Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix npm permissions in v6.20.0 #2434 #2435

Merged
merged 37 commits into from
Mar 7, 2023
Merged

Fix npm permissions in v6.20.0 #2434 #2435

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
8199573
Add npm doctor temporarily to see problems
echoix Mar 7, 2023
b3bacd2
[build-command] Update generated files
echoix Mar 7, 2023
690ccb1
Update build.py missing &&
echoix Mar 7, 2023
05d934d
[build-command] Update generated files
echoix Mar 7, 2023
101d17f
Update build.py remove extra &&
echoix Mar 7, 2023
ca67fd1
[build-command] Update generated files
echoix Mar 7, 2023
e22797f
Update build.py use npm install --production
echoix Mar 7, 2023
ae6efd8
[build-command] Update generated files
echoix Mar 7, 2023
842b7b2
Disable stylelint-config-sass-guidelines in css descriptor
echoix Mar 7, 2023
4a42663
Update build.py remove --force
echoix Mar 7, 2023
d24a2c5
[build-command] Update generated files
echoix Mar 7, 2023
a0c1ef0
Merge pull request #2434 from echoix/fix/npm-permission
echoix Mar 7, 2023
8e856c9
Update build.py chown npm node_modules
echoix Mar 7, 2023
ef7487c
[build-command] Update generated files
nvuillam Mar 7, 2023
384291e
Update build.py add npm doctor after chown
echoix Mar 7, 2023
69e9bd8
[build-command] Update generated files
nvuillam Mar 7, 2023
8edce84
Merge branch 'main' into fix-npm-permissions
nvuillam Mar 7, 2023
1558568
changelog
nvuillam Mar 7, 2023
24ce173
Remove npm doctor
nvuillam Mar 7, 2023
9d8a6a3
Add build date in Beta docker images
nvuillam Mar 7, 2023
f9116c3
Linter fixes
nvuillam Mar 7, 2023
5bf0b55
hadolint fix
nvuillam Mar 7, 2023
afdcb4d
Merge remote-tracking branch 'origin/main' into fix-npm-permissions
nvuillam Mar 7, 2023
62779b4
Hadolint
nvuillam Mar 7, 2023
24031dc
Merge remote-tracking branch 'origin/main' into fix-npm-permissions
nvuillam Mar 7, 2023
a0de481
Merge remote-tracking branch 'origin/main' into fix-npm-permissions
nvuillam Mar 7, 2023
21f73be
Build with doc
nvuillam Mar 7, 2023
dad8a6c
quote dev in omit=dev
nvuillam Mar 7, 2023
0d7ed06
Remove --omit=dev as there is NODE_ENV=production
nvuillam Mar 7, 2023
fa69a53
Merge remote-tracking branch 'origin/main' into fix-npm-permissions
nvuillam Mar 7, 2023
076ab66
plz kill me
nvuillam Mar 7, 2023
5b8326b
plz kill me again
nvuillam Mar 7, 2023
a39bf3a
and again :)
nvuillam Mar 7, 2023
4d6485a
!!!!!!!!
nvuillam Mar 7, 2023
44a3489
bondieuuuu
nvuillam Mar 7, 2023
4f0f4b1
rhaaaaaaaaaaaaa
nvuillam Mar 7, 2023
87c9dbe
[MegaLinter] Apply linters fixes
nvuillam Mar 7, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions .automation/build.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -470,11 +470,12 @@ def build_dockerfile(
if len(npm_packages) > 0:
npm_install_command = (
"WORKDIR /node-deps\n"
+ "RUN npm --no-cache install --force --ignore-scripts \\\n "
+ "RUN npm --no-cache install --ignore-scripts --omit=dev \\\n "
+ " \\\n ".join(list(dict.fromkeys(npm_packages)))
+ " && \\\n"
+ " npm audit fix --audit-level=critical || true \\\n"
+ " && \\\n"
+ " npm audit fix --audit-level=critical || true \\\n"
+ " && npm cache clean --force || true \\\n"
+ ' && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \\\n'
+ " && rm -rf /root/.npm/_cacache \\\n"
+ ' && find . -name "*.d.ts" -delete \\\n'
+ ' && find . -name "*.map" -delete \\\n'
Expand Down
48 changes: 24 additions & 24 deletions .automation/generated/flavors-stats.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1349,8 +1349,8 @@
2804650
],
[
"2023-03-07T17:28:22",
2807613
"2023-03-07T19:21:17",
2807735
]
],
"ci_light": [
Expand Down Expand Up @@ -2703,8 +2703,8 @@
50967
],
[
"2023-03-07T17:28:22",
51262
"2023-03-07T19:21:17",
51267
]
],
"cupcake": [
Expand Down Expand Up @@ -3037,7 +3037,7 @@
3903
],
[
"2023-03-07T17:28:22",
"2023-03-07T19:21:17",
4018
]
],
Expand Down Expand Up @@ -5301,8 +5301,8 @@
120908
],
[
"2023-03-07T17:28:22",
121391
"2023-03-07T19:21:17",
121401
]
],
"dotnet": [
Expand Down Expand Up @@ -6655,8 +6655,8 @@
354287
],
[
"2023-03-07T17:28:22",
354806
"2023-03-07T19:21:17",
354845
]
],
"go": [
Expand Down Expand Up @@ -8009,7 +8009,7 @@
17265
],
[
"2023-03-07T17:28:22",
"2023-03-07T19:21:17",
17352
]
],
Expand Down Expand Up @@ -9363,8 +9363,8 @@
110737
],
[
"2023-03-07T17:28:22",
110909
"2023-03-07T19:21:17",
110911
]
],
"javascript": [
Expand Down Expand Up @@ -10717,8 +10717,8 @@
210747
],
[
"2023-03-07T17:28:22",
211884
"2023-03-07T19:21:17",
211936
]
],
"php": [
Expand Down Expand Up @@ -12071,7 +12071,7 @@
46936
],
[
"2023-03-07T17:28:22",
"2023-03-07T19:21:17",
46962
]
],
Expand Down Expand Up @@ -13425,8 +13425,8 @@
166786
],
[
"2023-03-07T17:28:22",
167860
"2023-03-07T19:21:17",
167933
]
],
"ruby": [
Expand Down Expand Up @@ -14775,7 +14775,7 @@
3097
],
[
"2023-03-07T17:28:22",
"2023-03-07T19:21:17",
3109
]
],
Expand Down Expand Up @@ -16125,7 +16125,7 @@
4709
],
[
"2023-03-07T17:28:22",
"2023-03-07T19:21:17",
4727
]
],
Expand Down Expand Up @@ -17479,7 +17479,7 @@
17139
],
[
"2023-03-07T17:28:22",
"2023-03-07T19:21:17",
17240
]
],
Expand Down Expand Up @@ -18831,7 +18831,7 @@
3593
],
[
"2023-03-07T17:28:22",
"2023-03-07T19:21:17",
3777
]
],
Expand Down Expand Up @@ -20181,7 +20181,7 @@
3242
],
[
"2023-03-07T17:28:22",
"2023-03-07T19:21:17",
3253
]
],
Expand Down Expand Up @@ -21535,8 +21535,8 @@
186856
],
[
"2023-03-07T17:28:22",
187658
"2023-03-07T19:21:17",
187690
]
]
}
3 changes: 3 additions & 0 deletions .github/workflows/deploy-BETA-flavors.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,9 @@ jobs:
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Get current date
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> ${GITHUB_ENV}

- name: Build Image
uses: docker/build-push-action@v4
with:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/deploy-BETA-linters.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -214,6 +214,9 @@ jobs:
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Get current date
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> ${GITHUB_ENV}

- name: Build Image
uses: docker/build-push-action@v4
with:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/deploy-BETA.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,9 @@ jobs:
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Get current date
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> ${GITHUB_ENV}

- name: Build & Push Docker Image
uses: docker/build-push-action@v4
with:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/deploy-DEV-linters.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,9 @@ jobs:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2

- name: Get current date
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> ${GITHUB_ENV}

- name: Build Image
uses: docker/build-push-action@v4
with:
Expand Down
5 changes: 4 additions & 1 deletion CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-linter.yml file, or with `oxsecurity/megalinter:beta` docker image

- Fixes
- Fix issue with running on Mac m1 no longer working [#2427](https://github.com/oxsecurity/megalinter/issues/2427)
- Fix [issue with running on Mac m1 no longer working](https://github.com/oxsecurity/megalinter/issues/2427), by @nvuillam
- Fix [Container images errors when pulling](https://github.com/oxsecurity/megalinter/issues/2348), by @echoix
- Fix [Pre npm install not resolving](https://github.com/oxsecurity/megalinter/issues/2428), by @echoix
- Add build date in Beta docker images, by @nvuillam
- Correct misleading error message in **GitlabCommentReporter.py**, see [#2420](https://github.com/oxsecurity/megalinter/issues/2420)
- Fix **GitlabCommentReporter** wrong variables names, check [#2423](https://github.com/oxsecurity/megalinter/issues/2423)

Expand Down
8 changes: 4 additions & 4 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -189,14 +189,13 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \
NODE_ENV=production
#NPM__START
WORKDIR /node-deps
RUN npm --no-cache install --force --ignore-scripts \
RUN npm --no-cache install --ignore-scripts --omit=dev \
sfdx-cli \
typescript \
@coffeelint/cli \
jscpd \
stylelint \
stylelint-config-standard \
stylelint-config-sass-guidelines \
stylelint-scss \
gherkin-lint \
graphql \
Expand Down Expand Up @@ -238,9 +237,10 @@ RUN npm --no-cache install --force --ignore-scripts \
tekton-lint \
prettyjson \
@typescript-eslint/eslint-plugin \
@typescript-eslint/parser && \
npm audit fix --audit-level=critical || true \
@typescript-eslint/parser && \
npm audit fix --audit-level=critical || true \
&& npm cache clean --force || true \
&& chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \
&& rm -rf /root/.npm/_cacache \
&& find . -name "*.d.ts" -delete \
&& find . -name "*.map" -delete \
Expand Down
3 changes: 1 addition & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1032,8 +1032,7 @@ You can show MegaLinter status with a badge in your repository README

[![MegaLinter](https://github.com/oxsecurity/megalinter/workflows/MegaLinter/badge.svg?branch=main)](https://github.com/oxsecurity/megalinter/actions?query=workflow%3AMegaLinter+branch%3Amain)

If your main branch is **main** , replace **main** by **main** in URLs

_If your main branch is **master** , replace **main** by **master** in URLs_
### Markdown

- Format
Expand Down
3 changes: 1 addition & 2 deletions docs/badge.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,7 @@ You can show MegaLinter status with a badge in your repository README

[![MegaLinter](https://github.com/oxsecurity/megalinter/workflows/MegaLinter/badge.svg?branch=main)](https://github.com/oxsecurity/megalinter/actions?query=workflow%3AMegaLinter+branch%3Amain)

If your main branch is **master** , replace **main** by **master** in URLs

_If your main branch is **master** , replace **main** by **master** in URLs_
## Markdown

- Format
Expand Down
1 change: 0 additions & 1 deletion docs/descriptors/css_stylelint.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -270,5 +270,4 @@ stylelint --fix --config .stylelintrc.json myfile.css myfile2.css myfile3.css
- NPM packages (node.js):
- [stylelint](https://www.npmjs.com/package/stylelint)
- [stylelint-config-standard](https://www.npmjs.com/package/stylelint-config-standard)
- [stylelint-config-sass-guidelines](https://www.npmjs.com/package/stylelint-config-sass-guidelines)
- [stylelint-scss](https://www.npmjs.com/package/stylelint-scss)
2 changes: 1 addition & 1 deletion docs/installation.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,7 @@ mega-linter:
expire_in: 1 week
```

Create a Gitlab access token and define it in a variable **GITLAB_ACCESS_TOKEN_MEGALINTER** in the project CI/CD masked variables
Create a Gitlab access token and define it in a variable **GITLAB_ACCESS_TOKEN_MEGALINTER** in the project CI/CD masked variables. Make sure your token (e.g. if a project token) as the appropriate [role](https://docs.gitlab.com/ee/user/permissions.html) for commenting a merge request (at least developer).

![config-gitlab-access-token](https://user-images.githubusercontent.com/17500430/151674446-1bcb1420-d9aa-4ae1-aaae-dcf51afb36ab.gif)

Expand Down
14 changes: 7 additions & 7 deletions docs/reporters/GitlabCommentReporter.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,13 @@ Click on hyperlinks to access detailed logs (click on **Download** in **Artifact

![config-gitlab-access-token](https://user-images.githubusercontent.com/17500430/151674446-1bcb1420-d9aa-4ae1-aaae-dcf51afb36ab.gif)

| Variable | Description | Default value |
|--------------------------------|--------------------------------------------------------------------------------------------------------|--------------------------|
| GITLAB_COMMENT_REPORTER | Activates/deactivates reporter | true |
| GITLAB_ACCESS_TOKEN_MEGALINTER | Must contain a Gitlab private access token defined with api access | <!-- --> |
| GITLAB_CUSTOM_CERTIFICATE | SSL certificate value to connect to Gitlab | <!-- --> |
| GITLAB_CERTIFICATE_PATH | Path to SSL certificate to connect to Gitlab (if SSL cert has been manually defined with PRE_COMMANDS) | <!-- --> |
| REPORTERS_MARKDOWN_TYPE | Set to `simple` to avoid external images in generated markdown | `advanced` |
| Variable | Description | Default value |
|--------------------------------|--------------------------------------------------------------------------------------------------------|---------------|
| GITLAB_COMMENT_REPORTER | Activates/deactivates reporter | true |
| GITLAB_ACCESS_TOKEN_MEGALINTER | Must contain a Gitlab private access token defined with api access | <!-- --> |
| GITLAB_CUSTOM_CERTIFICATE | SSL certificate value to connect to Gitlab | <!-- --> |
| GITLAB_CERTIFICATE_PATH | Path to SSL certificate to connect to Gitlab (if SSL cert has been manually defined with PRE_COMMANDS) | <!-- --> |
| REPORTERS_MARKDOWN_TYPE | Set to `simple` to avoid external images in generated markdown | `advanced` |

## Special Thanks

Expand Down
7 changes: 4 additions & 3 deletions flavors/ci_light/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \
NODE_ENV=production
#NPM__START
WORKDIR /node-deps
RUN npm --no-cache install --force --ignore-scripts \
RUN npm --no-cache install --ignore-scripts --omit=dev \
jscpd \
npm-groovy-lint \
@prantlf/jsonlint \
Expand All @@ -114,9 +114,10 @@ RUN npm --no-cache install --force --ignore-scripts \
prettier \
secretlint \
@secretlint/secretlint-rule-preset-recommend \
@secretlint/secretlint-formatter-sarif && \
npm audit fix --audit-level=critical || true \
@secretlint/secretlint-formatter-sarif && \
npm audit fix --audit-level=critical || true \
&& npm cache clean --force || true \
&& chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \
&& rm -rf /root/.npm/_cacache \
&& find . -name "*.d.ts" -delete \
&& find . -name "*.map" -delete \
Expand Down
8 changes: 4 additions & 4 deletions flavors/cupcake/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,12 +154,11 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \
NODE_ENV=production
#NPM__START
WORKDIR /node-deps
RUN npm --no-cache install --force --ignore-scripts \
RUN npm --no-cache install --ignore-scripts --omit=dev \
typescript \
jscpd \
stylelint \
stylelint-config-standard \
stylelint-config-sass-guidelines \
stylelint-scss \
graphql \
graphql-schema-linter \
Expand Down Expand Up @@ -198,9 +197,10 @@ RUN npm --no-cache install --force --ignore-scripts \
sql-lint \
prettyjson \
@typescript-eslint/eslint-plugin \
@typescript-eslint/parser && \
npm audit fix --audit-level=critical || true \
@typescript-eslint/parser && \
npm audit fix --audit-level=critical || true \
&& npm cache clean --force || true \
&& chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \
&& rm -rf /root/.npm/_cacache \
&& find . -name "*.d.ts" -delete \
&& find . -name "*.map" -delete \
Expand Down
8 changes: 4 additions & 4 deletions flavors/documentation/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,11 +119,10 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \
NODE_ENV=production
#NPM__START
WORKDIR /node-deps
RUN npm --no-cache install --force --ignore-scripts \
RUN npm --no-cache install --ignore-scripts --omit=dev \
jscpd \
stylelint \
stylelint-config-standard \
stylelint-config-sass-guidelines \
stylelint-scss \
graphql \
graphql-schema-linter \
Expand All @@ -144,9 +143,10 @@ RUN npm --no-cache install --force --ignore-scripts \
@secretlint/secretlint-formatter-sarif \
cspell \
sql-lint \
tekton-lint && \
npm audit fix --audit-level=critical || true \
tekton-lint && \
npm audit fix --audit-level=critical || true \
&& npm cache clean --force || true \
&& chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \
&& rm -rf /root/.npm/_cacache \
&& find . -name "*.d.ts" -delete \
&& find . -name "*.map" -delete \
Expand Down
Loading