From 01d4d0db8af4037d619e04c7ae21848acf9e6682 Mon Sep 17 00:00:00 2001 From: Michael Kriese Date: Tue, 23 Apr 2024 17:19:34 +0200 Subject: [PATCH] fix: replace kbpgp with fork (#28604) --- lib/config/decrypt/kbpgp.ts | 27 +------- package.json | 2 +- pnpm-lock.yaml | 127 +++++++++++++++++++++++++++++------- 3 files changed, 106 insertions(+), 50 deletions(-) diff --git a/lib/config/decrypt/kbpgp.ts b/lib/config/decrypt/kbpgp.ts index ccff067c7357e9..8ed18fe1c5069c 100644 --- a/lib/config/decrypt/kbpgp.ts +++ b/lib/config/decrypt/kbpgp.ts @@ -1,32 +1,7 @@ -import kbpgp from 'kbpgp'; +import * as kbpgp from '@renovatebot/kbpgp'; import { logger } from '../../logger'; import { regEx } from '../../util/regex'; -declare module 'kbpgp' { - export class KeyManager { - static import_from_armored_pgp( - opts: { armored: string }, - cb: (err: Error, pk: KeyManager) => void, - ): void; - } - - // eslint-disable-next-line @typescript-eslint/no-namespace - export namespace keyring { - export class KeyRing { - add_key_manager(pk: KeyManager): void; - } - } - - export class Literal { - toString(): string; - } - - export function unbox( - opts: { keyfetch: keyring.KeyRing; armored: string }, - cb: (err: Error, literals: Literal[]) => void, - ): void; -} - export async function tryDecryptKbPgp( privateKey: string, encryptedStr: string, diff --git a/package.json b/package.json index 9cc9f8437ac699..abe06531b02fab 100644 --- a/package.json +++ b/package.json @@ -160,6 +160,7 @@ "@opentelemetry/sdk-trace-node": "1.23.0", "@opentelemetry/semantic-conventions": "1.23.0", "@qnighy/marshal": "0.1.3", + "@renovatebot/kbpgp": "3.0.1", "@renovatebot/osv-offline": "1.5.4", "@renovatebot/pep440": "3.0.20", "@renovatebot/ruby-semver": "3.0.23", @@ -212,7 +213,6 @@ "json-stringify-pretty-compact": "3.0.0", "json5": "2.2.3", "jsonata": "2.0.4", - "kbpgp": "2.1.15", "klona": "2.0.6", "lru-cache": "10.2.0", "luxon": "3.4.4", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 56b3afae87085c..e9cbf1c0c17335 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -68,6 +68,9 @@ importers: '@qnighy/marshal': specifier: 0.1.3 version: 0.1.3 + '@renovatebot/kbpgp': + specifier: 3.0.1 + version: 3.0.1 '@renovatebot/osv-offline': specifier: 1.5.4 version: 1.5.4 @@ -224,9 +227,6 @@ importers: jsonata: specifier: 2.0.4 version: 2.0.4 - kbpgp: - specifier: 2.1.15 - version: 2.1.15 klona: specifier: 2.0.6 version: 2.0.6 @@ -2839,6 +2839,25 @@ packages: '@redis/client': 1.5.14 dev: false + /@renovatebot/kbpgp@3.0.1: + resolution: {integrity: sha512-n78K03XvVIVhE95Thlmq+AXl6j9gYKnsKtrVzU7vnmsKNQDSPn8zTRs1wXGjjdup9REPmqRNcITeq3NsG32QYQ==} + engines: {node: ^18.12.0 || >=20.9.0, pnpm: ^9.0.0} + dependencies: + bn: 1.0.5 + bzip-deflate: 1.0.0 + deep-equal: 2.2.3 + iced-error: 0.0.13 + iced-lock: 2.0.1 + iced-runtime-3: 3.0.5 + keybase-ecurve: 1.0.1 + keybase-nacl: 1.1.4 + minimist: 1.2.8 + pgp-utils: 0.0.35 + purepack: 1.0.6 + triplesec: 4.0.3 + tweetnacl: 1.0.3 + dev: false + /@renovatebot/osv-offline-db@1.6.0: resolution: {integrity: sha512-cEOCTyd3+/7gPDmBn0pyJtF01+f9e/dJ1mOoML+v5AsP8GIPAzhtQUuIB5FiCxS4IsbP0qm34anYUZHGJldNJA==} dependencies: @@ -5284,16 +5303,28 @@ packages: optional: true dev: true - /deep-equal@1.1.2: - resolution: {integrity: sha512-5tdhKF6DbU7iIzrIOa1AOUt39ZRm13cmL1cGEh//aqR8x9+tNfbywRf0n5FD/18OKMdo7DNEtrX2t22ZAkI+eg==} + /deep-equal@2.2.3: + resolution: {integrity: sha512-ZIwpnevOurS8bpT4192sqAowWM76JDKSHYzMLty3BZGSswgq6pBaH3DhCSW5xVAZICZyKdOBPjwww5wfgT/6PA==} engines: {node: '>= 0.4'} dependencies: + array-buffer-byte-length: 1.0.1 + call-bind: 1.0.7 + es-get-iterator: 1.1.3 + get-intrinsic: 1.2.4 is-arguments: 1.1.1 + is-array-buffer: 3.0.4 is-date-object: 1.0.5 is-regex: 1.1.4 + is-shared-array-buffer: 1.0.3 + isarray: 2.0.5 object-is: 1.1.6 object-keys: 1.1.1 + object.assign: 4.1.5 regexp.prototype.flags: 1.5.2 + side-channel: 1.0.6 + which-boxed-primitive: 1.0.2 + which-collection: 1.0.2 + which-typed-array: 1.1.15 dev: false /deep-extend@0.6.0: @@ -5631,6 +5662,20 @@ packages: resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} engines: {node: '>= 0.4'} + /es-get-iterator@1.1.3: + resolution: {integrity: sha512-sPZmqHBe6JIiTfN5q2pEi//TwxmAFHwj/XEuYjTuse78i8KxaqMTTzxPoFKuzRpDpTJ+0NAbpfenkmH2rePtuw==} + dependencies: + call-bind: 1.0.7 + get-intrinsic: 1.2.4 + has-symbols: 1.0.3 + is-arguments: 1.1.1 + is-map: 2.0.3 + is-set: 2.0.3 + is-string: 1.0.7 + isarray: 2.0.5 + stop-iteration-iterator: 1.0.0 + dev: false + /es-object-atoms@1.0.0: resolution: {integrity: sha512-MZ4iQ6JwHOBQjahnjwaC1ZtIBH+2ohjamzAO3oaHcXYup7qxjF2fixyH+Q71voWHeOkI2q/TnJao/KfXYIZWbw==} engines: {node: '>= 0.4'} @@ -6753,6 +6798,16 @@ packages: iced-runtime: 1.0.4 dev: false + /iced-lock@2.0.1: + resolution: {integrity: sha512-J6dnGMpAoHNyACUYJYhiJkLY7YFRTa7NMZ8ZygpYB3HNDOGWtzv55+kT2u1zItRi4Y1EXruG9d1VDsx8R5faTw==} + dependencies: + iced-runtime: 1.0.4 + dev: false + + /iced-runtime-3@3.0.5: + resolution: {integrity: sha512-OHU64z4Njq4EdoGyRId5NgUQKy6R1sr1wufc1fVxwpqKsM8yWagqmKCRlt//zKKIPOfZw7kQ1iN4m+/2s8WSeg==} + dev: false + /iced-runtime@1.0.4: resolution: {integrity: sha512-rgiJXNF6ZgF2Clh/TKUlBDW3q51YPDJUXmxGQXx1b8tbZpVpTn+1RX9q1sjNkujXIIaVxZByQzPHHORg7KV51g==} dev: false @@ -6992,6 +7047,11 @@ packages: dev: false optional: true + /is-map@2.0.3: + resolution: {integrity: sha512-1Qed0/Hr2m+YqxnM09CjA2d/i6YZNfF6R2oRAOj36eUdS6qIV/huPJNSEpKbupewFs+ZsJlxsjjPbc0/afW6Lw==} + engines: {node: '>= 0.4'} + dev: false + /is-negative-zero@2.0.3: resolution: {integrity: sha512-5KoIu2Ngpyek75jXodFvnafB6DJgr3u8uuK0LEZJjrU19DrMD3EVERaR8sjz8CCGgpZvxPl9SuE1GMVPFHx1mw==} engines: {node: '>= 0.4'} @@ -7032,6 +7092,11 @@ packages: call-bind: 1.0.7 has-tostringtag: 1.0.2 + /is-set@2.0.3: + resolution: {integrity: sha512-iPAjerrse27/ygGLxw+EBR9agv9Y6uLeYVJMu+QNCoouJ1/1ri0mGrcWpfCqFZuzzx3WjtwxG098X+n4OuRkPg==} + engines: {node: '>= 0.4'} + dev: false + /is-shared-array-buffer@1.0.3: resolution: {integrity: sha512-nA2hv5XIhLR3uVzDDfCIknerhx8XUKnstuOERPNNIinXG7v9u+ohXF67vxm4TPTEPU6lm61ZkwP3c9PCB97rhg==} engines: {node: '>= 0.4'} @@ -7086,11 +7151,24 @@ packages: engines: {node: '>=18'} dev: true + /is-weakmap@2.0.2: + resolution: {integrity: sha512-K5pXYOm9wqY1RgjpL3YTkF39tni1XajUIkawTLUo9EZEVUFga5gSQJF8nNS7ZwJQ02y+1YCNYcMh+HIf1ZqE+w==} + engines: {node: '>= 0.4'} + dev: false + /is-weakref@1.0.2: resolution: {integrity: sha512-qctsuLZmIQ0+vSSMfoVvyFe2+GSEvnmZ2ezTup1SBse9+twCCeial6EEi3Nc2KFcf6+qz2FBPnjXsk8xhKSaPQ==} dependencies: call-bind: 1.0.7 + /is-weakset@2.0.3: + resolution: {integrity: sha512-LvIm3/KWzS9oRFHugab7d+M/GcBXuXX5xZkzPmN+NxihdQlZUQ4dWuSV1xR/sq6upL1TJEDrfBgRepHFdBtSNQ==} + engines: {node: '>= 0.4'} + dependencies: + call-bind: 1.0.7 + get-intrinsic: 1.2.4 + dev: false + /is-windows@1.0.2: resolution: {integrity: sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA==} engines: {node: '>=0.10.0'} @@ -7793,24 +7871,6 @@ packages: safe-buffer: 5.2.1 dev: false - /kbpgp@2.1.15: - resolution: {integrity: sha512-iFdQT+m2Mi2DB14kEFydF2joNe9x3E2VZCGZUt7UXsiZnQx5TtSl4KofP7EPtjHvf7weCxNKlEPSYiiCNMZ2jA==} - dependencies: - bn: 1.0.5 - bzip-deflate: 1.0.0 - deep-equal: 1.1.2 - iced-error: 0.0.13 - iced-lock: 1.1.0 - iced-runtime: 1.0.4 - keybase-ecurve: 1.0.1 - keybase-nacl: 1.1.4 - minimist: 1.2.8 - pgp-utils: 0.0.35 - purepack: 1.0.6 - triplesec: 4.0.3 - tweetnacl: 0.13.3 - dev: false - /keybase-ecurve@1.0.1: resolution: {integrity: sha512-2GlVxDsNF+52LtYjgFsjoKuN7MQQgiVeR4HRdJxLuN8fm4mf4stGKPUjDJjky15c/98UsZseLjp7Ih5X0Sy1jQ==} dependencies: @@ -10022,6 +10082,13 @@ packages: escape-string-regexp: 2.0.0 dev: true + /stop-iteration-iterator@1.0.0: + resolution: {integrity: sha512-iCGQj+0l0HOdZ2AEeBADlsRC+vsnDsZsbdSiH1yNSjcfKM7fdpCMfqAL/dwF5BLiw/XhRft/Wax6zQbhq2BcjQ==} + engines: {node: '>= 0.4'} + dependencies: + internal-slot: 1.0.7 + dev: false + /stream-combiner2@1.1.1: resolution: {integrity: sha512-3PnJbYgS56AeWgtKF5jtJRT6uFJe56Z0Hc5Ngg/6sI6rIt8iiMBTa9cvdyFfpMQjaVHr8dusbNeFGIIonxOvKw==} dependencies: @@ -10464,6 +10531,10 @@ packages: resolution: {integrity: sha512-iNWodk4oBsZ03Qfw/Yvv0KB90uYrJqvL4Je7Gy4C5t/GS3sCXPRmIT1lxmId4RzvUp0XG62bcxJ2CBu/3L5DSg==} dev: false + /tweetnacl@1.0.3: + resolution: {integrity: sha512-6rt+RN7aOi1nGMyC4Xa5DdYiukl2UWCbcJft7YhxReBGQD7OAM8Pbxw6YMo4r2diNEA8FEmu32YOn9rhaiE5yw==} + dev: false + /typanion@3.14.0: resolution: {integrity: sha512-ZW/lVMRabETuYCd9O9ZvMhAh8GslSqaUjxmK/JLPCh6l73CvLBiuXswj/+7LdnWOgYsQ130FqLzFz5aGT4I3Ug==} dev: false @@ -10830,6 +10901,16 @@ packages: is-string: 1.0.7 is-symbol: 1.0.4 + /which-collection@1.0.2: + resolution: {integrity: sha512-K4jVyjnBdgvc86Y6BkaLZEN933SwYOuBFkdmBu9ZfkcAbdVbpITnDmjvZ/aQjRXQrv5EPkTnD1s39GiiqbngCw==} + engines: {node: '>= 0.4'} + dependencies: + is-map: 2.0.3 + is-set: 2.0.3 + is-weakmap: 2.0.2 + is-weakset: 2.0.3 + dev: false + /which-module@2.0.1: resolution: {integrity: sha512-iBdZ57RDvnOR9AGBhML2vFZf7h8vmBjhoaZqODJBFWHVtKkDmKuHai3cx5PgVMrX5YDNp27AofYbAwctSS+vhQ==} dev: true