Remove all reported CVE issues with npm packages, create fallbacks fo…

…r polyfills, use absolute path to eslint with formatter, upgrade all packages

Dockerfile.portal_lint

@@ -1,13 +1,9 @@
 ARG REGISTRY
-FROM ${REGISTRY}/ubi8/nodejs-14
+FROM ${REGISTRY}/ubi8/nodejs-16
 WORKDIR /data
 USER root
 
-COPY /portal/v2/ /data/
-RUN npm install -g
+COPY /portal/v2 /data/
+RUN npm install
 
-RUN set -eux \
-	&& ln -sf /data/node_modules/eslint/bin/eslint.js /usr/bin/eslint
-
-ENTRYPOINT ["eslint"]
-CMD ["--help"]
+CMD ["npm", "run", "lint"]

Makefile

@@ -184,8 +184,8 @@ lint-go:
 	hack/lint-go.sh
 
 lint-admin-portal:
-	docker build --platform=linux/amd64 --build-arg REGISTRY=$(REGISTRY) -f Dockerfile.portal_lint . -t linter
-	docker run --platform=linux/amd64 -it --rm localhost/linter ./src --ext .ts
+	docker build --platform=linux/amd64 --build-arg REGISTRY=$(REGISTRY) -f Dockerfile.portal_lint . -t $(REGISTRY)/linter:latest --no-cache
+	docker run --platform=linux/amd64 -t --rm $(REGISTRY)/linter:latest
 
 test-python: pyenv az
 	. pyenv/bin/activate && \

portal/v2/.eslintrc.yml

@@ -1,6 +1,7 @@
 env:
   browser: true
   es2021: true
+  node: true
 extends:
   - 'plugin:react/recommended'
   - "eslint:recommended"

portal/v2/README.md

@@ -0,0 +1,40 @@
+# Admin Portal Version 2
+
+## REQUIRED: Install Node and NPM
+> Using NVM is easiest
+```
+curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
+
+nvm install 16.16.0
+
+nvm use 16.16.0
+```
+
+## Installing, Auditing & Building
+> Below are instructions to install dependencies and run a build test.
+
+## Install
+```
+cd portal/v2
+
+npm install
+```
+
+## Audit
+```
+npm audit
+```
+
+> Expected output: `found 0 vulnerabilities`
+
+## Polyfills
+With the introduction of react-scripts and webpack v5.x.x polyfills for node.js core modules are no longer included by default.
+
+As such, we need to employ a configuration override to dependencies that require them. You can find these in [config-overrides](./config-overrides.js)
+
+After adding the required fallback in `Object.assign` you need to `npm install --save-dev` the package that is needed.
+
+## Build
+```
+npm run build
+```

portal/v2/build/asset-manifest.json

@@ -1,17 +1,10 @@
 {
   "files": {
-    "main.js": "/static/js/main.fd2b18d9.chunk.js",
-    "main.js.map": "/static/js/main.fd2b18d9.chunk.js.map",
-    "runtime-main.js": "/static/js/runtime-main.23de3f81.js",
-    "runtime-main.js.map": "/static/js/runtime-main.23de3f81.js.map",
-    "static/js/2.fc3140a1.chunk.js": "/static/js/2.fc3140a1.chunk.js",
-    "static/js/2.fc3140a1.chunk.js.map": "/static/js/2.fc3140a1.chunk.js.map",
+    "main.js": "/static/js/main.d2a3e4e8.js",
     "index.html": "/index.html",
-    "static/js/2.fc3140a1.chunk.js.LICENSE.txt": "/static/js/2.fc3140a1.chunk.js.LICENSE.txt"
+    "main.d2a3e4e8.js.map": "/static/js/main.d2a3e4e8.js.map"
   },
   "entrypoints": [
-    "static/js/runtime-main.23de3f81.js",
-    "static/js/2.fc3140a1.chunk.js",
-    "static/js/main.fd2b18d9.chunk.js"
+    "static/js/main.d2a3e4e8.js"
   ]
 }

portal/v2/build/index.html

@@ -1 +1 @@
-<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="shortcut icon" href="/favicon.ico"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><title>ARO Portal</title></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div><script>!function(e){function r(r){for(var n,l,a=r[0],p=r[1],f=r[2],c=0,s=[];c<a.length;c++)l=a[c],Object.prototype.hasOwnProperty.call(o,l)&&o[l]&&s.push(o[l][0]),o[l]=0;for(n in p)Object.prototype.hasOwnProperty.call(p,n)&&(e[n]=p[n]);for(i&&i(r);s.length;)s.shift()();return u.push.apply(u,f||[]),t()}function t(){for(var e,r=0;r<u.length;r++){for(var t=u[r],n=!0,a=1;a<t.length;a++){var p=t[a];0!==o[p]&&(n=!1)}n&&(u.splice(r--,1),e=l(l.s=t[0]))}return e}var n={},o={1:0},u=[];function l(r){if(n[r])return n[r].exports;var t=n[r]={i:r,l:!1,exports:{}};return e[r].call(t.exports,t,t.exports,l),t.l=!0,t.exports}l.m=e,l.c=n,l.d=function(e,r,t){l.o(e,r)||Object.defineProperty(e,r,{enumerable:!0,get:t})},l.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},l.t=function(e,r){if(1&r&&(e=l(e)),8&r)return e;if(4&r&&"object"==typeof e&&e&&e.__esModule)return e;var t=Object.create(null);if(l.r(t),Object.defineProperty(t,"default",{enumerable:!0,value:e}),2&r&&"string"!=typeof e)for(var n in e)l.d(t,n,function(r){return e[r]}.bind(null,n));return t},l.n=function(e){var r=e&&e.__esModule?function(){return e.default}:function(){return e};return l.d(r,"a",r),r},l.o=function(e,r){return Object.prototype.hasOwnProperty.call(e,r)},l.p="/";var a=this["webpackJsonparo-rp"]=this["webpackJsonparo-rp"]||[],p=a.push.bind(a);a.push=r,a=a.slice();for(var f=0;f<a.length;f++)r(a[f]);var i=p;t()}([])</script><script src="/static/js/2.fc3140a1.chunk.js"></script><script src="/static/js/main.fd2b18d9.chunk.js"></script></body></html>
+<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="shortcut icon" href="/favicon.ico"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><title>ARO Portal</title><script defer="defer" src="/static/js/main.d2a3e4e8.js"></script></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>

portal/v2/build/static/js/2.fc3140a1.chunk.js.LICENSE.txt → portal/v2/build/static/js/main.d2a3e4e8.js.LICENSE.txt

@@ -7,7 +7,7 @@ object-assign
 /*!
  * The buffer module from node.js, for the browser.
  *
- * @author   Feross Aboukhadijeh <http://feross.org>
+ * @author   Feross Aboukhadijeh <https://feross.org>
  * @license  MIT
  */
 
@@ -17,23 +17,10 @@ object-assign
  * MIT Licensed
  */
 
-/*! *****************************************************************************
-Copyright (c) Microsoft Corporation.
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
-REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
-INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
-OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-PERFORMANCE OF THIS SOFTWARE.
-***************************************************************************** */
-
 /*! ieee754. BSD-3-Clause License. Feross Aboukhadijeh <https://feross.org/opensource> */
 
+/*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE */
+
 /*! safe-buffer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */
 
 /** @license React v0.20.2

portal/v2/config-overrides.js

@@ -0,0 +1,21 @@
+const webpack = require('webpack');
+
+module.exports = function override(config) {
+  const fallback = config.resolve.fallback || {};
+
+  Object.assign(fallback, {
+    "path": require.resolve('path-browserify'),
+    "buffer": require.resolve("buffer/")
+  });
+
+  config.resolve.fallback = fallback;
+
+  config.plugins = (config.plugins || []).concat([
+    new webpack.ProvidePlugin({
+      process: 'process/browser',
+      Buffer: ['buffer', 'Buffer'],
+    }),
+  ]);
+
+  return config;
+};