Update to Sailor 2.7.1 (#72)

A3a3e1 · web-flow · commit e925a9b77736 · 2023-02-09T12:00:04.000+02:00
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -2,7 +2,7 @@ version: 2.1
 parameters:
   node-version:
     type: string
-    default: "16.13.2"
+    default: "18.13.0"
 orbs:
   node: circleci/node@5.0.0
   slack: circleci/slack@4.5.3
@@ -72,7 +72,7 @@ commands:
 jobs:
   test:
     docker: # run the steps with Docker
-      - image: cimg/base:stable
+      - image: cimg/node:18.13.0
     steps:
       - checkout
       - node/install:
@@ -82,13 +82,13 @@ jobs:
           override-ci-command: npm install
       - run:
           name: Audit Dependencies
-          command: npm audit --production --audit-level=high
+          command: npm run audit
       - run:
           name: test
           command: npm test
   build:
     docker:
-      - image: cimg/base:stable
+      - image: cimg/node:18.13.0
         user: root
     steps:
       - checkout
@@ -118,6 +118,8 @@ workflows:
     jobs:
       - build:
           name: "Build and publish docker image"
+          context:
+            - componentspusher
           filters:
             branches:
               ignore: /.*/
diff --git a/.grype-ignore.yaml b/.grype-ignore.yaml
@@ -0,0 +1,10 @@
+ignore:
+  - vulnerability: CVE-2022-3996
+    package:
+      name: libssl3
+      version: 3.0.7-r0
+
+  - vulnerability: CVE-2022-3996
+    package:
+      name: libcrypto3
+      version: 3.0.7-r0
diff --git a/.nsprc b/.nsprc
@@ -0,0 +1,14 @@
+{
+  "GHSA-27h2-hvpr-p74q": {
+    "active": true,
+     "notes": "We don't use verify function from jsonwebtoken, so not affected"
+  },
+  "GHSA-wc69-rhjr-hc9g": {
+    "active": true,
+    "notes": "Bunyan library set only new Date to momentjs as parameter"
+  },
+  "GHSA-hrpp-h998-j3pp": {
+    "active": true,
+    "notes": "There is no query-string user input in sailor"
+  }
+}
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.2.9 (February 10, 2023)
+
+* Update Sailor version to 2.7.1
+
 ## 1.2.8 (April 08, 2022)
 
 * Update Sailor version to 2.6.27
diff --git a/component.json b/component.json
@@ -1,6 +1,6 @@
 {
     "title": "Node.js Code",
-    "version": "1.2.8",
+    "version": "1.2.9",
     "description": "You can write your own code and deploy it as part of integration process.",
     "docsUrl": "http://go2.elastic.io/code-component",
     "fields": {
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"title": "Node.js Code",`
`3`		`- "version": "1.2.8",`
	`3`	`+ "version": "1.2.9",`
`4`	`4`	`"description": "You can write your own code and deploy it as part of integration process.",`
`5`	`5`	`"docsUrl": "http://go2.elastic.io/code-component",`
`6`	`6`	`"fields": {`