fix: strf-8574 Bump version of "archiver" to fix security issues

bigcommerce · Aug 3, 2020 · 42f4528 · 42f4528
1 parent 9122909
commit 42f4528
Show file tree

Hide file tree

Showing 3 changed files with 1,046 additions and 765 deletions.
diff --git a/lib/stencil-bundle.js b/lib/stencil-bundle.js
@@ -3,24 +3,28 @@
 const MEGABYTE = 1048576;
 const MAX_SIZE_BUNDLE = MEGABYTE * 50;
 const PATHS_TO_ZIP = [
- 'assets/**/*',
- '!assets/cdn/**',
- '!assets/**/*.js.map',
- '!assets/jspm_packages/**', // Don't want jspm_packages if it's there
- 'CHANGELOG.md',
- 'config.json',
- '.eslintrc',
- '.eslintignore',
- 'Gruntfile.js',
- 'karma.conf.js',
- 'lang/*',
- 'meta/**/*',
- 'package.json',
- 'README.md',
- '.scss-lint.yml',
- 'stencil.conf.js',
- 'templates/**/*',
- 'webpack.*.js',
+ {
+ pattern: 'assets/**/*',
+ ignore: [
+ 'assets/cdn/**',
+ 'assets/**/*.js.map',
+ 'assets/jspm_packages/**',
+ ],
+ },
+ { pattern: 'CHANGELOG.md' },
+ { pattern: 'config.json' },
+ { pattern: '.eslintrc' },
+ { pattern: '.eslintignore' },
+ { pattern: 'Gruntfile.js' },
+ { pattern: 'karma.conf.js' },
+ { pattern: 'lang/*' },
+ { pattern: 'meta/**/*' },
+ { pattern: 'package.json' },
+ { pattern: 'README.md' },
+ { pattern: '.scss-lint.yml' },
+ { pattern: 'stencil.conf.js' },
+ { pattern: 'templates/**/*' },
+ { pattern: 'webpack.*.js' },
 ];
 
 const Upath = require('upath');
@@ -363,11 +367,9 @@ function bundleThemeFiles(archive, themePath, configuration) {
  );
  }
 
- archive.bulk({
- src: PATHS_TO_ZIP,
- cwd: themePath,
- expand: true,
- });
+ PATHS_TO_ZIP.forEach(({ pattern, ignore }) =>
+ archive.glob(pattern, { ignore, cwd: themePath }),
+ );
 }
 
 /**
@@ -384,45 +386,45 @@ function bundleParsedFiles(archive, taskResults) {
  for (let task in taskResults) {
  let data = taskResults[task];
  switch(task) {
- case 'css':
- // Create the parsed tree files
- for (let filename in data) {
- archiveJsonFile(data[filename], `parsed/scss/${filename}.json`);
- }
- break;
-
- case 'templates':
- // Create the parsed tree files
- for (let filename in data) {
- const hash = Crypto.createHash('md5').update(filename).digest('hex');
- const fileData = data[filename];
- archiveJsonFile(fileData, `parsed/templates/${hash}.json`);
- // if file size is greater than 1 megabyte push filename to failedTemplates
- if (JSON.stringify(fileData).length >= MEGABYTE) {
- failedTemplates.push(filename);
+ case 'css':
+ // Create the parsed tree files
+ for (let filename in data) {
+ archiveJsonFile(data[filename], `parsed/scss/${filename}.json`);
  }
- }
- break;
-
- case 'lang':
- // append the parsed translation file with all translations
- archiveJsonFile(data, 'parsed/lang.json');
- break;
-
- case 'schema':
- // append the generated schema.json file
- archiveJsonFile(data, 'schema.json');
- break;
-
- case 'schemaTranslations':
- // append the parsed schemaTranslations.json file
- archiveJsonFile(data, 'schemaTranslations.json');
- break;
-
- case 'manifest':
- // append the generated manifest.json file
- archiveJsonFile(data, 'manifest.json');
- break;
+ break;
+
+ case 'templates':
+ // Create the parsed tree files
+ for (let filename in data) {
+ const hash = Crypto.createHash('md5').update(filename).digest('hex');
+ const fileData = data[filename];
+ archiveJsonFile(fileData, `parsed/templates/${hash}.json`);
+ // if file size is greater than 1 megabyte push filename to failedTemplates
+ if (JSON.stringify(fileData).length >= MEGABYTE) {
+ failedTemplates.push(filename);
+ }
+ }
+ break;
+
+ case 'lang':
+ // append the parsed translation file with all translations
+ archiveJsonFile(data, 'parsed/lang.json');
+ break;
+
+ case 'schema':
+ // append the generated schema.json file
+ archiveJsonFile(data, 'schema.json');
+ break;
+
+ case 'schemaTranslations':
+ // append the parsed schemaTranslations.json file
+ archiveJsonFile(data, 'schemaTranslations.json');
+ break;
+
+ case 'manifest':
+ // append the generated manifest.json file
+ archiveJsonFile(data, 'manifest.json');
+ break;
  }
  }
  return failedTemplates;