deps: [email protected]

Author: wraithgar

node_modules/tuf-js/dist/error.js

@@ -40,6 +40,7 @@ class DownloadLengthMismatchError extends DownloadError {
 exports.DownloadLengthMismatchError = DownloadLengthMismatchError;
 // Returned by FetcherInterface implementations for HTTP errors.
 class DownloadHTTPError extends DownloadError {
+    statusCode;
     constructor(message, statusCode) {
         super(message);
         this.statusCode = statusCode;

node_modules/tuf-js/dist/fetcher.js

@@ -25,16 +25,16 @@ class BaseFetcher {
             // the length of the file as we go
             try {
                 for await (const chunk of reader) {
-                    const bufferChunk = Buffer.from(chunk);
-                    numberOfBytesReceived += bufferChunk.length;
+                    numberOfBytesReceived += chunk.length;
                     if (numberOfBytesReceived > maxLength) {
                         throw new error_1.DownloadLengthMismatchError('Max length reached');
                     }
-                    await writeBufferToStream(fileStream, bufferChunk);
+                    await writeBufferToStream(fileStream, chunk);
                 }
             }
             finally {
                 // Make sure we always close the stream
+                // eslint-disable-next-line @typescript-eslint/unbound-method
                 await util_1.default.promisify(fileStream.close).bind(fileStream)();
             }
             return handler(tmpFile);
@@ -54,6 +54,8 @@ class BaseFetcher {
 }
 exports.BaseFetcher = BaseFetcher;
 class DefaultFetcher extends BaseFetcher {
+    timeout;
+    retry;
     constructor(options = {}) {
         super();
         this.timeout = options.timeout;

node_modules/tuf-js/dist/store.js

@@ -4,8 +4,9 @@ exports.TrustedMetadataStore = void 0;
 const models_1 = require("@tufjs/models");
 const error_1 = require("./error");
 class TrustedMetadataStore {
+    trustedSet = {};
+    referenceTime;
     constructor(rootData) {
-        this.trustedSet = {};
         // Client workflow 5.1: record fixed update start time
         this.referenceTime = new Date();
         // Client workflow 5.2: load trusted root metadata
@@ -30,7 +31,9 @@ class TrustedMetadataStore {
         return this.trustedSet[name];
     }
     updateRoot(bytesBuffer) {
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
         const data = JSON.parse(bytesBuffer.toString('utf8'));
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
         const newRoot = models_1.Metadata.fromJSON(models_1.MetadataKind.Root, data);
         if (newRoot.signed.type != models_1.MetadataKind.Root) {
             throw new error_1.RepositoryError(`Expected 'root', got ${newRoot.signed.type}`);
@@ -54,7 +57,9 @@ class TrustedMetadataStore {
         if (this.root.signed.isExpired(this.referenceTime)) {
             throw new error_1.ExpiredMetadataError('Final root.json is expired');
         }
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
         const data = JSON.parse(bytesBuffer.toString('utf8'));
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
         const newTimestamp = models_1.Metadata.fromJSON(models_1.MetadataKind.Timestamp, data);
         if (newTimestamp.signed.type != models_1.MetadataKind.Timestamp) {
             throw new error_1.RepositoryError(`Expected 'timestamp', got ${newTimestamp.signed.type}`);
@@ -102,7 +107,9 @@ class TrustedMetadataStore {
         if (!trusted) {
             snapshotMeta.verify(bytesBuffer);
         }
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
         const data = JSON.parse(bytesBuffer.toString('utf8'));
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
         const newSnapshot = models_1.Metadata.fromJSON(models_1.MetadataKind.Snapshot, data);
         if (newSnapshot.signed.type != models_1.MetadataKind.Snapshot) {
             throw new error_1.RepositoryError(`Expected 'snapshot', got ${newSnapshot.signed.type}`);
@@ -147,7 +154,9 @@ class TrustedMetadataStore {
         }
         // Client workflow 5.6.2: check against snapshot role's targets hash
         meta.verify(bytesBuffer);
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
         const data = JSON.parse(bytesBuffer.toString('utf8'));
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
         const newDelegate = models_1.Metadata.fromJSON(models_1.MetadataKind.Targets, data);
         if (newDelegate.signed.type != models_1.MetadataKind.Targets) {
             throw new error_1.RepositoryError(`Expected 'targets', got ${newDelegate.signed.type}`);
@@ -168,7 +177,9 @@ class TrustedMetadataStore {
     // Verifies and loads data as trusted root metadata.
     // Note that an expired initial root is still considered valid.
     loadTrustedRoot(bytesBuffer) {
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
         const data = JSON.parse(bytesBuffer.toString('utf8'));
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
         const root = models_1.Metadata.fromJSON(models_1.MetadataKind.Root, data);
         if (root.signed.type != models_1.MetadataKind.Root) {
             throw new error_1.RepositoryError(`Expected 'root', got ${root.signed.type}`);

node_modules/tuf-js/dist/updater.js

@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -38,6 +48,14 @@ const store_1 = require("./store");
 const url = __importStar(require("./utils/url"));
 const log = (0, debug_1.default)('tuf:cache');
 class Updater {
+    dir;
+    metadataBaseUrl;
+    targetDir;
+    targetBaseUrl;
+    forceCache;
+    trustedSet;
+    config;
+    fetcher;
     constructor(options) {
         const { metadataDir, metadataBaseUrl, targetDir, targetBaseUrl, fetcher, config, } = options;
         this.dir = metadataDir;

node_modules/tuf-js/package.json

@@ -1,12 +1,12 @@
 {
   "name": "tuf-js",
-  "version": "3.0.1",
+  "version": "3.1.0",
   "description": "JavaScript implementation of The Update Framework (TUF)",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "scripts": {
-    "build": "tsc --build",
-    "clean": "rm -rf dist && rm tsconfig.tsbuildinfo",
+    "build": "tsc --build tsconfig.build.json",
+    "clean": "rm -rf dist && rm tsconfig.build.tsbuildinfo",
     "test": "jest"
   },
   "repository": {
@@ -34,8 +34,8 @@
   },
   "dependencies": {
     "@tufjs/models": "3.0.1",
-    "debug": "^4.3.6",
-    "make-fetch-happen": "^14.0.1"
+    "debug": "^4.4.1",
+    "make-fetch-happen": "^14.0.3"
   },
   "engines": {
     "node": "^18.17.0 || >=20.5.0"

package-lock.json

@@ -17763,14 +17763,15 @@
       }
     },
     "node_modules/tuf-js": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/tuf-js/-/tuf-js-3.0.1.tgz",
-      "integrity": "sha512-+68OP1ZzSF84rTckf3FA95vJ1Zlx/uaXyiiKyPd1pA4rZNkpEvDAKmsu1xUSmbF/chCRYgZ6UZkDwC7PmzmAyA==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/tuf-js/-/tuf-js-3.1.0.tgz",
+      "integrity": "sha512-3T3T04WzowbwV2FDiGXBbr81t64g1MUGGJRgT4x5o97N+8ArdhVCAF9IxFrxuSJmM3E5Asn7nKHkao0ibcZXAg==",
       "inBundle": true,
+      "license": "MIT",
       "dependencies": {
         "@tufjs/models": "3.0.1",
-        "debug": "^4.3.6",
-        "make-fetch-happen": "^14.0.1"
+        "debug": "^4.4.1",
+        "make-fetch-happen": "^14.0.3"
       },
       "engines": {
         "node": "^18.17.0 || >=20.5.0"