fix: [CLI-859] Replace global-agent from ts-binary-wrapper with proxy-agent

[dotkas]

Pull Request Submission Checklist

• Follows CONTRIBUTING guidelines
• Commit messages
  are release-note ready, emphasizing
  what was changed, not how.
• Includes detailed description of changes
• Contains risk assessment (Low | Medium | High)
• Highlights breaking API changes (if applicable)
• Links to automated tests covering new functionality
• Includes manual testing instructions (if necessary)
• Updates relevant GitBook documentation (PR link: ___)
• Includes product update to be announced in the next stable release notes

What does this PR do?

The NPM package global-agent is not maintained and is causing deprecation errors to show up. This PR removes the package all together and relies on the [proxy-agent](https://www.npmjs.com/package/proxy-agent) package instead, which handles the same logic.

Where should the reviewer start?

The ts-binary-wrapper has somewhat straightforward logic and you could start there. A new test has been added to highlight the change that needs to be covered.

Further, the ts-binary-wrapper build script was not buildable outside of the CLI context. This has been fixed in the Makefile. It was needed to make the tests for ts-binary-wrapper run in CircleCI as a part of the build process.

How should this be manually tested?

Do an npm run build in the ts-binary-wrapper folder and try to download the CLI from the built executable.

What's the product update that needs to be communicated to CLI users?

N/A, this is an implementation change.

Risk assessment (Low | Medium | High)?

HIGH, this changes the way customers download Snyk when running behind HTTP(S) proxies and could introduce breaking changes making customers unable to use Snyk in their environments. This change should be reviewed and tested carefully.

Further, there has been some changes to the Makefile which I believe was needed to adequately ensure ts-binary-wrapper installed as a part of the build and test steps. This should probably also be reviewed a bit more carefully.

[snyk-io]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

✅ license/snyk check is complete. No issues have been found. (View Details)

✅ code/snyk check is complete. No issues have been found. (View Details)

[github-actions]

	Warnings
⚠️	Since the CLI is unifying on a standard and improved tooling, we're starting to migrate old-style imports and exports to ES6 ones. A file you've modified is using either module.exports or require(). If you can, please update them to ES6 import syntax and export syntax. Files found: ts-binary-wrapper/src/common.ts
⚠️	There are multiple commits on your branch, please squash them locally before merging!
⚠️	"[fix: CLI-859 Replace global-agent from ts-binary-wrapper with proxy-agent](#6085)" is too long. Keep the first line of your commit message under 72 characters.
⚠️	"chore: automatic integration of language server cf5a04582d11c4040e39fda2c39fe0c4ebb7470f" is too long. Keep the first line of your commit message under 72 characters.
⚠️	"chore: automatic integration of language server c7d99d8e362ccad3cd0bb2b421dfdb0107d799c6" is too long. Keep the first line of your commit message under 72 characters.

Generated by 🚫 dangerJS against 78632af

[dotkas]

According to the docs, this should all happen behind the scenes. They are already using the proxy-from-env dependency that we are also utilizing in the CLI.

[dotkas]

Not sure why this wasn't needed before. But I would get TypeScript errors about https and lru-cache both on CircleCI and locally.

node_modules/get-uri/dist/http.d.ts:5:8 - error TS1192: Module '"http"' has no default export.

5 import http_ from 'http';
         ~~~~~

node_modules/get-uri/dist/http.d.ts:6:8 - error TS1192: Module '"https"' has no default export.

6 import https from 'https';
         ~~~~~

node_modules/proxy-agent/dist/index.d.ts:3:8 - error TS1259: Module '"/Users/kasparmoss/git/snyk/cli/ts-binary-wrapper/node_modules/proxy-agent/node_modules/lru-cache/index"' can only be default-imported using the 'esModuleInterop' flag

3 import LRUCache from 'lru-cache';

[dotkas]

The command worked previously without an install step, as all dependencies was already installed from the CLI project.

Now we're adding proxy-agent, not currently present in the CLI project.

The --ignore-scripts is to avoid the bootstrapping mechanism of ts-binary-wrapper to come into effect, causing a failed installation.

[dotkas]

I don't think I can make a more specific command due to

cli/cliv2/Makefile

Line 39 in eede406

# the platform string used by the deployed binaries is not excatly OS-ARCH so we need to translate a bit

[dotkas]

The reason I am adding this step is for the testing of ts-binary-wrapper inside the acceptance tests.

I didn't add the sha256 step there, as the executors don't all contain an environment to run make.

I further tried to keep the Makefile intact, since previous attempts at changing the logic here all caused side-effects I had trouble overlooking in the CCI steps.

[PeterSchafer]

Issue: This change introduces a new minimum Node version requirement!

The currently available version can be installed with node 12.0.0, the package from this branch can't.
I tested this the following way.

fnm use 12.0.0
npm install snyk@1.1298.2
npm install binary-releases/snyk.tgz

It errors with

> node wrapper_dist/bootstrap.js exec

/Users/user/Documents/dev/cli/del/node_modules/proxy-agent/dist/index.js:88
        this.httpAgent = opts?.httpAgent || new http.Agent(opts);
                              ^

SyntaxError: Unexpected token '.'
    at wrapSafe (internal/modules/cjs/loader.js:1054:16)
    at Module._compile (internal/modules/cjs/loader.js:1102:27)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1158:10)
    at Module.load (internal/modules/cjs/loader.js:986:32)
    at Function.Module._load (internal/modules/cjs/loader.js:879:14)
    at Module.require (internal/modules/cjs/loader.js:1026:19)
    at require (internal/modules/cjs/helpers.js:72:18)
    at Object.<anonymous> (/Users/user/Documents/dev/cli/del/node_modules/snyk/wrapper_dist/common.js:34:23)
    at Module._compile (internal/modules/cjs/loader.js:1138:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1158:10)

it seems to work with version 14.0.0 and generally more recent versions. But the change in minimum node version is the same as the other branch that used axios. The branch with axios has the minimum node version 12.17.0.

[PeterSchafer]

@dotkas let's please mark this PR as draft until we have the data to decide