From a333f7a2ce1d25c4a4e218314a1f926b5485b2f2 Mon Sep 17 00:00:00 2001 From: Jorge Poveda Date: Thu, 10 Oct 2019 18:10:20 +0200 Subject: [PATCH 1/3] Update NPM dependencies --- CHANGELOG.md | 7 +++++ package-lock.json | 78 +++++++++++++++++++++-------------------------- package.json | 4 +-- 3 files changed, 43 insertions(+), 46 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 48fff27..b9e24eb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). +## [Unreleased](https://github.com/axa-group/arm-template-merge/compare/v1.1.3...HEAD) + +### Security + +- Update `npm` dependencies to fix: + - [WS-2019-0291](https://github.com/wycats/handlebars.js/issues/1558) + ## [1.1.3](https://github.com/axa-group/arm-template-merge/compare/v1.1.2...v1.1.3) — 2019-09-25 ### Security diff --git a/package-lock.json b/package-lock.json index 21aa8e1..8fbfa55 100644 --- a/package-lock.json +++ b/package-lock.json @@ -418,25 +418,25 @@ } }, "@nodelib/fs.scandir": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.2.tgz", - "integrity": "sha512-wrIBsjA5pl13f0RN4Zx4FNWmU71lv03meGKnqRUoCyan17s4V3WL92f3w3AIuWbNnpcrQyFBU5qMavJoB8d27w==", + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.3.tgz", + "integrity": "sha512-eGmwYQn3gxo4r7jdQnkrrN6bY478C3P+a/y72IJukF8LjB6ZHeB3c+Ehacj3sYeSmUXGlnA67/PmbM9CVwL7Dw==", "requires": { - "@nodelib/fs.stat": "2.0.2", + "@nodelib/fs.stat": "2.0.3", "run-parallel": "^1.1.9" } }, "@nodelib/fs.stat": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.2.tgz", - "integrity": "sha512-z8+wGWV2dgUhLqrtRYa03yDx4HWMvXKi1z8g3m2JyxAx8F7xk74asqPk5LAETjqDSGLFML/6CDl0+yFunSYicw==" + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.3.tgz", + "integrity": "sha512-bQBFruR2TAwoevBEd/NWMoAAtNGzTRgdrqnYCc7dhzfoNvqPzLyqlEQnzZ3kVnNrSp25iyxE00/3h2fqGAGArA==" }, "@nodelib/fs.walk": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.3.tgz", - "integrity": "sha512-l6t8xEhfK9Sa4YO5mIRdau7XSOADfmh3jCr0evNHdY+HNkW6xuQhgMH7D73VV6WpZOagrW0UludvMTiifiwTfA==", + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.4.tgz", + "integrity": "sha512-1V9XOY4rDW0rehzbrcqAmHnz8e7SKvX27gh8Gt2WgB0+pdzdiLV83p72kZPU+jvMbS1qU5mauP2iOvO8rhmurQ==", "requires": { - "@nodelib/fs.scandir": "2.1.2", + "@nodelib/fs.scandir": "2.1.3", "fastq": "^1.6.0" } }, @@ -1506,9 +1506,9 @@ } }, "eslint": { - "version": "6.4.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-6.4.0.tgz", - "integrity": "sha512-WTVEzK3lSFoXUovDHEbkJqCVPEPwbhCq4trDktNI6ygs7aO41d4cDT0JFAT5MivzZeVLWlg7vHL+bgrQv/t3vA==", + "version": "6.5.1", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-6.5.1.tgz", + "integrity": "sha512-32h99BoLYStT1iq1v2P9uwpyznQ4M2jRiFB6acitKz52Gqn+vPaMDUTB1bYi1WN4Nquj2w+t+bimYUG83DC55A==", "dev": true, "requires": { "@babel/code-frame": "^7.0.0", @@ -1556,15 +1556,6 @@ "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==", "dev": true }, - "glob-parent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.0.0.tgz", - "integrity": "sha512-Z2RwiujPRGluePM6j699ktJYxmPpJKCfpGA13jz2hmFZC7gKetzrWvg5KN3+OsIFmydGyZ1AVwERCq1w/ZZwRg==", - "dev": true, - "requires": { - "is-glob": "^4.0.1" - } - }, "semver": { "version": "6.3.0", "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", @@ -1748,9 +1739,9 @@ }, "dependencies": { "acorn": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.0.0.tgz", - "integrity": "sha512-PaF/MduxijYYt7unVGRuds1vBC9bFxbNf+VWqhOClfdgy7RlVkQqt610ig1/yxTgsDIfW1cWDel5EBbOy3jdtQ==", + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.1.0.tgz", + "integrity": "sha512-kL5CuoXA/dgxlBbVrflsflzQ3PAas7RYZB52NOm/6839iVYJgKMJ3cQJD+t2i5+qFa8h3MDpEOJiS64E8JLnSQ==", "dev": true } } @@ -1998,15 +1989,14 @@ "dev": true }, "fast-glob": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.0.4.tgz", - "integrity": "sha512-wkIbV6qg37xTJwqSsdnIphL1e+LaGz4AIQqr00mIubMaEhv1/HEmJ0uuCGZRNRUkZZmOB5mJKO0ZUTVq+SxMQg==", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.1.0.tgz", + "integrity": "sha512-TrUz3THiq2Vy3bjfQUB2wNyPdGBeGmdjbzzBLhfHN4YFurYptCKwGq/TfiRavbGywFRzY6U2CdmQ1zmsY5yYaw==", "requires": { - "@nodelib/fs.stat": "^2.0.1", - "@nodelib/fs.walk": "^1.2.1", - "glob-parent": "^5.0.0", - "is-glob": "^4.0.1", - "merge2": "^1.2.3", + "@nodelib/fs.stat": "^2.0.2", + "@nodelib/fs.walk": "^1.2.3", + "glob-parent": "^5.1.0", + "merge2": "^1.3.0", "micromatch": "^4.0.2" }, "dependencies": { @@ -2781,9 +2771,9 @@ } }, "glob-parent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.0.0.tgz", - "integrity": "sha512-Z2RwiujPRGluePM6j699ktJYxmPpJKCfpGA13jz2hmFZC7gKetzrWvg5KN3+OsIFmydGyZ1AVwERCq1w/ZZwRg==", + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.0.tgz", + "integrity": "sha512-qjtRgnIVmOfnKUE3NJAQEdk+lKrxfw8t5ke7SXtfMTHcjsBfOfWXCQfdb30zfDoZQ2IRSIiidmjtbHZPZ++Ihw==", "requires": { "is-glob": "^4.0.1" } @@ -2807,9 +2797,9 @@ "dev": true }, "handlebars": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.2.0.tgz", - "integrity": "sha512-Kb4xn5Qh1cxAKvQnzNWZ512DhABzyFNmsaJf3OAkWNa4NkaqWcNI8Tao8Tasi0/F4JD9oyG0YxuFyvyR57d+Gw==", + "version": "4.4.3", + "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.4.3.tgz", + "integrity": "sha512-B0W4A2U1ww3q7VVthTKfh+epHx+q4mCt6iK+zEAzbMBpWQAwxCeKxEGpj/1oQTpzPXDNSOG7hmG14TsISH50yw==", "dev": true, "requires": { "neo-async": "^2.6.0", @@ -5698,13 +5688,13 @@ } }, "uglify-js": { - "version": "3.6.0", - "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.6.0.tgz", - "integrity": "sha512-W+jrUHJr3DXKhrsS7NUVxn3zqMOFn0hL/Ei6v0anCIMoKC93TjcflTagwIHLW7SfMFfiQuktQyFVCFHGUE0+yg==", + "version": "3.6.1", + "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.6.1.tgz", + "integrity": "sha512-+dSJLJpXBb6oMHP+Yvw8hUgElz4gLTh82XuX68QiJVTXaE5ibl6buzhNkQdYhBlIhozWOC9ge16wyRmjG4TwVQ==", "dev": true, "optional": true, "requires": { - "commander": "~2.20.0", + "commander": "2.20.0", "source-map": "~0.6.1" }, "dependencies": { diff --git a/package.json b/package.json index b008953..cb4340a 100644 --- a/package.json +++ b/package.json @@ -41,10 +41,10 @@ "test": "npm run jest" }, "dependencies": { - "fast-glob": "^3.0.4" + "fast-glob": "^3.1.0" }, "devDependencies": { - "eslint": "^6.4.0", + "eslint": "^6.5.1", "eslint-config-airbnb-base": "^14.0.0", "eslint-plugin-import": "^2.18.2", "eslint-plugin-jest": "^22.17.0", From 01f633b0e745f9989588c0815f74d36908aa7a1c Mon Sep 17 00:00:00 2001 From: Jorge Poveda Date: Thu, 10 Oct 2019 18:00:05 +0200 Subject: [PATCH 2/3] Improve error message on template parsing failures --- CHANGELOG.md | 4 ++++ bin/arm-template-merge | 8 +++++++- test/cli.test.js | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b9e24eb..c56638c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,10 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). - Update `npm` dependencies to fix: - [WS-2019-0291](https://github.com/wycats/handlebars.js/issues/1558) +### Added + +- Improve error message on template parsing failures + ## [1.1.3](https://github.com/axa-group/arm-template-merge/compare/v1.1.2...v1.1.3) — 2019-09-25 ### Security diff --git a/bin/arm-template-merge b/bin/arm-template-merge index 0dbaa51..ffe9470 100644 --- a/bin/arm-template-merge +++ b/bin/arm-template-merge @@ -134,7 +134,13 @@ async function loadTemplate(inFile) { } const json = jsonBuf.toString('utf8'); - const template = JSON.parse(json); + + let template; + try { + template = JSON.parse(json); + } catch (err) { + throw new Error(`Template '${inFile}' could not be parsed: ${err.message}`); + } const expectedKeys = ['$schema', 'contentVersion']; diff --git a/test/cli.test.js b/test/cli.test.js index 890141c..2c2bee6 100644 --- a/test/cli.test.js +++ b/test/cli.test.js @@ -54,7 +54,7 @@ describe('CLI', () => { rfn.mockRestore(); expect(res.exitCode).toBe(1); - expect(res.stderr).toMatch(/^Error:/); + expect(res.stderr).toMatch(/^Error: Template 'templates\/website.json' could not be parsed:/); }); it('should be able to merge template files into a new file', async () => { From 00ef0b2f9f4b4705d1afdc6fd1cd7368052766a7 Mon Sep 17 00:00:00 2001 From: Jorge Poveda Date: Thu, 10 Oct 2019 18:03:40 +0200 Subject: [PATCH 3/3] Version 1.1.4 --- CHANGELOG.md | 2 +- package-lock.json | 2 +- package.json | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c56638c..e52bb4a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). -## [Unreleased](https://github.com/axa-group/arm-template-merge/compare/v1.1.3...HEAD) +## [1.1.4](https://github.com/axa-group/arm-template-merge/compare/v1.1.3...v1.1.4) — 2019-10-10 ### Security diff --git a/package-lock.json b/package-lock.json index 8fbfa55..ec08ac0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "arm-template-merge", - "version": "1.1.3", + "version": "1.1.4", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index cb4340a..5aa3862 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "arm-template-merge", - "version": "1.1.3", + "version": "1.1.4", "description": "Azure Resource Manager (ARM) Template Merge", "keywords": [ "azure",