housekeeping: npm audit resolutions (via #5457)

* add `security-audit` script

* npm audit fix

* remove nyc

* nightwatch@1

this breaks the test suite, but it appears to have already regressed. leaving it for another day, TODO: open a backlog ticket

* add `security-audit` script

* disable mocha exclusivity

* update package-lock.json

* [email protected]

* `npm audit fix`

* @release-it/[email protected]

* release-it@12

Author: shockey

docs/development/scripts.md

@@ -19,12 +19,12 @@ Script name | Description
 `build-bundle` | Build `swagger-ui-bundle.js` only.
 `build-core` | Build `swagger-ui.(js\|css)` only.
 `build-standalone` | Build `swagger-ui-standalone-preset.js` only.
+`build-stylesheets` | Build `swagger-ui.css` only.
 
 ### Testing
 Script name | Description
 --- | ---
 `test` | Run unit tests in Node and run ESLint in errors-only mode.
 `just-test` | Run unit tests in the browser with Karma.
 `just-test-in-node` | Run unit tests in Node.
-`just-check-coverage` | Generate a code coverage report with NYC.
 `e2e` | Run end-to-end tests (requires JDK and Selenium).

package-lock.json

@@ -31,16 +31,18 @@
     "test": "run-s just-test-in-node e2e-cypress lint-errors",
     "test-in-node": "run-s lint-errors just-test-in-node",
     "just-test-in-node": "mocha --require test/setup.js --recursive --compilers js:@babel/register --require source-map-support test/core test/components test/bugs test/docker test/swagger-ui-dist-package test/xss",
-    "just-check-coverage": "nyc npm run just-test-in-node",
     "test-e2e-cypress": "cypress run",
     "test-e2e-selenium": "sleep 3 && nightwatch test/e2e-selenium/scenarios/ --config test/e2e-selenium/nightwatch.json",
     "e2e-initial-render": "nightwatch test/e2e-selenium/scenarios/ --config test/e2e-selenium/nightwatch.json --group initial-render",
     "mock-api": "json-server --watch test/e2e-selenium/db.json --port 3204",
     "hot-e2e-cypress-server": "webpack-dev-server --config webpack/dev-e2e.babel.js --content-base test/e2e-cypress/static",
-    "hot-e2e-selenium-server": "webpack-dev-server --config webpack/dev-e2e.babel.js --content-base test/e2e-selenium/helpers",
+    "hot-e2e-selenium-server": "webpack-dev-server --config webpack/dev-e2e.babel.js --content-base test/e2e-selenium/static",
     "e2e-cypress": "run-p -r hot-e2e-cypress-server mock-api test-e2e-cypress",
     "e2e-selenium": "run-p -r hot-e2e-selenium-server mock-api test-e2e-selenium",
     "open-static": "node -e 'require(\"open\")(\"http://localhost:3002\")'",
+    "security-audit": "run-s -sc security-audit:all security-audit:prod",
+    "security-audit:prod": "npm-audit-ci-wrapper -p -t low",
+    "security-audit:all": "npm-audit-ci-wrapper -t moderate",
     "serve-static": "http-server dist/ -i -a 0.0.0.0 -p 3002",
     "start": "npm-run-all --parallel serve-static open-static"
   },
@@ -58,7 +60,7 @@
     "ieee754": "^1.1.8",
     "immutable": "^3.x.x",
     "js-file-download": "^0.4.1",
-    "lodash": "^4.17.11",
+    "lodash": "^4.17.14",
     "memoizee": "^0.4.12",
     "prop-types": "^15.5.10",
     "react": "^15.6.2",
@@ -90,19 +92,19 @@
     "@babel/preset-react": "^7.0.0",
     "@babel/register": "^7.4.4",
     "@babel/runtime-corejs2": "^7.0.0",
-    "@release-it/conventional-changelog": "^1.0.0",
+    "@release-it/conventional-changelog": "^1.1.0",
     "autoprefixer": "^8.4.1",
     "babel-eslint": "^9.0.0",
     "babel-loader": "^8.0.6",
     "babel-plugin-module-resolver": "^3.2.0",
     "babel-plugin-transform-react-remove-prop-types": "^0.4.13",
     "body-parser": "^1.18.3",
-    "bundlesize": "^0.17.2",
+    "bundlesize": "^0.18.0",
     "chromedriver": "^2.38.3",
     "copy-webpack-plugin": "^5.0.3",
     "cors": "^2.8.4",
     "css-loader": "^3.0.0",
-    "cypress": "^3.3.1",
+    "cypress": "^3.4.0",
     "dedent": "^0.7.0",
     "deepmerge": "^2.1.0",
     "enzyme": "^2.7.1",
@@ -119,24 +121,24 @@
     "imports-loader": "^0.8.0",
     "jsdom": "^11.10.0",
     "json-loader": "^0.5.7",
-    "json-merger": "^1.1.0",
-    "json-server": "^0.12.2",
+    "json-merger": "^1.1.1",
+    "json-server": "^0.15.0",
     "less": "^3.0.2",
     "license-checker": "^19.0.0",
     "mini-css-extract-plugin": "^0.7.0",
     "mocha": "^5.1.1",
-    "nightwatch": "^0.9.16",
+    "nightwatch": "^1.1.13",
     "node-sass": "^4.12.0",
+    "npm-audit-ci-wrapper": "^2.3.0",
     "npm-run-all": "^4.1.2",
-    "nyc": "^11.3.0",
     "oauth2-server": "^2.4.1",
     "open": "6.0.0",
     "optimize-css-assets-webpack-plugin": "^5.0.3",
     "postcss-loader": "^3.0.0",
     "prettier": "^1.18.2",
     "raw-loader": "3.0.0",
     "react-test-renderer": "^15.5.4",
-    "release-it": "^11.0.0",
+    "release-it": "^12.3.3",
     "rimraf": "^2.6.0",
     "sass-loader": "^7.1.0",
     "selenium-server-standalone-jar": "3.12.0",
@@ -153,12 +155,6 @@
   "config": {
     "deps_check_dir": ".deps_check"
   },
-  "nyc": {
-    "all": true,
-    "include": [
-      "**/src/core/plugins/**.js"
-    ]
-  },
   "bundlesize": [
     {
       "path": "./dist/swagger-ui-bundle.js",

package.json

@@ -0,0 +1,2 @@
+These tests are currently broken, and need to be either updated or migrated into
+`../e2e-cypress`.

test/e2e-selenium/README.md

@@ -125,6 +125,96 @@
         }
       ],
       "status": "available"
+    },
+    {
+      "id": 8,
+      "category": {
+        "id": 0,
+        "name": "string"
+      },
+      "name": "doggie",
+      "photoUrls": [
+        "string"
+      ],
+      "tags": [
+        {
+          "id": 0,
+          "name": "string"
+        }
+      ],
+      "status": "available"
+    },
+    {
+      "id": 9,
+      "category": {
+        "id": 0,
+        "name": "string"
+      },
+      "name": "doggie",
+      "photoUrls": [
+        "string"
+      ],
+      "tags": [
+        {
+          "id": 0,
+          "name": "string"
+        }
+      ],
+      "status": "available"
+    },
+    {
+      "id": 10,
+      "category": {
+        "id": 0,
+        "name": "string"
+      },
+      "name": "doggie",
+      "photoUrls": [
+        "string"
+      ],
+      "tags": [
+        {
+          "id": 0,
+          "name": "string"
+        }
+      ],
+      "status": "available"
+    },
+    {
+      "id": 11,
+      "category": {
+        "id": 0,
+        "name": "string"
+      },
+      "name": "doggie",
+      "photoUrls": [
+        "string"
+      ],
+      "tags": [
+        {
+          "id": 0,
+          "name": "string"
+        }
+      ],
+      "status": "available"
+    },
+    {
+      "id": 12,
+      "category": {
+        "id": 0,
+        "name": "string"
+      },
+      "name": "doggie",
+      "photoUrls": [
+        "string"
+      ],
+      "tags": [
+        {
+          "id": 0,
+          "name": "string"
+        }
+      ],
+      "status": "available"
     }
   ]
-}
+}

test/e2e-selenium/db.json

@@ -15,45 +15,17 @@
     }
   },
 
-  "selenium" : {
-    "start_process" : true,
-    "server_path" : "node_modules/selenium-server-standalone-jar/jar/selenium-server-standalone-3.12.0.jar",
-    "log_path" : "",
-    "host" : "127.0.0.1",
-    "port" : 4444,
-    "cli_args" : {
-      "webdriver.chrome.driver" : "node_modules/chromedriver/bin/chromedriver",
-      "webdriver.firefox.profile" : "",
-      "webdriver.ie.driver" : ""
-    }
+  "webdriver": {
+    "start_process": true,
+    "server_path": "node_modules/.bin/chromedriver",
+    "port": 9515
   },
 
-  "test_settings" : {
-    "default" : {
-      "launch_url" : "http://localhost",
-      "selenium_port"  : 4444,
-      "selenium_host"  : "localhost",
-      "silent": true,
-      "screenshots" : {
-        "enabled" : false,
-        "path" : ""
-      },
-      "desiredCapabilities": {
-        "browserName": "chrome",
-        "marionette": true
-      }
-    },
-
-    "chrome" : {
+  "test_settings": {
+    "default": {
       "desiredCapabilities": {
         "browserName": "chrome"
       }
-    },
-
-    "edge" : {
-      "desiredCapabilities": {
-        "browserName": "MicrosoftEdge"
-      }
     }
   }
 }

test/e2e-selenium/nightwatch.json

@@ -85,13 +85,13 @@ module.exports = {
       }
     },
     apiWrapper: {
-      selector: "div.swagger-ui > div:nth-child(2) > div:nth-child(5) > section > div",
+      selector: "div.swagger-ui > div:nth-child(2) > div:nth-child(4) > section > div",
       elements: {
         petAPIWrapper: {
-          selector: "div.swagger-ui div:nth-child(5) > section > div > span:nth-child(1) > div"
+          selector: "div.swagger-ui div:nth-child(4) > section > div > span:nth-child(1) > div"
         },
         petAPIWrapperBar: {
-          selector: "div.swagger-ui div:nth-child(5) > section > div > span:nth-child(1) > div .opblock-tag"
+          selector: "div.swagger-ui div:nth-child(4) > section > div > span:nth-child(1) > div .opblock-tag"
         },
 
         /**
@@ -319,10 +319,10 @@ module.exports = {
          * ***********Store************
          */
         storeAPIWrapper: {
-          selector: "div.swagger-ui div:nth-child(5) > section > div > span:nth-child(2) > div"
+          selector: "div.swagger-ui div:nth-child(4) > section > div > span:nth-child(2) > div"
         },
         storeAPIWrapperBar: {
-          selector: "div.swagger-ui div:nth-child(5) > section > div > span:nth-child(2) > div .opblock-tag"
+          selector: "div.swagger-ui div:nth-child(4) > section > div > span:nth-child(2) > div .opblock-tag"
         },
         /**
          * Get /store/inventory
@@ -418,10 +418,10 @@ module.exports = {
          * *********User**************
          */
         userAPIWrapper: {
-          selector: "div.swagger-ui div:nth-child(5) > section > div > span:nth-child(3) > div"
+          selector: "div.swagger-ui div:nth-child(4) > section > div > span:nth-child(3) > div"
         },
         userAPIWrapperBar: {
-          selector: "div.swagger-ui div:nth-child(5) > section > div > span:nth-child(3) > div .opblock-tag"
+          selector: "div.swagger-ui div:nth-child(4) > section > div > span:nth-child(3) > div .opblock-tag"
         },
         /**
          * Put /user/login

test/e2e-selenium/pages/main.js

@@ -6,11 +6,9 @@ describe("bug #4196: HTTP basic auth credential retention", function () {
             .page.main()
 
         client.waitForElementVisible(".download-url-input:not([disabled])", 5000)
-            .pause(80)
             .clearValue(".download-url-input")
             .setValue(".download-url-input", "http://localhost:3230/test-specs/bugs/4196.yaml")
             .click("button.download-url-button")
-            .pause(1000)
 
         done()
     })
@@ -36,7 +34,7 @@ describe("bug #4196: HTTP basic auth credential retention", function () {
             .waitForElementVisible(`section>input[type="password"]`, 5000)
             .setValue(`section>input[type="password"]`, "bbb") // Set password
             .click(".auth-btn-wrapper button:nth-child(1)") // Click Authorize
-            .pause(5000)
+            .pause(1000)
             .assert.containsText("div.wrapper:nth-child(4)>code", "bbb")
 
         client.end()

test/e2e-selenium/scenarios/bugs/4196.js

@@ -6,7 +6,6 @@ describe("bug #4374: OAS3 parameters should be visibly validated in Try-It-Out",
             .page.main()
 
         client.waitForElementVisible(".download-url-input:not([disabled])", 10000)
-            .pause(1000)
             .clearValue(".download-url-input")
             .setValue(".download-url-input", "/test-specs/bugs/4374.yaml")
             .click("button.download-url-button")

test/e2e-selenium/scenarios/bugs/4374.js

@@ -6,7 +6,6 @@ describe("bug #4409: operationId normalization and layout tracking", function ()
             .page.main()
 
         client.waitForElementVisible(".download-url-input:not([disabled])", 5000)
-            .pause(5000)
             .clearValue(".download-url-input")
             .setValue(".download-url-input", "http://localhost:3230/test-specs/bugs/4409.yaml")
             .click("button.download-url-button")