[Snyk] Security upgrade jest from 28.1.3 to 29.0.0 (#491)

twilio-product-security · snyk-bot · Victor Ayogu · web-flow · commit 2c95fcf2d66e · 2024-03-18T15:43:23.000+02:00
* fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 * fix: update snapshots and tests * fix: update config * fix: update typedoc --------- Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Victor Ayogu <vayogu@twilio.com>
diff --git a/jest.config.base.js b/jest.config.base.js
@@ -11,10 +11,13 @@ module.exports = {
   coverageDirectory: 'coverage',
 
   // A set of global variables that need to be available in all test environments
-  globals: {
-    'ts-jest': {
-      tsconfig: 'tsconfig.test.json',
-    },
+  transform: {
+    '^.+\\.ts?$': [
+      'ts-jest',
+      {
+        tsconfig: 'tsconfig.test.json',
+      },
+    ],
   },
   // The test environment that will be used for testing
   testEnvironment: 'node',
diff --git a/package.json b/package.json
@@ -34,13 +34,14 @@
     "conventional-changelog-cli": "^2.1.0",
     "cz-conventional-changelog": "^2.1.0",
     "husky": "^8.0.2",
-    "jest": "^28.1.3",
+    "jest": "^29.7.0",
     "jest-express": "^1.10.1",
     "lint-staged": "^9.0.0",
     "npm-run-all": "^4.1.5",
     "prettier": "^2.2.1",
     "rimraf": "^3.0.2",
-    "ts-jest": "^28.0.8",
+    "ts-jest": "^29.1.2",
+    "typedoc": "^0.25.12",
     "typescript": "^5.3.3"
   },
   "lint-staged": {
diff --git a/packages/create-twilio-function/tests/install-dependencies.test.js b/packages/create-twilio-function/tests/install-dependencies.test.js
@@ -1,13 +1,14 @@
 const path = require('path');
+jest.mock('pkg-install');
 
 const pkgInstall = require('pkg-install');
 
-const { installDependencies } = require('../src/create-twilio-function/install-dependencies');
+const {
+  installDependencies,
+} = require('../src/create-twilio-function/install-dependencies');
 
 const scratchDir = path.join(process.cwd(), 'scratch');
 
-jest.mock('pkg-install');
-
 describe('installDependencies', () => {
   test('it calls `npm install` in the target directory', async () => {
     pkgInstall.projectInstall.mockResolvedValue({ stdout: 'done' });
diff --git a/packages/create-twilio-function/tests/success-message.test.js b/packages/create-twilio-function/tests/success-message.test.js
@@ -1,11 +1,11 @@
+jest.mock('pkg-install');
+jest.mock('window-size', () => ({ get: () => ({ width: 80 }) }));
+
 const pkgInstall = require('pkg-install');
 const chalk = require('chalk');
 
 const successMessage = require('../src/create-twilio-function/success-message');
 
-jest.mock('pkg-install');
-jest.mock('window-size', () => ({ get: () => ({ width: 80 }) }));
-
 describe('successMessage', () => {
   test('creates a success message based on the package manager', async () => {
     pkgInstall.getPackageManager.mockResolvedValue('yarn');
@@ -15,6 +15,10 @@ describe('successMessage', () => {
     };
     const message = await successMessage(config);
     expect(message).toEqual(expect.stringContaining('yarn start'));
-    expect(message).toEqual(expect.stringContaining(chalk`Created {bold ${config.name}} at {bold ${config.path}}`));
+    expect(message).toEqual(
+      expect.stringContaining(
+        chalk`Created {bold ${config.name}} at {bold ${config.path}}`
+      )
+    );
   });
 });
diff --git a/packages/create-twilio-function/tests/window-size.test.js b/packages/create-twilio-function/tests/window-size.test.js
@@ -1,5 +1,3 @@
-const getWindowSize = require('../src/create-twilio-function/window-size');
-
 jest.mock('window-size', () => ({
   get: jest
     .fn()
@@ -16,6 +14,8 @@ jest.mock('window-size', () => ({
     }),
 }));
 
+const getWindowSize = require('../src/create-twilio-function/window-size');
+
 describe('getWindowSize', () => {
   it('gets a valid windowSize', () => {
     const windowSize = getWindowSize();
diff --git a/packages/plugin-assets/tests/init.test.js b/packages/plugin-assets/tests/init.test.js
@@ -1,16 +1,3 @@
-const { init } = require('../src/init');
-const path = require('path');
-const fs = require('fs').promises;
-const { tmpdir } = require('os');
-
-const {
-  createService,
-} = require('@twilio-labs/serverless-api/dist/api/services');
-const {
-  createEnvironmentFromSuffix,
-  getEnvironment,
-} = require('@twilio-labs/serverless-api/dist/api/environments');
-
 jest.mock('@twilio-labs/serverless-api/dist/api/services', () => {
   return { createService: jest.fn().mockResolvedValue('new-service-sid') };
 });
@@ -25,6 +12,19 @@ jest.mock('@twilio-labs/serverless-api/dist/api/environments', () => {
   };
 });
 
+const { init } = require('../src/init');
+const path = require('path');
+const fs = require('fs').promises;
+const { tmpdir } = require('os');
+
+const {
+  createService,
+} = require('@twilio-labs/serverless-api/dist/api/services');
+const {
+  createEnvironmentFromSuffix,
+  getEnvironment,
+} = require('@twilio-labs/serverless-api/dist/api/environments');
+
 const mockLogger = {
   error: jest.fn(),
   debug: jest.fn(),
diff --git a/packages/runtime-handler/__tests__/dev-runtime/__snapshots__/integration.test.ts.snap b/packages/runtime-handler/__tests__/dev-runtime/__snapshots__/integration.test.ts.snap
@@ -1,9 +1,9 @@
 // Jest Snapshot v1, https://goo.gl/fbAQLP
 
 exports[`with an express app with forked process function handling Function integration tests basic-twiml.js should match snapshot 1`] = `
-Object {
-  "body": Object {},
-  "headers": Object {
+{
+  "body": {},
+  "headers": {
     "cache-control": "no-store, no-cache, must-revalidate, proxy-revalidate",
     "connection": "close",
     "content-type": "text/xml; charset=utf-8",
@@ -13,15 +13,15 @@ Object {
     "x-powered-by": "Express",
   },
   "statusCode": 200,
-  "text": "<?xml version=\\"1.0\\" encoding=\\"UTF-8\\"?><Response><Message>Hello World</Message></Response>",
+  "text": "<?xml version="1.0" encoding="UTF-8"?><Response><Message>Hello World</Message></Response>",
   "type": "text/xml",
 }
 `;
 
 exports[`with an express app with inline function handling Assets integration tests hello.js should match snapshot 1`] = `
-Object {
-  "body": Object {},
-  "headers": Object {
+{
+  "body": {},
+  "headers": {
     "accept-ranges": "bytes",
     "cache-control": "no-store, no-cache, must-revalidate, proxy-revalidate",
     "connection": "close",
@@ -39,9 +39,9 @@ Object {
 `;
 
 exports[`with an express app with inline function handling Assets integration tests index.html should match snapshot 1`] = `
-Object {
-  "body": Object {},
-  "headers": Object {
+{
+  "body": {},
+  "headers": {
     "accept-ranges": "bytes",
     "cache-control": "no-store, no-cache, must-revalidate, proxy-revalidate",
     "connection": "close",
@@ -58,9 +58,9 @@ Object {
 `;
 
 exports[`with an express app with inline function handling Function integration tests basic-twiml.js should match snapshot 1`] = `
-Object {
-  "body": Object {},
-  "headers": Object {
+{
+  "body": {},
+  "headers": {
     "cache-control": "no-store, no-cache, must-revalidate, proxy-revalidate",
     "connection": "close",
     "content-type": "text/xml; charset=utf-8",
@@ -70,7 +70,7 @@ Object {
     "x-powered-by": "Express",
   },
   "statusCode": 200,
-  "text": "<?xml version=\\"1.0\\" encoding=\\"UTF-8\\"?><Response><Message>Hello World</Message></Response>",
+  "text": "<?xml version="1.0" encoding="UTF-8"?><Response><Message>Hello World</Message></Response>",
   "type": "text/xml",
 }
 `;
diff --git a/packages/runtime-handler/jest.config.js b/packages/runtime-handler/jest.config.js
@@ -2,10 +2,13 @@ const base = require('../../jest.config.base.js');
 
 module.exports = {
   ...base,
-  globals: {
-    'ts-jest': {
-      tsconfig: './tsconfig.test.json',
-    },
+  transform: {
+    '^.+\\.ts?$': [
+      'ts-jest',
+      {
+        tsconfig: './tsconfig.test.json',
+      },
+    ],
   },
   name: 'runtime-handler',
   displayName: 'runtime-handler',
diff --git a/packages/serverless-api/jest.config.js b/packages/serverless-api/jest.config.js
@@ -2,10 +2,13 @@ const base = require('../../jest.config.base.js');
 
 module.exports = {
   ...base,
-  globals: {
-    'ts-jest': {
-      tsconfig: './tsconfig.test.json',
-    },
+  transform: {
+    '^.+\\.ts?$': [
+      'ts-jest',
+      {
+        tsconfig: './tsconfig.test.json',
+      },
+    ],
   },
   name: 'serverless-api',
   displayName: 'serverless-api',
diff --git a/packages/twilio-run/__tests__/runtime/__snapshots__/integration.test.ts.snap b/packages/twilio-run/__tests__/runtime/__snapshots__/integration.test.ts.snap
@@ -1,23 +1,23 @@
 // Jest Snapshot v1, https://goo.gl/fbAQLP
 
 exports[`with an express app with forked process function handling Function integration tests basic-twiml.js should match snapshot 1`] = `
-Object {
-  "body": Object {},
-  "headers": Object {
+{
+  "body": {},
+  "headers": {
     "connection": "close",
     "content-type": "text/xml; charset=utf-8",
     "x-powered-by": "Express",
   },
   "statusCode": 200,
-  "text": "<?xml version=\\"1.0\\" encoding=\\"UTF-8\\"?><Response><Message>Hello World</Message></Response>",
+  "text": "<?xml version="1.0" encoding="UTF-8"?><Response><Message>Hello World</Message></Response>",
   "type": "text/xml",
 }
 `;
 
 exports[`with an express app with inline function handling Assets integration tests hello.js should match snapshot 1`] = `
-Object {
-  "body": Object {},
-  "headers": Object {
+{
+  "body": {},
+  "headers": {
     "accept-ranges": "bytes",
     "cache-control": "public, max-age=0",
     "connection": "close",
@@ -32,15 +32,15 @@ Object {
 `;
 
 exports[`with an express app with inline function handling Function integration tests basic-twiml.js should match snapshot 1`] = `
-Object {
-  "body": Object {},
-  "headers": Object {
+{
+  "body": {},
+  "headers": {
     "connection": "close",
     "content-type": "text/xml; charset=utf-8",
     "x-powered-by": "Express",
   },
   "statusCode": 200,
-  "text": "<?xml version=\\"1.0\\" encoding=\\"UTF-8\\"?><Response><Message>Hello World</Message></Response>",
+  "text": "<?xml version="1.0" encoding="UTF-8"?><Response><Message>Hello World</Message></Response>",
   "type": "text/xml",
 }
 `;
diff --git a/packages/twilio-run/__tests__/templating/__snapshots__/defaultConfig.test.ts.snap b/packages/twilio-run/__tests__/templating/__snapshots__/defaultConfig.test.ts.snap
@@ -2,45 +2,45 @@
 
 exports[`writeDefaultConfigFile default file should match snapshot 1`] = `
 "{
-	\\"commands\\": {},
-	\\"environments\\": {},
-	\\"projects\\": {},
-	// \\"assets\\": true 	/* Upload assets. Can be turned off with --no-assets */,
-	// \\"assetsFolder\\": null 	/* Specific folder name to be used for static assets */,
-	// \\"buildSid\\": null 	/* An existing Build SID to deploy to the new environment */,
-	// \\"createEnvironment\\": false 	/* Creates environment if it couldn't find it. */,
-	// \\"cwd\\": null 	/* Sets the directory of your existing Serverless project. Defaults to current directory */,
-	// \\"detailedLogs\\": false 	/* Toggles detailed request logging by showing request body and query params */,
-	// \\"edge\\": null 	/* Twilio API Region */,
-	// \\"env\\": null 	/* Path to .env file for environment variables that should be installed */,
-	// \\"environment\\": \\"dev\\" 	/* The environment name (domain suffix) you want to use for your deployment. Alternatively you can specify an environment SID starting with ZE. */,
-	// \\"extendedOutput\\": false 	/* Show an extended set of properties on the output */,
-	// \\"force\\": false 	/* Will run deployment in force mode. Can be dangerous. */,
-	// \\"forkProcess\\": true 	/* Disable forking function processes to emulate production environment */,
-	// \\"functionSid\\": null 	/* Specific Function SID to retrieve logs for */,
-	// \\"functions\\": true 	/* Upload functions. Can be turned off with --no-functions */,
-	// \\"functionsFolder\\": null 	/* Specific folder name to be used for static functions */,
-	// \\"inspect\\": null 	/* Enables Node.js debugging protocol */,
-	// \\"inspectBrk\\": null 	/* Enables Node.js debugging protocol, stops execution until debugger is attached */,
-	// \\"legacyMode\\": false 	/* Enables legacy mode, it will prefix your asset paths with /assets */,
-	// \\"live\\": true 	/* Always serve from the current functions (no caching) */,
-	// \\"loadLocalEnv\\": false 	/* Includes the local environment variables */,
-	// \\"loadSystemEnv\\": false 	/* Uses system environment variables as fallback for variables specified in your .env file. Needs to be used with --env explicitly specified. */,
-	// \\"logCacheSize\\": null 	/* Tailing the log endpoint will cache previously seen entries to avoid duplicates. The cache is topped at a maximum of 1000 by default. This option can change that. */,
-	// \\"logLevel\\": \\"info\\" 	/* Level of logging messages. */,
-	// \\"logs\\": true 	/* Toggles request logging */,
-	// \\"ngrok\\": null 	/* Uses ngrok to create a public url. Pass a string to set the subdomain (requires a paid-for ngrok account). */,
-	// \\"outputFormat\\": \\"\\" 	/* Output the results in a different format */,
-	// \\"overrideExistingProject\\": false 	/* Deploys Serverless project to existing service if a naming conflict has been found. */,
-	// \\"port\\": \\"3000\\" 	/* Override default port of 3000 */,
-	// \\"production\\": false 	/* Promote build to the production environment (no domain suffix). Overrides environment flag */,
-	// \\"properties\\": null 	/* Specify the output properties you want to see. Works best on single types */,
-	// \\"region\\": null 	/* Twilio API Region */,
-	\\"runtime\\": \\"node18\\" 	/* The version of Node.js to deploy the build to. (node18) */,
-	// \\"serviceName\\": null 	/* Overrides the name of the Serverless project. Default: the name field in your package.json */,
-	// \\"serviceSid\\": null 	/* SID of the Twilio Serverless Service to deploy to */,
-	// \\"sourceEnvironment\\": null 	/* SID or suffix of an existing environment you want to deploy from. */,
-	// \\"tail\\": false 	/* Continuously stream the logs */,
-	// \\"template\\": null 	/* undefined */,
+	"commands": {},
+	"environments": {},
+	"projects": {},
+	// "assets": true 	/* Upload assets. Can be turned off with --no-assets */,
+	// "assetsFolder": null 	/* Specific folder name to be used for static assets */,
+	// "buildSid": null 	/* An existing Build SID to deploy to the new environment */,
+	// "createEnvironment": false 	/* Creates environment if it couldn't find it. */,
+	// "cwd": null 	/* Sets the directory of your existing Serverless project. Defaults to current directory */,
+	// "detailedLogs": false 	/* Toggles detailed request logging by showing request body and query params */,
+	// "edge": null 	/* Twilio API Region */,
+	// "env": null 	/* Path to .env file for environment variables that should be installed */,
+	// "environment": "dev" 	/* The environment name (domain suffix) you want to use for your deployment. Alternatively you can specify an environment SID starting with ZE. */,
+	// "extendedOutput": false 	/* Show an extended set of properties on the output */,
+	// "force": false 	/* Will run deployment in force mode. Can be dangerous. */,
+	// "forkProcess": true 	/* Disable forking function processes to emulate production environment */,
+	// "functionSid": null 	/* Specific Function SID to retrieve logs for */,
+	// "functions": true 	/* Upload functions. Can be turned off with --no-functions */,
+	// "functionsFolder": null 	/* Specific folder name to be used for static functions */,
+	// "inspect": null 	/* Enables Node.js debugging protocol */,
+	// "inspectBrk": null 	/* Enables Node.js debugging protocol, stops execution until debugger is attached */,
+	// "legacyMode": false 	/* Enables legacy mode, it will prefix your asset paths with /assets */,
+	// "live": true 	/* Always serve from the current functions (no caching) */,
+	// "loadLocalEnv": false 	/* Includes the local environment variables */,
+	// "loadSystemEnv": false 	/* Uses system environment variables as fallback for variables specified in your .env file. Needs to be used with --env explicitly specified. */,
+	// "logCacheSize": null 	/* Tailing the log endpoint will cache previously seen entries to avoid duplicates. The cache is topped at a maximum of 1000 by default. This option can change that. */,
+	// "logLevel": "info" 	/* Level of logging messages. */,
+	// "logs": true 	/* Toggles request logging */,
+	// "ngrok": null 	/* Uses ngrok to create a public url. Pass a string to set the subdomain (requires a paid-for ngrok account). */,
+	// "outputFormat": "" 	/* Output the results in a different format */,
+	// "overrideExistingProject": false 	/* Deploys Serverless project to existing service if a naming conflict has been found. */,
+	// "port": "3000" 	/* Override default port of 3000 */,
+	// "production": false 	/* Promote build to the production environment (no domain suffix). Overrides environment flag */,
+	// "properties": null 	/* Specify the output properties you want to see. Works best on single types */,
+	// "region": null 	/* Twilio API Region */,
+	"runtime": "node18" 	/* The version of Node.js to deploy the build to. (node18) */,
+	// "serviceName": null 	/* Overrides the name of the Serverless project. Default: the name field in your package.json */,
+	// "serviceSid": null 	/* SID of the Twilio Serverless Service to deploy to */,
+	// "sourceEnvironment": null 	/* SID or suffix of an existing environment you want to deploy from. */,
+	// "tail": false 	/* Continuously stream the logs */,
+	// "template": null 	/* undefined */,
 }"
 `;
diff --git a/packages/twilio-run/jest.config.js b/packages/twilio-run/jest.config.js
@@ -2,10 +2,13 @@ const base = require('../../jest.config.base.js');
 
 module.exports = {
   ...base,
-  globals: {
-    'ts-jest': {
-      tsconfig: './tsconfig.test.json',
-    },
+  transform: {
+    '^.+\\.ts?$': [
+      'ts-jest',
+      {
+        tsconfig: './tsconfig.test.json',
+      },
+    ],
   },
   name: 'twilio-run',
   displayName: 'twilio-run',
