fix: remove mock-local-storage to address CVE on min-document (#1496)
diff --git a/app/core/utils.js b/app/core/utils.js
index d743107..0ba4e66 100644
--- a/app/core/utils.js
+++ b/app/core/utils.js
@@ -120,8 +120,8 @@
localStorageGet: function (key) {
let data;
- if (_.has(window.localStorage, key)) {
- data = window.localStorage[key];
+ if (window.localStorage.getItem(key) != null) {
+ data = window.localStorage.getItem(key);
try {
return JSON.parse(data);
} catch (e) {
diff --git a/jest-setup.js b/jest-setup.js
index c7f01b0..d5f967a 100644
--- a/jest-setup.js
+++ b/jest-setup.js
@@ -12,10 +12,27 @@
require('jest');
require('whatwg-fetch');
-require('mock-local-storage');
+
+function newMockLocalStorage() {
+ let store = {};
+ return {
+ getItem: (key) => {
+ return store[key] || null;
+ },
+ setItem: (key, value) => {
+ store[key] = String(value);
+ },
+ removeItem: (key) => {
+ delete store[key];
+ },
+ clear: () => {
+ store = {};
+ },
+ };
+}
Object.defineProperty(window, 'localStorage', {
- value: global.localStorage,
+ value: newMockLocalStorage(),
configurable:true,
enumerable:true,
writable:true
diff --git a/package-lock.json b/package-lock.json
index 463df59..25c974e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -92,7 +92,6 @@
"jest": "^29.3.1",
"jest-environment-jsdom": "^29.3.1",
"mini-css-extract-plugin": "^2.6.1",
- "mock-local-storage": "^1.1.23",
"nightwatch": "^3.12.0",
"node-fetch": "^2.6.7",
"redux-mock-store": "^1.5.4",
@@ -7142,12 +7141,6 @@
"url": "https://github.com/cheeriojs/dom-serializer?sponsor=1"
}
},
- "node_modules/dom-walk": {
- "version": "0.1.2",
- "resolved": "https://registry.npmjs.org/dom-walk/-/dom-walk-0.1.2.tgz",
- "integrity": "sha512-6QvTW9mrGeIegrFXdtQi9pk7O/nSK6lSdXW2eqUspN5LWD7UTji2Fqw5V2YLjBpHEoU9Xl/eUWNpDeZvoyOv2w==",
- "dev": true
- },
"node_modules/domelementtype": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.2.0.tgz",
@@ -9336,16 +9329,6 @@
"resolved": "https://registry.npmjs.org/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz",
"integrity": "sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw=="
},
- "node_modules/global": {
- "version": "4.4.0",
- "resolved": "https://registry.npmjs.org/global/-/global-4.4.0.tgz",
- "integrity": "sha512-wv/LAoHdRE3BeTGz53FAamhGlPLhlssK45usmGFThIi4XqnBmjKQ16u+RNbP7WvigRZDxUsM0J3gcQ5yicaL0w==",
- "dev": true,
- "dependencies": {
- "min-document": "^2.19.0",
- "process": "^0.11.10"
- }
- },
"node_modules/global-modules": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/global-modules/-/global-modules-1.0.0.tgz",
@@ -13861,15 +13844,6 @@
"node": ">=6"
}
},
- "node_modules/min-document": {
- "version": "2.19.0",
- "resolved": "https://registry.npmjs.org/min-document/-/min-document-2.19.0.tgz",
- "integrity": "sha512-9Wy1B3m3f66bPPmU5hdA4DR4PB2OfDU/+GS3yAB7IQozE3tqXaVv2zOjgla7MEGSRv95+ILmOuvhLkOK6wJtCQ==",
- "dev": true,
- "dependencies": {
- "dom-walk": "^0.1.0"
- }
- },
"node_modules/mini-css-extract-plugin": {
"version": "2.6.1",
"resolved": "https://registry.npmjs.org/mini-css-extract-plugin/-/mini-css-extract-plugin-2.6.1.tgz",
@@ -14233,16 +14207,6 @@
"node": ">=10"
}
},
- "node_modules/mock-local-storage": {
- "version": "1.1.23",
- "resolved": "https://registry.npmjs.org/mock-local-storage/-/mock-local-storage-1.1.23.tgz",
- "integrity": "sha512-G1qWl7Ik017sqB3omvWzazrWC69najuLL8Q4ROnr2clOmwCP/d7HTEHH8v29S+YYouh1mq7wmybrrTbzAf7P6A==",
- "dev": true,
- "dependencies": {
- "core-js": "^3.19.0",
- "global": "^4.3.2"
- }
- },
"node_modules/moment": {
"version": "2.29.4",
"resolved": "https://registry.npmjs.org/moment/-/moment-2.29.4.tgz",
@@ -15845,15 +15809,6 @@
"integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==",
"dev": true
},
- "node_modules/process": {
- "version": "0.11.10",
- "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz",
- "integrity": "sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==",
- "dev": true,
- "engines": {
- "node": ">= 0.6.0"
- }
- },
"node_modules/process-nextick-args": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
@@ -24479,12 +24434,6 @@
"entities": "^2.0.0"
}
},
- "dom-walk": {
- "version": "0.1.2",
- "resolved": "https://registry.npmjs.org/dom-walk/-/dom-walk-0.1.2.tgz",
- "integrity": "sha512-6QvTW9mrGeIegrFXdtQi9pk7O/nSK6lSdXW2eqUspN5LWD7UTji2Fqw5V2YLjBpHEoU9Xl/eUWNpDeZvoyOv2w==",
- "dev": true
- },
"domelementtype": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.2.0.tgz",
@@ -26084,16 +26033,6 @@
"resolved": "https://registry.npmjs.org/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz",
"integrity": "sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw=="
},
- "global": {
- "version": "4.4.0",
- "resolved": "https://registry.npmjs.org/global/-/global-4.4.0.tgz",
- "integrity": "sha512-wv/LAoHdRE3BeTGz53FAamhGlPLhlssK45usmGFThIi4XqnBmjKQ16u+RNbP7WvigRZDxUsM0J3gcQ5yicaL0w==",
- "dev": true,
- "requires": {
- "min-document": "^2.19.0",
- "process": "^0.11.10"
- }
- },
"global-modules": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/global-modules/-/global-modules-1.0.0.tgz",
@@ -29435,15 +29374,6 @@
"integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==",
"dev": true
},
- "min-document": {
- "version": "2.19.0",
- "resolved": "https://registry.npmjs.org/min-document/-/min-document-2.19.0.tgz",
- "integrity": "sha512-9Wy1B3m3f66bPPmU5hdA4DR4PB2OfDU/+GS3yAB7IQozE3tqXaVv2zOjgla7MEGSRv95+ILmOuvhLkOK6wJtCQ==",
- "dev": true,
- "requires": {
- "dom-walk": "^0.1.0"
- }
- },
"mini-css-extract-plugin": {
"version": "2.6.1",
"resolved": "https://registry.npmjs.org/mini-css-extract-plugin/-/mini-css-extract-plugin-2.6.1.tgz",
@@ -29706,16 +29636,6 @@
}
}
},
- "mock-local-storage": {
- "version": "1.1.23",
- "resolved": "https://registry.npmjs.org/mock-local-storage/-/mock-local-storage-1.1.23.tgz",
- "integrity": "sha512-G1qWl7Ik017sqB3omvWzazrWC69najuLL8Q4ROnr2clOmwCP/d7HTEHH8v29S+YYouh1mq7wmybrrTbzAf7P6A==",
- "dev": true,
- "requires": {
- "core-js": "^3.19.0",
- "global": "^4.3.2"
- }
- },
"moment": {
"version": "2.29.4",
"resolved": "https://registry.npmjs.org/moment/-/moment-2.29.4.tgz",
@@ -30890,12 +30810,6 @@
}
}
},
- "process": {
- "version": "0.11.10",
- "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz",
- "integrity": "sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==",
- "dev": true
- },
"process-nextick-args": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
diff --git a/package.json b/package.json
index f002775..4c047d1 100644
--- a/package.json
+++ b/package.json
@@ -50,7 +50,6 @@
"jest": "^29.3.1",
"jest-environment-jsdom": "^29.3.1",
"mini-css-extract-plugin": "^2.6.1",
- "mock-local-storage": "^1.1.23",
"nightwatch": "^3.12.0",
"node-fetch": "^2.6.7",
"redux-mock-store": "^1.5.4",
