From 8022e2f365798eafcae330ad5c916e6c58f6c6e7 Mon Sep 17 00:00:00 2001 From: "ugo.bechameil" Date: Wed, 18 Mar 2026 15:06:45 +0100 Subject: [PATCH] fix fast-xml-parser alerts --- package-lock.json | 89 +++++++++++++++++++---------- package.json | 26 +-------- patches/snowflake-sdk+2.3.3.patch | 95 ------------------------------- 3 files changed, 62 insertions(+), 148 deletions(-) delete mode 100644 patches/snowflake-sdk+2.3.3.patch diff --git a/package-lock.json b/package-lock.json index a189333b..1224e810 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,19 +1,19 @@ { "name": "Snowflake", - "version": "0.2.45", + "version": "0.2.46", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "Snowflake", - "version": "0.2.45", + "version": "0.2.46", "hasInstallScript": true, "dependencies": { "@hackolade/fetch": "1.3.0", "async": "3.2.6", "bson": "4.6.1", "lodash": "4.17.23", - "snowflake-sdk": "2.3.3", + "snowflake-sdk": "2.3.5", "uuid": "7.0.3" }, "devDependencies": { @@ -6112,10 +6112,25 @@ "node": ">=8.6.0" } }, + "node_modules/fast-xml-builder": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/fast-xml-builder/-/fast-xml-builder-1.1.4.tgz", + "integrity": "sha512-f2jhpN4Eccy0/Uz9csxh3Nu6q4ErKxf0XIsasomfOihuSUa3/xw6w8dnOtCDgEItQFJG8KyXPzQXzcODDrrbOg==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/NaturalIntelligence" + } + ], + "license": "MIT", + "dependencies": { + "path-expression-matcher": "^1.1.3" + } + }, "node_modules/fast-xml-parser": { - "version": "5.3.8", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.3.8.tgz", - "integrity": "sha512-53jIF4N6u/pxvaL1eb/hEZts/cFLWZ92eCfLrNyCI0k38lettCG/Bs40W9pPwoPXyHQlKu2OUbQtiEIZK/J6Vw==", + "version": "5.5.6", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.5.6.tgz", + "integrity": "sha512-3+fdZyBRVg29n4rXP0joHthhcHdPUHaIC16cuyyd1iLsuaO6Vea36MPrxgAzbZna8lhvZeRL8Bc9GP56/J9xEw==", "funding": [ { "type": "github", @@ -6124,6 +6139,8 @@ ], "license": "MIT", "dependencies": { + "fast-xml-builder": "^1.1.4", + "path-expression-matcher": "^1.1.3", "strnum": "^2.1.2" }, "bin": { @@ -7708,6 +7725,21 @@ "node": ">=8" } }, + "node_modules/path-expression-matcher": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/path-expression-matcher/-/path-expression-matcher-1.1.3.tgz", + "integrity": "sha512-qdVgY8KXmVdJZRSS1JdEPOKPdTiEK/pi0RkcT2sw1RhXxohdujUlJFPuS1TSkevZ9vzd3ZlL7ULl1MHGTApKzQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/NaturalIntelligence" + } + ], + "license": "MIT", + "engines": { + "node": ">=14.0.0" + } + }, "node_modules/path-is-absolute": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", @@ -8105,37 +8137,37 @@ } }, "node_modules/snowflake-sdk": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/snowflake-sdk/-/snowflake-sdk-2.3.3.tgz", - "integrity": "sha512-ILuI762MUjbWZ2COzdCewtrU5ANKVWQWfJnz2UNhwgLVpbl/rHZg4ZfMTiSkcS6Qqos7qSD4FK6gORaOaCQNSQ==", + "version": "2.3.5", + "resolved": "https://registry.npmjs.org/snowflake-sdk/-/snowflake-sdk-2.3.5.tgz", + "integrity": "sha512-WppYbQK4R8/yDV2iUz6Tux5/Dms3cvbyp7qmkp4Evz9Z0NXUSLl0Sxoz7wK3oNIviME1fqBPozcQ19c03xUGuA==", "license": "Apache-2.0", "dependencies": { "@aws-crypto/sha256-js": "^5.2.0", - "@aws-sdk/client-s3": "^3.726.0", - "@aws-sdk/client-sts": "^3.899.0", - "@aws-sdk/credential-provider-node": "^3.823.0", - "@aws-sdk/ec2-metadata-service": "^3.826.0", + "@aws-sdk/client-s3": "^3.983.0", + "@aws-sdk/client-sts": "^3.983.0", + "@aws-sdk/credential-provider-node": "^3.972.5", + "@aws-sdk/ec2-metadata-service": "^3.983.0", "@azure/identity": "^4.10.1", "@azure/storage-blob": "12.26.x", - "@google-cloud/storage": "^7.7.0", - "@smithy/node-http-handler": "^4.0.1", - "@smithy/protocol-http": "^5.1.3", - "@smithy/signature-v4": "^5.2.1", + "@google-cloud/storage": "^7.19.0", + "@smithy/node-http-handler": "^4.4.9", + "@smithy/protocol-http": "^5.3.8", + "@smithy/signature-v4": "^5.3.8", "@techteamer/ocsp": "1.0.1", + "asn1.js": "^5.0.0", "asn1.js-rfc2560": "^5.0.0", "asn1.js-rfc5280": "^3.0.0", - "axios": "^1.12.2", + "axios": "^1.13.4", "big-integer": "^1.6.43", "bignumber.js": "^9.1.2", - "bn.js": "^5.2.1", "browser-request": "^0.3.3", "expand-tilde": "^2.0.2", - "fast-xml-parser": "^4.2.5", + "fast-xml-parser": "^5.4.1", "fastest-levenshtein": "^1.0.16", "generic-pool": "^3.8.2", "google-auth-library": "^10.1.0", "https-proxy-agent": "^7.0.2", - "jsonwebtoken": "^9.0.0", + "jsonwebtoken": "^9.0.3", "mime-types": "^2.1.29", "moment": "^2.29.4", "moment-timezone": "^0.5.15", @@ -8146,6 +8178,9 @@ "uuid": "^8.3.2", "winston": "^3.1.0" }, + "engines": { + "node": ">=18" + }, "peerDependencies": { "asn1.js": "^5.4.1" } @@ -8175,12 +8210,6 @@ "node": ">=18.0.0" } }, - "node_modules/snowflake-sdk/node_modules/bn.js": { - "version": "5.2.3", - "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.3.tgz", - "integrity": "sha512-EAcmnPkxpntVL+DS7bO1zhcZNvCkxqtkd0ZY53h06GNQ3DEkkGZ/gKgmDv6DdZQGj9BgfSPKtJJ7Dp1GPP8f7w==", - "license": "MIT" - }, "node_modules/snowflake-sdk/node_modules/uuid": { "version": "8.3.2", "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", @@ -8333,9 +8362,9 @@ } }, "node_modules/strnum": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/strnum/-/strnum-2.1.2.tgz", - "integrity": "sha512-l63NF9y/cLROq/yqKXSLtcMeeyOfnSQlfMSlzFt/K73oIaD8DGaQWd7Z34X9GPiKqP5rbSh84Hl4bOlLcjiSrQ==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/strnum/-/strnum-2.2.0.tgz", + "integrity": "sha512-Y7Bj8XyJxnPAORMZj/xltsfo55uOiyHcU2tnAVzHUnSJR/KsEX+9RoDeXEnsXtl/CX4fAcrt64gZ13aGaWPeBg==", "funding": [ { "type": "github", diff --git a/package.json b/package.json index a0ca0aaa..537a0cfe 100644 --- a/package.json +++ b/package.json @@ -65,7 +65,7 @@ "async": "3.2.6", "bson": "4.6.1", "lodash": "4.17.23", - "snowflake-sdk": "2.3.3", + "snowflake-sdk": "2.3.5", "uuid": "7.0.3" }, "simple-git-hooks": { @@ -93,28 +93,8 @@ "simple-git-hooks": "2.13.1" }, "overrides": { - "fast-xml-parser": "5.3.8", + "fast-xml-parser": "5.5.6", "minimatch": "10.2.4", - "@aws-sdk/xml-builder": "3.972.10", - "@aws-sdk/core": "3.973.18", - "@aws-sdk/client-s3": "3.1004.0", - "@aws-sdk/client-sts": "3.1004.0", - "@aws-sdk/client-sso": "3.1004.0", - "@aws-sdk/credential-provider-node": "3.972.18", - "@aws-sdk/credential-provider-env": "3.972.16", - "@aws-sdk/credential-provider-http": "3.972.18", - "@aws-sdk/credential-provider-ini": "3.972.17", - "@aws-sdk/credential-provider-login": "3.972.17", - "@aws-sdk/credential-provider-process": "3.972.16", - "@aws-sdk/credential-provider-sso": "3.972.17", - "@aws-sdk/credential-provider-web-identity": "3.972.17", - "@aws-sdk/middleware-flexible-checksums": "3.973.4", - "@aws-sdk/middleware-sdk-s3": "3.972.18", - "@aws-sdk/middleware-user-agent": "3.972.19", - "@aws-sdk/nested-clients": "3.996.7", - "@aws-sdk/signature-v4-multi-region": "3.996.6", - "@aws-sdk/token-providers": "3.1004.0", - "@aws-sdk/util-user-agent-node": "3.973.4", "@tootallnate/once": "3.0.1" } -} \ No newline at end of file +} diff --git a/patches/snowflake-sdk+2.3.3.patch b/patches/snowflake-sdk+2.3.3.patch deleted file mode 100644 index 36a3a97c..00000000 --- a/patches/snowflake-sdk+2.3.3.patch +++ /dev/null @@ -1,95 +0,0 @@ -diff --git a/node_modules/snowflake-sdk/dist/lib/agent/crl_fetcher.js b/node_modules/snowflake-sdk/dist/lib/agent/crl_fetcher.js -index 1424f11..dd0ffd1 100644 ---- a/node_modules/snowflake-sdk/dist/lib/agent/crl_fetcher.js -+++ b/node_modules/snowflake-sdk/dist/lib/agent/crl_fetcher.js -@@ -5,8 +5,16 @@ var __importDefault = (this && this.__importDefault) || function (mod) { - Object.defineProperty(exports, "__esModule", { value: true }); - exports.PENDING_FETCH_REQUESTS = void 0; - exports.getCrl = getCrl; -+const { hckFetch } = require('@hackolade/fetch'); - const asn1_js_rfc5280_1 = __importDefault(require("asn1.js-rfc5280")); --const axios_1 = __importDefault(require("axios")); -+const axios_1 = __importDefault(require("axios").create({ -+ adapter: 'fetch', -+ env: { -+ fetch: hckFetch, -+ Request: null, -+ Response: null, -+ } -+})); - const logger_1 = __importDefault(require("../logger")); - const global_config_typed_1 = __importDefault(require("../global_config_typed")); - const crl_cache_1 = require("./crl_cache"); -diff --git a/node_modules/snowflake-sdk/dist/lib/http/base.js b/node_modules/snowflake-sdk/dist/lib/http/base.js -index 7320edb..cb750e0 100644 ---- a/node_modules/snowflake-sdk/dist/lib/http/base.js -+++ b/node_modules/snowflake-sdk/dist/lib/http/base.js -@@ -3,7 +3,15 @@ const zlib = require('zlib'); - const Util = require('../util'); - const Logger = require('../logger'); - const ExecutionTimer = require('../logger/execution_timer'); --const axios = require('axios'); -+const { hckFetch } = require('@hackolade/fetch'); -+const axios = require('axios').create({ -+ adapter: 'fetch', -+ env: { -+ fetch: hckFetch, -+ Request: null, -+ Response: null, -+ } -+}); - const URL = require('node:url').URL; - const requestUtil = require('./request_util'); - const DEFAULT_REQUEST_TIMEOUT = 360000; -diff --git a/node_modules/snowflake-sdk/dist/lib/http/node_untyped.js b/node_modules/snowflake-sdk/dist/lib/http/node_untyped.js -index a361cbb..3e68446 100644 ---- a/node_modules/snowflake-sdk/dist/lib/http/node_untyped.js -+++ b/node_modules/snowflake-sdk/dist/lib/http/node_untyped.js -@@ -90,15 +90,7 @@ function isBypassProxy(proxy, destination, agentId) { - * @inheritDoc - */ - NodeHttpClient.prototype.getAgent = function (parsedUrl, proxy, mock) { -- Logger.getInstance().trace('Agent[url: %s] - getting an agent instance.', RequestUtil.describeURL(parsedUrl.href)); -- if (!proxy && GlobalConfig.isEnvProxyActive()) { -- const isHttps = parsedUrl.protocol === 'https:'; -- proxy = ProxyUtil.getProxyFromEnv(isHttps); -- if (proxy) { -- Logger.getInstance().debug('Agent[url: %s] - proxy info loaded from the environment variable. Proxy host: %s', RequestUtil.describeURL(parsedUrl.href), proxy.host); -- } -- } -- return getProxyAgent(proxy, parsedUrl, parsedUrl.href, mock, this._connectionConfig); -+ return null; - }; - function getProxyAgent(proxyOptions, parsedUrl, destination, mock, connectionConfig) { - Logger.getInstance().trace('Agent[url: %s] - getting a proxy agent instance.', RequestUtil.describeURL(parsedUrl.href)); -diff --git a/node_modules/snowflake-sdk/dist/lib/minicore/minicore.js b/node_modules/snowflake-sdk/dist/lib/minicore/minicore.js -index 8c39f8e..73bae12 100644 ---- a/node_modules/snowflake-sdk/dist/lib/minicore/minicore.js -+++ b/node_modules/snowflake-sdk/dist/lib/minicore/minicore.js -@@ -14,23 +14,9 @@ exports.minicoreStatus = { - error: null, - }; - let logDebugMinicoreError = null; --if (process.env.SNOWFLAKE_DISABLE_MINICORE) { -- exports.minicoreStatus.error = 'Minicore is disabled with SNOWFLAKE_DISABLE_MINICORE env variable'; --} --else { -- try { -- exports.minicoreStatus.binaryName = getBinaryName(); -- const minicoreModule = require(`./binaries/${exports.minicoreStatus.binaryName}`); -- exports.minicoreStatus.version = minicoreModule.sfCoreFullVersion(); -- } -- catch (error) { -- // NOTE: -- // minicoreStatus is pushed to telemetry, so we don't want the original error there as it might -- // contain sensitive information -- logDebugMinicoreError = error; -- exports.minicoreStatus.error = 'Failed to load binary'; -- } --} -+ -+exports.minicoreStatus.error = 'Minicore is disabled with SNOWFLAKE_DISABLE_MINICORE env variable'; -+ - // NOTE: - // Custom loader instead of napi-rs autogenerated binding file because: - // - napi-rs tries to require(process.env.NAPI_RS_NATIVE_LIBRARY_PATH) which might be a security risk