fix: update @trivago/prettier-plugin-sort-imports to fix babel vuln…

…erable to arbitrary code execution (#1003) * fix: babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code * style: run prettier format
Refinitiv · Oct 26, 2023 · 11ce611 · 11ce611
1 parent dd0f3ac
commit 11ce611
Show file tree

Hide file tree

Showing 69 changed files with 141 additions and 225 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/packages/configurations/package.json b/packages/configurations/package.json
@@ -22,7 +22,7 @@
   "author": "LSEG",
   "license": "Apache-2.0",
   "peerDependencies": {
-    "@trivago/prettier-plugin-sort-imports": "4.1.0",
+    "@trivago/prettier-plugin-sort-imports": "^4.2.1",
     "@typescript-eslint/eslint-plugin": "^5.37.0",
     "@typescript-eslint/parser": "^5.37.0",
     "eslint": "^8.49.0",

diff --git a/packages/configurations/prettier-config.json b/packages/configurations/prettier-config.json
@@ -9,8 +9,7 @@
     "^@refinitiv-ui/core",
     "^@refinitiv-ui/elements",
     "^@refinitiv-ui/(.*)$",
-    "^[./]",
-    "<TS_TYPES>"
+    "^[./]"
   ],
   "importOrderSeparation": true,
   "importOrderSortSpecifiers": true,

diff --git a/packages/core/src/decorators/custom-element.ts b/packages/core/src/decorators/custom-element.ts
@@ -1,8 +1,7 @@
+import type { ElementConstructor } from '../interfaces/ElementConstructor';
 import { CustomStyleRegistry } from '../registries/CustomStyleRegistry.js';
 import { ElementRegistry } from '../registries/ElementRegistry.js';
 
-import type { ElementConstructor } from '../interfaces/ElementConstructor';
-
 interface ElementOptions {
   /**
    * External theme is required for this element.

diff --git a/packages/core/src/elements/BasicElement.ts b/packages/core/src/elements/BasicElement.ts
@@ -1,15 +1,14 @@
 import { CSSResultArray, LitElement, unsafeCSS } from 'lit';
 
 import { property } from '../decorators/property.js';
+import type { StyleInfo } from '../interfaces/StyleInfo';
 import { ElementRegistry } from '../registries/ElementRegistry.js';
 import { FocusRegistry } from '../registries/FocusRegistry.js';
+import type { CSSValue } from '../types/base';
 import { FocusableHelper } from '../utils/focusableHelper.js';
 import { BasicElementSymbol } from '../utils/helpers.js';
 import { ShadyCSS } from '../utils/shadyStyles.js';
 
-import type { StyleInfo } from '../interfaces/StyleInfo';
-import type { CSSValue } from '../types/base';
-
 const CSS_VARIABLE_REGEXP = /^--\w/;
 const CSS_VARIABLE_REPLACE_REGEXP = /['"]([^'"]+?)['"]/g;
 const NOTIFY_REGEXP = /([a-zA-Z])(?=[A-Z])/g;

diff --git a/packages/core/src/elements/ControlElement.ts b/packages/core/src/elements/ControlElement.ts
@@ -1,10 +1,10 @@
+import type { PropertyValues } from 'lit';
+
 import { property } from '../decorators/property.js';
+import type { ControlProperties as IControlProperties } from '../interfaces/ControlProperties';
 import { WarningNotice } from '../notices/WarningNotice.js';
 import { BasicElement } from './BasicElement.js';
 
-import type { ControlProperties as IControlProperties } from '../interfaces/ControlProperties';
-import type { PropertyValues } from 'lit';
-
 /**
  * Control element base class.
  * Usually used for creating form-style elements.

diff --git a/packages/core/src/index.ts b/packages/core/src/index.ts
@@ -2,17 +2,17 @@
  * Element base classes
  */
 import { BasicElement } from './elements/BasicElement.js';
-import { CustomStyleRegistry } from './registries/CustomStyleRegistry.js';
-import { NativeStyleRegistry } from './registries/NativeStyleRegistry.js';
-import { global } from './utils/global.js';
 
 /**
  * Common interfaces
  */
 import type { MultiValue } from './interfaces/MultiValue';
 import type { StyleInfo } from './interfaces/StyleInfo';
 import type { StyleMap } from './interfaces/StyleMap';
+import { CustomStyleRegistry } from './registries/CustomStyleRegistry.js';
+import { NativeStyleRegistry } from './registries/NativeStyleRegistry.js';
 import type { FocusedChangedEvent } from './types/events';
+import { global } from './utils/global.js';
 
 /* eslint-disable @typescript-eslint/no-unsafe-argument */
 /* eslint-disable @typescript-eslint/no-unsafe-assignment */

diff --git a/packages/core/src/registries/ElementRegistry.ts b/packages/core/src/registries/ElementRegistry.ts
@@ -1,9 +1,8 @@
 import { DuplicateElementError } from '../errors/DuplicateElementError.js';
+import type { ElementConstructor } from '../interfaces/ElementConstructor';
 import { ready } from '../utils/elementReady.js';
 import { CustomStyleRegistry } from './CustomStyleRegistry.js';
 
-import type { ElementConstructor } from '../interfaces/ElementConstructor';
-
 class ElementRegistrationItem {
   creations = 0;
   connections = 0;

diff --git a/packages/core/src/registries/FocusRegistry.ts b/packages/core/src/registries/FocusRegistry.ts
@@ -1,7 +1,6 @@
-import { isBasicElement } from '../utils/helpers.js';
-
 import type { BasicElement } from '../elements/BasicElement';
 import type { FocusedChangedEvent } from '../types/events';
+import { isBasicElement } from '../utils/helpers.js';
 
 const register = new Set<BasicElement>(); /* Track all active elements */
 const focusedMap = new Map<BasicElement, 'visible' | ''>(); /* Track all focused elements */

diff --git a/packages/core/src/utils/focusableHelper.ts b/packages/core/src/utils/focusableHelper.ts
@@ -1,8 +1,7 @@
+import type { BasicElement } from '../elements/BasicElement';
 import { isBasicElement } from './helpers.js';
 import { matches } from './matches.js';
 
-import type { BasicElement } from '../elements/BasicElement';
-
 type DelegatedList = {
   element: BasicElement;
   children: HTMLElement[];

diff --git a/packages/create-efx/template/test/efx-element.test.js b/packages/create-efx/template/test/efx-element.test.js
@@ -6,8 +6,8 @@ import { expect, fixture } from '@refinitiv-ui/test-helpers';
 import '../src/efx-element.ts';
 import '../themes/halo/dark';
 
-describe('EfxElementTest', function() {
-  it('Label and DOM structure is correct', async function() {
+describe('EfxElementTest', function () {
+  it('Label and DOM structure is correct', async function () {
     const el = await fixture('<efx-element></efx-element>');
     await expect(el).shadowDom.to.equalSnapshot({ ignoreAttributes: ['class', 'style'] });
     expect(el.count).to.equal(0);

diff --git a/packages/elements/src/autosuggest/helpers/renderer.ts b/packages/elements/src/autosuggest/helpers/renderer.ts
@@ -1,8 +1,7 @@
 import { uuid } from '@refinitiv-ui/utils/uuid.js';
 
-import { updateElementContent } from './utils.js';
-
 import type { AutosuggestItem, AutosuggestQuery, AutosuggestRenderer, Suggestion } from './types';
+import { updateElementContent } from './utils.js';
 
 /**
  * Build item element from data object

diff --git a/packages/elements/src/autosuggest/index.ts b/packages/elements/src/autosuggest/index.ts
@@ -10,14 +10,12 @@ import { TranslateDirective, TranslatePropertyKey, translate } from '@refinitiv-
 import { AnimationTaskRunner, TimeoutTaskRunner } from '@refinitiv-ui/utils/async.js';
 import { isIE, isMobile } from '@refinitiv-ui/utils/browser.js';
 
+import type { TapEvent } from '../events';
 import '../item/index.js';
 import '../loader/index.js';
 import { Overlay } from '../overlay/index.js';
 import { VERSION } from '../version.js';
 import { renderer } from './helpers/renderer.js';
-import { escapeRegExp, itemHighlightable, queryWordSelect } from './helpers/utils.js';
-
-import type { TapEvent } from '../events';
 import type {
   AutosuggestHighlightItemEvent,
   AutosuggestHighlightable,
@@ -40,6 +38,7 @@ import type {
   SuggestionsFetchRequestedEvent,
   SuggestionsQueryEvent
 } from './helpers/types';
+import { escapeRegExp, itemHighlightable, queryWordSelect } from './helpers/utils.js';
 
 export type {
   AutosuggestTargetElement,