diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ab177cee8..cc46c1c5d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -28,7 +28,7 @@ jobs: # Produces SBOM and CVE report # Helps understand vulnerabilities / license compliance across third party dependencies - id: sca-project - uses: Kong/public-shared-actions/security-actions/sca@2f02738ecb1670f01391162e43fe3f5d4e7942a1 # v2.2.2 + uses: Kong/public-shared-actions/security-actions/sca@a18abf762d6e2444bcbfd20de70451ea1e3bc1b1 with: dir: ${{ github.repository }} upload-sbom-release-assets: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 20d87aedc..8e357624a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: token: ${{ secrets.PAT_INSOMNIA_INFRA }} - name: Configure Git user - uses: Homebrew/actions/git-user-config@master + uses: Homebrew/actions/git-user-config@266845213695c3047d210b2e8fbc42ecdaf45802 # master with: username: ${{ (github.event_name == 'workflow_dispatch' && github.actor) || 'insomnia-infra' }} @@ -48,7 +48,7 @@ jobs: git push origin master - name: Create Tag and Release - uses: ncipollo/release-action@v1 + uses: ncipollo/release-action@440c8c1cb0ed28b9f43e4d1d670870f059653174 # v1 id: core_tag_and_release with: tag: v${{ env.TAG }} diff --git a/.github/workflows/sast.yml b/.github/workflows/sast.yml index 92cfb5440..0236f5170 100644 --- a/.github/workflows/sast.yml +++ b/.github/workflows/sast.yml @@ -22,4 +22,4 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: Kong/public-shared-actions/security-actions/semgrep@bd3d75259607dd015bea3b3313123f53b80e9d7f + - uses: Kong/public-shared-actions/security-actions/semgrep@a18abf762d6e2444bcbfd20de70451ea1e3bc1b1 diff --git a/package-lock.json b/package-lock.json index 63aab7397..5d4e0bf4e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,18 +1,18 @@ { "name": "httpsnippet", - "version": "3.0.6", + "version": "3.0.9", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "httpsnippet", - "version": "3.0.6", + "version": "3.0.9", "license": "MIT", "dependencies": { "chalk": "^4.1.2", "event-stream": "4.0.1", "form-data": "4.0.0", - "har-schema": "^2.0.0", + "har-validator-compiled": "^1.0.0", "stringify-object": "3.3.0", "yargs": "^17.4.0" }, @@ -2721,12 +2721,11 @@ "dev": true, "license": "ISC" }, - "node_modules/har-schema": { - "version": "2.0.0", - "license": "ISC", - "engines": { - "node": ">=4" - } + "node_modules/har-validator-compiled": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/har-validator-compiled/-/har-validator-compiled-1.0.0.tgz", + "integrity": "sha512-dher7nFSx+Ef6OoqVveLClh8itAR3vd8Qx70Lh/hEgP1iGeARAolbci7Y8JBrHIYgFCT6xRdvvL16AR9Zh07Dw==", + "license": "MIT" }, "node_modules/has": { "version": "1.0.3", @@ -7100,8 +7099,10 @@ "version": "4.2.9", "dev": true }, - "har-schema": { - "version": "2.0.0" + "har-validator-compiled": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/har-validator-compiled/-/har-validator-compiled-1.0.0.tgz", + "integrity": "sha512-dher7nFSx+Ef6OoqVveLClh8itAR3vd8Qx70Lh/hEgP1iGeARAolbci7Y8JBrHIYgFCT6xRdvvL16AR9Zh07Dw==" }, "has": { "version": "1.0.3", diff --git a/package.json b/package.json index f433d8226..633a44149 100644 --- a/package.json +++ b/package.json @@ -1,5 +1,5 @@ { - "version": "3.0.6", + "version": "3.0.9", "name": "httpsnippet", "description": "HTTP Request snippet generator for *most* languages", "author": "Kong ", @@ -89,7 +89,7 @@ "chalk": "^4.1.2", "event-stream": "4.0.1", "form-data": "4.0.0", - "har-schema": "^2.0.0", + "har-validator-compiled": "^1.0.0", "stringify-object": "3.3.0", "yargs": "^17.4.0" } diff --git a/src/helpers/har-validator.ts b/src/helpers/har-validator.ts deleted file mode 100644 index 45d802717..000000000 --- a/src/helpers/har-validator.ts +++ /dev/null @@ -1,31 +0,0 @@ -import Ajv, { ErrorObject } from 'ajv'; -import { Request } from 'har-format'; -import * as schema from 'har-schema'; - -export class HARError extends Error { - name = 'HARError'; - message = 'validation failed'; - errors: ErrorObject[] = []; - constructor(errors: ErrorObject[]) { - super(); - this.errors = errors; - Error.captureStackTrace(this, this.constructor); - } -} - -const ajv = new Ajv({ - allErrors: true, -}); -ajv.addSchema(schema); - -export const validateHarRequest = (request: any): request is Request => { - const validate = ajv.getSchema('request.json'); - if (!validate) { - throw new Error('failed to find HAR request schema'); - } - const valid = validate(request); - if (!valid && validate.errors) { - throw new HARError(validate.errors); - } - return true; -}; diff --git a/src/httpsnippet.test.ts b/src/httpsnippet.test.ts index c945d6cd7..5eab435f5 100644 --- a/src/httpsnippet.test.ts +++ b/src/httpsnippet.test.ts @@ -19,7 +19,7 @@ describe('hTTPSnippet', () => { // @ts-expect-error intentionally incorrect const attempt = () => new HTTPSnippet({ ziltoid: 'the omniscient' }); - expect(attempt).toThrow('validation failed'); + expect(attempt).toThrow('Validation Failed'); }); it('should parse HAR file with multiple entries', () => { diff --git a/src/httpsnippet.ts b/src/httpsnippet.ts index 8cb5ccd75..c46157b3d 100644 --- a/src/httpsnippet.ts +++ b/src/httpsnippet.ts @@ -1,11 +1,11 @@ import { map as eventStreamMap } from 'event-stream'; -import FormData from 'form-data'; +import FormData from 'form-data/lib/form_data'; import { Param, PostDataCommon, Request as NpmHarRequest } from 'har-format'; +import { validateRequest } from 'har-validator-compiled'; import { stringify as queryStringify } from 'querystring'; import { format as urlFormat, parse as urlParse, UrlWithParsedQuery } from 'url'; import { formDataIterator, isBlob } from './helpers/form-data'; -import { validateHarRequest } from './helpers/har-validator'; import { getHeaderName } from './helpers/headers'; import { ReducedHelperObject, reducer } from './helpers/reducer'; import { ClientId, TargetId, targets } from './targets/targets'; @@ -13,6 +13,13 @@ import { ClientId, TargetId, targets } from './targets/targets'; export { availableTargets, extname } from './helpers/utils'; export { addTarget, addTargetClient } from './targets/targets'; +// We're implementing the logic for which FormData object to use, ourselves. +// This allows us to use the native FormData object in the browser and the `form-data` module in Node, +// instead of relying on the package entrypoint to handle that. +const resolveFormData = + // @ts-expect-error — we're only using window.FormData if it exists + typeof window !== 'undefined' && window.FormData ? window.FormData : FormData; + const DEBUG_MODE = false; const debug = { @@ -106,7 +113,7 @@ export class HTTPSnippet { }, }; - if (validateHarRequest(req)) { + if (validateRequest(req)) { this.requests.push(this.prepare(req)); } }); @@ -174,7 +181,7 @@ export class HTTPSnippet { request.postData.mimeType = 'multipart/form-data'; if (request.postData?.params) { - const form = new FormData(); + const form = new resolveFormData(); // The `form-data` module returns one of two things: a native FormData object, or its own polyfill // Since the polyfill does not support the full API of the native FormData object, when this library is running in a browser environment it'll fail on two things: @@ -186,7 +193,6 @@ export class HTTPSnippet { // Since the native FormData object is iterable, we easily detect what version of `form-data` we're working with here to allow `multipart/form-data` requests to be compiled under both browser and Node environments. // // This hack is pretty awful but it's the only way we can use this library in the browser as if we code this against just the native FormData object, we can't polyfill that back into Node because Blob and File objects, which something like `formdata-polyfill` requires, don't exist there. - // @ts-expect-error TODO const isNativeFormData = typeof form[Symbol.iterator] === 'function'; // TODO: THIS ABSOLUTELY MUST BE REMOVED. @@ -194,7 +200,6 @@ export class HTTPSnippet { // easter egg const boundary = '---011000010111000001101001'; // this is binary for "api". yep. if (!isNativeFormData) { - // @ts-expect-error THIS IS WRONG. VERY WRONG. form._boundary = boundary; } @@ -205,16 +210,13 @@ export class HTTPSnippet { if (isNativeFormData) { if (isBlob(value)) { - // @ts-expect-error TODO form.append(name, value, filename); } else { form.append(name, value); } } else { form.append(name, value, { - // @ts-expect-error TODO filename, - // @ts-expect-error TODO contentType: param.contentType || null, }); } diff --git a/src/index.ts b/src/index.ts index 3a865a770..9b3bf4544 100644 --- a/src/index.ts +++ b/src/index.ts @@ -1,6 +1,5 @@ export { CodeBuilder, CodeBuilderOptions, PostProcessor } from './helpers/code-builder'; export { EscapeOptions, escapeString } from './helpers/escape'; -export { HARError, validateHarRequest } from './helpers/har-validator'; export { getHeader, getHeaderName } from './helpers/headers'; export { AvailableTarget, availableTargets, extname } from './helpers/utils'; export { diff --git a/src/targets/csharp/restsharp/client.ts b/src/targets/csharp/restsharp/client.ts index 15f2a6e83..c37df19cb 100644 --- a/src/targets/csharp/restsharp/client.ts +++ b/src/targets/csharp/restsharp/client.ts @@ -20,8 +20,15 @@ export const restsharp: Client = { return 'Method not supported'; } + function toPascalCase(str: string): string { + return str.replace( + /\w+/g, + word => word.charAt(0).toUpperCase() + word.slice(1).toLowerCase(), + ); + } + push(`var client = new RestClient("${fullUrl}");`); - push(`var request = new RestRequest(Method.${method.toUpperCase()});`); + push(`var request = new RestRequest("", Method.${toPascalCase(method)});`); // Add headers, including the cookies @@ -39,7 +46,7 @@ export const restsharp: Client = { push(`request.AddParameter("${header}", ${text}, ParameterType.RequestBody);`); } - push('IRestResponse response = client.Execute(request);'); + push('var response = client.Execute(request);'); return join(); }, }; diff --git a/src/targets/csharp/restsharp/fixtures/application-form-encoded.cs b/src/targets/csharp/restsharp/fixtures/application-form-encoded.cs index 4e4744d01..50f004de6 100644 --- a/src/targets/csharp/restsharp/fixtures/application-form-encoded.cs +++ b/src/targets/csharp/restsharp/fixtures/application-form-encoded.cs @@ -1,5 +1,5 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddHeader("content-type", "application/x-www-form-urlencoded"); request.AddParameter("application/x-www-form-urlencoded", "foo=bar&hello=world", ParameterType.RequestBody); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/application-json.cs b/src/targets/csharp/restsharp/fixtures/application-json.cs index 2ee8c46f1..c766a25bf 100644 --- a/src/targets/csharp/restsharp/fixtures/application-json.cs +++ b/src/targets/csharp/restsharp/fixtures/application-json.cs @@ -1,5 +1,5 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddHeader("content-type", "application/json"); request.AddParameter("application/json", "{\"number\":1,\"string\":\"f\\\"oo\",\"arr\":[1,2,3],\"nested\":{\"a\":\"b\"},\"arr_mix\":[1,\"a\",{\"arr_mix_nested\":{}}],\"boolean\":false}", ParameterType.RequestBody); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/cookies.cs b/src/targets/csharp/restsharp/fixtures/cookies.cs index f0489b650..c4de96e38 100644 --- a/src/targets/csharp/restsharp/fixtures/cookies.cs +++ b/src/targets/csharp/restsharp/fixtures/cookies.cs @@ -1,5 +1,5 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddCookie("foo", "bar"); request.AddCookie("bar", "baz"); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/full.cs b/src/targets/csharp/restsharp/fixtures/full.cs index 14b52d976..d4f618902 100644 --- a/src/targets/csharp/restsharp/fixtures/full.cs +++ b/src/targets/csharp/restsharp/fixtures/full.cs @@ -1,8 +1,8 @@ var client = new RestClient("http://mockbin.com/har?foo=bar&foo=baz&baz=abc&key=value"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddHeader("accept", "application/json"); request.AddHeader("content-type", "application/x-www-form-urlencoded"); request.AddCookie("foo", "bar"); request.AddCookie("bar", "baz"); request.AddParameter("application/x-www-form-urlencoded", "foo=bar", ParameterType.RequestBody); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/headers.cs b/src/targets/csharp/restsharp/fixtures/headers.cs index 9a02c6db5..3368e9549 100644 --- a/src/targets/csharp/restsharp/fixtures/headers.cs +++ b/src/targets/csharp/restsharp/fixtures/headers.cs @@ -1,6 +1,6 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.GET); +var request = new RestRequest("", Method.Get); request.AddHeader("accept", "application/json"); request.AddHeader("x-foo", "Bar"); request.AddHeader("quoted-value", "\"quoted\" 'string'"); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/https.cs b/src/targets/csharp/restsharp/fixtures/https.cs index 05a369073..1c284c6e3 100644 --- a/src/targets/csharp/restsharp/fixtures/https.cs +++ b/src/targets/csharp/restsharp/fixtures/https.cs @@ -1,3 +1,3 @@ var client = new RestClient("https://mockbin.com/har"); -var request = new RestRequest(Method.GET); -IRestResponse response = client.Execute(request); \ No newline at end of file +var request = new RestRequest("", Method.Get); +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/jsonObj-multiline.cs b/src/targets/csharp/restsharp/fixtures/jsonObj-multiline.cs index 14fbe7778..aefed7789 100644 --- a/src/targets/csharp/restsharp/fixtures/jsonObj-multiline.cs +++ b/src/targets/csharp/restsharp/fixtures/jsonObj-multiline.cs @@ -1,5 +1,5 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddHeader("content-type", "application/json"); request.AddParameter("application/json", "{\n \"foo\": \"bar\"\n}", ParameterType.RequestBody); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/jsonObj-null-value.cs b/src/targets/csharp/restsharp/fixtures/jsonObj-null-value.cs index 36b092c94..8ec7f936b 100644 --- a/src/targets/csharp/restsharp/fixtures/jsonObj-null-value.cs +++ b/src/targets/csharp/restsharp/fixtures/jsonObj-null-value.cs @@ -1,5 +1,5 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddHeader("content-type", "application/json"); request.AddParameter("application/json", "{\"foo\":null}", ParameterType.RequestBody); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/multipart-data.cs b/src/targets/csharp/restsharp/fixtures/multipart-data.cs index 7c95fe632..f769b7104 100644 --- a/src/targets/csharp/restsharp/fixtures/multipart-data.cs +++ b/src/targets/csharp/restsharp/fixtures/multipart-data.cs @@ -1,5 +1,5 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddHeader("content-type", "multipart/form-data; boundary=---011000010111000001101001"); request.AddParameter("multipart/form-data; boundary=---011000010111000001101001", "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"foo\"; filename=\"hello.txt\"\r\nContent-Type: text/plain\r\n\r\nHello World\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"bar\"\r\n\r\nBonjour le monde\r\n-----011000010111000001101001--\r\n", ParameterType.RequestBody); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/multipart-file.cs b/src/targets/csharp/restsharp/fixtures/multipart-file.cs index 47758542c..ad5ee10f4 100644 --- a/src/targets/csharp/restsharp/fixtures/multipart-file.cs +++ b/src/targets/csharp/restsharp/fixtures/multipart-file.cs @@ -1,5 +1,5 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddHeader("content-type", "multipart/form-data; boundary=---011000010111000001101001"); request.AddParameter("multipart/form-data; boundary=---011000010111000001101001", "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"foo\"; filename=\"hello.txt\"\r\nContent-Type: text/plain\r\n\r\n\r\n-----011000010111000001101001--\r\n", ParameterType.RequestBody); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/multipart-form-data-no-params.cs b/src/targets/csharp/restsharp/fixtures/multipart-form-data-no-params.cs index be2fcac1f..2dda3e2a5 100644 --- a/src/targets/csharp/restsharp/fixtures/multipart-form-data-no-params.cs +++ b/src/targets/csharp/restsharp/fixtures/multipart-form-data-no-params.cs @@ -1,4 +1,4 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddHeader("Content-Type", "multipart/form-data"); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/multipart-form-data.cs b/src/targets/csharp/restsharp/fixtures/multipart-form-data.cs index 9eb6893b6..5fa2dabf8 100644 --- a/src/targets/csharp/restsharp/fixtures/multipart-form-data.cs +++ b/src/targets/csharp/restsharp/fixtures/multipart-form-data.cs @@ -1,5 +1,5 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddHeader("Content-Type", "multipart/form-data; boundary=---011000010111000001101001"); request.AddParameter("multipart/form-data; boundary=---011000010111000001101001", "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"foo\"\r\n\r\nbar\r\n-----011000010111000001101001--\r\n", ParameterType.RequestBody); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/nested.cs b/src/targets/csharp/restsharp/fixtures/nested.cs index e28bf3190..33af293f3 100644 --- a/src/targets/csharp/restsharp/fixtures/nested.cs +++ b/src/targets/csharp/restsharp/fixtures/nested.cs @@ -1,3 +1,3 @@ var client = new RestClient("http://mockbin.com/har?foo%5Bbar%5D=baz%2Czap&fiz=buz&key=value"); -var request = new RestRequest(Method.GET); -IRestResponse response = client.Execute(request); \ No newline at end of file +var request = new RestRequest("", Method.Get); +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/query.cs b/src/targets/csharp/restsharp/fixtures/query.cs index 3e3112c02..82d87b1f5 100644 --- a/src/targets/csharp/restsharp/fixtures/query.cs +++ b/src/targets/csharp/restsharp/fixtures/query.cs @@ -1,3 +1,3 @@ var client = new RestClient("http://mockbin.com/har?foo=bar&foo=baz&baz=abc&key=value"); -var request = new RestRequest(Method.GET); -IRestResponse response = client.Execute(request); \ No newline at end of file +var request = new RestRequest("", Method.Get); +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/short.cs b/src/targets/csharp/restsharp/fixtures/short.cs index b644539c4..b62d43441 100644 --- a/src/targets/csharp/restsharp/fixtures/short.cs +++ b/src/targets/csharp/restsharp/fixtures/short.cs @@ -1,3 +1,3 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.GET); -IRestResponse response = client.Execute(request); \ No newline at end of file +var request = new RestRequest("", Method.Get); +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/csharp/restsharp/fixtures/text-plain.cs b/src/targets/csharp/restsharp/fixtures/text-plain.cs index a0a672de6..cd180a8f7 100644 --- a/src/targets/csharp/restsharp/fixtures/text-plain.cs +++ b/src/targets/csharp/restsharp/fixtures/text-plain.cs @@ -1,5 +1,5 @@ var client = new RestClient("http://mockbin.com/har"); -var request = new RestRequest(Method.POST); +var request = new RestRequest("", Method.Post); request.AddHeader("content-type", "text/plain"); request.AddParameter("text/plain", "Hello World", ParameterType.RequestBody); -IRestResponse response = client.Execute(request); \ No newline at end of file +var response = client.Execute(request); \ No newline at end of file diff --git a/src/targets/har-schema.d.ts b/src/targets/har-schema.d.ts deleted file mode 100644 index 1df95659e..000000000 --- a/src/targets/har-schema.d.ts +++ /dev/null @@ -1,4 +0,0 @@ -declare module 'har-schema' { - const schema: object; - export default schema; -} diff --git a/src/types/form-data.d.ts b/src/types/form-data.d.ts new file mode 100644 index 000000000..0f43ed74b --- /dev/null +++ b/src/types/form-data.d.ts @@ -0,0 +1,4 @@ +declare module 'form-data/lib/form_data' { + import FormData from 'form-data'; + export default FormData; +}