From 136e66b1d01abdd8a01941acd563ca16ffb08311 Mon Sep 17 00:00:00 2001 From: Sander Declerck Date: Tue, 31 Mar 2026 09:59:08 +0200 Subject: [PATCH] Pin axios version in tests --- test/e2e/bun.e2e.spec.js | 2 +- test/e2e/certbundle.e2e.spec.js | 26 +++++++++++++------------- test/e2e/npm-ci.e2e.spec.js | 2 +- test/e2e/npm.e2e.spec.js | 2 +- test/e2e/pnpm-ci.e2e.spec.js | 2 +- test/e2e/setup-ci.e2e.spec.js | 2 +- test/e2e/setup.teardown.e2e.spec.js | 6 +++--- test/e2e/yarn-ci.e2e.spec.js | 2 +- test/e2e/yarn.e2e.spec.js | 2 +- 9 files changed, 23 insertions(+), 23 deletions(-) diff --git a/test/e2e/bun.e2e.spec.js b/test/e2e/bun.e2e.spec.js index 044b300..fb6e99a 100644 --- a/test/e2e/bun.e2e.spec.js +++ b/test/e2e/bun.e2e.spec.js @@ -29,7 +29,7 @@ describe("E2E: bun coverage", () => { it(`safe-chain succesfully installs safe packages`, async () => { const shell = await container.openShell("bash"); const result = await shell.runCommand( - "bun i axios --safe-chain-logging=verbose" + "bun i axios@1.13.0 --safe-chain-logging=verbose" ); assert.ok( diff --git a/test/e2e/certbundle.e2e.spec.js b/test/e2e/certbundle.e2e.spec.js index 4b4ad84..9c5102b 100644 --- a/test/e2e/certbundle.e2e.spec.js +++ b/test/e2e/certbundle.e2e.spec.js @@ -32,7 +32,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { // Ensure NODE_EXTRA_CA_CERTS is not set await shell.runCommand("unset NODE_EXTRA_CA_CERTS"); - const result = await shell.runCommand("npm install axios"); + const result = await shell.runCommand("npm install axios@1.13.0"); assert.ok( result.output.includes("added") || result.output.includes("up to date"), @@ -55,7 +55,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { // Set NODE_EXTRA_CA_CERTS and run npm install const result = await shell.runCommand( - "NODE_EXTRA_CA_CERTS=/tmp/valid-certs.pem npm install axios" + "NODE_EXTRA_CA_CERTS=/tmp/valid-certs.pem npm install axios@1.13.0" ); assert.ok( @@ -69,7 +69,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { // Set NODE_EXTRA_CA_CERTS to a non-existent path const result = await shell.runCommand( - 'export NODE_EXTRA_CA_CERTS="/tmp/nonexistent-certs.pem" && npm install axios' + 'export NODE_EXTRA_CA_CERTS="/tmp/nonexistent-certs.pem" && npm install axios@1.13.0' ); // Should still succeed - safe-chain should gracefully handle missing user certs @@ -95,7 +95,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { // Set NODE_EXTRA_CA_CERTS to invalid cert const result = await shell.runCommand( - 'export NODE_EXTRA_CA_CERTS="/tmp/invalid-certs.pem" && npm install axios' + 'export NODE_EXTRA_CA_CERTS="/tmp/invalid-certs.pem" && npm install axios@1.13.0' ); // Should still succeed - safe-chain should skip invalid user certs @@ -116,7 +116,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { // Try to set NODE_EXTRA_CA_CERTS with path traversal const result = await shell.runCommand( - 'export NODE_EXTRA_CA_CERTS="/tmp/../../../etc/passwd" && npm install axios' + 'export NODE_EXTRA_CA_CERTS="/tmp/../../../etc/passwd" && npm install axios@1.13.0' ); // Should still succeed - safe-chain should reject path traversal @@ -133,7 +133,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { await shell.runCommand("touch /tmp/empty-certs.pem"); const result = await shell.runCommand( - 'export NODE_EXTRA_CA_CERTS="/tmp/empty-certs.pem" && npm install axios' + 'export NODE_EXTRA_CA_CERTS="/tmp/empty-certs.pem" && npm install axios@1.13.0' ); // Should still succeed - empty file should be ignored gracefully @@ -150,7 +150,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { await shell.runCommand("mkdir -p /tmp/cert-dir"); const result = await shell.runCommand( - 'export NODE_EXTRA_CA_CERTS="/tmp/cert-dir" && npm install axios' + 'export NODE_EXTRA_CA_CERTS="/tmp/cert-dir" && npm install axios@1.13.0' ); // Should still succeed - directory should be treated as invalid cert file @@ -169,7 +169,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { ); const result = await shell.runCommand( - 'cd /tmp/cert-test && export NODE_EXTRA_CA_CERTS="./certs.pem" && npm install axios' + 'cd /tmp/cert-test && export NODE_EXTRA_CA_CERTS="./certs.pem" && npm install axios@1.13.0' ); // Should still succeed - relative paths should be resolved properly @@ -186,7 +186,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { await shell.runCommand("cp /etc/ssl/certs/ca-certificates.crt /tmp/absolute-certs.pem"); const result = await shell.runCommand( - "NODE_EXTRA_CA_CERTS=/tmp/absolute-certs.pem npm install axios" + "NODE_EXTRA_CA_CERTS=/tmp/absolute-certs.pem npm install axios@1.13.0" ); assert.ok( @@ -202,7 +202,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { await shell.runCommand("cp /etc/ssl/certs/ca-certificates.crt /tmp/merge-certs.pem"); const result = await shell.runCommand( - "NODE_EXTRA_CA_CERTS=/tmp/merge-certs.pem npm install axios lodash" + "NODE_EXTRA_CA_CERTS=/tmp/merge-certs.pem npm install axios@1.13.0 lodash" ); assert.ok( @@ -306,7 +306,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { await shell.runCommand("cp /etc/ssl/certs/ca-certificates.crt /tmp/yarn-certs.pem"); const result = await shell.runCommand( - "NODE_EXTRA_CA_CERTS=/tmp/yarn-certs.pem yarn add axios" + "NODE_EXTRA_CA_CERTS=/tmp/yarn-certs.pem yarn add axios@1.13.0" ); assert.ok( @@ -322,7 +322,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { await shell.runCommand("cp /etc/ssl/certs/ca-certificates.crt /tmp/pnpm-certs.pem"); const result = await shell.runCommand( - "NODE_EXTRA_CA_CERTS=/tmp/pnpm-certs.pem pnpm add axios" + "NODE_EXTRA_CA_CERTS=/tmp/pnpm-certs.pem pnpm add axios@1.13.0" ); assert.ok( @@ -336,7 +336,7 @@ describe("E2E: NODE_EXTRA_CA_CERTS merging", () => { // Create valid cert and run bun in the same command to ensure file exists const result = await shell.runCommand( - "cp /etc/ssl/certs/ca-certificates.crt /tmp/bun-certs.pem && NODE_EXTRA_CA_CERTS=/tmp/bun-certs.pem bun i axios" + "cp /etc/ssl/certs/ca-certificates.crt /tmp/bun-certs.pem && NODE_EXTRA_CA_CERTS=/tmp/bun-certs.pem bun i axios@1.13.0" ); assert.ok( diff --git a/test/e2e/npm-ci.e2e.spec.js b/test/e2e/npm-ci.e2e.spec.js index b78b7ab..1698759 100644 --- a/test/e2e/npm-ci.e2e.spec.js +++ b/test/e2e/npm-ci.e2e.spec.js @@ -34,7 +34,7 @@ describe("E2E: npm coverage using PATH", () => { it(`safe-chain succesfully installs safe packages`, async () => { const shell = await container.openShell("zsh"); const result = await shell.runCommand( - "npm i axios --safe-chain-logging=verbose" + "npm i axios@1.13.0 --safe-chain-logging=verbose" ); assert.ok( diff --git a/test/e2e/npm.e2e.spec.js b/test/e2e/npm.e2e.spec.js index 02bd6ca..e8ba7c8 100644 --- a/test/e2e/npm.e2e.spec.js +++ b/test/e2e/npm.e2e.spec.js @@ -29,7 +29,7 @@ describe("E2E: npm coverage", () => { it(`safe-chain succesfully installs safe packages`, async () => { const shell = await container.openShell("zsh"); const result = await shell.runCommand( - "npm i axios --safe-chain-logging=verbose" + "npm i axios@1.13.0 --safe-chain-logging=verbose" ); assert.ok( diff --git a/test/e2e/pnpm-ci.e2e.spec.js b/test/e2e/pnpm-ci.e2e.spec.js index 29b9d0f..a56bb77 100644 --- a/test/e2e/pnpm-ci.e2e.spec.js +++ b/test/e2e/pnpm-ci.e2e.spec.js @@ -34,7 +34,7 @@ describe("E2E: pnpm coverage", () => { it(`safe-chain succesfully installs safe packages`, async () => { const shell = await container.openShell("zsh"); const result = await shell.runCommand( - "pnpm add axios --safe-chain-logging=verbose" + "pnpm add axios@1.13.0 --safe-chain-logging=verbose" ); assert.ok( diff --git a/test/e2e/setup-ci.e2e.spec.js b/test/e2e/setup-ci.e2e.spec.js index 70aac68..7237b1a 100644 --- a/test/e2e/setup-ci.e2e.spec.js +++ b/test/e2e/setup-ci.e2e.spec.js @@ -40,7 +40,7 @@ describe("E2E: safe-chain setup-ci command", () => { const projectShell = await container.openShell(shell); const result = await projectShell.runCommand( - "npm i axios --safe-chain-logging=verbose" + "npm i axios@1.13.0 --safe-chain-logging=verbose" ); const hasExpectedOutput = result.output.includes("Safe-chain: Scanned"); diff --git a/test/e2e/setup.teardown.e2e.spec.js b/test/e2e/setup.teardown.e2e.spec.js index c6ae337..0ddfaf4 100644 --- a/test/e2e/setup.teardown.e2e.spec.js +++ b/test/e2e/setup.teardown.e2e.spec.js @@ -30,7 +30,7 @@ describe("E2E: safe-chain setup command", () => { const projectShell = await container.openShell(shell); await projectShell.runCommand("cd /testapp"); const result = await projectShell.runCommand( - "npm i axios --safe-chain-logging=verbose" + "npm i axios@1.13.0 --safe-chain-logging=verbose" ); const hasExpectedOutput = result.output.includes("Safe-chain: Scanned"); @@ -50,8 +50,8 @@ describe("E2E: safe-chain setup command", () => { const projectShell = await container.openShell(shell); await projectShell.runCommand("cd /testapp"); - await projectShell.runCommand("npm i axios"); - const result = await projectShell.runCommand("npm i axios"); + await projectShell.runCommand("npm i axios@1.13.0"); + const result = await projectShell.runCommand("npm i axios@1.13.0"); assert.ok( !result.output.includes("Scanning for malicious packages..."), diff --git a/test/e2e/yarn-ci.e2e.spec.js b/test/e2e/yarn-ci.e2e.spec.js index 88b768d..47e2120 100644 --- a/test/e2e/yarn-ci.e2e.spec.js +++ b/test/e2e/yarn-ci.e2e.spec.js @@ -34,7 +34,7 @@ describe("E2E: yarn coverage", () => { it(`safe-chain succesfully installs safe packages`, async () => { const shell = await container.openShell("zsh"); const result = await shell.runCommand( - "yarn add axios --safe-chain-logging=verbose" + "yarn add axios@1.13.0 --safe-chain-logging=verbose" ); assert.ok( diff --git a/test/e2e/yarn.e2e.spec.js b/test/e2e/yarn.e2e.spec.js index 726fff2..5e56d12 100644 --- a/test/e2e/yarn.e2e.spec.js +++ b/test/e2e/yarn.e2e.spec.js @@ -29,7 +29,7 @@ describe("E2E: yarn coverage", () => { it(`safe-chain succesfully installs safe packages`, async () => { const shell = await container.openShell("zsh"); const result = await shell.runCommand( - "yarn add axios --safe-chain-logging=verbose" + "yarn add axios@1.13.0 --safe-chain-logging=verbose" ); assert.ok(