From 2b14d97f516048977b351796ae4c446ad15764d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Apr 2026 07:41:09 +0000 Subject: [PATCH 1/7] build(deps-dev): bump @babel/cli from 7.27.2 to 7.28.6 Bumps [@babel/cli](https://github.com/babel/babel/tree/HEAD/packages/babel-cli) from 7.27.2 to 7.28.6. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.28.6/packages/babel-cli) --- updated-dependencies: - dependency-name: "@babel/cli" dependency-version: 7.28.6 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package-lock.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7762cab..973e7dd 100644 --- a/package-lock.json +++ b/package-lock.json @@ -31,13 +31,13 @@ } }, "node_modules/@babel/cli": { - "version": "7.27.2", - "resolved": "https://registry.npmjs.org/@babel/cli/-/cli-7.27.2.tgz", - "integrity": "sha512-cfd7DnGlhH6OIyuPSSj3vcfIdnbXukhAyKY8NaZrFadC7pXyL9mOL5WgjcptiEJLi5k3j8aYvLIVCzezrWTaiA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/cli/-/cli-7.28.6.tgz", + "integrity": "sha512-6EUNcuBbNkj08Oj4gAZ+BUU8yLCgKzgVX4gaTh09Ya2C8ICM4P+G30g4m3akRxSYAp3A/gnWchrNst7px4/nUQ==", "dev": true, "license": "MIT", "dependencies": { - "@jridgewell/trace-mapping": "^0.3.25", + "@jridgewell/trace-mapping": "^0.3.28", "commander": "^6.2.0", "convert-source-map": "^2.0.0", "fs-readdir-recursive": "^1.1.0", From 1d247206fc89062666190ce47a491d9c63af9fd1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Apr 2026 07:41:14 +0000 Subject: [PATCH 2/7] build(deps): bump jsonwebtoken from 9.0.2 to 9.0.3 Bumps [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) from 9.0.2 to 9.0.3. - [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md) - [Commits](https://github.com/auth0/node-jsonwebtoken/compare/v9.0.2...v9.0.3) --- updated-dependencies: - dependency-name: jsonwebtoken dependency-version: 9.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package-lock.json | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7762cab..4482b15 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6302,12 +6302,12 @@ } }, "node_modules/jsonwebtoken": { - "version": "9.0.2", - "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.2.tgz", - "integrity": "sha512-PRp66vJ865SSqOlgqS8hujT5U4AOgMfhrwYIuIhfKaoSCZcirrmASQr8CX7cUg+RMih+hgznrjp99o+W4pJLHQ==", + "version": "9.0.3", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.3.tgz", + "integrity": "sha512-MT/xP0CrubFRNLNKvxJ2BYfy53Zkm++5bX9dtuPbqAeQpTVe0MQTFhao8+Cp//EmJp244xt6Drw/GVEGCUj40g==", "license": "MIT", "dependencies": { - "jws": "^3.2.2", + "jws": "^4.0.1", "lodash.includes": "^4.3.0", "lodash.isboolean": "^3.0.3", "lodash.isinteger": "^4.0.4", @@ -6336,9 +6336,9 @@ } }, "node_modules/jwa": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.2.tgz", - "integrity": "sha512-eeH5JO+21J78qMvTIDdBXidBd6nG2kZjg5Ohz/1fpa28Z4CcsWUzJ1ZZyFq/3z3N17aZy+ZuBoHljASbL1WfOw==", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-2.0.1.tgz", + "integrity": "sha512-hRF04fqJIP8Abbkq5NKGN0Bbr3JxlQ+qhZufXVr0DvujKy93ZCbXZMHDL4EOtodSbCWxOqR8MS1tXA5hwqCXDg==", "license": "MIT", "dependencies": { "buffer-equal-constant-time": "^1.0.1", @@ -6347,12 +6347,12 @@ } }, "node_modules/jws": { - "version": "3.2.3", - "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.3.tgz", - "integrity": "sha512-byiJ0FLRdLdSVSReO/U4E7RoEyOCKnEnEPMjq3HxWtvzLsV08/i5RQKsFVNkCldrCaPr2vDNAOMsfs8T/Hze7g==", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/jws/-/jws-4.0.1.tgz", + "integrity": "sha512-EKI/M/yqPncGUUh44xz0PxSidXFr/+r0pA70+gIYhjv+et7yxM+s29Y+VGDkovRofQem0fs7Uvf4+YmAdyRduA==", "license": "MIT", "dependencies": { - "jwa": "^1.4.2", + "jwa": "^2.0.1", "safe-buffer": "^5.0.1" } }, From c533c54d92382cbe10d9bb7e8917b4e8117fbca2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Apr 2026 07:17:06 +0000 Subject: [PATCH 3/7] build(deps): bump actions/setup-node from 6 to 6.3.0 Bumps [actions/setup-node](https://github.com/actions/setup-node) from 6 to 6.3.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v6...v6.3.0) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/node.js.yml | 2 +- .github/workflows/publish-npm.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml index edb4f01..d40bfeb 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/node.js.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@v6 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v6 + uses: actions/setup-node@v6.3.0 with: node-version: ${{ matrix.node-version }} - run: npm install diff --git a/.github/workflows/publish-npm.yml b/.github/workflows/publish-npm.yml index 08ce8d0..4479dda 100644 --- a/.github/workflows/publish-npm.yml +++ b/.github/workflows/publish-npm.yml @@ -13,7 +13,7 @@ jobs: uses: actions/checkout@v6 - name: Setup Node - uses: actions/setup-node@v6 + uses: actions/setup-node@v6.3.0 with: node-version: "24" registry-url: "https://registry.npmjs.org" From ec298244274b635cab55e77d533e3966be072dc9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Apr 2026 07:15:27 +0000 Subject: [PATCH 4/7] build(deps-dev): bump eslint from 10.1.0 to 10.2.1 Bumps [eslint](https://github.com/eslint/eslint) from 10.1.0 to 10.2.1. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/compare/v10.1.0...v10.2.1) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.2.1 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package-lock.json | 50 +++++++++++++++++++++++------------------------ 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7762cab..2ed8c21 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1881,13 +1881,13 @@ } }, "node_modules/@eslint/config-array": { - "version": "0.23.3", - "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.23.3.tgz", - "integrity": "sha512-j+eEWmB6YYLwcNOdlwQ6L2OsptI/LO6lNBuLIqe5R7RetD658HLoF+Mn7LzYmAWWNNzdC6cqP+L6r8ujeYXWLw==", + "version": "0.23.5", + "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.23.5.tgz", + "integrity": "sha512-Y3kKLvC1dvTOT+oGlqNQ1XLqK6D1HU2YXPc52NmAlJZbMMWDzGYXMiPRJ8TYD39muD/OTjlZmNJ4ib7dvSrMBA==", "dev": true, "license": "Apache-2.0", "dependencies": { - "@eslint/object-schema": "^3.0.3", + "@eslint/object-schema": "^3.0.5", "debug": "^4.3.1", "minimatch": "^10.2.4" }, @@ -1935,22 +1935,22 @@ } }, "node_modules/@eslint/config-helpers": { - "version": "0.5.3", - "resolved": "https://registry.npmjs.org/@eslint/config-helpers/-/config-helpers-0.5.3.tgz", - "integrity": "sha512-lzGN0onllOZCGroKJmRwY6QcEHxbjBw1gwB8SgRSqK8YbbtEXMvKynsXc3553ckIEBxsbMBU7oOZXKIPGZNeZw==", + "version": "0.5.5", + "resolved": "https://registry.npmjs.org/@eslint/config-helpers/-/config-helpers-0.5.5.tgz", + "integrity": "sha512-eIJYKTCECbP/nsKaaruF6LW967mtbQbsw4JTtSVkUQc9MneSkbrgPJAbKl9nWr0ZeowV8BfsarBmPpBzGelA2w==", "dev": true, "license": "Apache-2.0", "dependencies": { - "@eslint/core": "^1.1.1" + "@eslint/core": "^1.2.1" }, "engines": { "node": "^20.19.0 || ^22.13.0 || >=24" } }, "node_modules/@eslint/core": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@eslint/core/-/core-1.1.1.tgz", - "integrity": "sha512-QUPblTtE51/7/Zhfv8BDwO0qkkzQL7P/aWWbqcf4xWLEYn1oKjdO0gglQBB4GAsu7u6wjijbCmzsUTy6mnk6oQ==", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/@eslint/core/-/core-1.2.1.tgz", + "integrity": "sha512-MwcE1P+AZ4C6DWlpin/OmOA54mmIZ/+xZuJiQd4SyB29oAJjN30UW9wkKNptW2ctp4cEsvhlLY/CsQ1uoHDloQ==", "dev": true, "license": "Apache-2.0", "dependencies": { @@ -1961,9 +1961,9 @@ } }, "node_modules/@eslint/object-schema": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-3.0.3.tgz", - "integrity": "sha512-iM869Pugn9Nsxbh/YHRqYiqd23AmIbxJOcpUMOuWCVNdoQJ5ZtwL6h3t0bcZzJUlC3Dq9jCFCESBZnX0GTv7iQ==", + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-3.0.5.tgz", + "integrity": "sha512-vqTaUEgxzm+YDSdElad6PiRoX4t8VGDjCtt05zn4nU810UIx/uNEV7/lZJ6KwFThKZOzOxzXy48da+No7HZaMw==", "dev": true, "license": "Apache-2.0", "engines": { @@ -1971,13 +1971,13 @@ } }, "node_modules/@eslint/plugin-kit": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.6.1.tgz", - "integrity": "sha512-iH1B076HoAshH1mLpHMgwdGeTs0CYwL0SPMkGuSebZrwBp16v415e9NZXg2jtrqPVQjf6IANe2Vtlr5KswtcZQ==", + "version": "0.7.1", + "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.7.1.tgz", + "integrity": "sha512-rZAP3aVgB9ds9KOeUSL+zZ21hPmo8dh6fnIFwRQj5EAZl9gzR7wxYbYXYysAM8CTqGmUGyp2S4kUdV17MnGuWQ==", "dev": true, "license": "Apache-2.0", "dependencies": { - "@eslint/core": "^1.1.1", + "@eslint/core": "^1.2.1", "levn": "^0.4.1" }, "engines": { @@ -4191,18 +4191,18 @@ } }, "node_modules/eslint": { - "version": "10.1.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-10.1.0.tgz", - "integrity": "sha512-S9jlY/ELKEUwwQnqWDO+f+m6sercqOPSqXM5Go94l7DOmxHVDgmSFGWEzeE/gwgTAr0W103BWt0QLe/7mabIvA==", + "version": "10.2.1", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-10.2.1.tgz", + "integrity": "sha512-wiyGaKsDgqXvF40P8mDwiUp/KQjE1FdrIEJsM8PZ3XCiniTMXS3OHWWUe5FI5agoCnr8x4xPrTDZuxsBlNHl+Q==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.8.0", "@eslint-community/regexpp": "^4.12.2", - "@eslint/config-array": "^0.23.3", - "@eslint/config-helpers": "^0.5.3", - "@eslint/core": "^1.1.1", - "@eslint/plugin-kit": "^0.6.1", + "@eslint/config-array": "^0.23.5", + "@eslint/config-helpers": "^0.5.5", + "@eslint/core": "^1.2.1", + "@eslint/plugin-kit": "^0.7.1", "@humanfs/node": "^0.16.6", "@humanwhocodes/module-importer": "^1.0.1", "@humanwhocodes/retry": "^0.4.2", From aae1e078ea6333feabc99e3d5335be26e6ab714d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 6 May 2026 07:16:15 +0000 Subject: [PATCH 5/7] build(deps-dev): bump pre-commit from 1.2.2 to 2.0.0 Bumps [pre-commit](https://github.com/observing/pre-commit) from 1.2.2 to 2.0.0. - [Release notes](https://github.com/observing/pre-commit/releases) - [Changelog](https://github.com/observing/pre-commit/blob/master/CHANGELOG.md) - [Commits](https://github.com/observing/pre-commit/commits) --- updated-dependencies: - dependency-name: pre-commit dependency-version: 2.0.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package-lock.json | 151 +++++++++------------------------------------- package.json | 2 +- 2 files changed, 28 insertions(+), 125 deletions(-) diff --git a/package-lock.json b/package-lock.json index 14caf85..71ee32b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,7 +24,7 @@ "handlebars": "^4.7.9", "jest": "^30.2.0", "jsdoc-to-markdown": "^9.1.3", - "pre-commit": "^1.2.2" + "pre-commit": "^2.0.0" }, "engines": { "node": ">=20.0.0" @@ -3901,22 +3901,6 @@ "dev": true, "license": "MIT" }, - "node_modules/concat-stream": { - "version": "1.6.2", - "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-1.6.2.tgz", - "integrity": "sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==", - "dev": true, - "engines": [ - "node >= 0.8" - ], - "license": "MIT", - "dependencies": { - "buffer-from": "^1.0.0", - "inherits": "^2.0.3", - "readable-stream": "^2.2.2", - "typedarray": "^0.0.6" - } - }, "node_modules/config-master": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/config-master/-/config-master-3.1.0.tgz", @@ -3958,13 +3942,6 @@ "url": "https://opencollective.com/core-js" } }, - "node_modules/core-util-is": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz", - "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==", - "dev": true, - "license": "MIT" - }, "node_modules/cross-spawn": { "version": "7.0.6", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", @@ -5183,13 +5160,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/isarray": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", - "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==", - "dev": true, - "license": "MIT" - }, "node_modules/isexe": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", @@ -6816,15 +6786,6 @@ "node": ">= 0.8.0" } }, - "node_modules/os-shim": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/os-shim/-/os-shim-0.1.3.tgz", - "integrity": "sha512-jd0cvB8qQ5uVt0lvCIexBaROw1KyKm5sbulg2fWOHjETisuCzWyt+eTZKEMs8v6HwzoGs8xik26jg7eCM6pS+A==", - "dev": true, - "engines": { - "node": ">= 0.4.0" - } - }, "node_modules/p-limit": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", @@ -7021,29 +6982,44 @@ } }, "node_modules/pre-commit": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/pre-commit/-/pre-commit-1.2.2.tgz", - "integrity": "sha512-qokTiqxD6GjODy5ETAIgzsRgnBWWQHQH2ghy86PU7mIn/wuWeTwF3otyNQZxWBwVn8XNr8Tdzj/QfUXpH+gRZA==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/pre-commit/-/pre-commit-2.0.0.tgz", + "integrity": "sha512-gStVX9Yji5PjN4Yl1/4fSc9LPzwdGkkiSgarug873vfatIH47WIXPa+rcE8FK9JrbsMGuZji2Ih3V+G+Oa8eww==", "dev": true, "hasInstallScript": true, "license": "MIT", "dependencies": { - "cross-spawn": "^5.0.1", - "spawn-sync": "^1.0.15", - "which": "1.2.x" + "cross-spawn": "^7.0.5", + "which": "^4.0.0" + }, + "engines": { + "node": ">=16.13.0" + } + }, + "node_modules/pre-commit/node_modules/isexe": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-3.1.5.tgz", + "integrity": "sha512-6B3tLtFqtQS4ekarvLVMZ+X+VlvQekbe4taUkf/rhVO3d/h0M2rfARm/pXLcPEsjjMsFgrFgSrhQIxcSVrBz8w==", + "dev": true, + "license": "BlueOak-1.0.0", + "engines": { + "node": ">=18" } }, "node_modules/pre-commit/node_modules/which": { - "version": "1.2.14", - "resolved": "https://registry.npmjs.org/which/-/which-1.2.14.tgz", - "integrity": "sha512-16uPglFkRPzgiUXYMi1Jf8Z5EzN1iB4V0ZtMXcHZnwsBtQhhHeCqoWw7tsUY42hJGNDWtUsVLTjakIa5BgAxCw==", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/which/-/which-4.0.0.tgz", + "integrity": "sha512-GlaYyEb07DPxYCKhKzplCWBJtvxZcZMrL+4UkrTSJHHPyZU4mYYTv3qaOe77H7EODLSSopAUFAc6W8U4yqvscg==", "dev": true, "license": "ISC", "dependencies": { - "isexe": "^2.0.0" + "isexe": "^3.1.1" }, "bin": { - "which": "bin/which" + "node-which": "bin/which.js" + }, + "engines": { + "node": "^16.13.0 || >=18.0.0" } }, "node_modules/prelude-ls": { @@ -7084,13 +7060,6 @@ "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/process-nextick-args": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", - "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==", - "dev": true, - "license": "MIT" - }, "node_modules/punycode": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", @@ -7156,29 +7125,6 @@ "dev": true, "license": "MIT" }, - "node_modules/readable-stream": { - "version": "2.3.8", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz", - "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==", - "dev": true, - "license": "MIT", - "dependencies": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.3", - "isarray": "~1.0.0", - "process-nextick-args": "~2.0.0", - "safe-buffer": "~5.1.1", - "string_decoder": "~1.1.1", - "util-deprecate": "~1.0.1" - } - }, - "node_modules/readable-stream/node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", - "dev": true, - "license": "MIT" - }, "node_modules/readdirp": { "version": "3.6.0", "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz", @@ -7479,18 +7425,6 @@ "source-map": "^0.6.0" } }, - "node_modules/spawn-sync": { - "version": "1.0.15", - "resolved": "https://registry.npmjs.org/spawn-sync/-/spawn-sync-1.0.15.tgz", - "integrity": "sha512-9DWBgrgYZzNghseho0JOuh+5fg9u6QWhAWa51QC7+U5rCheZ/j1DrEZnyE0RBBRqZ9uEXGPgSSM0nky6burpVw==", - "dev": true, - "hasInstallScript": true, - "license": "MIT", - "dependencies": { - "concat-stream": "^1.4.7", - "os-shim": "^0.1.2" - } - }, "node_modules/sprintf-js": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", @@ -7521,23 +7455,6 @@ "node": ">=8" } }, - "node_modules/string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "dev": true, - "license": "MIT", - "dependencies": { - "safe-buffer": "~5.1.0" - } - }, - "node_modules/string_decoder/node_modules/safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", - "dev": true, - "license": "MIT" - }, "node_modules/string-length": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", @@ -7828,13 +7745,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/typedarray": { - "version": "0.0.6", - "resolved": "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz", - "integrity": "sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA==", - "dev": true, - "license": "MIT" - }, "node_modules/typescript": { "version": "6.0.2", "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.2.tgz", @@ -8015,13 +7925,6 @@ "punycode": "^2.1.0" } }, - "node_modules/util-deprecate": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", - "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==", - "dev": true, - "license": "MIT" - }, "node_modules/v8-to-istanbul": { "version": "9.3.0", "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", diff --git a/package.json b/package.json index 5df12ad..8804f53 100644 --- a/package.json +++ b/package.json @@ -45,7 +45,7 @@ "handlebars": "^4.7.9", "jest": "^30.2.0", "jsdoc-to-markdown": "^9.1.3", - "pre-commit": "^1.2.2" + "pre-commit": "^2.0.0" }, "dependencies": { "jsonwebtoken": "^9.0.0", From 302d7c556adb01eccce5d758dbe1b59e9615e09f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 May 2026 17:41:22 +0000 Subject: [PATCH 6/7] build(deps-dev): bump @babel/plugin-transform-modules-systemjs Bumps [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) from 7.29.0 to 7.29.4. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs) --- updated-dependencies: - dependency-name: "@babel/plugin-transform-modules-systemjs" dependency-version: 7.29.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 14caf85..28331cf 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1215,9 +1215,9 @@ } }, "node_modules/@babel/plugin-transform-modules-systemjs": { - "version": "7.29.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.29.0.tgz", - "integrity": "sha512-PrujnVFbOdUpw4UHiVwKvKRLMMic8+eC0CuNlxjsyZUiBjhFdPsewdXCkveh2KqBA9/waD0W1b4hXSOBQJezpQ==", + "version": "7.29.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.29.4.tgz", + "integrity": "sha512-N7QmZ0xRZfjHOfZeQLJjwgX2zS9pdGHSVl/cjSGlo4dXMqvurfxXDMKY4RqEKzPozV78VMcd0lxyG13mlbKc4w==", "dev": true, "license": "MIT", "dependencies": { From 8d7ebc20b940c810b8cdd5ac889c98699ecbb883 Mon Sep 17 00:00:00 2001 From: Max Scholz Date: Tue, 12 May 2026 20:07:34 +0200 Subject: [PATCH 7/7] test: improve coverage from 73% to 99.4% and fix lint MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Install missing eslint-plugin-n (fixes lint failure) - Remove unused eslint-disable directive in UtilFunc.test.js - Add tests for SSOTokenData getter methods (all 20+ getters) - Add tests for _getSignedWrong sync/async/catch paths - Add tests for getSigned catch block (invalid RSA key) - Add tests for SSOToken appSecret null/non-string/empty validation - Add edge case tests for helpers.readKeyFile: - Sync: rethrow unexpected errors (not ENOENT/encoding too long) - Async: pass non-ENOENT fs errors to callback - Async: pass unexpected NodeRSA errors to callback Coverage: 73.3% → 99.4% statements, 30.5% → 100% functions Co-authored-by: GitHub Copilot --- src/tests/SSOToken.test.js | 18 ++++ src/tests/SSOTokenData.test.js | 151 +++++++++++++++++++++++++++++++++ src/tests/UtilFunc.test.js | 32 ++++++- 3 files changed, 200 insertions(+), 1 deletion(-) diff --git a/src/tests/SSOToken.test.js b/src/tests/SSOToken.test.js index dbc8b38..aec6ab3 100644 --- a/src/tests/SSOToken.test.js +++ b/src/tests/SSOToken.test.js @@ -115,6 +115,24 @@ describe('Testing SSOToken Class', () => { }).toThrow(); }); }); + describe('Testing Token Constructor AppSecret cases', () => { + test('test token constructor with App Secret as null', () => { + expect(() => { + new SSOToken(correctAudience, null, encodedTokenWithKey); + }).toThrow('App Secret null or not specified'); + }); + test('test token constructor with non String value for App Secret', () => { + expect(() => { + new SSOToken(correctAudience, {notAString: true}, encodedTokenWithKey); + }).toThrow('App Secret must be a string value'); + }); + test('test token constructor with App Secret as empty string value', () => { + expect(() => { + new SSOToken(correctAudience, '', encodedTokenWithKey); + }).toThrow('App Secret cannot be an empty string'); + }); + }); + describe('Testing Token Constructor Audience cases', () => { test('test token constructor with Audience as null', () => { expect(() => { diff --git a/src/tests/SSOTokenData.test.js b/src/tests/SSOTokenData.test.js index f4c4b8d..c87f5f9 100644 --- a/src/tests/SSOTokenData.test.js +++ b/src/tests/SSOTokenData.test.js @@ -63,6 +63,17 @@ describe('Testing SSOTokenData Class', () => { // expect(err).toEqual('Secret must be a string value'); // }); // }); + test('Test secret to be non string with callback', (done) => { + SSOTokenDataObj.getSigned({}, (err) => { + expect(err).toBe('Secret must be a string value'); + done(); + }); + }); + test('Should throw if callback is not a function', () => { + expect(() => { + SSOTokenDataObj.getSigned(secretPub, 'notAFunction'); + }).toThrow('Callback must be a function'); + }); test('Should return error if no secret specified', (done) => { SSOTokenDataObj.getSigned(null, (err, signed) => { expect(err).toBe('No secret specified'); @@ -78,4 +89,144 @@ describe('Testing SSOTokenData Class', () => { }); }); }); + + describe('Testing SSOTokenData._getSignedWrong', () => { + describe('Sync mode', () => { + test('Should throw if no secret specified', () => { + expect(() => { + SSOTokenDataObj._getSignedWrong(); + }).toThrow('No secret specified'); + }); + test('Should return signed value with any string secret (HS256 default)', () => { + const signed = SSOTokenDataObj._getSignedWrong('simple-secret'); + expect(signed).toBeDefined(); + }); + }); + describe('Async mode', () => { + test('Should call callback with "No secret specified" when null secret and cb provided', () => { + const calls = []; + SSOTokenDataObj._getSignedWrong(null, (err) => { + calls.push(err); + }); + expect(calls[0]).toBe('No secret specified'); + }); + test('Should call callback with signed value if secret specified', (done) => { + SSOTokenDataObj._getSignedWrong('simple-secret', (err, signed) => { + expect(err).toBeFalsy(); + expect(signed).toBeDefined(); + done(); + }); + }); + }); + describe('Catch block', () => { + test('Should throw when jwt.sign throws internally', () => { + const jwt = require('jsonwebtoken'); + jest.spyOn(jwt, 'sign').mockImplementationOnce(() => { + throw new Error('mocked jwt error'); + }); + expect(() => { + SSOTokenDataObj._getSignedWrong('some-secret'); + }).toThrow('mocked jwt error'); + jest.restoreAllMocks(); + }); + }); + }); + + describe('Testing getSigned catch block', () => { + test('getSigned returns undefined when jwt.sign throws with invalid RSA key', () => { + const result = SSOTokenDataObj.getSigned('not-a-valid-rsa-key'); + expect(result).toBeUndefined(); + }); + }); +}); + +describe('Testing SSOTokenData getter methods', () => { + test('getBranchId returns correct value', () => { + expect(SSOTokenDataObj.getBranchId()).toBe('5e3bfa789f436c5e2ee5141a'); + }); + test('getBranchSlug returns correct value', () => { + expect(SSOTokenDataObj.getBranchSlug()).toBe('staffbase'); + }); + test('getAudience returns correct value', () => { + expect(SSOTokenDataObj.getAudience()).toBe('testPlugin'); + }); + test('getExpireAtTime returns correct value', () => { + expect(SSOTokenDataObj.getExpireAtTime()).toBe(tokenDataVals.CLAIM_EXPIRE_AT); + }); + test('getNotBeforeTime returns correct value', () => { + expect(SSOTokenDataObj.getNotBeforeTime()).toBe(tokenDataVals.CLAIM_NOT_BEFORE); + }); + test('getIssuedAtTime returns correct value', () => { + expect(SSOTokenDataObj.getIssuedAtTime()).toBe(tokenDataVals.CLAIM_ISSUED_AT); + }); + test('getIssuer returns correct value', () => { + expect(SSOTokenDataObj.getIssuer()).toBe('api.staffbase.com'); + }); + test('getInstanceId returns correct value', () => { + expect(SSOTokenDataObj.getInstanceId()).toBe('55c79b6ee4b06c6fb19bd1e2'); + }); + test('getInstanceName returns correct value', () => { + expect(SSOTokenDataObj.getInstanceName()).toBe('Our locations'); + }); + test('getUserId returns correct value', () => { + expect(SSOTokenDataObj.getUserId()).toBe('541954c3e4b08bbdce1a340a'); + }); + test('getUserExternalId returns correct value', () => { + expect(SSOTokenDataObj.getUserExternalId()).toBe('jdoe'); + }); + test('getUserUsername returns correct value', () => { + expect(SSOTokenDataObj.getUserUsername()).toBe('john.doe'); + }); + test('getUserPrimaryEmailAddress returns correct value', () => { + expect(SSOTokenDataObj.getUserPrimaryEmailAddress()).toBe('jdoe@email.com'); + }); + test('getFullName returns correct value', () => { + expect(SSOTokenDataObj.getFullName()).toBe('John Doe'); + }); + test('getFirstName returns correct value', () => { + expect(SSOTokenDataObj.getFirstName()).toBe('John'); + }); + test('getLastName returns correct value', () => { + expect(SSOTokenDataObj.getLastName()).toBe('Doe'); + }); + test('getRole returns correct value', () => { + expect(SSOTokenDataObj.getRole()).toBe('editor'); + }); + test('getType returns correct value', () => { + expect(SSOTokenDataObj.getType()).toBe('type'); + }); + test('getThemeTextColor returns correct value', () => { + expect(SSOTokenDataObj.getThemeTextColor()).toBe('#00ABAB'); + }); + test('getThemeBackgroundColor returns correct value', () => { + expect(SSOTokenDataObj.getThemeBackgroundColor()).toBe('#FFAABB'); + }); + test('getLocale returns correct value', () => { + expect(SSOTokenDataObj.getLocale()).toBe('en-US'); + }); + test('isEditor returns true for editor role', () => { + expect(SSOTokenDataObj.isEditor()).toBe(true); + }); + test('isEditor returns false for non-editor role', () => { + const userTokenData = new SSOTokenData({...tokenDataVals, CLAIM_USER_ROLE: 'user'}); + expect(userTokenData.isEditor()).toBe(false); + }); + test('getTags returns null when no tags', () => { + expect(SSOTokenDataObj.getTags()).toBeNull(); + }); + test('_getClaim throws for invalid claim name', () => { + expect(() => { + SSOTokenDataObj._getClaim('INVALID_CLAIM'); + }).toThrow('Invalid Claim'); + }); + test('toJSObj returns correct structure', () => { + const obj = SSOTokenDataObj.toJSObj(); + expect(obj.aud).toBe('testPlugin'); + expect(obj.sub).toBe('541954c3e4b08bbdce1a340a'); + }); + test('toJSObjPretty returns correct structure', () => { + const obj = SSOTokenDataObj.toJSObjPretty(); + expect(obj.CLAIM_AUDIENCE).toBe('testPlugin'); + expect(obj.CLAIM_USER_ID).toBe('541954c3e4b08bbdce1a340a'); + }); }); diff --git a/src/tests/UtilFunc.test.js b/src/tests/UtilFunc.test.js index c5d2a69..313b1ce 100644 --- a/src/tests/UtilFunc.test.js +++ b/src/tests/UtilFunc.test.js @@ -5,7 +5,6 @@ const invalidFilePath = path.resolve(__dirname, '../../testKeyFiles/missingfile. const filePathInvKey = path.resolve(__dirname, '../../testKeyFiles/jwtRS256.key.pub'); const filePathValidKey = path.resolve(__dirname, '../../testKeyFiles/jwtRS256.pub'); -// eslint-disable-next-line max-len const sampleBinaryKey = 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXd6RqV95G7+alU1PmA49n9IG8mCT27vpCpTJz3MGH+pqBEp6gLYDkP6lxK4ix5dy9NrOcKnaIWJ3xAc/JU+rVt6CiEyqJo4rchrNnRQsn4+P+efuVlsL959MqjzQC98qcVdf44C3wrxsOHE823zRACsJylOFkf7KkXd9c8L8vIj9x29q5K7NkGRKtOLKY7k4QPhlCVFDkMgAidHvi8HD7HDI6KYljguuhHUtRdrmC4i0NuwpSdqsavUJ9ASQu9Cr0QhpzOFJeZQ91ZkLoSDAkpSXAfBS+lvGtEnWLh7q3JczJOb3Tz8YolUTGfBlJ9iXiHDcY8PXdRTrvUVqeTe3wIDAQAB'; const samplePKCS8Key = `-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXd6RqV95G7+alU1PmA4 @@ -129,3 +128,34 @@ describe('Testing Utilitiy functions', () => { }); }); }); + +describe('Testing readKeyFile error edge cases', () => { + afterEach(() => { + jest.restoreAllMocks(); + }); + + test('sync: should rethrow unexpected errors (not ENOENT or encoding too long)', () => { + const fs = require('node:fs'); + jest.spyOn(fs, 'readFileSync').mockImplementationOnce(() => Buffer.from('')); + expect(() => helpers.readKeyFile('/mocked/path')).toThrow('Empty key given'); + }); + + test('async: should pass non-ENOENT fs.readFile errors to callback', (done) => { + const fs = require('node:fs'); + const permError = new Error('EPERM: operation not permitted, open \'/some/path\''); + jest.spyOn(fs, 'readFile').mockImplementationOnce((path, cb) => cb(permError, null)); + helpers.readKeyFile('/mocked/path', (err) => { + expect(err).toBe(permError); + done(); + }); + }); + + test('async: should pass unexpected NodeRSA errors to callback', (done) => { + const fs = require('node:fs'); + jest.spyOn(fs, 'readFile').mockImplementationOnce((path, cb) => cb(null, Buffer.from(''))); + helpers.readKeyFile('/mocked/path', (err) => { + expect(err.message).toBe('Empty key given'); + done(); + }); + }); +});