From a65bc28b4e0838a5d2a93f0a9cc7fba03cf10b7e Mon Sep 17 00:00:00 2001
From: Zachary Sanders <sanders_zachary@bah.com>
Date: Thu, 3 Jun 2021 14:47:26 -0600
Subject: [PATCH] fix yaml load in artifacts

---
 dist/manager/ironbank/artifacts.js     | 2 +-
 dist/manager/ironbank/artifacts.js.map | 2 +-
 lib/manager/ironbank/artifacts.ts      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/dist/manager/ironbank/artifacts.js b/dist/manager/ironbank/artifacts.js
index 1c4606c..69cfaec 100644
--- a/dist/manager/ironbank/artifacts.js
+++ b/dist/manager/ironbank/artifacts.js
@@ -32,7 +32,7 @@ async function updateArtifacts({ packageFileName, updatedDeps, newPackageFileCon
     }
     let manifest;
     try {
-        manifest = js_yaml_1.default.safeLoad(newPackageFileContent, { json: true });
+        manifest = js_yaml_1.default.load(newPackageFileContent, { json: true });
     }
     catch (err) {
         logger_1.logger.error('Failed to parse hardening_manifest.yaml');
diff --git a/dist/manager/ironbank/artifacts.js.map b/dist/manager/ironbank/artifacts.js.map
index 15de2db..3425136 100644
--- a/dist/manager/ironbank/artifacts.js.map
+++ b/dist/manager/ironbank/artifacts.js.map
@@ -1 +1 @@
-{"version":3,"file":"artifacts.js","sourceRoot":"","sources":["../../../lib/manager/ironbank/artifacts.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAClC,sDAA2B;AAC3B,iCAA6B;AAC7B,yCAAsC;AACtC,0CAAuC;AACvC,sCAA8C;AAC9C,wCAA+C;AAI/C,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,IAAY;IAClD,eAAM,CAAC,KAAK,CAAC,wBAAwB,GAAG,KAAK,IAAI,GAAG,CAAC,CAAC;IACtD,IAAI;QACF,MAAM,GAAG,GAAG,kBAAkB,CAAC;QAC/B,MAAM,IAAI,GAAG,cAAc,GAAG,IAAI,GAAG,SAAS,GAAG,GAAG,CAAC;QACrD,MAAM,WAAI,CAAC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,CAAC;KAC9B;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,KAAK,CAAC;KACd;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAEM,KAAK,UAAU,eAAe,CAAC,EACpC,eAAe,EACf,WAAW,EACX,qBAAqB,EACrB,MAAM,GACS;;IACf,eAAM,CAAC,KAAK,CAAC,4BAA4B,eAAe,GAAG,CAAC,CAAC;IAC7D,IAAI,CAAC,YAAE,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE;QAClC,OAAO,IAAI,CAAC;KACb;IAED,IAAI,QAA2B,CAAC;IAChC,IAAI;QACF,QAAQ,GAAG,iBAAI,CAAC,QAAQ,CAAC,qBAAqB,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAsB,CAAC;KACtF;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAC,QAAQ,IAAI,YAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE;QAC/C,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAA,MAAA,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,CAAA,EAAE;QACrD,OAAO,IAAI,CAAC;KACb;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;IACzB,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,SAAS,EAAE;QACrC,IAAI,MAAA,IAAI,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,EAAE;YACnC,MAAM,CAAC,GAAG,CACR,IAAI,CAAC,IAAI,EACT,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CACxD,CAAC;SACH;KACF;IAED,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE;QAC7B,eAAM,CAAC,KAAK,CAAC,cAAc,GAAG,GAAG,CAAC,CAAC;QACnC,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;YACnB,MAAM,MAAM,GAAG,MAAM,WAAW,CAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EACf,YAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,GAAG,CAAC,CAC3B,CAAC;YACF,IAAI,CAAC,MAAM,EAAE;gBACX,OAAO,IAAI,CAAC;aACb;SACF;KACF;IAGD,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,MAAM,MAAM,GAAG,MAAM,mBAAa,EAAE,CAAC;IAErC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE;QACxD,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM,kBAAa,CAAC,CAAC,CAAC;aACjC;SACF,CAAC,CAAC;KACJ;IAED,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,IAAI,EAAE,EAAE;QACpC,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,CAAC;aACZ;SACF,CAAC,CAAC;KACJ;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAzED,0CAyEC","sourcesContent":["import is from '@sindresorhus/is';\nimport yaml from 'js-yaml';\nimport { join } from 'upath';\nimport { logger } from '../../logger';\nimport { exec } from '../../util/exec';\nimport { readLocalFile } from '../../util/fs';\nimport { getRepoStatus } from '../../util/git';\nimport { UpdateArtifact, UpdateArtifactsResult } from '../types';\nimport { HardeningManifest } from './extract';\n\nasync function postUpgrade(url: string, path: string): Promise<boolean> {\n  logger.debug(`ironbank.postUpgrade(${url}, ${path})`);\n  try {\n    const cmd = 'ironbank-helm.sh';\n    const args = '--directory ' + path + ' --url ' + url;\n    await exec(`${cmd} ${args}`);\n  } catch (err) {\n    logger.error(err);\n    return false;\n  }\n  return true;\n}\n\nexport async function updateArtifacts({\n  packageFileName,\n  updatedDeps,\n  newPackageFileContent,\n  config,\n}: UpdateArtifact): Promise<UpdateArtifactsResult[] | null> {\n  logger.debug(`ironbank.updateArtifacts(${packageFileName})`);\n  if (!is.nonEmptyArray(updatedDeps)) {\n    return null;\n  }\n\n  let manifest: HardeningManifest;\n  try {\n    manifest = yaml.safeLoad(newPackageFileContent, { json: true }) as HardeningManifest;\n  } catch (err) {\n    logger.error('Failed to parse hardening_manifest.yaml');\n    return null;\n  }\n\n  if (!(manifest && is.array(manifest.resources))) {\n    return null;\n  }\n\n  if (!manifest.resources[0].url?.startsWith('helm://')) {\n    return null;\n  }\n\n  const charts = new Map();\n  for (const item of manifest.resources) {\n    if (item.url?.startsWith('helm://')) {\n      charts.set(\n        item.name,\n        `${String('https://')}${String(item.url.substring(7))}`\n      );\n    }\n  }\n\n  for (const dep of updatedDeps) {\n    logger.debug(`updatedDep(${dep})`);\n    if (charts.has(dep)) {\n      const result = await postUpgrade(\n        charts.get(dep),\n        join(config.localDir, dep)\n      );\n      if (!result) {\n        return null;\n      }\n    }\n  }\n\n\n  const res = [];\n  const status = await getRepoStatus();\n\n  for (const f of status.modified.concat(status.not_added)) {\n    res.push({\n      file: {\n        name: f,\n        contents: await readLocalFile(f),\n      },\n    });\n  }\n\n  for (const f of status.deleted || []) {\n    res.push({\n      file: {\n        name: '|delete|',\n        contents: f,\n      },\n    });\n  }\n\n  return res;\n}\n"]}
\ No newline at end of file
+{"version":3,"file":"artifacts.js","sourceRoot":"","sources":["../../../lib/manager/ironbank/artifacts.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAClC,sDAA2B;AAC3B,iCAA6B;AAC7B,yCAAsC;AACtC,0CAAuC;AACvC,sCAA8C;AAC9C,wCAA+C;AAI/C,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,IAAY;IAClD,eAAM,CAAC,KAAK,CAAC,wBAAwB,GAAG,KAAK,IAAI,GAAG,CAAC,CAAC;IACtD,IAAI;QACF,MAAM,GAAG,GAAG,kBAAkB,CAAC;QAC/B,MAAM,IAAI,GAAG,cAAc,GAAG,IAAI,GAAG,SAAS,GAAG,GAAG,CAAC;QACrD,MAAM,WAAI,CAAC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,CAAC;KAC9B;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,KAAK,CAAC;KACd;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAEM,KAAK,UAAU,eAAe,CAAC,EACpC,eAAe,EACf,WAAW,EACX,qBAAqB,EACrB,MAAM,GACS;;IACf,eAAM,CAAC,KAAK,CAAC,4BAA4B,eAAe,GAAG,CAAC,CAAC;IAC7D,IAAI,CAAC,YAAE,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE;QAClC,OAAO,IAAI,CAAC;KACb;IAED,IAAI,QAA2B,CAAC;IAChC,IAAI;QACF,QAAQ,GAAG,iBAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAsB,CAAC;KAClF;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAC,QAAQ,IAAI,YAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE;QAC/C,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAA,MAAA,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,CAAA,EAAE;QACrD,OAAO,IAAI,CAAC;KACb;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;IACzB,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,SAAS,EAAE;QACrC,IAAI,MAAA,IAAI,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,EAAE;YACnC,MAAM,CAAC,GAAG,CACR,IAAI,CAAC,IAAI,EACT,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CACxD,CAAC;SACH;KACF;IAED,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE;QAC7B,eAAM,CAAC,KAAK,CAAC,cAAc,GAAG,GAAG,CAAC,CAAC;QACnC,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;YACnB,MAAM,MAAM,GAAG,MAAM,WAAW,CAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EACf,YAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,GAAG,CAAC,CAC3B,CAAC;YACF,IAAI,CAAC,MAAM,EAAE;gBACX,OAAO,IAAI,CAAC;aACb;SACF;KACF;IAGD,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,MAAM,MAAM,GAAG,MAAM,mBAAa,EAAE,CAAC;IAErC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE;QACxD,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM,kBAAa,CAAC,CAAC,CAAC;aACjC;SACF,CAAC,CAAC;KACJ;IAED,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,IAAI,EAAE,EAAE;QACpC,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,CAAC;aACZ;SACF,CAAC,CAAC;KACJ;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAzED,0CAyEC","sourcesContent":["import is from '@sindresorhus/is';\nimport yaml from 'js-yaml';\nimport { join } from 'upath';\nimport { logger } from '../../logger';\nimport { exec } from '../../util/exec';\nimport { readLocalFile } from '../../util/fs';\nimport { getRepoStatus } from '../../util/git';\nimport { UpdateArtifact, UpdateArtifactsResult } from '../types';\nimport { HardeningManifest } from './extract';\n\nasync function postUpgrade(url: string, path: string): Promise<boolean> {\n  logger.debug(`ironbank.postUpgrade(${url}, ${path})`);\n  try {\n    const cmd = 'ironbank-helm.sh';\n    const args = '--directory ' + path + ' --url ' + url;\n    await exec(`${cmd} ${args}`);\n  } catch (err) {\n    logger.error(err);\n    return false;\n  }\n  return true;\n}\n\nexport async function updateArtifacts({\n  packageFileName,\n  updatedDeps,\n  newPackageFileContent,\n  config,\n}: UpdateArtifact): Promise<UpdateArtifactsResult[] | null> {\n  logger.debug(`ironbank.updateArtifacts(${packageFileName})`);\n  if (!is.nonEmptyArray(updatedDeps)) {\n    return null;\n  }\n\n  let manifest: HardeningManifest;\n  try {\n    manifest = yaml.load(newPackageFileContent, { json: true }) as HardeningManifest;\n  } catch (err) {\n    logger.error('Failed to parse hardening_manifest.yaml');\n    return null;\n  }\n\n  if (!(manifest && is.array(manifest.resources))) {\n    return null;\n  }\n\n  if (!manifest.resources[0].url?.startsWith('helm://')) {\n    return null;\n  }\n\n  const charts = new Map();\n  for (const item of manifest.resources) {\n    if (item.url?.startsWith('helm://')) {\n      charts.set(\n        item.name,\n        `${String('https://')}${String(item.url.substring(7))}`\n      );\n    }\n  }\n\n  for (const dep of updatedDeps) {\n    logger.debug(`updatedDep(${dep})`);\n    if (charts.has(dep)) {\n      const result = await postUpgrade(\n        charts.get(dep),\n        join(config.localDir, dep)\n      );\n      if (!result) {\n        return null;\n      }\n    }\n  }\n\n\n  const res = [];\n  const status = await getRepoStatus();\n\n  for (const f of status.modified.concat(status.not_added)) {\n    res.push({\n      file: {\n        name: f,\n        contents: await readLocalFile(f),\n      },\n    });\n  }\n\n  for (const f of status.deleted || []) {\n    res.push({\n      file: {\n        name: '|delete|',\n        contents: f,\n      },\n    });\n  }\n\n  return res;\n}\n"]}
\ No newline at end of file
diff --git a/lib/manager/ironbank/artifacts.ts b/lib/manager/ironbank/artifacts.ts
index 2407d92..04eb2c3 100644
--- a/lib/manager/ironbank/artifacts.ts
+++ b/lib/manager/ironbank/artifacts.ts
@@ -34,7 +34,7 @@ export async function updateArtifacts({
 
   let manifest: HardeningManifest;
   try {
-    manifest = yaml.safeLoad(newPackageFileContent, { json: true }) as HardeningManifest;
+    manifest = yaml.load(newPackageFileContent, { json: true }) as HardeningManifest;
   } catch (err) {
     logger.error('Failed to parse hardening_manifest.yaml');
     return null;
-- 
GitLab