From 228ae270c500bdcedff70f6eec308cb372ed4007 Mon Sep 17 00:00:00 2001 From: Jani Kraner Date: Thu, 19 Dec 2024 16:05:27 +0000 Subject: [PATCH] replace cbor-js with cbor 2 new package, esm --- .../javascripts/esm/authenticate-security-key.mjs | 7 ++++--- .../javascripts/esm/register-security-key.mjs | 5 +++-- package-lock.json | 13 ++++++++----- package.json | 2 +- rollup.config.mjs | 2 -- 5 files changed, 16 insertions(+), 13 deletions(-) diff --git a/app/assets/javascripts/esm/authenticate-security-key.mjs b/app/assets/javascripts/esm/authenticate-security-key.mjs index 0dea5383fb..5bbbd589e0 100644 --- a/app/assets/javascripts/esm/authenticate-security-key.mjs +++ b/app/assets/javascripts/esm/authenticate-security-key.mjs @@ -1,5 +1,6 @@ import { isSupported } from 'govuk-frontend'; import ErrorBanner from './error-banner.mjs'; +import { decode, encode } from 'cbor2'; // This new way of writing Javascript components is based on the GOV.UK Frontend skeleton Javascript coding standard // that uses ES2015 Classes - @@ -34,7 +35,7 @@ class AuthenticateSecurityKey { return response.arrayBuffer(); }) .then(data => { - var options = window.CBOR.decode(data); + var options = decode(new Uint8Array(data)); // triggers browser dialogue to login with authenticator return window.navigator.credentials.get(options); }) @@ -65,7 +66,7 @@ class AuthenticateSecurityKey { return response.arrayBuffer(); }) .then(cbor => { - return Promise.resolve(window.CBOR.decode(cbor)); + return Promise.resolve(decode(new Uint8Array(cbor))); }) .then(data => { window.location.assign(data.redirect_url); @@ -81,7 +82,7 @@ class AuthenticateSecurityKey { return fetch(this.authenticatePath, { method: 'POST', headers: { 'X-CSRFToken': csrf_token }, - body: window.CBOR.encode({ + body: encode({ credentialId: new Uint8Array(credential.rawId), authenticatorData: new Uint8Array(credential.response.authenticatorData), signature: new Uint8Array(credential.response.signature), diff --git a/app/assets/javascripts/esm/register-security-key.mjs b/app/assets/javascripts/esm/register-security-key.mjs index c3df26c991..480c3e03e4 100644 --- a/app/assets/javascripts/esm/register-security-key.mjs +++ b/app/assets/javascripts/esm/register-security-key.mjs @@ -1,5 +1,6 @@ import { isSupported } from 'govuk-frontend'; import ErrorBanner from './error-banner.mjs'; +import { decode, encode } from 'cbor2'; // This new way of writing Javascript components is based on the GOV.UK Frontend skeleton Javascript coding standard // that uses ES2015 Classes - @@ -34,7 +35,7 @@ class RegisterSecurityKey { return response.arrayBuffer(); }) .then((data) => { - var options = window.CBOR.decode(data); + var options = decode(new Uint8Array(data)); // triggers browser dialogue to select authenticator return window.navigator.credentials.create(options); }) @@ -61,7 +62,7 @@ class RegisterSecurityKey { return fetch(this.registerPath, { method: 'POST', headers: { 'X-CSRFToken': csrf_token }, - body: window.CBOR.encode({ + body: encode({ attestationObject: new Uint8Array(response.attestationObject), clientDataJSON: new Uint8Array(response.clientDataJSON), }) diff --git a/package-lock.json b/package-lock.json index a636da3ea8..7fb66429bf 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "0.0.1", "license": "MIT", "dependencies": { - "cbor-js": "0.1.0", + "cbor2": "^1.8.0", "govuk-frontend": "5.7.1", "jquery": "3.5.0", "morphdom": "2.6.1", @@ -3879,10 +3879,13 @@ } ] }, - "node_modules/cbor-js": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/cbor-js/-/cbor-js-0.1.0.tgz", - "integrity": "sha512-7sQ/TvDZPl7csT1Sif9G0+MA0I0JOVah8+wWlJVQdVEgIbCzlN/ab3x+uvMNsc34TUvO6osQTAmB2ls80JX6tw==" + "node_modules/cbor2": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/cbor2/-/cbor2-1.8.0.tgz", + "integrity": "sha512-CsrHAWXBDEUlc2VsIfLveHZlAmsle8QH8sDIoBqBsq5GuP37FasoRklcnLCxKY+wT+IdQlI2eSRAgP1SZKjChg==", + "engines": { + "node": ">=18" + } }, "node_modules/chalk": { "version": "2.4.2", diff --git a/package.json b/package.json index 1e818cd21f..63b0c92d74 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ "license": "MIT", "homepage": "https://github.com/alphagov/notifications-admin#readme", "dependencies": { - "cbor-js": "0.1.0", + "cbor2": "^1.8.0", "govuk-frontend": "5.7.1", "jquery": "3.5.0", "morphdom": "2.6.1", diff --git a/rollup.config.mjs b/rollup.config.mjs index dab8b34a0c..9c062b831d 100644 --- a/rollup.config.mjs +++ b/rollup.config.mjs @@ -80,7 +80,6 @@ export default [ paths.npm + 'query-command-supported/dist/queryCommandSupported.min.js', paths.npm + 'timeago/jquery.timeago.js', paths.npm + 'textarea-caret/index.js', - paths.npm + 'cbor-js/cbor.js', paths.src + 'javascripts/modules.js', paths.src + 'javascripts/govuk-frontend-toolkit/show-hide-content.js', paths.src + 'javascripts/stick-to-window-when-scrolling.js', @@ -110,7 +109,6 @@ export default [ }, moduleContext: { './node_modules/jquery/dist/jquery.min.js': 'window', - './node_modules/cbor-js/cbor.js': 'window', }, plugins: [ nodeResolve(),