Merge pull request #8963 from liranmauda/liran-backport-into-5.15

[Backport into 5.15] Bumping deps to avoid CVE (16/03/2025)

Author: liranmauda

package-lock.json

@@ -71,9 +71,9 @@
     ]
   },
   "dependencies": {
-    "@aws-sdk/client-s3": "3.750.0",
-    "@aws-sdk/client-sts": "3.750.0",
-    "@azure/identity": "4.7.0",
+    "@aws-sdk/client-s3": "3.758.0",
+    "@aws-sdk/client-sts": "3.758.0",
+    "@azure/identity": "4.8.0",
     "@azure/monitor-query": "1.3.1",
     "@azure/storage-blob": "12.26.0",
     "@google-cloud/storage": "7.15.2",
@@ -104,32 +104,30 @@
     "mongo-query-to-postgres-jsonb": "0.2.17",
     "mongodb": "3.7.4",
     "morgan": "1.10.0",
-    "nan": "2.22.1",
+    "nan": "2.22.2",
     "ncp": "2.0.0",
     "node-addon-api": "8.3.1",
     "performance-now": "2.1.0",
-    "pg": "8.13.3",
+    "pg": "8.14.0",
     "ping": "0.4.4",
     "prom-client": "15.1.3",
     "ps-node": "0.1.6",
-    "rimraf": "6.0.1",
     "seedrandom": "3.0.5",
     "setimmediate": "1.0.5",
-    "typescript": "5.7.3",
-    "uuid": "10.0.0",
+    "typescript": "5.8.2",
     "ws": "8.18.1",
     "xml2js": "0.6.2",
     "yaml": "2.7.0",
     "yauzl": "3.2.0",
     "yazl": "2.5.1"
   },
   "devDependencies": {
-    "@aws-sdk/lib-storage": "3.750.0",
+    "@aws-sdk/lib-storage": "3.758.0",
     "@stylistic/eslint-plugin-js": "1.8.1",
     "@types/jest": "29.5.14",
-    "@types/lodash": "4.17.15",
+    "@types/lodash": "4.17.16",
     "@types/mongodb": "4.0.7",
-    "@types/node": "22.13.5",
+    "@types/node": "22.13.10",
     "@types/pg": "8.11.11",
     "eslint": "8.57.1",
     "eslint-plugin-header": "3.1.1",

package.json

@@ -10,7 +10,7 @@ const os = require('os');
 const path = require('path');
 const util = require('util');
 const repl = require('repl');
-const { v4: uuid } = require('uuid');
+const crypto = require('crypto');
 const argv = require('minimist')(process.argv);
 const S3Auth = require('aws-sdk/lib/signers/s3');
 
@@ -108,7 +108,7 @@ class AgentCLI {
                     self.client.options.address = self.params.address;
                 }
                 if (!self.params.host_id) {
-                    self.params.host_id = uuid();
+                    self.params.host_id = crypto.randomUUID();
                     return self.agent_conf.update({
                         host_id: self.params.host_id
                     });

src/agent/agent_cli.js

@@ -2,7 +2,7 @@
 'use strict';
 
 const _ = require('lodash');
-const { v4: uuid } = require('uuid');
+const crypto = require('crypto');
 const dbg = require('../../../util/debug_module')(__filename);
 const S3Error = require('../s3_errors').S3Error;
 
@@ -85,7 +85,7 @@ async function put_bucket_lifecycle(req) {
             current_rule.id = rule.ID[0];
         } else {
             // Generate a random ID if missing
-            current_rule.id = uuid();
+            current_rule.id = crypto.randomUUID();
         }
 
         if (!(rule.Status && rule.Status.length === 1)) {

src/endpoint/s3/ops/s3_put_bucket_lifecycle.js

@@ -1,7 +1,7 @@
 /* Copyright (C) 2016 NooBaa */
 'use strict';
 
-const { v4: uuid } = require('uuid');
+const crypto = require('crypto');
 const path = require('path');
 const util = require('util');
 const fs = require('fs');
@@ -197,7 +197,7 @@ class HostedAgents {
     start_local_agent(params) {
         if (!this._started) return;
 
-        const host_id = uuid();
+        const host_id = crypto.randomUUID();
         const node_name = 'noobaa-internal-agent-' + params.name;
         const storage_path = path.join(process.cwd(), 'noobaa_storage', node_name);
 

src/hosted_agents/hosted_agents.js

@@ -8,7 +8,6 @@ const fs = require('fs');
 const path = require('path');
 const util = require('util');
 const mime = require('mime');
-const { v4: uuidv4 } = require('uuid');
 const P = require('../util/promise');
 const dbg = require('../util/debug_module')(__filename);
 const config = require('../../config');
@@ -1181,7 +1180,7 @@ class NamespaceFS {
         let upload_path;
         // upload path is needed only when open_mode is w / for copy
         if (open_mode === 'w' || params.copy_source) {
-            const upload_id = uuidv4();
+            const upload_id = crypto.randomUUID();
             upload_path = path.join(this.bucket_path, this.get_bucket_tmpdir(), 'uploads', upload_id);
             await native_fs_utils._make_path_dirs(upload_path, fs_context);
         }
@@ -1571,7 +1570,7 @@ class NamespaceFS {
             const fs_context = this.prepare_fs_context(object_sdk);
             await this._load_bucket(params, fs_context);
             await this._throw_if_low_space(fs_context);
-            params.obj_id = uuidv4();
+            params.obj_id = crypto.randomUUID();
             params.mpu_path = this._mpu_path(params);
             await native_fs_utils._create_path(params.mpu_path, fs_context);
             const create_params = JSON.stringify({ ...params, source_stream: null });

src/sdk/namespace_fs.js

@@ -8,7 +8,7 @@ const dbg = require('../../util/debug_module')(__filename);
 const { KubeStore } = require('../kube-store.js');
 const yaml = require('yaml');
 const Agent = require('../../agent/agent');
-const { v4: uuid } = require('uuid');
+const crypto = require('crypto');
 const js_utils = require('../../util/js_utils');
 const size_utils = require('../../util/size_utils');
 
@@ -220,7 +220,7 @@ class InProcessAgentsPoolController extends PoolController {
                 read: () => _.cloneDeep(create_node_token),
                 write: new_token => { create_node_token = _.cloneDeep(new_token); }
             },
-            host_id: uuid(),
+            host_id: crypto.randomUUID(),
             test_hostname: hostname
         });
         await agent.start();

src/server/system_services/pool_controllers.js

@@ -16,7 +16,7 @@ const test_utils = require('./test_utils');
 
 const fs = require('fs');
 const AWS = require('aws-sdk');
-const { v4: uuid } = require('uuid');
+const crypto = require('crypto');
 const assert = require('assert');
 
 
@@ -114,10 +114,10 @@ async function setup() {
     // S3 policies which gives the user equivalent permissions over the buckets that permission_list was giving.
     await Promise.all(
         full_access_user
-            .allowed_buckets
-            .permission_list
-            .map(bucket => test_utils.generate_s3_policy(full_access_user.email, bucket, ['s3:*']))
-            .map(generated => client.bucket.put_bucket_policy({ name: generated.params.bucket, policy: generated.policy }))
+        .allowed_buckets
+        .permission_list
+        .map(bucket => test_utils.generate_s3_policy(full_access_user.email, bucket, ['s3:*']))
+        .map(generated => client.bucket.put_bucket_policy({ name: generated.params.bucket, policy: generated.policy }))
     );
 
     account = account_by_name(system_info.accounts, bucket1_user.email);
@@ -127,10 +127,10 @@ async function setup() {
     // S3 policies which gives the user equivalent permissions over the buckets that permission_list was giving.
     await Promise.all(
         full_access_user
-            .allowed_buckets
-            .permission_list
-            .map(bucket => test_utils.generate_s3_policy(full_access_user.email, bucket, ['s3:*']))
-            .map(generated => client.bucket.put_bucket_policy({ name: generated.params.bucket, policy: generated.policy }))
+        .allowed_buckets
+        .permission_list
+        .map(bucket => test_utils.generate_s3_policy(full_access_user.email, bucket, ['s3:*']))
+        .map(generated => client.bucket.put_bucket_policy({ name: generated.params.bucket, policy: generated.policy }))
     );
 
     account = account_by_name(system_info.accounts, no_access_user.email);
@@ -140,10 +140,10 @@ async function setup() {
     // S3 policies which gives the user equivalent permissions over the buckets that permission_list was giving.
     await Promise.all(
         full_access_user
-            .allowed_buckets
-            .permission_list
-            .map(bucket => test_utils.generate_s3_policy(full_access_user.email, bucket, ['s3:*']))
-            .map(generated => client.bucket.put_bucket_policy({ name: generated.params.bucket, policy: generated.policy }))
+        .allowed_buckets
+        .permission_list
+        .map(bucket => test_utils.generate_s3_policy(full_access_user.email, bucket, ['s3:*']))
+        .map(generated => client.bucket.put_bucket_policy({ name: generated.params.bucket, policy: generated.policy }))
     );
 }
 
@@ -322,7 +322,7 @@ async function test_bucket_list_denied() {
 async function test_create_bucket_add_creator_permissions() {
     console.log(`Starting test_create_bucket_add_creator_permissions`);
     const server = get_new_server(full_access_user);
-    const unique_bucket_name = 'bucket' + uuid();
+    const unique_bucket_name = 'bucket' + crypto.randomUUID();
     const params = {
         Bucket: unique_bucket_name
     };
@@ -336,7 +336,7 @@ async function test_create_bucket_add_creator_permissions() {
 async function test_delete_bucket_deletes_permissions() {
     console.log(`Starting test_delete_bucket_deletes_permissions`);
     const server = get_new_server(full_access_user);
-    const unique_bucket_name = 'bucket' + uuid();
+    const unique_bucket_name = 'bucket' + crypto.randomUUID();
 
     await server.createBucket({ Bucket: unique_bucket_name }).promise();
 

src/test/system_tests/test_bucket_access.js

@@ -13,11 +13,11 @@ const P = require('../../util/promise');
 const api = require('../../api');
 const ops = require('../utils/basic_server_ops');
 const dotenv = require('../../util/dotenv');
-const { v4: uuid } = require('uuid');
+const crypto = require('crypto');
 dotenv.load();
 
 
-const suffix = uuid().split('-')[0];
+const suffix = crypto.randomUUID().split('-')[0];
 
 const {
     mgmt_ip = 'localhost',

src/test/system_tests/test_node_failure.js

@@ -9,8 +9,7 @@ const util = require('util');
 const mocha = require('mocha');
 const assert = require('assert');
 const mongodb = require('mongodb');
-const { v4: uuid } = require('uuid');
-
+const crypto = require('crypto');
 const P = require('../../util/promise');
 const config = require('../../../config');
 const MDStore = require('../../server/object_services/md_store').MDStore;
@@ -133,7 +132,7 @@ mocha.describe('lifecycle', () => {
         }
 
         mocha.it('test prefix, absolute date expiration', async () => {
-            const key = uuid();
+            const key = crypto.randomUUID();
             const prefix = key.split('-')[0];
             const age = 17;
             const bucket = Bucket;
@@ -146,7 +145,7 @@ mocha.describe('lifecycle', () => {
             await verify_object_deleted(key);
         });
         mocha.it('test prefix, absolute date and tags expiration', async () => {
-            const key = uuid();
+            const key = crypto.randomUUID();
             const prefix = key.split('-')[0];
             const age = 17;
             const bucket = Bucket;
@@ -161,7 +160,7 @@ mocha.describe('lifecycle', () => {
             await verify_object_deleted(key);
         });
         mocha.it('test size less, absolute date expiration', async () => {
-            const key = uuid();
+            const key = crypto.randomUUID();
             const age = 17;
             const size = 64;
             const bucket = Bucket;
@@ -173,7 +172,7 @@ mocha.describe('lifecycle', () => {
             await verify_object_deleted(key);
         });
         mocha.it('test size interval, absolute date expiration', async () => {
-            const key = uuid();
+            const key = crypto.randomUUID();
             const age = 17;
             const gt = 1;
             const size_object = 2;
@@ -187,7 +186,7 @@ mocha.describe('lifecycle', () => {
             await verify_object_deleted(key);
         });
         mocha.it('test size less, relative days expiration', async () => {
-            const key = uuid();
+            const key = crypto.randomUUID();
             const object_age = 2;
             const days = 1;
             const size = 1;
@@ -200,7 +199,7 @@ mocha.describe('lifecycle', () => {
             await verify_object_deleted(key);
         });
         mocha.it('test tag, relative days expiration', async () => {
-            const key = uuid();
+            const key = crypto.randomUUID();
             const object_age = 2;
             const days = 1;
             const tag = { key: 'tagname', value: 'tagvalue' };