Merge pull request #16 from kmadejek-samsung/security-vulnerabilities…

…-fix-06-2024

NPM packages security vulnerabilities fix.

.gitignore

@@ -40,3 +40,6 @@ site
 
 # Vscode settings
 .vscode
+
+# JetBrains settings
+.idea

.prettierrc.js

@@ -0,0 +1,6 @@
+const spotifyPrettierConfig = require('@spotify/prettier-config');
+
+module.exports = {
+  ...spotifyPrettierConfig,
+  endOfLine: 'auto',
+};

.prow.yaml

@@ -4,7 +4,7 @@ presubmits:
     always_run: true
     spec:
       containers:
-        - image: node:16-alpine3.16
+        - image: node:18.20-alpine3.20
           command:
             - '/bin/sh'
             - '-c'
@@ -20,7 +20,7 @@ presubmits:
     always_run: true
     spec:
       containers:
-        - image: node:16-alpine3.16
+        - image: node:18.20-alpine3.20
           command:
             - '/bin/sh'
             - '-c'

Dockerfile

@@ -13,7 +13,7 @@
 # limitations under the License.
 
 # Stage 1 - Create yarn install skeleton layer
-FROM node:16-bullseye-slim AS packages
+FROM node:18.20-bullseye-slim AS packages
 
 WORKDIR /app
 COPY package.json yarn.lock ./
@@ -25,7 +25,7 @@ RUN find packages \! -name "package.json" -mindepth 2 -maxdepth 2 -exec rm -rf {
 
 
 # Stage 2 - Install dependencies and build packages
-FROM node:16-bullseye-slim AS build
+FROM node:18.20-bullseye-slim AS build
 
 WORKDIR /app
 COPY --from=packages /app .
@@ -44,7 +44,7 @@ RUN yarn --cwd packages/backend build
 
 
 # Stage 3 - Build the base image
-FROM node:16-bullseye-slim as base-backstage-app
+FROM node:18.20-bullseye-slim as base-backstage-app
 
 WORKDIR /app
 

backstage.json

@@ -1,3 +1,3 @@
 {
-  "version": "1.12.1"
+  "version": "1.27.6"
 }

lerna.json

@@ -1,6 +1,5 @@
 {
   "packages": ["packages/*", "plugins/*"],
   "npmClient": "yarn",
-  "useWorkspaces": true,
   "version": "0.1.0"
 }

package.json

@@ -31,18 +31,17 @@
     ]
   },
   "devDependencies": {
-    "@backstage/cli": "^0.22.5",
+    "@backstage/cli": "^0.26.6",
     "@spotify/prettier-config": "^12.0.0",
     "concurrently": "^6.0.0",
-    "lerna": "^4.0.0",
+    "lerna": "^7.3.0",
     "prettier": "^2.3.2",
-    "typescript": "~4.5.4"
+    "typescript": "^5.4.5"
   },
   "resolutions": {
     "@types/react": "^17",
     "@types/react-dom": "^17"
   },
-  "prettier": "@spotify/prettier-config",
   "lint-staged": {
     "*.{js,jsx,ts,tsx,mjs,cjs}": [
       "eslint --fix",

packages/app/package.json

@@ -7,16 +7,16 @@
     "role": "frontend"
   },
   "dependencies": {
-    "@backstage/app-defaults": "^1.2.1",
-    "@backstage/cli": "^0.22.5",
-    "@backstage/core-app-api": "^1.6.0",
-    "@backstage/core-components": "^0.12.5",
-    "@backstage/core-plugin-api": "^1.5.0",
-    "@backstage/integration-react": "^1.1.11",
-    "@backstage/plugin-catalog": "^1.9.0",
-    "@backstage/plugin-permission-react": "^0.4.11",
-    "@backstage/plugin-user-settings": "^0.7.1",
-    "@backstage/theme": "^0.2.18",
+    "@backstage/app-defaults": "^1.5.5",
+    "@backstage/cli": "^0.26.6",
+    "@backstage/core-app-api": "^1.12.5",
+    "@backstage/core-components": "^0.14.7",
+    "@backstage/core-plugin-api": "^1.9.2",
+    "@backstage/integration-react": "^1.1.27",
+    "@backstage/plugin-catalog": "^1.20.0",
+    "@backstage/plugin-permission-react": "^0.4.22",
+    "@backstage/plugin-user-settings": "^0.8.6",
+    "@backstage/theme": "^0.5.5",
     "@kpt/backstage-plugin-cad": "*",
     "@material-ui/core": "^4.12.2",
     "@material-ui/icons": "^4.9.1",
@@ -28,7 +28,7 @@
     "react-use": "^15.3.3"
   },
   "devDependencies": {
-    "@backstage/test-utils": "^1.2.6",
+    "@backstage/test-utils": "^1.5.5",
     "@testing-library/jest-dom": "^5.10.1",
     "@testing-library/react": "^12.1.3",
     "@testing-library/user-event": "^12.0.7",

packages/backend/package.json

@@ -15,15 +15,15 @@
     "clean": "backstage-cli package clean"
   },
   "dependencies": {
-    "@backstage/backend-common": "^0.18.3",
-    "@backstage/backend-tasks": "^0.5.0",
-    "@backstage/config": "^1.0.7",
-    "@backstage/plugin-app-backend": "^0.3.43",
-    "@backstage/plugin-auth-backend": "^0.18.1",
-    "@backstage/plugin-catalog-backend": "^1.8.0",
-    "@backstage/plugin-permission-common": "^0.7.4",
-    "@backstage/plugin-permission-node": "^0.7.6",
-    "@backstage/plugin-proxy-backend": "^0.2.37",
+    "@backstage/backend-common": "^0.22.0",
+    "@backstage/backend-tasks": "^0.5.23",
+    "@backstage/config": "^1.2.0",
+    "@backstage/plugin-app-backend": "^0.3.67",
+    "@backstage/plugin-auth-backend": "^0.22.5",
+    "@backstage/plugin-catalog-backend": "^1.22.0",
+    "@backstage/plugin-permission-common": "^0.7.13",
+    "@backstage/plugin-permission-node": "^0.7.29",
+    "@backstage/plugin-proxy-backend": "^0.4.16",
     "@kpt/backstage-plugin-cad-backend": "*",
     "app": "link:../app",
     "better-sqlite3": "^7.5.0",
@@ -34,7 +34,7 @@
     "winston": "^3.2.1"
   },
   "devDependencies": {
-    "@backstage/cli": "^0.22.5",
+    "@backstage/cli": "^0.26.6",
     "@types/dockerode": "^3.3.0",
     "@types/express": "^4.17.6",
     "@types/express-serve-static-core": "^4.17.5",

plugins/cad-backend/package.json

@@ -27,9 +27,9 @@
     "clean": "backstage-cli package clean"
   },
   "dependencies": {
-    "@backstage/backend-common": "^0.18.3",
-    "@backstage/config": "^1.0.7",
-    "@kubernetes/client-node": "^0.16.0",
+    "@backstage/backend-common": "^0.22.0",
+    "@backstage/config": "^1.2.0",
+    "@kubernetes/client-node": "^0.20.0",
     "@types/express": "*",
     "express": "^4.17.1",
     "express-promise-router": "^4.1.0",
@@ -39,7 +39,7 @@
     "yn": "^4.0.0"
   },
   "devDependencies": {
-    "@backstage/cli": "^0.22.5",
+    "@backstage/cli": "^0.26.6",
     "@types/supertest": "^2.0.8",
     "msw": "^0.35.0",
     "supertest": "^6.1.6"

plugins/cad/package.json

@@ -28,9 +28,9 @@
     "clean": "backstage-cli package clean"
   },
   "dependencies": {
-    "@backstage/core-components": "^0.12.5",
-    "@backstage/core-plugin-api": "^1.5.0",
-    "@backstage/theme": "^0.2.18",
+    "@backstage/core-components": "^0.14.7",
+    "@backstage/core-plugin-api": "^1.9.2",
+    "@backstage/theme": "^0.5.5",
     "@material-ui/core": "^4.12.2",
     "@material-ui/icons": "^4.9.1",
     "@material-ui/lab": "4.0.0-alpha.57",
@@ -48,16 +48,17 @@
     "react-router-dom": "6.0.0-beta.0"
   },
   "devDependencies": {
-    "@backstage/cli": "^0.22.5",
-    "@backstage/core-app-api": "^1.6.0",
-    "@backstage/dev-utils": "^1.0.13",
-    "@backstage/test-utils": "^1.2.6",
+    "@backstage/cli": "^0.26.6",
+    "@backstage/core-app-api": "^1.12.5",
+    "@backstage/dev-utils": "^1.0.32",
+    "@backstage/test-utils": "^1.5.5",
     "@testing-library/jest-dom": "^5.10.1",
     "@testing-library/react": "^12.1.3",
     "@testing-library/user-event": "^14.0.0",
     "@types/diff": "^5.0.2",
     "@types/jest": "*",
     "@types/js-yaml": "^4.0.0",
+    "@types/lodash": "^4.17.4",
     "@types/node": "*",
     "cross-fetch": "^3.1.5",
     "msw": "^0.35.0"

plugins/cad/src/components/Controls/Tabs.tsx

@@ -0,0 +1,84 @@
+/**
+ * Copyright 2024 The Nephio Authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { makeStyles, Tab as MUITab, Tabs as MUITabs } from '@material-ui/core';
+import React, { ReactElement, ReactNode } from 'react';
+
+type TabsProps = {
+  tabs: readonly {
+    readonly label?: string;
+    readonly icon?: ReactElement;
+    readonly content: ReactNode;
+  }[];
+};
+
+const useStyles = makeStyles(theme => ({
+  tabs: {
+    backgroundColor: theme.palette.background.paper,
+  },
+  tabsIndicator: {
+    display: 'flex',
+    justifyContent: 'center',
+    backgroundColor: theme.palette.tabbar.indicator,
+    height: theme.spacing(0.5),
+  },
+  tab: {
+    width: '130px',
+    minWidth: '130px',
+    height: '64px',
+    marginLeft: '24px',
+    marginRight: '24px',
+    fontWeight: 'bold',
+    fontSize: theme.typography.pxToRem(13),
+    color: theme.palette.textSubtle,
+  },
+  content: {
+    padding: '24px',
+  },
+}));
+
+export const Tabs = (props: TabsProps) => {
+  const classes = useStyles();
+  const [value, setValue] = React.useState(0);
+
+  const handleChange = (_event: React.ChangeEvent<{}>, newValue: number) => {
+    setValue(newValue);
+  };
+
+  return (
+    <div>
+      <MUITabs
+        classes={{ root: classes.tabs, indicator: classes.tabsIndicator }}
+        value={value}
+        onChange={handleChange}
+      >
+        {props.tabs.map(({ label, icon }, index) => (
+          <MUITab
+            key={index}
+            classes={{ root: classes.tab }}
+            label={label ?? ''}
+            icon={icon}
+          />
+        ))}
+      </MUITabs>
+      {props.tabs.map(({ content }, index) => (
+        <div className={classes.content} hidden={value !== index}>
+          {content}
+        </div>
+      ))}
+    </div>
+  );
+};

plugins/cad/src/components/Controls/index.ts

@@ -25,4 +25,5 @@ export { PackageIcon } from './PackageIcon';
 export { RadioGroup } from './RadioGroup';
 export type { RadioOption } from './RadioGroup';
 export { Select } from './Select';
+export { Tabs } from './Tabs';
 export { YamlViewer } from './YamlViewer';

plugins/cad/src/components/PackageManagementPage/PackageManagementPage.tsx

@@ -18,7 +18,6 @@ import {
   Breadcrumbs,
   ContentHeader,
   Progress,
-  Tabs,
 } from '@backstage/core-components';
 import { useApi } from '@backstage/core-plugin-api';
 import { makeStyles, Typography } from '@material-ui/core';
@@ -32,6 +31,7 @@ import {
 } from '../../utils/repositorySummary';
 import { DashboardTabContent } from './components/DashboardTabContent';
 import { RepositoriesTabContent } from './components/RepositoriesTabContent';
+import { Tabs } from '../Controls';
 
 export const useStyles = makeStyles({
   repositoriesTablesSection: {

plugins/cad/src/components/PackageRevisionPage/PackageRevisionPage.tsx

@@ -18,7 +18,6 @@ import {
   Breadcrumbs,
   ContentHeader,
   Progress,
-  Tabs,
 } from '@backstage/core-components';
 import { errorApiRef, useApi, useRouteRef } from '@backstage/core-plugin-api';
 import { makeStyles, Typography } from '@material-ui/core';
@@ -88,6 +87,7 @@ import {
 } from '../../utils/revisionSummary';
 import { toLowerCase } from '../../utils/string';
 import { Badge, ConfirmationDialog } from '../Controls';
+import { Tabs } from '../Controls';
 import { LandingPageLink, PackageLink, RepositoryLink } from '../Links';
 import { AdvancedPackageRevisionOptions } from './components/AdvancedPackageRevisionOptions';
 import { ConditionsTable } from './components/ConditionsTable';

plugins/cad/src/components/RepositoryPage/PackagesPage.tsx

@@ -19,7 +19,6 @@ import {
   LinkButton,
   ContentHeader,
   Progress,
-  Tabs,
 } from '@backstage/core-components';
 import { useApi, useRouteRef } from '@backstage/core-plugin-api';
 import { Typography } from '@material-ui/core';
@@ -42,6 +41,7 @@ import {
   isReadOnlyRepository,
 } from '../../utils/repository';
 import { getRepositorySummaries } from '../../utils/repositorySummary';
+import { Tabs } from '../Controls';
 import { LandingPageLink } from '../Links';
 import { PackagesTabContent } from './components/PackagesTabContent';
 

plugins/cad/src/components/RepositoryPage/RepositoryPage.tsx

@@ -19,7 +19,6 @@ import {
   ContentHeader,
   LinkButton,
   Progress,
-  Tabs,
 } from '@backstage/core-components';
 import { useApi, useRouteRef } from '@backstage/core-plugin-api';
 import { Typography } from '@material-ui/core';
@@ -51,6 +50,7 @@ import {
   getRepositorySummaries,
   getRepositorySummary,
 } from '../../utils/repositorySummary';
+import { Tabs } from '../Controls';
 import { LandingPageLink } from '../Links';
 import { AdvancedRepositoryOptions } from './components/AdvancedRepositoryOptions';
 import { PackagesTabContent } from './components/PackagesTabContent';