fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 - https://snyk.io/vuln/SNYK-JS-AXIOS-6032459 - https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610 - https://snyk.io/vuln/SNYK-JS-AXIOS-6124857 - https://snyk.io/vuln/SNYK-JS-GOT-2932019
gerardog · gerardog · Sep 24, 2024 · Sep 24, 2024 · c38cb5bf31ba7873b4613f82f70737c81f4580f8
commit c38cb5bf31ba7873b4613f82f70737c81f4580f8
diff --git a/package.json b/package.json
@@ -14,10 +14,10 @@
     "write-heading-ids": "docusaurus write-heading-ids docs"
   },
   "dependencies": {
-    "@docusaurus/core": "^2.4.1",
-    "@docusaurus/plugin-google-gtag": "^2.4.3",
-    "@docusaurus/plugin-sitemap": "^2.4.3",
-    "@docusaurus/preset-classic": "^2.4.1",
+    "@docusaurus/core": "^3.0.1",
+    "@docusaurus/plugin-google-gtag": "^3.0.1",
+    "@docusaurus/plugin-sitemap": "^3.0.1",
+    "@docusaurus/preset-classic": "^3.0.1",
     "@mdx-js/react": "^1.6.22",
     "clsx": "^1.1.1",
     "prism-react-renderer": "^1.3.1",

diff --git a/yarn.lock b/yarn.lock
diff --git a/src/gsudo/Tokens/TokenProvider.cs b/src/gsudo/Tokens/TokenProvider.cs
        public static TokenProvider CreateFromLogin(string user, string password)
        {
            throw new NotImplementedException();
            var tm = new TokenProvider();
            return tm.Duplicate(MAXIMUM_ALLOWED);
        }

diff --git a/src/gsudo/ProcessRenderers/TokenSwitchRenderer.cs b/src/gsudo/ProcessRenderers/TokenSwitchRenderer.cs
            {
                System.Environment.CurrentDirectory = elevationRequest.StartFolder;
            }
            catch (UnauthorizedAccessException ex)
            {
                throw new ApplicationException($"User \"{WindowsIdentity.GetCurrent().Name}\" can not access directory \"{elevationRequest.StartFolder}\"");
            }
diff --git a/src/gsudo/Helpers/ServiceHelper.cs b/src/gsudo/Helpers/ServiceHelper.cs
            return service;
        }

        public static async Task<ServiceLocation> FindAnyServiceFast()
        {
            string user = WindowsIdentity.GetCurrent().User.Value;
            var callerProcessId = Process.GetCurrentProcess().Id;
diff --git a/src/gsudo/ProcessHosts/AttachedConsoleHost.cs b/src/gsudo/ProcessHosts/AttachedConsoleHost.cs
                        {
                            System.Environment.CurrentDirectory = elevationRequest.StartFolder;
                        }
                        catch (UnauthorizedAccessException ex)
                        {
                            throw new ApplicationException($"User \"{WindowsIdentity.GetCurrent().Name}\" can not access directory \"{elevationRequest.StartFolder}\"");
                        }
diff --git a/src/gsudo/InputParameters.cs b/src/gsudo/InputParameters.cs
        public static bool Direct { get; internal set; }

        // Target Integrity Level
        public static IntegrityLevel? IntegrityLevel { get; internal set; }

        // Elevate as "NT Authority\System" 
        public static bool RunAsSystem { get; internal set; }
diff --git a/src/gsudo/AppSettings/PathPrecedenceSetting.cs b/src/gsudo/AppSettings/PathPrecedenceSetting.cs
            SendNotifyMessage(HWND_BROADCAST, WM_SETTINGCHANGE, UIntPtr.Zero, "Environment");
        }

        [DllImport("user32.dll", CharSet = CharSet.Auto)]
        private static extern bool SendNotifyMessage(
            IntPtr hWnd, uint Msg, UIntPtr wParam, string lParam);

diff --git a/src/gsudo/Commands/StatusCommand.cs b/src/gsudo/Commands/StatusCommand.cs
            if (Value is string)
                return ($"\"{Value.ToString().Replace("\\", "\\\\")}\"");
            else if (Value is bool)
                return ($"{Value.ToString().ToLowerInvariant()}");
            else if (Value is Array)
            {
                var sb = new StringBuilder();
diff --git a/src/gsudo/Commands/ServiceCommand.cs b/src/gsudo/Commands/ServiceCommand.cs
            {
                Logger.Instance.Log("This service is not running with desired credentials. Starting a new service instance.", LogLevel.Info);
 #if DEBUG
                await Task.Delay(2000);
 #endif
                ServiceHelper.StartService(AllowedPid, CacheDuration, AllowedSid, SingleUse);
                return 0;
diff --git a/src/gsudo/Helpers/UACWindowFocusHelper.cs b/src/gsudo/Helpers/UACWindowFocusHelper.cs
 {
    internal class UACWindowFocusHelper
    {
        [DllImport("user32.dll", SetLastError = true)]
        private static extern IntPtr FindWindow(string lpClassName, string lpWindowName);

        internal static void StartBackgroundThreadToFocusUacWindow()
                    if (uacWindow != IntPtr.Zero)
                    {
                        // Set focus to the UAC window
                        WindowApi.SetForegroundWindow(uacWindow);
                        return;
                    }
                }
	public static TokenProvider CreateFromLogin(string user, string password)
	{
	throw new NotImplementedException();
	var tm = new TokenProvider();
Check warning on line 122 in src/gsudo/Tokens/TokenProvider.cs GitHub Actions / Test `Unreachable code detected` Check warning on line 122 in src/gsudo/Tokens/TokenProvider.cs GitHub Actions / Test `Unreachable code detected`
	return tm.Duplicate(MAXIMUM_ALLOWED);
	}
	{
	System.Environment.CurrentDirectory = elevationRequest.StartFolder;
	}
	catch (UnauthorizedAccessException ex)
Check warning on line 64 in src/gsudo/ProcessRenderers/TokenSwitchRenderer.cs GitHub Actions / Test `The variable 'ex' is declared but never used` Check warning on line 64 in src/gsudo/ProcessRenderers/TokenSwitchRenderer.cs GitHub Actions / Test `The variable 'ex' is declared but never used`
	{
	throw new ApplicationException($"User \"{WindowsIdentity.GetCurrent().Name}\" can not access directory \"{elevationRequest.StartFolder}\"");
	}
	return service;
	}

	public static async Task<ServiceLocation> FindAnyServiceFast()
Check warning on line 53 in src/gsudo/Helpers/ServiceHelper.cs GitHub Actions / Test `This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread.` Check warning on line 53 in src/gsudo/Helpers/ServiceHelper.cs GitHub Actions / Test `This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread.`
	{
	string user = WindowsIdentity.GetCurrent().User.Value;
	var callerProcessId = Process.GetCurrentProcess().Id;
	{
	System.Environment.CurrentDirectory = elevationRequest.StartFolder;
	}
	catch (UnauthorizedAccessException ex)
Check warning on line 38 in src/gsudo/ProcessHosts/AttachedConsoleHost.cs GitHub Actions / Test `The variable 'ex' is declared but never used` Check warning on line 38 in src/gsudo/ProcessHosts/AttachedConsoleHost.cs GitHub Actions / Test `The variable 'ex' is declared but never used`
	{
	throw new ApplicationException($"User \"{WindowsIdentity.GetCurrent().Name}\" can not access directory \"{elevationRequest.StartFolder}\"");
	}
	public static bool Direct { get; internal set; }

	// Target Integrity Level
	public static IntegrityLevel? IntegrityLevel { get; internal set; }
Check warning on line 32 in src/gsudo/InputParameters.cs GitHub Actions / Test `The property name 'IntegrityLevel' is confusing given the existence of method 'GetIntegrityLevel'. Rename or remove one of these members. (https://docs.microsoft.com/visualstudio/code-quality/ca1721-property-names-should-not-match-get-methods)` Check warning on line 32 in src/gsudo/InputParameters.cs GitHub Actions / Test `The property name 'IntegrityLevel' is confusing given the existence of method 'GetIntegrityLevel'. Rename or remove one of these members. (https://docs.microsoft.com/visualstudio/code-quality/ca1721-property-names-should-not-match-get-methods)`

	// Elevate as "NT Authority\System"
	public static bool RunAsSystem { get; internal set; }
	SendNotifyMessage(HWND_BROADCAST, WM_SETTINGCHANGE, UIntPtr.Zero, "Environment");
	}

	[DllImport("user32.dll", CharSet = CharSet.Auto)]
Check warning on line 60 in src/gsudo/AppSettings/PathPrecedenceSetting.cs GitHub Actions / Test `Specify marshaling for P/Invoke string arguments (https://docs.microsoft.com/visualstudio/code-quality/ca2101-specify-marshaling-for-p-invoke-string-arguments)` Check warning on line 60 in src/gsudo/AppSettings/PathPrecedenceSetting.cs GitHub Actions / Test `Specify marshaling for P/Invoke string arguments (https://docs.microsoft.com/visualstudio/code-quality/ca2101-specify-marshaling-for-p-invoke-string-arguments)`
	private static extern bool SendNotifyMessage(
	IntPtr hWnd, uint Msg, UIntPtr wParam, string lParam);
	if (Value is string)
	return ($"\"{Value.ToString().Replace("\\", "\\\\")}\"");
	else if (Value is bool)
	return ($"{Value.ToString().ToLowerInvariant()}");
Check warning on line 99 in src/gsudo/Commands/StatusCommand.cs GitHub Actions / Test `In method 'GetJsonValue', replace the call to 'ToLowerInvariant' with 'ToUpperInvariant'. (https://docs.microsoft.com/visualstudio/code-quality/ca1308-normalize-strings-to-uppercase)` Check warning on line 99 in src/gsudo/Commands/StatusCommand.cs GitHub Actions / Test `In method 'GetJsonValue', replace the call to 'ToLowerInvariant' with 'ToUpperInvariant'. (https://docs.microsoft.com/visualstudio/code-quality/ca1308-normalize-strings-to-uppercase)`
	else if (Value is Array)
	{
	var sb = new StringBuilder();
	{
	Logger.Instance.Log("This service is not running with desired credentials. Starting a new service instance.", LogLevel.Info);
	#if DEBUG
	await Task.Delay(2000);
Check warning on line 64 in src/gsudo/Commands/ServiceCommand.cs GitHub Actions / Test `Consider calling ConfigureAwait on the awaited task (https://docs.microsoft.com/visualstudio/code-quality/ca2007-do-not-directly-await-task)` Check warning on line 64 in src/gsudo/Commands/ServiceCommand.cs GitHub Actions / Test `Consider calling ConfigureAwait on the awaited task (https://docs.microsoft.com/visualstudio/code-quality/ca2007-do-not-directly-await-task)`
	#endif
	ServiceHelper.StartService(AllowedPid, CacheDuration, AllowedSid, SingleUse);
	return 0;
	{
	internal class UACWindowFocusHelper
	{
	[DllImport("user32.dll", SetLastError = true)]
Check warning on line 10 in src/gsudo/Helpers/UACWindowFocusHelper.cs GitHub Actions / Test `Specify marshaling for P/Invoke string arguments (https://docs.microsoft.com/visualstudio/code-quality/ca2101-specify-marshaling-for-p-invoke-string-arguments)` Check warning on line 10 in src/gsudo/Helpers/UACWindowFocusHelper.cs GitHub Actions / Test `Specify marshaling for P/Invoke string arguments (https://docs.microsoft.com/visualstudio/code-quality/ca2101-specify-marshaling-for-p-invoke-string-arguments)`
	private static extern IntPtr FindWindow(string lpClassName, string lpWindowName);

	internal static void StartBackgroundThreadToFocusUacWindow()
	if (uacWindow != IntPtr.Zero)
	{
	// Set focus to the UAC window
	WindowApi.SetForegroundWindow(uacWindow);
Check warning on line 35 in src/gsudo/Helpers/UACWindowFocusHelper.cs GitHub Actions / Test `FocusUacWindow calls SetForegroundWindow but does not use the HRESULT or error code that the method returns. This could lead to unexpected behavior in error conditions or low-resource situations. Use the result in a conditional statement, assign the result to a variable, or pass it as an argument to another method. (https://docs.microsoft.com/visualstudio/code-quality/ca1806-do-not-ignore-method-results)` Check warning on line 35 in src/gsudo/Helpers/UACWindowFocusHelper.cs GitHub Actions / Test `FocusUacWindow calls SetForegroundWindow but does not use the HRESULT or error code that the method returns. This could lead to unexpected behavior in error conditions or low-resource situations. Use the result in a conditional statement, assign the result to a variable, or pass it as an argument to another method. (https://docs.microsoft.com/visualstudio/code-quality/ca1806-do-not-ignore-method-results)`
	return;
	}
	}