Address Security issues identified by internal component governance s…

…ervices
microsoft · Nov 15, 2021 · 265b36d · 265b36d
1 parent 6ac63f8
commit 265b36d
Show file tree

Hide file tree

Showing 8 changed files with 12,890 additions and 17,229 deletions.
diff --git a/AISKU/package.json b/AISKU/package.json
@@ -39,7 +39,6 @@
         "@microsoft/applicationinsights-rollup-plugin-uglify3-js": "1.0.0",
         "@microsoft/applicationinsights-rollup-es3": "1.1.3",
         "sinon": "^7.3.1",
-        "chromedriver": "^2.45.0",
         "@microsoft/api-extractor": "^7.18.1",
         "finalhandler": "^1.1.1",
         "grunt": "^1.4.1",

diff --git a/common/config/rush/npm-shrinkwrap.json b/common/config/rush/npm-shrinkwrap.json
diff --git a/extensions/applicationinsights-react-js/package.json b/extensions/applicationinsights-react-js/package.json
@@ -30,18 +30,18 @@
         "@testing-library/react": "^11.2.5",
         "@testing-library/user-event": "^12.8.1",
         "@types/cheerio": "0.22.13",
-        "@types/history": "4.7.2",
-        "@types/jest": "^24.0.11",
+        "@types/history": "^4.7.9",
+        "@types/jest": "^27.0.2",
         "@types/node": "11.13.2",
         "@types/prop-types": "^15.7.3",
         "@types/react": "^16.9.11",
         "@types/react-dom": "^16.9.4",
         "csstype": "~2.6.7",
         "grunt": "^1.4.1",
         "grunt-cli": "^1.4.3",
-        "jest": "^24.7.1",
-        "react": "^17.0.1",
-        "react-dom": "^17.0.1",
+        "jest": "^27.3.1",
+        "react": "^17.0.2",
+        "react-dom": "^17.0.2",
         "globby": "^11.0.0",
         "magic-string": "^0.25.7",
         "@rollup/plugin-commonjs": "^18.0.0",
@@ -50,21 +50,22 @@
         "rollup-plugin-cleanup": "3.2.1",
         "rollup-plugin-peer-deps-external": "^2.2.4",
         "rollup": "^2.32.0",
-        "ts-jest": "^24.0.2",
+        "ts-jest": "^27.0.7",
         "typescript": "^4.3.4",
         "tslib": "^2.0.0",
-        "uglify-js": "^3.11.0"
+        "uglify-js": "^3.11.0",
+        "history": "^5.1.0"
     },
     "dependencies": {
         "@microsoft/applicationinsights-shims": "2.0.0",
         "@microsoft/applicationinsights-core-js": "2.7.1",
         "@microsoft/applicationinsights-common": "2.7.1",
-        "@microsoft/dynamicproto-js": "^1.1.4",
-        "history": "^4.10.1"
+        "@microsoft/dynamicproto-js": "^1.1.4"
     },
     "peerDependencies": {
         "tslib": "*",
-        "react": "^17.0.1"
+        "react": "^17.0.1",
+        "history": ">= 4.10.1"
     },
     "license": "MIT"
 }
diff --git a/extensions/applicationinsights-react-js/src/ReactPlugin.ts b/extensions/applicationinsights-react-js/src/ReactPlugin.ts
@@ -12,7 +12,7 @@ import {
     ITelemetryPluginChain, _InternalMessageId, LoggingSeverity, ICustomProperties, safeGetCookieMgr, ICookieMgr, arrForEach
 } from "@microsoft/applicationinsights-core-js";
 import { IReactExtensionConfig } from './Interfaces/IReactExtensionConfig';
-import { History, LocationListener, Location, Action } from "history";
+import { History, Location, Action, Update } from "history";
 
 export default class ReactPlugin extends BaseTelemetryPlugin {
     public priority = 185;
@@ -116,10 +116,19 @@ export default class ReactPlugin extends BaseTelemetryPlugin {
 
 
     private addHistoryListener(history: History): void {
-        const locationListener: LocationListener = (location: Location, action: Action): void => {
+        const locationListener = (arg: Location | Update): void => {
+            // v4 of the history API passes "location" as the first argument, while v5 passes an object that contains location and action 
+            let locn: Location = null;
+            if ("location" in arg) {
+                // Looks like v5
+                locn = arg["location"];
+            } else {
+                locn = arg as Location;
+            }
+
             // Timeout to ensure any changes to the DOM made by route changes get included in pageView telemetry
             setTimeout(() => {
-                const pageViewTelemetry: IPageViewTelemetry = { uri: location.pathname };
+                const pageViewTelemetry: IPageViewTelemetry = { uri: locn.pathname };
                 this.trackPageView(pageViewTelemetry);
             }, 500);
         };

diff --git a/extensions/applicationinsights-react-js/test/jestconfig.json b/extensions/applicationinsights-react-js/test/jestconfig.json
@@ -3,6 +3,7 @@
     "^.+\\.(t|j)sx?$": "ts-jest"
   },
   "testRegex": "(/__tests__/.*|(\\.|/)(test|spec))\\.(jsx?|tsx?)$",
+  "testEnvironment": "jsdom",
   "moduleFileExtensions": [
     "ts",
     "tsx",

diff --git a/extensions/applicationinsights-react-native/package.json b/extensions/applicationinsights-react-native/package.json
@@ -37,7 +37,7 @@
         "eslint-plugin-node": "^11.1.0",
         "eslint-plugin-promise": "^5.1.0",
         "qunit": "^2.11.2",
-        "react": "^17.0.1",
+        "react": "^17.0.2",
         "react-native": "^0.64.2",
         "react-native-device-info": "^5.6.5",
         "globby": "^11.0.0",

diff --git a/package.json b/package.json
@@ -54,7 +54,7 @@
         "eslint-plugin-security": "^1.4.0",
         "typescript": "^4.3.4",
         "whatwg-fetch": "^3.0.0",
-        "typedoc": "^0.16.9",
+        "typedoc": "^0.22.8",
         "connect": "^3.7.0",
         "puppeteer": "^10.1.0",
         "chromium": "^3.0.2"

diff --git a/rush.json b/rush.json
@@ -1,8 +1,8 @@
 {
   "$schema": "https://developer.microsoft.com/json-schemas/rush/v5/rush.schema.json",
 
-  "npmVersion": "8.1.0",
-  "rushVersion": "5.55.1",
+  "npmVersion": "8.1.3",
+  "rushVersion": "5.56.0",
   "projectFolderMaxDepth": 4,
   "projects": [
     {