBdkdbhc9EPlwyGHewaRsvwRMJtAlA==", + "version": "4.3.7", + "resolved": "https://registry.npmjs.org/fraction.js/-/fraction.js-4.3.7.tgz", + "integrity": "sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew==", "engines": { "node": "*" }, "funding": { "type": "patreon", - "url": "https://www.patreon.com/infusion" + "url": "https://github.com/sponsors/rawify" } }, "node_modules/fragment-cache": { @@ -37630,13 +37634,13 @@ "integrity": "sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==" }, "autoprefixer": { - "version": "10.4.8", - "resolved": "https://registry.npmjs.org/autoprefixer/-/autoprefixer-10.4.8.tgz", - "integrity": "sha512-75Jr6Q/XpTqEf6D2ltS5uMewJIx5irCU1oBYJrWjFenq/m12WRRrz6g15L1EIoYvPLXTbEry7rDOwrcYNj77xw==", + "version": "10.4.16", + "resolved": "https://registry.npmjs.org/autoprefixer/-/autoprefixer-10.4.16.tgz", + "integrity": "sha512-7vd3UC6xKp0HLfua5IjZlcXvGAGy7cBAXTg2lyQ/8WpNhd6SiZ8Be+xm3FyBSYJx5GKcpRCzBh7RH4/0dnY+uQ==", "requires": { - "browserslist": "^4.21.3", - "caniuse-lite": "^1.0.30001373", - "fraction.js": "^4.2.0", + "browserslist": "^4.21.10", + "caniuse-lite": "^1.0.30001538", + "fraction.js": "^4.3.6", "normalize-range": "^0.1.2", "picocolors": "^1.0.0", "postcss-value-parser": "^4.2.0" @@ -43221,9 +43225,9 @@ "integrity": "sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow==" }, "fraction.js": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/fraction.js/-/fraction.js-4.2.0.tgz", - "integrity": "sha512-MhLuK+2gUcnZe8ZHlaaINnQLl0xRIGRfcGk2yl8xoQAfHrSsL3rYu6FCmBdkdbhc9EPlwyGHewaRsvwRMJtAlA==" + "version": "4.3.7", + "resolved": "https://registry.npmjs.org/fraction.js/-/fraction.js-4.3.7.tgz", + "integrity": "sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew==" }, "fragment-cache": { "version": "0.2.1", diff --git a/spiffworkflow-frontend/package.json b/spiffworkflow-frontend/package.json index 866f86493..1e41f099a 100644 --- a/spiffworkflow-frontend/package.json +++ b/spiffworkflow-frontend/package.json @@ -28,7 +28,7 @@ "@types/react": "^18.0.17", "@types/react-dom": "^18.0.6", "@uiw/react-md-editor": "^3.20.2", - "autoprefixer": "10.4.8", + "autoprefixer": "^10.4.13", "axios": "^0.27.2", "bpmn-js": "^13.2.2", "bpmn-js-properties-panel": "^1.22.0",