Remote Code Execution ERROR when ionic start project - ionic-framework

=== npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Remote Code Execution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ serialize-javascript │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=3.1.0 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ #ionic/angular-toolkit [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ #ionic/angular-toolkit > copy-webpack-plugin > │
│ │ serialize-javascript │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1548 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 2 vulnerabilities (1 low, 1 high) in 1493 scanned packages
1 vulnerability requires semver-major dependency updates.
1 vulnerability requires manual review. See the full report for details.
when I am starting new project with ionic start , I am getting this error.
how can I fix it ? Thanks all of you.
my ionic information is here
Ionic CLI : 6.11.0 (/usr/local/lib/node_modules/#ionic/cli)
Ionic Framework : #ionic/angular 5.3.1
#angular-devkit/build-angular : 0.901.12
#angular-devkit/schematics : 9.1.12
#angular/cli : 9.1.12
#ionic/angular-toolkit : 2.3.0

From https://docs.npmjs.com/auditing-package-dependencies-for-security-vulnerabilities
To find the package that must be updated, check the “Path” field for
the location of the package with the vulnerability, then check for the
package that depends on it. For example, if the path to the
vulnerability is #package-name > dependent-package >
package-with-vulnerability, you will need to update dependent-package.
It looks that you need to update https://www.npmjs.com/package/copy-webpack-plugin

npm i #ionic/angular-toolkit
2.3.1 of Angular toolkit is released!

Related

How to make the java cucumber simplest example fully work in Eclipse?

I'm new to cucumber and after trying various not fully working tutorials, I try to make this example work : https://github.com/cucumber/cucumber-java-skeleton
Here is the plugin i'm using :
My version of Eclipse (wrapped into STS 4.17.1) :
To import it, I do "Import Existing maven project" on the maven project :
What works : After completing the 2 missing steps, when I run the .feature through eclipse cucumber plugin (Run as "Cucumber feature") or through "mvn test", I get :
Scenario: a few cukes # src/test/resources/io/cucumber/skeleton/belly.feature:3
Given I have 42 cukes in my belly # io.cucumber.skeleton.StepDefinitions.I_have_cukes_in_my_belly(int)
When I wait 1 hour # io.cucumber.skeleton.StepDefinitions.i_wait_hour(java.lang.Integer)
growl !
Then my belly should growl # io.cucumber.skeleton.StepDefinitions.my_belly_should_growl()
1 Scenarios (1 passed)
3 Steps (3 passed)
0m1,134s
What doesn't work (related to the eclipse cucumber plugin ?), 3. and 4. are the main issues :
In Eclipse, output starts with :
janv. 31, 2023 3:23:38 PM cucumber.api.cli.Main run
WARNING: You are using deprecated Main class. Please use io.cucumber.core.cli.Main
This may or may not be important for the following not working items.
1b. "growl !" is displayed BEFORE the step where it is implemented :
#Then("my belly should growl")
public void my_belly_should_growl() {
System.out.println("growl !");
}
In Eclipse, I'm getting this message despite all the "quiet" properties positionned in the right .properties files :
┌───────────────────────────────────────────────────────────────────────────────────┐
│ Share your Cucumber Report with your team at https://reports.cucumber.io │
│ Activate publishing with one of the following: │
│ │
│ src/test/resources/cucumber.properties: cucumber.publish.enabled=true │
│ src/test/resources/junit-platform.properties: cucumber.publish.enabled=true │
│ Environment variable: CUCUMBER_PUBLISH_ENABLED=true │
│ JUnit: #CucumberOptions(publish = true) │
│ │
│ More information at https://cucumber.io/docs/cucumber/environment-variables/ │
│ │
│ Disable this message with one of the following: │
│ │
│ src/test/resources/cucumber.properties: cucumber.publish.quiet=true │
│ src/test/resources/junit-platform.properties: cucumber.publish.quiet=true │
└───────────────────────────────────────────────────────────────────────────────────┘
I'm not getting any generated cucumber report in maven "target" directory
If I do "Run as JUnit" in Eclipse on this project to get a visual report in the JUnit tab, I get :
org.junit.platform.suite.engine.NoTestsDiscoveredException: Suite [io.cucumber.skeleton.RunCucumberTest] did not discover any tests
I'd like to see the cucumber tests like this in Eclipse :
Please help me make Cucumber work in Eclipse or at least generate an html cucumber report in target.
what I can say you regarding your q:
seems like the answer is here: github issue thread
1b. I do not see in the repo you provided this example, so it is hard to say what is wrong here, I am assuming you have an extra repo with updated skeleton, so you may provide more details
have you checked this thread? quite props
What I know about Cucumber reports, you need in your Runner class, you set a path to your json cucumber report:
#CucumberOptions(
features = "src/test/resources/functionalTests",
glue= {"stepDefinitions"},
plugin = { "pretty", "json:target/cucumber-reports/Cucumber.json" },
monochrome = true )
More examples are here: cucumber reports
Check if your setup is correct, I think the best place for it is: Running Cucumber Tests

Using Sendgrid with Hydrogen on Vercel

I am developing a Hydrogen (1.6.1) site. I have the #sendgrid/mail (7.7.0) package and I am able to successfully send messages on my local dev environment. However, when I deploy to Vercel, I'm getting the message...
[FAILED] Cannot bundle Node.js built-in "fs" imported from "node_modules/#sendgrid/helpers/classes/attachment.js". Consider disabling ssr.noExternal or remove the built-in dependency.
╭─ error ──────────────────────────────────────────────────────────────────────╮
│ │
│ Cannot bundle Node.js built-in "fs" imported from │
│ "node_modules/#sendgrid/helpers/classes/attachment.js". Consider disabling │
│ ssr.noExternal or remove the built-in dependency. │
│ │
╰──────────────────────────────────────────────────────────────────────────────╯
I have tried disabling ssr.noExternal as suggested, but the app won't build in this configuration. Has anyone been able to deploy under this infrastructure?
We solved it by moving it into a netlify function.

How to disable cucumber message in eclipse

How to disable this message:
┌───────────────────────────────────────────────────────────────────────────────────┐
│ Share your Cucumber Report with your team at https://reports.cucumber.io │
│ Activate publishing with one of the following: │
│ │
│ src/test/resources/cucumber.properties: cucumber.publish.enabled=true │
│ src/test/resources/junit-platform.properties: cucumber.publish.enabled=true │
│ Environment variable: CUCUMBER_PUBLISH_ENABLED=true │
│ JUnit: #CucumberOptions(publish = true) │
│ │
│ More information at https://reports.cucumber.io/docs/cucumber-jvm │
│ │
│ Disable this message with one of the following: │
│ │
│ src/test/resources/cucumber.properties: cucumber.publish.quiet=true │
│ src/test/resources/junit-platform.properties: cucumber.publish.quiet=true │
└───────────────────────────────────────────────────────────────────────────────────┘
What steps to take?
In the message it is saying as below:
Disable this message with one of the following:
src/test/resources/cucumber.properties: cucumber.publish.quiet=true
src/test/resources/junit-platform.properties: cucumber.publish.quiet=true
For me it was disabled after doing both of the above
create a new cucumber.properties file under rc/test/resources/ and then add this line
cucumber.publish.quiet:true
I've got the same problem here and I solved it by following the steps in the message:
Creating cucumber.properties and junit-platform.properties in "src/test/resources" on the Package Explorer;
Adding the line "cucumber.publish.quiet=true" to each one of them.
At times the resources folder might not be there by default on eclipse , then you would need to create a folder under src/test by the name 'resources' and the create 2 sub-folders under that folder named 'cucumber.properties' and 'junit-platform.properties' and add that declaration under both.
cucumber.publish.quiet=true
For disabling the cucumber publish message in console,reference for console Message.
Create a file named "cucumber.properties" in src/test/resources file path(which by default gets created when we create a new project in eclipse). Mention cucumber.publish.quite=true in the properties file. That's it now you won't see that cucumber content in the console.
reference image.

How to enable vscode to auto acquire local type for root folder?

Currently I have 2 projects, both with the same structure: all source goes to folder src.
src
└───folder1
│ │ file011.js
│ │ file012.js
│ └───...
└───folder2
│ │ file021.js
│ └───file022.js
│
│ services.js
Somewhere deep down in src folder, I have
import { ClassA} from 'services';
where services is direct child file inside src folder.
In 1 project, opened with Code-Insiders, i get full intellisense on ClassA, but nothing in the other. Wonder what causes the different behavior between the 2 and how I can adjust that.

PowerShell: How to install the DSC Resource Kit Wave 8 modules?

I am trying to set up a DSC pull server on Windows 2012 R2 machine by following this technet article:
http://technet.microsoft.com/en-us/library/dn249913.aspx
However I just can't get the modules working. The installation instructions says:
To install all DSC Resource Kit Modules, unzip the content under
$env:ProgramFiles\WindowsPowerShell\Modules
To confirm installation run Get-DSCResource to see that all of the
resources on this page are among the DSC Resources listed.
So I copied the content of the 'DSC Resource Kit Wave 8 10282014' folder to C:\Program Files\WindowsPowerShell\Modules which now looks as follows:
c:\Program Files\WindowsPowerShell\Modules>tree
├───cFileShare
│ ├───DSCResources
│ │ ├───VSAR_cCreateFileShare
│ │ └───VSAR_cSetSharePermissions
│ ├───Examples
│ ├───ResourceDesignerScripts
│ └───Unit Tests
├───xActiveDirectory
│ ├───DSCResources
│ │ ├───MSFT_xADDomain
│ │ ├───MSFT_xADDomainController
│ │ ├───MSFT_xADDomainTrust
│ │ ├───MSFT_xADUser
│ │ └───MSFT_xWaitForADDomain
│ └───Misc
├───xAdcsDeployment
│ ├───DSCResources
│ │ ├───MSFT_xAdcsCertificationAuthority
│ │ └───MSFT_xAdcsWebEnrollment
│ └───xCertificateServices
│ ├───DSCResources
│ │ ├───MSFT_xAdcsCertificationAuthority
│ │ └───MSFT_xAdcsWebEnrollment
│ └───Examples
[...]
Then I restarted my PowerShell console to ensure it's reloading $env:PSModulePath which contains this by the way (added linewrap manually for better readability):
PS C:\Users\Administrator> $env:PSModulePath
C:\Users\Administrator\Documents\WindowsPowerShell\Modules;
C:\Program Files\WindowsPowerShell\Modules;
C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
So everything is pretty much default here. However get-module -ListAvailable is just not listening any of the above modules e.g. xPSDesiredStateConfiguration. Also the Get-DscResource cmdlet is not returning any ressources that come with this module (especially xDSCWebService is the DSC resource I am looking for to setup the pull server).
If I manually copy the content of xPSDesiredStateConfiguration\DSCResources\* to one of the modules path folder's I do see the DSC resources. However the pull-server setup script (Sample_xDscWebService.ps1) fails. Opening the editor it shows me a syntax error near to:
Import-DSCResource -ModuleName xPSDesiredStateConfiguration
I just can't figure out what I am doing wrong here. So, how can I install the DSC Resource Kit?
I had the same problem. After installation of 3 updates (KB2894029, KB2894179 and KB2883200) everything works ;)
This issue seems to be related to some missing patches. Unfortunately I dont know which one. The link to the blog post below is mentioning KB2883200. But installing it on my system did not make a change.
However it works on another fully patched Windows 2012 R2 server. Unfortunatley I don't have an easy access at work to patch my manually installed server to the latest available.
http://blogs.msdn.com/b/powershell/archive/2013/12/26/holiday-gift-desired-state-configuration-dsc-resource-kit-wave-1.aspx
I had this error and fixed it!
See my blog post at http://tfl09.blogspot.com//2015/04/using-dsc-resource-kit-hot-fixes-may-be.html
That location points to the specific patches you need.