From 5717af872df070a50b9c27ccb21e2753339ae8fe Mon Sep 17 00:00:00 2001 From: Matt Strapp Date: Fri, 1 Apr 2022 17:50:13 +0200 Subject: Attempt to add basic SAML Signed-off-by: Matt Strapp --- package.json | 59 +++++----- src/index.ts | 16 ++- src/public/js/form.js | 9 +- src/routes/api.ts | 266 ++++++++++++++++++++++++++++++++++++++++++ src/routes/middleware/saml.ts | 13 +++ src/routes/pendulum.ts | 266 ------------------------------------------ tsconfig.json | 2 +- yarn.lock | 258 +++++++++++++++++++++++++++------------- 8 files changed, 505 insertions(+), 384 deletions(-) create mode 100644 src/routes/api.ts create mode 100644 src/routes/middleware/saml.ts delete mode 100644 src/routes/pendulum.ts diff --git a/package.json b/package.json index cc35827..7862e3e 100644 --- a/package.json +++ b/package.json @@ -1,34 +1,38 @@ { "dependencies": { - "cookie-parser": "^1.4.6", - "csurf": "^1.11.0", - "ejs": "^3.1.6", - "express": "^4.17.3", - "express-fileupload": "^1.3.1", - "express-rate-limit": "^6.3.0", - "helmet": "^5.0.2", - "shell-quote": "^1.7.3" + "cookie-parser": "1.4.6", + "csurf": "1.11.0", + "ejs": "3.1.6", + "express": "4.17.3", + "express-fileupload": "1.3.1", + "express-rate-limit": "6.3.0", + "helmet": "5.0.2", + "passport": "^0.5.2", + "passport-saml": "3.2.1", + "shell-quote": "1.7.3", + "umn-shib-nodejs": "RosstheRoss/umn-shib-nodejs#master" }, "devDependencies": { - "@types/cookie-parser": "^1.4.2", - "@types/csurf": "^1.11.2", - "@types/express": "^4.17.13", - "@types/express-fileupload": "^1.2.2", - "@types/node": "^17.0.23", - "@types/shell-quote": "^1.7.1", - "@typescript-eslint/eslint-plugin": "^5.17.0", - "@typescript-eslint/parser": "^5.17.0", - "eslint": "^8.12.0", - "eslint-config-airbnb-base": "^15.0.0", - "eslint-config-prettier": "^8.5.0", - "eslint-plugin-import": "^2.25.4", - "eslint-plugin-prettier": "^4.0.0", - "install": "^0.13.0", - "nodemon": "^2.0.15", - "npm-run-all": "^4.1.5", - "pkg": "^5.5.2", - "prettier": "^2.6.1", - "typescript": "^4.6.3" + "@types/cookie-parser": "1.4.2", + "@types/csurf": "1.11.2", + "@types/express": "4.17.13", + "@types/express-fileupload": "1.2.2", + "@types/node": "17.0.23", + "@types/passport": "^1.0.7", + "@types/shell-quote": "1.7.1", + "@typescript-eslint/eslint-plugin": "5.17.0", + "@typescript-eslint/parser": "5.17.0", + "eslint": "8.12.0", + "eslint-config-airbnb-base": "15.0.0", + "eslint-config-prettier": "8.5.0", + "eslint-plugin-import": "2.25.4", + "eslint-plugin-prettier": "4.0.0", + "install": "0.13.0", + "nodemon": "2.0.15", + "npm-run-all": "4.1.5", + "pkg": "5.5.2", + "prettier": "2.6.1", + "typescript": "4.6.3" }, "scripts": { "build": "npm-run-all clean tsc copy-views", @@ -53,6 +57,7 @@ "repository": "https: //github.com/RosstheRoss/4951w-pendulum", "license": "MIT", "private": true, + "type": "module", "pkg": { "scripts": "dist/**/*.js", "assets": "dist/**/*" diff --git a/src/index.ts b/src/index.ts index 117f0f1..c4b346a 100644 --- a/src/index.ts +++ b/src/index.ts @@ -5,7 +5,12 @@ import rateLimit from 'express-rate-limit'; import helmet from 'helmet'; import path from 'path'; import { env } from 'process'; -import api from './routes/pendulum'; +import api from './routes/api.js'; +import saml from './routes/middleware/saml.js'; +import { dirname } from 'path'; +import { fileURLToPath } from 'url'; + +const __dirname = dirname(fileURLToPath(import.meta.url)); const app = express(); @@ -21,7 +26,7 @@ const csrf = csurf({ cookie: true }); // Rate limiting const rateLimiter = rateLimit({ windowMs: 1 * 60 * 1000, // 1 minute - max: 40, // Limit each IP to 40 requests per `window` (here, per 1 minutes) + max: 40, // Limit each IP to 40 requests per `window` (here, per 1 minute) standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers legacyHeaders: false, // Disable the `X-RateLimit-*` headers }); @@ -33,7 +38,7 @@ app.use('/api/v1/', api); /* RENDERING */ app.set('view engine', 'ejs'); // Add ejs as view engine -app.set('views', path.join(__dirname, 'views/pages')); // Set views directory (where the ejs lies) +app.set('views', path.join(__dirname, 'views/pages')); // Set views directory (where the ejs is) app.use('/public', express.static(path.join(__dirname, 'public'))); // Set static directory (where the static CSS/JS/images lie) /* ROUTING */ @@ -41,9 +46,12 @@ app.use('/public', express.static(path.join(__dirname, 'public'))); // Set stati app.get('/', csrf, (req: Request, res: Response) => { res.render('index', { csrfToken: req.csrfToken() }); }); -app.get('/about', csrf, (req: Request, res: Response) => { +app.get('/about', csrf, saml, (req: Request, res: Response) => { res.render('about'); }); +app.all('/login', csrf, (req: Request, res: Response) => { + res.redirect('/api/v1/login'); +}); // Start the server const port = env.PORT || 2000; diff --git a/src/public/js/form.js b/src/public/js/form.js index 1e9eaca..9823dcf 100644 --- a/src/public/js/form.js +++ b/src/public/js/form.js @@ -15,7 +15,7 @@ document.getElementById('upload').onsubmit = function () { document.getElementById('download-link').innerText = ''; // Make AJAX request let xhr = new XMLHttpRequest(); - xhr.open('POST', '/api/v1/upload'); + xhr.open('POST', '/api/v1/pendulum/upload'); let formData = new FormData(this); xhr.send(formData); xhr.onreadystatechange = function () { @@ -43,7 +43,7 @@ document.getElementById('upload').onsubmit = function () { // function actuate(file) { let xhr = new XMLHttpRequest(); - xhr.open('POST', '/api/v1/actuate'); + xhr.open('POST', '/api/v1/pendulum/actuate'); let data = { file: file.file, }; @@ -72,7 +72,10 @@ function createDownload(response) { const tempName = response.filename; const downloadName = response.name.split('.')[0]; const downloadLink = document.createElement('a'); - downloadLink.setAttribute('href', `/api/v1/download/?filename=${tempName}`); + downloadLink.setAttribute( + 'href', + `/api/v1/pendulum/download/?filename=${tempName}` + ); downloadLink.setAttribute('download', `${downloadName}.csv`); downloadLink.innerText = 'Download CSV of results here.'; document.getElementById('download-link').appendChild(downloadLink); diff --git a/src/routes/api.ts b/src/routes/api.ts new file mode 100644 index 0000000..6cb804c --- /dev/null +++ b/src/routes/api.ts @@ -0,0 +1,266 @@ +import { spawn } from 'child_process'; +import cookieParser from 'cookie-parser'; +import csurf from 'csurf'; +import express, { Request, Response } from 'express'; +import fileUpload, { UploadedFile } from 'express-fileupload'; +import { access, stat } from 'fs/promises'; +import { quote } from 'shell-quote'; + +/** + * The endpoint for the API calls involving file uploads and running the files on the pendulum. + */ +const api = express.Router(); + +// Use JSON parser for API requests and responses +api.use(express.json()); +// CSRF protection +api.use(cookieParser()); +const csrf = csurf({ cookie: true }); + +// For file uploads +api.use( + fileUpload({ + preserveExtension: true, // Preserve file extension on upload + safeFileNames: true, // Only allow alphanumeric characters in file names + limits: { fileSize: 1 * 1024 * 1024 }, // Limit file size to 1MB + useTempFiles: true, // Store files in temp instead of memory + tempFileDir: '/tmp/', // Store files in /tmp/ + debug: false, // Log debug information + }) +); + +/* + Upload a file to the server + POST /api/v1/upload + Parameters: + files: The file to upload + Returns: + 201: + { + "message": "File uploaded successfully", + "file": { + "name": "file.py", + "path": "/tmp/file-538126", + } + } + 400 when there is no file + 413 when the file is too large + 415 when the file's MIME type is not text/x-python or text/plain (WINDOWS WHY) + 500 for any other errors +*/ +api + .route('/upload') + .post(csrf, (req: Request, res: Response) => { + try { + // Check if anything was actually uploaded + if (!req.files || Object.keys(req.files).length === 0) + return res.status(400).json({ error: 'No file uploaded.' }); + + const file: UploadedFile = req.files.file as UploadedFile; // Kludge to prevent a compiler error, only one file gets uploaded so this should be fine + + // Check if the file is too large (see fileUpload.limits for the limit) + if (file.truncated) + return res.status(413).json({ error: 'File uploaded was too large.' }); + + // Check if the file is a python file + if (file.mimetype !== 'text/x-python' && file.mimetype !== 'text/plain') + return res + .status(415) + .json({ error: 'File uploaded was not a Python file.' }); + + res.status(201).json({ + file: { file: file.name, path: file.tempFilePath }, + msg: 'File uploaded successfully.', + csrf: req.csrfToken(), + }); + } catch (err) { + // Generic error handler + res.status(500).json({ + error: 'An unknown error occurred while uploading the file.', + error_msg: err, + }); + } + }) + // Fallback + .all(csrf, (req: Request, res: Response) => { + res.set('Allow', 'POST'); + res.status(405).json({ error: 'Method not allowed.' }); + }); + +/* + Actuate the pendulum + POST /api/v1/actuate + Parameters: + file: { + name: The name of the file to run, currently unused + path: The path to the uploaded file on the server, passed in from /api/v1/upload on the website + } + Returns: + 200: + { + "file": { + "name": "file.py", + "filename": "file-538126", + } + } + 400 for when the file passed in is not a regular file + 403 when the file is not accessible + 500: + { + "error": "Program exited with error code 1.", + "error_msg": "NameError: name 'sleep' is not defined", + } + + This route is probably a complete security nightmare. It allows anyone to run arbitrary Python code on the server. + + Minimizing PE vectors like running this as an extremely low privilege user is a must. + +*/ +api + .route('/actuate') + // Snyk error mitigation, should be fine since the rate limiting is already in place + // file deepcode ignore NoRateLimitingForExpensiveWebOperation: This is already rate limited by the website, so we don't need to do it again + .post(csrf, async (req: Request, res: Response) => { + try { + const path: string = req.body.file.path; + // Verify that the file exists and is a regular file + // Return if not since the res will be sent by the verifyFile function + if ((await verifyFile(path, res)) !== true) return; + + const escaped = quote([path]); + // Run the code + /* + TODO: + - Potentially add the limiter to one-per-person here + - Add a timeout + - Communicate to the machine to give up (the user as well), maybe just kill the process? + - Make this more secure + - HOW? + */ + // let output = ''; + let stderr = ''; + const actuation = spawn('python', escaped.split(' ')); + // actuation.stdout.on('data', (data: Buffer) => { + // output += data.toString(); + // }); + actuation.stderr.on('data', (data: Buffer) => { + stderr += `STDERR: ${data.toString()}`; + }); + actuation.on('close', (code: number) => { + const filename: string = (req.body.file.path as string) + .split('/') + .pop() as string; + // Make sure the program exited with a code of 0 (success) + if (code !== 0) + return res.status(500).json({ + error: `Program exited with exit code ${code}`, + error_msg: stderr, + file: { name: req.body.file.file, filename: filename }, + }); + return res + .status(200) + .json({ file: { name: req.body.file.file, filename: filename } }); + }); + // Kill the process if it takes too long + // Default timeout is 120 seconds (2 minutes) + setTimeout(() => { + actuation.kill(); + }, 120000); + } catch (err) { + // Generic error handler + return res.status(500).json({ + error: 'An unknown error occurred while running the file.', + error_msg: err, + }); + } + }) + // Fallback + .all(csrf, (req: Request, res: Response) => { + res.set('Allow', 'POST'); + return res.status(405).json({ error: 'Method not allowed.' }); + }); + +/* + Download the CSV file after running the pendulum + GET /api/v1/download + Parameters: + filename: The name of the file to download + Returns: + 200: (the CSV file) + 403 when someone is trying to do directory traversal + 404 when the file is not accessible or does not exist + 500 for any other errors +*/ +api + .route('/download') + .get(csrf, async (req: Request, res: Response) => { + const filename: string = req.query.filename as string; + if (!filename) + return res.status(400).json({ error: 'No filename specified.' }); + // Make sure no path traversal is attempted + // This regex matches all alphanumeric characters, underscores, and dashes. + // MAKE SURE THIS DOES NOT ALLOW PATH TRAVERSAL + if (!/^[\w-]+$/.test(filename)) + return res.status(403).json({ error: 'No.' }); + + const path = `/tmp/${filename}.csv`; + + // Verify that the file exists and is a regular file + // Return if not since the res will be sent by the verifyFile function + if ((await verifyFile(path, res)) !== true) return; + // Read the file and send it to the client + res.type('text/csv'); + // Snyk error mitigation, should be fine since tmp is private and the simple regex above should prevent path traversal + // deepcode ignore PT: This is probably mitigated by the regex + return res.sendFile(path); + }) + // Fallback + .all(csrf, (req: Request, res: Response) => { + res.set('Allow', 'GET'); + return res.status(405).json({ error: 'Method not allowed.' }); + }); + +/** + * Verify that the file exists and is a regular file so it can be sent to the user + * @param {string} file The path to the file + * @param {Response} res The Express response object, used if the file is not accessible + * @returns {Promise} `true` if the file exists and is a regular file,`false` otherwise + * + * `AFTER THIS POINT, THE API HAS ALREADY SENT A RESPONSE, SO THE FUNCTION THAT CALLED IT SHOULD NOT RETURN ANOTHER RESPONSE ` + */ +async function verifyFile(file: string, res: Response): Promise { + // Make sure the file being requested to run exists + try { + await access(file); + } catch (err) { + res + .status(404) + .json({ error: 'File is not accessible or does not exist.' }); + return false; + } + // This is a try catch because otherwise type checking will fail and get all messed up + // Handle your promise rejections, kids + try { + const stats = await stat(file); + // Make sure the file being requested to run is a regular file + if (!stats.isFile()) { + res.status(400).json({ error: 'File is not a regular file.' }); + return false; + } + // Make sure the file being requested to run is not a directory + else if (stats.isDirectory()) { + res.status(400).json({ error: 'File is a directory.' }); + return false; + } + + // File does exist and is a regular file, so it is good to go + return true; + } catch (err) { + res + .status(404) + .json({ error: 'File is not accessible or does not exist.' }); + return false; + } +} + +export default api; diff --git a/src/routes/middleware/saml.ts b/src/routes/middleware/saml.ts new file mode 100644 index 0000000..ad9d50d --- /dev/null +++ b/src/routes/middleware/saml.ts @@ -0,0 +1,13 @@ +import BasicAuthenticator from 'umn-shib-nodejs'; +import { Request, Response, NextFunction } from 'express'; + +const saml = function (req: Request, res: Response, next: NextFunction): void { + const authenticator = new BasicAuthenticator(req, res); + if (!authenticator.hasSession()) { + authenticator.redirectToLogin(); + next(); + } + next(); +}; + +export default saml; diff --git a/src/routes/pendulum.ts b/src/routes/pendulum.ts deleted file mode 100644 index 66ad594..0000000 --- a/src/routes/pendulum.ts +++ /dev/null @@ -1,266 +0,0 @@ -import { spawn } from 'child_process'; -import cookieParser from 'cookie-parser'; -import csurf from 'csurf'; -import express, { Request, Response } from 'express'; -import fileUpload, { UploadedFile } from 'express-fileupload'; -import { access, stat } from 'fs/promises'; -import { quote } from 'shell-quote'; - -/** - * The endpoint for the API calls involving file uploads and running the files on the pendulum. - */ -const api = express.Router(); - -// Use JSON parser for API requests and responses -api.use(express.json()); -// CSRF protection -api.use(cookieParser()); -const csrf = csurf({ cookie: true }); - -// For file uploads -api.use( - fileUpload({ - preserveExtension: true, // Preserve file extension on upload - safeFileNames: true, // Only allow alphanumeric characters in file names - limits: { fileSize: 1 * 1024 * 1024 }, // Limit file size to 1MB - useTempFiles: true, // Store files in temp instead of memory - tempFileDir: '/tmp/', // Store files in /tmp/ - debug: false, // Log debug information - }) -); - -/* - Upload a file to the server - POST /api/v1/upload - Parameters: - files: The file to upload - Returns: - 201: - { - "message": "File uploaded successfully", - "file": { - "name": "file.py", - "path": "/tmp/file-538126", - } - } - 400 when there is no file - 413 when the file is too large - 415 when the file's MIME type is not text/x-python or text/plain (WINDOWS WHY) - 500 for any other errors -*/ -api - .route('/upload') - .post(csrf, (req: Request, res: Response) => { - try { - // Check if anything was actually uploaded - if (!req.files || Object.keys(req.files).length === 0) - return res.status(400).json({ error: 'No file uploaded.' }); - - const file: UploadedFile = req.files.file as UploadedFile; // Kludge to prevent a compiler error, only one file gets uploaded so this should be fine - - // Check if the file is too large (see fileUpload.limits for the limit) - if (file.truncated) - return res.status(413).json({ error: 'File uploaded was too large.' }); - - // Check if the file is a python file - if (file.mimetype !== 'text/x-python' && file.mimetype !== 'text/plain') - return res - .status(415) - .json({ error: 'File uploaded was not a Python file.' }); - - res.status(201).json({ - file: { file: file.name, path: file.tempFilePath }, - msg: 'File uploaded successfully.', - csrf: req.csrfToken(), - }); - } catch (err) { - // Generic error handler - res.status(500).json({ - error: 'An unknown error occurred while uploading the file.', - error_msg: err, - }); - } - }) - // Fallback - .all(csrf, (req: Request, res: Response) => { - res.set('Allow', 'POST'); - res.status(405).json({ error: 'Method not allowed.' }); - }); - -/* - Actuate the pendulum - POST /api/v1/actuate - Parameters: - file: { - name: The name of the file to run, currently unused - path: The path to the uploaded file on the server, passed in from /api/v1/upload on the website - } - Returns: - 200: - { - "file": { - "name": "file.py", - "filename": "file-538126", - } - } - 400 for when the file passed in is not a regular file - 403 when the file is not accessible - 500: - { - "error": "Program exited with error code 1.", - "error_msg": "NameError: name 'sleep' is not defined", - } - - This route is probably a complete security nightmare. It allows anyone to run arbitrary Python code on the server. - - Minimizing PE vectors like running this as an extremely low privilege user is a must. - -*/ -api - .route('/actuate') - // Snyk error mitigation, should be fine since the rate limiting is already in place - // file deepcode ignore NoRateLimitingForExpensiveWebOperation: This is already rate limited by the website, so we don't need to do it again - .post(csrf, async (req: Request, res: Response) => { - try { - const path: string = req.body.file.path; - // Verify that the file exists and is a regular file - // Return if not since the res will be sent by the verifyFile function - if ((await verifyFile(path, res)) !== true) return; - - const escaped = quote([path]); - // Run the code - /* - TODO: - - Potentially add the limiter to one-per-person here - - Add a timeout - - Communicate to the machine to give up (the user as well), maybe just kill the process? - - Make this more secure - - HOW? - */ - // let output = ''; - let stderr = ''; - const actuation = spawn('python', escaped.split(' ')); - // actuation.stdout.on('data', (data: Buffer) => { - // output += data.toString(); - // }); - actuation.stderr.on('data', (data: Buffer) => { - stderr += `STDERR: ${data.toString()}`; - }); - actuation.on('close', (code: number) => { - const filename: string = (req.body.file.path as string) - .split('/') - .pop() as string; - // Make sure the program exited with a code of 0 (success) - if (code !== 0) - return res.status(500).json({ - error: `Program exited with exit code ${code}`, - error_msg: stderr, - file: { name: req.body.file.file, filename: filename }, - }); - return res - .status(200) - .json({ file: { name: req.body.file.file, filename: filename } }); - }); - // Kill the process if it takes too long - // Default timeout is 120 seconds (2 minutes) - setTimeout(() => { - actuation.kill(); - }, 120000); - } catch (err) { - // Generic error handler - return res.status(500).json({ - error: 'An unknown error occurred while running the file.', - error_msg: err, - }); - } - }) - // Fallback - .all(csrf, (req: Request, res: Response) => { - res.set('Allow', 'POST'); - return res.status(405).json({ error: 'Method not allowed.' }); - }); - -/* - Download the CSV file after running the pendulum - GET /api/v1/download - Parameters: - filename: The name of the file to download - Returns: - 200: (the CSV file) - 403 when someone is trying to do directory traversal - 404 when the file is not accessible or does not exist - 500 for any other errors -*/ -api - .route('/download') - .get(csrf, async (req: Request, res: Response) => { - const filename: string = req.query.filename as string; - if (!filename) - return res.status(400).json({ error: 'No filename specified.' }); - // Make sure no path traversal is attempted - // This regex matches all alphanumeric characters, underscores, and dashes. - // MAKE SURE THIS DOES NOT ALLOW PATH TRAVERSAL - if (!/^[\w-]+$/.test(filename)) - return res.status(403).json({ error: 'No.' }); - - const path = `/tmp/${filename}.csv`; - - // Verify that the file exists and is a regular file - // Return if not since the res will be sent by the verifyFile function - if ((await verifyFile(path, res)) !== true) return; - // Read the file and send it to the client - res.type('text/csv'); - // Snyk error mitigation, should be fine since tmp is private and the simple regex above should prevent path traversal - // deepcode ignore PT: This is probably mitigated by the regex - return res.sendFile(path); - }) - // Fallback - .all(csrf, (req: Request, res: Response) => { - res.set('Allow', 'GET'); - return res.status(405).json({ error: 'Method not allowed.' }); - }); - -/** - * Verify that the file exists and is a regular file so it can be sent to the user - * @param file The path to the file - * @param res The Express response object, used if the file is not accessible - * @returns `true` if the file exists and is a regular file,`false` otherwise - * - * `AFTER THIS POINT, THE API HAS ALREADY SENT A RESPONSE, SO THE FUNCTION THAT CALLED IT SHOULD NOT RETURN ANOTHER RESPONSE ` - */ -async function verifyFile(file: string, res: Response) { - // Make sure the file being requested to run exists - try { - await access(file); - } catch (err) { - res - .status(404) - .json({ error: 'File is not accessible or does not exist.' }); - return false; - } - // This is a try catch because otherwise type checking will fail and get all messed up - // Handle your promise rejections, kids - try { - const stats = await stat(file); - // Make sure the file being requested to run is a regular file - if (!stats.isFile()) { - res.status(400).json({ error: 'File is not a regular file.' }); - return false; - } - // Make sure the file being requested to run is not a directory - else if (stats.isDirectory()) { - res.status(400).json({ error: 'File is a directory.' }); - return false; - } - - // File does exist and is a regular file, so it is good to go - return true; - } catch (err) { - res - .status(404) - .json({ error: 'File is not accessible or does not exist.' }); - return false; - } -} - -export default api; diff --git a/tsconfig.json b/tsconfig.json index 006f26d..5cff2d2 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -21,7 +21,7 @@ // "noLib": true, /* Disable including any library files, including the default lib.d.ts. */ // "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */ /* Modules */ - "module": "commonjs" /* Specify what module code is generated. */, + "module": "esnext" /* Specify what module code is generated. */, // "rootDir": "./", /* Specify the root folder within your source files. */ "moduleResolution": "node" /* Specify how TypeScript looks up a file from a given module specifier. */, // "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */ diff --git a/yarn.lock b/yarn.lock index 3144f93..c20c589 100644 --- a/yarn.lock +++ b/yarn.lock @@ -36,9 +36,9 @@ strip-json-comments "^3.1.1" "@humanwhocodes/config-array@^0.9.2": - version "0.9.3" - resolved "https://registry.yarnpkg.com/@humanwhocodes/config-array/-/config-array-0.9.3.tgz#f2564c744b387775b436418491f15fce6601f63e" - integrity sha512-3xSMlXHh03hCcCmFc0rbKp3Ivt2PFEJnQUJDDMTJQ2wkECZWdq4GePs2ctc5H8zV+cHPaq8k2vU8mrQjA6iHdQ== + version "0.9.5" + resolved "https://registry.yarnpkg.com/@humanwhocodes/config-array/-/config-array-0.9.5.tgz#2cbaf9a89460da24b5ca6531b8bbfc23e1df50c7" + integrity sha512-ObyMyWxZiCu/yTisA7uzx81s40xR2fD5Cg/2Kq7G02ajkNubJf6BopgDTmDyc3U7sXpNKM8cYOw7s7Tyr+DnCw== dependencies: "@humanwhocodes/object-schema" "^1.2.1" debug "^4.1.1" @@ -104,21 +104,21 @@ dependencies: "@types/node" "*" -"@types/cookie-parser@^1.4.2": +"@types/cookie-parser@1.4.2": version "1.4.2" resolved "https://registry.yarnpkg.com/@types/cookie-parser/-/cookie-parser-1.4.2.tgz#e4d5c5ffda82b80672a88a4281aaceefb1bd9df5" integrity sha512-uwcY8m6SDQqciHsqcKDGbo10GdasYsPCYkH3hVegj9qAah6pX5HivOnOuI3WYmyQMnOATV39zv/Ybs0bC/6iVg== dependencies: "@types/express" "*" -"@types/csurf@^1.11.2": +"@types/csurf@1.11.2": version "1.11.2" resolved "https://registry.yarnpkg.com/@types/csurf/-/csurf-1.11.2.tgz#c1cba70f7af653c508b28db047e6c1be72411345" integrity sha512-9bc98EnwmC1S0aSJiA8rWwXtgXtXHHOQOsGHptImxFgqm6CeH+mIOunHRg6+/eg2tlmDMX3tY7XrWxo2M/nUNQ== dependencies: "@types/express-serve-static-core" "*" -"@types/express-fileupload@^1.2.2": +"@types/express-fileupload@1.2.2": version "1.2.2" resolved "https://registry.yarnpkg.com/@types/express-fileupload/-/express-fileupload-1.2.2.tgz#98c10e900c222744bba16c848505a1fa95ab3ff0" integrity sha512-sWU1EVFfLsdAginKVrkwTRbRPnbn7dawxEFEBgaRDcpNFCUuksZtASaAKEhqwEIg6fSdeTyI6dIUGl3thhrypg== @@ -135,7 +135,7 @@ "@types/qs" "*" "@types/range-parser" "*" -"@types/express@*", "@types/express@^4.17.13": +"@types/express@*", "@types/express@4.17.13": version "4.17.13" resolved "https://registry.yarnpkg.com/@types/express/-/express-4.17.13.tgz#a76e2995728999bab51a33fabce1d705a3709034" integrity sha512-6bSZTPaTIACxn48l50SR+axgrqm6qXFIxrdAKaG6PaJk3+zuUr35hBlgT7vOmJcum+OEaIBLtHV/qloEAFITeA== @@ -146,9 +146,9 @@ "@types/serve-static" "*" "@types/json-schema@^7.0.9": - version "7.0.9" - resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.9.tgz#97edc9037ea0c38585320b28964dde3b39e4660d" - integrity sha512-qcUXuemtEu+E5wZSJHNxUXeCZhAfXKQ41D+duX+VYPde7xyEVZci+/oXKJL13tnRs9lR2pr4fod59GT6/X1/yQ== + version "7.0.11" + resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.11.tgz#d421b6c527a3037f7c84433fd2c4229e016863d3" + integrity sha512-wOuvG1SN4Us4rez+tylwwwCV1psiNVOkJeM3AUWUNWg/jDQY2+HE/444y5gc+jBmRqASOm2Oeh5c1axHobwRKQ== "@types/json5@^0.0.29": version "0.0.29" @@ -160,11 +160,18 @@ resolved "https://registry.yarnpkg.com/@types/mime/-/mime-1.3.2.tgz#93e25bf9ee75fe0fd80b594bc4feb0e862111b5a" integrity sha512-YATxVxgRqNH6nHEIsvg6k2Boc1JHI9ZbH5iWFFv/MTkchz3b1ieGDa5T0a9RznNdI0KhVbdbWSN+KWWrQZRxTw== -"@types/node@*", "@types/node@^17.0.23": +"@types/node@*", "@types/node@17.0.23": version "17.0.23" resolved "https://registry.yarnpkg.com/@types/node/-/node-17.0.23.tgz#3b41a6e643589ac6442bdbd7a4a3ded62f33f7da" integrity sha512-UxDxWn7dl97rKVeVS61vErvw086aCYhDLyvRQZ5Rk65rZKepaFdm53GeqXaKBuOhED4e9uWq34IC3TdSdJJ2Gw== +"@types/passport@^1.0.7": + version "1.0.7" + resolved "https://registry.yarnpkg.com/@types/passport/-/passport-1.0.7.tgz#85892f14932168158c86aecafd06b12f5439467a" + integrity sha512-JtswU8N3kxBYgo+n9of7C97YQBT+AYPP2aBfNGTzABqPAZnK/WOAaKfh3XesUYMZRrXFuoPc2Hv0/G/nQFveHw== + dependencies: + "@types/express" "*" + "@types/qs@*": version "6.9.7" resolved "https://registry.yarnpkg.com/@types/qs/-/qs-6.9.7.tgz#63bb7d067db107cc1e457c303bc25d511febf6cb" @@ -183,12 +190,12 @@ "@types/mime" "^1" "@types/node" "*" -"@types/shell-quote@^1.7.1": +"@types/shell-quote@1.7.1": version "1.7.1" resolved "https://registry.yarnpkg.com/@types/shell-quote/-/shell-quote-1.7.1.tgz#2d059091214a02c29f003f591032172b2aff77e8" integrity sha512-SWZ2Nom1pkyXCDohRSrkSKvDh8QOG9RfAsrt5/NsPQC4UQJ55eG0qClA40I+Gkez4KTQ0uDUT8ELRXThf3J5jw== -"@typescript-eslint/eslint-plugin@^5.17.0": +"@typescript-eslint/eslint-plugin@5.17.0": version "5.17.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.17.0.tgz#704eb4e75039000531255672bf1c85ee85cf1d67" integrity sha512-qVstvQilEd89HJk3qcbKt/zZrfBZ+9h2ynpAGlWjWiizA7m/MtLT9RoX6gjtpE500vfIg8jogAkDzdCxbsFASQ== @@ -203,7 +210,7 @@ semver "^7.3.5" tsutils "^3.21.0" -"@typescript-eslint/parser@^5.17.0": +"@typescript-eslint/parser@5.17.0": version "5.17.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/parser/-/parser-5.17.0.tgz#7def77d5bcd8458d12d52909118cf3f0a45f89d5" integrity sha512-aRzW9Jg5Rlj2t2/crzhA2f23SIYFlF9mchGudyP0uiD6SenIxzKoLjwzHbafgHn39dNV/TV7xwQkLfFTZlJ4ig== @@ -268,6 +275,11 @@ "@typescript-eslint/types" "5.17.0" eslint-visitor-keys "^3.0.0" +"@xmldom/xmldom@^0.7.0", "@xmldom/xmldom@^0.7.5": + version "0.7.5" + resolved "https://registry.yarnpkg.com/@xmldom/xmldom/-/xmldom-0.7.5.tgz#09fa51e356d07d0be200642b0e4f91d8e6dd408d" + integrity sha512-V3BIhmY36fXZ1OtVcI9W+FxQqxVLsPKcNjWigIaa81dLC9IolJl5Mt4Cvhmr0flUnjSpTdrbMTSbXqYqV5dT6A== + abbrev@1: version "1.1.1" resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.1.1.tgz#f8f2c887ad10bf67f634f005b6987fed3179aac8" @@ -467,7 +479,7 @@ brace-expansion@^1.1.7: balanced-match "^1.0.0" concat-map "0.0.1" -braces@^3.0.1, braces@~3.0.2: +braces@^3.0.2, braces@~3.0.2: version "3.0.2" resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107" integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A== @@ -525,7 +537,7 @@ camelcase@^6.2.0: resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-6.3.0.tgz#5685b95eb209ac9c0c177467778c9c84df58ba9a" integrity sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA== -chalk@^2.4.1, chalk@^2.4.2: +chalk@^2.4.1: version "2.4.2" resolved "https://registry.yarnpkg.com/chalk/-/chalk-2.4.2.tgz#cd42541677a54333cf541a49108c1432b44c9424" integrity sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ== @@ -534,7 +546,7 @@ chalk@^2.4.1, chalk@^2.4.2: escape-string-regexp "^1.0.5" supports-color "^5.3.0" -chalk@^4.0.0, chalk@^4.1.0, chalk@^4.1.2: +chalk@^4.0.0, chalk@^4.0.2, chalk@^4.1.0, chalk@^4.1.2: version "4.1.2" resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.2.tgz#aac4e2b7734a740867aeb16bf02aad556a1e7a01" integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA== @@ -656,7 +668,7 @@ content-type@~1.0.4: resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.4.tgz#e138cc75e040c727b1966fe5e5f8c9aee256fe3b" integrity sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA== -cookie-parser@^1.4.6: +cookie-parser@1.4.6: version "1.4.6" resolved "https://registry.yarnpkg.com/cookie-parser/-/cookie-parser-1.4.6.tgz#3ac3a7d35a7a03bbc7e365073a26074824214594" integrity sha512-z3IzaNjdwUC2olLIB5/ITd0/setiaFMLYiZJle7xg5Fe9KWAceil7xszYfHHBtDFYLSgJduS2Ty0P1uJdPDJeA== @@ -723,7 +735,7 @@ csrf@3.1.0: tsscmp "1.0.6" uid-safe "2.1.5" -csurf@^1.11.0: +csurf@1.11.0: version "1.11.0" resolved "https://registry.yarnpkg.com/csurf/-/csurf-1.11.0.tgz#ab0c3c6634634192bd3d6f4b861be20800eeb61a" integrity sha512-UCtehyEExKTxgiu8UHdGvHj4tnpE/Qctue03Giq5gPgMQ9cg/ciod5blZQ5a4uCEenNQjxyGuzygLdKUmee/bQ== @@ -741,9 +753,9 @@ debug@2.6.9, debug@^2.6.9: ms "2.0.0" debug@4, debug@^4.1.1, debug@^4.3.2: - version "4.3.3" - resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.3.tgz#04266e0b70a98d4462e6e288e38259213332b664" - integrity sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q== + version "4.3.4" + resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865" + integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ== dependencies: ms "2.1.2" @@ -855,7 +867,7 @@ ee-first@1.1.1: resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0= -ejs@^3.1.6: +ejs@3.1.6: version "3.1.6" resolved "https://registry.yarnpkg.com/ejs/-/ejs-3.1.6.tgz#5bfd0a0689743bb5268b3550cceeebbc1702822a" integrity sha512-9lt9Zse4hPucPkoP7FHDF0LQAlGyF9JVpnClFLFH3aSSbxmyoqINRpp/9wePWJTUl4KOQwRL72Iw3InHPDkoGw== @@ -887,9 +899,9 @@ error-ex@^1.3.1: is-arrayish "^0.2.1" es-abstract@^1.19.0, es-abstract@^1.19.1: - version "1.19.1" - resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.19.1.tgz#d4885796876916959de78edaa0df456627115ec3" - integrity sha512-2vJ6tjA/UfqLm2MPs7jxVybLoB8i1t1Jd9R3kISld20sIxPcTbLuggQOUxeWeAvIUkduv/CfMjuh4WmiXr2v9w== + version "1.19.2" + resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.19.2.tgz#8f7b696d8f15b167ae3640b4060670f3d054143f" + integrity sha512-gfSBJoZdlL2xRiOCy0g8gLMryhoe1TlimjzU99L/31Z8QEGIhVQI+EWwt5lT+AuU9SnorVupXFqqOGqGfsyO6w== dependencies: call-bind "^1.0.2" es-to-primitive "^1.2.1" @@ -897,15 +909,15 @@ es-abstract@^1.19.0, es-abstract@^1.19.1: get-intrinsic "^1.1.1" get-symbol-description "^1.0.0" has "^1.0.3" - has-symbols "^1.0.2" + has-symbols "^1.0.3" internal-slot "^1.0.3" is-callable "^1.2.4" - is-negative-zero "^2.0.1" + is-negative-zero "^2.0.2" is-regex "^1.1.4" is-shared-array-buffer "^1.0.1" is-string "^1.0.7" - is-weakref "^1.0.1" - object-inspect "^1.11.0" + is-weakref "^1.0.2" + object-inspect "^1.12.0" object-keys "^1.1.1" object.assign "^4.1.2" string.prototype.trimend "^1.0.4" @@ -931,7 +943,7 @@ escape-goat@^2.0.0: resolved "https://registry.yarnpkg.com/escape-goat/-/escape-goat-2.1.1.tgz#1b2dc77003676c457ec760b2dc68edb648188675" integrity sha512-8/uIhbG12Csjy2JEW7D9pHbreaVaS/OpN3ycnyvElTdwM5n6GY6W6e2IPemfvGZeUMqZ9A/3GqIZMgKnBhAw/Q== -escape-html@~1.0.3: +escape-html@^1.0.3, escape-html@~1.0.3: version "1.0.3" resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" integrity sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg= @@ -958,7 +970,7 @@ escodegen@^2.0.0: optionalDependencies: source-map "~0.6.1" -eslint-config-airbnb-base@^15.0.0: +eslint-config-airbnb-base@15.0.0: version "15.0.0" resolved "https://registry.yarnpkg.com/eslint-config-airbnb-base/-/eslint-config-airbnb-base-15.0.0.tgz#6b09add90ac79c2f8d723a2580e07f3925afd236" integrity sha512-xaX3z4ZZIcFLvh2oUNvcX5oEofXda7giYmuplVxoOg5A7EXJMrUyqRgR+mhDhPK8LZ4PttFOBvCYDbX3sUoUig== @@ -968,7 +980,7 @@ eslint-config-airbnb-base@^15.0.0: object.entries "^1.1.5" semver "^6.3.0" -eslint-config-prettier@^8.5.0: +eslint-config-prettier@8.5.0: version "8.5.0" resolved "https://registry.yarnpkg.com/eslint-config-prettier/-/eslint-config-prettier-8.5.0.tgz#5a81680ec934beca02c7b1a61cf8ca34b66feab1" integrity sha512-obmWKLUNCnhtQRKc+tmnYuQl0pFU1ibYJQ5BGhTVB08bHe9wC8qUeG7c08dj9XX+AuPj1YSGSQIHl1pnDHZR0Q== @@ -989,7 +1001,7 @@ eslint-module-utils@^2.7.2: debug "^3.2.7" find-up "^2.1.0" -eslint-plugin-import@^2.25.4: +eslint-plugin-import@2.25.4: version "2.25.4" resolved "https://registry.yarnpkg.com/eslint-plugin-import/-/eslint-plugin-import-2.25.4.tgz#322f3f916a4e9e991ac7af32032c25ce313209f1" integrity sha512-/KJBASVFxpu0xg1kIBn9AUa8hQVnszpwgE7Ld0lKAlx7Ie87yzEzCgSkekt+le/YVhiaosO4Y14GDAOc41nfxA== @@ -1008,7 +1020,7 @@ eslint-plugin-import@^2.25.4: resolve "^1.20.0" tsconfig-paths "^3.12.0" -eslint-plugin-prettier@^4.0.0: +eslint-plugin-prettier@4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/eslint-plugin-prettier/-/eslint-plugin-prettier-4.0.0.tgz#8b99d1e4b8b24a762472b4567992023619cb98e0" integrity sha512-98MqmCJ7vJodoQK359bqQWaxOE0CS8paAz/GgjaZLyex4TTk3g9HugoO89EqWCrFiOqn9EVvcoo7gZzONCWVwQ== @@ -1048,7 +1060,7 @@ eslint-visitor-keys@^3.0.0, eslint-visitor-keys@^3.3.0: resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz#f6480fa6b1f30efe2d1968aa8ac745b862469826" integrity sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA== -eslint@^8.12.0: +eslint@8.12.0: version "8.12.0" resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.12.0.tgz#c7a5bd1cfa09079aae64c9076c07eada66a46e8e" integrity sha512-it1oBL9alZg1S8UycLm5YDMAkIhtH6FtAzuZs6YvoGVldWjbS08BkAdb/ymP9LlAyq8koANu32U7Ib/w+UNh8Q== @@ -1142,19 +1154,19 @@ expand-template@^2.0.3: resolved "https://registry.yarnpkg.com/expand-template/-/expand-template-2.0.3.tgz#6e14b3fcee0f3a6340ecb57d2e8918692052a47c" integrity sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg== -express-fileupload@^1.3.1: +express-fileupload@1.3.1: version "1.3.1" resolved "https://registry.yarnpkg.com/express-fileupload/-/express-fileupload-1.3.1.tgz#3238472def305b8cb4cc5936a953761d0c442011" integrity sha512-LD1yabD3exmWIFujKGDnT1rmxSomaqQSlUvzIsrA1ZgwCJ6ci7lg2YHFGM3Q6DfK+Yk0gAVU7GWLE7qDMwZLkw== dependencies: busboy "^0.3.1" -express-rate-limit@^6.3.0: +express-rate-limit@6.3.0: version "6.3.0" resolved "https://registry.yarnpkg.com/express-rate-limit/-/express-rate-limit-6.3.0.tgz#253387ce4d36c9c2cc77c7c676068deb36cc0821" integrity sha512-932Io1VGKjM3ppi7xW9sb1J5nVkEJSUiOtHw2oE+JyHks1e+AXuOBSXbJKM0mcXwEnW1TibJibQ455Ow1YFjfg== -express@^4.17.3: +express@4.17.3: version "4.17.3" resolved "https://registry.yarnpkg.com/express/-/express-4.17.3.tgz#f6c7302194a4fb54271b73a1fe7a06478c8f85a1" integrity sha512-yuSQpz5I+Ch7gFrPCk4/c+dIBKlQUxtgwqzph132bsT6qhuzss6I8cLJQz7B3rFblzd6wtcI0ZbGltH/C4LjUg== @@ -1424,9 +1436,9 @@ global-dirs@^3.0.0: ini "2.0.0" globals@^13.6.0, globals@^13.9.0: - version "13.12.1" - resolved "https://registry.yarnpkg.com/globals/-/globals-13.12.1.tgz#ec206be932e6c77236677127577aa8e50bf1c5cb" - integrity sha512-317dFlgY2pdJZ9rspXDks7073GpDmXdfbM3vYYp0HAMKGDh1FfWPleI2ljVNLQX5M5lXcAslTcPTrOrMEFOjyw== + version "13.13.0" + resolved "https://registry.yarnpkg.com/globals/-/globals-13.13.0.tgz#ac32261060d8070e2719dd6998406e27d2b5727b" + integrity sha512-EQ7Q18AJlPwp3vUDL4mKA0KXrXyNIQyWon6T6XQiBQF0XHvRsiCSrWmmeATpUzdJN2HhWZU6Pdl0a9zdep5p6A== dependencies: type-fest "^0.20.2" @@ -1479,10 +1491,10 @@ has-flag@^4.0.0: resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-4.0.0.tgz#944771fd9c81c81265c4d6941860da06bb59479b" integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ== -has-symbols@^1.0.1, has-symbols@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.2.tgz#165d3070c00309752a1236a479331e3ac56f1423" - integrity sha512-chXa79rL/UC2KlX17jo3vRGz0azaWEx5tGqZg5pO3NUyEJVB17dMruQlzCCOfUvElghKcm5194+BCRvi2Rv/Gw== +has-symbols@^1.0.1, has-symbols@^1.0.2, has-symbols@^1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.3.tgz#bb7b2c4349251dce87b125f7bdf874aa7c8b39f8" + integrity sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A== has-tostringtag@^1.0.0: version "1.0.0" @@ -1508,7 +1520,7 @@ has@^1.0.3: dependencies: function-bind "^1.1.1" -helmet@^5.0.2: +helmet@5.0.2: version "5.0.2" resolved "https://registry.yarnpkg.com/helmet/-/helmet-5.0.2.tgz#3264ec6bab96c82deaf65e3403c369424cb2366c" integrity sha512-QWlwUZZ8BtlvwYVTSDTBChGf8EOcQ2LkGMnQJxSzD1mUu8CCjXJZq/BXP8eWw4kikRnzlhtYo3lCk0ucmYA3Vg== @@ -1616,7 +1628,7 @@ ini@~1.3.0: resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c" integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew== -install@^0.13.0: +install@0.13.0: version "0.13.0" resolved "https://registry.yarnpkg.com/install/-/install-0.13.0.tgz#6af6e9da9dd0987de2ab420f78e60d9c17260776" integrity sha512-zDml/jzr2PKU9I8J/xyZBQn8rPCAY//UOYNmR01XwNwyfhEWObo2SWfSl1+0tm1u6PhxLwDnfsT/6jB7OUxqFA== @@ -1728,7 +1740,7 @@ is-installed-globally@^0.4.0: global-dirs "^3.0.0" is-path-inside "^3.0.2" -is-negative-zero@^2.0.1: +is-negative-zero@^2.0.2: version "2.0.2" resolved "https://registry.yarnpkg.com/is-negative-zero/-/is-negative-zero-2.0.2.tgz#7bf6f03a28003b8b3965de3ac26f664d765f3150" integrity sha512-dqJvarLawXsFbNDeJW7zAz8ItJ9cd28YufuuFzh0G8pNHjJMnY08Dv7sYX2uF5UpQOwieAeOExEYAWWfu7ZZUA== @@ -1792,7 +1804,7 @@ is-typedarray@^1.0.0: resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" integrity sha1-5HnICFjfDBsR3dppQPlgEfzaSpo= -is-weakref@^1.0.1: +is-weakref@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/is-weakref/-/is-weakref-1.0.2.tgz#9529f383a9338205e89765e0392efc2f100f06f2" integrity sha512-qctsuLZmIQ0+vSSMfoVvyFe2+GSEvnmZ2ezTup1SBse9+twCCeial6EEi3Nc2KFcf6+qz2FBPnjXsk8xhKSaPQ== @@ -1815,12 +1827,12 @@ isexe@^2.0.0: integrity sha1-6PvzdNxVb/iUehDcsFctYz8s+hA= jake@^10.6.1: - version "10.8.2" - resolved "https://registry.yarnpkg.com/jake/-/jake-10.8.2.tgz#ebc9de8558160a66d82d0eadc6a2e58fbc500a7b" - integrity sha512-eLpKyrfG3mzvGE2Du8VoPbeSkRry093+tyNjdYaBbJS9v17knImYGNXQCUV0gLxQtF82m3E8iRb/wdSQZLoq7A== + version "10.8.4" + resolved "https://registry.yarnpkg.com/jake/-/jake-10.8.4.tgz#f6a8b7bf90c6306f768aa82bb7b98bf4ca15e84a" + integrity sha512-MtWeTkl1qGsWUtbl/Jsca/8xSoK3x0UmS82sNbjqxxG/de/M/3b1DntdjHgPMC50enlTNwXOCRqPXLLt5cCfZA== dependencies: async "0.9.x" - chalk "^2.4.2" + chalk "^4.0.2" filelist "^1.0.1" minimatch "^3.0.4" @@ -1970,24 +1982,24 @@ methods@~1.1.2: integrity sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4= micromatch@^4.0.4: - version "4.0.4" - resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.4.tgz#896d519dfe9db25fce94ceb7a500919bf881ebf9" - integrity sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg== + version "4.0.5" + resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.5.tgz#bc8999a7cbbf77cdc89f132f6e467051b49090c6" + integrity sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA== dependencies: - braces "^3.0.1" - picomatch "^2.2.3" + braces "^3.0.2" + picomatch "^2.3.1" -mime-db@1.51.0: - version "1.51.0" - resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.51.0.tgz#d9ff62451859b18342d960850dc3cfb77e63fb0c" - integrity sha512-5y8A56jg7XVQx2mbv1lu49NR4dokRnhZYTtL+KGfaa27uq4pSTXkwQkFJl4pkRMyNFz/EtYDSkiiEHx3F7UN6g== +mime-db@1.52.0: + version "1.52.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.52.0.tgz#bbabcdc02859f4987301c856e3387ce5ec43bf70" + integrity sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg== mime-types@~2.1.24, mime-types@~2.1.34: - version "2.1.34" - resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.34.tgz#5a712f9ec1503511a945803640fafe09d3793c24" - integrity sha512-6cP692WwGIs9XXdOO4++N+7qjqv0rqxxVvJ3VHPh/Sc9mVZcQP+ZGhkKiTvWMQRr2tbHkJP/Yn7Y0npb3ZBs4A== + version "2.1.35" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.35.tgz#381a871b62a734450660ae3deee44813f70d959a" + integrity sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw== dependencies: - mime-db "1.51.0" + mime-db "1.52.0" mime@1.6.0: version "1.6.0" @@ -2005,13 +2017,13 @@ mimic-response@^2.0.0: integrity sha512-wXqjST+SLt7R009ySCglWBCFpjUygmCIfD790/kVbiGmUgfYGuB14PiTd5DwVxSV4NcYHjzMkoj5LjQZwTQLEA== minimatch@^3.0.4: - version "3.0.5" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.5.tgz#4da8f1290ee0f0f8e83d60ca69f8f134068604a3" - integrity sha512-tUpxzX0VAzJHjLu0xUfFv1gwVp9ba3IOuRAVH2EGuRW8a5emA2FlACLqiT/lDVtS1W+TGNwqz3sWaNyLgDJWuw== + version "3.1.2" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b" + integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw== dependencies: brace-expansion "^1.1.7" -minimist@^1.2.0, minimist@^1.2.3, minimist@^1.2.5: +minimist@^1.2.0, minimist@^1.2.3, minimist@^1.2.5, minimist@^1.2.6: version "1.2.6" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.6.tgz#8637a5b759ea0d6e98702cfb3a9283323c93af44" integrity sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q== @@ -2078,7 +2090,7 @@ node-fetch@^2.6.6: dependencies: whatwg-url "^5.0.0" -nodemon@^2.0.15: +nodemon@2.0.15: version "2.0.15" resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-2.0.15.tgz#504516ce3b43d9dc9a955ccd9ec57550a31a8d4e" integrity sha512-gdHMNx47Gw7b3kWxJV64NI+Q5nfl0y5DgDbiVtShiwa7Z0IZ07Ll4RLFo6AjrhzMtoEZn5PDE3/c2AbVsiCkpA== @@ -2121,7 +2133,7 @@ normalize-url@^4.1.0: resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-4.5.1.tgz#0dd90cf1288ee1d1313b87081c9a5932ee48518a" integrity sha512-9UZCFRHQdNrfTpGg8+1INIg93B6zE0aXMVFkw1WFwvO4SlZywU6aLg5Of0Ap/PgcbSw4LNxvMWXMeugwMCX0AA== -npm-run-all@^4.1.5: +npm-run-all@4.1.5: version "4.1.5" resolved "https://registry.yarnpkg.com/npm-run-all/-/npm-run-all-4.1.5.tgz#04476202a15ee0e2e214080861bff12a51d98fba" integrity sha512-Oo82gJDAVcaMdi3nuoKFavkIHBRVqQ1qvMb+9LHk/cF4P6B2m8aP04hGf7oL6wZ9BuGwX1onlLhpuoofSyoQDQ== @@ -2156,7 +2168,7 @@ object-assign@^4.1.0: resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" integrity sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM= -object-inspect@^1.11.0, object-inspect@^1.9.0: +object-inspect@^1.12.0, object-inspect@^1.9.0: version "1.12.0" resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.12.0.tgz#6e2c120e868fd1fd18cb4f18c31741d0d6e776f0" integrity sha512-Ho2z80bVIvJloH+YzRmpZVQe87+qASmBUKZDWgx9cu+KDrX2ZDH/3tMy+gXbZETVGs2M8YdxObOh7XAtim9Y0g== @@ -2291,6 +2303,32 @@ parseurl@~1.3.3: resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.3.tgz#9da19e7bee8d12dff0513ed5b76957793bc2e8d4" integrity sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ== +passport-saml@3.2.1: + version "3.2.1" + resolved "https://registry.yarnpkg.com/passport-saml/-/passport-saml-3.2.1.tgz#c489a61a4c2dd93ddec1d53952a595b9f33e15e8" + integrity sha512-Y8aD94B6MTLht57BlBrDauEgvtWjuSeINKk7NadXlpT/OBmsoGGYPpb0FJeBtdyGX4GEbZARAkxvBEqsL8E7XQ== + dependencies: + "@xmldom/xmldom" "^0.7.5" + debug "^4.3.2" + passport-strategy "^1.0.0" + xml-crypto "^2.1.3" + xml-encryption "^2.0.0" + xml2js "^0.4.23" + xmlbuilder "^15.1.1" + +passport-strategy@1.x.x, passport-strategy@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" + integrity sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ= + +passport@^0.5.2: + version "0.5.2" + resolved "https://registry.yarnpkg.com/passport/-/passport-0.5.2.tgz#0cb38dd8a71552c8390dfa6a9a6f7f3909954bcf" + integrity sha512-w9n/Ot5I7orGD4y+7V3EFJCQEznE5RxHamUxcqLT2QoJY0f2JdN8GyHonYFvN0Vz+L6lUJfVhrk2aZz2LbuREw== + dependencies: + passport-strategy "1.x.x" + pause "0.0.1" + path-exists@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-3.0.0.tgz#ce0ebeaa5f78cb18925ea7d810d7b59b010fd515" @@ -2333,7 +2371,12 @@ path-type@^4.0.0: resolved "https://registry.yarnpkg.com/path-type/-/path-type-4.0.0.tgz#84ed01c0a7ba380afe09d90a8c180dcd9d03043b" integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw== -picomatch@^2.0.4, picomatch@^2.2.1, picomatch@^2.2.3: +pause@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/pause/-/pause-0.0.1.tgz#1d408b3fdb76923b9543d96fb4c9dfd535d9cb5d" + integrity sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10= + +picomatch@^2.0.4, picomatch@^2.2.1, picomatch@^2.3.1: version "2.3.1" resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42" integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA== @@ -2362,7 +2405,7 @@ pkg-fetch@3.2.6: tar-fs "^2.1.1" yargs "^16.2.0" -pkg@^5.5.2: +pkg@5.5.2: version "5.5.2" resolved "https://registry.yarnpkg.com/pkg/-/pkg-5.5.2.tgz#c21ca9b5cb48feceb3b158c17df855ada350086d" integrity sha512-pD0UB2ud01C6pVv2wpGsTYJrXI/bnvGRYvMLd44wFzA1p+A2jrlTGFPAYa7YEYzmitXhx23PqalaG1eUEnSwcA== @@ -2424,7 +2467,7 @@ prettier-linter-helpers@^1.0.0: dependencies: fast-diff "^1.1.2" -prettier@^2.6.1: +prettier@2.6.1: version "2.6.1" resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.6.1.tgz#d472797e0d7461605c1609808e27b80c0f9cfe17" integrity sha512-8UVbTBYGwN37Bs9LERmxCPjdvPxlEowx2urIL6urHzdb3SDq4B/Z6xLFCblrSnE4iKWcS6ziJ3aOYrc1kz/E2A== @@ -2634,6 +2677,11 @@ safe-buffer@~5.1.0, safe-buffer@~5.1.1: resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg== +sax@>=0.6.0: + version "1.2.4" + resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9" + integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw== + semver-diff@^3.1.1: version "3.1.1" resolved "https://registry.yarnpkg.com/semver-diff/-/semver-diff-3.1.1.tgz#05f77ce59f325e00e2706afd67bb506ddb1ca32b" @@ -2726,7 +2774,7 @@ shebang-regex@^3.0.0: resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-3.0.0.tgz#ae16f1644d873ecad843b0307b143362d4c42172" integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A== -shell-quote@^1.6.1, shell-quote@^1.7.3: +shell-quote@1.7.3, shell-quote@^1.6.1: version "1.7.3" resolved "https://registry.yarnpkg.com/shell-quote/-/shell-quote-1.7.3.tgz#aa40edac170445b9a431e17bb62c0b881b9c4123" integrity sha512-Vpfqwm4EnqGdlsBFNmHhxhElJYrdfcxPThu+ryKS5J8L/fhAwLazFZtq+S+TWZ9ANj2piSQLGj6NQg+lKPmxrw== @@ -2983,13 +3031,13 @@ tr46@~0.0.3: integrity sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o= tsconfig-paths@^3.12.0: - version "3.12.0" - resolved "https://registry.yarnpkg.com/tsconfig-paths/-/tsconfig-paths-3.12.0.tgz#19769aca6ee8f6a1a341e38c8fa45dd9fb18899b" - integrity sha512-e5adrnOYT6zqVnWqZu7i/BQ3BnhzvGbjEjejFXO20lKIKpwTaupkCPgEfv4GZK1IBciJUEhYs3J3p75FdaTFVg== + version "3.14.1" + resolved "https://registry.yarnpkg.com/tsconfig-paths/-/tsconfig-paths-3.14.1.tgz#ba0734599e8ea36c862798e920bcf163277b137a" + integrity sha512-fxDhWnFSLt3VuTwtvJt5fpwxBHg5AdKWMsgcPOOIilyjymcYVZoCQF8fvFRezCNfblEXmi+PcM1eYHeOAgXCOQ== dependencies: "@types/json5" "^0.0.29" json5 "^1.0.1" - minimist "^1.2.0" + minimist "^1.2.6" strip-bom "^3.0.0" tslib@2.3.1: @@ -3055,7 +3103,7 @@ typedarray-to-buffer@^3.1.5: dependencies: is-typedarray "^1.0.0" -typescript@^4.6.3: +typescript@4.6.3: version "4.6.3" resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.6.3.tgz#eefeafa6afdd31d725584c67a0eaba80f6fc6c6c" integrity sha512-yNIatDa5iaofVozS/uQJEl3JRWLKKGJKh6Yaiv0GLGSuhpFJe7P3SbHZ8/yjAHRQwKRoA6YZqlfjXWmVzoVSMw== @@ -3067,6 +3115,10 @@ uid-safe@2.1.5: dependencies: random-bytes "~1.0.0" +umn-shib-nodejs@RosstheRoss/umn-shib-nodejs#master: + version "1.0.0" + resolved "https://codeload.github.com/RosstheRoss/umn-shib-nodejs/tar.gz/1c9900f966f649626096e94bd38393f16b0d7435" + unbox-primitive@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/unbox-primitive/-/unbox-primitive-1.0.1.tgz#085e215625ec3162574dc8859abee78a59b14471" @@ -3247,6 +3299,46 @@ xdg-basedir@^4.0.0: resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-4.0.0.tgz#4bc8d9984403696225ef83a1573cbbcb4e79db13" integrity sha512-PSNhEJDejZYV7h50BohL09Er9VaIefr2LMAf3OEmpCkjOi34eYyQYAXUTjEQtZJTKcF0E2UKTh+osDLsgNim9Q== +xml-crypto@^2.1.3: + version "2.1.3" + resolved "https://registry.yarnpkg.com/xml-crypto/-/xml-crypto-2.1.3.tgz#6a7272b610ea3e4ea7f13e9e4876f1b20cbc32c8" + integrity sha512-MpXZwnn9JK0mNPZ5mnFIbNnQa+8lMGK4NtnX2FlJMfMWR60sJdFO9X72yO6ji068pxixzk53O7x0/iSKh6IhyQ== + dependencies: + "@xmldom/xmldom" "^0.7.0" + xpath "0.0.32" + +xml-encryption@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/xml-encryption/-/xml-encryption-2.0.0.tgz#d4e1eb3ec1f2c5d2a2a0a6e23d199237e8b4bf83" + integrity sha512-4Av83DdvAgUQQMfi/w8G01aJshbEZP9ewjmZMpS9t3H+OCZBDvyK4GJPnHGfWiXlArnPbYvR58JB9qF2x9Ds+Q== + dependencies: + "@xmldom/xmldom" "^0.7.0" + escape-html "^1.0.3" + xpath "0.0.32" + +xml2js@^0.4.23: + version "0.4.23" + resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.23.tgz#a0c69516752421eb2ac758ee4d4ccf58843eac66" + integrity sha512-ySPiMjM0+pLDftHgXY4By0uswI3SPKLDw/i3UXbnO8M/p28zqexCUoPmQFrYD+/1BzhGJSs2i1ERWKJAtiLrug== + dependencies: + sax ">=0.6.0" + xmlbuilder "~11.0.0" + +xmlbuilder@^15.1.1: + version "15.1.1" + resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-15.1.1.tgz#9dcdce49eea66d8d10b42cae94a79c3c8d0c2ec5" + integrity sha512-yMqGBqtXyeN1e3TGYvgNgDVZ3j84W4cwkOXQswghol6APgZWaff9lnbvN7MHYJOiXsvGPXtjTYJEiC9J2wv9Eg== + +xmlbuilder@~11.0.0: + version "11.0.1" + resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-11.0.1.tgz#be9bae1c8a046e76b31127726347d0ad7002beb3" + integrity sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA== + +xpath@0.0.32: + version "0.0.32" + resolved "https://registry.yarnpkg.com/xpath/-/xpath-0.0.32.tgz#1b73d3351af736e17ec078d6da4b8175405c48af" + integrity sha512-rxMJhSIoiO8vXcWvSifKqhvV96GjiD5wYb8/QHdoRyQvraTpp4IEv944nhGausZZ3u7dhQXteZuZbaqfpB7uYw== + y18n@^5.0.5: version "5.0.8" resolved "https://registry.yarnpkg.com/y18n/-/y18n-5.0.8.tgz#7f4934d0f7ca8c56f95314939ddcd2dd91ce1d55" -- cgit v1.2.3