From 3459d1f7340218e4433333aa0c9d9b246cd5fb9b Mon Sep 17 00:00:00 2001 From: Tom Proctor Date: Thu, 3 Nov 2022 14:04:53 +0000 Subject: [PATCH] backport of commit fdd6c029914261447944c5ad01ee92dd0a2607c0 --- .circleci/config.yml | 22 +- .circleci/config/executors/@executors.yml | 2 +- .../enos-run-matrices/artifactory-ent.json | 20 +- .../enos-run-matrices/artifactory-oss.json | 16 +- .github/enos-run-matrices/crt-ent.json | 10 +- .github/enos-run-matrices/crt-oss.json | 8 +- .github/enos-run-matrices/ent.json | 24 + .github/enos-run-matrices/oss.json | 20 + .github/workflows/backport.yml | 4 +- .github/workflows/build-vault-oss.yml | 111 + .github/workflows/build.yml | 358 +- .github/workflows/enos-fmt.yml | 2 +- .github/workflows/enos-run.yml | 8 +- .github/workflows/enos-verify-stable.yml | 8 +- .github/workflows/remove-labels.yml | 19 - .go-version | 2 +- .release/ci.hcl | 1 + CHANGELOG.md | 231 +- CODEOWNERS | 8 +- Dockerfile | 2 +- LICENSE | 2 - Makefile | 62 +- api/auth/approle/go.mod | 2 +- api/auth/approle/go.sum | 4 +- api/auth/aws/go.mod | 2 +- api/auth/aws/go.sum | 4 +- api/auth/azure/go.mod | 2 +- api/auth/azure/go.sum | 4 +- api/auth/gcp/go.mod | 2 +- api/auth/gcp/go.sum | 2 - api/auth/kubernetes/go.mod | 2 +- api/auth/kubernetes/go.sum | 4 +- api/auth/ldap/go.mod | 2 +- api/auth/ldap/go.sum | 4 +- api/auth/userpass/go.mod | 2 +- api/auth/userpass/go.sum | 4 +- api/go.mod | 4 +- api/go.sum | 12 +- api/kv_test.go | 61 +- api/kv_v2.go | 44 +- api/logical.go | 53 +- api/sys_mounts.go | 64 +- builtin/credential/approle/backend_test.go | 10 +- builtin/credential/approle/path_login.go | 2 +- builtin/credential/approle/path_role.go | 44 +- builtin/credential/approle/path_role_test.go | 2 +- builtin/credential/approle/validation.go | 2 +- builtin/credential/cert/backend_test.go | 15 + builtin/credential/cert/path_login.go | 2 +- builtin/credential/ldap/backend.go | 4 +- builtin/credential/okta/path_login.go | 6 +- builtin/credential/radius/backend_test.go | 105 +- builtin/credential/userpass/path_login.go | 20 +- builtin/logical/aws/backend_test.go | 30 +- builtin/logical/aws/secret_access_keys.go | 54 +- builtin/logical/aws/stepwise_test.go | 5 +- builtin/logical/database/rotation_test.go | 2 + builtin/logical/pki/backend_test.go | 33 +- builtin/logical/pki/chain_util.go | 44 +- builtin/logical/pki/config_util.go | 94 +- builtin/logical/pki/integation_test.go | 103 + builtin/logical/pki/path_config_ca.go | 49 +- builtin/logical/pki/path_fetch.go | 15 - builtin/logical/pki/path_manage_issuers.go | 21 + builtin/logical/pki/path_root.go | 10 + builtin/logical/pki/path_tidy_test.go | 29 - builtin/logical/pki/storage.go | 21 +- builtin/logical/pki/storage_migrations.go | 19 +- .../logical/pki/storage_migrations_test.go | 187 +- builtin/logical/pki/storage_test.go | 22 +- builtin/logical/pki/zlint_test.go | 188 - builtin/logical/rabbitmq/backend_test.go | 2 +- builtin/logical/ssh/backend_test.go | 12 +- builtin/logical/ssh/path_fetch.go | 2 +- builtin/logical/ssh/path_issue_sign.go | 40 +- builtin/logical/transit/backend_test.go | 141 - builtin/logical/transit/path_decrypt.go | 31 +- builtin/logical/transit/path_encrypt.go | 53 +- builtin/logical/transit/path_sign_verify.go | 33 +- .../logical/transit/path_sign_verify_test.go | 5 +- changelog/12166.txt | 3 - changelog/14945.txt | 3 - changelog/15869.txt | 3 - changelog/16224.txt | 3 - changelog/16622.txt | 3 - changelog/16688.txt | 3 + changelog/16700.txt | 3 - changelog/16872.txt | 3 - changelog/16982.txt | 3 - changelog/17086.txt | 3 - changelog/17104.txt | 4 - changelog/17167.txt | 6 - changelog/17186.txt | 3 - changelog/17187.txt | 3 - changelog/17265.txt | 3 - changelog/17289.txt | 3 - changelog/17308.txt | 3 - changelog/17338.txt | 3 - changelog/17339.txt | 3 - changelog/17376.txt | 3 - changelog/17395.txt | 3 - changelog/17406.txt | 3 - changelog/17459.txt | 3 - changelog/17499.txt | 3 - changelog/17514.txt | 3 - changelog/17540.txt | 4 - changelog/17612.txt | 3 - changelog/17636.txt | 3 - changelog/17638.txt | 3 - changelog/17650.txt | 3 - changelog/17678.txt | 3 - changelog/17747.txt | 3 - changelog/17752.txt | 3 - changelog/17768.txt | 3 - changelog/17772.txt | 3 + changelog/17774.txt | 3 - changelog/17801.txt | 4 + changelog/17816.txt | 3 + changelog/17824.txt | 3 + changelog/17914.txt | 3 + changelog/17944.txt | 3 + changelog/17950.txt | 3 + changelog/18011.txt | 3 + changelog/18030.txt | 3 + changelog/18086.txt | 3 + changelog/_go-ver-1122.txt | 3 + changelog/_go-ver-1130.txt | 3 - changelog/plugin-versioning.txt | 3 - command/agent/approle_end_to_end_test.go | 48 - command/agent/config/config_test.go | 2 +- command/auth_tune.go | 81 +- command/base.go | 19 +- command/base_helpers.go | 17 - command/commands.go | 13 - command/format.go | 22 - command/kv_metadata_patch.go | 2 +- command/kv_metadata_put.go | 2 +- command/kv_test.go | 1 - command/login.go | 2 +- command/main.go | 3 +- command/operator_diagnose.go | 37 +- command/operator_init.go | 12 - command/patch.go | 135 - command/patch_test.go | 202 - command/pgp_test.go | 4 +- command/read.go | 35 +- command/server.go | 41 +- command/server/config_test.go | 4 - command/server/config_test_helpers.go | 62 - .../server/server_seal_transit_acc_test.go | 5 +- command/server/tls_util.go | 13 +- command/server_util.go | 6 +- command/util.go | 2 +- command/write.go | 5 - enos/enos-modules.hcl | 35 + enos/enos-scenario-agent.hcl | 220 + enos/enos-scenario-autopilot.hcl | 67 +- enos/enos-scenario-smoke.hcl | 130 +- enos/enos-scenario-upgrade.hcl | 72 +- enos/modules/build_crt/main.tf | 2 +- enos/modules/build_local/main.tf | 16 +- enos/modules/build_local/scripts/build.sh | 12 + enos/modules/build_local/templates/build.sh | 39 - .../get_local_metadata/scripts/build_date.sh | 10 +- .../get_local_metadata/scripts/version.sh | 10 +- .../get_local_version_from_make/main.tf | 15 + .../scripts/version.sh | 10 + enos/modules/vault-verify-replication/main.tf | 31 + .../templates/smoke-verify-replication.sh | 28 + .../vault-verify-replication/variables.tf | 24 + enos/modules/vault-verify-ui/main.tf | 31 + .../templates/smoke-verify-ui.sh | 14 + enos/modules/vault-verify-ui/variables.tf | 19 + enos/modules/vault-verify-write-data/main.tf | 50 + .../templates/smoke-enable-secrets-kv.sh | 37 + .../templates/smoke-write-test-data.sh | 39 + .../vault-verify-write-data/variables.tf | 25 + enos/modules/vault_agent/main.tf | 67 + .../templates/set-up-approle-and-agent.sh | 92 + .../vault_artifactory_artifact/locals.tf | 28 +- .../vault_artifactory_artifact/main.tf | 2 +- .../vault_artifactory_artifact/variables.tf | 2 +- enos/modules/vault_upgrade/main.tf | 8 +- .../modules/vault_verify_agent_output/main.tf | 53 + .../templates/verify-vault-agent-output.sh | 13 + go.mod | 21 +- go.sum | 36 +- helper/forwarding/types.pb.go | 2 +- helper/identity/mfa/types.pb.go | 2 +- helper/identity/types.pb.go | 2 +- helper/pgpkeys/encrypt_decrypt.go | 4 +- helper/pgpkeys/flag.go | 2 +- helper/pgpkeys/flag_test.go | 4 +- helper/pgpkeys/keybase.go | 2 +- helper/pgpkeys/keybase_test.go | 4 +- helper/storagepacker/types.pb.go | 2 +- .../testhelpers/cassandra/cassandrahelper.go | 7 +- helper/testhelpers/consul/consulhelper.go | 2 +- helper/testhelpers/docker/testhelpers.go | 391 +- .../fakegcsserver/fake-gcs-server.go | 2 +- helper/testhelpers/ldap/ldaphelper.go | 2 +- helper/testhelpers/minio/miniohelper.go | 2 +- helper/testhelpers/mongodb/mongodbhelper.go | 102 +- helper/testhelpers/mysql/mysqlhelper.go | 9 +- .../postgresql/postgresqlhelper.go | 77 +- helper/testhelpers/testhelpers.go | 4 +- http/handler.go | 10 - internalshared/configutil/config.go | 25 - internalshared/configutil/kms.go | 18 +- internalshared/configutil/merge.go | 7 - internalshared/configutil/userlockout.go | 186 - internalshared/configutil/userlockout_test.go | 69 - physical/aerospike/aerospike_test.go | 2 +- physical/cockroachdb/cockroachdb_test.go | 2 +- physical/couchdb/couchdb_test.go | 3 +- physical/dynamodb/dynamodb_test.go | 2 +- physical/raft/fsm.go | 2 - physical/raft/raft.go | 45 +- physical/raft/raft_autopilot.go | 22 +- physical/raft/raft_test.go | 66 + physical/raft/types.pb.go | 2 +- .../mongodb/connection_producer_test.go | 19 +- plugins/database/mongodb/mongodb_test.go | 13 +- .../database/postgresql/postgresql_test.go | 144 +- scripts/build.sh | 4 +- scripts/build_date.sh | 6 - scripts/crt-builder.sh | 234 + scripts/gen_openapi.sh | 94 +- scripts/version.sh | 12 - sdk/database/dbplugin/database.pb.go | 2 +- sdk/database/dbplugin/v5/proto/database.pb.go | 2 +- sdk/go.mod | 2 +- sdk/go.sum | 12 +- sdk/helper/certutil/helpers.go | 7 +- sdk/helper/consts/consts.go | 2 - sdk/helper/keysutil/consts.go | 7 +- sdk/helper/keysutil/policy.go | 74 +- sdk/helper/keysutil/policy_test.go | 89 - sdk/helper/pluginutil/multiplexing.pb.go | 2 +- sdk/logical/error.go | 5 - sdk/logical/identity.pb.go | 2 +- sdk/logical/plugin.pb.go | 2 +- sdk/logical/response.go | 3 +- sdk/logical/response_util.go | 22 - sdk/logical/response_util_test.go | 12 - sdk/logical/version.pb.go | 2 +- sdk/physical/cache.go | 1 + sdk/plugin/grpc_system_test.go | 4 + sdk/plugin/pb/backend.pb.go | 2 +- sdk/version/version_base.go | 4 +- ui/.ember-cli | 8 +- ui/.eslintignore | 4 +- ui/.eslintrc.js | 4 +- ui/.github/workflows/ci.yml | 45 - ui/.gitignore | 6 - ui/.prettierignore | 4 - ui/.template-lintrc.js | 6 +- ui/.yarn/releases/yarn-1.22.19.js | 175346 --------------- ui/.yarnrc | 4 +- ui/README.md | 20 +- ui/app/adapters/auth-method.js | 8 +- ui/app/adapters/generated-item-list.js | 3 - ui/app/adapters/keymgmt/key.js | 3 - ui/app/adapters/pki/pki-certificate-engine.js | 3 - ui/app/adapters/pki/pki-issuer-engine.js | 27 - ui/app/adapters/pki/pki-key-engine.js | 27 - ui/app/adapters/pki/pki-role-engine.js | 55 +- ui/app/adapters/secret-engine.js | 1 - ui/app/adapters/secret-v2-version.js | 4 - ui/app/components/auth-config-form/options.js | 2 - ui/app/components/auth-form.js | 1 + ui/app/components/calendar-widget.js | 2 +- ui/app/components/clients/line-chart.js | 3 +- ui/app/components/configure-aws-secret.js | 6 +- ui/app/components/configure-ssh-secret.js | 3 +- ui/app/components/database-role-edit.js | 4 +- ui/app/components/diff-version-selector.js | 6 +- ui/app/components/flash-message.js | 19 +- ui/app/components/generate-credentials.js | 4 +- ui/app/components/get-credentials-card.js | 25 +- ui/app/components/kv-object-editor.js | 12 +- ui/app/components/mount-backend-form.js | 4 +- ui/app/components/oidc-consent-block.js | 2 +- ui/app/components/oidc/provider-form.js | 13 +- ui/app/components/pki/config-pki-ca.js | 2 +- ui/app/components/raft-join.js | 3 +- ui/app/components/secret-create-or-update.js | 16 +- ui/app/components/secret-edit.js | 17 +- ui/app/components/transform-role-edit.js | 3 - ui/app/components/transformation-edit.js | 3 - ui/app/components/transit-key-actions.js | 6 +- ui/app/components/wrap-ttl.js | 4 +- ui/app/controllers/vault/cluster.js | 1 - .../vault/cluster/access/methods.js | 3 - .../vault/cluster/access/mfa/methods.js | 4 +- .../cluster/access/mfa/methods/create.js | 1 - .../cluster/access/oidc/keys/key/details.js | 1 - ui/app/controllers/vault/cluster/auth.js | 4 +- .../vault/cluster/secrets/backends.js | 2 - .../settings/configure-secret-backend.js | 27 +- ui/app/helpers/parse-pki-cert.js | 2 +- ui/app/index.html | 1 + ui/app/initializers/deprecation-filter.js | 2 +- ui/app/models/auth-method.js | 20 +- ui/app/models/cluster.js | 9 +- ui/app/models/database/role.js | 3 +- ui/app/models/identity/entity.js | 1 - ui/app/models/identity/group.js | 4 - ui/app/models/keymgmt/provider.js | 6 - ui/app/models/mfa-login-enforcement.js | 3 - ui/app/models/mfa-method.js | 1 - ui/app/models/mount-config.js | 48 +- ui/app/models/mount-options.js | 13 + ui/app/models/pki/pki-certificate-engine.js | 10 - ui/app/models/pki/pki-issuer-engine.js | 51 - ui/app/models/pki/pki-key-engine.js | 10 - ui/app/models/pki/pki-role-engine.js | 300 +- ui/app/models/replication-attributes.js | 5 +- ui/app/models/secret-engine.js | 29 +- ui/app/models/test-form-model.js | 4 +- ui/app/models/transform.js | 3 +- ui/app/models/transform/role.js | 2 +- ui/app/models/transform/template.js | 1 - ui/app/modifiers/code-mirror.js | 5 +- ui/app/routes/application.js | 2 +- ui/app/routes/vault.js | 3 - .../cluster/access/control-group-accessor.js | 1 - .../access/control-groups-configure.js | 1 - .../vault/cluster/access/control-groups.js | 1 - .../cluster/access/identity/aliases/add.js | 3 - .../cluster/access/identity/aliases/edit.js | 3 - .../cluster/access/identity/aliases/index.js | 5 - .../cluster/access/identity/aliases/show.js | 3 - .../vault/cluster/access/identity/create.js | 3 - .../vault/cluster/access/identity/edit.js | 3 - .../vault/cluster/access/identity/index.js | 3 - .../vault/cluster/access/identity/merge.js | 4 - .../vault/cluster/access/identity/show.js | 3 - ui/app/routes/vault/cluster/access/leases.js | 3 - .../vault/cluster/access/leases/list.js | 3 - .../vault/cluster/access/leases/show.js | 4 +- ui/app/routes/vault/cluster/access/method.js | 2 - .../cluster/access/method/item/create.js | 3 - .../vault/cluster/access/method/item/edit.js | 3 - .../vault/cluster/access/method/item/list.js | 3 - .../vault/cluster/access/method/item/show.js | 2 - ui/app/routes/vault/cluster/access/methods.js | 3 - .../cluster/access/mfa/enforcements/index.js | 3 - .../routes/vault/cluster/access/mfa/index.js | 3 - .../vault/cluster/access/mfa/methods/index.js | 1 - .../cluster/access/mfa/methods/method.js | 4 - .../vault/cluster/access/namespaces/create.js | 3 - .../vault/cluster/access/namespaces/index.js | 5 - .../access/oidc/assignments/assignment.js | 3 - .../cluster/access/oidc/assignments/create.js | 3 - .../cluster/access/oidc/assignments/index.js | 2 - .../cluster/access/oidc/clients/client.js | 3 - .../access/oidc/clients/client/providers.js | 3 - .../cluster/access/oidc/clients/create.js | 3 - .../cluster/access/oidc/clients/index.js | 1 - .../routes/vault/cluster/access/oidc/index.js | 1 - .../vault/cluster/access/oidc/keys/create.js | 3 - .../vault/cluster/access/oidc/keys/index.js | 4 - .../vault/cluster/access/oidc/keys/key.js | 3 - .../cluster/access/oidc/keys/key/clients.js | 3 - .../cluster/access/oidc/providers/create.js | 3 - .../cluster/access/oidc/providers/index.js | 3 - .../cluster/access/oidc/providers/provider.js | 3 - .../access/oidc/providers/provider/clients.js | 3 - .../cluster/access/oidc/scopes/create.js | 3 - .../vault/cluster/access/oidc/scopes/index.js | 3 - .../vault/cluster/access/oidc/scopes/scope.js | 3 - ui/app/routes/vault/cluster/clients.js | 8 +- ui/app/routes/vault/cluster/clients/config.js | 4 - .../routes/vault/cluster/clients/current.js | 3 - ui/app/routes/vault/cluster/clients/edit.js | 3 - .../routes/vault/cluster/clients/history.js | 5 +- ui/app/routes/vault/cluster/license.js | 2 - ui/app/routes/vault/cluster/oidc-provider.js | 2 +- .../routes/vault/cluster/policies/create.js | 2 - ui/app/routes/vault/cluster/policies/index.js | 2 - ui/app/routes/vault/cluster/policy/show.js | 3 - .../routes/vault/cluster/secrets/backend.js | 2 - .../cluster/secrets/backend/create-root.js | 1 - .../vault/cluster/secrets/backend/list.js | 3 - .../vault/cluster/secrets/backend/overview.js | 11 - .../cluster/secrets/backend/secret-edit.js | 4 - .../vault/cluster/secrets/backend/sign.js | 2 - .../vault/cluster/secrets/backend/versions.js | 2 - .../routes/vault/cluster/secrets/backends.js | 3 - .../vault/cluster/settings/auth/configure.js | 3 - .../settings/auth/configure/section.js | 1 - .../settings/configure-secret-backend.js | 4 +- .../configure-secret-backend/section.js | 4 - .../cluster/settings/mount-secret-backend.js | 2 - ui/app/routes/vault/cluster/settings/seal.js | 3 - ui/app/routes/vault/cluster/storage.js | 3 - ui/app/serializers/auth-method.js | 14 +- ui/app/serializers/cluster.js | 19 - .../serializers/pki/pki-certificate-engine.js | 3 - ui/app/serializers/pki/pki-issuer-engine.js | 15 - ui/app/serializers/pki/pki-key-engine.js | 15 - ui/app/serializers/pki/pki-role-engine.js | 4 +- ui/app/serializers/secret-engine.js | 22 +- ui/app/services/control-group.js | 32 +- ui/app/services/path-help.js | 2 +- ui/app/services/replication-mode.js | 2 +- ui/app/styles/components/info-table-row.scss | 1 + ui/app/styles/components/modal.scss | 2 +- ui/app/styles/components/popup-menu.scss | 3 +- ui/app/styles/core/generic.scss | 2 +- ui/app/styles/core/helpers.scss | 21 - ui/app/styles/utils/_bulma_variables.scss | 3 - ui/app/templates/components/auth-form.hbs | 2 +- .../templates/components/clients/history.hbs | 4 +- .../components/configure-aws-secret.hbs | 6 +- .../components/configure-ssh-secret.hbs | 2 +- .../components/database-connection.hbs | 14 +- .../components/database-role-edit.hbs | 2 +- .../components/database-role-setting-form.hbs | 14 +- ui/app/templates/components/date-dropdown.hbs | 4 +- .../components/diff-version-selector.hbs | 7 +- .../components/file-to-array-buffer.hbs | 20 +- .../components/form-field-from-model.hbs | 2 +- .../components/form-field-groups-loop.hbs | 20 +- .../generate-credentials-database.hbs | 4 +- .../components/generated-item-list.hbs | 5 +- .../templates/components/generated-item.hbs | 3 +- .../components/get-credentials-card.hbs | 42 +- .../components/identity/entity-nav.hbs | 6 +- .../components/identity/item-policies.hbs | 2 +- ui/app/templates/components/input-search.hbs | 4 +- .../components/keymgmt/distribute.hbs | 6 +- .../templates/components/keymgmt/key-edit.hbs | 2 +- .../components/keymgmt/provider-edit.hbs | 4 +- .../templates/components/kv-object-editor.hbs | 106 +- .../mfa/mfa-login-enforcement-form.hbs | 3 +- .../mfa/mfa-login-enforcement-header.hbs | 1 + .../templates/components/namespace-link.hbs | 6 +- .../templates/components/namespace-picker.hbs | 2 +- .../components/oidc/assignment-form.hbs | 2 + ui/app/templates/components/oidc/key-form.hbs | 2 +- .../components/oidc/provider-form.hbs | 7 +- ui/app/templates/components/pgp-file.hbs | 18 +- .../components/pki/config-pki-ca.hbs | 10 +- .../components/pki/role-pki-edit.hbs | 4 +- .../components/raft-storage-overview.hbs | 4 +- .../components/secret-create-or-update.hbs | 20 +- .../components/secret-edit-toolbar.hbs | 12 +- ui/app/templates/components/secret-edit.hbs | 160 +- .../secret-list/transform-list-item.hbs | 2 +- .../transform-transformation-item.hbs | 2 +- ui/app/templates/components/text-file.hbs | 26 +- .../components/tool-actions-form.hbs | 2 +- .../components/transit-form-show.hbs | 10 +- ui/app/templates/vault/cluster.hbs | 12 +- .../cluster/access/control-group-accessor.hbs | 2 +- .../vault/cluster/access/control-groups.hbs | 2 +- .../cluster/access/identity/aliases/show.hbs | 9 +- .../vault/cluster/access/identity/show.hbs | 13 +- .../vault/cluster/access/leases/list.hbs | 4 +- .../vault/cluster/access/method/section.hbs | 4 +- .../vault/cluster/access/methods.hbs | 2 +- .../mfa/enforcements/enforcement/index.hbs | 5 +- .../cluster/access/mfa/enforcements/index.hbs | 6 +- .../cluster/access/mfa/methods/index.hbs | 2 +- .../access/mfa/methods/method/index.hbs | 7 +- .../vault/cluster/access/namespaces/index.hbs | 4 +- .../oidc/assignments/assignment/details.hbs | 3 +- .../cluster/access/oidc/assignments/index.hbs | 6 +- .../access/oidc/clients/client/details.hbs | 3 +- .../cluster/access/oidc/clients/index.hbs | 2 +- .../vault/cluster/access/oidc/keys/index.hbs | 2 +- .../cluster/access/oidc/keys/key/details.hbs | 2 +- .../cluster/access/oidc/providers/index.hbs | 2 +- .../oidc/providers/provider/details.hbs | 3 +- .../cluster/access/oidc/scopes/index.hbs | 2 +- .../access/oidc/scopes/scope/details.hbs | 2 +- .../vault/cluster/policies/index.hbs | 2 +- .../templates/vault/cluster/policy/edit.hbs | 2 +- .../templates/vault/cluster/policy/show.hbs | 2 +- .../cluster/secrets/backend/configuration.hbs | 7 +- .../vault/cluster/secrets/backend/list.hbs | 12 +- .../cluster/secrets/backend/metadata.hbs | 2 +- .../cluster/secrets/backend/overview.hbs | 2 +- .../backend/transit-actions-layout.hbs | 4 +- .../cluster/secrets/backend/versions.hbs | 4 +- .../vault/cluster/secrets/backends.hbs | 14 +- .../vault/cluster/settings/auth/configure.hbs | 2 +- .../settings/configure-secret-backend.hbs | 2 +- ui/app/templates/vault/cluster/tools/tool.hbs | 2 +- ui/app/utils/field-to-attrs.js | 61 +- ui/app/utils/identity-manager.js | 47 - ui/config/content-security-policy.js | 18 - ui/config/deprecation-workflow.js | 23 +- ui/config/ember-cli-update.json | 2 +- ui/config/environment.js | 14 +- ui/config/targets.js | 24 +- ui/ember-cli-build.js | 2 - .../addon/components/autocomplete-input.hbs | 2 +- .../addon/components/autocomplete-input.js | 4 - .../components/form-field-groups-loop.js | 17 - ui/lib/core/addon/components/form-field.hbs | 33 +- ui/lib/core/addon/components/form-field.js | 4 +- .../addon/components/info-table-item-array.js | 2 +- .../core/addon/components/info-table-row.hbs | 2 +- .../components/radio-select-ttl-or-string.hbs | 49 - .../components/radio-select-ttl-or-string.js | 52 - .../addon/components/replication-dashboard.js | 2 +- .../components/search-select-with-modal.hbs | 4 +- .../components/search-select-with-modal.js | 5 +- .../core/addon/components/search-select.hbs | 100 - ui/lib/core/addon/components/search-select.js | 415 +- .../addon/components/secret-list-header.hbs | 4 +- ui/lib/core/addon/components/string-list.hbs | 9 +- ui/lib/core/addon/components/string-list.js | 11 +- .../core/addon/components/toolbar-actions.js | 2 +- ui/lib/core/addon/components/toolbar-link.hbs | 58 +- ui/lib/core/addon/components/toolbar-link.js | 26 +- ui/lib/core/addon/components/ttl-picker2.js | 5 +- .../core/addon/helpers/changelog-url-for.js | 4 +- ui/lib/core/addon/helpers/is-active-route.js | 2 +- .../core/addon/mixins/replication-actions.js | 2 +- .../templates/components/masked-input.hbs | 2 - .../templates/components/navigate-input.hbs | 2 - .../components/replication-summary-card.hbs | 4 +- .../templates/components/search-select.hbs | 97 + .../templates/components/shamir-flow.hbs | 4 +- .../components/shamir-modal-flow.hbs | 4 +- .../app/components/form-field-groups-loop.js | 1 - .../components/radio-select-ttl-or-string.js | 1 - ui/lib/kmip/addon/templates/configuration.hbs | 2 +- .../addon/templates/credentials/index.hbs | 2 +- .../kmip/addon/templates/credentials/show.hbs | 2 +- ui/lib/kmip/addon/templates/role.hbs | 2 +- ui/lib/kmip/addon/templates/scope/roles.hbs | 2 +- ui/lib/kmip/addon/templates/scopes/index.hbs | 2 +- .../addon/components/pki-key-parameters.hbs | 67 - .../addon/components/pki-key-parameters.js | 45 - ui/lib/pki/addon/components/pki-key-usage.hbs | 78 - ui/lib/pki/addon/components/pki-key-usage.js | 95 - ui/lib/pki/addon/components/pki-role-form.hbs | 137 - ui/lib/pki/addon/components/pki-role-form.js | 56 - .../addon/controllers/certificates/index.js | 15 - ui/lib/pki/addon/controllers/issuers/index.js | 14 - ui/lib/pki/addon/controllers/keys/index.js | 8 - ui/lib/pki/addon/controllers/roles/index.js | 2 +- ui/lib/pki/addon/routes.js | 9 +- ui/lib/pki/addon/routes/certificates.js | 3 + ui/lib/pki/addon/routes/certificates/index.js | 28 - .../configuration/create/generate-csr.js | 3 - .../configuration/create/generate-root.js | 3 - .../routes/configuration/create/import-ca.js | 3 - .../pki/addon/routes/configuration/details.js | 2 +- ui/lib/pki/addon/routes/configuration/edit.js | 2 +- .../pki/addon/routes/configuration/index.js | 2 +- ui/lib/pki/addon/routes/configuration/tidy.js | 2 +- ui/lib/pki/addon/routes/issuers.js | 3 + ui/lib/pki/addon/routes/issuers/index.js | 31 - ui/lib/pki/addon/routes/keys.js | 3 + ui/lib/pki/addon/routes/keys/generate.js | 3 - ui/lib/pki/addon/routes/keys/import.js | 3 - ui/lib/pki/addon/routes/keys/index.js | 28 - ui/lib/pki/addon/routes/keys/key/details.js | 3 - ui/lib/pki/addon/routes/keys/key/edit.js | 3 - ui/lib/pki/addon/routes/roles.js | 3 + ui/lib/pki/addon/routes/roles/create.js | 18 - ui/lib/pki/addon/routes/roles/index.js | 18 +- ui/lib/pki/addon/templates/certificates.hbs | 10 + .../addon/templates/certificates/index.hbs | 62 - .../configuration/create/generate-csr.hbs | 1 - .../configuration/create/generate-root.hbs | 1 - .../configuration/create/import-ca.hbs | 1 - .../addon/templates/configuration/index.hbs | 4 +- ui/lib/pki/addon/templates/issuers.hbs | 10 + ui/lib/pki/addon/templates/issuers/index.hbs | 89 - ui/lib/pki/addon/templates/keys.hbs | 10 + ui/lib/pki/addon/templates/keys/generate.hbs | 1 - ui/lib/pki/addon/templates/keys/import.hbs | 1 - ui/lib/pki/addon/templates/keys/index.hbs | 70 - .../pki/addon/templates/keys/key/details.hbs | 1 - ui/lib/pki/addon/templates/keys/key/edit.hbs | 1 - ui/lib/pki/addon/templates/overview.hbs | 3 +- ui/lib/pki/addon/templates/roles.hbs | 11 + ui/lib/pki/addon/templates/roles/create.hbs | 5 - ui/lib/pki/addon/templates/roles/index.hbs | 36 +- .../components/path-filter-config-list.js | 10 +- .../components/known-secondaries-card.hbs | 2 +- .../components/replication-summary.hbs | 25 +- ui/lib/replication/addon/templates/mode.hbs | 2 +- .../mode/secondaries/config-show.hbs | 6 +- .../templates/mode/secondaries/index.hbs | 8 +- ui/mirage/handlers/mfa-login.js | 4 +- ui/mirage/identity-managers/application.js | 48 +- ui/package.json | 71 +- ui/scripts/codemods/inject-service.js | 144 - .../codemods/jscodeshift-babylon-parser.js | 46 - ui/testem.enos.js | 2 +- .../access/identity/_shared-alias-tests.js | 16 +- .../access/identity/_shared-tests.js | 12 +- .../access/identity/entities/create-test.js | 2 +- .../access/identity/entities/index-test.js | 12 +- .../access/identity/groups/create-test.js | 2 +- ui/tests/acceptance/access/methods-test.js | 4 +- .../access/namespaces/index-test.js | 4 +- ui/tests/acceptance/auth-test.js | 21 +- ui/tests/acceptance/aws-test.js | 8 +- ui/tests/acceptance/client-current-test.js | 8 +- ui/tests/acceptance/client-history-test.js | 26 +- ui/tests/acceptance/console-test.js | 16 +- .../enterprise-control-groups-test.js | 5 +- ui/tests/acceptance/enterprise-kmip-test.js | 40 +- .../enterprise-license-banner-test.js | 4 +- .../acceptance/enterprise-namespaces-test.js | 4 +- .../acceptance/enterprise-replication-test.js | 21 +- .../acceptance/enterprise-transform-test.js | 64 +- ui/tests/acceptance/init-test.js | 10 +- ui/tests/acceptance/jwt-auth-method-test.js | 13 +- ui/tests/acceptance/leases-test.js | 8 +- ui/tests/acceptance/managed-namespace-test.js | 10 +- .../acceptance/mfa-login-enforcement-test.js | 16 +- ui/tests/acceptance/mfa-login-test.js | 2 +- ui/tests/acceptance/mfa-method-test.js | 20 +- ui/tests/acceptance/mfa-setup-test.js | 4 +- .../oidc-config/clients-assignments-test.js | 56 +- .../oidc-config/clients-keys-test.js | 46 +- .../oidc-config/providers-scopes-test.js | 76 +- ui/tests/acceptance/oidc-provider-test.js | 2 +- ui/tests/acceptance/policies-acl-old-test.js | 10 +- ui/tests/acceptance/policies-test.js | 12 +- ui/tests/acceptance/policies/index-test.js | 6 +- ui/tests/acceptance/policy-test.js | 4 +- ui/tests/acceptance/policy/edit-test.js | 8 +- ui/tests/acceptance/policy/show-test.js | 8 +- ui/tests/acceptance/raft-storage-test.js | 4 +- ui/tests/acceptance/redirect-to-test.js | 6 +- .../secrets/backend/alicloud/secret-test.js | 6 +- .../secrets/backend/cubbyhole/secret-test.js | 12 +- .../secrets/backend/database/secret-test.js | 28 +- .../secrets/backend/engines-test.js | 8 +- .../secrets/backend/gcpkms/secrets-test.js | 6 +- .../secrets/backend/generic/secret-test.js | 24 +- .../secrets/backend/kv/diff-test.js | 2 +- .../secrets/backend/kv/secret-test.js | 112 +- .../secrets/backend/pki/cert-test.js | 12 +- .../secrets/backend/pki/list-test.js | 16 +- .../secrets/backend/pki/role-test.js | 12 +- .../secrets/backend/ssh/role-test.js | 24 +- ui/tests/acceptance/settings-test.js | 6 +- .../settings/auth/configure/index-test.js | 12 +- .../settings/auth/configure/section-test.js | 4 +- .../acceptance/settings/auth/enable-test.js | 6 +- .../pki/index-test.js | 2 +- .../pki/section-cert-test.js | 4 +- .../pki/section-crl-test.js | 4 +- .../pki/section-tidy-test.js | 4 +- .../pki/section-urls-test.js | 4 +- .../settings/mount-secret-backend-test.js | 22 +- ui/tests/acceptance/ssh-test.js | 18 +- ui/tests/acceptance/tools-test.js | 2 +- ui/tests/acceptance/transit-test.js | 10 +- ui/tests/acceptance/unseal-test.js | 6 +- ui/tests/acceptance/wrapped-token-test.js | 4 +- ui/tests/helpers/.gitkeep | 0 ui/tests/helpers/index.js | 42 - ui/tests/helpers/pki-engine.js | 30 - ui/tests/index.html | 1 + .../auth-config-form/options-test.js | 2 +- .../integration/components/auth-form-test.js | 81 +- .../integration/components/auth-jwt-test.js | 44 +- .../components/autocomplete-input-test.js | 4 +- .../integration/components/b64-toggle-test.js | 14 +- .../integration/components/box-radio-test.js | 20 +- .../components/calendar-widget-test.js | 72 +- .../components/clients/attribution-test.js | 44 +- .../components/clients/config-test.js | 14 +- .../clients/horizontal-bar-chart-test.js | 16 +- .../components/clients/line-chart-test.js | 30 +- .../components/clients/monthly-usage-test.js | 8 +- .../components/clients/running-total-test.js | 36 +- .../components/clients/usage-stats-test.js | 2 +- .../clients/vertical-bar-chart-test.js | 8 +- .../components/confirm-action-test.js | 4 +- .../integration/components/confirm-test.js | 68 +- .../components/console/log-command-test.js | 2 +- .../components/console/log-error-test.js | 2 +- .../components/console/log-json-test.js | 4 +- .../components/console/log-list-test.js | 2 +- .../components/console/log-object-test.js | 2 +- .../components/console/log-text-test.js | 2 +- .../components/console/ui-panel-test.js | 20 +- .../components/control-group-success-test.js | 4 +- .../components/control-group-test.js | 53 +- .../database-role-setting-form-test.js | 10 +- .../components/date-dropdown-test.js | 18 +- .../components/diff-version-selector-test.js | 2 +- .../components/edit-form-kmip-role-test.js | 31 +- .../integration/components/edit-form-test.js | 16 +- .../components/features-selection-test.js | 2 +- .../integration/components/form-field-test.js | 41 +- .../components/get-credentials-card-test.js | 61 +- .../components/hover-copy-button-test.js | 4 +- ui/tests/integration/components/icon-test.js | 4 +- .../components/identity/item-details-test.js | 6 +- .../components/info-table-item-array-test.js | 16 +- .../components/info-table-row-test.js | 10 +- .../integration/components/info-table-test.js | 12 +- .../components/json-editor-test.js | 2 +- .../components/keymgmt/distribute-test.js | 8 +- .../components/keymgmt/key-edit-test.js | 16 +- .../components/keymgmt/provider-edit-test.js | 20 +- .../components/known-secondaries-card-test.js | 19 +- .../known-secondaries-table-test.js | 17 +- .../components/kv-object-editor-test.js | 22 +- .../components/license-banners-test.js | 6 +- .../components/license-info-test.js | 24 +- .../components/link-status-test.js | 4 +- .../components/linkable-item-test.js | 2 +- .../components/masked-input-test.js | 18 +- .../integration/components/mfa-form-test.js | 4 +- .../mfa-login-enforcement-form-test.js | 6 +- .../mfa-login-enforcement-header-test.js | 4 +- .../components/mfa/method-form-test.js | 2 +- .../components/mount-accessor-select-test.js | 20 +- .../components/mount-backend-form-test.js | 16 +- .../integration/components/nav-header-test.js | 6 +- .../components/oidc-consent-block-test.js | 12 +- .../components/oidc/assignment-form-test.js | 6 +- .../components/oidc/client-form-test.js | 4 +- .../components/oidc/key-form-test.js | 6 +- .../components/oidc/provider-form-test.js | 4 +- .../components/oidc/scope-form-test.js | 6 +- .../components/pagination-controls-test.js | 2 +- .../path-filter-config-list-test.js | 88 +- .../integration/components/pgp-file-test.js | 10 +- .../integration/components/pgp-list-test.js | 2 +- .../components/pki/config-pki-ca-test.js | 16 +- .../components/pki/config-pki-test.js | 20 +- .../components/pki/pki-key-parameters-test.js | 101 - .../components/pki/pki-key-usage-test.js | 85 - .../components/pki/pki-role-form-test.js | 112 - .../pki/radio-select-ttl-or-string-test.js | 90 - .../components/radial-progress-test.js | 18 +- .../integration/components/raft-join-test.js | 2 +- .../components/readonly-form-field-test.js | 4 +- .../components/regex-validator-test.js | 8 +- .../components/replication-dashboard-test.js | 50 +- .../components/replication-header-test.js | 8 +- .../components/replication-page-test.js | 6 +- .../replication-primary-card-test.js | 34 +- .../replication-secondary-card-test.js | 20 +- .../replication-summary-card-test.js | 6 +- .../components/replication-table-rows-test.js | 6 +- .../components/search-select-test.js | 419 +- .../search-select-with-modal-test.js | 16 +- .../components/secret-edit-test.js | 10 +- .../components/secret-list-header-test.js | 2 +- .../integration/components/select-test.js | 24 +- .../components/selectable-card-test.js | 8 +- .../components/shamir-modal-flow-test.js | 12 +- .../components/string-list-test.js | 18 +- .../integration/components/toggle-test.js | 8 +- .../components/token-expire-warning-test.js | 4 +- .../components/toolbar-link-test.js | 6 +- .../components/transform-list-item-test.js | 30 +- .../components/transit-key-actions-test.js | 30 +- .../integration/components/ttl-form-test.js | 6 +- .../integration/components/ttl-picker-test.js | 6 +- .../components/ttl-picker2-test.js | 26 +- .../components/upgrade-page-test.js | 6 +- .../integration/components/wrap-ttl-test.js | 14 +- .../integration/helpers/add-to-array-test.js | 2 +- .../helpers/changelog-url-for-test.js | 8 +- .../integration/helpers/date-format-test.js | 12 +- .../helpers/format-duration-test.js | 6 +- .../helpers/is-empty-value-test.js | 2 +- .../helpers/remove-from-array-test.js | 2 +- ui/tests/integration/services/auth-test.js | 50 +- .../utils/client-count-utils-test.js | 24 +- .../integration/utils/date-formatters-test.js | 18 +- .../pages/settings/mount-secret-backend.js | 2 +- ui/tests/unit/adapters/aws-credential-test.js | 10 +- ui/tests/unit/adapters/capabilities-test.js | 4 +- ui/tests/unit/adapters/cluster-test.js | 130 +- ui/tests/unit/adapters/console-test.js | 4 +- .../unit/adapters/identity/_test-cases.js | 4 +- .../adapters/identity/entity-alias-test.js | 10 +- .../adapters/identity/entity-merge-test.js | 4 +- .../unit/adapters/identity/entity-test.js | 8 +- .../adapters/identity/group-alias-test.js | 8 +- ui/tests/unit/adapters/identity/group-test.js | 8 +- ui/tests/unit/adapters/oidc/key-test.js | 2 +- ui/tests/unit/adapters/oidc/test-helper.js | 16 +- ui/tests/unit/adapters/secret-engine-test.js | 8 +- ui/tests/unit/adapters/secret-test.js | 8 +- ui/tests/unit/adapters/secret-v2-test.js | 4 +- .../unit/adapters/secret-v2-version-test.js | 4 +- ui/tests/unit/adapters/tools-test.js | 24 +- ui/tests/unit/adapters/transit-key-test.js | 22 +- ui/tests/unit/components/auth-jwt-test.js | 2 +- .../components/identity/edit-form-test.js | 2 +- .../unit/decorators/model-validations-test.js | 8 +- ui/tests/unit/helpers/await-test.js | 14 +- ui/tests/unit/helpers/filter-wildcard-test.js | 6 +- ui/tests/unit/lib/attach-capabilities-test.js | 14 +- ui/tests/unit/lib/kv-object-test.js | 4 +- ui/tests/unit/machines/auth-machine-test.js | 2 +- .../unit/machines/policies-machine-test.js | 2 +- .../unit/machines/replication-machine-test.js | 2 +- .../unit/machines/secrets-machine-test.js | 2 +- ui/tests/unit/machines/tools-machine-test.js | 2 +- ui/tests/unit/mixins/cluster-route-test.js | 42 +- ui/tests/unit/models/role-jwt-test.js | 18 +- ui/tests/unit/models/secret-engine-test.js | 10 +- ui/tests/unit/models/transit-key-test.js | 4 +- .../routes/vault/cluster/redirect-test.js | 47 +- ui/tests/unit/serializers/transit-key-test.js | 10 +- ui/tests/unit/services/auth-test.js | 4 +- ui/tests/unit/services/console-test.js | 16 +- ui/tests/unit/services/control-group-test.js | 62 +- ui/tests/unit/services/feature-flag-test.js | 6 +- ui/tests/unit/services/path-helper-test.js | 2 +- ui/tests/unit/services/permissions-test.js | 4 +- ui/tests/unit/services/store-test.js | 22 +- ui/tests/unit/services/wizard-test.js | 2 +- ui/tests/unit/utils/api-path-test.js | 2 +- ui/tests/unit/utils/chart-helpers-test.js | 28 +- ui/tests/unit/utils/common-prefix-test.js | 12 +- ui/tests/unit/utils/trim-right-test.js | 14 +- ui/yarn.lock | 2862 +- vault/activity/activity_log.pb.go | 2 +- vault/audit.go | 12 +- vault/auth.go | 12 +- vault/barrier_aes_gcm.go | 2 + vault/core.go | 6 +- vault/core_metrics.go | 32 +- vault/dynamic_system_view.go | 7 +- vault/external_plugin_test.go | 116 + vault/external_tests/identity/aliases_test.go | 169 - vault/ha.go | 97 +- vault/hcp_link/proto/node_status/status.pb.go | 2 +- vault/identity_store_entities.go | 125 +- vault/logical_system.go | 125 - vault/logical_system_paths.go | 8 - vault/logical_system_raft.go | 4 +- vault/mount.go | 37 +- vault/mount_util.go | 5 +- vault/policy_store.go | 7 +- vault/quotas/quotas.go | 100 +- vault/raft.go | 6 +- vault/request_forwarding_rpc.go | 6 - vault/request_forwarding_service.pb.go | 2 +- vault/request_handling.go | 4 +- vault/rollback.go | 4 +- vault/seal.go | 4 +- vault/testing.go | 2 +- vault/tokens/token.pb.go | 2 +- website/content/api-docs/auth/approle.mdx | 24 +- website/content/api-docs/libraries.mdx | 6 + website/content/api-docs/secret/consul.mdx | 2 + website/content/api-docs/secret/pki.mdx | 45 +- website/content/api-docs/secret/ssh.mdx | 6 +- website/content/api-docs/secret/transit.mdx | 20 - website/content/api-docs/system/init.mdx | 12 +- .../api-docs/system/internal-counters.mdx | 64 +- website/content/docs/agent/autoauth/index.mdx | 128 +- website/content/docs/agent/index.mdx | 2 +- website/content/docs/auth/aws.mdx | 4 - website/content/docs/auth/azure.mdx | 75 +- .../docs/auth/jwt/oidc-providers/google.mdx | 10 +- website/content/docs/auth/login-mfa/faq.mdx | 4 +- website/content/docs/auth/login-mfa/index.mdx | 4 +- .../content/docs/commands/operator/init.mdx | 6 +- .../content/docs/commands/operator/raft.mdx | 6 +- website/content/docs/commands/patch.mdx | 87 - website/content/docs/commands/read.mdx | 4 +- .../docs/concepts/client-count/index.mdx | 64 - website/content/docs/concepts/policies.mdx | 5 +- .../docs/configuration/listener/tcp.mdx | 2 +- .../service-registration/consul.mdx | 2 + .../docs/configuration/storage/consul.mdx | 2 + website/content/docs/deprecation/index.mdx | 2 +- .../content/docs/enterprise/managed-keys.mdx | 4 +- website/content/docs/enterprise/mfa/index.mdx | 2 +- .../content/docs/enterprise/mfa/mfa-totp.mdx | 4 +- .../content/docs/enterprise/namespaces.mdx | 1 - website/content/docs/internals/telemetry.mdx | 18 +- website/content/docs/partnerships.mdx | 2 +- .../k8s/helm/examples/ha-with-consul.mdx | 2 + .../platform/k8s/injector/annotations.mdx | 16 +- .../docs/platform/k8s/injector/examples.mdx | 4 +- .../docs/platform/k8s/injector/index.mdx | 3 +- .../content/docs/plugins/plugin-portal.mdx | 4 +- website/content/docs/release-notes/1.11.0.mdx | 12 +- website/content/docs/release-notes/1.12.0.mdx | 2 +- website/content/docs/secrets/consul.mdx | 2 + .../content/docs/secrets/databases/oracle.mdx | 2 +- .../docs/secrets/identity/oidc-provider.mdx | 8 +- .../docs/secrets/pki/considerations.mdx | 59 +- website/content/docs/secrets/pki/index.mdx | 8 + .../secrets/ssh/signed-ssh-certificates.mdx | 2 +- .../docs/upgrading/upgrade-to-1.12.x.mdx | 23 +- .../partials/consul-dataplane-compat.mdx | 1 + .../consul-dataplane-upgrade-note.mdx | 2 + .../partials/raft-retry-join-failure.mdx | 5 +- website/content/partials/tokenfields.mdx | 3 + website/data/docs-nav-data.json | 4 - website/package-lock.json | 20469 +- website/package.json | 6 +- 909 files changed, 21103 insertions(+), 194745 deletions(-) create mode 100644 .github/enos-run-matrices/ent.json create mode 100644 .github/enos-run-matrices/oss.json create mode 100644 .github/workflows/build-vault-oss.yml delete mode 100644 .github/workflows/remove-labels.yml delete mode 100644 builtin/logical/pki/zlint_test.go delete mode 100644 changelog/12166.txt delete mode 100644 changelog/14945.txt delete mode 100644 changelog/15869.txt delete mode 100644 changelog/16224.txt delete mode 100644 changelog/16622.txt delete mode 100644 changelog/16700.txt delete mode 100644 changelog/16872.txt delete mode 100644 changelog/16982.txt delete mode 100644 changelog/17086.txt delete mode 100644 changelog/17104.txt delete mode 100644 changelog/17167.txt delete mode 100644 changelog/17186.txt delete mode 100644 changelog/17187.txt delete mode 100644 changelog/17265.txt delete mode 100644 changelog/17289.txt delete mode 100644 changelog/17308.txt delete mode 100644 changelog/17338.txt delete mode 100644 changelog/17339.txt delete mode 100644 changelog/17376.txt delete mode 100644 changelog/17395.txt delete mode 100644 changelog/17406.txt delete mode 100644 changelog/17459.txt delete mode 100644 changelog/17499.txt delete mode 100644 changelog/17514.txt delete mode 100644 changelog/17540.txt delete mode 100644 changelog/17612.txt delete mode 100644 changelog/17636.txt delete mode 100644 changelog/17638.txt delete mode 100644 changelog/17650.txt delete mode 100644 changelog/17678.txt delete mode 100644 changelog/17747.txt delete mode 100644 changelog/17752.txt delete mode 100644 changelog/17768.txt create mode 100644 changelog/17772.txt delete mode 100644 changelog/17774.txt create mode 100644 changelog/17801.txt create mode 100644 changelog/17816.txt create mode 100644 changelog/17824.txt create mode 100644 changelog/17914.txt create mode 100644 changelog/17944.txt create mode 100644 changelog/17950.txt create mode 100644 changelog/18011.txt create mode 100644 changelog/18030.txt create mode 100644 changelog/18086.txt create mode 100644 changelog/_go-ver-1122.txt delete mode 100644 changelog/_go-ver-1130.txt delete mode 100644 changelog/plugin-versioning.txt delete mode 100644 command/patch.go delete mode 100644 command/patch_test.go create mode 100644 enos/enos-scenario-agent.hcl create mode 100755 enos/modules/build_local/scripts/build.sh delete mode 100755 enos/modules/build_local/templates/build.sh create mode 100644 enos/modules/get_local_version_from_make/main.tf create mode 100755 enos/modules/get_local_version_from_make/scripts/version.sh create mode 100644 enos/modules/vault-verify-replication/main.tf create mode 100644 enos/modules/vault-verify-replication/templates/smoke-verify-replication.sh create mode 100644 enos/modules/vault-verify-replication/variables.tf create mode 100644 enos/modules/vault-verify-ui/main.tf create mode 100644 enos/modules/vault-verify-ui/templates/smoke-verify-ui.sh create mode 100644 enos/modules/vault-verify-ui/variables.tf create mode 100644 enos/modules/vault-verify-write-data/main.tf create mode 100644 enos/modules/vault-verify-write-data/templates/smoke-enable-secrets-kv.sh create mode 100644 enos/modules/vault-verify-write-data/templates/smoke-write-test-data.sh create mode 100644 enos/modules/vault-verify-write-data/variables.tf create mode 100644 enos/modules/vault_agent/main.tf create mode 100644 enos/modules/vault_agent/templates/set-up-approle-and-agent.sh create mode 100644 enos/modules/vault_verify_agent_output/main.tf create mode 100644 enos/modules/vault_verify_agent_output/templates/verify-vault-agent-output.sh delete mode 100644 internalshared/configutil/userlockout.go delete mode 100644 internalshared/configutil/userlockout_test.go delete mode 100755 scripts/build_date.sh create mode 100755 scripts/crt-builder.sh delete mode 100755 scripts/version.sh delete mode 100644 ui/.github/workflows/ci.yml delete mode 100755 ui/.yarn/releases/yarn-1.22.19.js delete mode 100644 ui/app/adapters/pki/pki-certificate-engine.js delete mode 100644 ui/app/adapters/pki/pki-issuer-engine.js delete mode 100644 ui/app/adapters/pki/pki-key-engine.js create mode 100644 ui/app/models/mount-options.js delete mode 100644 ui/app/models/pki/pki-certificate-engine.js delete mode 100644 ui/app/models/pki/pki-issuer-engine.js delete mode 100644 ui/app/models/pki/pki-key-engine.js delete mode 100644 ui/app/serializers/pki/pki-certificate-engine.js delete mode 100644 ui/app/serializers/pki/pki-issuer-engine.js delete mode 100644 ui/app/serializers/pki/pki-key-engine.js rename ui/{lib/core/addon => app/templates}/components/form-field-groups-loop.hbs (59%) delete mode 100644 ui/app/utils/identity-manager.js delete mode 100644 ui/config/content-security-policy.js delete mode 100644 ui/lib/core/addon/components/form-field-groups-loop.js delete mode 100644 ui/lib/core/addon/components/radio-select-ttl-or-string.hbs delete mode 100644 ui/lib/core/addon/components/radio-select-ttl-or-string.js delete mode 100644 ui/lib/core/addon/components/search-select.hbs create mode 100644 ui/lib/core/addon/templates/components/search-select.hbs delete mode 100644 ui/lib/core/app/components/form-field-groups-loop.js delete mode 100644 ui/lib/core/app/components/radio-select-ttl-or-string.js delete mode 100644 ui/lib/pki/addon/components/pki-key-parameters.hbs delete mode 100644 ui/lib/pki/addon/components/pki-key-parameters.js delete mode 100644 ui/lib/pki/addon/components/pki-key-usage.hbs delete mode 100644 ui/lib/pki/addon/components/pki-key-usage.js delete mode 100644 ui/lib/pki/addon/components/pki-role-form.hbs delete mode 100644 ui/lib/pki/addon/components/pki-role-form.js delete mode 100644 ui/lib/pki/addon/controllers/certificates/index.js delete mode 100644 ui/lib/pki/addon/controllers/issuers/index.js delete mode 100644 ui/lib/pki/addon/controllers/keys/index.js create mode 100644 ui/lib/pki/addon/routes/certificates.js delete mode 100644 ui/lib/pki/addon/routes/certificates/index.js delete mode 100644 ui/lib/pki/addon/routes/configuration/create/generate-csr.js delete mode 100644 ui/lib/pki/addon/routes/configuration/create/generate-root.js delete mode 100644 ui/lib/pki/addon/routes/configuration/create/import-ca.js create mode 100644 ui/lib/pki/addon/routes/issuers.js delete mode 100644 ui/lib/pki/addon/routes/issuers/index.js create mode 100644 ui/lib/pki/addon/routes/keys.js delete mode 100644 ui/lib/pki/addon/routes/keys/generate.js delete mode 100644 ui/lib/pki/addon/routes/keys/import.js delete mode 100644 ui/lib/pki/addon/routes/keys/index.js delete mode 100644 ui/lib/pki/addon/routes/keys/key/details.js delete mode 100644 ui/lib/pki/addon/routes/keys/key/edit.js create mode 100644 ui/lib/pki/addon/routes/roles.js delete mode 100644 ui/lib/pki/addon/routes/roles/create.js create mode 100644 ui/lib/pki/addon/templates/certificates.hbs delete mode 100644 ui/lib/pki/addon/templates/certificates/index.hbs delete mode 100644 ui/lib/pki/addon/templates/configuration/create/generate-csr.hbs delete mode 100644 ui/lib/pki/addon/templates/configuration/create/generate-root.hbs delete mode 100644 ui/lib/pki/addon/templates/configuration/create/import-ca.hbs create mode 100644 ui/lib/pki/addon/templates/issuers.hbs delete mode 100644 ui/lib/pki/addon/templates/issuers/index.hbs create mode 100644 ui/lib/pki/addon/templates/keys.hbs delete mode 100644 ui/lib/pki/addon/templates/keys/generate.hbs delete mode 100644 ui/lib/pki/addon/templates/keys/import.hbs delete mode 100644 ui/lib/pki/addon/templates/keys/index.hbs delete mode 100644 ui/lib/pki/addon/templates/keys/key/details.hbs delete mode 100644 ui/lib/pki/addon/templates/keys/key/edit.hbs create mode 100644 ui/lib/pki/addon/templates/roles.hbs delete mode 100644 ui/lib/pki/addon/templates/roles/create.hbs delete mode 100644 ui/scripts/codemods/inject-service.js delete mode 100644 ui/scripts/codemods/jscodeshift-babylon-parser.js create mode 100644 ui/tests/helpers/.gitkeep delete mode 100644 ui/tests/helpers/index.js delete mode 100644 ui/tests/helpers/pki-engine.js delete mode 100644 ui/tests/integration/components/pki/pki-key-parameters-test.js delete mode 100644 ui/tests/integration/components/pki/pki-key-usage-test.js delete mode 100644 ui/tests/integration/components/pki/pki-role-form-test.js delete mode 100644 ui/tests/integration/components/pki/radio-select-ttl-or-string-test.js delete mode 100644 website/content/docs/commands/patch.mdx create mode 100644 website/content/partials/consul-dataplane-compat.mdx create mode 100644 website/content/partials/consul-dataplane-upgrade-note.mdx diff --git a/.circleci/config.yml b/.circleci/config.yml index e1cf94eaea14d..4a5a86ea793c2 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -120,13 +120,13 @@ jobs: root: . environment: - CIRCLECI_CLI_VERSION: 0.1.5546 - - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.3 - GO_TAGS: '' - GOFUMPT_VERSION: 0.3.1 - GOTESTSUM_VERSION: 0.5.2 test-go-remote-docker: docker: - - image: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - image: docker.mirror.hashicorp.services/cimg/go:1.19.3 resource_class: medium working_directory: /home/circleci/go/src/github.com/hashicorp/vault parallelism: 8 @@ -352,7 +352,7 @@ jobs: path: /tmp/testlogs environment: - CIRCLECI_CLI_VERSION: 0.1.5546 - - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.3 - GO_TAGS: '' - GOFUMPT_VERSION: 0.3.1 - GOTESTSUM_VERSION: 0.5.2 @@ -396,13 +396,13 @@ jobs: name: make fmt environment: - CIRCLECI_CLI_VERSION: 0.1.5546 - - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.3 - GO_TAGS: '' - GOFUMPT_VERSION: 0.3.1 - GOTESTSUM_VERSION: 0.5.2 test-go-race: docker: - - image: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - image: docker.mirror.hashicorp.services/cimg/go:1.19.3 resource_class: xlarge working_directory: /home/circleci/go/src/github.com/hashicorp/vault parallelism: 8 @@ -618,13 +618,13 @@ jobs: path: /tmp/testlogs environment: - CIRCLECI_CLI_VERSION: 0.1.5546 - - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.3 - GO_TAGS: '' - GOFUMPT_VERSION: 0.3.1 - GOTESTSUM_VERSION: 0.5.2 test-go: docker: - - image: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - image: docker.mirror.hashicorp.services/cimg/go:1.19.3 resource_class: large working_directory: /home/circleci/go/src/github.com/hashicorp/vault parallelism: 8 @@ -840,7 +840,7 @@ jobs: path: /tmp/testlogs environment: - CIRCLECI_CLI_VERSION: 0.1.5546 - - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.3 - GO_TAGS: '' - GOFUMPT_VERSION: 0.3.1 - GOTESTSUM_VERSION: 0.5.2 @@ -947,13 +947,13 @@ jobs: - /home/circleci/go/pkg/mod environment: - CIRCLECI_CLI_VERSION: 0.1.5546 - - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.3 - GO_TAGS: '' - GOFUMPT_VERSION: 0.3.1 - GOTESTSUM_VERSION: 0.5.2 test-go-race-remote-docker: docker: - - image: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - image: docker.mirror.hashicorp.services/cimg/go:1.19.3 resource_class: medium working_directory: /home/circleci/go/src/github.com/hashicorp/vault parallelism: 8 @@ -1179,7 +1179,7 @@ jobs: path: /tmp/testlogs environment: - CIRCLECI_CLI_VERSION: 0.1.5546 - - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.2 + - GO_IMAGE: docker.mirror.hashicorp.services/cimg/go:1.19.3 - GO_TAGS: '' - GOFUMPT_VERSION: 0.3.1 - GOTESTSUM_VERSION: 0.5.2 diff --git a/.circleci/config/executors/@executors.yml b/.circleci/config/executors/@executors.yml index 905f00c712a7f..32494efbdc56f 100644 --- a/.circleci/config/executors/@executors.yml +++ b/.circleci/config/executors/@executors.yml @@ -4,7 +4,7 @@ references: GOTESTSUM_VERSION: 0.5.2 # Pin gotestsum to patch version (ex: 1.2.3) GOFUMPT_VERSION: 0.3.1 # Pin gofumpt to patch version (ex: 1.2.3) GO_TAGS: "" - GO_IMAGE: &GO_IMAGE "docker.mirror.hashicorp.services/cimg/go:1.19.2" + GO_IMAGE: &GO_IMAGE "docker.mirror.hashicorp.services/cimg/go:1.19.3" go-machine: machine: diff --git a/.github/enos-run-matrices/artifactory-ent.json b/.github/enos-run-matrices/artifactory-ent.json index 2df3a1c5665c4..abbea6eb0809d 100644 --- a/.github/enos-run-matrices/artifactory-ent.json +++ b/.github/enos-run-matrices/artifactory-ent.json @@ -1,43 +1,43 @@ { "include": [ { - "scenario": "smoke arch:amd64 artifact_source:artifactory backend:consul consul_version:1.13.2 distro:rhel edition:ent seal:awskms", + "scenario": "smoke arch:amd64 artifact_source:artifactory backend:consul consul_version:1.13.2 distro:rhel edition:ent seal:awskms artifact_type:bundle", "aws_region": "us-east-1" }, { - "scenario": "smoke arch:amd64 artifact_source:artifactory backend:consul consul_version:1.13.2 distro:ubuntu edition:ent seal:shamir", + "scenario": "smoke arch:amd64 artifact_source:artifactory backend:consul consul_version:1.13.2 distro:ubuntu edition:ent seal:shamir artifact_type:bundle", "aws_region": "us-east-2" }, { - "scenario": "smoke arch:arm64 artifact_source:artifactory backend:raft consul_version:1.11.10 distro:ubuntu edition:ent seal:awskms", + "scenario": "smoke arch:arm64 artifact_source:artifactory backend:raft consul_version:1.11.10 distro:ubuntu edition:ent seal:awskms artifact_type:bundle", "aws_region": "us-west-1" }, { - "scenario": "smoke arch:arm64 artifact_source:artifactory backend:raft consul_version:1.11.10 distro:rhel edition:ent seal:shamir", + "scenario": "smoke arch:arm64 artifact_source:artifactory backend:raft consul_version:1.11.10 distro:rhel edition:ent seal:shamir artifact_type:bundle", "aws_region": "us-west-2" }, { - "scenario": "upgrade arch:arm64 artifact_source:artifactory backend:consul consul_version:1.12.5 distro:ubuntu edition:ent seal:shamir", + "scenario": "upgrade arch:arm64 artifact_source:artifactory backend:consul consul_version:1.12.5 distro:ubuntu edition:ent seal:shamir artifact_type:bundle", "aws_region": "us-west-1" }, { - "scenario": "upgrade arch:amd64 artifact_source:artifactory backend:consul consul_version:1.13.2 distro:rhel edition:ent seal:awskms", + "scenario": "upgrade arch:amd64 artifact_source:artifactory backend:consul consul_version:1.13.2 distro:rhel edition:ent seal:awskms artifact_type:bundle", "aws_region": "us-west-2" }, { - "scenario": "upgrade arch:arm64 artifact_source:artifactory backend:raft consul_version:1.12.5 distro:rhel edition:ent seal:shamir", + "scenario": "upgrade arch:arm64 artifact_source:artifactory backend:raft consul_version:1.12.5 distro:rhel edition:ent seal:shamir artifact_type:bundle", "aws_region": "us-east-1" }, { - "scenario": "upgrade arch:amd64 artifact_source:artifactory backend:raft consul_version:1.13.2 distro:ubuntu edition:ent seal:awskms", + "scenario": "upgrade arch:amd64 artifact_source:artifactory backend:raft consul_version:1.13.2 distro:ubuntu edition:ent seal:awskms artifact_type:bundle", "aws_region": "us-east-2" }, { - "scenario": "autopilot arch:amd64 artifact_source:artifactory distro:ubuntu edition:ent seal:awskms", + "scenario": "autopilot arch:amd64 artifact_source:artifactory distro:ubuntu edition:ent seal:awskms artifact_type:bundle", "aws_region": "us-west-1" }, { - "scenario": "autopilot arch:arm64 artifact_source:artifactory distro:rhel edition:ent seal:shamir", + "scenario": "autopilot arch:arm64 artifact_source:artifactory distro:rhel edition:ent seal:shamir artifact_type:bundle", "aws_region": "us-west-2" } ] diff --git a/.github/enos-run-matrices/artifactory-oss.json b/.github/enos-run-matrices/artifactory-oss.json index fccc26542f0d0..1a4cf2d0f842b 100644 --- a/.github/enos-run-matrices/artifactory-oss.json +++ b/.github/enos-run-matrices/artifactory-oss.json @@ -1,35 +1,35 @@ { "include": [ { - "scenario": "smoke arch:amd64 artifact_source:artifactory backend:consul consul_version:1.13.2 distro:rhel edition:oss seal:awskms", + "scenario": "smoke arch:amd64 artifact_source:artifactory backend:consul consul_version:1.13.2 distro:rhel edition:oss seal:awskms artifact_type:bundle", "aws_region": "us-east-1" }, { - "scenario": "smoke arch:amd64 artifact_source:artifactory backend:consul consul_version:1.12.5 distro:ubuntu edition:oss seal:shamir", + "scenario": "smoke arch:amd64 artifact_source:artifactory backend:consul consul_version:1.12.5 distro:ubuntu edition:oss seal:shamir artifact_type:bundle", "aws_region": "us-east-2" }, { - "scenario": "smoke arch:arm64 artifact_source:artifactory backend:raft consul_version:1.11.10 distro:ubuntu edition:oss seal:awskms", + "scenario": "smoke arch:arm64 artifact_source:artifactory backend:raft consul_version:1.11.10 distro:ubuntu edition:oss seal:awskms artifact_type:bundle", "aws_region": "us-west-1" }, { - "scenario": "smoke arch:arm64 artifact_source:artifactory backend:raft consul_version:1.11.10 distro:rhel edition:oss seal:shamir", + "scenario": "smoke arch:arm64 artifact_source:artifactory backend:raft consul_version:1.11.10 distro:rhel edition:oss seal:shamir artifact_type:bundle", "aws_region": "us-west-2" }, { - "scenario": "upgrade arch:arm64 artifact_source:artifactory backend:consul consul_version:1.11.10 distro:ubuntu edition:oss seal:shamir", + "scenario": "upgrade arch:arm64 artifact_source:artifactory backend:consul consul_version:1.11.10 distro:ubuntu edition:oss seal:shamir artifact_type:bundle", "aws_region": "us-west-1" }, { - "scenario": "upgrade arch:amd64 artifact_source:artifactory backend:consul consul_version:1.13.2 distro:rhel edition:oss seal:awskms", + "scenario": "upgrade arch:amd64 artifact_source:artifactory backend:consul consul_version:1.13.2 distro:rhel edition:oss seal:awskms artifact_type:bundle", "aws_region": "us-west-2" }, { - "scenario": "upgrade arch:arm64 artifact_source:artifactory backend:raft consul_version:1.12.5 distro:rhel edition:oss seal:shamir", + "scenario": "upgrade arch:arm64 artifact_source:artifactory backend:raft consul_version:1.12.5 distro:rhel edition:oss seal:shamir artifact_type:bundle", "aws_region": "us-east-1" }, { - "scenario": "upgrade arch:amd64 artifact_source:artifactory backend:raft consul_version:1.13.2 distro:ubuntu edition:oss seal:awskms", + "scenario": "upgrade arch:amd64 artifact_source:artifactory backend:raft consul_version:1.13.2 distro:ubuntu edition:oss seal:awskms artifact_type:bundle", "aws_region": "us-east-2" } ] diff --git a/.github/enos-run-matrices/crt-ent.json b/.github/enos-run-matrices/crt-ent.json index 29a5b8c508af1..1f61898efeba3 100644 --- a/.github/enos-run-matrices/crt-ent.json +++ b/.github/enos-run-matrices/crt-ent.json @@ -1,23 +1,23 @@ { "include": [ { - "scenario": "smoke backend:consul consul_version:1.13.2 distro:ubuntu seal:awskms arch:amd64 artifact_source:crt edition:ent", + "scenario": "smoke backend:consul consul_version:1.13.2 distro:ubuntu seal:awskms arch:amd64 artifact_source:crt edition:ent artifact_type:bundle", "aws_region": "us-west-1" }, { - "scenario": "smoke backend:raft consul_version:1.13.2 distro:ubuntu seal:shamir arch:amd64 artifact_source:crt edition:ent", + "scenario": "smoke backend:raft consul_version:1.13.2 distro:ubuntu seal:shamir arch:amd64 artifact_source:crt edition:ent artifact_type:bundle", "aws_region": "us-west-2" }, { - "scenario": "upgrade backend:raft consul_version:1.12.5 distro:rhel seal:shamir arch:amd64 artifact_source:crt edition:ent", + "scenario": "upgrade backend:raft consul_version:1.12.5 distro:rhel seal:shamir arch:amd64 artifact_source:crt edition:ent artifact_type:bundle", "aws_region": "us-west-1" }, { - "scenario": "upgrade backend:consul consul_version:1.12.5 distro:rhel seal:awskms arch:amd64 artifact_source:crt edition:ent", + "scenario": "upgrade backend:consul consul_version:1.12.5 distro:rhel seal:awskms arch:amd64 artifact_source:crt edition:ent artifact_type:bundle", "aws_region": "us-west-2" }, { - "scenario": "autopilot distro:ubuntu seal:shamir arch:amd64 artifact_source:crt edition:ent", + "scenario": "autopilot distro:ubuntu seal:shamir arch:amd64 artifact_source:crt edition:ent artifact_type:bundle", "aws_region": "us-west-1" } ] diff --git a/.github/enos-run-matrices/crt-oss.json b/.github/enos-run-matrices/crt-oss.json index ddd35345af5cf..29b303814f8e4 100644 --- a/.github/enos-run-matrices/crt-oss.json +++ b/.github/enos-run-matrices/crt-oss.json @@ -1,19 +1,19 @@ { "include": [ { - "scenario": "smoke backend:consul consul_version:1.13.2 distro:ubuntu seal:awskms arch:amd64 artifact_source:crt edition:oss", + "scenario": "smoke backend:consul consul_version:1.13.2 distro:ubuntu seal:awskms arch:amd64 artifact_source:crt edition:oss artifact_type:bundle", "aws_region": "us-west-1" }, { - "scenario": "smoke backend:raft consul_version:1.13.2 distro:ubuntu seal:shamir arch:amd64 artifact_source:crt edition:oss", + "scenario": "smoke backend:raft consul_version:1.13.2 distro:ubuntu seal:shamir arch:amd64 artifact_source:crt edition:oss artifact_type:bundle", "aws_region": "us-west-2" }, { - "scenario": "upgrade backend:raft consul_version:1.12.5 distro:rhel seal:shamir arch:amd64 artifact_source:crt edition:oss", + "scenario": "upgrade backend:raft consul_version:1.12.5 distro:rhel seal:shamir arch:amd64 artifact_source:crt edition:oss artifact_type:bundle", "aws_region": "us-west-1" }, { - "scenario": "upgrade backend:consul consul_version:1.12.5 distro:rhel seal:awskms arch:amd64 artifact_source:crt edition:oss", + "scenario": "upgrade backend:consul consul_version:1.12.5 distro:rhel seal:awskms arch:amd64 artifact_source:crt edition:oss artifact_type:bundle", "aws_region": "us-west-2" } ] diff --git a/.github/enos-run-matrices/ent.json b/.github/enos-run-matrices/ent.json new file mode 100644 index 0000000000000..d1dafc0fba595 --- /dev/null +++ b/.github/enos-run-matrices/ent.json @@ -0,0 +1,24 @@ +{ + "include": [ + { + "scenario": "smoke backend:consul consul_version:1.12.3 distro:ubuntu seal:awskms arch:amd64 builder:crt edition:ent", + "aws_region": "us-west-1" + }, + { + "scenario": "smoke backend:raft consul_version:1.12.3 distro:ubuntu seal:shamir arch:amd64 builder:crt edition:ent", + "aws_region": "us-west-2" + }, + { + "scenario": "upgrade backend:raft consul_version:1.11.7 distro:rhel seal:shamir arch:amd64 builder:crt edition:ent", + "aws_region": "us-west-1" + }, + { + "scenario": "upgrade backend:consul consul_version:1.11.7 distro:rhel seal:awskms arch:amd64 builder:crt edition:ent", + "aws_region": "us-west-2" + }, + { + "scenario": "autopilot distro:ubuntu seal:shamir arch:amd64 builder:crt edition:ent", + "aws_region": "us-west-1" + } + ] +} diff --git a/.github/enos-run-matrices/oss.json b/.github/enos-run-matrices/oss.json new file mode 100644 index 0000000000000..7ce25ebc49a22 --- /dev/null +++ b/.github/enos-run-matrices/oss.json @@ -0,0 +1,20 @@ +{ + "include": [ + { + "scenario": "smoke backend:consul consul_version:1.12.3 distro:ubuntu seal:awskms arch:amd64 builder:crt edition:oss", + "aws_region": "us-west-1" + }, + { + "scenario": "smoke backend:raft consul_version:1.12.3 distro:ubuntu seal:shamir arch:amd64 builder:crt edition:oss", + "aws_region": "us-west-2" + }, + { + "scenario": "upgrade backend:raft consul_version:1.11.7 distro:rhel seal:shamir arch:amd64 builder:crt edition:oss", + "aws_region": "us-west-1" + }, + { + "scenario": "upgrade backend:consul consul_version:1.11.7 distro:rhel seal:awskms arch:amd64 builder:crt edition:oss", + "aws_region": "us-west-2" + } + ] +} diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index c2f347e570819..ebcbada20e0a1 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -11,11 +11,11 @@ jobs: backport-targeted-release-branch: if: github.event.pull_request.merged runs-on: ubuntu-latest - container: hashicorpdev/backport-assistant:0.3.0 + container: hashicorpdev/backport-assistant:0.2.5 steps: - name: Backport changes to targeted release branch run: | - backport-assistant backport -merge-method=squash -gh-automerge + backport-assistant backport env: BACKPORT_LABEL_REGEXP: "backport/(?P\\d+\\.\\d+\\.[+\\w]+)" BACKPORT_TARGET_TEMPLATE: "release/{{.target}}" diff --git a/.github/workflows/build-vault-oss.yml b/.github/workflows/build-vault-oss.yml new file mode 100644 index 0000000000000..ff513d2002c82 --- /dev/null +++ b/.github/workflows/build-vault-oss.yml @@ -0,0 +1,111 @@ +--- +name: build_vault + +# This workflow is intended to be called by the build workflow for each Vault +# binary that needs to be built and packaged. The crt make targets that are +# utilized automatically determine build metadata and handle building and +# packing vault. + +on: + workflow_call: + inputs: + bundle-path: + required: false + type: string + cgo-enabled: + type: string + default: 0 + create-packages: + type: boolean + default: true + goos: + required: true + type: string + goarch: + required: true + type: string + go-tags: + type: string + go-version: + type: string + package-name: + type: string + default: vault + vault-version: + type: string + required: true + +jobs: + build: + runs-on: "ubuntu-latest" + name: Vault ${{ inputs.goos }} ${{ inputs.goarch }} v${{ inputs.vault-version }} + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v3 + with: + go-version: ${{ inputs.go-version }} + - name: Set up node and yarn + uses: actions/setup-node@v3 + with: + node-version: 14 + cache: yarn + cache-dependency-path: ui/yarn.lock + - name: Build UI + run: make crt-build-ui + - name: Build Vault + env: + CGO_ENABLED: ${{ inputs.cgo-enabled }} + GOARCH: ${{ inputs.goarch }} + GOOS: ${{ inputs.goos }} + GO_TAGS: ${{ inputs.go-tags }} + # We started stripping symbol tables in 1.13.x + KEEP_SYMBOLS: true + run: make crt-build + - name: Determine artifact basename + env: + GOARCH: ${{ inputs.goarch }} + GOOS: ${{ inputs.goos }} + run: echo "ARTIFACT_BASENAME=$(make crt-get-artifact-basename)" >> $GITHUB_ENV + - name: Bundle Vault + env: + BUNDLE_PATH: out/${{ env.ARTIFACT_BASENAME }}.zip + run: make crt-bundle + - uses: actions/upload-artifact@v3 + with: + name: ${{ env.ARTIFACT_BASENAME }}.zip + path: out/${{ env.ARTIFACT_BASENAME }}.zip + if-no-files-found: error + - if: ${{ inputs.create-packages }} + uses: hashicorp/actions-packaging-linux@v1 + with: + name: ${{ github.event.repository.name }} + description: Vault is a tool for secrets management, encryption as a service, and privileged access management. + arch: ${{ inputs.goarch }} + version: ${{ inputs.vault-version }} + maintainer: HashiCorp + homepage: https://github.com/hashicorp/vault + license: MPL-2.0 + binary: dist/${{ inputs.package-name }} + deb_depends: openssl + rpm_depends: openssl + config_dir: .release/linux/package/ + preinstall: .release/linux/preinst + postinstall: .release/linux/postinst + postremove: .release/linux/postrm + - if: ${{ inputs.create-packages }} + name: Determine package file names + run: | + echo "RPM_PACKAGE=$(basename out/*.rpm)" >> $GITHUB_ENV + echo "DEB_PACKAGE=$(basename out/*.deb)" >> $GITHUB_ENV + - if: ${{ inputs.create-packages }} + uses: actions/upload-artifact@v3 + with: + name: ${{ env.RPM_PACKAGE }} + path: out/${{ env.RPM_PACKAGE }} + if-no-files-found: error + - if: ${{ inputs.create-packages }} + uses: actions/upload-artifact@v3 + with: + name: ${{ env.DEB_PACKAGE }} + path: out/${{ env.DEB_PACKAGE }} + if-no-files-found: error diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0cf2cbb03a7c9..ecb086bf650b9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,70 +1,57 @@ +--- name: build on: workflow_dispatch: + pull_request: push: - branches-ignore: - - docs/** - - backport/docs/** + branches: + - main + - release/** env: - PKG_NAME: "vault" - GO_TAGS: "ui" + PKG_NAME: vault jobs: - product-metadata: runs-on: ubuntu-latest outputs: - product-revision: ${{ steps.get-product-revision.outputs.product-revision }} - product-version: ${{ steps.get-product-version.outputs.product-version }} - product-base-version: ${{ steps.get-product-version.outputs.product-base-version }} - build-date: ${{ steps.get-build-date.outputs.build-date }} + build-date: ${{ steps.get-metadata.outputs.build-date }} + filepath: ${{ steps.generate-metadata-file.outputs.filepath }} + go-version: ${{ steps.get-metadata.outputs.go-version }} + package-name: ${{ steps.get-metadata.outputs.package-name }} + vault-revision: ${{ steps.get-metadata.outputs.vault-revision }} + vault-version: ${{ steps.get-metadata.outputs.vault-version }} + vault-base-version: ${{ steps.get-metadata.outputs.vault-base-version }} steps: - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - - name: Get product revision - id: get-product-revision - run: echo "::set-output name=product-revision::$(git rev-parse HEAD)" - - name: Get product version - id: get-product-version - run: | - make version - IFS="-" read BASE_VERSION _other <<< "$(make version)" - echo "::set-output name=product-version::$(make version)" - echo "::set-output name=product-base-version::${BASE_VERSION}" - - name: Get build date - id: get-build-date + - name: Get metadata + id: get-metadata run: | - make build-date - echo "::set-output name=build-date::$(make build-date)" - - generate-metadata-file: - needs: product-metadata - runs-on: ubuntu-latest - outputs: - filepath: ${{ steps.generate-metadata-file.outputs.filepath }} - steps: - - name: 'Checkout directory' - uses: actions/checkout@v2 - - name: Generate metadata file + echo "build-date=$(make crt-get-date)" >> $GITHUB_OUTPUT + echo "package-name=${{ env.PKG_NAME }}" >> $GITHUB_OUTPUT + echo "go-version=$(cat ./.go-version)" >> $GITHUB_OUTPUT + echo "vault-base-version=$(make crt-get-version-base)" >> $GITHUB_OUTPUT + echo "vault-revision=$(make crt-get-revision)" >> $GITHUB_OUTPUT + echo "vault-version=$(make crt-get-version)" >> $GITHUB_OUTPUT + - uses: hashicorp/actions-generate-metadata@v1 id: generate-metadata-file - uses: hashicorp/actions-generate-metadata@v1 with: - version: ${{ needs.product-metadata.outputs.product-version }} - product: ${{ env.PKG_NAME }} - - uses: actions/upload-artifact@v2 + version: ${{ steps.get-metadata.outputs.vault-version }} + product: ${{ steps.get-metadata.outputs.package-name }} + - uses: actions/upload-artifact@v3 with: name: metadata.json path: ${{ steps.generate-metadata-file.outputs.filepath }} + if-no-files-found: error build-other: - needs: [ product-metadata ] - runs-on: ubuntu-latest + name: Build Vault Other + needs: product-metadata strategy: matrix: - goos: [ freebsd, windows, netbsd, openbsd, solaris ] - goarch: [ "386", "amd64", "arm" ] + goos: [freebsd, windows, netbsd, openbsd, solaris] + goarch: [386, amd64, arm] exclude: - goos: solaris goarch: 386 @@ -73,229 +60,99 @@ jobs: - goos: windows goarch: arm fail-fast: true - - name: Go ${{ matrix.goos }} ${{ matrix.goarch }} build - - steps: - - uses: actions/checkout@v2 - - name: Setup go - uses: actions/setup-go@v3 - with: - go-version-file: go.mod - - name: Setup node and yarn - uses: actions/setup-node@v2 - with: - node-version: '14' - cache: 'yarn' - cache-dependency-path: 'ui/yarn.lock' - - name: UI Build - run: | - cd ui - yarn install --ignore-optional - npm rebuild node-sass - yarn --verbose run build - cd .. - - name: Build - env: - GOOS: ${{ matrix.goos }} - GOARCH: ${{ matrix.goarch }} - CGO_ENABLED: 0 - run: | - mkdir dist out - GO_TAGS="${{ env.GO_TAGS }}" VAULT_VERSION=${{ needs.product-metadata.outputs.product-base-version }} VAULT_REVISION="$(git rev-parse HEAD)" VAULT_BUILD_DATE="${{ needs.product-metadata.outputs.build-date }}" make build - zip -r -j out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/ - - uses: actions/upload-artifact@v2 - with: - name: ${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - path: out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip + uses: ./.github/workflows/build-vault-oss.yml + with: + create-packages: false + goarch: ${{ matrix.goarch }} + goos: ${{ matrix.goos }} + go-tags: ui + go-version: ${{ needs.product-metadata.outputs.go-version }} + package-name: ${{ needs.product-metadata.outputs.package-name }} + vault-version: ${{ needs.product-metadata.outputs.vault-version }} + secrets: inherit build-linux: - needs: [ product-metadata ] - runs-on: ubuntu-latest + name: Build Vault Linux + needs: product-metadata strategy: matrix: goos: [linux] - goarch: ["arm", "arm64", "386", "amd64"] + goarch: [arm, arm64, 386, amd64] fail-fast: true - - name: Go ${{ matrix.goos }} ${{ matrix.goarch }} build - - steps: - - uses: actions/checkout@v2 - - - name: Setup go - uses: actions/setup-go@v3 - with: - go-version-file: go.mod - - name: Setup node and yarn - uses: actions/setup-node@v2 - with: - node-version: '14' - cache: 'yarn' - cache-dependency-path: 'ui/yarn.lock' - - name: UI Build - run: | - cd ui - yarn install --ignore-optional - npm rebuild node-sass - yarn --verbose run build - cd .. - - name: Build - env: - GOOS: ${{ matrix.goos }} - GOARCH: ${{ matrix.goarch }} - CGO_ENABLED: 0 - run: | - mkdir dist out - GO_TAGS="${{ env.GO_TAGS }}" VAULT_VERSION=${{ needs.product-metadata.outputs.product-base-version }} VAULT_REVISION="$(git rev-parse HEAD)" VAULT_BUILD_DATE="${{ needs.product-metadata.outputs.build-date }}" make build - zip -r -j out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/ - - uses: actions/upload-artifact@v2 - with: - name: ${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - path: out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - - - name: Package - uses: hashicorp/actions-packaging-linux@v1 - with: - name: ${{ github.event.repository.name }} - description: "Vault is a tool for secrets management, encryption as a service, and privileged access management." - arch: ${{ matrix.goarch }} - version: ${{ needs.product-metadata.outputs.product-version }} - maintainer: "HashiCorp" - homepage: "https://github.com/hashicorp/vault" - license: "MPL-2.0" - binary: "dist/${{ env.PKG_NAME }}" - deb_depends: "openssl" - rpm_depends: "openssl" - config_dir: ".release/linux/package/" - preinstall: ".release/linux/preinst" - postinstall: ".release/linux/postinst" - postremove: ".release/linux/postrm" - - name: Add Package names to env - run: | - echo "RPM_PACKAGE=$(basename out/*.rpm)" >> $GITHUB_ENV - echo "DEB_PACKAGE=$(basename out/*.deb)" >> $GITHUB_ENV - - uses: actions/upload-artifact@v2 - with: - name: ${{ env.RPM_PACKAGE }} - path: out/${{ env.RPM_PACKAGE }} - - - uses: actions/upload-artifact@v2 - with: - name: ${{ env.DEB_PACKAGE }} - path: out/${{ env.DEB_PACKAGE }} + uses: ./.github/workflows/build-vault-oss.yml + with: + goarch: ${{ matrix.goarch }} + goos: ${{ matrix.goos }} + go-tags: ui + go-version: ${{ needs.product-metadata.outputs.go-version }} + package-name: ${{ needs.product-metadata.outputs.package-name }} + vault-version: ${{ needs.product-metadata.outputs.vault-version }} + secrets: inherit build-darwin: - needs: [ product-metadata ] - runs-on: macos-latest + name: Build Vault Darwin + needs: product-metadata strategy: matrix: - goos: [ darwin ] - goarch: [ "amd64", "arm64" ] + goos: [darwin] + goarch: [amd64, arm64] fail-fast: true - name: Go ${{ matrix.goos }} ${{ matrix.goarch }} build - steps: - - uses: actions/checkout@v2 - - - name: Setup go - uses: actions/setup-go@v3 - with: - go-version-file: go.mod - - name: Setup node and yarn - uses: actions/setup-node@v2 - with: - node-version: '14' - cache: 'yarn' - cache-dependency-path: 'ui/yarn.lock' - - name: UI Build - run: | - cd ui - yarn install --ignore-optional - npm rebuild node-sass - yarn --verbose run build - cd .. - - name: Build - env: - GOOS: ${{ matrix.goos }} - GOARCH: ${{ matrix.goarch }} - GO_TAGS: "${{ env.GO_TAGS }} netcgo" - CGO_ENABLED: 0 - run: | - mkdir dist out - GO_TAGS="${{ env.GO_TAGS }}" VAULT_VERSION=${{ needs.product-metadata.outputs.product-base-version }} VAULT_REVISION="$(git rev-parse HEAD)" VAULT_BUILD_DATE="${{ needs.product-metadata.outputs.build-date }}" make build - zip -r -j out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/ - - uses: actions/upload-artifact@v2 - with: - name: ${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - path: out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip + uses: ./.github/workflows/build-vault-oss.yml + with: + create-packages: false + goarch: ${{ matrix.goarch }} + goos: ${{ matrix.goos }} + go-tags: ui netcgo + go-version: ${{ needs.product-metadata.outputs.go-version }} + package-name: ${{ needs.product-metadata.outputs.package-name }} + vault-version: ${{ needs.product-metadata.outputs.vault-version }} + secrets: inherit build-docker: - name: Docker ${{ matrix.arch }} build + name: Build Vault Docker needs: - product-metadata - build-linux runs-on: ubuntu-latest strategy: matrix: - arch: ["arm", "arm64", "386", "amd64"] + arch: [arm, arm64, 386, amd64] env: - repo: ${{github.event.repository.name}} - version: ${{needs.product-metadata.outputs.product-version}} + repo: ${{ github.event.repository.name }} + version: ${{ needs.product-metadata.outputs.vault-version }} steps: - - uses: actions/checkout@v2 - - name: Docker Build (Action) - uses: hashicorp/actions-docker-build@v1 + - uses: actions/checkout@v3 + - uses: hashicorp/actions-docker-build@v1 with: - version: ${{env.version}} + version: ${{ env.version }} target: default - arch: ${{matrix.arch}} - zip_artifact_name: ${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_linux_${{ matrix.arch }}.zip + arch: ${{ matrix.arch }} + zip_artifact_name: ${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.vault-version }}_linux_${{ matrix.arch }}.zip tags: | - docker.io/hashicorp/${{env.repo}}:${{env.version}} - public.ecr.aws/hashicorp/${{env.repo}}:${{env.version}} - - enos-test-docker: - name: Enos Docker - # Only run the Enos workflow against branches that are created from the - # hashicorp/vault repository. This has the effect of limiting execution of - # Enos scenarios to branches that originate from authors that have write - # access to hashicorp/vault repository. This is required as Github Actions - # will not populate the required secrets for branches created by outside - # contributors in order to protect the secrets integrity. - if: "! github.event.pull_request.head.repo.fork" - needs: - - product-metadata - - build-docker - uses: ./.github/workflows/enos-run-k8s.yml - with: - artifact-build-date: "${{needs.product-metadata.outputs.build-date}}" - artifact-name: "${{github.event.repository.name}}_default_linux_amd64_${{needs.product-metadata.outputs.product-version}}_${{needs.product-metadata.outputs.product-revision}}.docker.tar" - artifact-revision: "${{needs.product-metadata.outputs.product-revision}}" - artifact-version: "${{needs.product-metadata.outputs.product-version}}" - secrets: inherit + docker.io/hashicorp/${{ env.repo }}:${{ env.version }} + public.ecr.aws/hashicorp/${{ env.repo }}:${{ env.version }} build-ubi: - name: Red Hat UBI ${{ matrix.arch }} build + name: Build Vault Red Hat UBI needs: - product-metadata - build-linux runs-on: ubuntu-latest strategy: matrix: - arch: ["amd64"] + arch: [amd64] env: - repo: ${{github.event.repository.name}} - version: ${{needs.product-metadata.outputs.product-version}} + repo: ${{ github.event.repository.name }} + version: ${{ needs.product-metadata.outputs.vault-version }} steps: - uses: actions/checkout@v2 - - name: Docker Build (Action) - uses: hashicorp/actions-docker-build@v1 + - uses: hashicorp/actions-docker-build@v1 with: - version: ${{env.version}} + version: ${{ env.version }} target: ubi - arch: ${{matrix.arch}} - zip_artifact_name: ${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_linux_${{ matrix.arch }}.zip - redhat_tag: quay.io/redhat-isv-containers/5f89bb5e0b94cf64cfeb500a:${{env.version}}-ubi + arch: ${{ matrix.arch }} + zip_artifact_name: ${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.vault-version }}_linux_${{ matrix.arch }}.zip + redhat_tag: quay.io/redhat-isv-containers/5f89bb5e0b94cf64cfeb500a:${{ env.version }}-ubi enos: name: Enos @@ -311,9 +168,42 @@ jobs: - build-linux uses: ./.github/workflows/enos-run.yml with: - artifact-build-date: "${{needs.product-metadata.outputs.build-date}}" - artifact-name: "vault_${{ needs.product-metadata.outputs.product-version }}_linux_amd64.zip" - artifact-revision: "${{needs.product-metadata.outputs.product-revision}}" - artifact-source: "crt" - artifact-version: "${{needs.product-metadata.outputs.product-version}}" + artifact-build-date: ${{ needs.product-metadata.outputs.build-date }} + artifact-name: vault_${{ needs.product-metadata.outputs.vault-version }}_linux_amd64.zip + artifact-revision: ${{ needs.product-metadata.outputs.vault-revision }} + artifact-source: crt + artifact-version: ${{ needs.product-metadata.outputs.vault-version }} + secrets: inherit + + enos-docker-k8s: + name: Enos Docker K8s + # Only run the Enos workflow against branches that are created from the + # hashicorp/vault repository. This has the effect of limiting execution of + # Enos scenarios to branches that originate from authors that have write + # access to hashicorp/vault repository. This is required as Github Actions + # will not populate the required secrets for branches created by outside + # contributors in order to protect the secrets integrity. + if: "! github.event.pull_request.head.repo.fork" + needs: + - product-metadata + - build-docker + uses: ./.github/workflows/enos-run-k8s.yml + with: + artifact-build-date: ${{ needs.product-metadata.outputs.build-date }} + artifact-name: ${{ github.event.repository.name }}_default_linux_amd64_${{ needs.product-metadata.outputs.vault-version }}_${{ needs.product-metadata.outputs.vault-revision }}.docker.tar + artifact-revision: ${{ needs.product-metadata.outputs.vault-revision }} + artifact-version: ${{ needs.product-metadata.outputs.vault-version }} secrets: inherit + + completed-successfully: + runs-on: ubuntu-latest + needs: + - build-other + - build-linux + - build-darwin + - build-docker + - build-ubi + - enos + - enos-docker-k8s + steps: + - run: echo "All build and integration workflows have succeeded!" diff --git a/.github/workflows/enos-fmt.yml b/.github/workflows/enos-fmt.yml index c10395c8badf8..298b2dc185f1e 100644 --- a/.github/workflows/enos-fmt.yml +++ b/.github/workflows/enos-fmt.yml @@ -22,6 +22,6 @@ jobs: - uses: hashicorp/action-setup-enos@v1 with: github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} - - name: "check formatting" + - name: check formatting working-directory: ./enos run: make check-fmt diff --git a/.github/workflows/enos-run.yml b/.github/workflows/enos-run.yml index 3fbc3192e738c..9a36df973d0f5 100644 --- a/.github/workflows/enos-run.yml +++ b/.github/workflows/enos-run.yml @@ -43,7 +43,7 @@ jobs: id: enos-matrix run: | [[ ${{ env.ARTIFACT_NAME }} == *"ent"* ]] && scenarioFile=$(cat ./.github/enos-run-matrices/${{ env.ARTIFACT_SOURCE }}-ent.json |jq -c .) || scenarioFile=$(cat ./.github/enos-run-matrices/${{ env.ARTIFACT_SOURCE }}-oss.json |jq -c .) - echo "::set-output name=matrix::$scenarioFile" + echo "matrix=$scenarioFile" >> $GITHUB_OUTPUT # Run Integration tests on Enos scenario matrix enos: name: Integration @@ -107,8 +107,6 @@ jobs: ENOS_VAR_aws_ssh_keypair_name: enos-ci-ssh-key ENOS_VAR_aws_ssh_private_key_path: ./support/private_key.pem ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} - ENOS_VAR_artifactory_username: ${{ secrets.ARTIFACTORY_USER }} - ENOS_VAR_artifactory_token: ${{ secrets.ARTIFACTORY_TOKEN }} ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }} ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }} @@ -124,8 +122,6 @@ jobs: ENOS_VAR_aws_ssh_keypair_name: enos-ci-ssh-key ENOS_VAR_aws_ssh_private_key_path: ./support/private_key.pem ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} - ENOS_VAR_artifactory_username: ${{ secrets.ARTIFACTORY_USER }} - ENOS_VAR_artifactory_token: ${{ secrets.ARTIFACTORY_TOKEN }} ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }} ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }} @@ -143,8 +139,6 @@ jobs: ENOS_VAR_aws_ssh_keypair_name: enos-ci-ssh-key ENOS_VAR_aws_ssh_private_key_path: ./support/private_key.pem ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} - ENOS_VAR_artifactory_username: ${{ secrets.ARTIFACTORY_USER }} - ENOS_VAR_artifactory_token: ${{ secrets.ARTIFACTORY_TOKEN }} ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }} ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }} diff --git a/.github/workflows/enos-verify-stable.yml b/.github/workflows/enos-verify-stable.yml index c68836c0f30b1..6c0bf19baa598 100644 --- a/.github/workflows/enos-verify-stable.yml +++ b/.github/workflows/enos-verify-stable.yml @@ -12,8 +12,8 @@ jobs: if: ${{ startsWith(github.event.client_payload.payload.branch, 'release/') }} uses: ./.github/workflows/enos-run.yml with: - artifact-source: "artifactory" - artifact-name: "${{ github.event.client_payload.payload.product }}_${{ github.event.client_payload.payload.version }}_linux_amd64.zip" - artifact-revision: "${{ github.event.client_payload.payload.sha }}" - artifact-version: "${{ github.event.client_payload.payload.version }}" + artifact-source: artifactory + artifact-name: ${{ github.event.client_payload.payload.product }}_${{ github.event.client_payload.payload.version }}_linux_amd64.zip + artifact-revision: ${{ github.event.client_payload.payload.sha }} + artifact-version: ${{ github.event.client_payload.payload.version }} secrets: inherit diff --git a/.github/workflows/remove-labels.yml b/.github/workflows/remove-labels.yml deleted file mode 100644 index 7531e9fdacb97..0000000000000 --- a/.github/workflows/remove-labels.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: Autoremove Labels - -on: - issues: - types: [closed] - pull_request_target: - types: [closed] - -jobs: - - RemoveWaitingLabelFromClosedIssueOrPR: - if: github.event.action == 'closed' - runs-on: ubuntu-latest - steps: - - name: Remove triaging labels from closed issues and PRs - uses: actions-ecosystem/action-remove-labels@v1 - with: - labels: | - waiting-for-response \ No newline at end of file diff --git a/.go-version b/.go-version index 836ae4eda2992..1b92e588b7943 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.19.2 +1.19.3 diff --git a/.release/ci.hcl b/.release/ci.hcl index 64b5ff8d49012..a81f2c731010b 100644 --- a/.release/ci.hcl +++ b/.release/ci.hcl @@ -187,6 +187,7 @@ event "enos-verify-stable" { on = "fail" } } + ## These events are publish and post-publish events and should be added to the end of the file ## after the verify event stanza. diff --git a/CHANGELOG.md b/CHANGELOG.md index fc919199deb7d..bbbea3d397c84 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,109 +1,47 @@ -## 1.13.0 -### Unreleased - -Updates coming soon - -## 1.12.1 -### November 2, 2022 - -IMPROVEMENTS: - -* api: Support VAULT_DISABLE_REDIRECTS environment variable (and --disable-redirects flag) to disable default client behavior and prevent the client following any redirection responses. [[GH-17352](https://github.com/hashicorp/vault/pull/17352)] -* database/snowflake: Allow parallel requests to Snowflake [[GH-17593](https://github.com/hashicorp/vault/pull/17593)] -* plugins: Add plugin version information to key plugin lifecycle log lines. [[GH-17430](https://github.com/hashicorp/vault/pull/17430)] -* sdk/ldap: Added support for paging when searching for groups using group filters [[GH-17640](https://github.com/hashicorp/vault/pull/17640)] - -BUG FIXES: - -* cli: Remove empty table heading for `vault secrets list -detailed` output. [[GH-17577](https://github.com/hashicorp/vault/pull/17577)] -* core/managed-keys (enterprise): Return better error messages when encountering key creation failures -* core/managed-keys (enterprise): Switch to using hash length as PSS Salt length within the test/sign api for better PKCS#11 compatibility -* core: Fix panic caused in Vault Agent when rendering certificate templates [[GH-17419](https://github.com/hashicorp/vault/pull/17419)] -* core: Fixes spurious warnings being emitted relating to "unknown or unsupported fields" for JSON config [[GH-17660](https://github.com/hashicorp/vault/pull/17660)] -* core: prevent memory leak when using control group factors in a policy [[GH-17532](https://github.com/hashicorp/vault/pull/17532)] -* core: prevent panic during mfa after enforcement's namespace is deleted [[GH-17562](https://github.com/hashicorp/vault/pull/17562)] -* kmip (enterprise): Fix a problem in the handling of attributes that caused Import operations to fail. -* kmip (enterprise): Fix selection of Cryptographic Parameters for Encrypt/Decrypt operations. -* login: Store token in tokenhelper for interactive login MFA [[GH-17040](https://github.com/hashicorp/vault/pull/17040)] -* secrets/pki: Respond to tidy-status, tidy-cancel on PR Secondary clusters. [[GH-17497](https://github.com/hashicorp/vault/pull/17497)] -* ui: Fixes oidc/jwt login issue with alternate mount path and jwt login via mount path tab [[GH-17661](https://github.com/hashicorp/vault/pull/17661)] - ## 1.12.0 -### October 13, 2022 +### Unreleased CHANGES: -* api: Exclusively use `GET /sys/plugins/catalog` endpoint for listing plugins, and add `details` field to list responses. [[GH-17347](https://github.com/hashicorp/vault/pull/17347)] -* auth: `GET /sys/auth/:name` endpoint now returns an additional `deprecation_status` field in the response data for builtins. [[GH-16849](https://github.com/hashicorp/vault/pull/16849)] -* auth: `GET /sys/auth` endpoint now returns an additional `deprecation_status` field in the response data for builtins. [[GH-16849](https://github.com/hashicorp/vault/pull/16849)] -* auth: `POST /sys/auth/:type` endpoint response contains a warning for `Deprecated` auth methods. [[GH-17058](https://github.com/hashicorp/vault/pull/17058)] -* auth: `auth enable` returns an error and `POST /sys/auth/:type` endpoint reports an error for `Pending Removal` auth methods. [[GH-17005](https://github.com/hashicorp/vault/pull/17005)] * core/entities: Fixed stranding of aliases upon entity merge, and require explicit selection of which aliases should be kept when some must be deleted [[GH-16539](https://github.com/hashicorp/vault/pull/16539)] -* core: Bump Go version to 1.19.2. +* core: Bump Go version to 1.18.5. * core: Validate input parameters for vault operator init command. Vault 1.12 CLI version is needed to run operator init now. [[GH-16379](https://github.com/hashicorp/vault/pull/16379)] * identity: a request to `/identity/group` that includes `member_group_ids` that contains a cycle will now be responded to with a 400 rather than 500 [[GH-15912](https://github.com/hashicorp/vault/pull/15912)] -* licensing (enterprise): Terminated licenses will no longer result in shutdown. Instead, upgrades will not be allowed if the license expiration time is before the build date of the binary. -* plugins: Add plugin version to auth register, list, and mount table [[GH-16856](https://github.com/hashicorp/vault/pull/16856)] -* plugins: `GET /sys/plugins/catalog/:type/:name` endpoint contains deprecation status for builtin plugins. [[GH-17077](https://github.com/hashicorp/vault/pull/17077)] +* licensing (enterprise): Terminated licenses will no longer result in shutdown. Instead, upgrades +will not be allowed if the license termination time is before the build date of the binary. * plugins: `GET /sys/plugins/catalog/:type/:name` endpoint now returns an additional `version` field in the response data. [[GH-16688](https://github.com/hashicorp/vault/pull/16688)] -* plugins: `GET /sys/plugins/catalog/` endpoint contains deprecation status in `detailed` list. [[GH-17077](https://github.com/hashicorp/vault/pull/17077)] * plugins: `GET /sys/plugins/catalog` endpoint now returns an additional `detailed` field in the response data with a list of additional plugin metadata. [[GH-16688](https://github.com/hashicorp/vault/pull/16688)] -* plugins: `plugin info` displays deprecation status for builtin plugins. [[GH-17077](https://github.com/hashicorp/vault/pull/17077)] -* plugins: `plugin list` now accepts a `-detailed` flag, which display deprecation status and version info. [[GH-17077](https://github.com/hashicorp/vault/pull/17077)] -* secrets/azure: Removed deprecated AAD graph API support from the secrets engine. [[GH-17180](https://github.com/hashicorp/vault/pull/17180)] -* secrets: All database-specific (standalone DB) secrets engines are now marked `Pending Removal`. [[GH-17038](https://github.com/hashicorp/vault/pull/17038)] -* secrets: `GET /sys/mounts/:name` endpoint now returns an additional `deprecation_status` field in the response data for builtins. [[GH-16849](https://github.com/hashicorp/vault/pull/16849)] -* secrets: `GET /sys/mounts` endpoint now returns an additional `deprecation_status` field in the response data for builtins. [[GH-16849](https://github.com/hashicorp/vault/pull/16849)] -* secrets: `POST /sys/mounts/:type` endpoint response contains a warning for `Deprecated` secrets engines. [[GH-17058](https://github.com/hashicorp/vault/pull/17058)] -* secrets: `secrets enable` returns an error and `POST /sys/mount/:type` endpoint reports an error for `Pending Removal` secrets engines. [[GH-17005](https://github.com/hashicorp/vault/pull/17005)] FEATURES: -* **GCP Cloud KMS support for managed keys**: Managed keys now support using GCP Cloud KMS keys -* **LDAP Secrets Engine**: Adds the `ldap` secrets engine with service account check-out functionality for all supported schemas. [[GH-17152](https://github.com/hashicorp/vault/pull/17152)] -* **OCSP Responder**: PKI mounts now have an OCSP responder that implements a subset of RFC6960, answering single serial number OCSP requests for a specific cluster's revoked certificates in a mount. [[GH-16723](https://github.com/hashicorp/vault/pull/16723)] -* **Redis DB Engine**: Adding the new Redis database engine that supports the generation of static and dynamic user roles and root credential rotation on a stand alone Redis server. [[GH-17070](https://github.com/hashicorp/vault/pull/17070)] -* **Redis ElastiCache DB Plugin**: Added Redis ElastiCache as a built-in plugin. [[GH-17075](https://github.com/hashicorp/vault/pull/17075)] * **Secrets/auth plugin multiplexing**: manage multiple plugin configurations with a single plugin process [[GH-14946](https://github.com/hashicorp/vault/pull/14946)] -* **Transform Key Import (BYOK)**: The transform secrets engine now supports importing keys for tokenization and FPE transformations -* HCP (enterprise): Adding foundational support for self-managed vault nodes to securely communicate with [HashiCorp Cloud Platform](https://cloud.hashicorp.com) as an opt-in feature +* secrets/database/hana: Add ability to customize dynamic usernames [[GH-16631](https://github.com/hashicorp/vault/pull/16631)] +* secrets/pki: Add an OCSP responder that implements a subset of RFC6960, answering single serial number OCSP requests for +a specific cluster's revoked certificates in a mount. [[GH-16723](https://github.com/hashicorp/vault/pull/16723)] * ui: UI support for Okta Number Challenge. [[GH-15998](https://github.com/hashicorp/vault/pull/15998)] -* **Plugin Versioning**: Vault supports registering, managing, and running plugins with semantic versions specified. IMPROVEMENTS: -* :core/managed-keys (enterprise): Allow operators to specify PSS signatures and/or hash algorithm for the test/sign api * activity (enterprise): Added new clients unit tests to test accuracy of estimates -* agent/auto-auth: Add `exit_on_err` which when set to true, will cause Agent to exit if any errors are encountered during authentication. [[GH-17091](https://github.com/hashicorp/vault/pull/17091)] * agent: Added `disable_idle_connections` configuration to disable leaving idle connections open in auto-auth, caching and templating. [[GH-15986](https://github.com/hashicorp/vault/pull/15986)] * agent: Added `disable_keep_alives` configuration to disable keep alives in auto-auth, caching and templating. [[GH-16479](https://github.com/hashicorp/vault/pull/16479)] * agent: JWT auto auth now supports a `remove_jwt_after_reading` config option which defaults to true. [[GH-11969](https://github.com/hashicorp/vault/pull/11969)] * agent: Send notifications to systemd on start and stop. [[GH-9802](https://github.com/hashicorp/vault/pull/9802)] * api/mfa: Add namespace path to the MFA read/list endpoint [[GH-16911](https://github.com/hashicorp/vault/pull/16911)] * api: Add a sentinel error for missing KV secrets [[GH-16699](https://github.com/hashicorp/vault/pull/16699)] -* auth/alicloud: Enables AliCloud roles to be compatible with Vault's role based quotas. [[GH-17251](https://github.com/hashicorp/vault/pull/17251)] -* auth/approle: SecretIDs can now be generated with an per-request specified TTL and num_uses. -When either the ttl and num_uses fields are not specified, the role's configuration is used. [[GH-14474](https://github.com/hashicorp/vault/pull/14474)] * auth/aws: PKCS7 signatures will now use SHA256 by default in prep for Go 1.18 [[GH-16455](https://github.com/hashicorp/vault/pull/16455)] -* auth/azure: Enables Azure roles to be compatible with Vault's role based quotas. [[GH-17194](https://github.com/hashicorp/vault/pull/17194)] * auth/cert: Add metadata to identity-alias [[GH-14751](https://github.com/hashicorp/vault/pull/14751)] -* auth/cert: Operators can now specify a CRL distribution point URL, in which case the cert auth engine will fetch and use the CRL from that location rather than needing to push CRLs directly to auth/cert. [[GH-17136](https://github.com/hashicorp/vault/pull/17136)] -* auth/cf: Enables CF roles to be compatible with Vault's role based quotas. [[GH-17196](https://github.com/hashicorp/vault/pull/17196)] * auth/gcp: Add support for GCE regional instance groups [[GH-16435](https://github.com/hashicorp/vault/pull/16435)] -* auth/gcp: Updates dependencies: `google.golang.org/api@v0.83.0`, `github.com/hashicorp/go-gcp-common@v0.8.0`. [[GH-17160](https://github.com/hashicorp/vault/pull/17160)] * auth/jwt: Adds support for Microsoft US Gov L4 to the Azure provider for groups fetching. [[GH-16525](https://github.com/hashicorp/vault/pull/16525)] * auth/jwt: Improves detection of Windows Subsystem for Linux (WSL) for CLI-based logins. [[GH-16525](https://github.com/hashicorp/vault/pull/16525)] * auth/kerberos: add `add_group_aliases` config to include LDAP groups in Vault group aliases [[GH-16890](https://github.com/hashicorp/vault/pull/16890)] -* auth/kerberos: add `remove_instance_name` parameter to the login CLI and the Kerberos config in Vault. This removes any instance names found in the keytab service principal name. [[GH-16594](https://github.com/hashicorp/vault/pull/16594)] -* auth/kubernetes: Role resolution for K8S Auth [[GH-156](https://github.com/hashicorp/vault-plugin-auth-kubernetes/pull/156)] [[GH-17161](https://github.com/hashicorp/vault/pull/17161)] -* auth/oci: Add support for role resolution. [[GH-17212](https://github.com/hashicorp/vault/pull/17212)] +* auth/kerberos: add `remove_instance_name` parameter to the login CLI and the +Kerberos config in Vault. This removes any instance names found in the keytab +service principal name. [[GH-16594](https://github.com/hashicorp/vault/pull/16594)] * auth/oidc: Adds support for group membership parsing when using SecureAuth as an OIDC provider. [[GH-16274](https://github.com/hashicorp/vault/pull/16274)] * cli: CLI commands will print a warning if flags will be ignored because they are passed after positional arguments. [[GH-16441](https://github.com/hashicorp/vault/pull/16441)] -* cli: `auth` and `secrets` list `-detailed` commands now show Deprecation Status for builtin plugins. [[GH-16849](https://github.com/hashicorp/vault/pull/16849)] -* cli: `vault plugin list` now has a `details` field in JSON format, and version and type information in table format. [[GH-17347](https://github.com/hashicorp/vault/pull/17347)] * command/audit: Improve missing type error message [[GH-16409](https://github.com/hashicorp/vault/pull/16409)] * command/server: add `-dev-tls` and `-dev-tls-cert-dir` subcommands to create a Vault dev server with generated certificates and private key. [[GH-16421](https://github.com/hashicorp/vault/pull/16421)] -* command: Fix shell completion for KV v2 mounts [[GH-16553](https://github.com/hashicorp/vault/pull/16553)] * core (enterprise): Add HTTP PATCH support for namespaces with an associated `namespace patch` CLI command * core (enterprise): Add check to `vault server` command to ensure configured storage backend is supported. * core (enterprise): Add custom metadata support for namespaces @@ -114,9 +52,7 @@ When either the ttl and num_uses fields are not specified, the role's configurat * core/quotas (enterprise): Added ability to add role information for lease-count resource quotas, to limit login requests on auth mounts made using that role * core/quotas: Added ability to add path suffixes for rate-limit resource quotas [[GH-15989](https://github.com/hashicorp/vault/pull/15989)] * core/quotas: Added ability to add role information for rate-limit resource quotas, to limit login requests on auth mounts made using that role [[GH-16115](https://github.com/hashicorp/vault/pull/16115)] -* core: Activity log goroutine management improvements to allow tests to be more deterministic. [[GH-17028](https://github.com/hashicorp/vault/pull/17028)] * core: Add `sys/loggers` and `sys/loggers/:name` endpoints to provide ability to modify logging verbosity [[GH-16111](https://github.com/hashicorp/vault/pull/16111)] -* core: Handle and log deprecated builtin mounts. Introduces `VAULT_ALLOW_PENDING_REMOVAL_MOUNTS` to override shutdown and error when attempting to mount `Pending Removal` builtin plugins. [[GH-17005](https://github.com/hashicorp/vault/pull/17005)] * core: Limit activity log client count usage by namespaces [[GH-16000](https://github.com/hashicorp/vault/pull/16000)] * core: Upgrade github.com/hashicorp/raft [[GH-16609](https://github.com/hashicorp/vault/pull/16609)] * core: remove gox [[GH-16353](https://github.com/hashicorp/vault/pull/16353)] @@ -126,12 +62,8 @@ When either the ttl and num_uses fields are not specified, the role's configurat * identity/oidc: allows filtering the list providers response by an allowed_client_id [[GH-16181](https://github.com/hashicorp/vault/pull/16181)] * identity: Prevent possibility of data races on entity creation. [[GH-16487](https://github.com/hashicorp/vault/pull/16487)] * physical/postgresql: pass context to queries to propagate timeouts and cancellations on requests. [[GH-15866](https://github.com/hashicorp/vault/pull/15866)] -* plugins/multiplexing: Added multiplexing support to database plugins if run as external plugins [[GH-16995](https://github.com/hashicorp/vault/pull/16995)] * plugins: Add Deprecation Status method to builtinregistry. [[GH-16846](https://github.com/hashicorp/vault/pull/16846)] -* plugins: Added environment variable flag to opt-out specific plugins from multiplexing [[GH-16972](https://github.com/hashicorp/vault/pull/16972)] -* plugins: Adding version to plugin GRPC interface [[GH-17088](https://github.com/hashicorp/vault/pull/17088)] * plugins: Plugin catalog supports registering and managing plugins with semantic version information. [[GH-16688](https://github.com/hashicorp/vault/pull/16688)] -* replication (enterprise): Fix race in merkle sync that can prevent streaming by returning key value matching provided hash if found in log shipper buffer. * secret/nomad: allow reading CA and client auth certificate from /nomad/config/access [[GH-15809](https://github.com/hashicorp/vault/pull/15809)] * secret/pki: Add RSA PSS signature support for issuing certificates, signing CRLs [[GH-16519](https://github.com/hashicorp/vault/pull/16519)] * secret/pki: Add signature_bits to sign-intermediate, sign-verbatim endpoints [[GH-16124](https://github.com/hashicorp/vault/pull/16124)] @@ -139,21 +71,11 @@ When either the ttl and num_uses fields are not specified, the role's configurat * secret/pki: Allow specifying SKID for cross-signed issuance from older Vault versions. [[GH-16494](https://github.com/hashicorp/vault/pull/16494)] * secret/transit: Allow importing Ed25519 keys from PKCS#8 with inner RFC 5915 ECPrivateKey blobs (NSS-wrapped keys). [[GH-15742](https://github.com/hashicorp/vault/pull/15742)] * secrets/ad: set config default length only if password_policy is missing [[GH-16140](https://github.com/hashicorp/vault/pull/16140)] -* secrets/azure: Adds option to permanently delete AzureAD objects created by Vault. [[GH-17045](https://github.com/hashicorp/vault/pull/17045)] -* secrets/database/hana: Add ability to customize dynamic usernames [[GH-16631](https://github.com/hashicorp/vault/pull/16631)] -* secrets/database/snowflake: Add multiplexing support [[GH-17159](https://github.com/hashicorp/vault/pull/17159)] -* secrets/gcp: Updates dependencies: `google.golang.org/api@v0.83.0`, `github.com/hashicorp/go-gcp-common@v0.8.0`. [[GH-17174](https://github.com/hashicorp/vault/pull/17174)] -* secrets/gcpkms: Update dependencies: google.golang.org/api@v0.83.0. [[GH-17199](https://github.com/hashicorp/vault/pull/17199)] -* secrets/kubernetes: upgrade to v0.2.0 [[GH-17164](https://github.com/hashicorp/vault/pull/17164)] +* secrets/kubernetes: Add allowed_kubernetes_namespace_selector to allow selecting Kubernetes namespaces with a label selector when configuring roles. [[GH-16240](https://github.com/hashicorp/vault/pull/16240)] * secrets/pki/tidy: Add another pair of metrics counting certificates not deleted by the tidy operation. [[GH-16702](https://github.com/hashicorp/vault/pull/16702)] -* secrets/pki: Add a new flag to issue/sign APIs which can filter out root CAs from the returned ca_chain field [[GH-16935](https://github.com/hashicorp/vault/pull/16935)] -* secrets/pki: Add a warning to any successful response when the requested TTL is overwritten by MaxTTL [[GH-17073](https://github.com/hashicorp/vault/pull/17073)] -* secrets/pki: Add ability to cancel tidy operations, control tidy resource usage. [[GH-16958](https://github.com/hashicorp/vault/pull/16958)] * secrets/pki: Add ability to periodically rebuild CRL before expiry [[GH-16762](https://github.com/hashicorp/vault/pull/16762)] * secrets/pki: Add ability to periodically run tidy operations to remove expired certificates. [[GH-16900](https://github.com/hashicorp/vault/pull/16900)] * secrets/pki: Add support for per-issuer Authority Information Access (AIA) URLs [[GH-16563](https://github.com/hashicorp/vault/pull/16563)] -* secrets/pki: Add support to specify signature bits when generating CSRs through intermediate/generate apis [[GH-17388](https://github.com/hashicorp/vault/pull/17388)] -* secrets/pki: Added gauge metrics "secrets.pki.total_revoked_certificates_stored" and "secrets.pki.total_certificates_stored" to track the number of certificates in storage. [[GH-16676](https://github.com/hashicorp/vault/pull/16676)] * secrets/pki: Allow revocation of certificates with explicitly provided certificate (bring your own certificate / BYOC). [[GH-16564](https://github.com/hashicorp/vault/pull/16564)] * secrets/pki: Allow revocation via proving possession of certificate's private key [[GH-16566](https://github.com/hashicorp/vault/pull/16566)] * secrets/pki: Allow tidy to associate revoked certs with their issuers for OCSP performance [[GH-16871](https://github.com/hashicorp/vault/pull/16871)] @@ -163,140 +85,72 @@ When either the ttl and num_uses fields are not specified, the role's configurat * secrets/ssh: Add allowed_domains_template to allow templating of allowed_domains. [[GH-16056](https://github.com/hashicorp/vault/pull/16056)] * secrets/ssh: Allow additional text along with a template definition in defaultExtension value fields. [[GH-16018](https://github.com/hashicorp/vault/pull/16018)] * secrets/ssh: Allow the use of Identity templates in the `default_user` field [[GH-16351](https://github.com/hashicorp/vault/pull/16351)] -* secrets/transit: Add a dedicated HMAC key type, which can be used with key import. [[GH-16668](https://github.com/hashicorp/vault/pull/16668)] -* secrets/transit: Added a parameter to encrypt/decrypt batch operations to allow the caller to override the HTTP response code in case of partial user-input failures. [[GH-17118](https://github.com/hashicorp/vault/pull/17118)] -* secrets/transit: Allow configuring the possible salt lengths for RSA PSS signatures. [[GH-16549](https://github.com/hashicorp/vault/pull/16549)] * ssh: Addition of an endpoint `ssh/issue/:role` to allow the creation of signed key pairs [[GH-15561](https://github.com/hashicorp/vault/pull/15561)] * storage/cassandra: tuning parameters for clustered environments `connection_timeout`, `initial_connection_timeout`, `simple_retry_policy_retries`. [[GH-10467](https://github.com/hashicorp/vault/pull/10467)] * storage/gcs: Add documentation explaining how to configure the gcs backend using environment variables instead of options in the configuration stanza [[GH-14455](https://github.com/hashicorp/vault/pull/14455)] * ui: Changed the tokenBoundCidrs tooltip content to clarify that comma separated values are not accepted in this field. [[GH-15852](https://github.com/hashicorp/vault/pull/15852)] -* ui: Prevents requests to /sys/internal/ui/resultant-acl endpoint when unauthenticated [[GH-17139](https://github.com/hashicorp/vault/pull/17139)] * ui: Removed deprecated version of core-js 2.6.11 [[GH-15898](https://github.com/hashicorp/vault/pull/15898)] * ui: Renamed labels under Tools for wrap, lookup, rewrap and unwrap with description. [[GH-16489](https://github.com/hashicorp/vault/pull/16489)] -* ui: Replaces non-inclusive terms [[GH-17116](https://github.com/hashicorp/vault/pull/17116)] * ui: redirect_to param forwards from auth route when authenticated [[GH-16821](https://github.com/hashicorp/vault/pull/16821)] * website/docs: API generate-recovery-token documentation. [[GH-16213](https://github.com/hashicorp/vault/pull/16213)] -* website/docs: Add documentation around the expensiveness of making lots of lease count quotas in a short period [[GH-16950](https://github.com/hashicorp/vault/pull/16950)] -* website/docs: Removes mentions of unauthenticated from internal ui resultant-acl doc [[GH-17139](https://github.com/hashicorp/vault/pull/17139)] * website/docs: Update replication docs to mention Integrated Storage [[GH-16063](https://github.com/hashicorp/vault/pull/16063)] -* website/docs: changed to echo for all string examples instead of (<<<) here-string. [[GH-9081](https://github.com/hashicorp/vault/pull/9081)] +* website/docs: changed to echo for all string examples instead of (<<<) here-string. [[GH-9081](https://github.com/hashicorp/vault/pull/9081)] BUG FIXES: * agent/template: Fix parsing error for the exec stanza [[GH-16231](https://github.com/hashicorp/vault/pull/16231)] -* agent: Agent will now respect `max_retries` retry configuration even when caching is set. [[GH-16970](https://github.com/hashicorp/vault/pull/16970)] * agent: Update consul-template for pkiCert bug fixes [[GH-16087](https://github.com/hashicorp/vault/pull/16087)] * api/sys/internal/specs/openapi: support a new "dynamic" query parameter to generate generic mountpaths [[GH-15835](https://github.com/hashicorp/vault/pull/15835)] * api: Fixed erroneous warnings of unrecognized parameters when unwrapping data. [[GH-16794](https://github.com/hashicorp/vault/pull/16794)] * api: Fixed issue with internal/ui/mounts and internal/ui/mounts/(?P.+) endpoints where it was not properly handling /auth/ [[GH-15552](https://github.com/hashicorp/vault/pull/15552)] * api: properly handle switching to/from unix domain socket when changing client address [[GH-11904](https://github.com/hashicorp/vault/pull/11904)] -* auth/cert: Vault does not initially load the CRLs in cert auth unless the read/write CRL endpoint is hit. [[GH-17138](https://github.com/hashicorp/vault/pull/17138)] * auth/kerberos: Maintain headers set by the client [[GH-16636](https://github.com/hashicorp/vault/pull/16636)] -* auth/kubernetes: Restore support for JWT signature algorithm ES384 [[GH-160](https://github.com/hashicorp/vault-plugin-auth-kubernetes/pull/160)] [[GH-17161](https://github.com/hashicorp/vault/pull/17161)] -* auth/token: Fix ignored parameter warnings for valid parameters on token create [[GH-16938](https://github.com/hashicorp/vault/pull/16938)] * command/debug: fix bug where monitor was not honoring configured duration [[GH-16834](https://github.com/hashicorp/vault/pull/16834)] * core (enterprise): Fix bug where wrapping token lookup does not work within namespaces. [[GH-15583](https://github.com/hashicorp/vault/pull/15583)] * core (enterprise): Fix creation of duplicate entities via alias metadata changes on local auth mounts. * core/auth: Return a 403 instead of a 500 for a malformed SSCT [[GH-16112](https://github.com/hashicorp/vault/pull/16112)] * core/identity: Replicate member_entity_ids and policies in identity/group across nodes identically [[GH-16088](https://github.com/hashicorp/vault/pull/16088)] * core/license (enterprise): Always remove stored license and allow unseal to complete when license cleanup fails -* core/managed-keys (enterprise): fix panic when having `cache_disable` true * core/quotas (enterprise): Fixed issue with improper counting of leases if lease count quota created after leases * core/quotas: Added globbing functionality on the end of path suffix quota paths [[GH-16386](https://github.com/hashicorp/vault/pull/16386)] -* core/quotas: Fix goroutine leak caused by the seal process not fully cleaning up Rate Limit Quotas. [[GH-17281](https://github.com/hashicorp/vault/pull/17281)] * core/replication (enterprise): Don't flush merkle tree pages to disk after losing active duty * core/seal: Fix possible keyring truncation when using the file backend. [[GH-15946](https://github.com/hashicorp/vault/pull/15946)] -* core: Fix panic when the plugin catalog returns neither a plugin nor an error. [[GH-17204](https://github.com/hashicorp/vault/pull/17204)] * core: Fixes parsing boolean values for ha_storage backends in config [[GH-15900](https://github.com/hashicorp/vault/pull/15900)] * core: Increase the allowed concurrent gRPC streams over the cluster port. [[GH-16327](https://github.com/hashicorp/vault/pull/16327)] -* core: Prevent two or more DR failovers from invalidating SSCT tokens generated on the previous primaries. [[GH-16956](https://github.com/hashicorp/vault/pull/16956)] * database: Invalidate queue should cancel context first to avoid deadlock [[GH-15933](https://github.com/hashicorp/vault/pull/15933)] * debug: Fix panic when capturing debug bundle on Windows [[GH-14399](https://github.com/hashicorp/vault/pull/14399)] * debug: Remove extra empty lines from vault.log when debug command is run [[GH-16714](https://github.com/hashicorp/vault/pull/16714)] * identity (enterprise): Fix a data race when creating an entity for a local alias. -* identity/oidc: Adds `claims_supported` to discovery document. [[GH-16992](https://github.com/hashicorp/vault/pull/16992)] * identity/oidc: Change the `state` parameter of the Authorization Endpoint to optional. [[GH-16599](https://github.com/hashicorp/vault/pull/16599)] -* identity/oidc: Detect invalid `redirect_uri` values sooner in validation of the Authorization Endpoint. [[GH-16601](https://github.com/hashicorp/vault/pull/16601)] +* identity/oidc: Detect invalid `redirect_uri` values sooner in validation of the +Authorization Endpoint. [[GH-16601](https://github.com/hashicorp/vault/pull/16601)] * identity/oidc: Fixes validation of the `request` and `request_uri` parameters. [[GH-16600](https://github.com/hashicorp/vault/pull/16600)] * openapi: Fixed issue where information about /auth/token endpoints was not present with explicit policy permissions [[GH-15552](https://github.com/hashicorp/vault/pull/15552)] * plugin/multiplexing: Fix panic when id doesn't exist in connection map [[GH-16094](https://github.com/hashicorp/vault/pull/16094)] * plugin/secrets/auth: Fix a bug with aliased backends such as aws-ec2 or generic [[GH-16673](https://github.com/hashicorp/vault/pull/16673)] -* plugins: Corrected the path to check permissions on when the registered plugin name does not match the plugin binary's filename. [[GH-17340](https://github.com/hashicorp/vault/pull/17340)] * quotas/lease-count: Fix lease-count quotas on mounts not properly being enforced when the lease generating request is a read [[GH-15735](https://github.com/hashicorp/vault/pull/15735)] * replication (enterprise): Fix data race in SaveCheckpoint() * replication (enterprise): Fix data race in saveCheckpoint. -* replication (enterprise): Fix possible data race during merkle diff/sync * secret/pki: Do not fail validation with a legacy key_bits default value and key_type=any when signing CSRs [[GH-16246](https://github.com/hashicorp/vault/pull/16246)] * secrets/database: Fix a bug where the secret engine would queue up a lot of WAL deletes during startup. [[GH-16686](https://github.com/hashicorp/vault/pull/16686)] * secrets/gcp: Fixes duplicate static account key creation from performance secondary clusters. [[GH-16534](https://github.com/hashicorp/vault/pull/16534)] * secrets/kv: Fix `kv get` issue preventing the ability to read a secret when providing a leading slash [[GH-16443](https://github.com/hashicorp/vault/pull/16443)] * secrets/pki: Allow import of issuers without CRLSign KeyUsage; prohibit setting crl-signing usage on such issuers [[GH-16865](https://github.com/hashicorp/vault/pull/16865)] -* secrets/pki: Do not ignore provided signature bits value when signing intermediate and leaf certificates with a managed key [[GH-17328](https://github.com/hashicorp/vault/pull/17328)] -* secrets/pki: Do not read revoked certificates from backend when CRL is disabled [[GH-17385](https://github.com/hashicorp/vault/pull/17385)] * secrets/pki: Fix migration to properly handle mounts that contain only keys, no certificates [[GH-16813](https://github.com/hashicorp/vault/pull/16813)] * secrets/pki: Ignore EC PARAMETER PEM blocks during issuer import (/config/ca, /issuers/import/*, and /intermediate/set-signed) [[GH-16721](https://github.com/hashicorp/vault/pull/16721)] * secrets/pki: LIST issuers endpoint is now unauthenticated. [[GH-16830](https://github.com/hashicorp/vault/pull/16830)] -* secrets/transform (enterprise): Fix an issue loading tokenization transform configuration after a specific sequence of reconfigurations. -* secrets/transform (enterprise): Fix persistence problem with tokenization store credentials. * storage/raft (enterprise): Fix some storage-modifying RPCs used by perf standbys that weren't returning the resulting WAL state. * storage/raft (enterprise): Prevent unauthenticated voter status change with rejoin [[GH-16324](https://github.com/hashicorp/vault/pull/16324)] * storage/raft: Fix retry_join initialization failure [[GH-16550](https://github.com/hashicorp/vault/pull/16550)] -* storage/raft: Nodes no longer get demoted to nonvoter if we don't know their version due to missing heartbeats. [[GH-17019](https://github.com/hashicorp/vault/pull/17019)] -* ui/keymgmt: Sets the defaultValue for type when creating a key. [[GH-17407](https://github.com/hashicorp/vault/pull/17407)] * ui: Fix OIDC callback to accept namespace flag in different formats [[GH-16886](https://github.com/hashicorp/vault/pull/16886)] * ui: Fix info tooltip submitting form [[GH-16659](https://github.com/hashicorp/vault/pull/16659)] * ui: Fix issue logging in with JWT auth method [[GH-16466](https://github.com/hashicorp/vault/pull/16466)] * ui: Fix lease force revoke action [[GH-16930](https://github.com/hashicorp/vault/pull/16930)] * ui: Fix naming of permitted_dns_domains form parameter on CA creation (root generation and sign intermediate). [[GH-16739](https://github.com/hashicorp/vault/pull/16739)] * ui: Fixed bug where red spellcheck underline appears in sensitive/secret kv values when it should not appear [[GH-15681](https://github.com/hashicorp/vault/pull/15681)] -* ui: Fixes secret version and status menu links transitioning to auth screen [[GH-16983](https://github.com/hashicorp/vault/pull/16983)] * ui: OIDC login type uses localStorage instead of sessionStorage [[GH-16170](https://github.com/hashicorp/vault/pull/16170)] * vault: Fix a bug where duplicate policies could be added to an identity group. [[GH-15638](https://github.com/hashicorp/vault/pull/15638)] -## 1.11.5 -### November 2, 2022 - -IMPROVEMENTS: - -* database/snowflake: Allow parallel requests to Snowflake [[GH-17594](https://github.com/hashicorp/vault/pull/17594)] -* sdk/ldap: Added support for paging when searching for groups using group filters [[GH-17640](https://github.com/hashicorp/vault/pull/17640)] - -BUG FIXES: - -* core/managed-keys (enterprise): Return better error messages when encountering key creation failures -* core/managed-keys (enterprise): fix panic when having `cache_disable` true -* core: prevent memory leak when using control group factors in a policy [[GH-17532](https://github.com/hashicorp/vault/pull/17532)] -* core: prevent panic during mfa after enforcement's namespace is deleted [[GH-17562](https://github.com/hashicorp/vault/pull/17562)] -* kmip (enterprise): Fix a problem in the handling of attributes that caused Import operations to fail. -* login: Store token in tokenhelper for interactive login MFA [[GH-17040](https://github.com/hashicorp/vault/pull/17040)] -* secrets/pki: Do not ignore provided signature bits value when signing intermediate and leaf certificates with a managed key [[GH-17328](https://github.com/hashicorp/vault/pull/17328)] -* secrets/pki: Do not read revoked certificates from backend when CRL is disabled [[GH-17384](https://github.com/hashicorp/vault/pull/17384)] -* secrets/pki: Respond to tidy-status, tidy-cancel on PR Secondary clusters. [[GH-17497](https://github.com/hashicorp/vault/pull/17497)] -* ui/keymgmt: Sets the defaultValue for type when creating a key. [[GH-17407](https://github.com/hashicorp/vault/pull/17407)] -* ui: Fixes oidc/jwt login issue with alternate mount path and jwt login via mount path tab [[GH-17661](https://github.com/hashicorp/vault/pull/17661)] - -## 1.11.4 -### September 30, 2022 - -IMPROVEMENTS: - -* agent/auto-auth: Add `exit_on_err` which when set to true, will cause Agent to exit if any errors are encountered during authentication. [[GH-17091](https://github.com/hashicorp/vault/pull/17091)] -* agent: Send notifications to systemd on start and stop. [[GH-9802](https://github.com/hashicorp/vault/pull/9802)] - -BUG FIXES: - -* auth/cert: Vault does not initially load the CRLs in cert auth unless the read/write CRL endpoint is hit. [[GH-17138](https://github.com/hashicorp/vault/pull/17138)] -* auth/kubernetes: Restore support for JWT signature algorithm ES384 [[GH-160](https://github.com/hashicorp/vault-plugin-auth-kubernetes/pull/160)] [[GH-17162](https://github.com/hashicorp/vault/pull/17162)] -* auth/token: Fix ignored parameter warnings for valid parameters on token create [[GH-16938](https://github.com/hashicorp/vault/pull/16938)] -* core/quotas: Fix goroutine leak caused by the seal process not fully cleaning up Rate Limit Quotas. [[GH-17281](https://github.com/hashicorp/vault/pull/17281)] -* core: Prevent two or more DR failovers from invalidating SSCT tokens generated on the previous primaries. [[GH-16956](https://github.com/hashicorp/vault/pull/16956)] -* identity/oidc: Adds `claims_supported` to discovery document. [[GH-16992](https://github.com/hashicorp/vault/pull/16992)] -* replication (enterprise): Fix data race in SaveCheckpoint() -* secrets/transform (enterprise): Fix an issue loading tokenization transform configuration after a specific sequence of reconfigurations. -* secrets/transform (enterprise): Fix persistence problem with tokenization store credentials. -* ui: Fixes secret version and status menu links transitioning to auth screen [[GH-16983](https://github.com/hashicorp/vault/pull/16983)] -* ui: Fixes secret version and status menu links transitioning to auth screen [[GH-16983](https://github.com/hashicorp/vault/pull/16983)] - ## 1.11.3 ### August 31, 2022 @@ -335,11 +189,7 @@ Authorization Endpoint. [[GH-16601](https://github.com/hashicorp/vault/pull/1660 * ui: Fix OIDC callback to accept namespace flag in different formats [[GH-16886](https://github.com/hashicorp/vault/pull/16886)] * ui: Fix info tooltip submitting form [[GH-16659](https://github.com/hashicorp/vault/pull/16659)] * ui: Fix naming of permitted_dns_domains form parameter on CA creation (root generation and sign intermediate). [[GH-16739](https://github.com/hashicorp/vault/pull/16739)] - -SECURITY: - -* identity/entity: When entity aliases mapped to a single entity share the same alias name, but have different mount accessors, Vault can leak metadata between the aliases. This metadata leak may result in unexpected access if templated policies are using alias metadata for path names. [[HCSEC-2022-18](https://discuss.hashicorp.com/t/hcsec-2022-18-vault-entity-alias-metadata-may-leak-between-aliases-with-the-same-name-assigned-to-the-same-entity/44550)] - + ## 1.11.2 ### August 2, 2022 @@ -353,7 +203,7 @@ BUG FIXES: * core: Increase the allowed concurrent gRPC streams over the cluster port. [[GH-16327](https://github.com/hashicorp/vault/pull/16327)] * secrets/kv: Fix `kv get` issue preventing the ability to read a secret when providing a leading slash [[GH-16443](https://github.com/hashicorp/vault/pull/16443)] * ui: Fix issue logging in with JWT auth method [[GH-16466](https://github.com/hashicorp/vault/pull/16466)] - + ## 1.11.1 ### July 21, 2022 @@ -380,11 +230,11 @@ BUG FIXES: * storage/raft (enterprise): Prevent unauthenticated voter status change with rejoin [[GH-16324](https://github.com/hashicorp/vault/pull/16324)] * transform (enterprise): Fix a bug in the handling of nested or unmatched capture groups in FPE transformations. * ui: OIDC login type uses localStorage instead of sessionStorage [[GH-16170](https://github.com/hashicorp/vault/pull/16170)] - + SECURITY: * storage/raft (enterprise): Vault Enterprise (“Vault”) clusters using Integrated Storage expose an unauthenticated API endpoint that could be abused to override the voter status of a node within a Vault HA cluster, introducing potential for future data loss or catastrophic failure. This vulnerability, CVE-2022-36129, was fixed in Vault 1.9.8, 1.10.5, and 1.11.1. [[HCSEC-2022-15](https://discuss.hashicorp.com/t/hcsec-2022-15-vault-enterprise-does-not-verify-existing-voter-status-when-joining-an-integrated-storage-ha-node/42420)] - + ## 1.11.0 ### June 20, 2022 @@ -608,34 +458,6 @@ rebuilt upon changes to the list of issuers. [[GH-15179](https://github.com/hash * ui: fix search-select component showing blank selections when editing group member entity [[GH-15058](https://github.com/hashicorp/vault/pull/15058)] * ui: masked values no longer give away length or location of special characters [[GH-15025](https://github.com/hashicorp/vault/pull/15025)] -## 1.10.8 -### November 2, 2022 - -BUG FIXES: - -* core/managed-keys (enterprise): Return better error messages when encountering key creation failures -* core/managed-keys (enterprise): fix panic when having `cache_disable` true -* core: prevent memory leak when using control group factors in a policy [[GH-17532](https://github.com/hashicorp/vault/pull/17532)] -* core: prevent panic during mfa after enforcement's namespace is deleted [[GH-17562](https://github.com/hashicorp/vault/pull/17562)] -* login: Store token in tokenhelper for interactive login MFA [[GH-17040](https://github.com/hashicorp/vault/pull/17040)] -* secrets/pki: Do not ignore provided signature bits value when signing intermediate and leaf certificates with a managed key [[GH-17328](https://github.com/hashicorp/vault/pull/17328)] -* secrets/pki: Respond to tidy-status, tidy-cancel on PR Secondary clusters. [[GH-17497](https://github.com/hashicorp/vault/pull/17497)] -* ui: Fixes oidc/jwt login issue with alternate mount path and jwt login via mount path tab [[GH-17661](https://github.com/hashicorp/vault/pull/17661)] - -## 1.10.7 -### September 30, 2022 - -BUG FIXES: - -* auth/cert: Vault does not initially load the CRLs in cert auth unless the read/write CRL endpoint is hit. [[GH-17138](https://github.com/hashicorp/vault/pull/17138)] -* core/quotas: Fix goroutine leak caused by the seal process not fully cleaning up Rate Limit Quotas. [[GH-17281](https://github.com/hashicorp/vault/pull/17281)] -* core: Prevent two or more DR failovers from invalidating SSCT tokens generated on the previous primaries. [[GH-16956](https://github.com/hashicorp/vault/pull/16956)] -* identity/oidc: Adds `claims_supported` to discovery document. [[GH-16992](https://github.com/hashicorp/vault/pull/16992)] -* replication (enterprise): Fix data race in SaveCheckpoint() -* secrets/transform (enterprise): Fix an issue loading tokenization transform configuration after a specific sequence of reconfigurations. -* secrets/transform (enterprise): Fix persistence problem with tokenization store credentials. -* ui: Fix lease force revoke action [[GH-16930](https://github.com/hashicorp/vault/pull/16930)] - ## 1.10.6 ### August 31, 2022 @@ -664,10 +486,6 @@ Authorization Endpoint. [[GH-16601](https://github.com/hashicorp/vault/pull/1660 * ui: Fix OIDC callback to accept namespace flag in different formats [[GH-16886](https://github.com/hashicorp/vault/pull/16886)] * ui: Fix issue logging in with JWT auth method [[GH-16466](https://github.com/hashicorp/vault/pull/16466)] * ui: Fix naming of permitted_dns_domains form parameter on CA creation (root generation and sign intermediate). [[GH-16739](https://github.com/hashicorp/vault/pull/16739)] - -SECURITY: - -* identity/entity: When entity aliases mapped to a single entity share the same alias name, but have different mount accessors, Vault can leak metadata between the aliases. This metadata leak may result in unexpected access if templated policies are using alias metadata for path names. [[HCSEC-2022-18](https://discuss.hashicorp.com/t/hcsec-2022-18-vault-entity-alias-metadata-may-leak-between-aliases-with-the-same-name-assigned-to-the-same-entity/44550)] ## 1.10.5 ### July 21, 2022 @@ -1026,15 +844,6 @@ operation for upgraded configurations with a `root_password_ttl` of zero. [[GH-1 * ui: Removes ability to tune token_type for token auth methods [[GH-12904](https://github.com/hashicorp/vault/pull/12904)] * ui: trigger token renewal if inactive and half of TTL has passed [[GH-13950](https://github.com/hashicorp/vault/pull/13950)] -## 1.9.10 -### September 30, 2022 - -BUG FIXES: - -* auth/cert: Vault does not initially load the CRLs in cert auth unless the read/write CRL endpoint is hit. [[GH-17138](https://github.com/hashicorp/vault/pull/17138)] -* replication (enterprise): Fix data race in SaveCheckpoint() -* ui: Fix lease force revoke action [[GH-16930](https://github.com/hashicorp/vault/pull/16930)] - ## 1.9.9 ### August 31, 2022 @@ -1051,10 +860,6 @@ BUG FIXES: * ui: Fix OIDC callback to accept namespace flag in different formats [[GH-16886](https://github.com/hashicorp/vault/pull/16886)] * ui: Fix issue logging in with JWT auth method [[GH-16466](https://github.com/hashicorp/vault/pull/16466)] -SECURITY: - -* identity/entity: When entity aliases mapped to a single entity share the same alias name, but have different mount accessors, Vault can leak metadata between the aliases. This metadata leak may result in unexpected access if templated policies are using alias metadata for path names. [[HCSEC-2022-18](https://discuss.hashicorp.com/t/hcsec-2022-18-vault-entity-alias-metadata-may-leak-between-aliases-with-the-same-name-assigned-to-the-same-entity/44550)] - ## 1.9.8 ### July 21, 2022 diff --git a/CODEOWNERS b/CODEOWNERS index ab15ced9eb96c..1c120e00fa11e 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -25,12 +25,12 @@ /plugins/ @hashicorp/vault-ecosystem /vault/plugin_catalog.go @hashicorp/vault-ecosystem - -/website/content/docs/plugin-portal.mdx @acahn +/website/content/ @taoism4504 +/website/content/docs/plugin-portal.mdx @taoism4504 @acahn # Plugin docs -/website/content/docs/plugins/ @fairclothjm -/website/content/docs/upgrading/plugins.mdx @fairclothjm +/website/content/docs/plugins/ @taoism4504 @fairclothjm +/website/content/docs/upgrading/plugins.mdx @taoism4504 @fairclothjm # UI code related to Vault's JWT/OIDC auth method and OIDC provider. # Changes to these files often require coordination with backend code, diff --git a/Dockerfile b/Dockerfile index eb55b3b5fd193..9041da20ff9db 100644 --- a/Dockerfile +++ b/Dockerfile @@ -71,7 +71,7 @@ CMD ["server", "-dev"] ## UBI DOCKERFILE ## -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 as ubi +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.7 as ubi ARG BIN_NAME # PRODUCT_VERSION is the version built dist/$TARGETOS/$TARGETARCH/$BIN_NAME, diff --git a/LICENSE b/LICENSE index f4f97ee5853a2..e87a115e462e1 100644 --- a/LICENSE +++ b/LICENSE @@ -1,5 +1,3 @@ -Copyright (c) 2015 HashiCorp, Inc. - Mozilla Public License, version 2.0 1. Definitions diff --git a/Makefile b/Makefile index b40ad9b853047..516e4ed17f0e2 100644 --- a/Makefile +++ b/Makefile @@ -16,7 +16,7 @@ SED?=$(shell command -v gsed || command -v sed) GO_VERSION_MIN=$$(cat $(CURDIR)/.go_version) -PROTOC_VERSION_MIN=3.21.7 +PROTOC_VERSION_MIN=3.21.5 GO_CMD?=go CGO_ENABLED?=0 ifneq ($(FDB_ENABLED), ) @@ -254,18 +254,48 @@ ci-verify: .NOTPARALLEL: ember-dist ember-dist-dev -.PHONY: build -# This is used for release builds by .github/workflows/build.yml -build: - @echo "--> Building Vault $(VAULT_VERSION)" - @go build -v -tags "$(GO_TAGS)" -ldflags " -s -w -X github.com/hashicorp/vault/sdk/version.Version=$(VAULT_VERSION) -X github.com/hashicorp/vault/sdk/version.GitCommit=$(VAULT_REVISION) -X github.com/hashicorp/vault/sdk/version.BuildDate=$(VAULT_BUILD_DATE)" -o dist/ - -.PHONY: version -# This is used for release builds by .github/workflows/build.yml -version: - @$(CURDIR)/scripts/version.sh sdk/version/version_base.go - -.PHONY: build-date -# This is used for release builds by .github/workflows/build.yml -build-date: - @$(CURDIR)/scripts/build_date.sh +# These crt targets are used for release builds by .github/workflows/build.yml +# and for artifact_source:local Enos scenario variants. +.PHONY: crt-build +crt-build: + @$(CURDIR)/scripts/crt-builder.sh build + +.PHONY: crt-build-ui +crt-build-ui: + @$(CURDIR)/scripts/crt-builder.sh build-ui + +.PHONY: crt-bundle +crt-bundle: + @$(CURDIR)/scripts/crt-builder.sh bundle + +.PHONY: crt-get-artifact-basename +crt-get-artifact-basename: + @$(CURDIR)/scripts/crt-builder.sh artifact-basename + +.PHONY: crt-get-date +crt-get-date: + @$(CURDIR)/scripts/crt-builder.sh date + +.PHONY: crt-get-revision +crt-get-revision: + @$(CURDIR)/scripts/crt-builder.sh revision + +.PHONY: crt-get-version +crt-get-version: + @$(CURDIR)/scripts/crt-builder.sh version + +.PHONY: crt-get-version-base +crt-get-version-base: + @$(CURDIR)/scripts/crt-builder.sh version-base + +.PHONY: crt-get-version-pre +crt-get-version-pre: + @$(CURDIR)/scripts/crt-builder.sh version-pre + +.PHONY: crt-get-version-meta +crt-get-version-meta: + @$(CURDIR)/scripts/crt-builder.sh version-meta + +.PHONY: crt-prepare-legal +crt-prepare-legal: + @$(CURDIR)/scripts/crt-builder.sh prepare-legal diff --git a/api/auth/approle/go.mod b/api/auth/approle/go.mod index 5270376f6e696..b3d871b887ad6 100644 --- a/api/auth/approle/go.mod +++ b/api/auth/approle/go.mod @@ -2,4 +2,4 @@ module github.com/hashicorp/vault/api/auth/approle go 1.16 -require github.com/hashicorp/vault/api v1.8.1 +require github.com/hashicorp/vault/api v1.8.0 diff --git a/api/auth/approle/go.sum b/api/auth/approle/go.sum index c0a9666e8dd45..c7835a3bf723f 100644 --- a/api/auth/approle/go.sum +++ b/api/auth/approle/go.sum @@ -133,8 +133,8 @@ github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+l github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/vault/api v1.8.1 h1:bMieWIe6dAlqAAPReZO/8zYtXaWUg/21umwqGZpEjCI= -github.com/hashicorp/vault/api v1.8.1/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= +github.com/hashicorp/vault/api v1.8.0 h1:7765sW1XBt+qf4XKIYE4ebY9qc/yi9V2/egzGSUNMZU= +github.com/hashicorp/vault/api v1.8.0/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= github.com/hashicorp/vault/sdk v0.6.0 h1:6Z+In5DXHiUfZvIZdMx7e2loL1PPyDjA4bVh9ZTIAhs= github.com/hashicorp/vault/sdk v0.6.0/go.mod h1:+DRpzoXIdMvKc88R4qxr+edwy/RvH5QK8itmxLiDHLc= github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= diff --git a/api/auth/aws/go.mod b/api/auth/aws/go.mod index 2174d38c41212..6ccdb0f4e1dde 100644 --- a/api/auth/aws/go.mod +++ b/api/auth/aws/go.mod @@ -7,5 +7,5 @@ require ( github.com/hashicorp/go-hclog v0.16.2 github.com/hashicorp/go-secure-stdlib/awsutil v0.1.6 github.com/hashicorp/go-uuid v1.0.2 - github.com/hashicorp/vault/api v1.8.1 + github.com/hashicorp/vault/api v1.8.0 ) diff --git a/api/auth/aws/go.sum b/api/auth/aws/go.sum index 1af5e11246b02..0d29275b814c1 100644 --- a/api/auth/aws/go.sum +++ b/api/auth/aws/go.sum @@ -138,8 +138,8 @@ github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+l github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/vault/api v1.8.1 h1:bMieWIe6dAlqAAPReZO/8zYtXaWUg/21umwqGZpEjCI= -github.com/hashicorp/vault/api v1.8.1/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= +github.com/hashicorp/vault/api v1.8.0 h1:7765sW1XBt+qf4XKIYE4ebY9qc/yi9V2/egzGSUNMZU= +github.com/hashicorp/vault/api v1.8.0/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= github.com/hashicorp/vault/sdk v0.6.0 h1:6Z+In5DXHiUfZvIZdMx7e2loL1PPyDjA4bVh9ZTIAhs= github.com/hashicorp/vault/sdk v0.6.0/go.mod h1:+DRpzoXIdMvKc88R4qxr+edwy/RvH5QK8itmxLiDHLc= github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= diff --git a/api/auth/azure/go.mod b/api/auth/azure/go.mod index d00993f8eb03c..becdcd90e12a0 100644 --- a/api/auth/azure/go.mod +++ b/api/auth/azure/go.mod @@ -2,4 +2,4 @@ module github.com/hashicorp/vault/api/auth/azure go 1.16 -require github.com/hashicorp/vault/api v1.8.1 +require github.com/hashicorp/vault/api v1.8.0 diff --git a/api/auth/azure/go.sum b/api/auth/azure/go.sum index c0a9666e8dd45..c7835a3bf723f 100644 --- a/api/auth/azure/go.sum +++ b/api/auth/azure/go.sum @@ -133,8 +133,8 @@ github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+l github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/vault/api v1.8.1 h1:bMieWIe6dAlqAAPReZO/8zYtXaWUg/21umwqGZpEjCI= -github.com/hashicorp/vault/api v1.8.1/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= +github.com/hashicorp/vault/api v1.8.0 h1:7765sW1XBt+qf4XKIYE4ebY9qc/yi9V2/egzGSUNMZU= +github.com/hashicorp/vault/api v1.8.0/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= github.com/hashicorp/vault/sdk v0.6.0 h1:6Z+In5DXHiUfZvIZdMx7e2loL1PPyDjA4bVh9ZTIAhs= github.com/hashicorp/vault/sdk v0.6.0/go.mod h1:+DRpzoXIdMvKc88R4qxr+edwy/RvH5QK8itmxLiDHLc= github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= diff --git a/api/auth/gcp/go.mod b/api/auth/gcp/go.mod index 3181ec263c454..cb122ae9cfe30 100644 --- a/api/auth/gcp/go.mod +++ b/api/auth/gcp/go.mod @@ -4,6 +4,6 @@ go 1.16 require ( cloud.google.com/go v0.97.0 - github.com/hashicorp/vault/api v1.8.1 + github.com/hashicorp/vault/api v1.8.0 google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0 ) diff --git a/api/auth/gcp/go.sum b/api/auth/gcp/go.sum index c9f85c4e892c4..a9fda24c58efb 100644 --- a/api/auth/gcp/go.sum +++ b/api/auth/gcp/go.sum @@ -240,8 +240,6 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/vault/api v1.8.0 h1:7765sW1XBt+qf4XKIYE4ebY9qc/yi9V2/egzGSUNMZU= github.com/hashicorp/vault/api v1.8.0/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= -github.com/hashicorp/vault/api v1.8.1 h1:bMieWIe6dAlqAAPReZO/8zYtXaWUg/21umwqGZpEjCI= -github.com/hashicorp/vault/api v1.8.1/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= github.com/hashicorp/vault/sdk v0.6.0 h1:6Z+In5DXHiUfZvIZdMx7e2loL1PPyDjA4bVh9ZTIAhs= github.com/hashicorp/vault/sdk v0.6.0/go.mod h1:+DRpzoXIdMvKc88R4qxr+edwy/RvH5QK8itmxLiDHLc= github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= diff --git a/api/auth/kubernetes/go.mod b/api/auth/kubernetes/go.mod index 6a084b9e85b70..0faeebfcc91aa 100644 --- a/api/auth/kubernetes/go.mod +++ b/api/auth/kubernetes/go.mod @@ -2,4 +2,4 @@ module github.com/hashicorp/vault/api/auth/kubernetes go 1.16 -require github.com/hashicorp/vault/api v1.8.1 +require github.com/hashicorp/vault/api v1.8.0 diff --git a/api/auth/kubernetes/go.sum b/api/auth/kubernetes/go.sum index c0a9666e8dd45..c7835a3bf723f 100644 --- a/api/auth/kubernetes/go.sum +++ b/api/auth/kubernetes/go.sum @@ -133,8 +133,8 @@ github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+l github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/vault/api v1.8.1 h1:bMieWIe6dAlqAAPReZO/8zYtXaWUg/21umwqGZpEjCI= -github.com/hashicorp/vault/api v1.8.1/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= +github.com/hashicorp/vault/api v1.8.0 h1:7765sW1XBt+qf4XKIYE4ebY9qc/yi9V2/egzGSUNMZU= +github.com/hashicorp/vault/api v1.8.0/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= github.com/hashicorp/vault/sdk v0.6.0 h1:6Z+In5DXHiUfZvIZdMx7e2loL1PPyDjA4bVh9ZTIAhs= github.com/hashicorp/vault/sdk v0.6.0/go.mod h1:+DRpzoXIdMvKc88R4qxr+edwy/RvH5QK8itmxLiDHLc= github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= diff --git a/api/auth/ldap/go.mod b/api/auth/ldap/go.mod index f44f89356bd0d..15b683c2696ab 100644 --- a/api/auth/ldap/go.mod +++ b/api/auth/ldap/go.mod @@ -2,4 +2,4 @@ module github.com/hashicorp/vault/api/auth/ldap go 1.16 -require github.com/hashicorp/vault/api v1.8.1 +require github.com/hashicorp/vault/api v1.8.0 diff --git a/api/auth/ldap/go.sum b/api/auth/ldap/go.sum index c0a9666e8dd45..c7835a3bf723f 100644 --- a/api/auth/ldap/go.sum +++ b/api/auth/ldap/go.sum @@ -133,8 +133,8 @@ github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+l github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/vault/api v1.8.1 h1:bMieWIe6dAlqAAPReZO/8zYtXaWUg/21umwqGZpEjCI= -github.com/hashicorp/vault/api v1.8.1/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= +github.com/hashicorp/vault/api v1.8.0 h1:7765sW1XBt+qf4XKIYE4ebY9qc/yi9V2/egzGSUNMZU= +github.com/hashicorp/vault/api v1.8.0/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= github.com/hashicorp/vault/sdk v0.6.0 h1:6Z+In5DXHiUfZvIZdMx7e2loL1PPyDjA4bVh9ZTIAhs= github.com/hashicorp/vault/sdk v0.6.0/go.mod h1:+DRpzoXIdMvKc88R4qxr+edwy/RvH5QK8itmxLiDHLc= github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= diff --git a/api/auth/userpass/go.mod b/api/auth/userpass/go.mod index a3cf9ba5ea974..5f907553bd35f 100644 --- a/api/auth/userpass/go.mod +++ b/api/auth/userpass/go.mod @@ -2,4 +2,4 @@ module github.com/hashicorp/vault/api/auth/userpass go 1.16 -require github.com/hashicorp/vault/api v1.8.1 +require github.com/hashicorp/vault/api v1.8.0 diff --git a/api/auth/userpass/go.sum b/api/auth/userpass/go.sum index c0a9666e8dd45..c7835a3bf723f 100644 --- a/api/auth/userpass/go.sum +++ b/api/auth/userpass/go.sum @@ -133,8 +133,8 @@ github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+l github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/vault/api v1.8.1 h1:bMieWIe6dAlqAAPReZO/8zYtXaWUg/21umwqGZpEjCI= -github.com/hashicorp/vault/api v1.8.1/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= +github.com/hashicorp/vault/api v1.8.0 h1:7765sW1XBt+qf4XKIYE4ebY9qc/yi9V2/egzGSUNMZU= +github.com/hashicorp/vault/api v1.8.0/go.mod h1:uJrw6D3y9Rv7hhmS17JQC50jbPDAZdjZoTtrCCxxs7E= github.com/hashicorp/vault/sdk v0.6.0 h1:6Z+In5DXHiUfZvIZdMx7e2loL1PPyDjA4bVh9ZTIAhs= github.com/hashicorp/vault/sdk v0.6.0/go.mod h1:+DRpzoXIdMvKc88R4qxr+edwy/RvH5QK8itmxLiDHLc= github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= diff --git a/api/go.mod b/api/go.mod index aa7ea8c448b22..d8109099cf07e 100644 --- a/api/go.mod +++ b/api/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/vault/api -go 1.19 +go 1.17 replace github.com/hashicorp/vault/sdk => ../sdk @@ -30,7 +30,7 @@ require ( github.com/golang/protobuf v1.5.2 // indirect github.com/golang/snappy v0.0.4 // indirect github.com/hashicorp/go-immutable-radix v1.3.1 // indirect - github.com/hashicorp/go-plugin v1.4.5 // indirect + github.com/hashicorp/go-plugin v1.4.3 // indirect github.com/hashicorp/go-secure-stdlib/mlock v0.1.1 // indirect github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect github.com/hashicorp/go-sockaddr v1.0.2 // indirect diff --git a/api/go.sum b/api/go.sum index 4e02343ff0bd7..bd383b14589e6 100644 --- a/api/go.sum +++ b/api/go.sum @@ -55,6 +55,7 @@ github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5y github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= @@ -86,6 +87,7 @@ github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtng github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= +github.com/hashicorp/go-hclog v0.14.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-hclog v0.16.2 h1:K4ev2ib4LdQETX5cSZBG0DVLk1jwGqSPXBjdah3veNs= github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= @@ -94,8 +96,8 @@ github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjh github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-plugin v1.4.5 h1:oTE/oQR4eghggRg8VY7PAz3dr++VwDNBGCcOfIvHpBo= -github.com/hashicorp/go-plugin v1.4.5/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= +github.com/hashicorp/go-plugin v1.4.3 h1:DXmvivbWD5qdiBts9TpBC7BYL1Aia5sxbRgQB+v6UZM= +github.com/hashicorp/go-plugin v1.4.3/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ38b18Udy6vYQ= github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= github.com/hashicorp/go-retryablehttp v0.6.6 h1:HJunrbHTDDbBb/ay4kxa1n+dLmttUlnP3V9oNE4hmsM= github.com/hashicorp/go-retryablehttp v0.6.6/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= @@ -123,6 +125,7 @@ github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M= github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= +github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= @@ -149,6 +152,7 @@ github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMK github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= @@ -213,6 +217,7 @@ golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -266,15 +271,18 @@ golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1N golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20170818010345-ee236bd376b0/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013 h1:+kGHl1aib/qcwaRi1CbqBZ1rk19r85MNUf8HaBghugY= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.41.0 h1:f+PlOh7QV4iIJkPrx5NQ7qaNGFQ3OTse67yaDHfju4E= diff --git a/api/kv_test.go b/api/kv_test.go index f8b3d3917be49..2c16b2d43ad66 100644 --- a/api/kv_test.go +++ b/api/kv_test.go @@ -319,66 +319,13 @@ func TestExtractCustomMetadata(t *testing.T) { }, expected: map[string]interface{}{"org": "eng"}, }, - { - name: "a read response with no custom metadata from a pre-1.9 Vault server", - inputAPIResp: &Secret{ - Data: map[string]interface{}{ - "metadata": map[string]interface{}{}, - }, - }, - expected: map[string]interface{}(nil), - }, - { - name: "a write response with no custom metadata from a pre-1.9 Vault server", - inputAPIResp: &Secret{ - Data: map[string]interface{}{}, - }, - expected: map[string]interface{}(nil), - }, - { - name: "a read response with no custom metadata from a post-1.9 Vault server", - inputAPIResp: &Secret{ - Data: map[string]interface{}{ - "metadata": map[string]interface{}{ - "custom_metadata": nil, - }, - }, - }, - expected: map[string]interface{}(nil), - }, - { - name: "a write response with no custom metadata from a post-1.9 Vault server", - inputAPIResp: &Secret{ - Data: map[string]interface{}{ - "custom_metadata": nil, - }, - }, - expected: map[string]interface{}(nil), - }, - { - name: "a read response where custom metadata was deleted", - inputAPIResp: &Secret{ - Data: map[string]interface{}{ - "metadata": map[string]interface{}{ - "custom_metadata": map[string]interface{}{}, - }, - }, - }, - expected: map[string]interface{}{}, - }, - { - name: "a write response where custom metadata was deleted", - inputAPIResp: &Secret{ - Data: map[string]interface{}{ - "custom_metadata": map[string]interface{}{}, - }, - }, - expected: map[string]interface{}{}, - }, } for _, tc := range testCases { - cm := extractCustomMetadata(tc.inputAPIResp) + cm, err := extractCustomMetadata(tc.inputAPIResp) + if err != nil { + t.Fatalf("err: %s", err) + } if !reflect.DeepEqual(cm, tc.expected) { t.Fatalf("%s: got\n%#v\nexpected\n%#v\n", tc.name, cm, tc.expected) diff --git a/api/kv_v2.go b/api/kv_v2.go index 335c21001be2f..7a98cfeefd234 100644 --- a/api/kv_v2.go +++ b/api/kv_v2.go @@ -125,7 +125,11 @@ func (kv *KVv2) Get(ctx context.Context, secretPath string) (*KVSecret, error) { return nil, fmt.Errorf("error parsing secret at %s: %w", pathToRead, err) } - kvSecret.CustomMetadata = extractCustomMetadata(secret) + cm, err := extractCustomMetadata(secret) + if err != nil { + return nil, fmt.Errorf("error reading custom metadata for secret at %s: %w", pathToRead, err) + } + kvSecret.CustomMetadata = cm return kvSecret, nil } @@ -155,7 +159,11 @@ func (kv *KVv2) GetVersion(ctx context.Context, secretPath string, version int) return nil, fmt.Errorf("error parsing secret at %s: %w", pathToRead, err) } - kvSecret.CustomMetadata = extractCustomMetadata(secret) + cm, err := extractCustomMetadata(secret) + if err != nil { + return nil, fmt.Errorf("error reading custom metadata for secret at %s: %w", pathToRead, err) + } + kvSecret.CustomMetadata = cm return kvSecret, nil } @@ -252,7 +260,11 @@ func (kv *KVv2) Put(ctx context.Context, secretPath string, data map[string]inte Raw: secret, } - kvSecret.CustomMetadata = extractCustomMetadata(secret) + cm, err := extractCustomMetadata(secret) + if err != nil { + return nil, fmt.Errorf("error reading custom metadata for secret at %s: %w", pathToWriteTo, err) + } + kvSecret.CustomMetadata = cm return kvSecret, nil } @@ -485,24 +497,30 @@ func (kv *KVv2) Rollback(ctx context.Context, secretPath string, toVersion int) return kvs, nil } -func extractCustomMetadata(secret *Secret) map[string]interface{} { +func extractCustomMetadata(secret *Secret) (map[string]interface{}, error) { // Logical Writes return the metadata directly, Reads return it nested inside the "metadata" key customMetadataInterface, ok := secret.Data["custom_metadata"] if !ok { - metadataInterface := secret.Data["metadata"] + metadataInterface, ok := secret.Data["metadata"] + if !ok { // if that's not found, bail since it should have had one or the other + return nil, fmt.Errorf("secret is missing expected fields") + } metadataMap, ok := metadataInterface.(map[string]interface{}) if !ok { - return nil + return nil, fmt.Errorf("unexpected type for 'metadata' element: %T (%#v)", metadataInterface, metadataInterface) + } + customMetadataInterface, ok = metadataMap["custom_metadata"] + if !ok { + return nil, fmt.Errorf("metadata missing expected field \"custom_metadata\": %v", metadataMap) } - customMetadataInterface = metadataMap["custom_metadata"] } cm, ok := customMetadataInterface.(map[string]interface{}) - if !ok { - return nil + if !ok && customMetadataInterface != nil { + return nil, fmt.Errorf("unexpected type for 'metadata' element: %T (%#v)", customMetadataInterface, customMetadataInterface) } - return cm + return cm, nil } func extractDataAndVersionMetadata(secret *Secret) (*KVSecret, error) { @@ -706,7 +724,11 @@ func mergePatch(ctx context.Context, client *Client, mountPath string, secretPat Raw: secret, } - kvSecret.CustomMetadata = extractCustomMetadata(secret) + cm, err := extractCustomMetadata(secret) + if err != nil { + return nil, fmt.Errorf("error reading custom metadata for secret %s: %w", secretPath, err) + } + kvSecret.CustomMetadata = cm return kvSecret, nil } diff --git a/api/logical.go b/api/logical.go index d2e5bb5e5e11e..747b9bc12c4c9 100644 --- a/api/logical.go +++ b/api/logical.go @@ -65,7 +65,23 @@ func (c *Logical) ReadWithDataWithContext(ctx context.Context, path string, data ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) defer cancelFunc() - resp, err := c.readRawWithDataWithContext(ctx, path, data) + r := c.c.NewRequest(http.MethodGet, "/v1/"+path) + + var values url.Values + for k, v := range data { + if values == nil { + values = make(url.Values) + } + for _, val := range v { + values.Add(k, val) + } + } + + if values != nil { + r.Params = values + } + + resp, err := c.c.rawRequestWithContext(ctx, r) if resp != nil { defer resp.Body.Close() } @@ -90,41 +106,6 @@ func (c *Logical) ReadWithDataWithContext(ctx context.Context, path string, data return ParseSecret(resp.Body) } -func (c *Logical) ReadRaw(path string) (*Response, error) { - return c.ReadRawWithData(path, nil) -} - -func (c *Logical) ReadRawWithData(path string, data map[string][]string) (*Response, error) { - return c.ReadRawWithDataWithContext(context.Background(), path, data) -} - -func (c *Logical) ReadRawWithDataWithContext(ctx context.Context, path string, data map[string][]string) (*Response, error) { - ctx, cancelFunc := c.c.withConfiguredTimeout(ctx) - defer cancelFunc() - - return c.readRawWithDataWithContext(ctx, path, data) -} - -func (c *Logical) readRawWithDataWithContext(ctx context.Context, path string, data map[string][]string) (*Response, error) { - r := c.c.NewRequest(http.MethodGet, "/v1/"+path) - - var values url.Values - for k, v := range data { - if values == nil { - values = make(url.Values) - } - for _, val := range v { - values.Add(k, val) - } - } - - if values != nil { - r.Params = values - } - - return c.c.RawRequestWithContext(ctx, r) -} - func (c *Logical) List(path string) (*Secret, error) { return c.ListWithContext(context.Background(), path) } diff --git a/api/sys_mounts.go b/api/sys_mounts.go index f55133cec4c64..75173b4d8f2d8 100644 --- a/api/sys_mounts.go +++ b/api/sys_mounts.go @@ -254,20 +254,20 @@ type MountInput struct { } type MountConfigInput struct { - Options map[string]string `json:"options" mapstructure:"options"` - DefaultLeaseTTL string `json:"default_lease_ttl" mapstructure:"default_lease_ttl"` - Description *string `json:"description,omitempty" mapstructure:"description"` - MaxLeaseTTL string `json:"max_lease_ttl" mapstructure:"max_lease_ttl"` - ForceNoCache bool `json:"force_no_cache" mapstructure:"force_no_cache"` - AuditNonHMACRequestKeys []string `json:"audit_non_hmac_request_keys,omitempty" mapstructure:"audit_non_hmac_request_keys"` - AuditNonHMACResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"` - ListingVisibility string `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"` - PassthroughRequestHeaders []string `json:"passthrough_request_headers,omitempty" mapstructure:"passthrough_request_headers"` - AllowedResponseHeaders []string `json:"allowed_response_headers,omitempty" mapstructure:"allowed_response_headers"` - TokenType string `json:"token_type,omitempty" mapstructure:"token_type"` - AllowedManagedKeys []string `json:"allowed_managed_keys,omitempty" mapstructure:"allowed_managed_keys"` - PluginVersion string `json:"plugin_version,omitempty"` - UserLockoutConfig *UserLockoutConfigInput `json:"user_lockout_config,omitempty"` + Options map[string]string `json:"options" mapstructure:"options"` + DefaultLeaseTTL string `json:"default_lease_ttl" mapstructure:"default_lease_ttl"` + Description *string `json:"description,omitempty" mapstructure:"description"` + MaxLeaseTTL string `json:"max_lease_ttl" mapstructure:"max_lease_ttl"` + ForceNoCache bool `json:"force_no_cache" mapstructure:"force_no_cache"` + AuditNonHMACRequestKeys []string `json:"audit_non_hmac_request_keys,omitempty" mapstructure:"audit_non_hmac_request_keys"` + AuditNonHMACResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"` + ListingVisibility string `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"` + PassthroughRequestHeaders []string `json:"passthrough_request_headers,omitempty" mapstructure:"passthrough_request_headers"` + AllowedResponseHeaders []string `json:"allowed_response_headers,omitempty" mapstructure:"allowed_response_headers"` + TokenType string `json:"token_type,omitempty" mapstructure:"token_type"` + AllowedManagedKeys []string `json:"allowed_managed_keys,omitempty" mapstructure:"allowed_managed_keys"` + PluginVersion string `json:"plugin_version,omitempty"` + // Deprecated: This field will always be blank for newer server responses. PluginName string `json:"plugin_name,omitempty" mapstructure:"plugin_name"` } @@ -289,35 +289,21 @@ type MountOutput struct { } type MountConfigOutput struct { - DefaultLeaseTTL int `json:"default_lease_ttl" mapstructure:"default_lease_ttl"` - MaxLeaseTTL int `json:"max_lease_ttl" mapstructure:"max_lease_ttl"` - ForceNoCache bool `json:"force_no_cache" mapstructure:"force_no_cache"` - AuditNonHMACRequestKeys []string `json:"audit_non_hmac_request_keys,omitempty" mapstructure:"audit_non_hmac_request_keys"` - AuditNonHMACResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"` - ListingVisibility string `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"` - PassthroughRequestHeaders []string `json:"passthrough_request_headers,omitempty" mapstructure:"passthrough_request_headers"` - AllowedResponseHeaders []string `json:"allowed_response_headers,omitempty" mapstructure:"allowed_response_headers"` - TokenType string `json:"token_type,omitempty" mapstructure:"token_type"` - AllowedManagedKeys []string `json:"allowed_managed_keys,omitempty" mapstructure:"allowed_managed_keys"` - UserLockoutConfig *UserLockoutConfigOutput `json:"user_lockout_config,omitempty"` + DefaultLeaseTTL int `json:"default_lease_ttl" mapstructure:"default_lease_ttl"` + MaxLeaseTTL int `json:"max_lease_ttl" mapstructure:"max_lease_ttl"` + ForceNoCache bool `json:"force_no_cache" mapstructure:"force_no_cache"` + AuditNonHMACRequestKeys []string `json:"audit_non_hmac_request_keys,omitempty" mapstructure:"audit_non_hmac_request_keys"` + AuditNonHMACResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"` + ListingVisibility string `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"` + PassthroughRequestHeaders []string `json:"passthrough_request_headers,omitempty" mapstructure:"passthrough_request_headers"` + AllowedResponseHeaders []string `json:"allowed_response_headers,omitempty" mapstructure:"allowed_response_headers"` + TokenType string `json:"token_type,omitempty" mapstructure:"token_type"` + AllowedManagedKeys []string `json:"allowed_managed_keys,omitempty" mapstructure:"allowed_managed_keys"` + // Deprecated: This field will always be blank for newer server responses. PluginName string `json:"plugin_name,omitempty" mapstructure:"plugin_name"` } -type UserLockoutConfigInput struct { - LockoutThreshold string `json:"lockout_threshold,omitempty" structs:"lockout_threshold" mapstructure:"lockout_threshold"` - LockoutDuration string `json:"lockout_duration,omitempty" structs:"lockout_duration" mapstructure:"lockout_duration"` - LockoutCounterResetDuration string `json:"lockout_counter_reset_duration,omitempty" structs:"lockout_counter_reset_duration" mapstructure:"lockout_counter_reset_duration"` - DisableLockout *bool `json:"lockout_disable,omitempty" structs:"lockout_disable" mapstructure:"lockout_disable"` -} - -type UserLockoutConfigOutput struct { - LockoutThreshold uint `json:"lockout_threshold,omitempty" structs:"lockout_threshold" mapstructure:"lockout_threshold"` - LockoutDuration int `json:"lockout_duration,omitempty" structs:"lockout_duration" mapstructure:"lockout_duration"` - LockoutCounterReset int `json:"lockout_counter_reset,omitempty" structs:"lockout_counter_reset" mapstructure:"lockout_counter_reset"` - DisableLockout *bool `json:"disable_lockout,omitempty" structs:"disable_lockout" mapstructure:"disable_lockout"` -} - type MountMigrationOutput struct { MigrationID string `mapstructure:"migration_id"` } diff --git a/builtin/credential/approle/backend_test.go b/builtin/credential/approle/backend_test.go index 212fe36f0f7c6..044f02d2a2a4c 100644 --- a/builtin/credential/approle/backend_test.go +++ b/builtin/credential/approle/backend_test.go @@ -174,7 +174,7 @@ func TestAppRole_RoleNameCaseSensitivity(t *testing.T) { }, Storage: s, }) - if err != nil && err != logical.ErrInvalidCredentials { + if err != nil { t.Fatal(err) } if resp == nil || !resp.IsError() { @@ -233,7 +233,7 @@ func TestAppRole_RoleNameCaseSensitivity(t *testing.T) { }, Storage: s, }) - if err != nil && err != logical.ErrInvalidCredentials { + if err != nil { t.Fatal(err) } if resp == nil || !resp.IsError() { @@ -292,7 +292,7 @@ func TestAppRole_RoleNameCaseSensitivity(t *testing.T) { }, Storage: s, }) - if err != nil && err != logical.ErrInvalidCredentials { + if err != nil { t.Fatal(err) } if resp == nil || !resp.IsError() { @@ -351,7 +351,7 @@ func TestAppRole_RoleNameCaseSensitivity(t *testing.T) { }, Storage: s, }) - if err != nil && err != logical.ErrInvalidCredentials { + if err != nil { t.Fatal(err) } if resp == nil || !resp.IsError() { @@ -410,7 +410,7 @@ func TestAppRole_RoleNameCaseSensitivity(t *testing.T) { }, Storage: s, }) - if err != nil && err != logical.ErrInvalidCredentials { + if err != nil { t.Fatal(err) } if resp == nil || !resp.IsError() { diff --git a/builtin/credential/approle/path_login.go b/builtin/credential/approle/path_login.go index 2ad3924ba9e54..5822519b1c79f 100644 --- a/builtin/credential/approle/path_login.go +++ b/builtin/credential/approle/path_login.go @@ -155,7 +155,7 @@ func (b *backend) pathLoginUpdate(ctx context.Context, req *logical.Request, dat return nil, err } if entry == nil { - return logical.ErrorResponse("invalid secret id"), logical.ErrInvalidCredentials + return logical.ErrorResponse("invalid secret id"), nil } // If a secret ID entry does not have a corresponding accessor diff --git a/builtin/credential/approle/path_role.go b/builtin/credential/approle/path_role.go index 20639277a9226..b079a9ca6fa6f 100644 --- a/builtin/credential/approle/path_role.go +++ b/builtin/credential/approle/path_role.go @@ -113,7 +113,7 @@ func rolePaths(b *backend) []*framework.Path { Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "bind_secret_id": { Type: framework.TypeBool, @@ -196,7 +196,7 @@ can only be set during role creation and once set, it can't be reset later.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, }, Callbacks: map[logical.Operation]framework.OperationFunc{ @@ -210,7 +210,7 @@ can only be set during role creation and once set, it can't be reset later.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "policies": { Type: framework.TypeCommaStringSlice, @@ -235,7 +235,7 @@ can only be set during role creation and once set, it can't be reset later.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "bound_cidr_list": { Type: framework.TypeCommaStringSlice, @@ -256,7 +256,7 @@ of CIDR blocks. If set, specifies the blocks of IP addresses which can perform t Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "secret_id_bound_cidrs": { Type: framework.TypeCommaStringSlice, @@ -277,7 +277,7 @@ IP addresses which can perform the login operation.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "token_bound_cidrs": { Type: framework.TypeCommaStringSlice, @@ -297,7 +297,7 @@ IP addresses which can perform the login operation.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "bind_secret_id": { Type: framework.TypeBool, @@ -318,7 +318,7 @@ IP addresses which can perform the login operation.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "secret_id_num_uses": { Type: framework.TypeInt, @@ -338,7 +338,7 @@ IP addresses which can perform the login operation.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "secret_id_ttl": { Type: framework.TypeDurationSecond, @@ -359,7 +359,7 @@ to 0, meaning no expiration.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "period": { Type: framework.TypeDurationSecond, @@ -384,7 +384,7 @@ to 0, meaning no expiration.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "token_num_uses": { Type: framework.TypeInt, @@ -404,7 +404,7 @@ to 0, meaning no expiration.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "token_ttl": { Type: framework.TypeDurationSecond, @@ -424,7 +424,7 @@ to 0, meaning no expiration.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "token_max_ttl": { Type: framework.TypeDurationSecond, @@ -444,7 +444,7 @@ to 0, meaning no expiration.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "role_id": { Type: framework.TypeString, @@ -463,7 +463,7 @@ to 0, meaning no expiration.`, Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "metadata": { Type: framework.TypeString, @@ -504,7 +504,7 @@ Overrides secret_id_ttl role option when supplied. May not be longer than role's Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "secret_id": { Type: framework.TypeString, @@ -522,7 +522,7 @@ Overrides secret_id_ttl role option when supplied. May not be longer than role's Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "secret_id": { Type: framework.TypeString, @@ -541,7 +541,7 @@ Overrides secret_id_ttl role option when supplied. May not be longer than role's Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "secret_id_accessor": { Type: framework.TypeString, @@ -559,7 +559,7 @@ Overrides secret_id_ttl role option when supplied. May not be longer than role's Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "secret_id_accessor": { Type: framework.TypeString, @@ -578,7 +578,7 @@ Overrides secret_id_ttl role option when supplied. May not be longer than role's Fields: map[string]*framework.FieldSchema{ "role_name": { Type: framework.TypeString, - Description: fmt.Sprintf("Name of the role. Must be less than %d bytes.", maxHmacInputLength), + Description: "Name of the role.", }, "secret_id": { Type: framework.TypeString, @@ -880,10 +880,6 @@ func (b *backend) pathRoleCreateUpdate(ctx context.Context, req *logical.Request return logical.ErrorResponse("missing role_name"), nil } - if len(roleName) > maxHmacInputLength { - return logical.ErrorResponse(fmt.Sprintf("role_name is longer than maximum of %d bytes", maxHmacInputLength)), nil - } - lock := b.roleLock(roleName) lock.Lock() defer lock.Unlock() diff --git a/builtin/credential/approle/path_role_test.go b/builtin/credential/approle/path_role_test.go index 06706dda5fdf0..8ab3bfc666358 100644 --- a/builtin/credential/approle/path_role_test.go +++ b/builtin/credential/approle/path_role_test.go @@ -381,7 +381,7 @@ func TestAppRole_RoleNameLowerCasing(t *testing.T) { "secret_id": secretID, }, }) - if err != nil && err != logical.ErrInvalidCredentials { + if err != nil { t.Fatal(err) } if resp == nil || !resp.IsError() { diff --git a/builtin/credential/approle/validation.go b/builtin/credential/approle/validation.go index 25f343675d02a..7a129b99a078a 100644 --- a/builtin/credential/approle/validation.go +++ b/builtin/credential/approle/validation.go @@ -92,7 +92,7 @@ func verifyCIDRRoleSecretIDSubset(secretIDCIDRs []string, roleBoundCIDRList []st return nil } -const maxHmacInputLength = 4096 +const maxHmacInputLength = 1024 // Creates a SHA256 HMAC of the given 'value' using the given 'key' and returns // a hex encoded string. diff --git a/builtin/credential/cert/backend_test.go b/builtin/credential/cert/backend_test.go index 062fc156bc7a5..4365df47716ae 100644 --- a/builtin/credential/cert/backend_test.go +++ b/builtin/credential/cert/backend_test.go @@ -456,6 +456,21 @@ func TestBackend_PermittedDNSDomainsIntermediateCA(t *testing.T) { if secret.Auth == nil || secret.Auth.ClientToken == "" { t.Fatalf("expected a successful authentication") } + + // testing pathLoginRenew for cert auth + oldAccessor := secret.Auth.Accessor + newClient.SetToken(client.Token()) + secret, err = newClient.Logical().Write("auth/token/renew-accessor", map[string]interface{}{ + "accessor": secret.Auth.Accessor, + "increment": 3600, + }) + if err != nil { + t.Fatal(err) + } + + if secret.Auth == nil || secret.Auth.ClientToken != "" || secret.Auth.LeaseDuration != 3600 || secret.Auth.Accessor != oldAccessor { + t.Fatalf("unexpected accessor renewal") + } } func TestBackend_MetadataBasedACLPolicy(t *testing.T) { diff --git a/builtin/credential/cert/path_login.go b/builtin/credential/cert/path_login.go index 11e63d75eaada..8eb0c7350cb07 100644 --- a/builtin/credential/cert/path_login.go +++ b/builtin/credential/cert/path_login.go @@ -233,7 +233,7 @@ func (b *backend) verifyCredentials(ctx context.Context, req *logical.Request, d var certName string if req.Auth != nil { // It's a renewal, use the saved certName certName = req.Auth.Metadata["cert_name"] - } else { + } else if d != nil { // d is nil if handleAuthRenew call the authRenew certName = d.Get("name").(string) } diff --git a/builtin/credential/ldap/backend.go b/builtin/credential/ldap/backend.go index 35e0f102c3961..d318fe4b4c6bb 100644 --- a/builtin/credential/ldap/backend.go +++ b/builtin/credential/ldap/backend.go @@ -107,7 +107,7 @@ func (b *backend) Login(ctx context.Context, req *logical.Request, username stri if b.Logger().IsDebug() { b.Logger().Debug("ldap bind failed", "error", err) } - return "", nil, logical.ErrorResponse(errUserBindFailed), nil, logical.ErrInvalidCredentials + return "", nil, logical.ErrorResponse(errUserBindFailed), nil, nil } // We re-bind to the BindDN if it's defined because we assume @@ -117,7 +117,7 @@ func (b *backend) Login(ctx context.Context, req *logical.Request, username stri if b.Logger().IsDebug() { b.Logger().Debug("error while attempting to re-bind with the BindDN User", "error", err) } - return "", nil, logical.ErrorResponse("ldap operation failed: failed to re-bind with the BindDN user"), nil, logical.ErrInvalidCredentials + return "", nil, logical.ErrorResponse("ldap operation failed: failed to re-bind with the BindDN user"), nil, nil } if b.Logger().IsDebug() { b.Logger().Debug("re-bound to original binddn") diff --git a/builtin/credential/okta/path_login.go b/builtin/credential/okta/path_login.go index c6b18f02da3e5..0f8967576bb7c 100644 --- a/builtin/credential/okta/path_login.go +++ b/builtin/credential/okta/path_login.go @@ -143,7 +143,11 @@ func (b *backend) pathLogin(ctx context.Context, req *logical.Request, d *framew func (b *backend) pathLoginRenew(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) { username := req.Auth.Metadata["username"] password := req.Auth.InternalData["password"].(string) - nonce := d.Get("nonce").(string) + + var nonce string + if d != nil { + nonce = d.Get("nonce").(string) + } cfg, err := b.getConfig(ctx, req) if err != nil { diff --git a/builtin/credential/radius/backend_test.go b/builtin/credential/radius/backend_test.go index 17cf54367c257..de90b3b79d6e9 100644 --- a/builtin/credential/radius/backend_test.go +++ b/builtin/credential/radius/backend_test.go @@ -3,6 +3,7 @@ package radius import ( "context" "fmt" + "io" "os" "reflect" "strconv" @@ -13,6 +14,8 @@ import ( "github.com/hashicorp/vault/helper/testhelpers/docker" logicaltest "github.com/hashicorp/vault/helper/testhelpers/logical" "github.com/hashicorp/vault/sdk/logical" + + "github.com/docker/docker/api/types" ) const ( @@ -32,6 +35,35 @@ func prepareRadiusTestContainer(t *testing.T) (func(), string, int) { return func() {}, os.Getenv(envRadiusRadiusHost), port } + radiusdOptions := []string{"radiusd", "-f", "-l", "stdout", "-X"} + runner, err := docker.NewServiceRunner(docker.RunOptions{ + ImageRepo: "jumanjiman/radiusd", + ImageTag: "latest", + ContainerName: "radiusd", + // Switch the entry point for this operation; we want to sleep + // instead of exec'ing radiusd, as we first need to write a new + // client configuration. radiusd's SIGHUP handler does not reload + // this config file, hence we choose to manually start radiusd + // below. + Entrypoint: []string{"sleep", "3600"}, + Ports: []string{"1812/udp"}, + LogConsumer: func(s string) { + if t.Failed() { + t.Logf("container logs: %s", s) + } + }, + }) + if err != nil { + t.Fatalf("Could not start docker radiusd: %s", err) + } + + svc, err := runner.StartService(context.Background(), func(ctx context.Context, host string, port int) (docker.ServiceConfig, error) { + return docker.NewServiceHostPort(host, port), nil + }) + if err != nil { + t.Fatalf("Could not start docker radiusd: %s", err) + } + // Now allow any client to connect to this radiusd instance by writing our // own clients.conf file. // @@ -42,8 +74,7 @@ func prepareRadiusTestContainer(t *testing.T) (func(), string, int) { // // See also: https://freeradius.org/radiusd/man/clients.conf.html ctx := context.Background() - clientsConfig := ` -client 0.0.0.0/1 { + clientsConfig := `client 0.0.0.0/1 { ipaddr = 0.0.0.0/1 secret = testing123 shortname = all-clients-first @@ -53,55 +84,45 @@ client 128.0.0.0/1 { ipaddr = 128.0.0.0/1 secret = testing123 shortname = all-clients-second -} -` - - containerfile := ` -FROM docker.mirror.hashicorp.services/jumanjiman/radiusd:latest - -COPY clients.conf /etc/raddb/clients.conf -` - - bCtx := docker.NewBuildContext() - bCtx["clients.conf"] = docker.PathContentsFromBytes([]byte(clientsConfig)) - - imageName := "vault_radiusd_any_client" - imageTag := "latest" - - runner, err := docker.NewServiceRunner(docker.RunOptions{ - ImageRepo: imageName, - ImageTag: imageTag, - ContainerName: "radiusd", - Cmd: []string{"-f", "-l", "stdout", "-X"}, - Ports: []string{"1812/udp"}, - LogConsumer: func(s string) { - if t.Failed() { - t.Logf("container logs: %s", s) - } - }, +}` + ret, err := runner.DockerAPI.ContainerExecCreate(ctx, svc.Container.ID, types.ExecConfig{ + User: "0", + AttachStderr: true, + AttachStdout: true, + // Hack: write this via echo, since it exists in the container. + Cmd: []string{"sh", "-c", "echo '" + clientsConfig + "' > /etc/raddb/clients.conf"}, }) if err != nil { - t.Fatalf("Could not provision docker service runner: %s", err) + t.Fatalf("Failed to update radiusd client config: error creating command: %v", err) } - - output, err := runner.BuildImage(ctx, containerfile, bCtx, - docker.BuildRemove(true), docker.BuildForceRemove(true), - docker.BuildPullParent(true), - docker.BuildTags([]string{imageName + ":" + imageTag})) + resp, err := runner.DockerAPI.ContainerExecAttach(ctx, ret.ID, types.ExecStartCheck{}) if err != nil { - t.Fatalf("Could not build new image: %v", err) + t.Fatalf("Failed to update radiusd client config: error attaching command: %v", err) } - - t.Logf("Image build output: %v", string(output)) - - svc, err := runner.StartService(context.Background(), func(ctx context.Context, host string, port int) (docker.ServiceConfig, error) { - time.Sleep(2 * time.Second) - return docker.NewServiceHostPort(host, port), nil + read, err := io.ReadAll(resp.Reader) + t.Logf("Command Output (%v):\n%v", err, string(read)) + + ret, err = runner.DockerAPI.ContainerExecCreate(ctx, svc.Container.ID, types.ExecConfig{ + User: "0", + AttachStderr: true, + AttachStdout: true, + // As noted above, we need to start radiusd manually now. + Cmd: radiusdOptions, }) if err != nil { - t.Fatalf("Could not start docker radiusd: %s", err) + t.Fatalf("Failed to start radiusd service: error creating command: %v", err) + } + err = runner.DockerAPI.ContainerExecStart(ctx, ret.ID, types.ExecStartCheck{}) + if err != nil { + t.Fatalf("Failed to start radiusd service: error starting command: %v", err) } + // Give radiusd time to start... + // + // There's no straightfoward way to check the state, but the server starts + // up quick so a 2 second sleep should be enough. + time.Sleep(2 * time.Second) + pieces := strings.Split(svc.Config.Address(), ":") port, _ := strconv.Atoi(pieces[1]) return svc.Cleanup, pieces[0], port diff --git a/builtin/credential/userpass/path_login.go b/builtin/credential/userpass/path_login.go index 8e3f42ea4f422..95d63f28c6260 100644 --- a/builtin/credential/userpass/path_login.go +++ b/builtin/credential/userpass/path_login.go @@ -86,26 +86,14 @@ func (b *backend) pathLogin(ctx context.Context, req *logical.Request, d *framew // Check for a password match. Check for a hash collision for Vault 0.2+, // but handle the older legacy passwords with a constant time comparison. passwordBytes := []byte(password) - switch { - case !legacyPassword: + if !legacyPassword { if err := bcrypt.CompareHashAndPassword(userPassword, passwordBytes); err != nil { - // The failed login info of existing users alone are tracked as only - // existing user's failed login information is stored in storage for optimization - if user == nil || userError != nil { - return logical.ErrorResponse("invalid username or password"), nil - } - return logical.ErrorResponse("invalid username or password"), logical.ErrInvalidCredentials + return logical.ErrorResponse("invalid username or password"), nil } - default: + } else { if subtle.ConstantTimeCompare(userPassword, passwordBytes) != 1 { - // The failed login info of existing users alone are tracked as only - // existing user's failed login information is stored in storage for optimization - if user == nil || userError != nil { - return logical.ErrorResponse("invalid username or password"), nil - } - return logical.ErrorResponse("invalid username or password"), logical.ErrInvalidCredentials + return logical.ErrorResponse("invalid username or password"), nil } - } if userError != nil { diff --git a/builtin/logical/aws/backend_test.go b/builtin/logical/aws/backend_test.go index 048900675014d..4ca6e66c916d2 100644 --- a/builtin/logical/aws/backend_test.go +++ b/builtin/logical/aws/backend_test.go @@ -235,11 +235,8 @@ func createRole(t *testing.T, roleName, awsAccountID string, policyARNs []string "Principal": { "AWS": "arn:aws:iam::%s:root" }, - "Action": [ - "sts:AssumeRole", - "sts:SetSourceIdentity" - ] - } + "Action": "sts:AssumeRole" + } ] } ` @@ -658,26 +655,19 @@ func testAccStepRead(t *testing.T, path, name string, credentialTests []credenti } } -func testAccStepReadSTSResponse(name string, maximumTTL uint64) logicaltest.TestStep { +func testAccStepReadTTL(name string, maximumTTL time.Duration) logicaltest.TestStep { return logicaltest.TestStep{ Operation: logical.ReadOperation, Path: "creds/" + name, Check: func(resp *logical.Response) error { - if resp.Secret != nil { - return fmt.Errorf("bad: STS tokens should return a nil secret, received: %+v", resp.Secret) + if resp.Secret == nil { + return fmt.Errorf("bad: nil Secret returned") } - - if ttl, exists := resp.Data["ttl"]; exists { - ttlVal := ttl.(uint64) - - if ttlVal > maximumTTL { - return fmt.Errorf("bad: ttl of %d greater than maximum of %d", ttl, maximumTTL) - } - - return nil + ttl := resp.Secret.TTL + if ttl > maximumTTL { + return fmt.Errorf("bad: ttl of %d greater than maximum of %d", ttl/time.Second, maximumTTL/time.Second) } - - return fmt.Errorf("response data missing ttl, received: %+v", resp.Data) + return nil }, } } @@ -1326,7 +1316,7 @@ func TestAcceptanceBackend_RoleDefaultSTSTTL(t *testing.T) { Steps: []logicaltest.TestStep{ testAccStepConfig(t), testAccStepWriteRole(t, "test", roleData), - testAccStepReadSTSResponse("test", uint64(minAwsAssumeRoleDuration)), // allow a little slack + testAccStepReadTTL("test", time.Duration(minAwsAssumeRoleDuration)*time.Second), // allow a little slack }, Teardown: func() error { return deleteTestRole(roleName) diff --git a/builtin/logical/aws/secret_access_keys.go b/builtin/logical/aws/secret_access_keys.go index eb83ed5fa16e1..c70386d681464 100644 --- a/builtin/logical/aws/secret_access_keys.go +++ b/builtin/logical/aws/secret_access_keys.go @@ -155,15 +155,23 @@ func (b *backend) getFederationToken(ctx context.Context, s logical.Storage, return logical.ErrorResponse("Error generating STS keys: %s", err), awsutil.CheckAWSError(err) } - // STS credentials cannot be revoked so do not create a lease - return &logical.Response{ - Data: map[string]interface{}{ - "access_key": *tokenResp.Credentials.AccessKeyId, - "secret_key": *tokenResp.Credentials.SecretAccessKey, - "security_token": *tokenResp.Credentials.SessionToken, - "ttl": uint64(tokenResp.Credentials.Expiration.Sub(time.Now()).Seconds()), - }, - }, nil + resp := b.Secret(secretAccessKeyType).Response(map[string]interface{}{ + "access_key": *tokenResp.Credentials.AccessKeyId, + "secret_key": *tokenResp.Credentials.SecretAccessKey, + "security_token": *tokenResp.Credentials.SessionToken, + }, map[string]interface{}{ + "username": username, + "policy": policy, + "is_sts": true, + }) + + // Set the secret TTL to appropriately match the expiration of the token + resp.Secret.TTL = tokenResp.Credentials.Expiration.Sub(time.Now()) + + // STS are purposefully short-lived and aren't renewable + resp.Secret.Renewable = false + + return resp, nil } func (b *backend) assumeRole(ctx context.Context, s logical.Storage, @@ -230,16 +238,24 @@ func (b *backend) assumeRole(ctx context.Context, s logical.Storage, return logical.ErrorResponse("Error assuming role: %s", err), awsutil.CheckAWSError(err) } - // STS credentials cannot be revoked so do not create a lease - return &logical.Response{ - Data: map[string]interface{}{ - "access_key": *tokenResp.Credentials.AccessKeyId, - "secret_key": *tokenResp.Credentials.SecretAccessKey, - "security_token": *tokenResp.Credentials.SessionToken, - "arn": *tokenResp.AssumedRoleUser.Arn, - "ttl": uint64(tokenResp.Credentials.Expiration.Sub(time.Now()).Seconds()), - }, - }, nil + resp := b.Secret(secretAccessKeyType).Response(map[string]interface{}{ + "access_key": *tokenResp.Credentials.AccessKeyId, + "secret_key": *tokenResp.Credentials.SecretAccessKey, + "security_token": *tokenResp.Credentials.SessionToken, + "arn": *tokenResp.AssumedRoleUser.Arn, + }, map[string]interface{}{ + "username": roleSessionName, + "policy": roleArn, + "is_sts": true, + }) + + // Set the secret TTL to appropriately match the expiration of the token + resp.Secret.TTL = tokenResp.Credentials.Expiration.Sub(time.Now()) + + // STS are purposefully short-lived and aren't renewable + resp.Secret.Renewable = false + + return resp, nil } func readConfig(ctx context.Context, storage logical.Storage) (rootConfig, error) { diff --git a/builtin/logical/aws/stepwise_test.go b/builtin/logical/aws/stepwise_test.go index c62975b9474e8..78feb1442595e 100644 --- a/builtin/logical/aws/stepwise_test.go +++ b/builtin/logical/aws/stepwise_test.go @@ -2,7 +2,6 @@ package aws import ( "os" - "sync" "testing" stepwise "github.com/hashicorp/vault-testing-stepwise" @@ -11,8 +10,6 @@ import ( "github.com/mitchellh/mapstructure" ) -var stepwiseSetup sync.Once - func TestAccBackend_Stepwise_basic(t *testing.T) { t.Parallel() envOptions := &stepwise.MountOptions{ @@ -85,7 +82,7 @@ func testAccStepwiseRead(t *testing.T, path, name string, credentialTests []cred } func testAccStepwisePreCheck(t *testing.T) { - stepwiseSetup.Do(func() { + initSetup.Do(func() { if v := os.Getenv("AWS_DEFAULT_REGION"); v == "" { t.Logf("[INFO] Test: Using us-west-2 as test region") os.Setenv("AWS_DEFAULT_REGION", "us-west-2") diff --git a/builtin/logical/database/rotation_test.go b/builtin/logical/database/rotation_test.go index ccbd64588592d..1fdbba55f1d6d 100644 --- a/builtin/logical/database/rotation_test.go +++ b/builtin/logical/database/rotation_test.go @@ -506,6 +506,8 @@ func TestBackend_Static_QueueWAL_discard_role_not_found(t *testing.T) { // Second scenario, WAL contains a role name that does exist, but the role's // LastVaultRotation is greater than the WAL has func TestBackend_Static_QueueWAL_discard_role_newer_rotation_date(t *testing.T) { + t.Skip("temporarily disabled due to intermittent failures") + cluster, sys := getCluster(t) defer cluster.Cleanup() diff --git a/builtin/logical/pki/backend_test.go b/builtin/logical/pki/backend_test.go index 6ef3af880366f..0ea7b46087978 100644 --- a/builtin/logical/pki/backend_test.go +++ b/builtin/logical/pki/backend_test.go @@ -466,13 +466,8 @@ func checkCertsAndPrivateKey(keyType string, key crypto.Signer, usage x509.KeyUs } } - // TODO: We incremented 20->25 due to CircleCI execution - // being slow and pausing this test. We might consider recording the - // actual issuance time of the cert and calculating the expected - // validity period +/- fuzz, but that'd require recording and passing - // through more information. - if math.Abs(float64(time.Now().Add(validity).Unix()-cert.NotAfter.Unix())) > 25 { - return nil, fmt.Errorf("certificate validity end: %s; expected within 25 seconds of %s", cert.NotAfter.Format(time.RFC3339), time.Now().Add(validity).Format(time.RFC3339)) + if math.Abs(float64(time.Now().Add(validity).Unix()-cert.NotAfter.Unix())) > 20 { + return nil, fmt.Errorf("certificate validity end: %s; expected within 20 seconds of %s", cert.NotAfter.Format(time.RFC3339), time.Now().Add(validity).Format(time.RFC3339)) } return parsedCertBundle, nil @@ -2136,21 +2131,10 @@ func runTestSignVerbatim(t *testing.T, keyType string) { if err != nil { t.Fatal(err) } - oidExtensionSubjectAltName = []int{2, 5, 29, 17} csrReq := &x509.CertificateRequest{ Subject: pkix.Name{ CommonName: "foo.bar.com", }, - // Check that otherName extensions are not duplicated (see hashicorp/vault#16700). - // If these extensions are duplicated, sign-verbatim will fail when parsing the signed certificate on Go 1.19+ (see golang/go#50988). - // On older versions of Go this test will fail due to an explicit check for duplicate otherNames later in this test. - ExtraExtensions: []pkix.Extension{ - { - Id: oidExtensionSubjectAltName, - Critical: false, - Value: []byte{0x30, 0x26, 0xA0, 0x24, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x03, 0xA0, 0x16, 0x0C, 0x14, 0x75, 0x73, 0x65, 0x72, 0x6E, 0x61, 0x6D, 0x65, 0x40, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D}, - }, - }, } csr, err := x509.CreateCertificateRequest(rand.Reader, csrReq, key) if err != nil { @@ -2301,19 +2285,6 @@ func runTestSignVerbatim(t *testing.T, keyType string) { t.Fatalf("expected a single cert, got %d", len(certs)) } cert = certs[0] - - // Fallback check for duplicate otherName, necessary on Go versions before 1.19. - // We assume that there is only one SAN in the original CSR and that it is an otherName. - san_count := 0 - for _, ext := range cert.Extensions { - if ext.Id.Equal(oidExtensionSubjectAltName) { - san_count += 1 - } - } - if san_count != 1 { - t.Fatalf("expected one SAN extension, got %d", san_count) - } - notAfter := cert.NotAfter.Format(time.RFC3339) if notAfter != "9999-12-31T23:59:59Z" { t.Fatal(fmt.Errorf("not after from certificate is not matching with input parameter")) diff --git a/builtin/logical/pki/chain_util.go b/builtin/logical/pki/chain_util.go index 334000a7c255e..6b7a6a5c7bebd 100644 --- a/builtin/logical/pki/chain_util.go +++ b/builtin/logical/pki/chain_util.go @@ -43,7 +43,7 @@ func (sc *storageContext) rebuildIssuersChains(referenceCert *issuerEntry /* opt // To begin, we fetch all known issuers from disk. issuers, err := sc.listIssuers() if err != nil { - return fmt.Errorf("unable to list issuers to build chain: %v", err) + return fmt.Errorf("unable to list issuers to build chain: %w", err) } // Fast path: no issuers means we can set the reference cert's value, if @@ -79,6 +79,28 @@ func (sc *storageContext) rebuildIssuersChains(referenceCert *issuerEntry /* opt // Now call a stable sorting algorithm here. We want to ensure the results // are the same across multiple calls to rebuildIssuersChains with the same // input data. + // + // Note: while we want to ensure referenceCert is written last (because it + // is the user-facing action), we need to balance this with always having + // a stable chain order, regardless of which certificate was chosen as the + // reference cert. (E.g., for a given collection of unchanging certificates, + // if we repeatedly set+unset a manual chain, triggering rebuilds, we should + // always have the same chain after each unset). Thus, delay the write of + // the referenceCert below when persisting -- but keep the sort AFTER the + // referenceCert was added to the list, not before. + // + // (Otherwise, if this is called with one existing issuer and one new + // reference cert, and the reference cert sorts before the existing + // issuer, we will sort this list and have persisted the new issuer + // first, and may fail on the subsequent write to the existing issuer. + // Alternatively, if we don't sort the issuers in this order and there's + // a parallel chain (where cert A is a child of both B and C, with + // C.ID < B.ID and C was passed in as the yet unwritten referenceCert), + // then we'll create a chain with order A -> B -> C on initial write (as + // A and B come from disk) but A -> C -> B on subsequent writes (when all + // certs come from disk). Thus the sort must be done after adding in the + // referenceCert, thus sorting it consistently, but its write must be + // singled out to occur last.) sort.SliceStable(issuers, func(i, j int) bool { return issuers[i] > issuers[j] }) @@ -116,7 +138,7 @@ func (sc *storageContext) rebuildIssuersChains(referenceCert *issuerEntry /* opt // Otherwise, fetch it from disk. stored, err = sc.fetchIssuerById(identifier) if err != nil { - return fmt.Errorf("unable to fetch issuer %v to build chain: %v", identifier, err) + return fmt.Errorf("unable to fetch issuer %v to build chain: %w", identifier, err) } } @@ -127,7 +149,7 @@ func (sc *storageContext) rebuildIssuersChains(referenceCert *issuerEntry /* opt issuerIdEntryMap[identifier] = stored cert, err := stored.GetCertificate() if err != nil { - return fmt.Errorf("unable to parse issuer %v to certificate to build chain: %v", identifier, err) + return fmt.Errorf("unable to parse issuer %v to certificate to build chain: %w", identifier, err) } issuerIdCertMap[identifier] = cert @@ -417,13 +439,27 @@ func (sc *storageContext) rebuildIssuersChains(referenceCert *issuerEntry /* opt } // Finally, write all issuers to disk. + // + // See the note above when sorting issuers for why we delay persisting + // the referenceCert, if it was provided. for _, issuer := range issuers { entry := issuerIdEntryMap[issuer] + if referenceCert != nil && issuer == referenceCert.ID { + continue + } + err := sc.writeIssuer(entry) if err != nil { pretty := prettyIssuer(issuerIdEntryMap, issuer) - return fmt.Errorf("failed to persist issuer (%v) chain to disk: %v", pretty, err) + return fmt.Errorf("failed to persist issuer (%v) chain to disk: %w", pretty, err) + } + } + if referenceCert != nil { + err := sc.writeIssuer(issuerIdEntryMap[referenceCert.ID]) + if err != nil { + pretty := prettyIssuer(issuerIdEntryMap, referenceCert.ID) + return fmt.Errorf("failed to persist issuer (%v) chain to disk: %w", pretty, err) } } diff --git a/builtin/logical/pki/config_util.go b/builtin/logical/pki/config_util.go index f775b9d58c1f0..0d8b8dad26e43 100644 --- a/builtin/logical/pki/config_util.go +++ b/builtin/logical/pki/config_util.go @@ -46,56 +46,72 @@ func (sc *storageContext) updateDefaultIssuerId(id issuerID) error { } if config.DefaultIssuerId != id { - oldDefault := config.DefaultIssuerId - newDefault := id - now := time.Now().UTC() + config.DefaultIssuerId = id + return sc.setIssuersConfig(config) + } - err := sc.setIssuersConfig(&issuerConfigEntry{ - DefaultIssuerId: newDefault, - }) - if err != nil { - return err + return nil +} + +func (sc *storageContext) changeDefaultIssuerTimestamps(oldDefault issuerID, newDefault issuerID) error { + if newDefault == oldDefault { + return nil + } + + now := time.Now().UTC() + + // When the default issuer changes, we need to modify four + // pieces of information: + // + // 1. The old default issuer's modification time, as it no + // longer works for the /cert/ca path. + // 2. The new default issuer's modification time, as it now + // works for the /cert/ca path. + // 3. & 4. Both issuer's CRLs, as they behave the same, under + // the /cert/crl path! + for _, thisId := range []issuerID{oldDefault, newDefault} { + if len(thisId) == 0 { + continue } - // When the default issuer changes, we need to modify four - // pieces of information: - // - // 1. The old default issuer's modification time, as it no - // longer works for the /cert/ca path. - // 2. The new default issuer's modification time, as it now - // works for the /cert/ca path. - // 3. & 4. Both issuer's CRLs, as they behave the same, under - // the /cert/crl path! - for _, thisId := range []issuerID{oldDefault, newDefault} { - if len(thisId) == 0 { + // 1 & 2 above. + issuer, err := sc.fetchIssuerById(thisId) + if err != nil { + // Due to the lack of transactions, if we deleted the default + // issuer (successfully), but the subsequent issuer config write + // (to clear the default issuer's old id) failed, we might have + // an inconsistent config. If we later hit this loop (and flush + // these timestamps again -- perhaps because the operator + // selected a new default), we'd have erred out here, because + // the since-deleted default issuer doesn't exist. In this case, + // skip the issuer instead of bailing. + err := fmt.Errorf("unable to update issuer (%v)'s modification time: error fetching issuer: %w", thisId, err) + if strings.Contains(err.Error(), "does not exist") { + sc.Backend.Logger().Warn(err.Error()) continue } - // 1 & 2 above. - issuer, err := sc.fetchIssuerById(thisId) - if err != nil { - return fmt.Errorf("unable to update issuer (%v)'s modification time: error fetching issuer: %v", thisId, err) - } - - issuer.LastModified = now - err = sc.writeIssuer(issuer) - if err != nil { - return fmt.Errorf("unable to update issuer (%v)'s modification time: error persisting issuer: %v", thisId, err) - } + return err } - // Fetch and update the localCRLConfigEntry (3&4). - cfg, err := sc.getLocalCRLConfig() + issuer.LastModified = now + err = sc.writeIssuer(issuer) if err != nil { - return fmt.Errorf("unable to update local CRL config's modification time: error fetching local CRL config: %v", err) + return fmt.Errorf("unable to update issuer (%v)'s modification time: error persisting issuer: %v", thisId, err) } + } - cfg.LastModified = now - cfg.DeltaLastModified = now - err = sc.setLocalCRLConfig(cfg) - if err != nil { - return fmt.Errorf("unable to update local CRL config's modification time: error persisting local CRL config: %v", err) - } + // Fetch and update the localCRLConfigEntry (3&4). + cfg, err := sc.getLocalCRLConfig() + if err != nil { + return fmt.Errorf("unable to update local CRL config's modification time: error fetching local CRL config: %v", err) + } + + cfg.LastModified = now + cfg.DeltaLastModified = now + err = sc.setLocalCRLConfig(cfg) + if err != nil { + return fmt.Errorf("unable to update local CRL config's modification time: error persisting local CRL config: %v", err) } return nil diff --git a/builtin/logical/pki/integation_test.go b/builtin/logical/pki/integation_test.go index a655662ec107c..d71909981c6a1 100644 --- a/builtin/logical/pki/integation_test.go +++ b/builtin/logical/pki/integation_test.go @@ -357,6 +357,109 @@ func TestIntegration_CSRGeneration(t *testing.T) { } } +func TestIntegration_AutoIssuer(t *testing.T) { + t.Parallel() + b, s := createBackendWithStorage(t) + + // Generate two roots. The first should become default under the existing + // behavior; when we update the config and generate a second, it should + // take over as default. Deleting the first and re-importing it will make + // it default again, and then disabling the option and removing and + // reimporting the second and creating a new root won't affect it again. + resp, err := CBWrite(b, s, "root/generate/internal", map[string]interface{}{ + "common_name": "Root X1", + "issuer_name": "root-1", + "key_type": "ec", + }) + requireSuccessNonNilResponse(t, resp, err) + issuerIdOne := resp.Data["issuer_id"] + require.NotEmpty(t, issuerIdOne) + certOne := resp.Data["certificate"] + require.NotEmpty(t, certOne) + + resp, err = CBRead(b, s, "config/issuers") + requireSuccessNonNilResponse(t, resp, err) + require.Equal(t, issuerIdOne, resp.Data["default"]) + + // Enable the new config option. + _, err = CBWrite(b, s, "config/issuers", map[string]interface{}{ + "default": issuerIdOne, + "default_follows_latest_issuer": true, + }) + require.NoError(t, err) + + // Now generate the second root; it should become default. + resp, err = CBWrite(b, s, "root/generate/internal", map[string]interface{}{ + "common_name": "Root X2", + "issuer_name": "root-2", + "key_type": "ec", + }) + requireSuccessNonNilResponse(t, resp, err) + issuerIdTwo := resp.Data["issuer_id"] + require.NotEmpty(t, issuerIdTwo) + certTwo := resp.Data["certificate"] + require.NotEmpty(t, certTwo) + + resp, err = CBRead(b, s, "config/issuers") + requireSuccessNonNilResponse(t, resp, err) + require.Equal(t, issuerIdTwo, resp.Data["default"]) + + // Deleting the first shouldn't affect the default issuer. + _, err = CBDelete(b, s, "issuer/root-1") + require.NoError(t, err) + resp, err = CBRead(b, s, "config/issuers") + requireSuccessNonNilResponse(t, resp, err) + require.Equal(t, issuerIdTwo, resp.Data["default"]) + + // But reimporting it should update it to the new issuer's value. + resp, err = CBWrite(b, s, "issuers/import/bundle", map[string]interface{}{ + "pem_bundle": certOne, + }) + requireSuccessNonNilResponse(t, resp, err) + issuerIdOneReimported := issuerID(resp.Data["imported_issuers"].([]string)[0]) + + resp, err = CBRead(b, s, "config/issuers") + requireSuccessNonNilResponse(t, resp, err) + require.Equal(t, issuerIdOneReimported, resp.Data["default"]) + + // Now update the config to disable this option again. + _, err = CBWrite(b, s, "config/issuers", map[string]interface{}{ + "default": issuerIdOneReimported, + "default_follows_latest_issuer": false, + }) + require.NoError(t, err) + + // Generating a new root shouldn't update the default. + resp, err = CBWrite(b, s, "root/generate/internal", map[string]interface{}{ + "common_name": "Root X3", + "issuer_name": "root-3", + "key_type": "ec", + }) + requireSuccessNonNilResponse(t, resp, err) + issuerIdThree := resp.Data["issuer_id"] + require.NotEmpty(t, issuerIdThree) + + resp, err = CBRead(b, s, "config/issuers") + requireSuccessNonNilResponse(t, resp, err) + require.Equal(t, issuerIdOneReimported, resp.Data["default"]) + + // Deleting and re-importing root 2 should also not affect it. + _, err = CBDelete(b, s, "issuer/root-2") + require.NoError(t, err) + resp, err = CBRead(b, s, "config/issuers") + requireSuccessNonNilResponse(t, resp, err) + require.Equal(t, issuerIdOneReimported, resp.Data["default"]) + + resp, err = CBWrite(b, s, "issuers/import/bundle", map[string]interface{}{ + "pem_bundle": certTwo, + }) + requireSuccessNonNilResponse(t, resp, err) + require.Equal(t, 1, len(resp.Data["imported_issuers"].([]string))) + resp, err = CBRead(b, s, "config/issuers") + requireSuccessNonNilResponse(t, resp, err) + require.Equal(t, issuerIdOneReimported, resp.Data["default"]) +} + func genTestRootCa(t *testing.T, b *backend, s logical.Storage) (issuerID, keyID) { return genTestRootCaWithIssuerName(t, b, s, "") } diff --git a/builtin/logical/pki/path_config_ca.go b/builtin/logical/pki/path_config_ca.go index dd2010e90684f..f7a7706455cb1 100644 --- a/builtin/logical/pki/path_config_ca.go +++ b/builtin/logical/pki/path_config_ca.go @@ -4,6 +4,7 @@ import ( "context" "github.com/hashicorp/vault/sdk/framework" + "github.com/hashicorp/vault/sdk/helper/errutil" "github.com/hashicorp/vault/sdk/logical" ) @@ -52,6 +53,11 @@ func pathConfigIssuers(b *backend) *framework.Path { Type: framework.TypeString, Description: `Reference (name or identifier) to the default issuer.`, }, + "default_follows_latest_issuer": { + Type: framework.TypeBool, + Description: `Whether the default issuer should automatically follow the latest generated or imported issuer. Defaults to false.`, + Default: false, + }, }, Operations: map[logical.Operation]framework.OperationHandler{ @@ -107,11 +113,16 @@ func (b *backend) pathCAIssuersRead(ctx context.Context, req *logical.Request, _ return logical.ErrorResponse("Error loading issuers configuration: " + err.Error()), nil } + return b.formatCAIssuerConfigRead(config), nil +} + +func (b *backend) formatCAIssuerConfigRead(config *issuerConfigEntry) *logical.Response { return &logical.Response{ Data: map[string]interface{}{ - defaultRef: config.DefaultIssuerId, + defaultRef: config.DefaultIssuerId, + "default_follows_latest_issuer": config.DefaultFollowsLatestIssuer, }, - }, nil + } } func (b *backend) pathCAIssuersWrite(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) { @@ -124,36 +135,50 @@ func (b *backend) pathCAIssuersWrite(ctx context.Context, req *logical.Request, return logical.ErrorResponse("Cannot update defaults until migration has completed"), nil } + sc := b.makeStorageContext(ctx, req.Storage) + + // Validate the new default reference. newDefault := data.Get(defaultRef).(string) if len(newDefault) == 0 || newDefault == defaultRef { return logical.ErrorResponse("Invalid issuer specification; must be non-empty and can't be 'default'."), nil } - - sc := b.makeStorageContext(ctx, req.Storage) parsedIssuer, err := sc.resolveIssuerReference(newDefault) if err != nil { return logical.ErrorResponse("Error resolving issuer reference: " + err.Error()), nil + return nil, errutil.UserError{Err: "Error resolving issuer reference: " + err.Error()} + } + entry, err := sc.fetchIssuerById(parsedIssuer) + if err != nil { + return logical.ErrorResponse("Unable to fetch issuer: " + err.Error()), nil } - response := &logical.Response{ - Data: map[string]interface{}{ - "default": parsedIssuer, - }, + // Get the other new parameters. This doesn't exist on the /root/replace + // variant of this call. + var followIssuer bool + followIssuersRaw, followOk := data.GetOk("default_follows_latest_issuer") + if followOk { + followIssuer = followIssuersRaw.(bool) } - entry, err := sc.fetchIssuerById(parsedIssuer) + // Update the config + config, err := sc.getIssuersConfig() if err != nil { - return logical.ErrorResponse("Unable to fetch issuer: " + err.Error()), nil + return logical.ErrorResponse("Unable to fetch existing issuers configuration: " + err.Error()), nil + } + config.DefaultIssuerId = parsedIssuer + if followOk { + config.DefaultFollowsLatestIssuer = followIssuer } + // Add our warning if necessary. + response := b.formatCAIssuerConfigRead(config) if len(entry.KeyID) == 0 { msg := "This selected default issuer has no key associated with it. Some operations like issuing certificates and signing CRLs will be unavailable with the requested default issuer until a key is imported or the default issuer is changed." response.AddWarning(msg) b.Logger().Error(msg) } - err = sc.updateDefaultIssuerId(parsedIssuer) - if err != nil { + if err := sc.setIssuersConfig(config); err != nil { return logical.ErrorResponse("Error updating issuer configuration: " + err.Error()), nil } diff --git a/builtin/logical/pki/path_fetch.go b/builtin/logical/pki/path_fetch.go index 340f0c4d0a39b..e0a1079eade76 100644 --- a/builtin/logical/pki/path_fetch.go +++ b/builtin/logical/pki/path_fetch.go @@ -5,7 +5,6 @@ import ( "encoding/pem" "fmt" "strings" - "time" "github.com/hashicorp/vault/sdk/framework" "github.com/hashicorp/vault/sdk/helper/errutil" @@ -157,9 +156,6 @@ func (b *backend) pathFetchRead(ctx context.Context, req *logical.Request, data var certificate []byte var fullChain []byte var revocationTime int64 - var revocationIssuerId string - var revocationTimeRfc3339 string - response = &logical.Response{ Data: map[string]interface{}{}, } @@ -326,11 +322,6 @@ func (b *backend) pathFetchRead(ctx context.Context, req *logical.Request, data return logical.ErrorResponse(fmt.Sprintf("Error decoding revocation entry for serial %s: %s", serial, err)), nil } revocationTime = revInfo.RevocationTime - revocationIssuerId = revInfo.CertificateIssuer.String() - - if !revInfo.RevocationTimeUTC.IsZero() { - revocationTimeRfc3339 = revInfo.RevocationTimeUTC.Format(time.RFC3339Nano) - } } reply: @@ -363,12 +354,6 @@ reply: default: response.Data["certificate"] = string(certificate) response.Data["revocation_time"] = revocationTime - response.Data["revocation_time_rfc3339"] = revocationTimeRfc3339 - // Only output this field if we have a value for it as it doesn't make sense for a - // bunch of code paths that go through here - if revocationIssuerId != "" { - response.Data["issuer_id"] = revocationIssuerId - } if len(fullChain) > 0 { response.Data["ca_chain"] = string(fullChain) diff --git a/builtin/logical/pki/path_manage_issuers.go b/builtin/logical/pki/path_manage_issuers.go index ef5ada9b64689..712c80f7d7a92 100644 --- a/builtin/logical/pki/path_manage_issuers.go +++ b/builtin/logical/pki/path_manage_issuers.go @@ -258,6 +258,27 @@ func (b *backend) pathImportIssuers(ctx context.Context, req *logical.Request, d return nil, err } + + var issuersWithKeys []string + for _, issuer := range createdIssuers { + if issuerKeyMap[issuer] != "" { + issuersWithKeys = append(issuersWithKeys, issuer) + } + } + + // Check whether we need to update our default issuer configuration. + config, err := sc.getIssuersConfig() + if err != nil { + response.AddWarning("Unable to fetch default issuers configuration to update default issuer if necessary: " + err.Error()) + } else if config.DefaultFollowsLatestIssuer { + if len(issuersWithKeys) == 1 { + if err := sc.updateDefaultIssuerId(issuerID(issuersWithKeys[0])); err != nil { + response.AddWarning("Unable to update this new root as the default issuer: " + err.Error()) + } + } else if len(issuersWithKeys) > 1 { + response.AddWarning("Default issuer left unchanged: could not select new issuer automatically as multiple imported issuers had key material in Vault.") + } + } } // While we're here, check if we should warn about a bad default key. We diff --git a/builtin/logical/pki/path_root.go b/builtin/logical/pki/path_root.go index 18be9dcace1ca..5f9ab837e5406 100644 --- a/builtin/logical/pki/path_root.go +++ b/builtin/logical/pki/path_root.go @@ -279,6 +279,16 @@ func (b *backend) pathCAGenerateRoot(ctx context.Context, req *logical.Request, resp.AddWarning("Max path length of the generated certificate is zero. This certificate cannot be used to issue intermediate CA certificates.") } + // Check whether we need to update our default issuer configuration. + config, err := sc.getIssuersConfig() + if err != nil { + resp.AddWarning("Unable to fetch default issuers configuration to update default issuer if necessary: " + err.Error()) + } else if config.DefaultFollowsLatestIssuer { + if err := sc.updateDefaultIssuerId(myIssuer.ID); err != nil { + resp.AddWarning("Unable to update this new root as the default issuer: " + err.Error()) + } + } + resp = addWarnings(resp, warnings) return resp, nil diff --git a/builtin/logical/pki/path_tidy_test.go b/builtin/logical/pki/path_tidy_test.go index be950f865cdb1..e06c7068bb1b0 100644 --- a/builtin/logical/pki/path_tidy_test.go +++ b/builtin/logical/pki/path_tidy_test.go @@ -1,7 +1,6 @@ package pki import ( - "encoding/json" "testing" "time" @@ -64,7 +63,6 @@ func TestAutoTidy(t *testing.T) { require.NotNil(t, resp) require.NotEmpty(t, resp.Data) require.NotEmpty(t, resp.Data["issuer_id"]) - issuerId := resp.Data["issuer_id"] // Run tidy so status is not empty when we run it later... _, err = client.Logical().Write("pki/tidy", map[string]interface{}{ @@ -103,17 +101,6 @@ func TestAutoTidy(t *testing.T) { leafSerial := resp.Data["serial_number"].(string) leafCert := parseCert(t, resp.Data["certificate"].(string)) - // Read cert before revoking - resp, err = client.Logical().Read("pki/cert/" + leafSerial) - require.NoError(t, err) - require.NotNil(t, resp) - require.NotNil(t, resp.Data) - require.NotEmpty(t, resp.Data["certificate"]) - revocationTime, err := (resp.Data["revocation_time"].(json.Number)).Int64() - require.Equal(t, int64(0), revocationTime, "revocation time was not zero") - require.Empty(t, resp.Data["revocation_time_rfc3339"], "revocation_time_rfc3339 was not empty") - require.Empty(t, resp.Data["issuer_id"], "issuer_id was not empty") - _, err = client.Logical().Write("pki/revoke", map[string]interface{}{ "serial_number": leafSerial, }) @@ -125,22 +112,6 @@ func TestAutoTidy(t *testing.T) { require.NotNil(t, resp) require.NotNil(t, resp.Data) require.NotEmpty(t, resp.Data["certificate"]) - revocationTime, err = (resp.Data["revocation_time"].(json.Number)).Int64() - require.NoError(t, err, "failed converting %s to int", resp.Data["revocation_time"]) - revTime := time.Unix(revocationTime, 0) - now := time.Now() - if !(now.After(revTime) && now.Add(-10*time.Minute).Before(revTime)) { - t.Fatalf("parsed revocation time not within the last 10 minutes current time: %s, revocation time: %s", now, revTime) - } - utcLoc, err := time.LoadLocation("UTC") - require.NoError(t, err, "failed to parse UTC location?") - - rfc3339RevocationTime, err := time.Parse(time.RFC3339Nano, resp.Data["revocation_time_rfc3339"].(string)) - require.NoError(t, err, "failed parsing revocation_time_rfc3339 field: %s", resp.Data["revocation_time_rfc3339"]) - - require.Equal(t, revTime.In(utcLoc), rfc3339RevocationTime.Truncate(time.Second), - "revocation times did not match revocation_time: %s, "+"rfc3339 time: %s", revTime, rfc3339RevocationTime) - require.Equal(t, issuerId, resp.Data["issuer_id"], "issuer_id on leaf cert did not match") // Wait for cert to expire and the safety buffer to elapse. time.Sleep(time.Until(leafCert.NotAfter) + 3*time.Second) diff --git a/builtin/logical/pki/storage.go b/builtin/logical/pki/storage.go index 8bdd411497298..dd41e8b05718f 100644 --- a/builtin/logical/pki/storage.go +++ b/builtin/logical/pki/storage.go @@ -187,7 +187,12 @@ type keyConfigEntry struct { } type issuerConfigEntry struct { - DefaultIssuerId issuerID `json:"default"` + // This new fetchedDefault field allows us to detect if the default + // issuer was modified, in turn dispatching the timestamp updater + // if necessary. + fetchedDefault issuerID `json:"-"` + DefaultIssuerId issuerID `json:"default"` + DefaultFollowsLatestIssuer bool `json:"default_follows_latest_issuer"` } type storageContext struct { @@ -658,6 +663,9 @@ func (sc *storageContext) deleteIssuer(id issuerID) (bool, error) { wasDefault := false if config.DefaultIssuerId == id { wasDefault = true + // Overwrite the fetched default issuer as we're going to remove this + // entry. + config.fetchedDefault = issuerID("") config.DefaultIssuerId = issuerID("") if err := sc.setIssuersConfig(config); err != nil { return wasDefault, err @@ -912,7 +920,15 @@ func (sc *storageContext) setIssuersConfig(config *issuerConfigEntry) error { return err } - return sc.Storage.Put(sc.Context, json) + if err := sc.Storage.Put(sc.Context, json); err != nil { + return err + } + + if err := sc.changeDefaultIssuerTimestamps(config.fetchedDefault, config.DefaultIssuerId); err != nil { + return err + } + + return nil } func (sc *storageContext) getIssuersConfig() (*issuerConfigEntry, error) { @@ -927,6 +943,7 @@ func (sc *storageContext) getIssuersConfig() (*issuerConfigEntry, error) { return nil, errutil.InternalError{Err: fmt.Sprintf("unable to decode issuer configuration: %v", err)} } } + issuerConfig.fetchedDefault = issuerConfig.DefaultIssuerId return issuerConfig, nil } diff --git a/builtin/logical/pki/storage_migrations.go b/builtin/logical/pki/storage_migrations.go index 79ff697124a73..9104e5c6f3afb 100644 --- a/builtin/logical/pki/storage_migrations.go +++ b/builtin/logical/pki/storage_migrations.go @@ -15,7 +15,7 @@ import ( // in case we find out in the future that something was horribly wrong with the migration, // and we need to perform it again... const ( - latestMigrationVersion = 1 + latestMigrationVersion = 2 legacyBundleShimID = issuerID("legacy-entry-shim-id") legacyBundleShimKeyID = keyID("legacy-entry-shim-key-id") ) @@ -83,13 +83,13 @@ func migrateStorage(ctx context.Context, b *backend, s logical.Storage) error { var issuerIdentifier issuerID var keyIdentifier keyID + sc := b.makeStorageContext(ctx, s) if migrationInfo.legacyBundle != nil { // Generate a unique name for the migrated items in case things were to be re-migrated again // for some weird reason in the future... migrationName := fmt.Sprintf("current-%d", time.Now().Unix()) b.Logger().Info("performing PKI migration to new keys/issuers layout") - sc := b.makeStorageContext(ctx, s) anIssuer, aKey, err := sc.writeCaBundle(migrationInfo.legacyBundle, migrationName, migrationName) if err != nil { return err @@ -104,6 +104,19 @@ func migrateStorage(ctx context.Context, b *backend, s logical.Storage) error { b.crlBuilder.requestRebuildIfActiveNode(b) } + if migrationInfo.migrationLog != nil && migrationInfo.migrationLog.MigrationVersion == 1 { + // We've seen a bundle with migration version 1; this means an + // earlier version of the code ran which didn't have the fix for + // correct write order in rebuildIssuersChains(...). Rather than + // having every user read the migrated active issuer and see if + // their chains need rebuilding, we'll schedule a one-off chain + // migration here. + b.Logger().Info(fmt.Sprintf("%v: performing maintenance rebuild of ca_chains", b.backendUUID)) + if err := sc.rebuildIssuersChains(nil); err != nil { + return err + } + } + // We always want to write out this log entry as the secondary clusters leverage this path to wake up // if they were upgraded prior to the primary cluster's migration occurred. err = setLegacyBundleMigrationLog(ctx, s, &legacyBundleMigrationLog{ @@ -117,6 +130,8 @@ func migrateStorage(ctx context.Context, b *backend, s logical.Storage) error { return err } + b.Logger().Info(fmt.Sprintf("%v: succeeded in migrating to issuer storage version %v", b.backendUUID, latestMigrationVersion)) + return nil } diff --git a/builtin/logical/pki/storage_migrations_test.go b/builtin/logical/pki/storage_migrations_test.go index 96da109bbf571..49217bcdf013d 100644 --- a/builtin/logical/pki/storage_migrations_test.go +++ b/builtin/logical/pki/storage_migrations_test.go @@ -127,7 +127,7 @@ func Test_migrateStorageOnlyKey(t *testing.T) { issuersConfig, err := sc.getIssuersConfig() require.NoError(t, err) - require.Equal(t, &issuerConfigEntry{}, issuersConfig) + require.Equal(t, issuerID(""), issuersConfig.DefaultIssuerId) // Make sure if we attempt to re-run the migration nothing happens... err = migrateStorage(ctx, b, s) @@ -162,7 +162,6 @@ func Test_migrateStorageSimpleBundle(t *testing.T) { request := &logical.InitializationRequest{Storage: s} err = b.initialize(ctx, request) require.NoError(t, err) - require.NoError(t, err) issuerIds, err := sc.listIssuers() require.NoError(t, err) @@ -221,7 +220,7 @@ func Test_migrateStorageSimpleBundle(t *testing.T) { issuersConfig, err := sc.getIssuersConfig() require.NoError(t, err) - require.Equal(t, &issuerConfigEntry{DefaultIssuerId: issuerId}, issuersConfig) + require.Equal(t, issuerId, issuersConfig.DefaultIssuerId) // Make sure if we attempt to re-run the migration nothing happens... err = migrateStorage(ctx, b, s) @@ -250,6 +249,116 @@ func Test_migrateStorageSimpleBundle(t *testing.T) { require.Equal(t, logEntry.Hash, logEntry3.Hash) } +func TestMigration_OnceChainRebuild(t *testing.T) { + t.Parallel() + ctx := context.Background() + b, s := createBackendWithStorage(t) + sc := b.makeStorageContext(ctx, s) + + // Create a legacy CA bundle that we'll migrate to the new layout. We call + // ToParsedCertBundle just to make sure it works and to populate + // bundle.SerialNumber for us. + bundle := &certutil.CertBundle{ + PrivateKeyType: certutil.RSAPrivateKey, + Certificate: migIntCA, + IssuingCA: migRootCA, + CAChain: []string{migRootCA}, + PrivateKey: migIntPrivKey, + } + _, err := bundle.ToParsedCertBundle() + require.NoError(t, err) + writeLegacyBundle(t, b, s, bundle) + + // Do an initial migration. Ensure we end up at least on version 2. + request := &logical.InitializationRequest{Storage: s} + err = b.initialize(ctx, request) + require.NoError(t, err) + + issuerIds, err := sc.listIssuers() + require.NoError(t, err) + require.Equal(t, 2, len(issuerIds)) + + keyIds, err := sc.listKeys() + require.NoError(t, err) + require.Equal(t, 1, len(keyIds)) + + logEntry, err := getLegacyBundleMigrationLog(ctx, s) + require.NoError(t, err) + require.NotNil(t, logEntry) + require.GreaterOrEqual(t, logEntry.MigrationVersion, 2) + require.GreaterOrEqual(t, latestMigrationVersion, 2) + + // Verify the chain built correctly: current should have a CA chain of + // length two. + // + // Afterwards, we mutate these issuers to only point at themselves and + // write back out. + var rootIssuerId issuerID + var intIssuerId issuerID + for _, issuerId := range issuerIds { + issuer, err := sc.fetchIssuerById(issuerId) + require.NoError(t, err) + require.NotNil(t, issuer) + + if strings.HasPrefix(issuer.Name, "current-") { + require.Equal(t, 2, len(issuer.CAChain)) + require.Equal(t, migIntCA, issuer.CAChain[0]) + require.Equal(t, migRootCA, issuer.CAChain[1]) + intIssuerId = issuerId + + issuer.CAChain = []string{migIntCA} + err = sc.writeIssuer(issuer) + require.NoError(t, err) + } else { + require.Equal(t, 1, len(issuer.CAChain)) + require.Equal(t, migRootCA, issuer.CAChain[0]) + rootIssuerId = issuerId + } + } + + // Reset our migration version back to one, as if this never + // happened... + logEntry.MigrationVersion = 1 + err = setLegacyBundleMigrationLog(ctx, s, logEntry) + require.NoError(t, err) + b.pkiStorageVersion.Store(1) + + // Re-attempt the migration by reinitializing the mount. + err = b.initialize(ctx, request) + require.NoError(t, err) + + newIssuerIds, err := sc.listIssuers() + require.NoError(t, err) + require.Equal(t, 2, len(newIssuerIds)) + require.Equal(t, issuerIds, newIssuerIds) + + newKeyIds, err := sc.listKeys() + require.NoError(t, err) + require.Equal(t, 1, len(newKeyIds)) + require.Equal(t, keyIds, newKeyIds) + + logEntry, err = getLegacyBundleMigrationLog(ctx, s) + require.NoError(t, err) + require.NotNil(t, logEntry) + require.Equal(t, logEntry.MigrationVersion, latestMigrationVersion) + + // Ensure the chains are correct on the intermediate. By using the + // issuerId saved above, this ensures we didn't change any issuerIds, + // we merely updated the existing issuers. + intIssuer, err := sc.fetchIssuerById(intIssuerId) + require.NoError(t, err) + require.NotNil(t, intIssuer) + require.Equal(t, 2, len(intIssuer.CAChain)) + require.Equal(t, migIntCA, intIssuer.CAChain[0]) + require.Equal(t, migRootCA, intIssuer.CAChain[1]) + + rootIssuer, err := sc.fetchIssuerById(rootIssuerId) + require.NoError(t, err) + require.NotNil(t, rootIssuer) + require.Equal(t, 1, len(rootIssuer.CAChain)) + require.Equal(t, migRootCA, rootIssuer.CAChain[0]) +} + func TestExpectedOpsWork_PreMigration(t *testing.T) { t.Parallel() ctx := context.Background() @@ -496,3 +605,75 @@ func requireFailInMigration(t *testing.T, b *backend, s logical.Storage, operati require.Contains(t, resp.Error().Error(), "migration has completed", "error message did not contain migration test for op:%s path:%s resp: %#v", operation, path, resp) } + +// Keys to simulate an intermediate CA mount with also-imported root (parent). +const ( + migIntPrivKey = `-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAqu88Jcct/EyT8gDF+jdWuAwFplvanQ7KXAO5at58G6Y39UUz +fwnMS3P3VRBUoV5BDX+13wI2ldskbTKITsl6IXBPXUz0sKrdEKzXRVY4D6P2JR7W +YO1IUytfTgR+3F4sotFNQB++3ivT66AYLW7lOkoa+5lxsPM/oJ82DOlD2uGtDVTU +gQy1zugMBgPDlj+8tB562J9MTIdcKe9JpYrN0eO+aHzhbfvaSpScU4aZBgkS0kDv +8G4FxVfrBSDeD/JjCWaC48rLdgei1YrY0NFuw/8p/nPfA9vf2AtHMsWZRSwukQfq +I5HhQu+0OHQy3NWqXaBPzJNu3HnpKLykPHW7sQIDAQABAoIBAHNJy/2G66MhWx98 +Ggt7S4fyw9TCWx5XHXEWKfbEfFyBrXhF5kemqh2x5319+DamRaX/HwF8kqhcF6N2 +06ygAzmOcFjzUI3fkB5xFPh1AHa8FYZP2DOjloZR2IPcUFv9QInINRwszSU31kUz +w1rRUtYPqUdM5Pt99Mo219O5eMSlGtPKXm09uDAR8ZPuUx4jwGw90pSgeRB1Bg7X +Dt3YXx3X+OOs3Hbir1VDLSqCuy825l6Kn79h3eB8LAi+FUwCBvnTqyOEWyH2XjgP +z+tbz7lwnhGeKtxUl6Jb3m3SHtXpylot/4fwPisRV/9vaEDhVjKTmySH1WM+TRNR +CQLCJekCgYEA3b67DBhAYsFFdUd/4xh4QhHBanOcepV1CwaRln+UUjw1618ZEsTS +DKb9IS72C+ukUusGhQqxjFJlhOdXeMXpEbnEUY3PlREevWwm3bVAxtoAVRcmkQyK +PM4Oj9ODi2z8Cds0NvEXdX69uVutcbvm/JRZr/dsERWcLsfwdV/QqYcCgYEAxVce +d4ylsqORLm0/gcLnEyB9zhEPwmiJe1Yj5sH7LhGZ6JtLCqbOJO4jXmIzCrkbGyuf +BA/U7klc6jSprkBMgYhgOIuaULuFJvtKzJUzoATGFqX4r8WJm2ZycXgooAwZq6SZ +ySXOuQe9V7hlpI0fJfNhw+/HIjivL1jrnjBoXwcCgYEAtTv6LLx1g0Frv5scj0Ok +pntUlei/8ADPlJ9dxp+nXj8P4rvrBkgPVX/2S3TSbJO/znWA8qP20TVW+/UIrRE0 +mOQ37F/3VWKUuUT3zyUhOGVc+C7fupWBNolDpZG+ZepBZNzgJDeQcNuRvTmM3PQy +qiWl2AhlLuF2sVWA1q3lIWkCgYEAnuHWgNA3dE1nDWceE351hxvIzklEU/TQhAHF +o/uYHO5E6VdmoqvMG0W0KkCL8d046rZDMAUDHdrpOROvbcENF9lSBxS26LshqFH4 +ViDmULanOgLk57f2Y6ynBZ6Frt4vKNe8jYuoFacale67vzFz251JoHSD8pSKz2cb +ROCal68CgYA51hKqvki4r5rmS7W/Yvc3x3Wc0wpDEHTgLMoH+EV7AffJ8dy0/+po +AHK0nnRU63++1JmhQczBR0yTI6PUyeegEBk/d5CgFlY7UJQMTFPsMsiuM0Xw5nAv +KMPykK01D28UAkUxhwF7CqFrwwEv9GislgjewbdF5Za176+EuMEwIw== +-----END RSA PRIVATE KEY----- +` + migIntCA = `-----BEGIN CERTIFICATE----- +MIIDHTCCAgWgAwIBAgIUfxlNBmrI7jsgH2Sdle1nVTqn5YQwDQYJKoZIhvcNAQEL +BQAwEjEQMA4GA1UEAxMHUm9vdCBYMTAeFw0yMjExMDIxMjI2MjhaFw0yMjEyMDQx +MjI2NThaMBoxGDAWBgNVBAMTD0ludGVybWVkaWF0ZSBSMTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKrvPCXHLfxMk/IAxfo3VrgMBaZb2p0OylwDuWre +fBumN/VFM38JzEtz91UQVKFeQQ1/td8CNpXbJG0yiE7JeiFwT11M9LCq3RCs10VW +OA+j9iUe1mDtSFMrX04EftxeLKLRTUAfvt4r0+ugGC1u5TpKGvuZcbDzP6CfNgzp +Q9rhrQ1U1IEMtc7oDAYDw5Y/vLQeetifTEyHXCnvSaWKzdHjvmh84W372kqUnFOG +mQYJEtJA7/BuBcVX6wUg3g/yYwlmguPKy3YHotWK2NDRbsP/Kf5z3wPb39gLRzLF +mUUsLpEH6iOR4ULvtDh0MtzVql2gT8yTbtx56Si8pDx1u7ECAwEAAaNjMGEwDgYD +VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFusWj3piAiY +CR7tszR6uNYSMLe2MB8GA1UdIwQYMBaAFMNRNkLozstIhNhXCefi+WnaQApbMA0G +CSqGSIb3DQEBCwUAA4IBAQCmH852E/pDGBhf2VI1JAPZy9VYaRkKoqn4+5R1Gnoq +b90zhdCGueIm/usC1wAa0OOn7+xdQXFNfeI8UUB9w10q0QnM/A/G2v8UkdlLPPQP +zPjIYLalOOIOHf8hU2O5lwj0IA4JwjwDQ4xj69eX/N+x2LEI7SHyVVUZWAx0Y67a +QdyubpIJZlW/PI7kMwGyTx3tdkZxk1nTNtf/0nKvNuXKKcVzBCEMfvXyx4LFEM+U +nc2vdWN7PAoXcjUbxD3ZNGinr7mSBpQg82+nur/8yuSwu6iHomnfGxjUsEHic2GC +ja9siTbR+ONvVb4xUjugN/XmMSSaZnxig2vM9xcV8OMG +-----END CERTIFICATE----- +` + migRootCA = `-----BEGIN CERTIFICATE----- +MIIDFTCCAf2gAwIBAgIURDTnXp8u78jWMe770Jj6Ac1paxkwDQYJKoZIhvcNAQEL +BQAwEjEQMA4GA1UEAxMHUm9vdCBYMTAeFw0yMjExMDIxMjI0NTVaFw0yMjEyMDQx +MjI1MjRaMBIxEDAOBgNVBAMTB1Jvb3QgWDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQC/+dh/o1qKTOua/OkHRMIvHiyBxjjoqrLqFSBYhjYKs+alA0qS +lLVzNqIKU8jm3fT73orx7yk/6acWaEYv/6owMaUn51xwS3gQhTHdFR/fLJwXnu2O +PZNqAs6tjAM3Q08aqR0qfxnjDvcgO7TOWSyOvVT2cTRK+uKYzxJEY52BDMUbp+iC +WJdXca9UwKRzi2wFqGliDycYsBBt/tr8tHSbTSZ5Qx6UpFrKpjZn+sT5KhKUlsdd +BYFmRegc0wXq4/kRjum0oEUigUMlHADIEhRasyXPEKa19sGP8nAZfo/hNOusGhj7 +z7UPA0Cbe2uclpYPxsKgvcqQmgKugqKLL305AgMBAAGjYzBhMA4GA1UdDwEB/wQE +AwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTDUTZC6M7LSITYVwnn4vlp +2kAKWzAfBgNVHSMEGDAWgBTDUTZC6M7LSITYVwnn4vlp2kAKWzANBgkqhkiG9w0B +AQsFAAOCAQEAu7qdM1Li6V6iDCPpLg5zZReRtcxhUdwb5Xn4sDa8GJCy35f1voew +n0TQgM3Uph5x/djCR/Sj91MyAJ1/Q1PQQTyKGyUjSHvkcOBg628IAnLthn8Ua1fL +oQC/F/mlT1Yv+/W8eNPtD453/P0z8E0xMT5K3kpEDW/6K9RdHZlDJMW/z3UJ+4LN +6ONjIBmgffmLz9sVMpgCFyL7+w3W01bGP7w5AfKj2duoVG/Ekf2yUwmm6r9NgTQ1 +oke0ShbZuMocwO8anq7k0R42FoluH3ipv9Qzzhsy+KdK5/fW5oqy1tKFaZsc67Q6 +0UmD9DiDpCtn2Wod3nwxn0zW5HvDAWuDwg== +-----END CERTIFICATE----- +` +) diff --git a/builtin/logical/pki/storage_test.go b/builtin/logical/pki/storage_test.go index 3ff2de6d57156..17700576fda13 100644 --- a/builtin/logical/pki/storage_test.go +++ b/builtin/logical/pki/storage_test.go @@ -18,6 +18,14 @@ func Test_ConfigsRoundTrip(t *testing.T) { b, s := createBackendWithStorage(t) sc := b.makeStorageContext(ctx, s) + // Create an empty key, issuer for testing. + key := keyEntry{ID: genKeyId()} + err := sc.writeKey(key) + require.NoError(t, err) + issuer := &issuerEntry{ID: genIssuerId()} + err = sc.writeIssuer(issuer) + require.NoError(t, err) + // Verify we handle nothing stored properly keyConfigEmpty, err := sc.getKeysConfig() require.NoError(t, err) @@ -29,10 +37,10 @@ func Test_ConfigsRoundTrip(t *testing.T) { // Now attempt to store and reload properly origKeyConfig := &keyConfigEntry{ - DefaultKeyId: genKeyId(), + DefaultKeyId: key.ID, } origIssuerConfig := &issuerConfigEntry{ - DefaultIssuerId: genIssuerId(), + DefaultIssuerId: issuer.ID, } err = sc.setKeysConfig(origKeyConfig) @@ -46,7 +54,7 @@ func Test_ConfigsRoundTrip(t *testing.T) { issuerConfig, err := sc.getIssuersConfig() require.NoError(t, err) - require.Equal(t, origIssuerConfig, issuerConfig) + require.Equal(t, origIssuerConfig.DefaultIssuerId, issuerConfig.DefaultIssuerId) } func Test_IssuerRoundTrip(t *testing.T) { @@ -258,3 +266,11 @@ func genCertBundle(t *testing.T, b *backend, s logical.Storage) *certutil.CertBu require.NoError(t, err) return certBundle } + +func writeLegacyBundle(t *testing.T, b *backend, s logical.Storage, bundle *certutil.CertBundle) { + entry, err := logical.StorageEntryJSON(legacyCertBundlePath, bundle) + require.NoError(t, err) + + err = s.Put(context.Background(), entry) + require.NoError(t, err) +} diff --git a/builtin/logical/pki/zlint_test.go b/builtin/logical/pki/zlint_test.go deleted file mode 100644 index 119310c629d3e..0000000000000 --- a/builtin/logical/pki/zlint_test.go +++ /dev/null @@ -1,188 +0,0 @@ -package pki - -import ( - "context" - "encoding/json" - "sync" - "testing" - - "github.com/stretchr/testify/require" - - "github.com/hashicorp/vault/helper/testhelpers/docker" -) - -var ( - runner *docker.Runner - buildZLintOnce sync.Once -) - -func buildZLintContainer(t *testing.T) { - containerfile := ` -FROM docker.mirror.hashicorp.services/library/golang:latest - -RUN go install github.com/zmap/zlint/v3/cmd/zlint@latest -` - - bCtx := docker.NewBuildContext() - - imageName := "vault_pki_zlint_validator" - imageTag := "latest" - - var err error - runner, err = docker.NewServiceRunner(docker.RunOptions{ - ImageRepo: imageName, - ImageTag: imageTag, - ContainerName: "pki_zlint", - // We want to run sleep in the background so we're not stuck waiting - // for the default golang container's shell to prompt for input. - Entrypoint: []string{"sleep", "45"}, - LogConsumer: func(s string) { - if t.Failed() { - t.Logf("container logs: %s", s) - } - }, - }) - if err != nil { - t.Fatalf("Could not provision docker service runner: %s", err) - } - - ctx := context.Background() - output, err := runner.BuildImage(ctx, containerfile, bCtx, - docker.BuildRemove(true), docker.BuildForceRemove(true), - docker.BuildPullParent(true), - docker.BuildTags([]string{imageName + ":" + imageTag})) - if err != nil { - t.Fatalf("Could not build new image: %v", err) - } - - t.Logf("Image build output: %v", string(output)) -} - -func RunZLintContainer(t *testing.T, certificate string) []byte { - buildZLintOnce.Do(func() { - buildZLintContainer(t) - }) - - // We don't actually care about the address, we just want to start the - // container so we can run commands in it. We'd ideally like to skip this - // step and only build a new image, but the zlint output would be - // intermingled with container build stages, so its not that useful. - ctr, _, _, err := runner.Start(ctx, true, false) - if err != nil { - t.Fatalf("Could not start golang container for zlint: %s", err) - } - - // Copy the cert into the newly running container. - certCtx := docker.NewBuildContext() - certCtx["cert.pem"] = docker.PathContentsFromBytes([]byte(certificate)) - if err := runner.CopyTo(ctr.ID, "/go/", certCtx); err != nil { - t.Fatalf("Could not copy certificate into container: %v", err) - } - - // Run the zlint command and save the output. - cmd := []string{"/go/bin/zlint", "/go/cert.pem"} - stdout, stderr, retcode, err := runner.RunCmdWithOutput(ctx, ctr.ID, cmd) - if err != nil { - t.Fatalf("Could not run command in container: %v", err) - } - - if len(stderr) != 0 { - t.Logf("Got stderr from command:\n%v\n", string(stderr)) - } - - if retcode != 0 { - t.Logf("Got stdout from command:\n%v\n", string(stdout)) - t.Fatalf("Got unexpected non-zero retcode from zlint: %v\n", retcode) - } - - // Clean up after ourselves. - if err := runner.Stop(context.Background(), ctr.ID); err != nil { - t.Fatalf("failed to stop container: %v", err) - } - - return stdout -} - -func RunZLintRootTest(t *testing.T, keyType string, keyBits int, usePSS bool, ignored []string) { - b, s := createBackendWithStorage(t) - - resp, err := CBWrite(b, s, "root/generate/internal", map[string]interface{}{ - "common_name": "Root X1", - "country": "US", - "organization": "Dadgarcorp", - "ou": "QA", - "key_type": keyType, - "key_bits": keyBits, - "use_pss": usePSS, - }) - require.NoError(t, err) - rootCert := resp.Data["certificate"].(string) - - var parsed map[string]interface{} - output := RunZLintContainer(t, rootCert) - - if err := json.Unmarshal(output, &parsed); err != nil { - t.Fatalf("failed to parse zlint output as JSON: %v\nOutput:\n%v\n\n", err, string(output)) - } - - for key, rawValue := range parsed { - value := rawValue.(map[string]interface{}) - result, ok := value["result"] - if !ok || result == "NA" { - continue - } - - if result == "error" { - skip := false - for _, allowedFailures := range ignored { - if allowedFailures == key { - skip = true - break - } - } - - if !skip { - t.Fatalf("got unexpected error from test %v: %v", key, value) - } - } - } -} - -func Test_ZLintRSA2048(t *testing.T) { - t.Parallel() - RunZLintRootTest(t, "rsa", 2048, false, nil) -} - -func Test_ZLintRSA2048PSS(t *testing.T) { - t.Parallel() - RunZLintRootTest(t, "rsa", 2048, true, nil) -} - -func Test_ZLintRSA3072(t *testing.T) { - t.Parallel() - RunZLintRootTest(t, "rsa", 3072, false, nil) -} - -func Test_ZLintRSA3072PSS(t *testing.T) { - t.Parallel() - RunZLintRootTest(t, "rsa", 3072, true, nil) -} - -func Test_ZLintECDSA256(t *testing.T) { - t.Parallel() - RunZLintRootTest(t, "ec", 256, false, nil) -} - -func Test_ZLintECDSA384(t *testing.T) { - t.Parallel() - RunZLintRootTest(t, "ec", 384, false, nil) -} - -func Test_ZLintECDSA521(t *testing.T) { - t.Parallel() - // Mozilla doesn't allow P-521 ECDSA keys. - RunZLintRootTest(t, "ec", 521, false, []string{ - "e_mp_ecdsa_pub_key_encoding_correct", - "e_mp_ecdsa_signature_encoding_correct", - }) -} diff --git a/builtin/logical/rabbitmq/backend_test.go b/builtin/logical/rabbitmq/backend_test.go index 7df1384fefa48..89659796b5e5c 100644 --- a/builtin/logical/rabbitmq/backend_test.go +++ b/builtin/logical/rabbitmq/backend_test.go @@ -36,7 +36,7 @@ func prepareRabbitMQTestContainer(t *testing.T) (func(), string) { } runner, err := docker.NewServiceRunner(docker.RunOptions{ - ImageRepo: "docker.mirror.hashicorp.services/library/rabbitmq", + ImageRepo: "rabbitmq", ImageTag: "3-management", ContainerName: "rabbitmq", Ports: []string{"15672/tcp"}, diff --git a/builtin/logical/ssh/backend_test.go b/builtin/logical/ssh/backend_test.go index 4ad4a9f3c97fe..27934d42af17f 100644 --- a/builtin/logical/ssh/backend_test.go +++ b/builtin/logical/ssh/backend_test.go @@ -28,7 +28,6 @@ import ( const ( testIP = "127.0.0.1" testUserName = "vaultssh" - testMultiUserName = "vaultssh,otherssh" testAdminUser = "vaultssh" testCaKeyType = "ca" testOTPKeyType = "otp" @@ -137,7 +136,7 @@ func prepareTestContainer(t *testing.T, tag, caPublicKeyPEM string) (func(), str } runner, err := docker.NewServiceRunner(docker.RunOptions{ ContainerName: "openssh", - ImageRepo: "docker.mirror.hashicorp.services/linuxserver/openssh-server", + ImageRepo: "linuxserver/openssh-server", ImageTag: tag, Env: []string{ "DOCKER_MODS=linuxserver/mods:openssh-server-openssh-client", @@ -357,15 +356,6 @@ func TestBackend_AllowedUsersTemplate(t *testing.T) { ) } -func TestBackend_MultipleAllowedUsersTemplate(t *testing.T) { - testAllowedUsersTemplate(t, - "{{ identity.entity.metadata.ssh_username }}", - testUserName, map[string]string{ - "ssh_username": testMultiUserName, - }, - ) -} - func TestBackend_AllowedUsersTemplate_WithStaticPrefix(t *testing.T) { testAllowedUsersTemplate(t, "ssh-{{ identity.entity.metadata.ssh_username }}", diff --git a/builtin/logical/ssh/path_fetch.go b/builtin/logical/ssh/path_fetch.go index de5a3e60dd740..a04481e45573d 100644 --- a/builtin/logical/ssh/path_fetch.go +++ b/builtin/logical/ssh/path_fetch.go @@ -16,7 +16,7 @@ func pathFetchPublicKey(b *backend) *framework.Path { }, HelpSynopsis: `Retrieve the public key.`, - HelpDescription: `This allows the public key, that this backend has been configured with, to be fetched. This is a raw response endpoint without JSON encoding; use -format=raw or an external tool (e.g., curl) to fetch this value.`, + HelpDescription: `This allows the public key, that this backend has been configured with, to be fetched.`, } } diff --git a/builtin/logical/ssh/path_issue_sign.go b/builtin/logical/ssh/path_issue_sign.go index 0ce45d5189917..e6f225ffdc6ff 100644 --- a/builtin/logical/ssh/path_issue_sign.go +++ b/builtin/logical/ssh/path_issue_sign.go @@ -93,7 +93,7 @@ func (b *backend) pathSignIssueCertificateHelper(ctx context.Context, req *logic return logical.ErrorResponse(err.Error()), nil } - extensions, addExtTemplatingWarning, err := b.calculateExtensions(data, req, role) + extensions, err := b.calculateExtensions(data, req, role) if err != nil { return logical.ErrorResponse(err.Error()), nil } @@ -140,10 +140,6 @@ func (b *backend) pathSignIssueCertificateHelper(ctx context.Context, req *logic }, } - if addExtTemplatingWarning { - response.AddWarning("default_extension templating enabled with at least one extension requiring identity templating. However, this request lacked identity entity information, causing one or more extensions to be skipped from the generated certificate.") - } - return response, nil } @@ -176,14 +172,18 @@ func (b *backend) calculateValidPrincipals(data *framework.FieldData, req *logic parsedPrincipals := strutil.RemoveDuplicates(strutil.ParseStringSlice(validPrincipals, ","), false) // Build list of allowed Principals from template and static principalsAllowedByRole var allowedPrincipals []string - if enableTemplating { - rendered, err := b.renderPrincipal(principalsAllowedByRole, req) - if err != nil { - return nil, err + for _, principal := range strutil.RemoveDuplicates(strutil.ParseStringSlice(principalsAllowedByRole, ","), false) { + if enableTemplating { + rendered, err := b.renderPrincipal(principal, req) + if err != nil { + return nil, err + } + // Template returned a principal + allowedPrincipals = append(allowedPrincipals, rendered) + } else { + // Static principal + allowedPrincipals = append(allowedPrincipals, principal) } - allowedPrincipals = strutil.RemoveDuplicates(strutil.ParseStringSlice(rendered, ","), false) - } else { - allowedPrincipals = strutil.RemoveDuplicates(strutil.ParseStringSlice(principalsAllowedByRole, ","), false) } switch { @@ -300,7 +300,7 @@ func (b *backend) calculateCriticalOptions(data *framework.FieldData, role *sshR return criticalOptions, nil } -func (b *backend) calculateExtensions(data *framework.FieldData, req *logical.Request, role *sshRole) (map[string]string, bool, error) { +func (b *backend) calculateExtensions(data *framework.FieldData, req *logical.Request, role *sshRole) (map[string]string, error) { unparsedExtensions := data.Get("extensions").(map[string]interface{}) extensions := make(map[string]string) @@ -308,7 +308,7 @@ func (b *backend) calculateExtensions(data *framework.FieldData, req *logical.Re extensions := convertMapToStringValue(unparsedExtensions) if role.AllowedExtensions == "*" { // Allowed extensions was configured to allow all - return extensions, false, nil + return extensions, nil } notAllowed := []string{} @@ -320,13 +320,11 @@ func (b *backend) calculateExtensions(data *framework.FieldData, req *logical.Re } if len(notAllowed) != 0 { - return nil, false, fmt.Errorf("extensions %v are not on allowed list", notAllowed) + return nil, fmt.Errorf("extensions %v are not on allowed list", notAllowed) } - return extensions, false, nil + return extensions, nil } - haveMissingEntityInfoWithTemplatedExt := false - if role.DefaultExtensionsTemplate { for extensionKey, extensionValue := range role.DefaultExtensions { // Look for templating markers {{ .* }} @@ -339,10 +337,8 @@ func (b *backend) calculateExtensions(data *framework.FieldData, req *logical.Re // Template returned an extension value that we can use extensions[extensionKey] = templateExtensionValue } else { - return nil, false, fmt.Errorf("template '%s' could not be rendered -> %s", extensionValue, err) + return nil, fmt.Errorf("template '%s' could not be rendered -> %s", extensionValue, err) } - } else { - haveMissingEntityInfoWithTemplatedExt = true } } else { // Static extension value or err template @@ -353,7 +349,7 @@ func (b *backend) calculateExtensions(data *framework.FieldData, req *logical.Re extensions = role.DefaultExtensions } - return extensions, haveMissingEntityInfoWithTemplatedExt, nil + return extensions, nil } func (b *backend) calculateTTL(data *framework.FieldData, role *sshRole) (time.Duration, error) { diff --git a/builtin/logical/transit/backend_test.go b/builtin/logical/transit/backend_test.go index 97c8a3da36298..c4d92a3ddbf57 100644 --- a/builtin/logical/transit/backend_test.go +++ b/builtin/logical/transit/backend_test.go @@ -289,35 +289,6 @@ func testTransit_RSA(t *testing.T, keyType string) { if !resp.Data["valid"].(bool) { t.Fatalf("failed to verify the RSA signature") } - - // Take a random hash and sign it using PKCSv1_5_NoOID. - hash := "P8m2iUWdc4+MiKOkiqnjNUIBa3pAUuABqqU2/KdIE8s=" - signReq.Data = map[string]interface{}{ - "input": hash, - "hash_algorithm": "none", - "signature_algorithm": "pkcs1v15", - "prehashed": true, - } - resp, err = b.HandleRequest(context.Background(), signReq) - if err != nil || (resp != nil && resp.IsError()) { - t.Fatalf("bad: err: %v\nresp: %#v", err, resp) - } - signature = resp.Data["signature"].(string) - - verifyReq.Data = map[string]interface{}{ - "input": hash, - "signature": signature, - "hash_algorithm": "none", - "signature_algorithm": "pkcs1v15", - "prehashed": true, - } - resp, err = b.HandleRequest(context.Background(), verifyReq) - if err != nil || (resp != nil && resp.IsError()) { - t.Fatalf("bad: err: %v\nresp: %#v", err, resp) - } - if !resp.Data["valid"].(bool) { - t.Fatalf("failed to verify the RSA signature") - } } func TestBackend_basic(t *testing.T) { @@ -1746,115 +1717,3 @@ func TestTransit_AutoRotateKeys(t *testing.T) { ) } } - -func TestTransit_AEAD(t *testing.T) { - testTransit_AEAD(t, "aes128-gcm96") - testTransit_AEAD(t, "aes256-gcm96") - testTransit_AEAD(t, "chacha20-poly1305") -} - -func testTransit_AEAD(t *testing.T, keyType string) { - var resp *logical.Response - var err error - b, storage := createBackendWithStorage(t) - - keyReq := &logical.Request{ - Path: "keys/aead", - Operation: logical.UpdateOperation, - Data: map[string]interface{}{ - "type": keyType, - }, - Storage: storage, - } - - resp, err = b.HandleRequest(context.Background(), keyReq) - if err != nil || (resp != nil && resp.IsError()) { - t.Fatalf("bad: err: %v\nresp: %#v", err, resp) - } - - plaintext := "dGhlIHF1aWNrIGJyb3duIGZveA==" // "the quick brown fox" - associated := "U3BoaW54IG9mIGJsYWNrIHF1YXJ0eiwganVkZ2UgbXkgdm93Lgo=" // "Sphinx of black quartz, judge my vow." - - // Basic encrypt/decrypt should work. - encryptReq := &logical.Request{ - Path: "encrypt/aead", - Operation: logical.UpdateOperation, - Storage: storage, - Data: map[string]interface{}{ - "plaintext": plaintext, - }, - } - - resp, err = b.HandleRequest(context.Background(), encryptReq) - if err != nil || (resp != nil && resp.IsError()) { - t.Fatalf("bad: err: %v\nresp: %#v", err, resp) - } - - ciphertext1 := resp.Data["ciphertext"].(string) - - decryptReq := &logical.Request{ - Path: "decrypt/aead", - Operation: logical.UpdateOperation, - Storage: storage, - Data: map[string]interface{}{ - "ciphertext": ciphertext1, - }, - } - - resp, err = b.HandleRequest(context.Background(), decryptReq) - if err != nil || (resp != nil && resp.IsError()) { - t.Fatalf("bad: err: %v\nresp: %#v", err, resp) - } - - decryptedPlaintext := resp.Data["plaintext"] - - if plaintext != decryptedPlaintext { - t.Fatalf("bad: plaintext; expected: %q\nactual: %q", plaintext, decryptedPlaintext) - } - - // Using associated as ciphertext should fail. - decryptReq.Data["ciphertext"] = associated - resp, err = b.HandleRequest(context.Background(), decryptReq) - if err == nil || (resp != nil && !resp.IsError()) { - t.Fatalf("bad expected error: err: %v\nresp: %#v", err, resp) - } - - // Redoing the above with additional data should work. - encryptReq.Data["associated_data"] = associated - resp, err = b.HandleRequest(context.Background(), encryptReq) - if err != nil || (resp != nil && resp.IsError()) { - t.Fatalf("bad: err: %v\nresp: %#v", err, resp) - } - - ciphertext2 := resp.Data["ciphertext"].(string) - decryptReq.Data["ciphertext"] = ciphertext2 - decryptReq.Data["associated_data"] = associated - - resp, err = b.HandleRequest(context.Background(), decryptReq) - if err != nil || (resp != nil && resp.IsError()) { - t.Fatalf("bad: err: %v\nresp: %#v", err, resp) - } - - decryptedPlaintext = resp.Data["plaintext"] - if plaintext != decryptedPlaintext { - t.Fatalf("bad: plaintext; expected: %q\nactual: %q", plaintext, decryptedPlaintext) - } - - // Removing the associated_data should break the decryption. - decryptReq.Data = map[string]interface{}{ - "ciphertext": ciphertext2, - } - resp, err = b.HandleRequest(context.Background(), decryptReq) - if err == nil || (resp != nil && !resp.IsError()) { - t.Fatalf("bad expected error: err: %v\nresp: %#v", err, resp) - } - - // Using a valid ciphertext with associated_data should also break the - // decryption. - decryptReq.Data["ciphertext"] = ciphertext1 - decryptReq.Data["associated_data"] = associated - resp, err = b.HandleRequest(context.Background(), decryptReq) - if err == nil || (resp != nil && !resp.IsError()) { - t.Fatalf("bad expected error: err: %v\nresp: %#v", err, resp) - } -} diff --git a/builtin/logical/transit/path_decrypt.go b/builtin/logical/transit/path_decrypt.go index c6c70544243ca..820079873ffca 100644 --- a/builtin/logical/transit/path_decrypt.go +++ b/builtin/logical/transit/path_decrypt.go @@ -50,7 +50,6 @@ Base64 encoded nonce value used during encryption. Must be provided if convergent encryption is enabled for this key and the key was generated with Vault 0.6.1. Not required for keys created in 0.6.2+.`, }, - "partial_failure_response_code": { Type: framework.TypeInt, Description: ` @@ -59,17 +58,6 @@ the HTTP response code is 400 (Bad Request). Some applications may want to trea Providing the parameter returns the given response code integer instead of a 400 in this case. If all values fail HTTP 400 is still returned.`, }, - - "associated_data": { - Type: framework.TypeString, - Description: ` -When using an AEAD cipher mode, such as AES-GCM, this parameter allows -passing associated data (AD/AAD) into the encryption function; this data -must be passed on subsequent decryption requests but can be transited in -plaintext. On successful decryption, both the ciphertext and the associated -data are attested not to have been tampered with. - `, - }, }, Callbacks: map[logical.Operation]framework.OperationFunc{ @@ -102,10 +90,9 @@ func (b *backend) pathDecryptWrite(ctx context.Context, req *logical.Request, d batchInputItems = make([]BatchRequestItem, 1) batchInputItems[0] = BatchRequestItem{ - Ciphertext: ciphertext, - Context: d.Get("context").(string), - Nonce: d.Get("nonce").(string), - AssociatedData: d.Get("associated_data").(string), + Ciphertext: ciphertext, + Context: d.Get("context").(string), + Nonce: d.Get("nonce").(string), } } @@ -168,17 +155,7 @@ func (b *backend) pathDecryptWrite(ctx context.Context, req *logical.Request, d continue } - var factory interface{} - if item.AssociatedData != "" { - if !p.Type.AssociatedDataSupported() { - batchResponseItems[i].Error = fmt.Sprintf("'[%d].associated_data' provided for non-AEAD cipher suite %v", i, p.Type.String()) - continue - } - - factory = AssocDataFactory{item.AssociatedData} - } - - plaintext, err := p.DecryptWithFactory(item.DecodedContext, item.DecodedNonce, item.Ciphertext, factory) + plaintext, err := p.Decrypt(item.DecodedContext, item.DecodedNonce, item.Ciphertext) if err != nil { switch err.(type) { case errutil.InternalError: diff --git a/builtin/logical/transit/path_encrypt.go b/builtin/logical/transit/path_encrypt.go index 6c0a3fc98f30b..3e0c720377b64 100644 --- a/builtin/logical/transit/path_encrypt.go +++ b/builtin/logical/transit/path_encrypt.go @@ -39,9 +39,6 @@ type BatchRequestItem struct { // DecodedNonce is the base64 decoded version of Nonce DecodedNonce []byte - - // Associated Data for AEAD ciphers - AssociatedData string `json:"associated_data" struct:"associated_data" mapstructure:"associated_data"` } // EncryptBatchResponseItem represents a response item for batch processing @@ -58,14 +55,6 @@ type EncryptBatchResponseItem struct { Error string `json:"error,omitempty" structs:"error" mapstructure:"error"` } -type AssocDataFactory struct { - Encoded string -} - -func (a AssocDataFactory) GetAssociatedData() ([]byte, error) { - return base64.StdEncoding.DecodeString(a.Encoded) -} - func (b *backend) pathEncrypt() *framework.Path { return &framework.Path{ Pattern: "encrypt/" + framework.GenericNameRegex("name"), @@ -124,7 +113,6 @@ will severely impact the ciphertext's security.`, Must be 0 (for latest) or a value greater than or equal to the min_encryption_version configured on the key.`, }, - "partial_failure_response_code": { Type: framework.TypeInt, Description: ` @@ -133,17 +121,6 @@ the HTTP response code is 400 (Bad Request). Some applications may want to trea Providing the parameter returns the given response code integer instead of a 400 in this case. If all values fail HTTP 400 is still returned.`, }, - - "associated_data": { - Type: framework.TypeString, - Description: ` -When using an AEAD cipher mode, such as AES-GCM, this parameter allows -passing associated data (AD/AAD) into the encryption function; this data -must be passed on subsequent decryption requests but can be transited in -plaintext. On successful decryption, both the ciphertext and the associated -data are attested not to have been tampered with. - `, - }, }, Callbacks: map[logical.Operation]framework.OperationFunc{ @@ -252,15 +229,6 @@ func decodeBatchRequestItems(src interface{}, requirePlaintext bool, requireCiph errs.Errors = append(errs.Errors, fmt.Sprintf("'[%d].key_version' expected type 'int', got unconvertible type '%T'", i, item["key_version"])) } } - - if v, has := item["associated_data"]; has { - if !reflect.ValueOf(v).IsValid() { - } else if casted, ok := v.(string); ok { - (*dst)[i].AssociatedData = casted - } else { - errs.Errors = append(errs.Errors, fmt.Sprintf("'[%d].associated_data' expected type 'string', got unconvertible type '%T'", i, item["associated_data"])) - } - } } if len(errs.Errors) > 0 { @@ -311,11 +279,10 @@ func (b *backend) pathEncryptWrite(ctx context.Context, req *logical.Request, d batchInputItems = make([]BatchRequestItem, 1) batchInputItems[0] = BatchRequestItem{ - Plaintext: valueRaw.(string), - Context: d.Get("context").(string), - Nonce: d.Get("nonce").(string), - KeyVersion: d.Get("key_version").(int), - AssociatedData: d.Get("associated_data").(string), + Plaintext: valueRaw.(string), + Context: d.Get("context").(string), + Nonce: d.Get("nonce").(string), + KeyVersion: d.Get("key_version").(int), } } @@ -426,17 +393,7 @@ func (b *backend) pathEncryptWrite(ctx context.Context, req *logical.Request, d warnAboutNonceUsage = true } - var factory interface{} - if item.AssociatedData != "" { - if !p.Type.AssociatedDataSupported() { - batchResponseItems[i].Error = fmt.Sprintf("'[%d].associated_data' provided for non-AEAD cipher suite %v", i, p.Type.String()) - continue - } - - factory = AssocDataFactory{item.AssociatedData} - } - - ciphertext, err := p.EncryptWithFactory(item.KeyVersion, item.DecodedContext, item.DecodedNonce, item.Plaintext, factory) + ciphertext, err := p.Encrypt(item.KeyVersion, item.DecodedContext, item.DecodedNonce, item.Plaintext) if err != nil { switch err.(type) { case errutil.InternalError: diff --git a/builtin/logical/transit/path_sign_verify.go b/builtin/logical/transit/path_sign_verify.go index 25498b79fe7a4..1f0a9f3cb622e 100644 --- a/builtin/logical/transit/path_sign_verify.go +++ b/builtin/logical/transit/path_sign_verify.go @@ -61,8 +61,6 @@ type batchResponseVerifyItem struct { err error } -const defaultHashAlgorithm = "sha2-256" - func (b *backend) pathSign() *framework.Path { return &framework.Path{ Pattern: "sign/" + framework.GenericNameRegex("name") + framework.OptionalParamRegex("urlalgorithm"), @@ -85,7 +83,7 @@ derivation is enabled; currently only available with ed25519 keys.`, "hash_algorithm": { Type: framework.TypeString, - Default: defaultHashAlgorithm, + Default: "sha2-256", Description: `Hash algorithm to use (POST body parameter). Valid values are: * sha1 @@ -97,17 +95,14 @@ derivation is enabled; currently only available with ed25519 keys.`, * sha3-256 * sha3-384 * sha3-512 -* none Defaults to "sha2-256". Not valid for all key types, -including ed25519. Using none requires setting prehashed=true and -signature_algorithm=pkcs1v15, yielding a PKCSv1_5_NoOID instead of -the usual PKCSv1_5_DERnull signature.`, +including ed25519.`, }, "algorithm": { Type: framework.TypeString, - Default: defaultHashAlgorithm, + Default: "sha2-256", Description: `Deprecated: use "hash_algorithm" instead.`, }, @@ -194,7 +189,7 @@ derivation is enabled; currently only available with ed25519 keys.`, "hash_algorithm": { Type: framework.TypeString, - Default: defaultHashAlgorithm, + Default: "sha2-256", Description: `Hash algorithm to use (POST body parameter). Valid values are: * sha1 @@ -206,15 +201,13 @@ derivation is enabled; currently only available with ed25519 keys.`, * sha3-256 * sha3-384 * sha3-512 -* none -Defaults to "sha2-256". Not valid for all key types. See note about -none on signing path.`, +Defaults to "sha2-256". Not valid for all key types.`, }, "algorithm": { Type: framework.TypeString, - Default: defaultHashAlgorithm, + Default: "sha2-256", Description: `Deprecated: use "hash_algorithm" instead.`, }, @@ -287,9 +280,6 @@ func (b *backend) pathSignWrite(ctx context.Context, req *logical.Request, d *fr hashAlgorithmStr = d.Get("hash_algorithm").(string) if hashAlgorithmStr == "" { hashAlgorithmStr = d.Get("algorithm").(string) - if hashAlgorithmStr == "" { - hashAlgorithmStr = defaultHashAlgorithm - } } } @@ -311,10 +301,6 @@ func (b *backend) pathSignWrite(ctx context.Context, req *logical.Request, d *fr return logical.ErrorResponse(err.Error()), logical.ErrInvalidRequest } - if hashAlgorithm == keysutil.HashTypeNone && (!prehashed || sigAlgorithm != "pkcs1v15") { - return logical.ErrorResponse("hash_algorithm=none requires both prehashed=true and signature_algorithm=pkcs1v15"), logical.ErrInvalidRequest - } - // Get the policy p, _, err := b.GetPolicy(ctx, keysutil.PolicyRequest{ Storage: req.Storage, @@ -521,9 +507,6 @@ func (b *backend) pathVerifyWrite(ctx context.Context, req *logical.Request, d * hashAlgorithmStr = d.Get("hash_algorithm").(string) if hashAlgorithmStr == "" { hashAlgorithmStr = d.Get("algorithm").(string) - if hashAlgorithmStr == "" { - hashAlgorithmStr = defaultHashAlgorithm - } } } @@ -545,10 +528,6 @@ func (b *backend) pathVerifyWrite(ctx context.Context, req *logical.Request, d * return logical.ErrorResponse(err.Error()), logical.ErrInvalidRequest } - if hashAlgorithm == keysutil.HashTypeNone && (!prehashed || sigAlgorithm != "pkcs1v15") { - return logical.ErrorResponse("hash_algorithm=none requires both prehashed=true and signature_algorithm=pkcs1v15"), logical.ErrInvalidRequest - } - // Get the policy p, _, err := b.GetPolicy(ctx, keysutil.PolicyRequest{ Storage: req.Storage, diff --git a/builtin/logical/transit/path_sign_verify_test.go b/builtin/logical/transit/path_sign_verify_test.go index f1a7edcfc67c6..fa411b0a2c8c2 100644 --- a/builtin/logical/transit/path_sign_verify_test.go +++ b/builtin/logical/transit/path_sign_verify_test.go @@ -154,7 +154,7 @@ func testTransit_SignVerify_ECDSA(t *testing.T, bits int) { req.Path = "sign/foo" + postpath resp, err := b.HandleRequest(context.Background(), req) if err != nil && !errExpected { - t.Fatalf("request: %v\nerror: %v", req, err) + t.Fatal(err) } if resp == nil { t.Fatal("expected non-nil response") @@ -950,9 +950,6 @@ func testTransit_SignVerify_RSA_PSS(t *testing.T, bits int) { for hashAlgorithm := range keysutil.HashTypeMap { t.Log("Hash algorithm:", hashAlgorithm) - if hashAlgorithm == "none" { - continue - } for marshalingName := range keysutil.MarshalingTypeMap { t.Log("\t", "Marshaling type:", marshalingName) diff --git a/changelog/12166.txt b/changelog/12166.txt deleted file mode 100644 index 9cec76cbafee1..0000000000000 --- a/changelog/12166.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -storage/raft: add additional raft metrics relating to applied index and heartbeating; also ensure OSS standbys emit periodic metrics. -``` diff --git a/changelog/14945.txt b/changelog/14945.txt deleted file mode 100644 index 50dea7159f4ec..0000000000000 --- a/changelog/14945.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -cli: Support the -format=raw option, to read non-JSON Vault endpoints and original response bodies. -``` diff --git a/changelog/15869.txt b/changelog/15869.txt deleted file mode 100644 index bb0278dccf98a..0000000000000 --- a/changelog/15869.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:change -secrets/aws: do not create leases for non-renewable/non-revocable STS credentials to reduce storage calls -``` \ No newline at end of file diff --git a/changelog/16224.txt b/changelog/16224.txt deleted file mode 100644 index 822b24504df59..0000000000000 --- a/changelog/16224.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:bug -core: fix GPG encryption to support subkeys. -``` diff --git a/changelog/16622.txt b/changelog/16622.txt deleted file mode 100644 index 37ae5abb5a884..0000000000000 --- a/changelog/16622.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -secrets/ssh: Evaluate ssh validprincipals user template before splitting -``` diff --git a/changelog/16688.txt b/changelog/16688.txt index c7310fd3127d6..ce192d5f220f8 100644 --- a/changelog/16688.txt +++ b/changelog/16688.txt @@ -4,3 +4,6 @@ plugins: `GET /sys/plugins/catalog` endpoint now returns an additional `detailed ```release-note:change plugins: `GET /sys/plugins/catalog/:type/:name` endpoint now returns an additional `version` field in the response data. ``` +```release-note:improvement +plugins: Plugin catalog supports registering and managing plugins with semantic version information. +``` diff --git a/changelog/16700.txt b/changelog/16700.txt deleted file mode 100644 index 9dc8d1e2d199e..0000000000000 --- a/changelog/16700.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:bug -secrets/pki: Fixes duplicate otherName in certificates created by the sign-verbatim endpoint. -``` diff --git a/changelog/16872.txt b/changelog/16872.txt deleted file mode 100644 index 5bbad14067bd5..0000000000000 --- a/changelog/16872.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -agent: fix incorrectly used loop variables in parallel tests and when finalizing seals -``` diff --git a/changelog/16982.txt b/changelog/16982.txt deleted file mode 100644 index 70d2521a54b8f..0000000000000 --- a/changelog/16982.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:change -plugins: `GET /database/config/:name` endpoint now returns an additional `plugin_version` field in the response data. -``` \ No newline at end of file diff --git a/changelog/17086.txt b/changelog/17086.txt deleted file mode 100644 index ce221ad32c925..0000000000000 --- a/changelog/17086.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:change -ui: Upgrade Ember to version 4.4.0 -``` \ No newline at end of file diff --git a/changelog/17104.txt b/changelog/17104.txt deleted file mode 100644 index 00c5eebf39d85..0000000000000 --- a/changelog/17104.txt +++ /dev/null @@ -1,4 +0,0 @@ -```release-note:change -auth: Returns invalid credentials for ldap, userpass and approle when wrong credentials are provided for existent users. -This will only be used internally for implementing user lockout. -``` \ No newline at end of file diff --git a/changelog/17167.txt b/changelog/17167.txt deleted file mode 100644 index 89b8905490632..0000000000000 --- a/changelog/17167.txt +++ /dev/null @@ -1,6 +0,0 @@ -```release-note:change -plugins: `GET /sys/auth/:path/tune` and `GET /sys/mounts/:path/tune` endpoints may now return an additional `plugin_version` field in the response data if set. -``` -```release-note:change -plugins: `GET` for `/sys/auth`, `/sys/auth/:path`, `/sys/mounts`, and `/sys/mounts/:path` paths now return additional `plugin_version`, `running_plugin_version` and `running_sha256` fields in the response data for each mount. -``` \ No newline at end of file diff --git a/changelog/17186.txt b/changelog/17186.txt deleted file mode 100644 index d086dd0ef0aab..0000000000000 --- a/changelog/17186.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:bug -core: fix race when using SystemView.ReplicationState outside of a request context -``` \ No newline at end of file diff --git a/changelog/17187.txt b/changelog/17187.txt deleted file mode 100644 index 71476ef3169e6..0000000000000 --- a/changelog/17187.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:bug -core: Refactor lock grabbing code to simplify stateLock deadlock investigations -``` \ No newline at end of file diff --git a/changelog/17265.txt b/changelog/17265.txt deleted file mode 100644 index fe2d3b9a00aa7..0000000000000 --- a/changelog/17265.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -core: License location is no longer cache exempt, meaning sys/health will not contribute as greatly to storage load when using consul as a storage backend. -``` diff --git a/changelog/17289.txt b/changelog/17289.txt deleted file mode 100644 index e8df6cab99ab9..0000000000000 --- a/changelog/17289.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -plugins: Allow selecting builtin plugins by their reported semantic version of the form `vX.Y.Z+builtin` or `vX.Y.Z+builtin.vault`. -``` \ No newline at end of file diff --git a/changelog/17308.txt b/changelog/17308.txt deleted file mode 100644 index 5a2bf8bace9a3..0000000000000 --- a/changelog/17308.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement: -cli: User-requested -help text now appears on stdout for paging rather than stderr -``` diff --git a/changelog/17338.txt b/changelog/17338.txt deleted file mode 100644 index 78ebec8746196..0000000000000 --- a/changelog/17338.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:feature -core: Add user lockout field to config and configuring this for auth mount using auth tune to prevent brute forcing in auth methods -``` \ No newline at end of file diff --git a/changelog/17339.txt b/changelog/17339.txt deleted file mode 100644 index 4ab14210ecb41..0000000000000 --- a/changelog/17339.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:bug -plugins/kv: KV v2 returns 404 instead of 500 for request paths that incorrectly include a trailing slash. -``` diff --git a/changelog/17376.txt b/changelog/17376.txt deleted file mode 100644 index 0b2f4e40dd4c9..0000000000000 --- a/changelog/17376.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:bug -ui: Remove default value of 30 to TtlPicker2 if no value is passed in. -``` diff --git a/changelog/17395.txt b/changelog/17395.txt deleted file mode 100644 index f7ce602949af6..0000000000000 --- a/changelog/17395.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:bug: -api: Fix to account for older versions of Vault with no `custom_metadata` support -``` diff --git a/changelog/17406.txt b/changelog/17406.txt deleted file mode 100644 index 29bf04aa17a77..0000000000000 --- a/changelog/17406.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -secrets/kv: new KVv2 mounts and KVv1 mounts without any keys will upgrade synchronously, allowing for instant use -``` diff --git a/changelog/17459.txt b/changelog/17459.txt deleted file mode 100644 index fd240c5376758..0000000000000 --- a/changelog/17459.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -core/identity: Add machine-readable output to body of response upon alias clash during entity merge -``` \ No newline at end of file diff --git a/changelog/17499.txt b/changelog/17499.txt deleted file mode 100644 index f3b1831d62774..0000000000000 --- a/changelog/17499.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -core: Update protoc from 3.21.5 to 3.21.7 -``` \ No newline at end of file diff --git a/changelog/17514.txt b/changelog/17514.txt deleted file mode 100644 index 215ea83295d07..0000000000000 --- a/changelog/17514.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:bug -core: Fix vault operator init command to show the right curl string with -output-curl-string and right policy hcl with -output-policy -``` \ No newline at end of file diff --git a/changelog/17540.txt b/changelog/17540.txt deleted file mode 100644 index 3915eae2af6cd..0000000000000 --- a/changelog/17540.txt +++ /dev/null @@ -1,4 +0,0 @@ -```release-note:improvement -auth/azure: Adds support for authentication with Managed Service Identity (MSI) from a -Virtual Machine Scale Set (VMSS) in flexible orchestration mode. -``` \ No newline at end of file diff --git a/changelog/17612.txt b/changelog/17612.txt deleted file mode 100644 index 3005d0bf75f6f..0000000000000 --- a/changelog/17612.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:bug -core/seal: Fix regression handling of the key_id parameter in seal configuration HCL. -``` \ No newline at end of file diff --git a/changelog/17636.txt b/changelog/17636.txt deleted file mode 100644 index 0668f21874511..0000000000000 --- a/changelog/17636.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -secrets/transit: Add support for PKCSv1_5_NoOID RSA signatures -``` diff --git a/changelog/17638.txt b/changelog/17638.txt deleted file mode 100644 index 37e0575397194..0000000000000 --- a/changelog/17638.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -secrets/transit: Add associated_data parameter for additional authenticated data in AEAD ciphers -``` diff --git a/changelog/17650.txt b/changelog/17650.txt deleted file mode 100644 index 79e76692bb4f0..0000000000000 --- a/changelog/17650.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -cli: Add support for creating requests to existing non-KVv2 PATCH-capable endpoints. -``` diff --git a/changelog/17678.txt b/changelog/17678.txt deleted file mode 100644 index bddf213d565f2..0000000000000 --- a/changelog/17678.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -Reduced binary size -``` diff --git a/changelog/17747.txt b/changelog/17747.txt deleted file mode 100644 index 53ceafa807fbd..0000000000000 --- a/changelog/17747.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -secrets/aws: Update dependencies [[PR-17747](https://github.com/hashicorp/vault/pull/17747)] -``` diff --git a/changelog/17752.txt b/changelog/17752.txt deleted file mode 100644 index 628eed8e68318..0000000000000 --- a/changelog/17752.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:bug -openapi: fix gen_openapi.sh script to correctly load vault plugins -``` diff --git a/changelog/17768.txt b/changelog/17768.txt deleted file mode 100644 index 25246ea08ea4d..0000000000000 --- a/changelog/17768.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:change -auth/approle: Add maximum length of 4096 for approle role_names, as this value results in HMAC calculation -``` \ No newline at end of file diff --git a/changelog/17772.txt b/changelog/17772.txt new file mode 100644 index 0000000000000..6866d3f590ebd --- /dev/null +++ b/changelog/17772.txt @@ -0,0 +1,3 @@ +```release-note:bug +secret/pki: fix bug with initial legacy bundle migration (from < 1.11 into 1.11+) and missing issuers from ca_chain +``` diff --git a/changelog/17774.txt b/changelog/17774.txt deleted file mode 100644 index f6103ec60a369..0000000000000 --- a/changelog/17774.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:improvement -secrets/pki: Return new fields revocation_time_rfc3339 and issuer_id to existing certificate serial lookup api if it is revoked -``` diff --git a/changelog/17801.txt b/changelog/17801.txt new file mode 100644 index 0000000000000..8d3764ad44ff1 --- /dev/null +++ b/changelog/17801.txt @@ -0,0 +1,4 @@ +```release-note:bug +core: fix a start up race condition where performance standbys could go into a +mount loop if default policies are not yet synced from the active node. +``` diff --git a/changelog/17816.txt b/changelog/17816.txt new file mode 100644 index 0000000000000..4ad3bc8622c40 --- /dev/null +++ b/changelog/17816.txt @@ -0,0 +1,3 @@ +```release-note:bug +plugins: Only report deprecation status for builtin plugins. +``` diff --git a/changelog/17824.txt b/changelog/17824.txt new file mode 100644 index 0000000000000..0d3fbb6ca9ac7 --- /dev/null +++ b/changelog/17824.txt @@ -0,0 +1,3 @@ +```release-note:improvement +secrets/pki: Allow issuer creation, import to change default issuer via `default_follows_latest_issuer`. +``` diff --git a/changelog/17914.txt b/changelog/17914.txt new file mode 100644 index 0000000000000..671e6362b89f2 --- /dev/null +++ b/changelog/17914.txt @@ -0,0 +1,3 @@ +```release-note:bug +auth: Deduplicate policies prior to ACL generation +``` diff --git a/changelog/17944.txt b/changelog/17944.txt new file mode 100644 index 0000000000000..2ce17ca360c6d --- /dev/null +++ b/changelog/17944.txt @@ -0,0 +1,3 @@ +```release-note:bug +core: Fix potential deadlock if barrier ciphertext is less than 4 bytes. +``` diff --git a/changelog/17950.txt b/changelog/17950.txt new file mode 100644 index 0000000000000..318334e4a20c4 --- /dev/null +++ b/changelog/17950.txt @@ -0,0 +1,3 @@ +```release-note:bug +ui: fix entity policies list link to policy show page +``` diff --git a/changelog/18011.txt b/changelog/18011.txt new file mode 100644 index 0000000000000..ed22510460afd --- /dev/null +++ b/changelog/18011.txt @@ -0,0 +1,3 @@ +```release-note:bug +auth/okta: fix a panic for AuthRenew in Okta +``` diff --git a/changelog/18030.txt b/changelog/18030.txt new file mode 100644 index 0000000000000..30a49c5d162d5 --- /dev/null +++ b/changelog/18030.txt @@ -0,0 +1,3 @@ +```release-note:improvement +storage/raft: Add `retry_join_as_non_voter` config option. +``` diff --git a/changelog/18086.txt b/changelog/18086.txt new file mode 100644 index 0000000000000..7d8d879503255 --- /dev/null +++ b/changelog/18086.txt @@ -0,0 +1,3 @@ +```release-note:bug +secrets/azure: add WAL to clean up role assignments if errors occur +``` diff --git a/changelog/_go-ver-1122.txt b/changelog/_go-ver-1122.txt new file mode 100644 index 0000000000000..c7744e1497577 --- /dev/null +++ b/changelog/_go-ver-1122.txt @@ -0,0 +1,3 @@ +```release-note:change +core: Bump Go version to 1.19.3. +``` diff --git a/changelog/_go-ver-1130.txt b/changelog/_go-ver-1130.txt deleted file mode 100644 index bbb2cf7c3ed43..0000000000000 --- a/changelog/_go-ver-1130.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:change -core: Bump Go version to 1.19.2. -``` diff --git a/changelog/plugin-versioning.txt b/changelog/plugin-versioning.txt deleted file mode 100644 index cfd77a4778ede..0000000000000 --- a/changelog/plugin-versioning.txt +++ /dev/null @@ -1,3 +0,0 @@ -```release-note:feature -**Plugin Versioning**: Vault supports registering, managing, and running plugins with semantic versions specified. -``` \ No newline at end of file diff --git a/command/agent/approle_end_to_end_test.go b/command/agent/approle_end_to_end_test.go index e3456b3b5c747..35186cd8e606e 100644 --- a/command/agent/approle_end_to_end_test.go +++ b/command/agent/approle_end_to_end_test.go @@ -6,7 +6,6 @@ import ( "fmt" "io/ioutil" "os" - "strings" "testing" "time" @@ -55,7 +54,6 @@ func TestAppRoleEndToEnd(t *testing.T) { if tc.removeSecretIDFile { secretFileAction = "remove" } - tc := tc // capture range variable t.Run(fmt.Sprintf("%s_secret_id_file bindSecretID=%v secretIDLess=%v expectToken=%v", secretFileAction, tc.bindSecretID, tc.secretIDLess, tc.expectToken), func(t *testing.T) { t.Parallel() testAppRoleEndToEnd(t, tc.removeSecretIDFile, tc.bindSecretID, tc.secretIDLess, tc.expectToken) @@ -401,52 +399,6 @@ func testAppRoleEndToEnd(t *testing.T, removeSecretIDFile bool, bindSecretID boo } } -// TestAppRoleLongRoleName tests that the creation of an approle is a maximum of 4096 bytes -// Prior to VAULT-8518 being fixed, you were unable to delete an approle value longer than 1024 bytes -// due to a restriction put into place by PR #14746, to prevent unbounded HMAC creation. -func TestAppRoleLongRoleName(t *testing.T) { - approleName := strings.Repeat("a", 5000) - - coreConfig := &vault.CoreConfig{ - DisableMlock: true, - DisableCache: true, - Logger: log.NewNullLogger(), - CredentialBackends: map[string]logical.Factory{ - "approle": credAppRole.Factory, - }, - } - - cluster := vault.NewTestCluster(t, coreConfig, &vault.TestClusterOptions{ - HandlerFunc: vaulthttp.Handler, - }) - - cluster.Start() - defer cluster.Cleanup() - - cores := cluster.Cores - - vault.TestWaitActive(t, cores[0].Core) - - client := cores[0].Client - - err := client.Sys().EnableAuthWithOptions("approle", &api.EnableAuthOptions{ - Type: "approle", - }) - if err != nil { - t.Fatal(err) - } - - _, err = client.Logical().Write(fmt.Sprintf("auth/approle/role/%s", approleName), map[string]interface{}{ - "token_ttl": "6s", - "token_max_ttl": "10s", - }) - if err != nil { - if !strings.Contains(err.Error(), "role_name is longer than maximum") { - t.Fatal(err) - } - } -} - func TestAppRoleWithWrapping(t *testing.T) { testCases := []struct { bindSecretID bool diff --git a/command/agent/config/config_test.go b/command/agent/config/config_test.go index 16816f85e744d..8a5491891ff68 100644 --- a/command/agent/config/config_test.go +++ b/command/agent/config/config_test.go @@ -432,7 +432,7 @@ func TestLoadConfigFile_Bad_AgentCache_NoListeners(t *testing.T) { } func TestLoadConfigFile_Bad_AutoAuth_Wrapped_Multiple_Sinks(t *testing.T) { - _, err := LoadConfig("./test-fixtures/bad-config-auto_auth-wrapped-multiple-sinks.hcl") + _, err := LoadConfig("./test-fixtures/bad-config-auto_auth-wrapped-multiple-sinks") if err == nil { t.Fatal("LoadConfig should return an error when auth_auth.method.wrap_ttl nonzero and multiple sinks defined") } diff --git a/command/auth_tune.go b/command/auth_tune.go index 6e3d3e7bce8f6..de4c198273147 100644 --- a/command/auth_tune.go +++ b/command/auth_tune.go @@ -20,22 +20,18 @@ var ( type AuthTuneCommand struct { *BaseCommand - flagAuditNonHMACRequestKeys []string - flagAuditNonHMACResponseKeys []string - flagDefaultLeaseTTL time.Duration - flagDescription string - flagListingVisibility string - flagMaxLeaseTTL time.Duration - flagPassthroughRequestHeaders []string - flagAllowedResponseHeaders []string - flagOptions map[string]string - flagTokenType string - flagVersion int - flagPluginVersion string - flagUserLockoutThreshold uint - flagUserLockoutDuration time.Duration - flagUserLockoutCounterResetDuration time.Duration - flagUserLockoutDisable bool + flagAuditNonHMACRequestKeys []string + flagAuditNonHMACResponseKeys []string + flagDefaultLeaseTTL time.Duration + flagDescription string + flagListingVisibility string + flagMaxLeaseTTL time.Duration + flagPassthroughRequestHeaders []string + flagAllowedResponseHeaders []string + flagOptions map[string]string + flagTokenType string + flagVersion int + flagPluginVersion string } func (c *AuthTuneCommand) Synopsis() string { @@ -149,41 +145,6 @@ func (c *AuthTuneCommand) Flags() *FlagSets { Usage: "Select the version of the auth method to run. Not supported by all auth methods.", }) - f.UintVar(&UintVar{ - Name: flagNameUserLockoutThreshold, - Target: &c.flagUserLockoutThreshold, - Usage: "The threshold for user lockout for this auth method. If unspecified, this " + - "defaults to the Vault server's globally configured user lockout threshold, " + - "or a previously configured value for the auth method.", - }) - - f.DurationVar(&DurationVar{ - Name: flagNameUserLockoutDuration, - Target: &c.flagUserLockoutDuration, - Completion: complete.PredictAnything, - Usage: "The user lockout duration for this auth method. If unspecified, this " + - "defaults to the Vault server's globally configured user lockout duration, " + - "or a previously configured value for the auth method.", - }) - - f.DurationVar(&DurationVar{ - Name: flagNameUserLockoutCounterResetDuration, - Target: &c.flagUserLockoutCounterResetDuration, - Completion: complete.PredictAnything, - Usage: "The user lockout counter reset duration for this auth method. If unspecified, this " + - "defaults to the Vault server's globally configured user lockout counter reset duration, " + - "or a previously configured value for the auth method.", - }) - - f.BoolVar(&BoolVar{ - Name: flagNameUserLockoutDisable, - Target: &c.flagUserLockoutDisable, - Default: false, - Usage: "Disable user lockout for this auth method. If unspecified, this " + - "defaults to the Vault server's globally configured user lockout disable, " + - "or a previously configured value for the auth method.", - }) - f.StringVar(&StringVar{ Name: flagNamePluginVersion, Target: &c.flagPluginVersion, @@ -269,24 +230,6 @@ func (c *AuthTuneCommand) Run(args []string) int { if fl.Name == flagNameTokenType { mountConfigInput.TokenType = c.flagTokenType } - switch fl.Name { - case flagNameUserLockoutThreshold, flagNameUserLockoutDuration, flagNameUserLockoutCounterResetDuration, flagNameUserLockoutDisable: - if mountConfigInput.UserLockoutConfig == nil { - mountConfigInput.UserLockoutConfig = &api.UserLockoutConfigInput{} - } - } - if fl.Name == flagNameUserLockoutThreshold { - mountConfigInput.UserLockoutConfig.LockoutThreshold = strconv.FormatUint(uint64(c.flagUserLockoutThreshold), 10) - } - if fl.Name == flagNameUserLockoutDuration { - mountConfigInput.UserLockoutConfig.LockoutDuration = ttlToAPI(c.flagUserLockoutDuration) - } - if fl.Name == flagNameUserLockoutCounterResetDuration { - mountConfigInput.UserLockoutConfig.LockoutCounterResetDuration = ttlToAPI(c.flagUserLockoutCounterResetDuration) - } - if fl.Name == flagNameUserLockoutDisable { - mountConfigInput.UserLockoutConfig.DisableLockout = &c.flagUserLockoutDisable - } if fl.Name == flagNamePluginVersion { mountConfigInput.PluginVersion = c.flagPluginVersion diff --git a/command/base.go b/command/base.go index 3825db0b1c68b..3655494abe316 100644 --- a/command/base.go +++ b/command/base.go @@ -518,10 +518,9 @@ func (c *BaseCommand) flagSet(bit FlagSetBit) *FlagSets { Target: &c.flagFormat, Default: "table", EnvVar: EnvVaultFormat, - Completion: complete.PredictSet("table", "json", "yaml", "pretty", "raw"), + Completion: complete.PredictSet("table", "json", "yaml", "pretty"), Usage: `Print the output in the given format. Valid formats - are "table", "json", "yaml", or "pretty". "raw" is allowed - for 'vault read' operations only.`, + are "table", "json", "yaml", or "pretty".`, }) } @@ -582,14 +581,9 @@ func (f *FlagSets) Completions() complete.Flags { return f.completions } -type ( - ParseOptions interface{} - ParseOptionAllowRawFormat bool -) - // Parse parses the given flags, returning any errors. // Warnings, if any, regarding the arguments format are sent to stdout -func (f *FlagSets) Parse(args []string, opts ...ParseOptions) error { +func (f *FlagSets) Parse(args []string) error { err := f.mainSet.Parse(args) warnings := generateFlagWarnings(f.Args()) @@ -597,12 +591,7 @@ func (f *FlagSets) Parse(args []string, opts ...ParseOptions) error { f.ui.Warn(warnings) } - if err != nil { - return err - } - - // Now surface any other errors. - return generateFlagErrors(f, opts...) + return err } // Parsed reports whether the command-line flags have been parsed. diff --git a/command/base_helpers.go b/command/base_helpers.go index 60ad8af20cb1a..b2a9f8c7fbd28 100644 --- a/command/base_helpers.go +++ b/command/base_helpers.go @@ -322,20 +322,3 @@ func generateFlagWarnings(args []string) string { return "" } } - -func generateFlagErrors(f *FlagSets, opts ...ParseOptions) error { - if Format(f.ui) == "raw" { - canUseRaw := false - for _, opt := range opts { - if value, ok := opt.(ParseOptionAllowRawFormat); ok { - canUseRaw = bool(value) - } - } - - if !canUseRaw { - return fmt.Errorf("This command does not support the -format=raw option.") - } - } - - return nil -} diff --git a/command/commands.go b/command/commands.go index 9a64191d2965e..82b4919e05b95 100644 --- a/command/commands.go +++ b/command/commands.go @@ -126,14 +126,6 @@ const ( flagNameAllowedManagedKeys = "allowed-managed-keys" // flagNamePluginVersion selects what version of a plugin should be used. flagNamePluginVersion = "plugin-version" - // flagNameUserLockoutThreshold is the flag name used for tuning the auth mount lockout threshold parameter - flagNameUserLockoutThreshold = "user-lockout-threshold" - // flagNameUserLockoutDuration is the flag name used for tuning the auth mount lockout duration parameter - flagNameUserLockoutDuration = "user-lockout-duration" - // flagNameUserLockoutCounterResetDuration is the flag name used for tuning the auth mount lockout counter reset parameter - flagNameUserLockoutCounterResetDuration = "user-lockout-counter-reset-duration" - // flagNameUserLockoutDisable is the flag name used for tuning the auth mount disable lockout parameter - flagNameUserLockoutDisable = "user-lockout-disable" // flagNameDisableRedirects is used to prevent the client from honoring a single redirect as a response to a request flagNameDisableRedirects = "disable-redirects" ) @@ -496,11 +488,6 @@ func initCommands(ui, serverCmdUi cli.Ui, runOpts *RunOptions) { BaseCommand: getBaseCommand(), }, nil }, - "patch": func() (cli.Command, error) { - return &PatchCommand{ - BaseCommand: getBaseCommand(), - }, nil - }, "path-help": func() (cli.Command, error) { return &PathHelpCommand{ BaseCommand: getBaseCommand(), diff --git a/command/format.go b/command/format.go index 1c08cbcc0d68a..4dffed6463592 100644 --- a/command/format.go +++ b/command/format.go @@ -70,7 +70,6 @@ var Formatters = map[string]Formatter{ "yaml": YamlFormatter{}, "yml": YamlFormatter{}, "pretty": PrettyFormatter{}, - "raw": RawFormatter{}, } func Format(ui cli.Ui) string { @@ -126,27 +125,6 @@ func (j JsonFormatter) Output(ui cli.Ui, secret *api.Secret, data interface{}) e return nil } -// An output formatter for raw output of the original request object -type RawFormatter struct{} - -func (r RawFormatter) Format(data interface{}) ([]byte, error) { - byte_data, ok := data.([]byte) - if !ok { - return nil, fmt.Errorf("This command does not support the -format=raw option; only `vault read` does.") - } - - return byte_data, nil -} - -func (r RawFormatter) Output(ui cli.Ui, secret *api.Secret, data interface{}) error { - b, err := r.Format(data) - if err != nil { - return err - } - ui.Output(string(b)) - return nil -} - // An output formatter for yaml output format of an object type YamlFormatter struct{} diff --git a/command/kv_metadata_patch.go b/command/kv_metadata_patch.go index b63da2369a2cd..3a51d8db12154 100644 --- a/command/kv_metadata_patch.go +++ b/command/kv_metadata_patch.go @@ -34,7 +34,7 @@ func (c *KVMetadataPatchCommand) Synopsis() string { func (c *KVMetadataPatchCommand) Help() string { helpText := ` -Usage: vault kv metadata patch [options] KEY +Usage: vault metadata kv patch [options] KEY This command can be used to create a blank key in the key-value store or to update key configuration for a specified key. diff --git a/command/kv_metadata_put.go b/command/kv_metadata_put.go index 5196b1c79a0a6..7494204f436b8 100644 --- a/command/kv_metadata_put.go +++ b/command/kv_metadata_put.go @@ -33,7 +33,7 @@ func (c *KVMetadataPutCommand) Synopsis() string { func (c *KVMetadataPutCommand) Help() string { helpText := ` -Usage: vault kv metadata put [options] KEY +Usage: vault metadata kv put [options] KEY This command can be used to create a blank key in the key-value store or to update key configuration for a specified key. diff --git a/command/kv_test.go b/command/kv_test.go index 830c9cc30770e..162113b8b5a95 100644 --- a/command/kv_test.go +++ b/command/kv_test.go @@ -770,7 +770,6 @@ func TestKVPatchCommand_ArgValidation(t *testing.T) { } for _, tc := range cases { - tc := tc // capture range variable t.Run(tc.name, func(t *testing.T) { t.Parallel() diff --git a/command/login.go b/command/login.go index f46d264905ab0..30352abbb4e59 100644 --- a/command/login.go +++ b/command/login.go @@ -236,7 +236,7 @@ func (c *LoginCommand) Run(args []string) int { // this scenario, no external validation is needed. interactiveMethodInfo := c.getInteractiveMFAMethodInfo(secret) if interactiveMethodInfo != nil { - c.UI.Warn("Initiating Iteractive MFA Validation...") + c.UI.Warn("Initiating Interactive MFA Validation...") secret, err = c.validateMFA(secret.Auth.MFARequirement.MFARequestID, *interactiveMethodInfo) if err != nil { c.UI.Error(err.Error()) diff --git a/command/main.go b/command/main.go index 1ac72875062e9..4a5e8028214e6 100644 --- a/command/main.go +++ b/command/main.go @@ -228,8 +228,7 @@ func RunCustom(args []string, runOpts *RunOptions) int { HelpFunc: groupedHelpFunc( cli.BasicHelpFunc("vault"), ), - HelpWriter: runOpts.Stdout, - ErrorWriter: runOpts.Stderr, + HelpWriter: runOpts.Stderr, HiddenCommands: hiddenCommands, Autocomplete: true, AutocompleteNoDefaultFlags: true, diff --git a/command/operator_diagnose.go b/command/operator_diagnose.go index 3746b5845f1a1..fc9ed178f5386 100644 --- a/command/operator_diagnose.go +++ b/command/operator_diagnose.go @@ -447,25 +447,26 @@ func (c *OperatorDiagnoseCommand) offlineDiagnostics(ctx context.Context) error goto SEALFAIL } - for _, seal := range seals { - // There is always one nil seal. We need to skip it so we don't start an empty Finalize-Seal-Shamir - // section. - if seal == nil { - continue - } - seal := seal // capture range variable - // Ensure that the seal finalizer is called, even if using verify-only - defer func(seal *vault.Seal) { - sealType := diagnose.CapitalizeFirstLetter((*seal).BarrierType().String()) - finalizeSealContext, finalizeSealSpan := diagnose.StartSpan(ctx, "Finalize "+sealType+" Seal") - err = (*seal).Finalize(finalizeSealContext) - if err != nil { - diagnose.Fail(finalizeSealContext, "Error finalizing seal.") - diagnose.Advise(finalizeSealContext, "This likely means that the barrier is still in use; therefore, finalizing the seal timed out.") - finalizeSealSpan.End() + if seals != nil { + for _, seal := range seals { + // There is always one nil seal. We need to skip it so we don't start an empty Finalize-Seal-Shamir + // section. + if seal == nil { + continue } - finalizeSealSpan.End() - }(&seal) + // Ensure that the seal finalizer is called, even if using verify-only + defer func(seal *vault.Seal) { + sealType := diagnose.CapitalizeFirstLetter((*seal).BarrierType().String()) + finalizeSealContext, finalizeSealSpan := diagnose.StartSpan(ctx, "Finalize "+sealType+" Seal") + err = (*seal).Finalize(finalizeSealContext) + if err != nil { + diagnose.Fail(finalizeSealContext, "Error finalizing seal.") + diagnose.Advise(finalizeSealContext, "This likely means that the barrier is still in use; therefore, finalizing the seal timed out.") + finalizeSealSpan.End() + } + finalizeSealSpan.End() + }(&seal) + } } if barrierSeal == nil { diff --git a/command/operator_init.go b/command/operator_init.go index 3b0dfe3de2b5e..6d67dcd9b6a45 100644 --- a/command/operator_init.go +++ b/command/operator_init.go @@ -237,15 +237,6 @@ func (c *OperatorInitCommand) Run(args []string) int { return 2 } - // -output-curl string returns curl command for seal status - // setting this to false and then setting actual value after reading seal status - currentOutputCurlString := client.OutputCurlString() - client.SetOutputCurlString(false) - // -output-policy string returns minimum required policy HCL for seal status - // setting this to false and then setting actual value after reading seal status - outputPolicy := client.OutputPolicy() - client.SetOutputPolicy(false) - // Set defaults based on use of auto unseal seal sealInfo, err := client.Sys().SealStatus() if err != nil { @@ -253,9 +244,6 @@ func (c *OperatorInitCommand) Run(args []string) int { return 2 } - client.SetOutputCurlString(currentOutputCurlString) - client.SetOutputPolicy(outputPolicy) - switch sealInfo.RecoverySeal { case true: if c.flagRecoveryShares == 0 { diff --git a/command/patch.go b/command/patch.go deleted file mode 100644 index 8edb77ea86f7a..0000000000000 --- a/command/patch.go +++ /dev/null @@ -1,135 +0,0 @@ -package command - -import ( - "context" - "fmt" - "io" - "os" - "strings" - - "github.com/mitchellh/cli" - "github.com/posener/complete" -) - -var ( - _ cli.Command = (*PatchCommand)(nil) - _ cli.CommandAutocomplete = (*PatchCommand)(nil) -) - -// PatchCommand is a Command that puts data into the Vault. -type PatchCommand struct { - *BaseCommand - - flagForce bool - - testStdin io.Reader // for tests -} - -func (c *PatchCommand) Synopsis() string { - return "Patch data, configuration, and secrets" -} - -func (c *PatchCommand) Help() string { - helpText := ` -Usage: vault patch [options] PATH [DATA K=V...] - - Patches data in Vault at the given path. The data can be credentials, secrets, - configuration, or arbitrary data. The specific behavior of this command is - determined at the thing mounted at the path. - - Data is specified as "key=value" pairs. If the value begins with an "@", then - it is loaded from a file. If the value is "-", Vault will read the value from - stdin. - - Unlike write, patch will only modify specified fields. - - Persist data in the generic secrets engine without modifying any other fields: - - $ vault patch pki/roles/example allow_localhost=false - - The data can also be consumed from a file on disk by prefixing with the "@" - symbol. For example: - - $ vault patch pki/roles/example @role.json - - Or it can be read from stdin using the "-" symbol: - - $ echo "example.com" | vault patch pki/roles/example allowed_domains=- - - For a full list of examples and paths, please see the documentation that - corresponds to the secret engines in use. - -` + c.Flags().Help() - - return strings.TrimSpace(helpText) -} - -func (c *PatchCommand) Flags() *FlagSets { - set := c.flagSet(FlagSetHTTP | FlagSetOutputField | FlagSetOutputFormat) - f := set.NewFlagSet("Command Options") - - f.BoolVar(&BoolVar{ - Name: "force", - Aliases: []string{"f"}, - Target: &c.flagForce, - Default: false, - EnvVar: "", - Completion: complete.PredictNothing, - Usage: "Allow the operation to continue with no key=value pairs. This " + - "allows writing to keys that do not need or expect data.", - }) - - return set -} - -func (c *PatchCommand) AutocompleteArgs() complete.Predictor { - // Return an anything predictor here. Without a way to access help - // information, we don't know what paths we could patch. - return complete.PredictAnything -} - -func (c *PatchCommand) AutocompleteFlags() complete.Flags { - return c.Flags().Completions() -} - -func (c *PatchCommand) Run(args []string) int { - f := c.Flags() - - if err := f.Parse(args); err != nil { - c.UI.Error(err.Error()) - return 1 - } - - args = f.Args() - switch { - case len(args) < 1: - c.UI.Error(fmt.Sprintf("Not enough arguments (expected 1, got %d)", len(args))) - return 1 - case len(args) == 1 && !c.flagForce: - c.UI.Error("Must supply data or use -force") - return 1 - } - - // Pull our fake stdin if needed - stdin := (io.Reader)(os.Stdin) - if c.testStdin != nil { - stdin = c.testStdin - } - - path := sanitizePath(args[0]) - - data, err := parseArgsData(stdin, args[1:]) - if err != nil { - c.UI.Error(fmt.Sprintf("Failed to parse K=V data: %s", err)) - return 1 - } - - client, err := c.Client() - if err != nil { - c.UI.Error(err.Error()) - return 2 - } - - secret, err := client.Logical().JSONMergePatch(context.Background(), path, data) - return handleWriteSecretOutput(c.BaseCommand, path, secret, err) -} diff --git a/command/patch_test.go b/command/patch_test.go deleted file mode 100644 index 2b3807c5269c6..0000000000000 --- a/command/patch_test.go +++ /dev/null @@ -1,202 +0,0 @@ -package command - -import ( - "io" - "strings" - "testing" - - "github.com/hashicorp/vault/api" - "github.com/mitchellh/cli" -) - -func testPatchCommand(tb testing.TB) (*cli.MockUi, *PatchCommand) { - tb.Helper() - - ui := cli.NewMockUi() - return ui, &PatchCommand{ - BaseCommand: &BaseCommand{ - UI: ui, - }, - } -} - -func TestPatchCommand_Run(t *testing.T) { - t.Parallel() - - cases := []struct { - name string - args []string - out string - code int - }{ - { - "not_enough_args", - []string{}, - "Not enough arguments", - 1, - }, - { - "empty_kvs", - []string{"secret/write/foo"}, - "Must supply data or use -force", - 1, - }, - { - "force_kvs", - []string{"-force", "pki/roles/example"}, - "Success!", - 0, - }, - { - "force_f_kvs", - []string{"-f", "pki/roles/example"}, - "Success!", - 0, - }, - { - "kvs_no_value", - []string{"pki/roles/example", "foo"}, - "Failed to parse K=V data", - 1, - }, - { - "single_value", - []string{"pki/roles/example", "allow_localhost=true"}, - "Success!", - 0, - }, - { - "multi_value", - []string{"pki/roles/example", "allow_localhost=true", "allowed_domains=true"}, - "Success!", - 0, - }, - } - - for _, tc := range cases { - tc := tc - - t.Run(tc.name, func(t *testing.T) { - t.Parallel() - - client, closer := testVaultServer(t) - defer closer() - - if err := client.Sys().Mount("pki", &api.MountInput{ - Type: "pki", - }); err != nil { - t.Fatalf("pki mount error: %#v", err) - } - - if _, err := client.Logical().Write("pki/roles/example", nil); err != nil { - t.Fatalf("failed to prime role: %v", err) - } - - if _, err := client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ - "key_type": "ec", - "common_name": "Root X1", - }); err != nil { - t.Fatalf("failed to prime CA: %v", err) - } - - ui, cmd := testPatchCommand(t) - cmd.client = client - - code := cmd.Run(tc.args) - if code != tc.code { - t.Errorf("expected %d to be %d", code, tc.code) - } - - combined := ui.OutputWriter.String() + ui.ErrorWriter.String() - if !strings.Contains(combined, tc.out) { - t.Errorf("expected %q to contain %q", combined, tc.out) - } - }) - } - - t.Run("stdin_full", func(t *testing.T) { - t.Parallel() - - client, closer := testVaultServer(t) - defer closer() - - if err := client.Sys().Mount("pki", &api.MountInput{ - Type: "pki", - }); err != nil { - t.Fatalf("pki mount error: %#v", err) - } - - if _, err := client.Logical().Write("pki/roles/example", nil); err != nil { - t.Fatalf("failed to prime role: %v", err) - } - - if _, err := client.Logical().Write("pki/root/generate/internal", map[string]interface{}{ - "key_type": "ec", - "common_name": "Root X1", - }); err != nil { - t.Fatalf("failed to prime CA: %v", err) - } - - stdinR, stdinW := io.Pipe() - go func() { - stdinW.Write([]byte(`{"allow_localhost":"false","allow_wildcard_certificates":"false"}`)) - stdinW.Close() - }() - - ui, cmd := testPatchCommand(t) - cmd.client = client - cmd.testStdin = stdinR - - code := cmd.Run([]string{ - "pki/roles/example", "-", - }) - if code != 0 { - combined := ui.OutputWriter.String() + ui.ErrorWriter.String() - t.Fatalf("expected retcode=%d to be 0\nOutput:\n%v", code, combined) - } - - secret, err := client.Logical().Read("pki/roles/example") - if err != nil { - t.Fatal(err) - } - if secret == nil || secret.Data == nil { - t.Fatal("expected secret to have data") - } - if exp, act := false, secret.Data["allow_localhost"].(bool); exp != act { - t.Errorf("expected allowed_localhost=%v to be %v", act, exp) - } - if exp, act := false, secret.Data["allow_wildcard_certificates"].(bool); exp != act { - t.Errorf("expected allow_wildcard_certificates=%v to be %v", act, exp) - } - }) - - t.Run("communication_failure", func(t *testing.T) { - t.Parallel() - - client, closer := testVaultServerBad(t) - defer closer() - - ui, cmd := testPatchCommand(t) - cmd.client = client - - code := cmd.Run([]string{ - "foo/bar", "a=b", - }) - if exp := 2; code != exp { - t.Errorf("expected %d to be %d", code, exp) - } - - expected := "Error writing data to foo/bar: " - combined := ui.OutputWriter.String() + ui.ErrorWriter.String() - if !strings.Contains(combined, expected) { - t.Errorf("expected %q to contain %q", combined, expected) - } - }) - - t.Run("no_tabs", func(t *testing.T) { - t.Parallel() - - _, cmd := testPatchCommand(t) - assertNoTabs(t, cmd) - }) -} diff --git a/command/pgp_test.go b/command/pgp_test.go index b9f3ee2a91acd..8d0b5d6a0474a 100644 --- a/command/pgp_test.go +++ b/command/pgp_test.go @@ -13,8 +13,8 @@ import ( "github.com/hashicorp/vault/helper/pgpkeys" "github.com/hashicorp/vault/vault" - "github.com/ProtonMail/go-crypto/openpgp" - "github.com/ProtonMail/go-crypto/openpgp/packet" + "github.com/keybase/go-crypto/openpgp" + "github.com/keybase/go-crypto/openpgp/packet" ) func getPubKeyFiles(t *testing.T) (string, []string, error) { diff --git a/command/read.go b/command/read.go index 91e50c519de93..b12eb3f60ae1e 100644 --- a/command/read.go +++ b/command/read.go @@ -59,7 +59,7 @@ func (c *ReadCommand) AutocompleteFlags() complete.Flags { func (c *ReadCommand) Run(args []string) int { f := c.Flags() - if err := f.Parse(args, ParseOptionAllowRawFormat(true)); err != nil { + if err := f.Parse(args); err != nil { c.UI.Error(err.Error()) return 1 } @@ -91,40 +91,19 @@ func (c *ReadCommand) Run(args []string) int { return 1 } - if Format(c.UI) != "raw" { - secret, err := client.Logical().ReadWithData(path, data) - if err != nil { - c.UI.Error(fmt.Sprintf("Error reading %s: %s", path, err)) - return 2 - } - if secret == nil { - c.UI.Error(fmt.Sprintf("No value found at %s", path)) - return 2 - } - - if c.flagField != "" { - return PrintRawField(c.UI, secret, c.flagField) - } - - return OutputSecret(c.UI, secret) - } - - resp, err := client.Logical().ReadRawWithData(path, data) + secret, err := client.Logical().ReadWithData(path, data) if err != nil { - c.UI.Error(fmt.Sprintf("Error reading: %s: %s", path, err)) + c.UI.Error(fmt.Sprintf("Error reading %s: %s", path, err)) return 2 } - if resp == nil || resp.Body == nil { + if secret == nil { c.UI.Error(fmt.Sprintf("No value found at %s", path)) return 2 } - defer resp.Body.Close() - contents, err := io.ReadAll(resp.Body) - if err != nil { - c.UI.Error(fmt.Sprintf("Error reading: %s: %s", path, err)) - return 2 + if c.flagField != "" { + return PrintRawField(c.UI, secret, c.flagField) } - return OutputData(c.UI, contents) + return OutputSecret(c.UI, secret) } diff --git a/command/server.go b/command/server.go index ee824cc131de0..1fa3b9fda91d1 100644 --- a/command/server.go +++ b/command/server.go @@ -78,9 +78,8 @@ const ( // Even though there are more types than the ones below, the following consts // are declared internally for value comparison and reusability. - storageTypeRaft = "raft" - storageTypeConsul = "consul" - disableStorageTypeCheckEnv = "VAULT_DISABLE_SUPPORTED_STORAGE_CHECK" + storageTypeRaft = "raft" + storageTypeConsul = "consul" ) type ServerCommand struct { @@ -1337,20 +1336,16 @@ func (c *ServerCommand) Run(args []string) int { return 1 } - for _, seal := range seals { - // There is always one nil seal. We need to skip it so we don't start an empty Finalize-Seal-Shamir - // section. - if seal == nil { - continue + if seals != nil { + for _, seal := range seals { + // Ensure that the seal finalizer is called, even if using verify-only + defer func(seal *vault.Seal) { + err = (*seal).Finalize(context.Background()) + if err != nil { + c.UI.Error(fmt.Sprintf("Error finalizing seals: %v", err)) + } + }(&seal) } - seal := seal // capture range variable - // Ensure that the seal finalizer is called, even if using verify-only - defer func(seal *vault.Seal) { - err = (*seal).Finalize(context.Background()) - if err != nil { - c.UI.Error(fmt.Sprintf("Error finalizing seals: %v", err)) - } - }(&seal) } if barrierSeal == nil { @@ -1415,7 +1410,13 @@ func (c *ServerCommand) Run(args []string) int { // Apply any enterprise configuration onto the coreConfig. adjustCoreConfigForEnt(config, &coreConfig) - if !c.flagDev && os.Getenv(disableStorageTypeCheckEnv) == "" { + if !storageSupportedForEnt(&coreConfig) { + c.UI.Warn("") + c.UI.Warn(wrapAtLength(fmt.Sprintf("WARNING: storage configured to use %q which is not supported for Vault Enterprise, must be \"raft\" or \"consul\"", coreConfig.StorageType))) + c.UI.Warn("") + } + + if !c.flagDev { inMemStorageTypes := []string{ "inmem", "inmem_ha", "inmem_transactional", "inmem_transactional_ha", } @@ -1424,12 +1425,6 @@ func (c *ServerCommand) Run(args []string) int { c.UI.Warn("") c.UI.Warn(wrapAtLength(fmt.Sprintf("WARNING: storage configured to use %q which should NOT be used in production", coreConfig.StorageType))) c.UI.Warn("") - } else { - err = checkStorageTypeForEnt(&coreConfig) - if err != nil { - c.UI.Error(fmt.Sprintf("Invalid storage type: %s", err)) - return 1 - } } } diff --git a/command/server/config_test.go b/command/server/config_test.go index 21ebd38b63c16..073d52a7f4d10 100644 --- a/command/server/config_test.go +++ b/command/server/config_test.go @@ -36,10 +36,6 @@ func TestParseListeners(t *testing.T) { testParseListeners(t) } -func TestParseUserLockouts(t *testing.T) { - testParseUserLockouts(t) -} - func TestParseSockaddrTemplate(t *testing.T) { testParseSockaddrTemplate(t) } diff --git a/command/server/config_test_helpers.go b/command/server/config_test_helpers.go index 248040f9cf8b2..bb6e273a6a469 100644 --- a/command/server/config_test_helpers.go +++ b/command/server/config_test_helpers.go @@ -3,7 +3,6 @@ package server import ( "fmt" "reflect" - "sort" "strings" "testing" "time" @@ -893,67 +892,6 @@ listener "tcp" { } } -func testParseUserLockouts(t *testing.T) { - obj, _ := hcl.Parse(strings.TrimSpace(` - user_lockout "all" { - lockout_duration = "40m" - lockout_counter_reset = "45m" - disable_lockout = "false" - } - user_lockout "userpass" { - lockout_threshold = "100" - lockout_duration = "20m" - } - user_lockout "ldap" { - disable_lockout = "true" - }`)) - - config := Config{ - SharedConfig: &configutil.SharedConfig{}, - } - list, _ := obj.Node.(*ast.ObjectList) - objList := list.Filter("user_lockout") - configutil.ParseUserLockouts(config.SharedConfig, objList) - - sort.Slice(config.SharedConfig.UserLockouts[:], func(i, j int) bool { - return config.SharedConfig.UserLockouts[i].Type < config.SharedConfig.UserLockouts[j].Type - }) - - expected := &Config{ - SharedConfig: &configutil.SharedConfig{ - UserLockouts: []*configutil.UserLockout{ - { - Type: "all", - LockoutThreshold: 5, - LockoutDuration: 2400000000000, - LockoutCounterReset: 2700000000000, - DisableLockout: false, - }, - { - Type: "userpass", - LockoutThreshold: 100, - LockoutDuration: 1200000000000, - LockoutCounterReset: 2700000000000, - DisableLockout: false, - }, - { - Type: "ldap", - LockoutThreshold: 5, - LockoutDuration: 2400000000000, - LockoutCounterReset: 2700000000000, - DisableLockout: true, - }, - }, - }, - } - - sort.Slice(expected.SharedConfig.UserLockouts[:], func(i, j int) bool { - return expected.SharedConfig.UserLockouts[i].Type < expected.SharedConfig.UserLockouts[j].Type - }) - config.Prune() - require.Equal(t, config, *expected) -} - func testParseSockaddrTemplate(t *testing.T) { config, err := ParseConfig(` api_addr = < /dev/null +make crt-build-ui crt-build crt-bundle +popd > /dev/null diff --git a/enos/modules/build_local/templates/build.sh b/enos/modules/build_local/templates/build.sh deleted file mode 100755 index 661df529bf313..0000000000000 --- a/enos/modules/build_local/templates/build.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -set -eux -o pipefail - -# Requirements -npm install --global yarn || true - -# Set up the environment for building Vault. -root_dir="$(git rev-parse --show-toplevel)" - -pushd "$root_dir" > /dev/null - -export GO_TAGS=${build_tags} -export CGO_ENABLED=0 - -IFS="-" read -r BASE_VERSION _other <<< "$(make version)" -export VAULT_VERSION=$BASE_VERSION - -build_date="$(make build-date)" -export VAULT_BUILD_DATE=$build_date - -revision="$(git rev-parse HEAD)" -export VAULT_REVISION=$revision -popd > /dev/null - -# Go to the UI directory of the Vault repo and build the UI -pushd "$root_dir/ui" > /dev/null -yarn install --ignore-optional -npm rebuild node-sass -yarn --verbose run build -popd > /dev/null - -# Build for linux/amd64 and create a bundle since we're deploying it to linux/amd64 -pushd "$root_dir" > /dev/null -export GOARCH=${goarch} -export GOOS=${goos} -make build - -zip -r -j ${bundle_path} dist/ -popd > /dev/null diff --git a/enos/modules/get_local_metadata/scripts/build_date.sh b/enos/modules/get_local_metadata/scripts/build_date.sh index fbb7f9eb57487..d0528554e7f21 100755 --- a/enos/modules/get_local_metadata/scripts/build_date.sh +++ b/enos/modules/get_local_metadata/scripts/build_date.sh @@ -1,10 +1,6 @@ #!/bin/env bash set -eu -o pipefail -# Set up the environment for building Vault. -root_dir="$(git rev-parse --show-toplevel)" - -pushd "$root_dir" > /dev/null - -IFS="-" read -r VAULT_BUILD_DATE _other <<< "$(make build-date)" -echo $VAULT_BUILD_DATE +pushd "$(git rev-parse --show-toplevel)" > /dev/null +make crt-get-date +popd > /dev/null diff --git a/enos/modules/get_local_metadata/scripts/version.sh b/enos/modules/get_local_metadata/scripts/version.sh index 13970ead9752c..ef0b91f378425 100755 --- a/enos/modules/get_local_metadata/scripts/version.sh +++ b/enos/modules/get_local_metadata/scripts/version.sh @@ -1,10 +1,6 @@ #!/bin/env bash set -eu -o pipefail -# Set up the environment for building Vault. -root_dir="$(git rev-parse --show-toplevel)" - -pushd "$root_dir" > /dev/null - -IFS="-" read -r VAULT_VERSION _other <<< "$(make version)" -echo $VAULT_VERSION +pushd "$(git rev-parse --show-toplevel)" > /dev/null +make crt-get-version +popd > /dev/null diff --git a/enos/modules/get_local_version_from_make/main.tf b/enos/modules/get_local_version_from_make/main.tf new file mode 100644 index 0000000000000..a7dcf6be7f2ab --- /dev/null +++ b/enos/modules/get_local_version_from_make/main.tf @@ -0,0 +1,15 @@ +terraform { + required_providers { + enos = { + source = "app.terraform.io/hashicorp-qti/enos" + } + } +} + +resource "enos_local_exec" "get_version" { + scripts = ["${path.module}/scripts/version.sh"] +} + +output "version" { + value = trimspace(enos_local_exec.get_version.stdout) +} diff --git a/enos/modules/get_local_version_from_make/scripts/version.sh b/enos/modules/get_local_version_from_make/scripts/version.sh new file mode 100755 index 0000000000000..13970ead9752c --- /dev/null +++ b/enos/modules/get_local_version_from_make/scripts/version.sh @@ -0,0 +1,10 @@ +#!/bin/env bash +set -eu -o pipefail + +# Set up the environment for building Vault. +root_dir="$(git rev-parse --show-toplevel)" + +pushd "$root_dir" > /dev/null + +IFS="-" read -r VAULT_VERSION _other <<< "$(make version)" +echo $VAULT_VERSION diff --git a/enos/modules/vault-verify-replication/main.tf b/enos/modules/vault-verify-replication/main.tf new file mode 100644 index 0000000000000..57a97f9ddd1b7 --- /dev/null +++ b/enos/modules/vault-verify-replication/main.tf @@ -0,0 +1,31 @@ + +terraform { + required_providers { + enos = { + source = "app.terraform.io/hashicorp-qti/enos" + } + } +} + +locals { + instances = { + for idx in range(var.vault_instance_count) : idx => { + public_ip = values(var.vault_instances)[idx].public_ip + private_ip = values(var.vault_instances)[idx].private_ip + } + } +} + +resource "enos_remote_exec" "smoke-verify-replication" { + for_each = local.instances + + content = templatefile("${path.module}/templates/smoke-verify-replication.sh", { + vault_edition = var.vault_edition + }) + + transport = { + ssh = { + host = each.value.public_ip + } + } +} diff --git a/enos/modules/vault-verify-replication/templates/smoke-verify-replication.sh b/enos/modules/vault-verify-replication/templates/smoke-verify-replication.sh new file mode 100644 index 0000000000000..d7bc72f23c246 --- /dev/null +++ b/enos/modules/vault-verify-replication/templates/smoke-verify-replication.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +# The Vault replication smoke test, documented in +# https://docs.google.com/document/d/16sjIk3hzFDPyY5A9ncxTZV_9gnpYSF1_Vx6UA1iiwgI/edit#heading=h.kgrxf0f1et25 + +set -e + +edition=${vault_edition} + +function fail() { + echo "$1" 1>&2 + exit 1 +} + +# Replication status endpoint should have data.mode disabled for OSS release +status=$(curl -s http://localhost:8200/v1/sys/replication/status) +if [ "$edition" == "oss" ]; then + if [ "$(jq -r '.data.mode' <<< "$status")" != "disabled" ]; then + fail "replication data mode is not disabled for OSS release!" + fi +else + if [ "$(jq -r '.data.dr' <<< "$status")" == "" ]; then + fail "DR replication should be available for an ENT release!" + fi + if [ "$(jq -r '.data.performance' <<< "$status")" == "" ]; then + fail "Performance replication should be available for an ENT release!" + fi +fi diff --git a/enos/modules/vault-verify-replication/variables.tf b/enos/modules/vault-verify-replication/variables.tf new file mode 100644 index 0000000000000..b335ee45efcef --- /dev/null +++ b/enos/modules/vault-verify-replication/variables.tf @@ -0,0 +1,24 @@ + +variable "vault_edition" { + type = string + description = "The vault product edition" + default = null +} + +variable "vault_install_dir" { + type = string + description = "The directory where the Vault binary will be installed" +} + +variable "vault_instance_count" { + type = number + description = "How many vault instances are in the cluster" +} + +variable "vault_instances" { + type = map(object({ + private_ip = string + public_ip = string + })) + description = "The vault cluster instances that were created" +} diff --git a/enos/modules/vault-verify-ui/main.tf b/enos/modules/vault-verify-ui/main.tf new file mode 100644 index 0000000000000..5703326d1a510 --- /dev/null +++ b/enos/modules/vault-verify-ui/main.tf @@ -0,0 +1,31 @@ + +terraform { + required_providers { + enos = { + source = "app.terraform.io/hashicorp-qti/enos" + } + } +} + +locals { + instances = { + for idx in range(var.vault_instance_count) : idx => { + public_ip = values(var.vault_instances)[idx].public_ip + private_ip = values(var.vault_instances)[idx].private_ip + } + } +} + +resource "enos_remote_exec" "smoke-verify-ui" { + for_each = local.instances + + content = templatefile("${path.module}/templates/smoke-verify-ui.sh", { + vault_install_dir = var.vault_install_dir, + }) + + transport = { + ssh = { + host = each.value.public_ip + } + } +} diff --git a/enos/modules/vault-verify-ui/templates/smoke-verify-ui.sh b/enos/modules/vault-verify-ui/templates/smoke-verify-ui.sh new file mode 100644 index 0000000000000..bcd7e1cc3055e --- /dev/null +++ b/enos/modules/vault-verify-ui/templates/smoke-verify-ui.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +set -e + +fail() { + echo "$1" 1>&2 + exit 1 +} +if [ "$(curl -s -o /dev/null -w "%%{redirect_url}" http://localhost:8200/)" != "http://localhost:8200/ui/" ]; then + fail "Port 8200 not redirecting to UI" +fi +if curl -s http://localhost:8200/ui/ | grep -q 'Vault UI is not available'; then + fail "Vault UI is not available" +fi diff --git a/enos/modules/vault-verify-ui/variables.tf b/enos/modules/vault-verify-ui/variables.tf new file mode 100644 index 0000000000000..7eaf5d1bf7f4a --- /dev/null +++ b/enos/modules/vault-verify-ui/variables.tf @@ -0,0 +1,19 @@ + +variable "vault_install_dir" { + type = string + description = "The directory where the Vault binary will be installed" + default = null +} + +variable "vault_instance_count" { + type = number + description = "How many vault instances are in the cluster" +} + +variable "vault_instances" { + type = map(object({ + private_ip = string + public_ip = string + })) + description = "The vault cluster instances that were created" +} diff --git a/enos/modules/vault-verify-write-data/main.tf b/enos/modules/vault-verify-write-data/main.tf new file mode 100644 index 0000000000000..966e833f740b0 --- /dev/null +++ b/enos/modules/vault-verify-write-data/main.tf @@ -0,0 +1,50 @@ + +terraform { + required_providers { + enos = { + source = "app.terraform.io/hashicorp-qti/enos" + } + } +} + +locals { + instances = { + for idx in range(var.vault_instance_count) : idx => { + public_ip = values(var.vault_instances)[idx].public_ip + private_ip = values(var.vault_instances)[idx].private_ip + } + } +} + +resource "enos_remote_exec" "smoke-enable-secrets-kv" { + + content = templatefile("${path.module}/templates/smoke-enable-secrets-kv.sh", { + vault_install_dir = var.vault_install_dir, + vault_token = var.vault_root_token, + }) + + transport = { + ssh = { + host = local.instances[0].public_ip + } + } +} + +# Verify that we can enable the k/v secrets engine and write data to it. +resource "enos_remote_exec" "smoke-write-test-data" { + depends_on = [enos_remote_exec.smoke-enable-secrets-kv] + for_each = local.instances + + content = templatefile("${path.module}/templates/smoke-write-test-data.sh", { + test_key = "smoke${each.key}" + test_value = "fire" + vault_install_dir = var.vault_install_dir, + vault_token = var.vault_root_token, + }) + + transport = { + ssh = { + host = each.value.public_ip + } + } +} diff --git a/enos/modules/vault-verify-write-data/templates/smoke-enable-secrets-kv.sh b/enos/modules/vault-verify-write-data/templates/smoke-enable-secrets-kv.sh new file mode 100644 index 0000000000000..fb28fd9a8240e --- /dev/null +++ b/enos/modules/vault-verify-write-data/templates/smoke-enable-secrets-kv.sh @@ -0,0 +1,37 @@ +#!/usr/bin/env bash + +set -e + +function retry { + local retries=$1 + shift + local count=0 + + until "$@"; do + exit=$? + wait=$((2 ** count)) + count=$((count + 1)) + if [ "$count" -lt "$retries" ]; then + sleep "$wait" + else + return "$exit" + fi + done + + return 0 +} + +function fail { + echo "$1" 1>&2 + exit 1 +} + +binpath=${vault_install_dir}/vault + +test -x "$binpath" || fail "unable to locate vault binary at $binpath" + +export VAULT_ADDR='http://127.0.0.1:8200' +export VAULT_TOKEN='${vault_token}' + +retry 5 "$binpath" status > /dev/null 2>&1 +retry 5 $binpath secrets enable -path="secret" kv diff --git a/enos/modules/vault-verify-write-data/templates/smoke-write-test-data.sh b/enos/modules/vault-verify-write-data/templates/smoke-write-test-data.sh new file mode 100644 index 0000000000000..d514881425a1e --- /dev/null +++ b/enos/modules/vault-verify-write-data/templates/smoke-write-test-data.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash + +set -e + +function retry { + local retries=$1 + shift + local count=0 + + until "$@"; do + exit=$? + wait=$((2 ** count)) + count=$((count + 1)) + if [ "$count" -lt "$retries" ]; then + sleep "$wait" + else + return "$exit" + fi + done + + return 0 +} + +function fail { + echo "$1" 1>&2 + exit 1 +} + +binpath=${vault_install_dir}/vault +testkey=${test_key} +testvalue=${test_value} + +test -x "$binpath" || fail "unable to locate vault binary at $binpath" + +export VAULT_ADDR='http://127.0.0.1:8200' +export VAULT_TOKEN='${vault_token}' + +retry 5 "$binpath" status > /dev/null 2>&1 +retry 5 $binpath kv put secret/test $testkey=$testvalue diff --git a/enos/modules/vault-verify-write-data/variables.tf b/enos/modules/vault-verify-write-data/variables.tf new file mode 100644 index 0000000000000..ac00f1091fcba --- /dev/null +++ b/enos/modules/vault-verify-write-data/variables.tf @@ -0,0 +1,25 @@ + +variable "vault_install_dir" { + type = string + description = "The directory where the Vault binary will be installed" + default = null +} + +variable "vault_instance_count" { + type = number + description = "How many vault instances are in the cluster" +} + +variable "vault_instances" { + type = map(object({ + private_ip = string + public_ip = string + })) + description = "The vault cluster instances that were created" +} + +variable "vault_root_token" { + type = string + description = "The vault root token" + default = null +} diff --git a/enos/modules/vault_agent/main.tf b/enos/modules/vault_agent/main.tf new file mode 100644 index 0000000000000..001a53278a27a --- /dev/null +++ b/enos/modules/vault_agent/main.tf @@ -0,0 +1,67 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + } + enos = { + source = "app.terraform.io/hashicorp-qti/enos" + } + } +} + +variable "vault_agent_template_destination" { + type = string + description = "The destination of the template rendered by Agent" +} + +variable "vault_agent_template_contents" { + type = string + description = "The template contents to be rendered by Agent" +} + +variable "vault_root_token" { + type = string + description = "The Vault root token" +} + +variable "vault_instances" { + type = map(object({ + private_ip = string + public_ip = string + })) + description = "The Vault cluster instances that were created" +} + +variable "vault_instance_count" { + type = number + description = "How many vault instances are in the cluster" +} + +variable "vault_install_dir" { + type = string + description = "The directory where the Vault binary will be installed" +} + +locals { + vault_instances = { + for idx in range(var.vault_instance_count) : idx => { + public_ip = values(var.vault_instances)[idx].public_ip + private_ip = values(var.vault_instances)[idx].private_ip + } + } +} + +resource "enos_remote_exec" "set_up_approle_auth_and_agent" { + content = templatefile("${path.module}/templates/set-up-approle-and-agent.sh", { + vault_install_dir = var.vault_install_dir + vault_token = var.vault_root_token + vault_agent_template_destination = var.vault_agent_template_destination + vault_agent_template_contents = var.vault_agent_template_contents + }) + + transport = { + ssh = { + host = local.vault_instances[0].public_ip + } + } +} diff --git a/enos/modules/vault_agent/templates/set-up-approle-and-agent.sh b/enos/modules/vault_agent/templates/set-up-approle-and-agent.sh new file mode 100644 index 0000000000000..5444508de3036 --- /dev/null +++ b/enos/modules/vault_agent/templates/set-up-approle-and-agent.sh @@ -0,0 +1,92 @@ +#!/usr/bin/env bash + +set -e + +binpath=${vault_install_dir}/vault + +fail() { + echo "$1" 1>&2 + return 1 +} + +test -x "$binpath" || fail "unable to locate vault binary at $binpath" + +export VAULT_ADDR='http://127.0.0.1:8200' +export VAULT_TOKEN='${vault_token}' + +# If approle was already enabled, disable it as we're about to re-enable it (the || true is so we don't fail if it doesn't already exist) +$binpath auth disable approle || true + +approle_create_status=$($binpath auth enable approle) + +approle_status=$($binpath write auth/approle/role/agent-role secret_id_ttl=700h token_num_uses=1000 token_ttl=600h token_max_ttl=700h secret_id_num_uses=1000) + +ROLEID=$($binpath read --format=json auth/approle/role/agent-role/role-id | jq -r '.data.role_id') + +if [[ "$ROLEID" == '' ]]; then + fail "expected ROLEID to be nonempty, but it is empty" +fi + +SECRETID=$($binpath write -f --format=json auth/approle/role/agent-role/secret-id | jq -r '.data.secret_id') + +if [[ "$SECRETID" == '' ]]; then + fail "expected SECRETID to be nonempty, but it is empty" +fi + +echo $ROLEID > /tmp/role-id +echo $SECRETID > /tmp/secret-id + +cat > /tmp/vault-agent.hcl <<- EOM +pid_file = "/tmp/pidfile" + +vault { + address = "http://127.0.0.1:8200" + tls_skip_verify = true + retry { + num_retries = 10 + } +} + +cache { + enforce_consistency = "always" + use_auto_auth_token = true +} + +listener "tcp" { + address = "127.0.0.1:8100" + tls_disable = true +} + +template { + destination = "${vault_agent_template_destination}" + contents = "${vault_agent_template_contents}" + exec { + command = "pkill -F /tmp/pidfile" + } +} + +auto_auth { + method { + type = "approle" + config = { + role_id_file_path = "/tmp/role-id" + secret_id_file_path = "/tmp/secret-id" + } + } + sink { + type = "file" + config = { + path = "/tmp/token" + } + } +} +EOM + +# If Agent is still running from a previous run, kill it +pkill -F /tmp/pidfile || true + +# If the template file already exists, remove it +rm ${vault_agent_template_destination} || true + +# Run agent (it will kill itself when it finishes rendering the template) +$binpath agent -config=/tmp/vault-agent.hcl > /tmp/agent-logs.txt 2>&1 diff --git a/enos/modules/vault_artifactory_artifact/locals.tf b/enos/modules/vault_artifactory_artifact/locals.tf index 23bfe983151dd..03854ad2231ff 100644 --- a/enos/modules/vault_artifactory_artifact/locals.tf +++ b/enos/modules/vault_artifactory_artifact/locals.tf @@ -4,24 +4,24 @@ locals { package_extensions = { amd64 = { ubuntu = { - "oss" = "-1_amd64.deb" - "ent" = "+ent-1_amd64.deb" - "ent.hsm" = "+ent-1_amd64.deb" + # "oss" = "-1_amd64.deb" + "ent" = "-1_amd64.deb" + "ent.hsm" = "-1_amd64.deb" } rhel = { - "oss" = "-1.x86_64.rpm" - "ent" = "+ent-1.x86_64.rpm" - "ent.hsm" = "+ent-1.x86_64.rpm" + # "oss" = "-1.x86_64.rpm" + "ent" = "-1.x86_64.rpm" + "ent.hsm" = "-1.x86_64.rpm" } } arm64 = { ubuntu = { - "oss" = "-1_arm64.deb" - "ent" = "+ent-1_arm64.deb" + # "oss" = "-1_arm64.deb" + "ent" = "-1_arm64.deb" } rhel = { - "oss" = "-1.aarch64.rpm" - "ent" = "+ent-1.aarch64.rpm" + # "oss" = "-1.aarch64.rpm" + "ent" = "-1.aarch64.rpm" } } } @@ -46,12 +46,12 @@ locals { artifact_name_edition = { "oss" = "" "ent" = "" - "ent.hsm" = "+ent.hsm" - "ent.fips1402" = "+ent.fips1402" - "ent.hsm.fips1402" = "+ent.hsm.fips1402" + "ent.hsm" = ".hsm" + "ent.fips1402" = ".fips1402" + "ent.hsm.fips1402" = ".hsm.fips1402" } artifact_name_prefix = var.artifact_type == "package" ? local.artifact_package_release_names[var.distro][var.edition] : "vault_" artifact_name_extension = var.artifact_type == "package" ? local.package_extensions[var.arch][var.distro][var.edition] : "${local.artifact_name_edition[var.edition]}_linux_${var.arch}.zip" - artifact_name = var.artifact_type == "package" ? "${local.artifact_name_prefix}${replace(var.vault_product_version, "-", "~")}${local.artifact_name_extension}" : "${local.artifact_name_prefix}${var.vault_product_version}${local.artifact_name_extension}" + artifact_name = var.artifact_type == "package" ? "${local.artifact_name_prefix}${replace(var.product_version, "-", "~")}${local.artifact_name_extension}" : "${local.artifact_name_prefix}${var.product_version}${local.artifact_name_extension}" } diff --git a/enos/modules/vault_artifactory_artifact/main.tf b/enos/modules/vault_artifactory_artifact/main.tf index 3e8140bcc62bc..1ede476e2e92f 100644 --- a/enos/modules/vault_artifactory_artifact/main.tf +++ b/enos/modules/vault_artifactory_artifact/main.tf @@ -17,6 +17,6 @@ data "enos_artifactory_item" "vault" { properties = tomap({ "commit" = var.revision "product-name" = var.edition == "oss" ? "vault" : "vault-enterprise" - "product-version" = var.vault_product_version + "product-version" = var.product_version }) } diff --git a/enos/modules/vault_artifactory_artifact/variables.tf b/enos/modules/vault_artifactory_artifact/variables.tf index 3dd20878e09f6..778354e7deeab 100644 --- a/enos/modules/vault_artifactory_artifact/variables.tf +++ b/enos/modules/vault_artifactory_artifact/variables.tf @@ -29,7 +29,7 @@ variable "distro" {} variable "edition" {} variable "instance_type" {} variable "revision" {} -variable "vault_product_version" {} +variable "product_version" {} variable "build_tags" { default = null } variable "bundle_path" { default = null } variable "goarch" { default = null } diff --git a/enos/modules/vault_upgrade/main.tf b/enos/modules/vault_upgrade/main.tf index b9a059b344e11..07e65bf197f96 100644 --- a/enos/modules/vault_upgrade/main.tf +++ b/enos/modules/vault_upgrade/main.tf @@ -32,11 +32,6 @@ variable "vault_instances" { description = "The vault cluster instances that were created" } -variable "vault_local_bundle_path" { - type = string - description = "The path to the local Vault (vault.zip) bundle" -} - variable "vault_local_artifact_path" { type = string description = "The path to a locally built vault artifact to install" @@ -81,7 +76,8 @@ resource "enos_bundle_install" "upgrade_vault_binary" { for_each = local.instances destination = var.vault_install_dir - path = var.vault_local_bundle_path + artifactory = var.vault_artifactory_release + path = var.vault_local_artifact_path transport = { ssh = { diff --git a/enos/modules/vault_verify_agent_output/main.tf b/enos/modules/vault_verify_agent_output/main.tf new file mode 100644 index 0000000000000..6643c8b626620 --- /dev/null +++ b/enos/modules/vault_verify_agent_output/main.tf @@ -0,0 +1,53 @@ +terraform { + required_providers { + enos = { + source = "app.terraform.io/hashicorp-qti/enos" + } + } +} + +variable "vault_agent_template_destination" { + type = string + description = "The destination of the template rendered by Agent" +} + +variable "vault_agent_expected_output" { + type = string + description = "The output that's expected in the rendered template at vault_agent_template_destination" +} + +variable "vault_instance_count" { + type = number + description = "How many vault instances are in the cluster" +} + +variable "vault_instances" { + type = map(object({ + private_ip = string + public_ip = string + })) + description = "The vault cluster instances that were created" +} + +locals { + vault_instances = { + for idx in range(var.vault_instance_count) : idx => { + public_ip = values(var.vault_instances)[idx].public_ip + private_ip = values(var.vault_instances)[idx].private_ip + } + } +} + +resource "enos_remote_exec" "verify_vault_agent_output" { + content = templatefile("${path.module}/templates/verify-vault-agent-output.sh", { + vault_agent_template_destination = var.vault_agent_template_destination + vault_agent_expected_output = var.vault_agent_expected_output + vault_instances = jsonencode(local.vault_instances) + }) + + transport = { + ssh = { + host = local.vault_instances[0].public_ip + } + } +} diff --git a/enos/modules/vault_verify_agent_output/templates/verify-vault-agent-output.sh b/enos/modules/vault_verify_agent_output/templates/verify-vault-agent-output.sh new file mode 100644 index 0000000000000..3c434ba972762 --- /dev/null +++ b/enos/modules/vault_verify_agent_output/templates/verify-vault-agent-output.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +set -e + +fail() { + echo "$1" 1>&2 + return 1 +} + +actual_output=$(cat ${vault_agent_template_destination}) +if [[ "$actual_output" != "${vault_agent_expected_output}" ]]; then + fail "expected '${vault_agent_expected_output}' to be the Agent output, but got: '$actual_output'" +fi diff --git a/go.mod b/go.mod index 8485b2338f589..b87148aebb408 100644 --- a/go.mod +++ b/go.mod @@ -22,7 +22,6 @@ require ( github.com/Azure/go-autorest/autorest v0.11.24 github.com/Azure/go-autorest/autorest/adal v0.9.18 github.com/NYTimes/gziphandler v1.1.1 - github.com/ProtonMail/go-crypto v0.0.0-20220824120805-4b6e5c587895 github.com/SAP/go-hdb v0.14.1 github.com/Sectorbob/mlab-ns2 v0.0.0-20171030222938-d3aa0c295a8a github.com/aerospike/aerospike-client-go/v5 v5.6.0 @@ -32,7 +31,7 @@ require ( github.com/armon/go-metrics v0.4.0 github.com/armon/go-radix v1.0.0 github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef - github.com/aws/aws-sdk-go v1.44.128 + github.com/aws/aws-sdk-go v1.44.95 github.com/axiomhq/hyperloglog v0.0.0-20220105174342-98591331716a github.com/cenkalti/backoff/v3 v3.2.2 github.com/chrismalek/oktasdk-go v0.0.0-20181212195951-3430665dfaa0 @@ -87,7 +86,7 @@ require ( github.com/hashicorp/go-secure-stdlib/gatedwriter v0.1.1 github.com/hashicorp/go-secure-stdlib/kv-builder v0.1.2 github.com/hashicorp/go-secure-stdlib/mlock v0.1.2 - github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 + github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 github.com/hashicorp/go-secure-stdlib/password v0.1.1 github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1 github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 @@ -122,25 +121,26 @@ require ( github.com/hashicorp/vault-plugin-mock v0.16.1 github.com/hashicorp/vault-plugin-secrets-ad v0.14.0 github.com/hashicorp/vault-plugin-secrets-alicloud v0.13.0 - github.com/hashicorp/vault-plugin-secrets-azure v0.14.0 + github.com/hashicorp/vault-plugin-secrets-azure v0.14.1 github.com/hashicorp/vault-plugin-secrets-gcp v0.14.0 github.com/hashicorp/vault-plugin-secrets-gcpkms v0.13.0 github.com/hashicorp/vault-plugin-secrets-kubernetes v0.2.0 - github.com/hashicorp/vault-plugin-secrets-kv v0.13.3 + github.com/hashicorp/vault-plugin-secrets-kv v0.13.0 github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.8.0 github.com/hashicorp/vault-plugin-secrets-openldap v0.9.0 github.com/hashicorp/vault-plugin-secrets-terraform v0.6.0 github.com/hashicorp/vault-testing-stepwise v0.1.2 - github.com/hashicorp/vault/api v1.8.1 + github.com/hashicorp/vault/api v1.8.0 github.com/hashicorp/vault/api/auth/approle v0.1.0 github.com/hashicorp/vault/api/auth/userpass v0.1.0 - github.com/hashicorp/vault/sdk v0.6.1-0.20220920194006-b5b65fe1ddb9 + github.com/hashicorp/vault/sdk v0.6.1-0.20221102145943-1e9b0a1225c3 github.com/influxdata/influxdb1-client v0.0.0-20200827194710-b269163b24ab github.com/jackc/pgx/v4 v4.15.0 github.com/jcmturner/gokrb5/v8 v8.4.2 github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f github.com/jefferai/jsonx v1.0.0 github.com/joyent/triton-go v1.7.1-0.20200416154420-6801d15b779f + github.com/keybase/go-crypto v0.0.0-20190403132359-d65b6b94177f github.com/kr/pretty v0.3.0 github.com/kr/text v0.2.0 github.com/mattn/go-colorable v0.1.12 @@ -176,7 +176,7 @@ require ( github.com/sasha-s/go-deadlock v0.2.0 github.com/sethvargo/go-limiter v0.7.1 github.com/shirou/gopsutil/v3 v3.22.6 - github.com/stretchr/testify v1.8.1 + github.com/stretchr/testify v1.8.0 go.etcd.io/bbolt v1.3.6 go.etcd.io/etcd/client/pkg/v3 v3.5.0 go.etcd.io/etcd/client/v2 v2.305.0 @@ -203,7 +203,7 @@ require ( gopkg.in/square/go-jose.v2 v2.6.0 k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 layeh.com/radius v0.0.0-20190322222518-890bc1058917 - mvdan.cc/gofumpt v0.3.1 + mvdan.cc/gofumpt v0.1.1 ) require ( @@ -254,7 +254,6 @@ require ( github.com/cespare/xxhash/v2 v2.1.1 // indirect github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible // indirect github.com/circonus-labs/circonusllhist v0.1.3 // indirect - github.com/cloudflare/circl v1.1.0 // indirect github.com/cloudfoundry-community/go-cfclient v0.0.0-20210823134051-721f0e559306 // indirect github.com/containerd/cgroups v1.0.3 // indirect github.com/containerd/containerd v1.5.13 // indirect @@ -386,7 +385,7 @@ require ( github.com/softlayer/softlayer-go v0.0.0-20180806151055-260589d94c7d // indirect github.com/sony/gobreaker v0.4.2-0.20210216022020-dd874f9dd33b // indirect github.com/spf13/pflag v1.0.5 // indirect - github.com/stretchr/objx v0.5.0 // indirect + github.com/stretchr/objx v0.4.0 // indirect github.com/tencentcloud/tencentcloud-sdk-go v1.0.162 // indirect github.com/tilinna/clock v1.0.2 // indirect github.com/tklauser/go-sysconf v0.3.10 // indirect diff --git a/go.sum b/go.sum index d218e1e77b86b..fc622c78777d7 100644 --- a/go.sum +++ b/go.sum @@ -183,8 +183,6 @@ github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMo github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/ProtonMail/go-crypto v0.0.0-20220824120805-4b6e5c587895 h1:NsReiLpErIPzRrnogAXYwSoU7txA977LjDGrbkewJbg= -github.com/ProtonMail/go-crypto v0.0.0-20220824120805-4b6e5c587895/go.mod h1:UBYPn8k0D56RtnR8RFQMjmh4KrZzWJ5o7Z9SYjossQ8= github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= @@ -245,8 +243,8 @@ github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpi github.com/aws/aws-sdk-go v1.30.27/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= github.com/aws/aws-sdk-go v1.34.28/go.mod h1:H7NKnBqNVzoTJpGfLrQkkD+ytBA93eiDYi/+8rV9s48= github.com/aws/aws-sdk-go v1.36.29/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= -github.com/aws/aws-sdk-go v1.44.128 h1:X34pX5t0LIZXjBY11yf9JKMP3c1aZgirh+5PjtaZyJ4= -github.com/aws/aws-sdk-go v1.44.128/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= +github.com/aws/aws-sdk-go v1.44.95 h1:QwmA+PeR6v4pF0f/dPHVPWGAshAhb9TnGZBTM5uKuI8= +github.com/aws/aws-sdk-go v1.44.95/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= github.com/aws/aws-sdk-go-v2 v1.8.0 h1:HcN6yDnHV9S7D69E7To0aUppJhiJNEzQSNcUxc7r3qo= github.com/aws/aws-sdk-go-v2 v1.8.0/go.mod h1:xEFuWz+3TYdlPRuo+CqATbeDWIWyaT5uAPwPaWtgse0= github.com/aws/aws-sdk-go-v2/config v1.6.0 h1:rtoCnNObhVm7me+v9sA2aY+NtHNZjjWWC3ifXVci+wE= @@ -302,7 +300,6 @@ github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7 github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= -github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4= github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= @@ -337,8 +334,6 @@ github.com/circonus-labs/circonusllhist v0.1.3 h1:TJH+oke8D16535+jHExHj4nQvzlZrj github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= github.com/client9/misspell v0.3.4 h1:ta993UF76GwbvJcIo3Y68y/M3WxlpEHPWIGDkJYwzJI= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cloudflare/circl v1.1.0 h1:bZgT/A+cikZnKIwn7xL2OBj012Bmvho/o6RpRvv3GKY= -github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= github.com/cloudfoundry-community/go-cfclient v0.0.0-20210823134051-721f0e559306 h1:k8q2Nsz7kNaUlysVCnWIFLMUSqiKXaGLdIf9P0GsX2Y= github.com/cloudfoundry-community/go-cfclient v0.0.0-20210823134051-721f0e559306/go.mod h1:0FdHblxw7g3M2PPICOw9i8YZOHP9dZTHbJUtoxL7Z/E= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= @@ -1004,6 +999,7 @@ github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHh github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= +github.com/hashicorp/go-plugin v1.4.3/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ38b18Udy6vYQ= github.com/hashicorp/go-plugin v1.4.5 h1:oTE/oQR4eghggRg8VY7PAz3dr++VwDNBGCcOfIvHpBo= github.com/hashicorp/go-plugin v1.4.5/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= github.com/hashicorp/go-raftchunking v0.6.3-0.20191002164813-7e9e8525653a h1:FmnBDwGwlTgugDGbVxwV8UavqSMACbGrUpfc98yFLR4= @@ -1030,9 +1026,9 @@ github.com/hashicorp/go-secure-stdlib/mlock v0.1.1/go.mod h1:zq93CJChV6L9QTfGKtf github.com/hashicorp/go-secure-stdlib/mlock v0.1.2 h1:p4AKXPPS24tO8Wc8i1gLvSKdmkiSY5xuju57czJ/IJQ= github.com/hashicorp/go-secure-stdlib/mlock v0.1.2/go.mod h1:zq93CJChV6L9QTfGKtfBxKqD7BqqXx5O04A/ns2p5+I= github.com/hashicorp/go-secure-stdlib/parseutil v0.1.1/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= +github.com/hashicorp/go-secure-stdlib/parseutil v0.1.2/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= +github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 h1:om4Al8Oy7kCm/B86rLCLah4Dt5Aa0Fr5rYBG60OzwHQ= github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 h1:UpiO20jno/eV1eVZcxqWnUohyKRe1g8FPV/xH1s/2qs= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= github.com/hashicorp/go-secure-stdlib/password v0.1.1 h1:6JzmBqXprakgFEHwBgdchsjaA9x3GyjdI568bXKxa60= github.com/hashicorp/go-secure-stdlib/password v0.1.1/go.mod h1:9hH302QllNwu1o2TGYtSk8I8kTAN0ca1EHpwhm5Mmzo= github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1 h1:SMGUnbpAcat8rIKHkBPjfv81yC46a8eCNZ2hsR2l1EI= @@ -1132,16 +1128,16 @@ github.com/hashicorp/vault-plugin-secrets-ad v0.14.0 h1:64qTDXSj3tw1li7lWh13OJoY github.com/hashicorp/vault-plugin-secrets-ad v0.14.0/go.mod h1:5XIn6cw1+gG+WWxK0SdEAKCDOXTp+MX90PzZ7f3Eks0= github.com/hashicorp/vault-plugin-secrets-alicloud v0.13.0 h1:eWDAAvZsKHhnXF8uCiyF/wDqT57fflCs54PTIolONBo= github.com/hashicorp/vault-plugin-secrets-alicloud v0.13.0/go.mod h1:F4KWrlCQZbhP2dFXCkRvbHX2J6CTydlaY0cH+OrLHCE= -github.com/hashicorp/vault-plugin-secrets-azure v0.14.0 h1:1Az9rwdDHiTXiJSEYSq+Ar+MXeC3Z9v2ltZx3N+DwNY= -github.com/hashicorp/vault-plugin-secrets-azure v0.14.0/go.mod h1:Xw8CQPkyZSJRK9BXKBruf6kOO8rLyXEf40o19ClK9kY= +github.com/hashicorp/vault-plugin-secrets-azure v0.14.1 h1:Dh4b7sILU+O17K+g2tWGdeGq9djPw5rqFCOX69JxJbA= +github.com/hashicorp/vault-plugin-secrets-azure v0.14.1/go.mod h1:Xw8CQPkyZSJRK9BXKBruf6kOO8rLyXEf40o19ClK9kY= github.com/hashicorp/vault-plugin-secrets-gcp v0.14.0 h1:1yUxhYhFiMQm/miMYCtplnYly6HGBprOKStM6hpk+z0= github.com/hashicorp/vault-plugin-secrets-gcp v0.14.0/go.mod h1:kRgZfXRD9qUHoGclaR09tKXXwkwNrkY+D76ahetsaB8= github.com/hashicorp/vault-plugin-secrets-gcpkms v0.13.0 h1:R36pNaaN4tJyIrPJej7/355Qt5+Q5XUTB+Az6rGs5xg= github.com/hashicorp/vault-plugin-secrets-gcpkms v0.13.0/go.mod h1:n2VKlYDCuO8+OXN4S1Im8esIL53/ENRFa4gXrvhCVIM= github.com/hashicorp/vault-plugin-secrets-kubernetes v0.2.0 h1:iPue19f7LW63lAo8YFsm0jmo49gox0oIYFPAtVtnzGg= github.com/hashicorp/vault-plugin-secrets-kubernetes v0.2.0/go.mod h1:WO0wUxGh1PxhwdBHD7mXU5XQTqLwMZiJrUwVuzx3tIg= -github.com/hashicorp/vault-plugin-secrets-kv v0.13.3 h1:TUKpQY6fmTiUhaZ71/WTamEuK2JH7ESB92T4VZsq4+g= -github.com/hashicorp/vault-plugin-secrets-kv v0.13.3/go.mod h1:ikPuEWi2rHaGQCHZuPdn/6D3Bq/25ElX3G9pGeDr0Yg= +github.com/hashicorp/vault-plugin-secrets-kv v0.13.0 h1:3Rf8RQIulyhaANaQxQdElfMh4SXS/z49thoSJpJ3ssg= +github.com/hashicorp/vault-plugin-secrets-kv v0.13.0/go.mod h1:9V2Ecim3m/qw+YAQelUeFADqZ1GVo8xwoLqfKsqh9pI= github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.8.0 h1:VREm+cJGUXcPCakaYVxQt8wTVqTwJclsIIk2XuqpPbs= github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.8.0/go.mod h1:PLx2vxXukfsKsDRo/PlG4fxmJ1d+H2h82wT3vf4buuI= github.com/hashicorp/vault-plugin-secrets-openldap v0.9.0 h1:/6FQzNB4zjep7O14pkVOapwRJvnQ4gINGAc1Ss1IYg8= @@ -1285,6 +1281,8 @@ github.com/karrick/godirwalk v1.8.0/go.mod h1:H5KPZjojv4lE+QYImBI8xVtrBRgYrIVsaR github.com/karrick/godirwalk v1.10.3/go.mod h1:RoGL9dQei4vP9ilrpETWE8CLOZ1kiN0LhBygSwrAsHA= github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8= github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= +github.com/keybase/go-crypto v0.0.0-20190403132359-d65b6b94177f h1:Gsc9mVHLRqBjMgdQCghN9NObCcRncDqxJvBvEaIIQEo= +github.com/keybase/go-crypto v0.0.0-20190403132359-d65b6b94177f/go.mod h1:ghbZscTyKdM07+Fw3KSi0hcJm+AlEUWj8QLlPtijN/M= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= @@ -1638,6 +1636,7 @@ github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFR github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= +github.com/rogpeppe/go-internal v1.6.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.8.1 h1:geMPLpDpQOgVyCg5z5GoRwLHepNdb71NXb67XFkP+Eg= github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o= github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= @@ -1723,9 +1722,8 @@ github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= +github.com/stretchr/objx v0.4.0 h1:M2gUjqZET1qApGOWNSnZ49BAIMX4F/1plDv3+l31EJ4= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= @@ -1736,9 +1734,8 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.7.5/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= @@ -2323,6 +2320,7 @@ golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= @@ -2657,8 +2655,8 @@ k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 h1:HNSDgDCrr/6Ly3WEGKZftiE7IY19V k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= layeh.com/radius v0.0.0-20190322222518-890bc1058917 h1:BDXFaFzUt5EIqe/4wrTc4AcYZWP6iC6Ult+jQWLh5eU= layeh.com/radius v0.0.0-20190322222518-890bc1058917/go.mod h1:fywZKyu//X7iRzaxLgPWsvc0L26IUpVvE/aeIL2JtIQ= -mvdan.cc/gofumpt v0.3.1 h1:avhhrOmv0IuvQVK7fvwV91oFSGAk5/6Po8GXTzICeu8= -mvdan.cc/gofumpt v0.3.1/go.mod h1:w3ymliuxvzVx8DAutBnVyDqYb1Niy/yCJt/lk821YCE= +mvdan.cc/gofumpt v0.1.1 h1:bi/1aS/5W00E2ny5q65w9SnKpWEF/UIOqDYBILpo9rA= +mvdan.cc/gofumpt v0.1.1/go.mod h1:yXG1r1WqZVKWbVRtBWKWX9+CxGYfA51nSomhM0woR48= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/helper/forwarding/types.pb.go b/helper/forwarding/types.pb.go index 2182e12cb5e05..c610a3e3e4023 100644 --- a/helper/forwarding/types.pb.go +++ b/helper/forwarding/types.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: helper/forwarding/types.proto package forwarding diff --git a/helper/identity/mfa/types.pb.go b/helper/identity/mfa/types.pb.go index 8de54d5f965da..59d989e86e3a7 100644 --- a/helper/identity/mfa/types.pb.go +++ b/helper/identity/mfa/types.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: helper/identity/mfa/types.proto package mfa diff --git a/helper/identity/types.pb.go b/helper/identity/types.pb.go index e19edfbde9357..7a88a74773104 100644 --- a/helper/identity/types.pb.go +++ b/helper/identity/types.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: helper/identity/types.proto package identity diff --git a/helper/pgpkeys/encrypt_decrypt.go b/helper/pgpkeys/encrypt_decrypt.go index 554013d6af494..31678df69f4c1 100644 --- a/helper/pgpkeys/encrypt_decrypt.go +++ b/helper/pgpkeys/encrypt_decrypt.go @@ -5,8 +5,8 @@ import ( "encoding/base64" "fmt" - "github.com/ProtonMail/go-crypto/openpgp" - "github.com/ProtonMail/go-crypto/openpgp/packet" + "github.com/keybase/go-crypto/openpgp" + "github.com/keybase/go-crypto/openpgp/packet" ) // EncryptShares takes an ordered set of byte slices to encrypt and the diff --git a/helper/pgpkeys/flag.go b/helper/pgpkeys/flag.go index e107bc9943385..4490d891dc9ed 100644 --- a/helper/pgpkeys/flag.go +++ b/helper/pgpkeys/flag.go @@ -8,7 +8,7 @@ import ( "os" "strings" - "github.com/ProtonMail/go-crypto/openpgp" + "github.com/keybase/go-crypto/openpgp" ) // PubKeyFileFlag implements flag.Value and command.Example to receive exactly diff --git a/helper/pgpkeys/flag_test.go b/helper/pgpkeys/flag_test.go index ec6402d5eb2f2..86e04611f1cfe 100644 --- a/helper/pgpkeys/flag_test.go +++ b/helper/pgpkeys/flag_test.go @@ -12,8 +12,8 @@ import ( "strings" "testing" - "github.com/ProtonMail/go-crypto/openpgp" - "github.com/ProtonMail/go-crypto/openpgp/packet" + "github.com/keybase/go-crypto/openpgp" + "github.com/keybase/go-crypto/openpgp/packet" ) func TestPubKeyFilesFlag_implements(t *testing.T) { diff --git a/helper/pgpkeys/keybase.go b/helper/pgpkeys/keybase.go index b2571b451d9b7..a9dde2bdd7aed 100644 --- a/helper/pgpkeys/keybase.go +++ b/helper/pgpkeys/keybase.go @@ -6,9 +6,9 @@ import ( "fmt" "strings" - "github.com/ProtonMail/go-crypto/openpgp" cleanhttp "github.com/hashicorp/go-cleanhttp" "github.com/hashicorp/vault/sdk/helper/jsonutil" + "github.com/keybase/go-crypto/openpgp" ) const ( diff --git a/helper/pgpkeys/keybase_test.go b/helper/pgpkeys/keybase_test.go index 3faa3f5d8db2e..c261e6f14c421 100644 --- a/helper/pgpkeys/keybase_test.go +++ b/helper/pgpkeys/keybase_test.go @@ -7,8 +7,8 @@ import ( "reflect" "testing" - "github.com/ProtonMail/go-crypto/openpgp" - "github.com/ProtonMail/go-crypto/openpgp/packet" + "github.com/keybase/go-crypto/openpgp" + "github.com/keybase/go-crypto/openpgp/packet" ) func TestFetchKeybasePubkeys(t *testing.T) { diff --git a/helper/storagepacker/types.pb.go b/helper/storagepacker/types.pb.go index 1d4d87b6b8973..6bed81c48a152 100644 --- a/helper/storagepacker/types.pb.go +++ b/helper/storagepacker/types.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: helper/storagepacker/types.proto package storagepacker diff --git a/helper/testhelpers/cassandra/cassandrahelper.go b/helper/testhelpers/cassandra/cassandrahelper.go index 899136f16c9a4..9d8ceeea8c1f6 100644 --- a/helper/testhelpers/cassandra/cassandrahelper.go +++ b/helper/testhelpers/cassandra/cassandrahelper.go @@ -90,10 +90,9 @@ func PrepareTestContainer(t *testing.T, opts ...ContainerOpt) (Host, func()) { } containerCfg := &containerConfig{ - imageName: "docker.mirror.hashicorp.services/library/cassandra", - containerName: "cassandra", - version: "3.11", - env: []string{"CASSANDRA_BROADCAST_ADDRESS=127.0.0.1"}, + imageName: "cassandra", + version: "3.11", + env: []string{"CASSANDRA_BROADCAST_ADDRESS=127.0.0.1"}, } for _, opt := range opts { diff --git a/helper/testhelpers/consul/consulhelper.go b/helper/testhelpers/consul/consulhelper.go index 7d7984b17495c..e88ead2bfad56 100644 --- a/helper/testhelpers/consul/consulhelper.go +++ b/helper/testhelpers/consul/consulhelper.go @@ -58,7 +58,7 @@ func PrepareTestContainer(t *testing.T, version string, isEnterprise bool, doBoo if isEnterprise { version += "-ent" name = "consul-enterprise" - repo = "docker.mirror.hashicorp.services/hashicorp/consul-enterprise" + repo = "hashicorp/consul-enterprise" license, hasLicense := os.LookupEnv("CONSUL_LICENSE") envVars = append(envVars, "CONSUL_LICENSE="+license) diff --git a/helper/testhelpers/docker/testhelpers.go b/helper/testhelpers/docker/testhelpers.go index 5166cfb01b921..88f377d573033 100644 --- a/helper/testhelpers/docker/testhelpers.go +++ b/helper/testhelpers/docker/testhelpers.go @@ -1,13 +1,11 @@ package docker import ( - "archive/tar" "bytes" "context" "encoding/base64" "encoding/json" "fmt" - "io" "io/ioutil" "net/url" "os" @@ -22,7 +20,6 @@ import ( "github.com/docker/docker/api/types/strslice" "github.com/docker/docker/client" "github.com/docker/docker/pkg/archive" - "github.com/docker/docker/pkg/stdcopy" "github.com/docker/go-connections/nat" "github.com/hashicorp/go-uuid" ) @@ -134,26 +131,10 @@ func (s ServiceURL) URL() *url.URL { // connection string (typically a URL) and nil, or empty string and an error. type ServiceAdapter func(ctx context.Context, host string, port int) (ServiceConfig, error) -// StartService will start the runner's configured docker container with a -// random UUID suffix appended to the name to make it unique and will return -// either a hostname or local address depending on if a Docker network was given. -// -// Most tests can default to using this. func (d *Runner) StartService(ctx context.Context, connect ServiceAdapter) (*Service, error) { - serv, _, err := d.StartNewService(ctx, true, false, connect) - - return serv, err -} - -// StartNewService will start the runner's configured docker container but with the -// ability to control adding a name suffix or forcing a local address to be returned. -// 'addSuffix' will add a random UUID to the end of the container name. -// 'forceLocalAddr' will force the container address returned to be in the -// form of '127.0.0.1:1234' where 1234 is the mapped container port. -func (d *Runner) StartNewService(ctx context.Context, addSuffix, forceLocalAddr bool, connect ServiceAdapter) (*Service, string, error) { - container, hostIPs, containerID, err := d.Start(context.Background(), addSuffix, forceLocalAddr) + container, hostIPs, err := d.Start(context.Background()) if err != nil { - return nil, "", err + return nil, err } cleanup := func() { @@ -190,7 +171,7 @@ func (d *Runner) StartNewService(ctx context.Context, addSuffix, forceLocalAddr pieces := strings.Split(hostIPs[0], ":") portInt, err := strconv.Atoi(pieces[1]) if err != nil { - return nil, "", err + return nil, err } var config ServiceConfig @@ -210,14 +191,14 @@ func (d *Runner) StartNewService(ctx context.Context, addSuffix, forceLocalAddr if !d.RunOptions.DoNotAutoRemove { cleanup() } - return nil, "", err + return nil, err } return &Service{ Config: config, Cleanup: cleanup, Container: container, - }, containerID, nil + }, nil } type Service struct { @@ -226,15 +207,12 @@ type Service struct { Container *types.ContainerJSON } -func (d *Runner) Start(ctx context.Context, addSuffix, forceLocalAddr bool) (*types.ContainerJSON, []string, string, error) { - name := d.RunOptions.ContainerName - if addSuffix { - suffix, err := uuid.GenerateUUID() - if err != nil { - return nil, nil, "", err - } - name += "-" + suffix +func (d *Runner) Start(ctx context.Context) (*types.ContainerJSON, []string, error) { + suffix, err := uuid.GenerateUUID() + if err != nil { + return nil, nil, err } + name := d.RunOptions.ContainerName + "-" + suffix cfg := &container.Config{ Hostname: name, @@ -273,7 +251,7 @@ func (d *Runner) Start(ctx context.Context, addSuffix, forceLocalAddr bool) (*ty "password": d.RunOptions.AuthPassword, } if err := json.NewEncoder(&buf).Encode(auth); err != nil { - return nil, nil, "", err + return nil, nil, err } opts.RegistryAuth = base64.URLEncoding.EncodeToString(buf.Bytes()) } @@ -284,73 +262,47 @@ func (d *Runner) Start(ctx context.Context, addSuffix, forceLocalAddr bool) (*ty c, err := d.DockerAPI.ContainerCreate(ctx, cfg, hostConfig, netConfig, nil, cfg.Hostname) if err != nil { - return nil, nil, "", fmt.Errorf("container create failed: %v", err) + return nil, nil, fmt.Errorf("container create failed: %v", err) } for from, to := range d.RunOptions.CopyFromTo { if err := copyToContainer(ctx, d.DockerAPI, c.ID, from, to); err != nil { _ = d.DockerAPI.ContainerRemove(ctx, c.ID, types.ContainerRemoveOptions{}) - return nil, nil, "", err + return nil, nil, err } } err = d.DockerAPI.ContainerStart(ctx, c.ID, types.ContainerStartOptions{}) if err != nil { _ = d.DockerAPI.ContainerRemove(ctx, c.ID, types.ContainerRemoveOptions{}) - return nil, nil, "", fmt.Errorf("container start failed: %v", err) + return nil, nil, fmt.Errorf("container start failed: %v", err) } inspect, err := d.DockerAPI.ContainerInspect(ctx, c.ID) if err != nil { _ = d.DockerAPI.ContainerRemove(ctx, c.ID, types.ContainerRemoveOptions{}) - return nil, nil, "", err + return nil, nil, err } var addrs []string for _, port := range d.RunOptions.Ports { pieces := strings.Split(port, "/") if len(pieces) < 2 { - return nil, nil, "", fmt.Errorf("expected port of the form 1234/tcp, got: %s", port) + return nil, nil, fmt.Errorf("expected port of the form 1234/tcp, got: %s", port) } - if d.RunOptions.NetworkID != "" && !forceLocalAddr { + if d.RunOptions.NetworkID != "" { addrs = append(addrs, fmt.Sprintf("%s:%s", cfg.Hostname, pieces[0])) } else { mapped, ok := inspect.NetworkSettings.Ports[nat.Port(port)] if !ok || len(mapped) == 0 { - return nil, nil, "", fmt.Errorf("no port mapping found for %s", port) + return nil, nil, fmt.Errorf("no port mapping found for %s", port) } - addrs = append(addrs, fmt.Sprintf("127.0.0.1:%s", mapped[0].HostPort)) - } - } - - return &inspect, addrs, c.ID, nil -} -func (d *Runner) Stop(ctx context.Context, containerID string) error { - if d.RunOptions.NetworkID != "" { - if err := d.DockerAPI.NetworkDisconnect(ctx, d.RunOptions.NetworkID, containerID, true); err != nil { - return fmt.Errorf("error disconnecting network (%v): %v", d.RunOptions.NetworkID, err) + addrs = append(addrs, fmt.Sprintf("127.0.0.1:%s", mapped[0].HostPort)) } } - timeout := 5 * time.Second - if err := d.DockerAPI.ContainerStop(ctx, containerID, &timeout); err != nil { - return fmt.Errorf("error stopping container: %v", err) - } - - return nil -} - -func (d *Runner) Restart(ctx context.Context, containerID string) error { - if err := d.DockerAPI.ContainerStart(ctx, containerID, types.ContainerStartOptions{}); err != nil { - return err - } - - ends := &network.EndpointSettings{ - NetworkID: d.RunOptions.NetworkID, - } - - return d.DockerAPI.NetworkConnect(ctx, d.RunOptions.NetworkID, containerID, ends) + return &inspect, addrs, nil } func copyToContainer(ctx context.Context, dapi *client.Client, containerID, from, to string) error { @@ -379,306 +331,3 @@ func copyToContainer(ctx context.Context, dapi *client.Client, containerID, from return nil } - -type RunCmdOpt interface { - Apply(cfg *types.ExecConfig) error -} - -type RunCmdUser string - -var _ RunCmdOpt = (*RunCmdUser)(nil) - -func (u RunCmdUser) Apply(cfg *types.ExecConfig) error { - cfg.User = string(u) - return nil -} - -func (d *Runner) RunCmdWithOutput(ctx context.Context, container string, cmd []string, opts ...RunCmdOpt) ([]byte, []byte, int, error) { - runCfg := types.ExecConfig{ - AttachStdout: true, - AttachStderr: true, - Cmd: cmd, - } - - for index, opt := range opts { - if err := opt.Apply(&runCfg); err != nil { - return nil, nil, -1, fmt.Errorf("error applying option (%d / %v): %w", index, opt, err) - } - } - - ret, err := d.DockerAPI.ContainerExecCreate(ctx, container, runCfg) - if err != nil { - return nil, nil, -1, fmt.Errorf("error creating execution environment: %v\ncfg: %v\n", err, runCfg) - } - - resp, err := d.DockerAPI.ContainerExecAttach(ctx, ret.ID, types.ExecStartCheck{}) - if err != nil { - return nil, nil, -1, fmt.Errorf("error attaching to command execution: %v\ncfg: %v\nret: %v\n", err, runCfg, ret) - } - defer resp.Close() - - var stdoutB bytes.Buffer - var stderrB bytes.Buffer - if _, err := stdcopy.StdCopy(&stdoutB, &stderrB, resp.Reader); err != nil { - return nil, nil, -1, fmt.Errorf("error reading command output: %v", err) - } - - stdout := stdoutB.Bytes() - stderr := stderrB.Bytes() - - // Fetch return code. - info, err := d.DockerAPI.ContainerExecInspect(ctx, ret.ID) - if err != nil { - return stdout, stderr, -1, fmt.Errorf("error reading command exit code: %v", err) - } - - return stdout, stderr, info.ExitCode, nil -} - -func (d *Runner) RunCmdInBackground(ctx context.Context, container string, cmd []string, opts ...RunCmdOpt) (string, error) { - runCfg := types.ExecConfig{ - AttachStdout: true, - AttachStderr: true, - Cmd: cmd, - } - - for index, opt := range opts { - if err := opt.Apply(&runCfg); err != nil { - return "", fmt.Errorf("error applying option (%d / %v): %w", index, opt, err) - } - } - - ret, err := d.DockerAPI.ContainerExecCreate(ctx, container, runCfg) - if err != nil { - return "", fmt.Errorf("error creating execution environment: %w\ncfg: %v\n", err, runCfg) - } - - err = d.DockerAPI.ContainerExecStart(ctx, ret.ID, types.ExecStartCheck{}) - if err != nil { - return "", fmt.Errorf("error starting command execution: %w\ncfg: %v\nret: %v\n", err, runCfg, ret) - } - - return ret.ID, nil -} - -// Mapping of path->contents -type PathContents interface { - UpdateHeader(header *tar.Header) error - Get() ([]byte, error) -} - -type FileContents struct { - Data []byte - Mode int64 - UID int - GID int -} - -func (b FileContents) UpdateHeader(header *tar.Header) error { - header.Mode = b.Mode - header.Uid = b.UID - header.Gid = b.GID - return nil -} - -func (b FileContents) Get() ([]byte, error) { - return b.Data, nil -} - -func PathContentsFromBytes(data []byte) PathContents { - return FileContents{ - Data: data, - Mode: 0o644, - } -} - -type BuildContext map[string]PathContents - -func NewBuildContext() BuildContext { - return BuildContext{} -} - -func BuildContextFromTarball(reader io.Reader) (BuildContext, error) { - archive := tar.NewReader(reader) - bCtx := NewBuildContext() - - for true { - header, err := archive.Next() - if err != nil { - if err == io.EOF { - break - } - - return nil, fmt.Errorf("failed to parse provided tarball: %v", err) - } - - data := make([]byte, int(header.Size)) - read, err := archive.Read(data) - if err != nil { - return nil, fmt.Errorf("failed to parse read from provided tarball: %v", err) - } - - if read != int(header.Size) { - return nil, fmt.Errorf("unexpectedly short read on tarball: %v of %v", read, header.Size) - } - - bCtx[header.Name] = FileContents{ - Data: data, - Mode: header.Mode, - UID: header.Uid, - GID: header.Gid, - } - } - - return bCtx, nil -} - -func (bCtx *BuildContext) ToTarball() (io.Reader, error) { - var err error - buffer := new(bytes.Buffer) - tarBuilder := tar.NewWriter(buffer) - defer tarBuilder.Close() - - for filepath, contents := range *bCtx { - fileHeader := &tar.Header{Name: filepath} - if contents == nil && !strings.HasSuffix(filepath, "/") { - return nil, fmt.Errorf("expected file path (%v) to have trailing / due to nil contents, indicating directory", filepath) - } - - if err := contents.UpdateHeader(fileHeader); err != nil { - return nil, fmt.Errorf("failed to update tar header entry for %v: %w", filepath, err) - } - - var rawContents []byte - if contents != nil { - rawContents, err = contents.Get() - if err != nil { - return nil, fmt.Errorf("failed to get file contents for %v: %w", filepath, err) - } - - fileHeader.Size = int64(len(rawContents)) - } - - if err := tarBuilder.WriteHeader(fileHeader); err != nil { - return nil, fmt.Errorf("failed to write tar header entry for %v: %w", filepath, err) - } - - if contents != nil { - if _, err := tarBuilder.Write(rawContents); err != nil { - return nil, fmt.Errorf("failed to write tar file entry for %v: %w", filepath, err) - } - } - } - - return bytes.NewReader(buffer.Bytes()), nil -} - -type BuildOpt interface { - Apply(cfg *types.ImageBuildOptions) error -} - -type BuildRemove bool - -var _ BuildOpt = (*BuildRemove)(nil) - -func (u BuildRemove) Apply(cfg *types.ImageBuildOptions) error { - cfg.Remove = bool(u) - return nil -} - -type BuildForceRemove bool - -var _ BuildOpt = (*BuildForceRemove)(nil) - -func (u BuildForceRemove) Apply(cfg *types.ImageBuildOptions) error { - cfg.ForceRemove = bool(u) - return nil -} - -type BuildPullParent bool - -var _ BuildOpt = (*BuildPullParent)(nil) - -func (u BuildPullParent) Apply(cfg *types.ImageBuildOptions) error { - cfg.PullParent = bool(u) - return nil -} - -type BuildArgs map[string]*string - -var _ BuildOpt = (*BuildArgs)(nil) - -func (u BuildArgs) Apply(cfg *types.ImageBuildOptions) error { - cfg.BuildArgs = u - return nil -} - -type BuildTags []string - -var _ BuildOpt = (*BuildTags)(nil) - -func (u BuildTags) Apply(cfg *types.ImageBuildOptions) error { - cfg.Tags = u - return nil -} - -const containerfilePath = "_containerfile" - -func (d *Runner) BuildImage(ctx context.Context, containerfile string, containerContext BuildContext, opts ...BuildOpt) ([]byte, error) { - var cfg types.ImageBuildOptions - - // Build container context tarball, provisioning containerfile in. - containerContext[containerfilePath] = PathContentsFromBytes([]byte(containerfile)) - tar, err := containerContext.ToTarball() - if err != nil { - return nil, fmt.Errorf("failed to create build image context tarball: %w", err) - } - cfg.Dockerfile = "/" + containerfilePath - - // Apply all given options - for index, opt := range opts { - if err := opt.Apply(&cfg); err != nil { - return nil, fmt.Errorf("failed to apply option (%d / %v): %w", index, opt, err) - } - } - - resp, err := d.DockerAPI.ImageBuild(ctx, tar, cfg) - if err != nil { - return nil, fmt.Errorf("failed to build image: %v", err) - } - - output, err := io.ReadAll(resp.Body) - if err != nil { - return nil, fmt.Errorf("failed to read image build output: %w", err) - } - - return output, nil -} - -func (d *Runner) CopyTo(container string, destination string, contents BuildContext) error { - // XXX: currently we use the default options but we might want to allow - // modifying cfg.CopyUIDGID in the future. - var cfg types.CopyToContainerOptions - - // Convert our provided contents to a tarball to ship up. - tar, err := contents.ToTarball() - if err != nil { - return fmt.Errorf("failed to build contents into tarball: %v", err) - } - - return d.DockerAPI.CopyToContainer(context.Background(), container, destination, tar, cfg) -} - -func (d *Runner) CopyFrom(container string, source string) (BuildContext, *types.ContainerPathStat, error) { - reader, stat, err := d.DockerAPI.CopyFromContainer(context.Background(), container, source) - if err != nil { - return nil, nil, fmt.Errorf("failed to read %v from container: %v", source, err) - } - - result, err := BuildContextFromTarball(reader) - if err != nil { - return nil, nil, fmt.Errorf("failed to build archive from result: %v", err) - } - - return result, &stat, nil -} diff --git a/helper/testhelpers/fakegcsserver/fake-gcs-server.go b/helper/testhelpers/fakegcsserver/fake-gcs-server.go index ed83970d17af6..59c9001adc292 100644 --- a/helper/testhelpers/fakegcsserver/fake-gcs-server.go +++ b/helper/testhelpers/fakegcsserver/fake-gcs-server.go @@ -27,7 +27,7 @@ func PrepareTestContainer(t *testing.T, version string) (func(), docker.ServiceC } runner, err := docker.NewServiceRunner(docker.RunOptions{ ContainerName: "fake-gcs-server", - ImageRepo: "docker.mirror.hashicorp.services/fsouza/fake-gcs-server", + ImageRepo: "fsouza/fake-gcs-server", ImageTag: version, Cmd: []string{"-scheme", "http", "-public-host", "storage.gcs.127.0.0.1.nip.io:4443"}, Ports: []string{"4443/tcp"}, diff --git a/helper/testhelpers/ldap/ldaphelper.go b/helper/testhelpers/ldap/ldaphelper.go index b248c0294fda1..394ef34da3ee6 100644 --- a/helper/testhelpers/ldap/ldaphelper.go +++ b/helper/testhelpers/ldap/ldaphelper.go @@ -14,7 +14,7 @@ func PrepareTestContainer(t *testing.T, version string) (cleanup func(), cfg *ld runner, err := docker.NewServiceRunner(docker.RunOptions{ // Currently set to "michelvocks" until https://github.com/rroemhild/docker-test-openldap/pull/14 // has been merged. - ImageRepo: "docker.mirror.hashicorp.services/michelvocks/docker-test-openldap", + ImageRepo: "michelvocks/docker-test-openldap", ImageTag: version, ContainerName: "ldap", Ports: []string{"389/tcp"}, diff --git a/helper/testhelpers/minio/miniohelper.go b/helper/testhelpers/minio/miniohelper.go index 2969ce21546a1..c537585059931 100644 --- a/helper/testhelpers/minio/miniohelper.go +++ b/helper/testhelpers/minio/miniohelper.go @@ -32,7 +32,7 @@ func PrepareTestContainer(t *testing.T, version string) (func(), *Config) { } runner, err := docker.NewServiceRunner(docker.RunOptions{ ContainerName: "minio", - ImageRepo: "docker.mirror.hashicorp.services/minio/minio", + ImageRepo: "minio/minio", ImageTag: version, Env: []string{ "MINIO_ACCESS_KEY=" + accessKeyID, diff --git a/helper/testhelpers/mongodb/mongodbhelper.go b/helper/testhelpers/mongodb/mongodbhelper.go index c4288a4b55135..3dff8484b343c 100644 --- a/helper/testhelpers/mongodb/mongodbhelper.go +++ b/helper/testhelpers/mongodb/mongodbhelper.go @@ -2,15 +2,19 @@ package mongodb import ( "context" + "crypto/tls" + "errors" "fmt" + "net" + "net/url" "os" + "strconv" + "strings" "testing" "time" "github.com/hashicorp/vault/helper/testhelpers/docker" - "go.mongodb.org/mongo-driver/mongo" - "go.mongodb.org/mongo-driver/mongo/options" - "go.mongodb.org/mongo-driver/mongo/readpref" + "gopkg.in/mgo.v2" ) // PrepareTestContainer calls PrepareTestContainerWithDatabase without a @@ -27,10 +31,9 @@ func PrepareTestContainerWithDatabase(t *testing.T, version, dbName string) (fun } runner, err := docker.NewServiceRunner(docker.RunOptions{ - ContainerName: "mongo", - ImageRepo: "docker.mirror.hashicorp.services/library/mongo", - ImageTag: version, - Ports: []string{"27017/tcp"}, + ImageRepo: "mongo", + ImageTag: version, + Ports: []string{"27017/tcp"}, }) if err != nil { t.Fatalf("could not start docker mongo: %s", err) @@ -41,16 +44,22 @@ func PrepareTestContainerWithDatabase(t *testing.T, version, dbName string) (fun if dbName != "" { connURL = fmt.Sprintf("%s/%s", connURL, dbName) } + dialInfo, err := ParseMongoURL(connURL) + if err != nil { + return nil, err + } - ctx, _ = context.WithTimeout(context.Background(), 1*time.Minute) - client, err := mongo.Connect(ctx, options.Client().ApplyURI(connURL)) + session, err := mgo.DialWithInfo(dialInfo) if err != nil { return nil, err } + defer session.Close() - err = client.Ping(ctx, readpref.Primary()) - if err = client.Disconnect(ctx); err != nil { - t.Fatal() + session.SetSyncTimeout(1 * time.Minute) + session.SetSocketTimeout(1 * time.Minute) + err = session.Ping() + if err != nil { + return nil, err } return docker.NewServiceURLParse(connURL) @@ -61,3 +70,72 @@ func PrepareTestContainerWithDatabase(t *testing.T, version, dbName string) (fun return svc.Cleanup, svc.Config.URL().String() } + +// ParseMongoURL will parse a connection string and return a configured dialer +func ParseMongoURL(rawURL string) (*mgo.DialInfo, error) { + url, err := url.Parse(rawURL) + if err != nil { + return nil, err + } + + info := mgo.DialInfo{ + Addrs: strings.Split(url.Host, ","), + Database: strings.TrimPrefix(url.Path, "/"), + Timeout: 10 * time.Second, + } + + if url.User != nil { + info.Username = url.User.Username() + info.Password, _ = url.User.Password() + } + + query := url.Query() + for key, values := range query { + var value string + if len(values) > 0 { + value = values[0] + } + + switch key { + case "authSource": + info.Source = value + case "authMechanism": + info.Mechanism = value + case "gssapiServiceName": + info.Service = value + case "replicaSet": + info.ReplicaSetName = value + case "maxPoolSize": + poolLimit, err := strconv.Atoi(value) + if err != nil { + return nil, errors.New("bad value for maxPoolSize: " + value) + } + info.PoolLimit = poolLimit + case "ssl": + // Unfortunately, mgo doesn't support the ssl parameter in its MongoDB URI parsing logic, so we have to handle that + // ourselves. See https://github.com/go-mgo/mgo/issues/84 + ssl, err := strconv.ParseBool(value) + if err != nil { + return nil, errors.New("bad value for ssl: " + value) + } + if ssl { + info.DialServer = func(addr *mgo.ServerAddr) (net.Conn, error) { + return tls.Dial("tcp", addr.String(), &tls.Config{}) + } + } + case "connect": + if value == "direct" { + info.Direct = true + break + } + if value == "replicaSet" { + break + } + fallthrough + default: + return nil, errors.New("unsupported connection URL option: " + key + "=" + value) + } + } + + return &info, nil +} diff --git a/helper/testhelpers/mysql/mysqlhelper.go b/helper/testhelpers/mysql/mysqlhelper.go index 82b47f07e1e7d..145c91e253c1e 100644 --- a/helper/testhelpers/mysql/mysqlhelper.go +++ b/helper/testhelpers/mysql/mysqlhelper.go @@ -29,11 +29,10 @@ func PrepareTestContainer(t *testing.T, legacy bool, pw string) (func(), string) } runner, err := docker.NewServiceRunner(docker.RunOptions{ - ContainerName: "mysql", - ImageRepo: "docker.mirror.hashicorp.services/library/mysql", - ImageTag: imageVersion, - Ports: []string{"3306/tcp"}, - Env: []string{"MYSQL_ROOT_PASSWORD=" + pw}, + ImageRepo: "mysql", + ImageTag: imageVersion, + Ports: []string{"3306/tcp"}, + Env: []string{"MYSQL_ROOT_PASSWORD=" + pw}, }) if err != nil { t.Fatalf("could not start docker mysql: %s", err) diff --git a/helper/testhelpers/postgresql/postgresqlhelper.go b/helper/testhelpers/postgresql/postgresqlhelper.go index 17b2151abb52e..2f9b2c2a1472c 100644 --- a/helper/testhelpers/postgresql/postgresqlhelper.go +++ b/helper/testhelpers/postgresql/postgresqlhelper.go @@ -12,74 +12,44 @@ import ( ) func PrepareTestContainer(t *testing.T, version string) (func(), string) { - env := []string{ - "POSTGRES_PASSWORD=secret", - "POSTGRES_DB=database", - } - - _, cleanup, url, _ := prepareTestContainer(t, "postgres", "docker.mirror.hashicorp.services/postgres", version, "secret", true, false, false, env) - - return cleanup, url + return prepareTestContainer(t, version, "secret", "database") } func PrepareTestContainerWithPassword(t *testing.T, version, password string) (func(), string) { - env := []string{ - "POSTGRES_PASSWORD=" + password, - "POSTGRES_DB=database", - } - - _, cleanup, url, _ := prepareTestContainer(t, "postgres", "docker.mirror.hashicorp.services/postgres", version, password, true, false, false, env) - - return cleanup, url + return prepareTestContainer(t, version, password, "database") } -func PrepareTestContainerRepmgr(t *testing.T, name, version string, envVars []string) (*docker.Runner, func(), string, string) { - env := append(envVars, - "REPMGR_PARTNER_NODES=psql-repl-node-0,psql-repl-node-1", - "REPMGR_PRIMARY_HOST=psql-repl-node-0", - "REPMGR_PASSWORD=repmgrpass", - "POSTGRESQL_PASSWORD=secret") - - return prepareTestContainer(t, name, "docker.mirror.hashicorp.services/bitnami/postgresql-repmgr", version, "secret", false, true, true, env) -} - -func prepareTestContainer(t *testing.T, name, repo, version, password string, - addSuffix, forceLocalAddr, doNotAutoRemove bool, envVars []string, -) (*docker.Runner, func(), string, string) { +func prepareTestContainer(t *testing.T, version, password, db string) (func(), string) { if os.Getenv("PG_URL") != "" { - return nil, func() {}, "", os.Getenv("PG_URL") + return func() {}, os.Getenv("PG_URL") } if version == "" { version = "11" } - runOpts := docker.RunOptions{ - ContainerName: name, - ImageRepo: repo, - ImageTag: version, - Env: envVars, - Ports: []string{"5432/tcp"}, - DoNotAutoRemove: doNotAutoRemove, - } - if repo == "bitnami/postgresql-repmgr" { - runOpts.NetworkID = os.Getenv("POSTGRES_MULTIHOST_NET") - } - - runner, err := docker.NewServiceRunner(runOpts) + runner, err := docker.NewServiceRunner(docker.RunOptions{ + ImageRepo: "postgres", + ImageTag: version, + Env: []string{ + "POSTGRES_PASSWORD=" + password, + "POSTGRES_DB=" + db, + }, + Ports: []string{"5432/tcp"}, + }) if err != nil { t.Fatalf("Could not start docker Postgres: %s", err) } - svc, containerID, err := runner.StartNewService(context.Background(), addSuffix, forceLocalAddr, connectPostgres(password, repo)) + svc, err := runner.StartService(context.Background(), connectPostgres(password)) if err != nil { t.Fatalf("Could not start docker Postgres: %s", err) } - return runner, svc.Cleanup, svc.Config.URL().String(), containerID + return svc.Cleanup, svc.Config.URL().String() } -func connectPostgres(password, repo string) docker.ServiceAdapter { +func connectPostgres(password string) docker.ServiceAdapter { return func(ctx context.Context, host string, port int) (docker.ServiceConfig, error) { u := url.URL{ Scheme: "postgres", @@ -95,21 +65,10 @@ func connectPostgres(password, repo string) docker.ServiceAdapter { } defer db.Close() - if err = db.Ping(); err != nil { + err = db.Ping() + if err != nil { return nil, err } return docker.NewServiceURL(u), nil } } - -func StopContainer(t *testing.T, ctx context.Context, runner *docker.Runner, containerID string) { - if err := runner.Stop(ctx, containerID); err != nil { - t.Fatalf("Could not stop docker Postgres: %s", err) - } -} - -func RestartContainer(t *testing.T, ctx context.Context, runner *docker.Runner, containerID string) { - if err := runner.Restart(ctx, containerID); err != nil { - t.Fatalf("Could not restart docker Postgres: %s", err) - } -} diff --git a/helper/testhelpers/testhelpers.go b/helper/testhelpers/testhelpers.go index 248a0026e918e..f47ba435ca369 100644 --- a/helper/testhelpers/testhelpers.go +++ b/helper/testhelpers/testhelpers.go @@ -954,10 +954,10 @@ func SetupLoginMFATOTP(t testing.T, client *api.Client) (*api.Client, string, st // Configure a default TOTP method totpConfig := map[string]interface{}{ "issuer": "yCorp", - "period": 5, + "period": 20, "algorithm": "SHA256", "digits": 6, - "skew": 0, + "skew": 1, "key_size": 20, "qr_size": 200, "max_validation_attempts": 5, diff --git a/http/handler.go b/http/handler.go index 6f5e29465a14e..5bf848db2d678 100644 --- a/http/handler.go +++ b/http/handler.go @@ -1178,10 +1178,6 @@ func respondError(w http.ResponseWriter, status int, err error) { logical.RespondError(w, status, err) } -func respondErrorAndData(w http.ResponseWriter, status int, data interface{}, err error) { - logical.RespondErrorAndData(w, status, data, err) -} - func respondErrorCommon(w http.ResponseWriter, req *logical.Request, resp *logical.Response, err error) bool { statusCode, newErr := logical.RespondErrorCommon(req, resp, err) if newErr == nil && statusCode == 0 { @@ -1197,12 +1193,6 @@ func respondErrorCommon(w http.ResponseWriter, req *logical.Request, resp *logic return true } - if resp != nil { - if data := resp.Data["data"]; data != nil { - respondErrorAndData(w, statusCode, data, newErr) - return true - } - } respondError(w, statusCode, newErr) return true } diff --git a/internalshared/configutil/config.go b/internalshared/configutil/config.go index c13c80451bc56..5c12e03b949f1 100644 --- a/internalshared/configutil/config.go +++ b/internalshared/configutil/config.go @@ -21,8 +21,6 @@ type SharedConfig struct { Listeners []*Listener `hcl:"-"` - UserLockouts []*UserLockout `hcl:"-"` - Seals []*KMS `hcl:"-"` Entropy *Entropy `hcl:"-"` @@ -136,13 +134,6 @@ func ParseConfig(d string) (*SharedConfig, error) { } } - if o := list.Filter("user_lockout"); len(o.Items) > 0 { - result.found("user_lockout", "UserLockout") - if err := ParseUserLockouts(&result, o); err != nil { - return nil, fmt.Errorf("error parsing 'user_lockout': %w", err) - } - } - if o := list.Filter("telemetry"); len(o.Items) > 0 { result.found("telemetry", "Telemetry") if err := parseTelemetry(&result, o); err != nil { @@ -203,22 +194,6 @@ func (c *SharedConfig) Sanitized() map[string]interface{} { result["listeners"] = sanitizedListeners } - // Sanitize user lockout stanza - if len(c.UserLockouts) != 0 { - var sanitizedUserLockouts []interface{} - for _, userlockout := range c.UserLockouts { - cleanUserLockout := map[string]interface{}{ - "type": userlockout.Type, - "lockout_threshold": userlockout.LockoutThreshold, - "lockout_duration": userlockout.LockoutDuration, - "lockout_counter_reset": userlockout.LockoutCounterReset, - "disable_lockout": userlockout.DisableLockout, - } - sanitizedUserLockouts = append(sanitizedUserLockouts, cleanUserLockout) - } - result["user_lockout_configs"] = sanitizedUserLockouts - } - // Sanitize seals stanza if len(c.Seals) != 0 { var sanitizedSeals []interface{} diff --git a/internalshared/configutil/kms.go b/internalshared/configutil/kms.go index 614a6ec8e5712..78da77662b47e 100644 --- a/internalshared/configutil/kms.go +++ b/internalshared/configutil/kms.go @@ -185,10 +185,8 @@ func configureWrapper(configKMS *KMS, infoKeys *[]string, info *map[string]strin wrapper, kmsInfo, err = GetGCPCKMSKMSFunc(configKMS, opts...) case wrapping.WrapperTypeOciKms: - if keyId, ok := configKMS.Config["key_id"]; ok { - opts = append(opts, wrapping.WithKeyId(keyId)) - } wrapper, kmsInfo, err = GetOCIKMSKMSFunc(configKMS, opts...) + case wrapping.WrapperTypeTransit: wrapper, kmsInfo, err = GetTransitKMSFunc(configKMS, opts...) @@ -215,7 +213,7 @@ func configureWrapper(configKMS *KMS, infoKeys *[]string, info *map[string]strin func GetAEADKMSFunc(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, map[string]string, error) { wrapper := aeadwrapper.NewWrapper() - wrapperInfo, err := wrapper.SetConfig(context.Background(), append(opts, wrapping.WithConfigMap(kms.Config))...) + wrapperInfo, err := wrapper.SetConfig(context.Background(), opts...) if err != nil { return nil, nil, err } @@ -232,7 +230,7 @@ func GetAEADKMSFunc(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, map[st func GetAliCloudKMSFunc(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, map[string]string, error) { wrapper := alicloudkms.NewWrapper() - wrapperInfo, err := wrapper.SetConfig(context.Background(), append(opts, wrapping.WithConfigMap(kms.Config))...) + wrapperInfo, err := wrapper.SetConfig(context.Background(), wrapping.WithConfigMap(kms.Config)) if err != nil { // If the error is any other than logical.KeyNotFoundError, return the error if !errwrap.ContainsType(err, new(logical.KeyNotFoundError)) { @@ -252,7 +250,7 @@ func GetAliCloudKMSFunc(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, ma var GetAWSKMSFunc = func(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, map[string]string, error) { wrapper := awskms.NewWrapper() - wrapperInfo, err := wrapper.SetConfig(context.Background(), append(opts, wrapping.WithConfigMap(kms.Config))...) + wrapperInfo, err := wrapper.SetConfig(context.Background(), wrapping.WithConfigMap(kms.Config)) if err != nil { // If the error is any other than logical.KeyNotFoundError, return the error if !errwrap.ContainsType(err, new(logical.KeyNotFoundError)) { @@ -272,7 +270,7 @@ var GetAWSKMSFunc = func(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, m func GetAzureKeyVaultKMSFunc(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, map[string]string, error) { wrapper := azurekeyvault.NewWrapper() - wrapperInfo, err := wrapper.SetConfig(context.Background(), append(opts, wrapping.WithConfigMap(kms.Config))...) + wrapperInfo, err := wrapper.SetConfig(context.Background(), wrapping.WithConfigMap(kms.Config)) if err != nil { // If the error is any other than logical.KeyNotFoundError, return the error if !errwrap.ContainsType(err, new(logical.KeyNotFoundError)) { @@ -290,7 +288,7 @@ func GetAzureKeyVaultKMSFunc(kms *KMS, opts ...wrapping.Option) (wrapping.Wrappe func GetGCPCKMSKMSFunc(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, map[string]string, error) { wrapper := gcpckms.NewWrapper() - wrapperInfo, err := wrapper.SetConfig(context.Background(), append(opts, wrapping.WithConfigMap(kms.Config))...) + wrapperInfo, err := wrapper.SetConfig(context.Background(), wrapping.WithConfigMap(kms.Config)) if err != nil { // If the error is any other than logical.KeyNotFoundError, return the error if !errwrap.ContainsType(err, new(logical.KeyNotFoundError)) { @@ -309,7 +307,7 @@ func GetGCPCKMSKMSFunc(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, map func GetOCIKMSKMSFunc(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, map[string]string, error) { wrapper := ocikms.NewWrapper() - wrapperInfo, err := wrapper.SetConfig(context.Background(), append(opts, wrapping.WithConfigMap(kms.Config))...) + wrapperInfo, err := wrapper.SetConfig(context.Background(), wrapping.WithConfigMap(kms.Config)) if err != nil { return nil, nil, err } @@ -325,7 +323,7 @@ func GetOCIKMSKMSFunc(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, map[ var GetTransitKMSFunc = func(kms *KMS, opts ...wrapping.Option) (wrapping.Wrapper, map[string]string, error) { wrapper := transit.NewWrapper() - wrapperInfo, err := wrapper.SetConfig(context.Background(), append(opts, wrapping.WithConfigMap(kms.Config))...) + wrapperInfo, err := wrapper.SetConfig(context.Background(), wrapping.WithConfigMap(kms.Config)) if err != nil { // If the error is any other than logical.KeyNotFoundError, return the error if !errwrap.ContainsType(err, new(logical.KeyNotFoundError)) { diff --git a/internalshared/configutil/merge.go b/internalshared/configutil/merge.go index fda6238e24939..8ae99ca4879d7 100644 --- a/internalshared/configutil/merge.go +++ b/internalshared/configutil/merge.go @@ -14,13 +14,6 @@ func (c *SharedConfig) Merge(c2 *SharedConfig) *SharedConfig { result.Listeners = append(result.Listeners, l) } - for _, userlockout := range c.UserLockouts { - result.UserLockouts = append(result.UserLockouts, userlockout) - } - for _, userlockout := range c2.UserLockouts { - result.UserLockouts = append(result.UserLockouts, userlockout) - } - result.HCPLinkConf = c.HCPLinkConf if c2.HCPLinkConf != nil { result.HCPLinkConf = c2.HCPLinkConf diff --git a/internalshared/configutil/userlockout.go b/internalshared/configutil/userlockout.go deleted file mode 100644 index f2be4461b32d2..0000000000000 --- a/internalshared/configutil/userlockout.go +++ /dev/null @@ -1,186 +0,0 @@ -package configutil - -import ( - "errors" - "fmt" - "strconv" - "strings" - "time" - - "github.com/hashicorp/go-multierror" - "github.com/hashicorp/go-secure-stdlib/parseutil" - "github.com/hashicorp/hcl" - "github.com/hashicorp/hcl/hcl/ast" -) - -const ( - UserLockoutThresholdDefault = 5 - UserLockoutDurationDefault = 15 * time.Minute - UserLockoutCounterResetDefault = 15 * time.Minute - DisableUserLockoutDefault = false -) - -type UserLockout struct { - Type string - LockoutThreshold uint64 `hcl:"-"` - LockoutThresholdRaw interface{} `hcl:"lockout_threshold"` - LockoutDuration time.Duration `hcl:"-"` - LockoutDurationRaw interface{} `hcl:"lockout_duration"` - LockoutCounterReset time.Duration `hcl:"-"` - LockoutCounterResetRaw interface{} `hcl:"lockout_counter_reset"` - DisableLockout bool `hcl:"-"` - DisableLockoutRaw interface{} `hcl:"disable_lockout"` -} - -func ParseUserLockouts(result *SharedConfig, list *ast.ObjectList) error { - var err error - result.UserLockouts = make([]*UserLockout, 0, len(list.Items)) - userLockoutsMap := make(map[string]*UserLockout) - for i, item := range list.Items { - var userLockoutConfig UserLockout - if err := hcl.DecodeObject(&userLockoutConfig, item.Val); err != nil { - return multierror.Prefix(err, fmt.Sprintf("userLockouts.%d:", i)) - } - - // Base values - { - switch { - case userLockoutConfig.Type != "": - case len(item.Keys) == 1: - userLockoutConfig.Type = strings.ToLower(item.Keys[0].Token.Value().(string)) - default: - return multierror.Prefix(errors.New("auth type for user lockout must be specified, if it applies to all auth methods specify \"all\" "), fmt.Sprintf("user_lockouts.%d:", i)) - } - - userLockoutConfig.Type = strings.ToLower(userLockoutConfig.Type) - // Supported auth methods for user lockout configuration: ldap, approle, userpass - // "all" is used to apply the configuration to all supported auth methods - switch userLockoutConfig.Type { - case "all", "ldap", "approle", "userpass": - result.found(userLockoutConfig.Type, userLockoutConfig.Type) - default: - return multierror.Prefix(fmt.Errorf("unsupported auth type %q", userLockoutConfig.Type), fmt.Sprintf("user_lockouts.%d:", i)) - } - } - - // Lockout Parameters - - // Not setting raw entries to nil here as soon as they are parsed - // as they are used to set the missing user lockout configuration values later. - { - if userLockoutConfig.LockoutThresholdRaw != nil { - userLockoutThresholdString := fmt.Sprintf("%v", userLockoutConfig.LockoutThresholdRaw) - if userLockoutConfig.LockoutThreshold, err = strconv.ParseUint(userLockoutThresholdString, 10, 64); err != nil { - return multierror.Prefix(fmt.Errorf("error parsing lockout_threshold: %w", err), fmt.Sprintf("user_lockouts.%d", i)) - } - } - - if userLockoutConfig.LockoutDurationRaw != nil { - if userLockoutConfig.LockoutDuration, err = parseutil.ParseDurationSecond(userLockoutConfig.LockoutDurationRaw); err != nil { - return multierror.Prefix(fmt.Errorf("error parsing lockout_duration: %w", err), fmt.Sprintf("user_lockouts.%d", i)) - } - if userLockoutConfig.LockoutDuration < 0 { - return multierror.Prefix(errors.New("lockout_duration cannot be negative"), fmt.Sprintf("user_lockouts.%d", i)) - } - - } - - if userLockoutConfig.LockoutCounterResetRaw != nil { - if userLockoutConfig.LockoutCounterReset, err = parseutil.ParseDurationSecond(userLockoutConfig.LockoutCounterResetRaw); err != nil { - return multierror.Prefix(fmt.Errorf("error parsing lockout_counter_reset: %w", err), fmt.Sprintf("user_lockouts.%d", i)) - } - if userLockoutConfig.LockoutCounterReset < 0 { - return multierror.Prefix(errors.New("lockout_counter_reset cannot be negative"), fmt.Sprintf("user_lockouts.%d", i)) - } - - } - if userLockoutConfig.DisableLockoutRaw != nil { - if userLockoutConfig.DisableLockout, err = parseutil.ParseBool(userLockoutConfig.DisableLockoutRaw); err != nil { - return multierror.Prefix(fmt.Errorf("invalid value for disable_lockout: %w", err), fmt.Sprintf("user_lockouts.%d", i)) - } - } - } - userLockoutsMap[userLockoutConfig.Type] = &userLockoutConfig - } - - // Use raw entries to set values for user lockout configurations fields - // that were not configured using config file. - // The raw entries would mean that the entry was configured by the user using the config file. - // If any of these fields are not configured using the config file (missing fields), - // we set values for these fields with defaults - // The issue with not being able to use non-raw entries is because of fields lockout threshold - // and disable lockout. We cannot differentiate using non-raw entries if the user configured these fields - // with values (0 and false) or if the the user did not configure these values in config file at all. - // The raw fields are set to nil after setting missing values in setNilValuesForRawUserLockoutFields function - userLockoutsMap = setMissingUserLockoutValuesInMap(userLockoutsMap) - for _, userLockoutValues := range userLockoutsMap { - result.UserLockouts = append(result.UserLockouts, userLockoutValues) - } - return nil -} - -// setUserLockoutValueAllInMap sets default user lockout values for key "all" (all auth methods) -// for user lockout fields that are not configured using config file -func setUserLockoutValueAllInMap(userLockoutAll *UserLockout) *UserLockout { - if userLockoutAll.Type == "" { - userLockoutAll.Type = "all" - } - if userLockoutAll.LockoutThresholdRaw == nil { - userLockoutAll.LockoutThreshold = UserLockoutThresholdDefault - } - if userLockoutAll.LockoutDurationRaw == nil { - userLockoutAll.LockoutDuration = UserLockoutDurationDefault - } - if userLockoutAll.LockoutCounterResetRaw == nil { - userLockoutAll.LockoutCounterReset = UserLockoutCounterResetDefault - } - if userLockoutAll.DisableLockoutRaw == nil { - userLockoutAll.DisableLockout = DisableUserLockoutDefault - } - return setNilValuesForRawUserLockoutFields(userLockoutAll) -} - -// setDefaultUserLockoutValuesInMap sets missing user lockout fields for auth methods -// with default values (from key "all") that are not configured using config file -func setMissingUserLockoutValuesInMap(userLockoutsMap map[string]*UserLockout) map[string]*UserLockout { - // set values for "all" key with default values for "all" user lockout fields that are not configured - // the "all" key values will be used as default values for other auth methods - userLockoutAll, ok := userLockoutsMap["all"] - switch ok { - case true: - userLockoutsMap["all"] = setUserLockoutValueAllInMap(userLockoutAll) - default: - userLockoutsMap["all"] = setUserLockoutValueAllInMap(&UserLockout{}) - } - - for _, userLockoutAuth := range userLockoutsMap { - if userLockoutAuth.Type == "all" { - continue - } - // set missing values - if userLockoutAuth.LockoutThresholdRaw == nil { - userLockoutAuth.LockoutThreshold = userLockoutsMap["all"].LockoutThreshold - } - if userLockoutAuth.LockoutDurationRaw == nil { - userLockoutAuth.LockoutDuration = userLockoutsMap["all"].LockoutDuration - } - if userLockoutAuth.LockoutCounterResetRaw == nil { - userLockoutAuth.LockoutCounterReset = userLockoutsMap["all"].LockoutCounterReset - } - if userLockoutAuth.DisableLockoutRaw == nil { - userLockoutAuth.DisableLockout = userLockoutsMap["all"].DisableLockout - } - userLockoutAuth = setNilValuesForRawUserLockoutFields(userLockoutAuth) - userLockoutsMap[userLockoutAuth.Type] = userLockoutAuth - } - return userLockoutsMap -} - -// setNilValuesForRawUserLockoutFields sets nil values for user lockout Raw fields -func setNilValuesForRawUserLockoutFields(userLockout *UserLockout) *UserLockout { - userLockout.LockoutThresholdRaw = nil - userLockout.LockoutDurationRaw = nil - userLockout.LockoutCounterResetRaw = nil - userLockout.DisableLockoutRaw = nil - return userLockout -} diff --git a/internalshared/configutil/userlockout_test.go b/internalshared/configutil/userlockout_test.go deleted file mode 100644 index d5ab42cbe86a9..0000000000000 --- a/internalshared/configutil/userlockout_test.go +++ /dev/null @@ -1,69 +0,0 @@ -package configutil - -import ( - "reflect" - "testing" - "time" -) - -func TestParseUserLockout(t *testing.T) { - t.Parallel() - t.Run("Missing user lockout block in config file", func(t *testing.T) { - t.Parallel() - inputConfig := make(map[string]*UserLockout) - expectedConfig := make(map[string]*UserLockout) - expectedConfigall := &UserLockout{} - expectedConfigall.Type = "all" - expectedConfigall.LockoutThreshold = UserLockoutThresholdDefault - expectedConfigall.LockoutDuration = UserLockoutDurationDefault - expectedConfigall.LockoutCounterReset = UserLockoutCounterResetDefault - expectedConfigall.DisableLockout = DisableUserLockoutDefault - expectedConfig["all"] = expectedConfigall - - outputConfig := setMissingUserLockoutValuesInMap(inputConfig) - if !reflect.DeepEqual(expectedConfig["all"], outputConfig["all"]) { - t.Errorf("user lockout config: expected %#v\nactual %#v", expectedConfig["all"], outputConfig["all"]) - } - }) - t.Run("setting default lockout counter reset and lockout duration for userpass in config ", func(t *testing.T) { - t.Parallel() - // input user lockout in config file - inputConfig := make(map[string]*UserLockout) - configAll := &UserLockout{} - configAll.Type = "all" - configAll.LockoutCounterReset = 20 * time.Minute - configAll.LockoutCounterResetRaw = "1200000000000" - inputConfig["all"] = configAll - configUserpass := &UserLockout{} - configUserpass.Type = "userpass" - configUserpass.LockoutDuration = 10 * time.Minute - configUserpass.LockoutDurationRaw = "600000000000" - inputConfig["userpass"] = configUserpass - - expectedConfig := make(map[string]*UserLockout) - expectedConfigall := &UserLockout{} - expectedConfigUserpass := &UserLockout{} - // expected default values - expectedConfigall.Type = "all" - expectedConfigall.LockoutThreshold = UserLockoutThresholdDefault - expectedConfigall.LockoutDuration = UserLockoutDurationDefault - expectedConfigall.LockoutCounterReset = 20 * time.Minute - expectedConfigall.DisableLockout = DisableUserLockoutDefault - // expected values for userpass - expectedConfigUserpass.Type = "userpass" - expectedConfigUserpass.LockoutThreshold = UserLockoutThresholdDefault - expectedConfigUserpass.LockoutDuration = 10 * time.Minute - expectedConfigUserpass.LockoutCounterReset = 20 * time.Minute - expectedConfigUserpass.DisableLockout = DisableUserLockoutDefault - expectedConfig["all"] = expectedConfigall - expectedConfig["userpass"] = expectedConfigUserpass - - outputConfig := setMissingUserLockoutValuesInMap(inputConfig) - if !reflect.DeepEqual(expectedConfig["all"], outputConfig["all"]) { - t.Errorf("user lockout config: expected %#v\nactual %#v", expectedConfig["all"], outputConfig["all"]) - } - if !reflect.DeepEqual(expectedConfig["userpass"], outputConfig["userpass"]) { - t.Errorf("user lockout config: expected %#v\nactual %#v", expectedConfig["userpass"], outputConfig["userpass"]) - } - }) -} diff --git a/physical/aerospike/aerospike_test.go b/physical/aerospike/aerospike_test.go index 1a76656f29a8e..653f00ff6c5c4 100644 --- a/physical/aerospike/aerospike_test.go +++ b/physical/aerospike/aerospike_test.go @@ -41,7 +41,7 @@ type aerospikeConfig struct { func prepareAerospikeContainer(t *testing.T) (func(), *aerospikeConfig) { runner, err := docker.NewServiceRunner(docker.RunOptions{ - ImageRepo: "docker.mirror.hashicorp.services/aerospike/aerospike-server", + ImageRepo: "aerospike/aerospike-server", ContainerName: "aerospikedb", ImageTag: "5.6.0.5", Ports: []string{"3000/tcp", "3001/tcp", "3002/tcp", "3003/tcp"}, diff --git a/physical/cockroachdb/cockroachdb_test.go b/physical/cockroachdb/cockroachdb_test.go index 70abfda98293c..69a3c565323f3 100644 --- a/physical/cockroachdb/cockroachdb_test.go +++ b/physical/cockroachdb/cockroachdb_test.go @@ -36,7 +36,7 @@ func prepareCockroachDBTestContainer(t *testing.T) (func(), *Config) { } runner, err := docker.NewServiceRunner(docker.RunOptions{ - ImageRepo: "docker.mirror.hashicorp.services/cockroachdb/cockroach", + ImageRepo: "cockroachdb/cockroach", ImageTag: "release-1.0", ContainerName: "cockroachdb", Cmd: []string{"start", "--insecure"}, diff --git a/physical/couchdb/couchdb_test.go b/physical/couchdb/couchdb_test.go index abf11b7c1aae5..4205f8e64b1ee 100644 --- a/physical/couchdb/couchdb_test.go +++ b/physical/couchdb/couchdb_test.go @@ -86,8 +86,7 @@ func prepareCouchdbDBTestContainer(t *testing.T) (func(), *couchDB) { } runner, err := docker.NewServiceRunner(docker.RunOptions{ - ContainerName: "couchdb", - ImageRepo: "docker.mirror.hashicorp.services/library/couchdb", + ImageRepo: "couchdb", ImageTag: "1.6", Ports: []string{"5984/tcp"}, DoNotAutoRemove: true, diff --git a/physical/dynamodb/dynamodb_test.go b/physical/dynamodb/dynamodb_test.go index 1058a6e210262..ae6722e245a46 100644 --- a/physical/dynamodb/dynamodb_test.go +++ b/physical/dynamodb/dynamodb_test.go @@ -381,7 +381,7 @@ func prepareDynamoDBTestContainer(t *testing.T) (func(), *Config) { } runner, err := docker.NewServiceRunner(docker.RunOptions{ - ImageRepo: "docker.mirror.hashicorp.services/cnadiminti/dynamodb-local", + ImageRepo: "cnadiminti/dynamodb-local", ImageTag: "latest", ContainerName: "dynamodb", Ports: []string{"8000/tcp"}, diff --git a/physical/raft/fsm.go b/physical/raft/fsm.go index f8ca9c6546f0e..8d5b5524db12c 100644 --- a/physical/raft/fsm.go +++ b/physical/raft/fsm.go @@ -136,8 +136,6 @@ func NewFSM(path string, localID string, logger log.Logger) (*FSM, error) { }) dbPath := filepath.Join(path, databaseFilename) - f.l.Lock() - defer f.l.Unlock() if err := f.openDBFile(dbPath); err != nil { return nil, fmt.Errorf("failed to open bolt file: %w", err) } diff --git a/physical/raft/raft.go b/physical/raft/raft.go index 7400794f142d5..be9fd8e9d562d 100644 --- a/physical/raft/raft.go +++ b/physical/raft/raft.go @@ -43,6 +43,10 @@ const ( // EnvVaultRaftPath is used to fetch the path where Raft data is stored from the environment. EnvVaultRaftPath = "VAULT_RAFT_PATH" + + // EnvVaultRaftNonVoter is used to override the non_voter config option, telling Vault to join as a non-voter (i.e. read replica). + EnvVaultRaftNonVoter = "VAULT_RAFT_RETRY_JOIN_AS_NON_VOTER" + raftNonVoterConfigKey = "retry_join_as_non_voter" ) var getMmapFlags = func(string) int { return 0 } @@ -172,6 +176,10 @@ type RaftBackend struct { // redundancyZone specifies a redundancy zone for autopilot. redundancyZone string + // nonVoter specifies whether the node should join the cluster as a non-voter. Non-voters get + // replicated to and can serve reads, but do not take part in leader elections. + nonVoter bool + effectiveSDKVersion string } @@ -473,6 +481,22 @@ func NewRaftBackend(conf map[string]string, logger log.Logger) (physical.Backend } } + var nonVoter bool + if v := os.Getenv(EnvVaultRaftNonVoter); v != "" { + // Consistent with handling of other raft boolean env vars + // VAULT_RAFT_AUTOPILOT_DISABLE and VAULT_RAFT_FREELIST_SYNC + nonVoter = true + } else if v, ok := conf[raftNonVoterConfigKey]; ok { + nonVoter, err = strconv.ParseBool(v) + if err != nil { + return nil, fmt.Errorf("failed to parse %s config value %q as a boolean: %w", raftNonVoterConfigKey, v, err) + } + } + + if nonVoter && conf["retry_join"] == "" { + return nil, fmt.Errorf("setting %s to true is only valid if at least one retry_join stanza is specified", raftNonVoterConfigKey) + } + return &RaftBackend{ logger: logger, fsm: fsm, @@ -489,6 +513,7 @@ func NewRaftBackend(conf map[string]string, logger log.Logger) (physical.Backend autopilotReconcileInterval: reconcileInterval, autopilotUpdateInterval: updateInterval, redundancyZone: conf["autopilot_redundancy_zone"], + nonVoter: nonVoter, upgradeVersion: upgradeVersion, }, nil } @@ -554,6 +579,13 @@ func (b *RaftBackend) RedundancyZone() string { return b.redundancyZone } +func (b *RaftBackend) NonVoter() bool { + b.l.RLock() + defer b.l.RUnlock() + + return b.nonVoter +} + func (b *RaftBackend) EffectiveVersion() string { b.l.RLock() defer b.l.RUnlock() @@ -581,22 +613,9 @@ func (b *RaftBackend) CollectMetrics(sink *metricsutil.ClusterMetricSink) { b.l.RLock() logstoreStats := b.stableStore.(*raftboltdb.BoltStore).Stats() fsmStats := b.fsm.db.Stats() - stats := b.raft.Stats() b.l.RUnlock() b.collectMetricsWithStats(logstoreStats, sink, "logstore") b.collectMetricsWithStats(fsmStats, sink, "fsm") - labels := []metrics.Label{ - { - Name: "peer_id", - Value: b.localID, - }, - } - for _, key := range []string{"term", "commit_index", "applied_index", "fsm_pending"} { - n, err := strconv.ParseUint(stats[key], 10, 64) - if err == nil { - sink.SetGaugeWithLabels([]string{"raft_storage", "stats", key}, float32(n), labels) - } - } } func (b *RaftBackend) collectMetricsWithStats(stats bolt.Stats, sink *metricsutil.ClusterMetricSink, database string) { diff --git a/physical/raft/raft_autopilot.go b/physical/raft/raft_autopilot.go index 5596bbf4255f2..eaa75dfa19a84 100644 --- a/physical/raft/raft_autopilot.go +++ b/physical/raft/raft_autopilot.go @@ -540,25 +540,11 @@ func (b *RaftBackend) startFollowerHeartbeatTracker() { tickerCh := b.followerHeartbeatTicker.C b.l.RUnlock() - followerGauge := func(peerID string, suffix string, value float32) { - labels := []metrics.Label{ - { - Name: "peer_id", - Value: peerID, - }, - } - metrics.SetGaugeWithLabels([]string{"raft_storage", "follower", suffix}, value, labels) - } for range tickerCh { b.l.RLock() - b.followerStates.l.RLock() - myAppliedIndex := b.raft.AppliedIndex() - for peerID, state := range b.followerStates.followers { - timeSinceLastHeartbeat := time.Now().Sub(state.LastHeartbeat) / time.Millisecond - followerGauge(peerID, "last_heartbeat_ms", float32(timeSinceLastHeartbeat)) - followerGauge(peerID, "applied_index_delta", float32(myAppliedIndex-state.AppliedIndex)) - - if b.autopilotConfig.CleanupDeadServers && b.autopilotConfig.DeadServerLastContactThreshold != 0 { + if b.autopilotConfig.CleanupDeadServers && b.autopilotConfig.DeadServerLastContactThreshold != 0 { + b.followerStates.l.RLock() + for _, state := range b.followerStates.followers { if state.LastHeartbeat.IsZero() || state.IsDead.Load() { continue } @@ -567,8 +553,8 @@ func (b *RaftBackend) startFollowerHeartbeatTracker() { state.IsDead.Store(true) } } + b.followerStates.l.RUnlock() } - b.followerStates.l.RUnlock() b.l.RUnlock() } } diff --git a/physical/raft/raft_test.go b/physical/raft/raft_test.go index b3fff3851cac2..50171fd68c3df 100644 --- a/physical/raft/raft_test.go +++ b/physical/raft/raft_test.go @@ -249,6 +249,72 @@ func TestRaft_ParseAutopilotUpgradeVersion(t *testing.T) { } } +func TestRaft_ParseNonVoter(t *testing.T) { + p := func(s string) *string { + return &s + } + + for _, retryJoinConf := range []string{"", "not-empty"} { + t.Run(retryJoinConf, func(t *testing.T) { + for name, tc := range map[string]struct { + envValue *string + configValue *string + expectNonVoter bool + invalidNonVoterValue bool + }{ + "valid false": {nil, p("false"), false, false}, + "valid true": {nil, p("true"), true, false}, + "invalid empty": {nil, p(""), false, true}, + "invalid truthy": {nil, p("no"), false, true}, + "invalid": {nil, p("totallywrong"), false, true}, + "valid env false": {p("false"), nil, true, false}, + "valid env true": {p("true"), nil, true, false}, + "valid env not boolean": {p("anything"), nil, true, false}, + "valid env empty": {p(""), nil, false, false}, + "neither set, default false": {nil, nil, false, false}, + "both set, env preferred": {p("true"), p("false"), true, false}, + } { + t.Run(name, func(t *testing.T) { + if tc.envValue != nil { + t.Setenv(EnvVaultRaftNonVoter, *tc.envValue) + } + raftDir, err := ioutil.TempDir("", "vault-raft-") + if err != nil { + t.Fatal(err) + } + defer os.RemoveAll(raftDir) + + conf := map[string]string{ + "path": raftDir, + "node_id": "abc123", + "retry_join": retryJoinConf, + } + if tc.configValue != nil { + conf[raftNonVoterConfigKey] = *tc.configValue + } + + backend, err := NewRaftBackend(conf, hclog.NewNullLogger()) + switch { + case tc.invalidNonVoterValue || (retryJoinConf == "" && tc.expectNonVoter): + if err == nil { + t.Fatal("expected an error but got none") + } + default: + if err != nil { + t.Fatalf("expected no error but got: %s", err) + } + + raftBackend := backend.(*RaftBackend) + if tc.expectNonVoter != raftBackend.NonVoter() { + t.Fatalf("expected %s %v but got %v", raftNonVoterConfigKey, tc.expectNonVoter, raftBackend.NonVoter()) + } + } + }) + } + }) + } +} + func TestRaft_Backend_LargeKey(t *testing.T) { b, dir := getRaft(t, true, true) defer os.RemoveAll(dir) diff --git a/physical/raft/types.pb.go b/physical/raft/types.pb.go index b35293109949d..6b9e4c4b3659d 100644 --- a/physical/raft/types.pb.go +++ b/physical/raft/types.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: physical/raft/types.proto package raft diff --git a/plugins/database/mongodb/connection_producer_test.go b/plugins/database/mongodb/connection_producer_test.go index 529e4d22fb09f..4b0ccaf2514a7 100644 --- a/plugins/database/mongodb/connection_producer_test.go +++ b/plugins/database/mongodb/connection_producer_test.go @@ -14,11 +14,13 @@ import ( "time" "github.com/hashicorp/vault/helper/testhelpers/certhelpers" + "github.com/hashicorp/vault/helper/testhelpers/mongodb" dbplugin "github.com/hashicorp/vault/sdk/database/dbplugin/v5" "github.com/ory/dockertest" "go.mongodb.org/mongo-driver/mongo" "go.mongodb.org/mongo-driver/mongo/options" "go.mongodb.org/mongo-driver/mongo/readpref" + "gopkg.in/mgo.v2" ) func TestInit_clientTLS(t *testing.T) { @@ -213,12 +215,19 @@ func startMongoWithTLS(t *testing.T, version string, confDir string) (retURL str // exponential backoff-retry err = pool.Retry(func() error { var err error - ctx, _ := context.WithTimeout(context.Background(), 1*time.Minute) - client, err := mongo.Connect(ctx, options.Client().ApplyURI(retURL)) - if err = client.Disconnect(ctx); err != nil { - t.Fatal() + dialInfo, err := mongodb.ParseMongoURL(retURL) + if err != nil { + return err + } + + session, err := mgo.DialWithInfo(dialInfo) + if err != nil { + return err } - return client.Ping(ctx, readpref.Primary()) + defer session.Close() + session.SetSyncTimeout(1 * time.Minute) + session.SetSocketTimeout(1 * time.Minute) + return session.Ping() }) if err != nil { cleanup() diff --git a/plugins/database/mongodb/mongodb_test.go b/plugins/database/mongodb/mongodb_test.go index dcfda3bc0576e..d647a264f184a 100644 --- a/plugins/database/mongodb/mongodb_test.go +++ b/plugins/database/mongodb/mongodb_test.go @@ -13,6 +13,7 @@ import ( "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" + "github.com/hashicorp/vault/helper/testhelpers/certhelpers" "github.com/hashicorp/vault/helper/testhelpers/mongodb" dbplugin "github.com/hashicorp/vault/sdk/database/dbplugin/v5" @@ -26,7 +27,7 @@ import ( const mongoAdminRole = `{ "db": "admin", "roles": [ { "role": "readWrite" } ] }` func TestMongoDB_Initialize(t *testing.T) { - cleanup, connURL := mongodb.PrepareTestContainer(t, "latest") + cleanup, connURL := mongodb.PrepareTestContainer(t, "5.0.10") defer cleanup() db := new() @@ -119,7 +120,7 @@ func TestNewUser_usernameTemplate(t *testing.T) { for name, test := range tests { t.Run(name, func(t *testing.T) { - cleanup, connURL := mongodb.PrepareTestContainer(t, "latest") + cleanup, connURL := mongodb.PrepareTestContainer(t, "5.0.10") defer cleanup() db := new() @@ -145,7 +146,7 @@ func TestNewUser_usernameTemplate(t *testing.T) { } func TestMongoDB_CreateUser(t *testing.T) { - cleanup, connURL := mongodb.PrepareTestContainer(t, "latest") + cleanup, connURL := mongodb.PrepareTestContainer(t, "5.0.10") defer cleanup() db := new() @@ -177,7 +178,7 @@ func TestMongoDB_CreateUser(t *testing.T) { } func TestMongoDB_CreateUser_writeConcern(t *testing.T) { - cleanup, connURL := mongodb.PrepareTestContainer(t, "latest") + cleanup, connURL := mongodb.PrepareTestContainer(t, "5.0.10") defer cleanup() initReq := dbplugin.InitializeRequest{ @@ -211,7 +212,7 @@ func TestMongoDB_CreateUser_writeConcern(t *testing.T) { } func TestMongoDB_DeleteUser(t *testing.T) { - cleanup, connURL := mongodb.PrepareTestContainer(t, "latest") + cleanup, connURL := mongodb.PrepareTestContainer(t, "5.0.10") defer cleanup() db := new() @@ -251,7 +252,7 @@ func TestMongoDB_DeleteUser(t *testing.T) { } func TestMongoDB_UpdateUser_Password(t *testing.T) { - cleanup, connURL := mongodb.PrepareTestContainer(t, "latest") + cleanup, connURL := mongodb.PrepareTestContainer(t, "5.0.10") defer cleanup() // The docker test method PrepareTestContainer defaults to a database "test" diff --git a/plugins/database/postgresql/postgresql_test.go b/plugins/database/postgresql/postgresql_test.go index 86e93822889b5..3bb1bd594de97 100644 --- a/plugins/database/postgresql/postgresql_test.go +++ b/plugins/database/postgresql/postgresql_test.go @@ -4,16 +4,15 @@ import ( "context" "database/sql" "fmt" - "os" "strings" "testing" "time" - "github.com/hashicorp/vault/helper/testhelpers/docker" + "github.com/hashicorp/vault/sdk/database/helper/dbutil" + "github.com/hashicorp/vault/helper/testhelpers/postgresql" "github.com/hashicorp/vault/sdk/database/dbplugin/v5" dbtesting "github.com/hashicorp/vault/sdk/database/dbplugin/v5/testing" - "github.com/hashicorp/vault/sdk/database/helper/dbutil" "github.com/hashicorp/vault/sdk/helper/template" "github.com/stretchr/testify/require" ) @@ -991,142 +990,3 @@ func TestNewUser_CustomUsername(t *testing.T) { }) } } - -// This is a long-running integration test which tests the functionality of Postgres's multi-host -// connection strings. It uses two Postgres containers preconfigured with Replication Manager -// provided by Bitnami. This test currently does not run in CI and must be run manually. This is -// due to the test length, as it requires multiple sleep calls to ensure cluster setup and -// primary node failover occurs before the test steps continue. -// -// To run the test, set the environment variable POSTGRES_MULTIHOST_NET to the value of -// a docker network you've preconfigured, e.g. -// 'docker network create -d bridge postgres-repmgr' -// 'export POSTGRES_MULTIHOST_NET=postgres-repmgr' -func TestPostgreSQL_Repmgr(t *testing.T) { - _, exists := os.LookupEnv("POSTGRES_MULTIHOST_NET") - if !exists { - t.Skipf("POSTGRES_MULTIHOST_NET not set, skipping test") - } - - // Run two postgres-repmgr containers in a replication cluster - db0, runner0, url0, container0 := testPostgreSQL_Repmgr_Container(t, "psql-repl-node-0") - _, _, url1, _ := testPostgreSQL_Repmgr_Container(t, "psql-repl-node-1") - - ctx, cancel := context.WithTimeout(context.Background(), 300*time.Second) - defer cancel() - - time.Sleep(10 * time.Second) - - // Write a read role to the cluster - _, err := db0.NewUser(ctx, dbplugin.NewUserRequest{ - Statements: dbplugin.Statements{ - Commands: []string{ - `CREATE ROLE "ro" NOINHERIT; - GRANT SELECT ON ALL TABLES IN SCHEMA public TO "ro";`, - }, - }, - }) - if err != nil { - t.Fatalf("no error expected, got: %s", err) - } - - // Open a connection to both databases using the multihost connection string - connectionDetails := map[string]interface{}{ - "connection_url": fmt.Sprintf("postgresql://{{username}}:{{password}}@%s,%s/postgres?target_session_attrs=read-write", getHost(url0), getHost(url1)), - "username": "postgres", - "password": "secret", - } - req := dbplugin.InitializeRequest{ - Config: connectionDetails, - VerifyConnection: true, - } - - db := new() - dbtesting.AssertInitialize(t, db, req) - if !db.Initialized { - t.Fatal("Database should be initialized") - } - defer db.Close() - - // Add a user to the cluster, then stop the primary container - if err = testPostgreSQL_Repmgr_AddUser(ctx, db); err != nil { - t.Fatalf("no error expected, got: %s", err) - } - postgresql.StopContainer(t, ctx, runner0, container0) - - // Try adding a new user immediately - expect failure as the database - // cluster is still switching primaries - err = testPostgreSQL_Repmgr_AddUser(ctx, db) - if !strings.HasSuffix(err.Error(), "ValidateConnect failed (read only connection)") { - t.Fatalf("expected error was not received, got: %s", err) - } - - time.Sleep(20 * time.Second) - - // Try adding a new user again which should succeed after the sleep - // as the primary failover should have finished. Then, restart - // the first container which should become a secondary DB. - if err = testPostgreSQL_Repmgr_AddUser(ctx, db); err != nil { - t.Fatalf("no error expected, got: %s", err) - } - postgresql.RestartContainer(t, ctx, runner0, container0) - - time.Sleep(10 * time.Second) - - // A final new user to add, which should succeed after the secondary joins. - if err = testPostgreSQL_Repmgr_AddUser(ctx, db); err != nil { - t.Fatalf("no error expected, got: %s", err) - } - - if err := db.Close(); err != nil { - t.Fatalf("err: %s", err) - } -} - -func testPostgreSQL_Repmgr_Container(t *testing.T, name string) (*PostgreSQL, *docker.Runner, string, string) { - envVars := []string{ - "REPMGR_NODE_NAME=" + name, - "REPMGR_NODE_NETWORK_NAME=" + name, - } - - runner, cleanup, connURL, containerID := postgresql.PrepareTestContainerRepmgr(t, name, "13.4.0", envVars) - t.Cleanup(cleanup) - - connectionDetails := map[string]interface{}{ - "connection_url": connURL, - } - req := dbplugin.InitializeRequest{ - Config: connectionDetails, - VerifyConnection: true, - } - db := new() - dbtesting.AssertInitialize(t, db, req) - if !db.Initialized { - t.Fatal("Database should be initialized") - } - - if err := db.Close(); err != nil { - t.Fatalf("err: %s", err) - } - - return db, runner, connURL, containerID -} - -func testPostgreSQL_Repmgr_AddUser(ctx context.Context, db *PostgreSQL) error { - _, err := db.NewUser(ctx, dbplugin.NewUserRequest{ - Statements: dbplugin.Statements{ - Commands: []string{ - `CREATE ROLE "{{name}}" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}' INHERIT; - GRANT ro TO "{{name}}";`, - }, - }, - }) - - return err -} - -func getHost(url string) string { - splitCreds := strings.Split(url, "@")[1] - - return strings.Split(splitCreds, "/")[0] -} diff --git a/scripts/build.sh b/scripts/build.sh index b2e1302cb4aec..c041e0574e4a6 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -18,10 +18,10 @@ cd "$DIR" BUILD_TAGS="${BUILD_TAGS:-"vault"}" # Get the git commit -GIT_COMMIT="$(git rev-parse HEAD)" +GIT_COMMIT="$("$SOURCE_DIR"/crt-builder.sh revision)" GIT_DIRTY="$(test -n "`git status --porcelain`" && echo "+CHANGES" || true)" -BUILD_DATE=$("$SOURCE_DIR"/build_date.sh) +BUILD_DATE="$("$SOURCE_DIR"/crt-builder.sh date)" GOPATH=${GOPATH:-$(${GO_CMD} env GOPATH)} case $(uname) in diff --git a/scripts/build_date.sh b/scripts/build_date.sh deleted file mode 100755 index 56504595f81a3..0000000000000 --- a/scripts/build_date.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -# it's tricky to do an RFC3339 format in a cross platform way, so we hardcode UTC -DATE_FORMAT="%Y-%m-%dT%H:%M:%SZ" - -# we're using this for build date because it's stable across platform builds -git show --no-show-signature -s --format=%cd --date=format:"$DATE_FORMAT" HEAD diff --git a/scripts/crt-builder.sh b/scripts/crt-builder.sh new file mode 100755 index 0000000000000..f69797efcbae1 --- /dev/null +++ b/scripts/crt-builder.sh @@ -0,0 +1,234 @@ +#!/usr/bin/env bash + +# The crt-builder is used to detemine build metadata and create Vault builds. +# We use it in build-vault.yml for building release artifacts with CRT. It is +# also used by Enos for artifact_source:local scenario variants. + +set -euo pipefail + +# We don't want to get stuck in some kind of interactive pager +export GIT_PAGER=cat + +# Get the full version information +function version() { + local version + local prerelease + local metadata + + version=$(version_base) + prerelease=$(version_pre) + metadata=$(version_metadata) + + if [ -n "$metadata" ] && [ -n "$prerelease" ]; then + echo "$version-$prerelease+$metadata" + elif [ -n "$metadata" ]; then + echo "$version+$metadata" + elif [ -n "$prerelease" ]; then + echo "$version-$prerelease" + else + echo "$version" + fi +} + +# Get the base version +function version_base() { + : "${VAULT_VERSION:=""}" + + if [ -n "$VAULT_VERSION" ]; then + echo "$VAULT_VERSION" + return + fi + + : "${VERSION_FILE:=$(repo_root)/sdk/version/version_base.go}" + awk '$1 == "Version" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE" +} + +# Get the version pre-release +function version_pre() { + : "${VAULT_PRERELEASE:=""}" + + if [ -n "$VAULT_PRERELEASE" ]; then + echo "$VAULT_PRERELEASE" + return + fi + + : "${VERSION_FILE:=$(repo_root)/sdk/version/version_base.go}" + awk '$1 == "VersionPrerelease" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE" +} + +# Get the version metadata, which is commonly the edition +function version_metadata() { + : "${VAULT_METADATA:=""}" + + if [ -n "$VAULT_METADATA" ]; then + echo "$VAULT_METADATA" + return + fi + + : "${VERSION_FILE:=$(repo_root)/sdk/version/version_base.go}" + awk '$1 == "VersionMetadata" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE" +} + +# Get the build date from the latest commit since it can be used across all +# builds +function build_date() { + # It's tricky to do an RFC3339 format in a cross platform way, so we hardcode UTC + : "${DATE_FORMAT:="%Y-%m-%dT%H:%M:%SZ"}" + git show --no-show-signature -s --format=%cd --date=format:"$DATE_FORMAT" HEAD +} + +# Get the revision, which is the latest commit SHA +function build_revision() { + git rev-parse HEAD +} + +# Determine our repository by looking at our origin URL +function repo() { + basename -s .git "$(git config --get remote.origin.url)" +} + +# Determine the root directory of the repository +function repo_root() { + git rev-parse --show-toplevel +} + +# Determine the artifact basename based on metadata +function artifact_basename() { + : "${PKG_NAME:="vault"}" + : "${GOOS:=$(go env GOOS)}" + : "${GOARCH:=$(go env GOARCH)}" + + echo "${PKG_NAME}_$(version)_${GOOS}_${GOARCH}" +} + +# Build the UI +function build_ui() { + local repo_root + repo_root=$(repo_root) + + pushd "$repo_root" + mkdir -p http/web_ui + popd + pushd "$repo_root/ui" + yarn install --ignore-optional + npm rebuild node-sass + yarn --verbose run build + popd +} + +# Build Vault +function build() { + local version + local revision + local prerelease + local build_date + local ldflags + local msg + + # Get or set our basic build metadata + version=$(version_base) + revision=$(build_revision) + metadata=$(version_metadata) + prerelease=$(version_pre) + build_date=$(build_date) + : "${GO_TAGS:=""}" + : "${KEEP_SYMBOLS:=""}" + + # Build our ldflags + msg="--> Building Vault v$version, revision $revision, built $build_date" + + # Strip the symbol and dwarf information by default + if [ -n "$KEEP_SYMBOLS" ]; then + ldflags="" + else + ldflags="-s -w " + fi + + ldflags="${ldflags}-X github.com/hashicorp/vault/sdk/version.Version=$version -X github.com/hashicorp/vault/sdk/version.GitCommit=$revision -X github.com/hashicorp/vault/sdk/version.BuildDate=$build_date" + + if [ -n "$prerelease" ]; then + msg="${msg}, prerelease ${prerelease}" + ldflags="${ldflags} -X github.com/hashicorp/vault/sdk/version.VersionPrerelease=$prerelease" + fi + + if [ -n "$metadata" ]; then + msg="${msg}, metadata ${VAULT_METADATA}" + ldflags="${ldflags} -X github.com/hashicorp/vault/sdk/version.VersionMetadata=$metadata" + fi + + # Build vault + echo "$msg" + pushd "$(repo_root)" + mkdir -p dist + mkdir -p out + set -x + go build -v -tags "$GO_TAGS" -ldflags "$ldflags" -o dist/ + set +x + popd +} + +# Bundle the dist directory +function bundle() { + : "${BUNDLE_PATH:=$(repo_root)/vault.zip}" + echo "--> Bundling dist/* to $BUNDLE_PATH" + zip -r -j "$BUNDLE_PATH" dist/ +} + +# Prepare legal requirements for packaging +function prepare_legal() { + : "${PKG_NAME:="vault"}" + + pushd "$(repo_root)" + mkdir -p dist + curl -o dist/EULA.txt https://eula.hashicorp.com/EULA.txt + curl -o dist/TermsOfEvaluation.txt https://eula.hashicorp.com/TermsOfEvaluation.txt + mkdir -p ".release/linux/package/usr/share/doc/$PKG_NAME" + cp dist/EULA.txt ".release/linux/package/usr/share/doc/$PKG_NAME/EULA.txt" + cp dist/TermsOfEvaluation.txt ".release/linux/package/usr/share/doc/$PKG_NAME/TermsOfEvaluation.txt" + popd +} + +# Run the CRT Builder +function main() { + case $1 in + artifact-basename) + artifact_basename + ;; + build) + build + ;; + build-ui) + build_ui + ;; + bundle) + bundle + ;; + date) + build_date + ;; + prepare-legal) + prepare_legal + ;; + revision) + build_revision + ;; + version) + version + ;; + version-base) + version_base + ;; + version-pre) + version_pre + ;; + version-meta) + version_metadata + ;; + *) + echo "unknown sub-command" >&2 + exit 1 + ;; + esac +} + +main "$@" diff --git a/scripts/gen_openapi.sh b/scripts/gen_openapi.sh index 0119a3198bb6c..e98633b295e5b 100755 --- a/scripts/gen_openapi.sh +++ b/scripts/gen_openapi.sh @@ -24,94 +24,56 @@ vault server -dev -dev-root-token-id=root & sleep 2 VAULT_PID=$! -export VAULT_ADDR=http://127.0.0.1:8200 +echo "Mounting all builtin backends..." -echo "Mounting all builtin plugins..." - -# Enable auth plugins +# Read auth backends codeLinesStarted=false - +inQuotesRegex='".*"' while read -r line; do if [[ $line == *"credentialBackends:"* ]] ; then codeLinesStarted=true - elif [[ $line == *"databasePlugins:"* ]] ; then + elif [ $codeLinesStarted = true ] && [[ $line = *"}"* ]] ; then break - elif [ $codeLinesStarted = true ] && [[ $line == *"consts.Deprecated"* || $line == *"consts.PendingRemoval"* ]] ; then - auth_plugin_previous="" - elif [ $codeLinesStarted = true ] && [[ $line =~ ^\s*\"(.*)\"\:.*$ ]] ; then - auth_plugin_current=${BASH_REMATCH[1]} - - if [[ -n "${auth_plugin_previous}" ]] ; then - echo "enabling auth plugin: ${auth_plugin_previous}" - vault auth enable "${auth_plugin_previous}" - fi - - auth_plugin_previous="${auth_plugin_current}" + elif [ $codeLinesStarted = true ] && [[ $line =~ $inQuotesRegex ]] && [[ $line != *"Deprecated"* ]] ; then + backend=${BASH_REMATCH[0]} + plugin=$(sed -e 's/^"//' -e 's/"$//' <<<"$backend") + vault auth enable "${plugin}" fi done <../../vault/helper/builtinplugins/registry.go -if [[ -n "${auth_plugin_previous}" ]] ; then - echo "enabling auth plugin: ${auth_plugin_previous}" - vault auth enable "${auth_plugin_previous}" -fi - -# Enable secrets plugins +# Read secrets backends codeLinesStarted=false - while read -r line; do if [[ $line == *"logicalBackends:"* ]] ; then codeLinesStarted=true - elif [[ $line == *"addExternalPlugins("* ]] ; then + elif [ $codeLinesStarted = true ] && [[ $line = *"}"* ]] ; then break - elif [ $codeLinesStarted = true ] && [[ $line == *"consts.Deprecated"* || $line == *"consts.PendingRemoval"* ]] ; then - secrets_plugin_previous="" - elif [ $codeLinesStarted = true ] && [[ $line =~ ^\s*\"(.*)\"\:.*$ ]] ; then - secrets_plugin_current=${BASH_REMATCH[1]} - - if [[ -n "${secrets_plugin_previous}" ]] ; then - echo "enabling secrets plugin: ${secrets_plugin_previous}" - vault secrets enable "${secrets_plugin_previous}" - fi - - secrets_plugin_previous="${secrets_plugin_current}" + elif [ $codeLinesStarted = true ] && [[ $line =~ $inQuotesRegex ]] && [[ $line != *"Deprecated"* ]] ; then + backend=${BASH_REMATCH[0]} + plugin=$(sed -e 's/^"//' -e 's/"$//' <<<"$backend") + vault secrets enable "${plugin}" fi done <../../vault/helper/builtinplugins/registry.go -if [[ -n "${secrets_plugin_previous}" ]] ; then - echo "enabling secrets plugin: ${secrets_plugin_previous}" - vault secrets enable "${secrets_plugin_previous}" -fi # Enable enterprise features entRegFile=../../vault/helper/builtinplugins/registry_util_ent.go -if [ -f $entRegFile ] && [[ -n "${VAULT_LICENSE}" ]]; then - vault write sys/license text="${VAULT_LICENSE}" - - codeLinesStarted=false - - while read -r line; do - if [[ $line == *"ExternalPluginsEnt:"* ]] ; then - codeLinesStarted=true - elif [[ $line == *"addExtPluginsEntImpl("* ]] ; then - break - elif [ $codeLinesStarted = true ] && [[ $line == *"consts.Deprecated"* || $line == *"consts.PendingRemoval"* ]] ; then - secrets_plugin_previous="" - elif [ $codeLinesStarted = true ] && [[ $line =~ ^\s*\"(.*)\"\:.*$ ]] ; then - ent_plugin_current=${BASH_REMATCH[1]} +if [ -f $entRegFile ] && [[ -n "$VAULT_LICENSE" ]]; then + vault write sys/license text="$VAULT_LICENSE" - if [[ -n "${ent_plugin_previous}" ]] ; then - echo "enabling enterprise plugin: ${ent_plugin_previous}" - vault secrets enable "${ent_plugin_previous}" - fi - - ent_plugin_previous="${ent_plugin_current}" - fi - done <$entRegFile - - if [[ -n "${ent_plugin_previous}" ]] ; then - echo "enabling enterprise plugin: ${ent_plugin_previous}" - vault secrets enable "${ent_plugin_previous}" + inQuotesRegex='".*"' + codeLinesStarted=false + while read -r line; do + if [[ $line == *"ExternalPluginsEnt"* ]] ; then + codeLinesStarted=true + elif [ $codeLinesStarted = true ] && [[ $line = *"}"* ]] ; then + break + elif [ $codeLinesStarted = true ] && [[ $line =~ $inQuotesRegex ]] && [[ $line != *"Deprecated"* ]] ; then + backend=${BASH_REMATCH[0]} + plugin=$(sed -e 's/^"//' -e 's/"$//' <<<"$backend") + vault secrets enable "${plugin}" fi + done <$entRegFile fi # Output OpenAPI, optionally formatted diff --git a/scripts/version.sh b/scripts/version.sh deleted file mode 100755 index 41177a45fa512..0000000000000 --- a/scripts/version.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -version_file=$1 -version=$(awk '$1 == "Version" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "${version_file}") -prerelease=$(awk '$1 == "VersionPrerelease" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "${version_file}") - -if [ -n "$prerelease" ]; then - echo "${version}-${prerelease}" -else - echo "${version}" -fi diff --git a/sdk/database/dbplugin/database.pb.go b/sdk/database/dbplugin/database.pb.go index df7a138e009ac..c916c861e27fa 100644 --- a/sdk/database/dbplugin/database.pb.go +++ b/sdk/database/dbplugin/database.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: sdk/database/dbplugin/database.proto package dbplugin diff --git a/sdk/database/dbplugin/v5/proto/database.pb.go b/sdk/database/dbplugin/v5/proto/database.pb.go index dd595c904fc4a..f814c60bcec1d 100644 --- a/sdk/database/dbplugin/v5/proto/database.pb.go +++ b/sdk/database/dbplugin/v5/proto/database.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: sdk/database/dbplugin/v5/proto/database.proto package proto diff --git a/sdk/go.mod b/sdk/go.mod index 13351351c8d0c..31de32eff9aa6 100644 --- a/sdk/go.mod +++ b/sdk/go.mod @@ -16,7 +16,7 @@ require ( github.com/hashicorp/go-immutable-radix v1.3.1 github.com/hashicorp/go-kms-wrapping/entropy/v2 v2.0.0 github.com/hashicorp/go-multierror v1.1.1 - github.com/hashicorp/go-plugin v1.4.5 + github.com/hashicorp/go-plugin v1.4.3 github.com/hashicorp/go-secure-stdlib/base62 v0.1.1 github.com/hashicorp/go-secure-stdlib/mlock v0.1.1 github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 diff --git a/sdk/go.sum b/sdk/go.sum index 9107c46e1be6a..a2020026638b4 100644 --- a/sdk/go.sum +++ b/sdk/go.sum @@ -61,6 +61,7 @@ github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5y github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= @@ -88,6 +89,7 @@ github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brv github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= +github.com/hashicorp/go-hclog v0.14.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-hclog v0.16.2 h1:K4ev2ib4LdQETX5cSZBG0DVLk1jwGqSPXBjdah3veNs= github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= @@ -98,8 +100,8 @@ github.com/hashicorp/go-kms-wrapping/entropy/v2 v2.0.0/go.mod h1:xvb32K2keAc+R8D github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-plugin v1.4.5 h1:oTE/oQR4eghggRg8VY7PAz3dr++VwDNBGCcOfIvHpBo= -github.com/hashicorp/go-plugin v1.4.5/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= +github.com/hashicorp/go-plugin v1.4.3 h1:DXmvivbWD5qdiBts9TpBC7BYL1Aia5sxbRgQB+v6UZM= +github.com/hashicorp/go-plugin v1.4.3/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ38b18Udy6vYQ= github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= github.com/hashicorp/go-secure-stdlib/base62 v0.1.1 h1:6KMBnfEv0/kLAz0O76sliN5mXbCDcLfs2kP7ssP7+DQ= github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= @@ -131,6 +133,7 @@ github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= +github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= @@ -156,6 +159,7 @@ github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5 github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= +github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= @@ -222,6 +226,7 @@ golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -272,15 +277,18 @@ golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1N golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20170818010345-ee236bd376b0/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013 h1:+kGHl1aib/qcwaRi1CbqBZ1rk19r85MNUf8HaBghugY= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.41.0 h1:f+PlOh7QV4iIJkPrx5NQ7qaNGFQ3OTse67yaDHfju4E= diff --git a/sdk/helper/certutil/helpers.go b/sdk/helper/certutil/helpers.go index 58ebc06f2d0a3..0971fefe8ae0f 100644 --- a/sdk/helper/certutil/helpers.go +++ b/sdk/helper/certutil/helpers.go @@ -1033,10 +1033,7 @@ func selectSignatureAlgorithmForECDSA(pub crypto.PublicKey, signatureBits int) x } } -var ( - oidExtensionBasicConstraints = []int{2, 5, 29, 19} - oidExtensionSubjectAltName = []int{2, 5, 29, 17} -) +var oidExtensionBasicConstraints = []int{2, 5, 29, 19} // CreateCSR creates a CSR with the default rand.Reader to // generate a cert/keypair. This is currently only meant @@ -1211,7 +1208,7 @@ func signCertificate(data *CreationBundle, randReader io.Reader) (*ParsedCertBun certTemplate.URIs = data.CSR.URIs for _, name := range data.CSR.Extensions { - if !name.Id.Equal(oidExtensionBasicConstraints) && !(len(data.Params.OtherSANs) > 0 && name.Id.Equal(oidExtensionSubjectAltName)) { + if !name.Id.Equal(oidExtensionBasicConstraints) { certTemplate.ExtraExtensions = append(certTemplate.ExtraExtensions, name) } } diff --git a/sdk/helper/consts/consts.go b/sdk/helper/consts/consts.go index a4b7c50404229..c431e2e594194 100644 --- a/sdk/helper/consts/consts.go +++ b/sdk/helper/consts/consts.go @@ -34,6 +34,4 @@ const ( ReplicationResolverALPN = "replication_resolver_v1" VaultEnableFilePermissionsCheckEnv = "VAULT_ENABLE_FILE_PERMISSIONS_CHECK" - - VaultDisableUserLockout = "VAULT_DISABLE_USER_LOCKOUT" ) diff --git a/sdk/helper/keysutil/consts.go b/sdk/helper/keysutil/consts.go index e6c657b9115e8..cbb8123517f13 100644 --- a/sdk/helper/keysutil/consts.go +++ b/sdk/helper/keysutil/consts.go @@ -13,8 +13,8 @@ import ( type HashType uint32 const ( - HashTypeNone HashType = iota - HashTypeSHA1 + _ = iota + HashTypeSHA1 HashType = iota HashTypeSHA2224 HashTypeSHA2256 HashTypeSHA2384 @@ -35,7 +35,6 @@ const ( var ( HashTypeMap = map[string]HashType{ - "none": HashTypeNone, "sha1": HashTypeSHA1, "sha2-224": HashTypeSHA2224, "sha2-256": HashTypeSHA2256, @@ -48,7 +47,6 @@ var ( } HashFuncMap = map[HashType]func() hash.Hash{ - HashTypeNone: nil, HashTypeSHA1: sha1.New, HashTypeSHA2224: sha256.New224, HashTypeSHA2256: sha256.New, @@ -61,7 +59,6 @@ var ( } CryptoHashMap = map[HashType]crypto.Hash{ - HashTypeNone: 0, HashTypeSHA1: crypto.SHA1, HashTypeSHA2224: crypto.SHA224, HashTypeSHA2256: crypto.SHA256, diff --git a/sdk/helper/keysutil/policy.go b/sdk/helper/keysutil/policy.go index 3417c29922141..73afb9ecd7384 100644 --- a/sdk/helper/keysutil/policy.go +++ b/sdk/helper/keysutil/policy.go @@ -79,10 +79,6 @@ type AEADFactory interface { GetAEAD(iv []byte) (cipher.AEAD, error) } -type AssociatedDataFactory interface { - GetAssociatedData() ([]byte, error) -} - type RestoreInfo struct { Time time.Time `json:"time"` Version int `json:"version"` @@ -151,14 +147,6 @@ func (kt KeyType) DerivationSupported() bool { return false } -func (kt KeyType) AssociatedDataSupported() bool { - switch kt { - case KeyType_AES128_GCM96, KeyType_AES256_GCM96, KeyType_ChaCha20_Poly1305: - return true - } - return false -} - func (kt KeyType) String() string { switch kt { case KeyType_AES128_GCM96: @@ -856,10 +844,6 @@ func (p *Policy) Encrypt(ver int, context, nonce []byte, value string) (string, } func (p *Policy) Decrypt(context, nonce []byte, value string) (string, error) { - return p.DecryptWithFactory(context, nonce, value, nil) -} - -func (p *Policy) DecryptWithFactory(context, nonce []byte, value string, factories ...interface{}) (string, error) { if !p.Type.DecryptionSupported() { return "", errutil.UserError{Err: fmt.Sprintf("message decryption not supported for key type %v", p.Type)} } @@ -927,28 +911,11 @@ func (p *Policy) DecryptWithFactory(context, nonce []byte, value string, factori return "", errutil.InternalError{Err: "could not derive enc key, length not correct"} } - symopts := SymmetricOpts{ - Convergent: p.ConvergentEncryption, - ConvergentVersion: p.ConvergentVersion, - } - for index, rawFactory := range factories { - if rawFactory == nil { - continue - } - switch factory := rawFactory.(type) { - case AEADFactory: - symopts.AEADFactory = factory - case AssociatedDataFactory: - symopts.AdditionalData, err = factory.GetAssociatedData() - if err != nil { - return "", errutil.InternalError{Err: fmt.Sprintf("unable to get associated_data/additional_data from factory[%d]: %v", index, err)} - } - default: - return "", errutil.InternalError{Err: fmt.Sprintf("unknown type of factory[%d]: %T", index, rawFactory)} - } - } - - plain, err = p.SymmetricDecryptRaw(encKey, decoded, symopts) + plain, err = p.SymmetricDecryptRaw(encKey, decoded, + SymmetricOpts{ + Convergent: p.ConvergentEncryption, + ConvergentVersion: p.ConvergentVersion, + }) if err != nil { return "", err } @@ -1863,7 +1830,7 @@ func (p *Policy) SymmetricDecryptRaw(encKey, ciphertext []byte, opts SymmetricOp return plain, nil } -func (p *Policy) EncryptWithFactory(ver int, context []byte, nonce []byte, value string, factories ...interface{}) (string, error) { +func (p *Policy) EncryptWithFactory(ver int, context []byte, nonce []byte, value string, factory AEADFactory) (string, error) { if !p.Type.EncryptionSupported() { return "", errutil.UserError{Err: fmt.Sprintf("message encryption not supported for key type %v", p.Type)} } @@ -1924,29 +1891,14 @@ func (p *Policy) EncryptWithFactory(ver int, context []byte, nonce []byte, value } } - symopts := SymmetricOpts{ - Convergent: p.ConvergentEncryption, - HMACKey: hmacKey, - Nonce: nonce, - } - for index, rawFactory := range factories { - if rawFactory == nil { - continue - } - switch factory := rawFactory.(type) { - case AEADFactory: - symopts.AEADFactory = factory - case AssociatedDataFactory: - symopts.AdditionalData, err = factory.GetAssociatedData() - if err != nil { - return "", errutil.InternalError{Err: fmt.Sprintf("unable to get associated_data/additional_data from factory[%d]: %v", index, err)} - } - default: - return "", errutil.InternalError{Err: fmt.Sprintf("unknown type of factory[%d]: %T", index, rawFactory)} - } - } + ciphertext, err = p.SymmetricEncryptRaw(ver, encKey, plaintext, + SymmetricOpts{ + Convergent: p.ConvergentEncryption, + HMACKey: hmacKey, + Nonce: nonce, + AEADFactory: factory, + }) - ciphertext, err = p.SymmetricEncryptRaw(ver, encKey, plaintext, symopts) if err != nil { return "", err } diff --git a/sdk/helper/keysutil/policy_test.go b/sdk/helper/keysutil/policy_test.go index 2df73971a2b1c..91767cfd9d398 100644 --- a/sdk/helper/keysutil/policy_test.go +++ b/sdk/helper/keysutil/policy_test.go @@ -953,9 +953,6 @@ func Test_RSA_PSS(t *testing.T) { // 2. For each hash algorithm... for hashAlgorithm, hashType := range HashTypeMap { t.Log(tabs[1], "Hash algorithm:", hashAlgorithm) - if hashAlgorithm == "none" { - continue - } // 3. For each marshaling type... for marshalingName, marshalingType := range MarshalingTypeMap { @@ -967,92 +964,6 @@ func Test_RSA_PSS(t *testing.T) { } } -func Test_RSA_PKCS1(t *testing.T) { - t.Log("Testing RSA PKCS#1v1.5") - - ctx := context.Background() - storage := &logical.InmemStorage{} - // https://crypto.stackexchange.com/a/1222 - input := []byte("Sphinx of black quartz, judge my vow") - sigAlgorithm := "pkcs1v15" - - tabs := make(map[int]string) - for i := 1; i <= 6; i++ { - tabs[i] = strings.Repeat("\t", i) - } - - test_RSA_PKCS1 := func(t *testing.T, p *Policy, rsaKey *rsa.PrivateKey, hashType HashType, - marshalingType MarshalingType, - ) { - unsaltedOptions := SigningOptions{ - HashAlgorithm: hashType, - Marshaling: marshalingType, - SigAlgorithm: sigAlgorithm, - } - cryptoHash := CryptoHashMap[hashType] - - // PKCS#1v1.5 NoOID uses a direct input and assumes it is pre-hashed. - if hashType != 0 { - hash := cryptoHash.New() - hash.Write(input) - input = hash.Sum(nil) - } - - // 1. Make a signature with the given key size and hash algorithm. - t.Log(tabs[3], "Make an automatic signature") - sig, err := p.Sign(0, nil, input, hashType, sigAlgorithm, marshalingType) - if err != nil { - // A bit of a hack but FIPS go does not support some hash types - if isUnsupportedGoHashType(hashType, err) { - t.Skip(tabs[4], "skipping test as FIPS Go does not support hash type") - return - } - t.Fatal(tabs[4], "❌ Failed to automatically sign:", err) - } - - // 1.1 Verify this signature using the *inferred* salt length. - autoVerify(4, t, p, input, sig, unsaltedOptions) - } - - rsaKeyTypes := []KeyType{KeyType_RSA2048, KeyType_RSA3072, KeyType_RSA4096} - testKeys, err := generateTestKeys() - if err != nil { - t.Fatalf("error generating test keys: %s", err) - } - - // 1. For each standard RSA key size 2048, 3072, and 4096... - for _, rsaKeyType := range rsaKeyTypes { - t.Log("Key size: ", rsaKeyType) - p := &Policy{ - Name: fmt.Sprint(rsaKeyType), // NOTE: crucial to create a new key per key size - Type: rsaKeyType, - } - - rsaKeyBytes := testKeys[rsaKeyType] - err := p.Import(ctx, storage, rsaKeyBytes, rand.Reader) - if err != nil { - t.Fatal(tabs[1], "❌ Failed to import key:", err) - } - rsaKeyAny, err := x509.ParsePKCS8PrivateKey(rsaKeyBytes) - if err != nil { - t.Fatalf("error parsing test keys: %s", err) - } - rsaKey := rsaKeyAny.(*rsa.PrivateKey) - - // 2. For each hash algorithm... - for hashAlgorithm, hashType := range HashTypeMap { - t.Log(tabs[1], "Hash algorithm:", hashAlgorithm) - - // 3. For each marshaling type... - for marshalingName, marshalingType := range MarshalingTypeMap { - t.Log(tabs[2], "Marshaling type:", marshalingName) - testName := fmt.Sprintf("%s-%s-%s", rsaKeyType, hashAlgorithm, marshalingName) - t.Run(testName, func(t *testing.T) { test_RSA_PKCS1(t, p, rsaKey, hashType, marshalingType) }) - } - } - } -} - // Normal Go builds support all the hash functions for RSA_PSS signatures but the // FIPS Go build does not support at this time the SHA3 hashes as FIPS 140_2 does // not accept them. diff --git a/sdk/helper/pluginutil/multiplexing.pb.go b/sdk/helper/pluginutil/multiplexing.pb.go index 96963af3e62c3..d7073b10e0a5b 100644 --- a/sdk/helper/pluginutil/multiplexing.pb.go +++ b/sdk/helper/pluginutil/multiplexing.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: sdk/helper/pluginutil/multiplexing.proto package pluginutil diff --git a/sdk/logical/error.go b/sdk/logical/error.go index 68c8e13732021..02f68dd9189c4 100644 --- a/sdk/logical/error.go +++ b/sdk/logical/error.go @@ -17,11 +17,6 @@ var ( // ErrPermissionDenied is returned if the client is not authorized ErrPermissionDenied = errors.New("permission denied") - // ErrInvalidCredentials is returned when the provided credentials are incorrect - // This is used internally for user lockout purposes. This is not seen externally. - // The status code returned does not change because of this error - ErrInvalidCredentials = errors.New("invalid credentials") - // ErrMultiAuthzPending is returned if the the request needs more // authorizations ErrMultiAuthzPending = errors.New("request needs further approval") diff --git a/sdk/logical/identity.pb.go b/sdk/logical/identity.pb.go index 18af6e6828cb7..6c1c4b2c9b903 100644 --- a/sdk/logical/identity.pb.go +++ b/sdk/logical/identity.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: sdk/logical/identity.proto package logical diff --git a/sdk/logical/plugin.pb.go b/sdk/logical/plugin.pb.go index 9be723e14be2d..03be5d3cba056 100644 --- a/sdk/logical/plugin.pb.go +++ b/sdk/logical/plugin.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: sdk/logical/plugin.proto package logical diff --git a/sdk/logical/response.go b/sdk/logical/response.go index 0f8a2210ecaba..19194f524871c 100644 --- a/sdk/logical/response.go +++ b/sdk/logical/response.go @@ -92,8 +92,7 @@ func (r *Response) AddWarning(warning string) { // IsError returns true if this response seems to indicate an error. func (r *Response) IsError() bool { - // If the response data contains only an 'error' element, or an 'error' and a 'data' element only - return r != nil && r.Data != nil && r.Data["error"] != nil && (len(r.Data) == 1 || (r.Data["data"] != nil && len(r.Data) == 2)) + return r != nil && r.Data != nil && len(r.Data) == 1 && r.Data["error"] != nil } func (r *Response) Error() error { diff --git a/sdk/logical/response_util.go b/sdk/logical/response_util.go index 4a9f61d563f6f..7454189f1d7d7 100644 --- a/sdk/logical/response_util.go +++ b/sdk/logical/response_util.go @@ -122,8 +122,6 @@ func RespondErrorCommon(req *Request, resp *Response, err error) (int, error) { statusCode = http.StatusNotFound case errwrap.Contains(err, ErrRelativePath.Error()): statusCode = http.StatusBadRequest - case errwrap.Contains(err, ErrInvalidCredentials.Error()): - statusCode = http.StatusBadRequest } } @@ -182,23 +180,3 @@ func RespondError(w http.ResponseWriter, status int, err error) { enc := json.NewEncoder(w) enc.Encode(resp) } - -func RespondErrorAndData(w http.ResponseWriter, status int, data interface{}, err error) { - AdjustErrorStatusCode(&status, err) - - w.Header().Set("Content-Type", "application/json") - w.WriteHeader(status) - - type ErrorAndDataResponse struct { - Errors []string `json:"errors"` - Data interface{} `json:"data""` - } - resp := &ErrorAndDataResponse{Errors: make([]string, 0, 1)} - if err != nil { - resp.Errors = append(resp.Errors, err.Error()) - } - resp.Data = data - - enc := json.NewEncoder(w) - enc.Encode(resp) -} diff --git a/sdk/logical/response_util_test.go b/sdk/logical/response_util_test.go index 00d70a5c4a2ea..823c4afbdc217 100644 --- a/sdk/logical/response_util_test.go +++ b/sdk/logical/response_util_test.go @@ -1,7 +1,6 @@ package logical import ( - "errors" "strings" "testing" ) @@ -61,17 +60,6 @@ func TestResponseUtil_RespondErrorCommon_basic(t *testing.T) { respErr: nil, expectedStatus: 0, }, - { - title: "Invalid Credentials error ", - respErr: ErrInvalidCredentials, - resp: &Response{ - Data: map[string]interface{}{ - "error": "error due to wrong credentials", - }, - }, - expectedErr: errors.New("error due to wrong credentials"), - expectedStatus: 400, - }, } for _, tc := range testCases { diff --git a/sdk/logical/version.pb.go b/sdk/logical/version.pb.go index 415970f193492..7845aeaf5c372 100644 --- a/sdk/logical/version.pb.go +++ b/sdk/logical/version.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: sdk/logical/version.proto package logical diff --git a/sdk/physical/cache.go b/sdk/physical/cache.go index af40f53859574..ffac33189bbc0 100644 --- a/sdk/physical/cache.go +++ b/sdk/physical/cache.go @@ -29,6 +29,7 @@ var cacheExceptionsPaths = []string{ "sys/expire/", "core/poison-pill", "core/raft/tls", + "core/license", } // CacheRefreshContext returns a context with an added value denoting if the diff --git a/sdk/plugin/grpc_system_test.go b/sdk/plugin/grpc_system_test.go index 57754534556b2..8d4de0afa8771 100644 --- a/sdk/plugin/grpc_system_test.go +++ b/sdk/plugin/grpc_system_test.go @@ -106,6 +106,10 @@ func TestSystem_GRPC_replicationState(t *testing.T) { } } +func TestSystem_GRPC_responseWrapData(t *testing.T) { + t.SkipNow() +} + func TestSystem_GRPC_lookupPlugin(t *testing.T) { sys := logical.TestSystemView() client, _ := plugin.TestGRPCConn(t, func(s *grpc.Server) { diff --git a/sdk/plugin/pb/backend.pb.go b/sdk/plugin/pb/backend.pb.go index 88d55809c9d47..8b764b5fd01da 100644 --- a/sdk/plugin/pb/backend.pb.go +++ b/sdk/plugin/pb/backend.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.28.1 -// protoc v3.21.7 +// protoc v3.21.5 // source: sdk/plugin/pb/backend.proto package pb diff --git a/sdk/version/version_base.go b/sdk/version/version_base.go index e45626e2cd8a1..25e6125014681 100644 --- a/sdk/version/version_base.go +++ b/sdk/version/version_base.go @@ -11,7 +11,7 @@ var ( // Whether cgo is enabled or not; set at build time CgoEnabled bool - Version = "1.13.0" - VersionPrerelease = "dev1" + Version = "1.12.2" + VersionPrerelease = "" VersionMetadata = "" ) diff --git a/ui/.ember-cli b/ui/.ember-cli index f6e59871ff52d..4202ec1b2d71a 100644 --- a/ui/.ember-cli +++ b/ui/.ember-cli @@ -6,11 +6,5 @@ Setting `disableAnalytics` to true will prevent any data from being sent. */ "disableAnalytics": true, - "output-path": "../http/web_ui", - - /** - Setting `isTypeScriptProject` to true will force the blueprint generators to generate TypeScript - rather than JavaScript by default, when a TypeScript version of a given blueprint is available. - */ - "isTypeScriptProject": false + "output-path": "../http/web_ui" } diff --git a/ui/.eslintignore b/ui/.eslintignore index a292799defef0..5bd267e8e9d7c 100644 --- a/ui/.eslintignore +++ b/ui/.eslintignore @@ -20,8 +20,6 @@ # ember-try /.node_modules.ember-try/ /bower.json.ember-try -/npm-shrinkwrap.json.ember-try /package.json.ember-try -/package-lock.json.ember-try -/yarn.lock.ember-try + /tests/helpers/vault-keys.js diff --git a/ui/.eslintrc.js b/ui/.eslintrc.js index 8b55732d46f98..9e626cbc17bba 100644 --- a/ui/.eslintrc.js +++ b/ui/.eslintrc.js @@ -23,7 +23,7 @@ module.exports = { browser: true, }, rules: { - 'no-console': 'error', + 'no-console': 'warn', 'ember/no-mixins': 'warn', 'ember/no-new-mixins': 'off', // should be warn but then every line of the mixin is green // need to be fully glimmerized before these rules can be turned on @@ -63,7 +63,7 @@ module.exports = { }, }, { - // test files + // Test files: files: ['tests/**/*-test.{js,ts}'], extends: ['plugin:qunit/recommended'], }, diff --git a/ui/.github/workflows/ci.yml b/ui/.github/workflows/ci.yml deleted file mode 100644 index 6287d32644de6..0000000000000 --- a/ui/.github/workflows/ci.yml +++ /dev/null @@ -1,45 +0,0 @@ -name: CI - -on: - push: - branches: - - main - - master - pull_request: {} - -concurrency: - group: ci-${{ github.head_ref || github.ref }} - cancel-in-progress: true - -jobs: - lint: - name: "Lint" - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - name: Install Node - uses: actions/setup-node@v3 - with: - node-version: 12.x - cache: yarn - - name: Install Dependencies - run: yarn install --frozen-lockfile - - name: Lint - run: yarn lint - - test: - name: "Test" - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - name: Install Node - uses: actions/setup-node@v3 - with: - node-version: 12.x - cache: yarn - - name: Install Dependencies - run: yarn install --frozen-lockfile - - name: Run Tests - run: yarn test diff --git a/ui/.gitignore b/ui/.gitignore index 70da8c051de34..0474208ee07e0 100644 --- a/ui/.gitignore +++ b/ui/.gitignore @@ -22,10 +22,4 @@ package-lock.json # ember-try /.node_modules.ember-try/ /bower.json.ember-try -/npm-shrinkwrap.json.ember-try /package.json.ember-try -/package-lock.json.ember-try -/yarn.lock.ember-try - -# broccoli-debug -/DEBUG/ diff --git a/ui/.prettierignore b/ui/.prettierignore index 4178fd571e680..9221655522bb5 100644 --- a/ui/.prettierignore +++ b/ui/.prettierignore @@ -14,12 +14,8 @@ /coverage/ !.* .eslintcache -.lint-todo/ # ember-try /.node_modules.ember-try/ /bower.json.ember-try -/npm-shrinkwrap.json.ember-try /package.json.ember-try -/package-lock.json.ember-try -/yarn.lock.ember-try diff --git a/ui/.template-lintrc.js b/ui/.template-lintrc.js index e4e51b09aa4ba..f61b165724d1b 100644 --- a/ui/.template-lintrc.js +++ b/ui/.template-lintrc.js @@ -29,18 +29,22 @@ try { prettier: false, }; } catch (error) { - console.log(error); // eslint-disable-line + console.log(error); } module.exports = { plugins: ['ember-template-lint-plugin-prettier'], extends: ['recommended', 'ember-template-lint-plugin-prettier:recommended'], rules: { + 'no-bare-strings': 'off', 'no-action': 'off', + 'no-duplicate-landmark-elements': 'warn', 'no-implicit-this': { allow: ['supported-auth-backends'], }, 'require-input-label': 'off', + 'no-down-event-binding': 'warn', + 'self-closing-void-elements': 'off', }, ignore: ['lib/story-md', 'tests/**'], // ember language server vscode extension does not currently respect the ignore field diff --git a/ui/.yarn/releases/yarn-1.22.19.js b/ui/.yarn/releases/yarn-1.22.19.js deleted file mode 100755 index 3144d7ffcb19d..0000000000000 --- a/ui/.yarn/releases/yarn-1.22.19.js +++ /dev/null @@ -1,175346 +0,0 @@ -#!/usr/bin/env node -module.exports = /******/ (function (modules) { - // webpackBootstrap - /******/ // The module cache - /******/ var installedModules = {}; - /******/ - /******/ // The require function - /******/ function __webpack_require__(moduleId) { - /******/ - /******/ // Check if module is in cache - /******/ if (installedModules[moduleId]) { - /******/ return installedModules[moduleId].exports; - /******/ - } - /******/ // Create a new module (and put it into the cache) - /******/ var module = (installedModules[moduleId] = { - /******/ i: moduleId, - /******/ l: false, - /******/ exports: {}, - /******/ - }); - /******/ - /******/ // Execute the module function - /******/ modules[moduleId].call(module.exports, module, module.exports, __webpack_require__); - /******/ - /******/ // Flag the module as loaded - /******/ module.l = true; - /******/ - /******/ // Return the exports of the module - /******/ return module.exports; - /******/ - } - /******/ - /******/ - /******/ // expose the modules object (__webpack_modules__) - /******/ __webpack_require__.m = modules; - /******/ - /******/ // expose the module cache - /******/ __webpack_require__.c = installedModules; - /******/ - /******/ // identity function for calling harmony imports with the correct context - /******/ __webpack_require__.i = function (value) { - return value; - }; - /******/ - /******/ // define getter function for harmony exports - /******/ __webpack_require__.d = function (exports, name, getter) { - /******/ if (!__webpack_require__.o(exports, name)) { - /******/ Object.defineProperty(exports, name, { - /******/ configurable: false, - /******/ enumerable: true, - /******/ get: getter, - /******/ - }); - /******/ - } - /******/ - }; - /******/ - /******/ // getDefaultExport function for compatibility with non-harmony modules - /******/ __webpack_require__.n = function (module) { - /******/ var getter = - module && module.__esModule - ? /******/ function getDefault() { - return module['default']; - } - : /******/ function getModuleExports() { - return module; - }; - /******/ __webpack_require__.d(getter, 'a', getter); - /******/ return getter; - /******/ - }; - /******/ - /******/ // Object.prototype.hasOwnProperty.call - /******/ __webpack_require__.o = function (object, property) { - return Object.prototype.hasOwnProperty.call(object, property); - }; - /******/ - /******/ // __webpack_public_path__ - /******/ __webpack_require__.p = ''; - /******/ - /******/ // Load entry module and return exports - /******/ return __webpack_require__((__webpack_require__.s = 517)); - /******/ -})( - /************************************************************************/ - /******/ [ - /* 0 */ - /***/ function (module, exports) { - module.exports = require('path'); - - /***/ - }, - /* 1 */ - /***/ function (module, __webpack_exports__, __webpack_require__) { - 'use strict'; - /* harmony export (immutable) */ __webpack_exports__['a'] = __extends; - /* unused harmony export __assign */ - /* unused harmony export __rest */ - /* unused harmony export __decorate */ - /* unused harmony export __param */ - /* unused harmony export __metadata */ - /* unused harmony export __awaiter */ - /* unused harmony export __generator */ - /* unused harmony export __exportStar */ - /* unused harmony export __values */ - /* unused harmony export __read */ - /* unused harmony export __spread */ - /* unused harmony export __await */ - /* unused harmony export __asyncGenerator */ - /* unused harmony export __asyncDelegator */ - /* unused harmony export __asyncValues */ - /* unused harmony export __makeTemplateObject */ - /* unused harmony export __importStar */ - /* unused harmony export __importDefault */ - /*! ***************************************************************************** -Copyright (c) Microsoft Corporation. All rights reserved. -Licensed under the Apache License, Version 2.0 (the "License"); you may not use -this file except in compliance with the License. You may obtain a copy of the -License at http://www.apache.org/licenses/LICENSE-2.0 - -THIS CODE IS PROVIDED ON AN *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED -WARRANTIES OR CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE, -MERCHANTABLITY OR NON-INFRINGEMENT. - -See the Apache Version 2.0 License for specific language governing permissions -and limitations under the License. -***************************************************************************** */ - /* global Reflect, Promise */ - - var extendStatics = function (d, b) { - extendStatics = - Object.setPrototypeOf || - ({ __proto__: [] } instanceof Array && - function (d, b) { - d.__proto__ = b; - }) || - function (d, b) { - for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; - }; - return extendStatics(d, b); - }; - - function __extends(d, b) { - extendStatics(d, b); - function __() { - this.constructor = d; - } - d.prototype = b === null ? Object.create(b) : ((__.prototype = b.prototype), new __()); - } - - var __assign = function () { - __assign = - Object.assign || - function __assign(t) { - for (var s, i = 1, n = arguments.length; i < n; i++) { - s = arguments[i]; - for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p]; - } - return t; - }; - return __assign.apply(this, arguments); - }; - - function __rest(s, e) { - var t = {}; - for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0) t[p] = s[p]; - if (s != null && typeof Object.getOwnPropertySymbols === 'function') - for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) - if (e.indexOf(p[i]) < 0) t[p[i]] = s[p[i]]; - return t; - } - - function __decorate(decorators, target, key, desc) { - var c = arguments.length, - r = c < 3 ? target : desc === null ? (desc = Object.getOwnPropertyDescriptor(target, key)) : desc, - d; - if (typeof Reflect === 'object' && typeof Reflect.decorate === 'function') - r = Reflect.decorate(decorators, target, key, desc); - else - for (var i = decorators.length - 1; i >= 0; i--) - if ((d = decorators[i])) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; - return c > 3 && r && Object.defineProperty(target, key, r), r; - } - - function __param(paramIndex, decorator) { - return function (target, key) { - decorator(target, key, paramIndex); - }; - } - - function __metadata(metadataKey, metadataValue) { - if (typeof Reflect === 'object' && typeof Reflect.metadata === 'function') - return Reflect.metadata(metadataKey, metadataValue); - } - - function __awaiter(thisArg, _arguments, P, generator) { - return new (P || (P = Promise))(function (resolve, reject) { - function fulfilled(value) { - try { - step(generator.next(value)); - } catch (e) { - reject(e); - } - } - function rejected(value) { - try { - step(generator['throw'](value)); - } catch (e) { - reject(e); - } - } - function step(result) { - result.done - ? resolve(result.value) - : new P(function (resolve) { - resolve(result.value); - }).then(fulfilled, rejected); - } - step((generator = generator.apply(thisArg, _arguments || [])).next()); - }); - } - - function __generator(thisArg, body) { - var _ = { - label: 0, - sent: function () { - if (t[0] & 1) throw t[1]; - return t[1]; - }, - trys: [], - ops: [], - }, - f, - y, - t, - g; - return ( - (g = { next: verb(0), throw: verb(1), return: verb(2) }), - typeof Symbol === 'function' && - (g[Symbol.iterator] = function () { - return this; - }), - g - ); - function verb(n) { - return function (v) { - return step([n, v]); - }; - } - function step(op) { - if (f) throw new TypeError('Generator is already executing.'); - while (_) - try { - if ( - ((f = 1), - y && - (t = - op[0] & 2 - ? y['return'] - : op[0] - ? y['throw'] || ((t = y['return']) && t.call(y), 0) - : y.next) && - !(t = t.call(y, op[1])).done) - ) - return t; - if (((y = 0), t)) op = [op[0] & 2, t.value]; - switch (op[0]) { - case 0: - case 1: - t = op; - break; - case 4: - _.label++; - return { value: op[1], done: false }; - case 5: - _.label++; - y = op[1]; - op = [0]; - continue; - case 7: - op = _.ops.pop(); - _.trys.pop(); - continue; - default: - if ( - !((t = _.trys), (t = t.length > 0 && t[t.length - 1])) && - (op[0] === 6 || op[0] === 2) - ) { - _ = 0; - continue; - } - if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { - _.label = op[1]; - break; - } - if (op[0] === 6 && _.label < t[1]) { - _.label = t[1]; - t = op; - break; - } - if (t && _.label < t[2]) { - _.label = t[2]; - _.ops.push(op); - break; - } - if (t[2]) _.ops.pop(); - _.trys.pop(); - continue; - } - op = body.call(thisArg, _); - } catch (e) { - op = [6, e]; - y = 0; - } finally { - f = t = 0; - } - if (op[0] & 5) throw op[1]; - return { value: op[0] ? op[1] : void 0, done: true }; - } - } - - function __exportStar(m, exports) { - for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p]; - } - - function __values(o) { - var m = typeof Symbol === 'function' && o[Symbol.iterator], - i = 0; - if (m) return m.call(o); - return { - next: function () { - if (o && i >= o.length) o = void 0; - return { value: o && o[i++], done: !o }; - }, - }; - } - - function __read(o, n) { - var m = typeof Symbol === 'function' && o[Symbol.iterator]; - if (!m) return o; - var i = m.call(o), - r, - ar = [], - e; - try { - while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value); - } catch (error) { - e = { error: error }; - } finally { - try { - if (r && !r.done && (m = i['return'])) m.call(i); - } finally { - if (e) throw e.error; - } - } - return ar; - } - - function __spread() { - for (var ar = [], i = 0; i < arguments.length; i++) ar = ar.concat(__read(arguments[i])); - return ar; - } - - function __await(v) { - return this instanceof __await ? ((this.v = v), this) : new __await(v); - } - - function __asyncGenerator(thisArg, _arguments, generator) { - if (!Symbol.asyncIterator) throw new TypeError('Symbol.asyncIterator is not defined.'); - var g = generator.apply(thisArg, _arguments || []), - i, - q = []; - return ( - (i = {}), - verb('next'), - verb('throw'), - verb('return'), - (i[Symbol.asyncIterator] = function () { - return this; - }), - i - ); - function verb(n) { - if (g[n]) - i[n] = function (v) { - return new Promise(function (a, b) { - q.push([n, v, a, b]) > 1 || resume(n, v); - }); - }; - } - function resume(n, v) { - try { - step(g[n](v)); - } catch (e) { - settle(q[0][3], e); - } - } - function step(r) { - r.value instanceof __await ? Promise.resolve(r.value.v).then(fulfill, reject) : settle(q[0][2], r); - } - function fulfill(value) { - resume('next', value); - } - function reject(value) { - resume('throw', value); - } - function settle(f, v) { - if ((f(v), q.shift(), q.length)) resume(q[0][0], q[0][1]); - } - } - - function __asyncDelegator(o) { - var i, p; - return ( - (i = {}), - verb('next'), - verb('throw', function (e) { - throw e; - }), - verb('return'), - (i[Symbol.iterator] = function () { - return this; - }), - i - ); - function verb(n, f) { - i[n] = o[n] - ? function (v) { - return (p = !p) ? { value: __await(o[n](v)), done: n === 'return' } : f ? f(v) : v; - } - : f; - } - } - - function __asyncValues(o) { - if (!Symbol.asyncIterator) throw new TypeError('Symbol.asyncIterator is not defined.'); - var m = o[Symbol.asyncIterator], - i; - return m - ? m.call(o) - : ((o = typeof __values === 'function' ? __values(o) : o[Symbol.iterator]()), - (i = {}), - verb('next'), - verb('throw'), - verb('return'), - (i[Symbol.asyncIterator] = function () { - return this; - }), - i); - function verb(n) { - i[n] = - o[n] && - function (v) { - return new Promise(function (resolve, reject) { - (v = o[n](v)), settle(resolve, reject, v.done, v.value); - }); - }; - } - function settle(resolve, reject, d, v) { - Promise.resolve(v).then(function (v) { - resolve({ value: v, done: d }); - }, reject); - } - } - - function __makeTemplateObject(cooked, raw) { - if (Object.defineProperty) { - Object.defineProperty(cooked, 'raw', { value: raw }); - } else { - cooked.raw = raw; - } - return cooked; - } - - function __importStar(mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k]; - result.default = mod; - return result; - } - - function __importDefault(mod) { - return mod && mod.__esModule ? mod : { default: mod }; - } - - /***/ - }, - /* 2 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - exports.__esModule = true; - - var _promise = __webpack_require__(224); - - var _promise2 = _interopRequireDefault(_promise); - - function _interopRequireDefault(obj) { - return obj && obj.__esModule ? obj : { default: obj }; - } - - exports.default = function (fn) { - return function () { - var gen = fn.apply(this, arguments); - return new _promise2.default(function (resolve, reject) { - function step(key, arg) { - try { - var info = gen[key](arg); - var value = info.value; - } catch (error) { - reject(error); - return; - } - - if (info.done) { - resolve(value); - } else { - return _promise2.default.resolve(value).then( - function (value) { - step('next', value); - }, - function (err) { - step('throw', err); - } - ); - } - } - - return step('next'); - }); - }; - }; - - /***/ - }, - /* 3 */ - /***/ function (module, exports) { - module.exports = require('util'); - - /***/ - }, - /* 4 */ - /***/ function (module, exports) { - module.exports = require('fs'); - - /***/ - }, - /* 5 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - Object.defineProperty(exports, '__esModule', { - value: true, - }); - exports.getFirstSuitableFolder = - exports.readFirstAvailableStream = - exports.makeTempDir = - exports.hardlinksWork = - exports.writeFilePreservingEol = - exports.getFileSizeOnDisk = - exports.walk = - exports.symlink = - exports.find = - exports.readJsonAndFile = - exports.readJson = - exports.readFileAny = - exports.hardlinkBulk = - exports.copyBulk = - exports.unlink = - exports.glob = - exports.link = - exports.chmod = - exports.lstat = - exports.exists = - exports.mkdirp = - exports.stat = - exports.access = - exports.rename = - exports.readdir = - exports.realpath = - exports.readlink = - exports.writeFile = - exports.open = - exports.readFileBuffer = - exports.lockQueue = - exports.constants = - undefined; - - var _asyncToGenerator2; - - function _load_asyncToGenerator() { - return (_asyncToGenerator2 = _interopRequireDefault(__webpack_require__(2))); - } - - let buildActionsForCopy = (() => { - var _ref = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - queue, - events, - possibleExtraneous, - reporter - ) { - // - let build = (() => { - var _ref5 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (data) { - const src = data.src, - dest = data.dest, - type = data.type; - - const onFresh = data.onFresh || noop; - const onDone = data.onDone || noop; - - // TODO https://github.com/yarnpkg/yarn/issues/3751 - // related to bundled dependencies handling - if (files.has(dest.toLowerCase())) { - reporter.verbose( - `The case-insensitive file ${dest} shouldn't be copied twice in one bulk copy` - ); - } else { - files.add(dest.toLowerCase()); - } - - if (type === 'symlink') { - yield mkdirp((_path || _load_path()).default.dirname(dest)); - onFresh(); - actions.symlink.push({ - dest, - linkname: src, - }); - onDone(); - return; - } - - if (events.ignoreBasenames.indexOf((_path || _load_path()).default.basename(src)) >= 0) { - // ignored file - return; - } - - const srcStat = yield lstat(src); - let srcFiles; - - if (srcStat.isDirectory()) { - srcFiles = yield readdir(src); - } - - let destStat; - try { - // try accessing the destination - destStat = yield lstat(dest); - } catch (e) { - // proceed if destination doesn't exist, otherwise error - if (e.code !== 'ENOENT') { - throw e; - } - } - - // if destination exists - if (destStat) { - const bothSymlinks = srcStat.isSymbolicLink() && destStat.isSymbolicLink(); - const bothFolders = srcStat.isDirectory() && destStat.isDirectory(); - const bothFiles = srcStat.isFile() && destStat.isFile(); - - // EINVAL access errors sometimes happen which shouldn't because node shouldn't be giving - // us modes that aren't valid. investigate this, it's generally safe to proceed. - - /* if (srcStat.mode !== destStat.mode) { - try { - await access(dest, srcStat.mode); - } catch (err) {} - } */ - - if (bothFiles && artifactFiles.has(dest)) { - // this file gets changed during build, likely by a custom install script. Don't bother checking it. - onDone(); - reporter.verbose(reporter.lang('verboseFileSkipArtifact', src)); - return; - } - - if ( - bothFiles && - srcStat.size === destStat.size && - (0, (_fsNormalized || _load_fsNormalized()).fileDatesEqual)(srcStat.mtime, destStat.mtime) - ) { - // we can safely assume this is the same file - onDone(); - reporter.verbose(reporter.lang('verboseFileSkip', src, dest, srcStat.size, +srcStat.mtime)); - return; - } - - if (bothSymlinks) { - const srcReallink = yield readlink(src); - if (srcReallink === (yield readlink(dest))) { - // if both symlinks are the same then we can continue on - onDone(); - reporter.verbose(reporter.lang('verboseFileSkipSymlink', src, dest, srcReallink)); - return; - } - } - - if (bothFolders) { - // mark files that aren't in this folder as possibly extraneous - const destFiles = yield readdir(dest); - invariant(srcFiles, 'src files not initialised'); - - for ( - var _iterator4 = destFiles, - _isArray4 = Array.isArray(_iterator4), - _i4 = 0, - _iterator4 = _isArray4 ? _iterator4 : _iterator4[Symbol.iterator](); - ; - - ) { - var _ref6; - - if (_isArray4) { - if (_i4 >= _iterator4.length) break; - _ref6 = _iterator4[_i4++]; - } else { - _i4 = _iterator4.next(); - if (_i4.done) break; - _ref6 = _i4.value; - } - - const file = _ref6; - - if (srcFiles.indexOf(file) < 0) { - const loc = (_path || _load_path()).default.join(dest, file); - possibleExtraneous.add(loc); - - if ((yield lstat(loc)).isDirectory()) { - for ( - var _iterator5 = yield readdir(loc), - _isArray5 = Array.isArray(_iterator5), - _i5 = 0, - _iterator5 = _isArray5 ? _iterator5 : _iterator5[Symbol.iterator](); - ; - - ) { - var _ref7; - - if (_isArray5) { - if (_i5 >= _iterator5.length) break; - _ref7 = _iterator5[_i5++]; - } else { - _i5 = _iterator5.next(); - if (_i5.done) break; - _ref7 = _i5.value; - } - - const file = _ref7; - - possibleExtraneous.add((_path || _load_path()).default.join(loc, file)); - } - } - } - } - } - } - - if (destStat && destStat.isSymbolicLink()) { - yield (0, (_fsNormalized || _load_fsNormalized()).unlink)(dest); - destStat = null; - } - - if (srcStat.isSymbolicLink()) { - onFresh(); - const linkname = yield readlink(src); - actions.symlink.push({ - dest, - linkname, - }); - onDone(); - } else if (srcStat.isDirectory()) { - if (!destStat) { - reporter.verbose(reporter.lang('verboseFileFolder', dest)); - yield mkdirp(dest); - } - - const destParts = dest.split((_path || _load_path()).default.sep); - while (destParts.length) { - files.add(destParts.join((_path || _load_path()).default.sep).toLowerCase()); - destParts.pop(); - } - - // push all files to queue - invariant(srcFiles, 'src files not initialised'); - let remaining = srcFiles.length; - if (!remaining) { - onDone(); - } - for ( - var _iterator6 = srcFiles, - _isArray6 = Array.isArray(_iterator6), - _i6 = 0, - _iterator6 = _isArray6 ? _iterator6 : _iterator6[Symbol.iterator](); - ; - - ) { - var _ref8; - - if (_isArray6) { - if (_i6 >= _iterator6.length) break; - _ref8 = _iterator6[_i6++]; - } else { - _i6 = _iterator6.next(); - if (_i6.done) break; - _ref8 = _i6.value; - } - - const file = _ref8; - - queue.push({ - dest: (_path || _load_path()).default.join(dest, file), - onFresh, - onDone: (function (_onDone) { - function onDone() { - return _onDone.apply(this, arguments); - } - - onDone.toString = function () { - return _onDone.toString(); - }; - - return onDone; - })(function () { - if (--remaining === 0) { - onDone(); - } - }), - src: (_path || _load_path()).default.join(src, file), - }); - } - } else if (srcStat.isFile()) { - onFresh(); - actions.file.push({ - src, - dest, - atime: srcStat.atime, - mtime: srcStat.mtime, - mode: srcStat.mode, - }); - onDone(); - } else { - throw new Error(`unsure how to copy this: ${src}`); - } - }); - - return function build(_x5) { - return _ref5.apply(this, arguments); - }; - })(); - - const artifactFiles = new Set(events.artifactFiles || []); - const files = new Set(); - - // initialise events - for ( - var _iterator = queue, - _isArray = Array.isArray(_iterator), - _i = 0, - _iterator = _isArray ? _iterator : _iterator[Symbol.iterator](); - ; - - ) { - var _ref2; - - if (_isArray) { - if (_i >= _iterator.length) break; - _ref2 = _iterator[_i++]; - } else { - _i = _iterator.next(); - if (_i.done) break; - _ref2 = _i.value; - } - - const item = _ref2; - - const onDone = item.onDone; - item.onDone = function () { - events.onProgress(item.dest); - if (onDone) { - onDone(); - } - }; - } - events.onStart(queue.length); - - // start building actions - const actions = { - file: [], - symlink: [], - link: [], - }; - - // custom concurrency logic as we're always executing stacks of CONCURRENT_QUEUE_ITEMS queue items - // at a time due to the requirement to push items onto the queue - while (queue.length) { - const items = queue.splice(0, CONCURRENT_QUEUE_ITEMS); - yield Promise.all(items.map(build)); - } - - // simulate the existence of some files to prevent considering them extraneous - for ( - var _iterator2 = artifactFiles, - _isArray2 = Array.isArray(_iterator2), - _i2 = 0, - _iterator2 = _isArray2 ? _iterator2 : _iterator2[Symbol.iterator](); - ; - - ) { - var _ref3; - - if (_isArray2) { - if (_i2 >= _iterator2.length) break; - _ref3 = _iterator2[_i2++]; - } else { - _i2 = _iterator2.next(); - if (_i2.done) break; - _ref3 = _i2.value; - } - - const file = _ref3; - - if (possibleExtraneous.has(file)) { - reporter.verbose(reporter.lang('verboseFilePhantomExtraneous', file)); - possibleExtraneous.delete(file); - } - } - - for ( - var _iterator3 = possibleExtraneous, - _isArray3 = Array.isArray(_iterator3), - _i3 = 0, - _iterator3 = _isArray3 ? _iterator3 : _iterator3[Symbol.iterator](); - ; - - ) { - var _ref4; - - if (_isArray3) { - if (_i3 >= _iterator3.length) break; - _ref4 = _iterator3[_i3++]; - } else { - _i3 = _iterator3.next(); - if (_i3.done) break; - _ref4 = _i3.value; - } - - const loc = _ref4; - - if (files.has(loc.toLowerCase())) { - possibleExtraneous.delete(loc); - } - } - - return actions; - }); - - return function buildActionsForCopy(_x, _x2, _x3, _x4) { - return _ref.apply(this, arguments); - }; - })(); - - let buildActionsForHardlink = (() => { - var _ref9 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - queue, - events, - possibleExtraneous, - reporter - ) { - // - let build = (() => { - var _ref13 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (data) { - const src = data.src, - dest = data.dest; - - const onFresh = data.onFresh || noop; - const onDone = data.onDone || noop; - if (files.has(dest.toLowerCase())) { - // Fixes issue https://github.com/yarnpkg/yarn/issues/2734 - // When bulk hardlinking we have A -> B structure that we want to hardlink to A1 -> B1, - // package-linker passes that modules A1 and B1 need to be hardlinked, - // the recursive linking algorithm of A1 ends up scheduling files in B1 to be linked twice which will case - // an exception. - onDone(); - return; - } - files.add(dest.toLowerCase()); - - if (events.ignoreBasenames.indexOf((_path || _load_path()).default.basename(src)) >= 0) { - // ignored file - return; - } - - const srcStat = yield lstat(src); - let srcFiles; - - if (srcStat.isDirectory()) { - srcFiles = yield readdir(src); - } - - const destExists = yield exists(dest); - if (destExists) { - const destStat = yield lstat(dest); - - const bothSymlinks = srcStat.isSymbolicLink() && destStat.isSymbolicLink(); - const bothFolders = srcStat.isDirectory() && destStat.isDirectory(); - const bothFiles = srcStat.isFile() && destStat.isFile(); - - if (srcStat.mode !== destStat.mode) { - try { - yield access(dest, srcStat.mode); - } catch (err) { - // EINVAL access errors sometimes happen which shouldn't because node shouldn't be giving - // us modes that aren't valid. investigate this, it's generally safe to proceed. - reporter.verbose(err); - } - } - - if (bothFiles && artifactFiles.has(dest)) { - // this file gets changed during build, likely by a custom install script. Don't bother checking it. - onDone(); - reporter.verbose(reporter.lang('verboseFileSkipArtifact', src)); - return; - } - - // correct hardlink - if (bothFiles && srcStat.ino !== null && srcStat.ino === destStat.ino) { - onDone(); - reporter.verbose(reporter.lang('verboseFileSkip', src, dest, srcStat.ino)); - return; - } - - if (bothSymlinks) { - const srcReallink = yield readlink(src); - if (srcReallink === (yield readlink(dest))) { - // if both symlinks are the same then we can continue on - onDone(); - reporter.verbose(reporter.lang('verboseFileSkipSymlink', src, dest, srcReallink)); - return; - } - } - - if (bothFolders) { - // mark files that aren't in this folder as possibly extraneous - const destFiles = yield readdir(dest); - invariant(srcFiles, 'src files not initialised'); - - for ( - var _iterator10 = destFiles, - _isArray10 = Array.isArray(_iterator10), - _i10 = 0, - _iterator10 = _isArray10 ? _iterator10 : _iterator10[Symbol.iterator](); - ; - - ) { - var _ref14; - - if (_isArray10) { - if (_i10 >= _iterator10.length) break; - _ref14 = _iterator10[_i10++]; - } else { - _i10 = _iterator10.next(); - if (_i10.done) break; - _ref14 = _i10.value; - } - - const file = _ref14; - - if (srcFiles.indexOf(file) < 0) { - const loc = (_path || _load_path()).default.join(dest, file); - possibleExtraneous.add(loc); - - if ((yield lstat(loc)).isDirectory()) { - for ( - var _iterator11 = yield readdir(loc), - _isArray11 = Array.isArray(_iterator11), - _i11 = 0, - _iterator11 = _isArray11 ? _iterator11 : _iterator11[Symbol.iterator](); - ; - - ) { - var _ref15; - - if (_isArray11) { - if (_i11 >= _iterator11.length) break; - _ref15 = _iterator11[_i11++]; - } else { - _i11 = _iterator11.next(); - if (_i11.done) break; - _ref15 = _i11.value; - } - - const file = _ref15; - - possibleExtraneous.add((_path || _load_path()).default.join(loc, file)); - } - } - } - } - } - } - - if (srcStat.isSymbolicLink()) { - onFresh(); - const linkname = yield readlink(src); - actions.symlink.push({ - dest, - linkname, - }); - onDone(); - } else if (srcStat.isDirectory()) { - reporter.verbose(reporter.lang('verboseFileFolder', dest)); - yield mkdirp(dest); - - const destParts = dest.split((_path || _load_path()).default.sep); - while (destParts.length) { - files.add(destParts.join((_path || _load_path()).default.sep).toLowerCase()); - destParts.pop(); - } - - // push all files to queue - invariant(srcFiles, 'src files not initialised'); - let remaining = srcFiles.length; - if (!remaining) { - onDone(); - } - for ( - var _iterator12 = srcFiles, - _isArray12 = Array.isArray(_iterator12), - _i12 = 0, - _iterator12 = _isArray12 ? _iterator12 : _iterator12[Symbol.iterator](); - ; - - ) { - var _ref16; - - if (_isArray12) { - if (_i12 >= _iterator12.length) break; - _ref16 = _iterator12[_i12++]; - } else { - _i12 = _iterator12.next(); - if (_i12.done) break; - _ref16 = _i12.value; - } - - const file = _ref16; - - queue.push({ - onFresh, - src: (_path || _load_path()).default.join(src, file), - dest: (_path || _load_path()).default.join(dest, file), - onDone: (function (_onDone2) { - function onDone() { - return _onDone2.apply(this, arguments); - } - - onDone.toString = function () { - return _onDone2.toString(); - }; - - return onDone; - })(function () { - if (--remaining === 0) { - onDone(); - } - }), - }); - } - } else if (srcStat.isFile()) { - onFresh(); - actions.link.push({ - src, - dest, - removeDest: destExists, - }); - onDone(); - } else { - throw new Error(`unsure how to copy this: ${src}`); - } - }); - - return function build(_x10) { - return _ref13.apply(this, arguments); - }; - })(); - - const artifactFiles = new Set(events.artifactFiles || []); - const files = new Set(); - - // initialise events - for ( - var _iterator7 = queue, - _isArray7 = Array.isArray(_iterator7), - _i7 = 0, - _iterator7 = _isArray7 ? _iterator7 : _iterator7[Symbol.iterator](); - ; - - ) { - var _ref10; - - if (_isArray7) { - if (_i7 >= _iterator7.length) break; - _ref10 = _iterator7[_i7++]; - } else { - _i7 = _iterator7.next(); - if (_i7.done) break; - _ref10 = _i7.value; - } - - const item = _ref10; - - const onDone = item.onDone || noop; - item.onDone = function () { - events.onProgress(item.dest); - onDone(); - }; - } - events.onStart(queue.length); - - // start building actions - const actions = { - file: [], - symlink: [], - link: [], - }; - - // custom concurrency logic as we're always executing stacks of CONCURRENT_QUEUE_ITEMS queue items - // at a time due to the requirement to push items onto the queue - while (queue.length) { - const items = queue.splice(0, CONCURRENT_QUEUE_ITEMS); - yield Promise.all(items.map(build)); - } - - // simulate the existence of some files to prevent considering them extraneous - for ( - var _iterator8 = artifactFiles, - _isArray8 = Array.isArray(_iterator8), - _i8 = 0, - _iterator8 = _isArray8 ? _iterator8 : _iterator8[Symbol.iterator](); - ; - - ) { - var _ref11; - - if (_isArray8) { - if (_i8 >= _iterator8.length) break; - _ref11 = _iterator8[_i8++]; - } else { - _i8 = _iterator8.next(); - if (_i8.done) break; - _ref11 = _i8.value; - } - - const file = _ref11; - - if (possibleExtraneous.has(file)) { - reporter.verbose(reporter.lang('verboseFilePhantomExtraneous', file)); - possibleExtraneous.delete(file); - } - } - - for ( - var _iterator9 = possibleExtraneous, - _isArray9 = Array.isArray(_iterator9), - _i9 = 0, - _iterator9 = _isArray9 ? _iterator9 : _iterator9[Symbol.iterator](); - ; - - ) { - var _ref12; - - if (_isArray9) { - if (_i9 >= _iterator9.length) break; - _ref12 = _iterator9[_i9++]; - } else { - _i9 = _iterator9.next(); - if (_i9.done) break; - _ref12 = _i9.value; - } - - const loc = _ref12; - - if (files.has(loc.toLowerCase())) { - possibleExtraneous.delete(loc); - } - } - - return actions; - }); - - return function buildActionsForHardlink(_x6, _x7, _x8, _x9) { - return _ref9.apply(this, arguments); - }; - })(); - - let copyBulk = (exports.copyBulk = (() => { - var _ref17 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - queue, - reporter, - _events - ) { - const events = { - onStart: (_events && _events.onStart) || noop, - onProgress: (_events && _events.onProgress) || noop, - possibleExtraneous: _events ? _events.possibleExtraneous : new Set(), - ignoreBasenames: (_events && _events.ignoreBasenames) || [], - artifactFiles: (_events && _events.artifactFiles) || [], - }; - - const actions = yield buildActionsForCopy(queue, events, events.possibleExtraneous, reporter); - events.onStart(actions.file.length + actions.symlink.length + actions.link.length); - - const fileActions = actions.file; - - const currentlyWriting = new Map(); - - yield (_promise || _load_promise()).queue( - fileActions, - (() => { - var _ref18 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (data) { - let writePromise; - while ((writePromise = currentlyWriting.get(data.dest))) { - yield writePromise; - } - - reporter.verbose(reporter.lang('verboseFileCopy', data.src, data.dest)); - const copier = (0, (_fsNormalized || _load_fsNormalized()).copyFile)(data, function () { - return currentlyWriting.delete(data.dest); - }); - currentlyWriting.set(data.dest, copier); - events.onProgress(data.dest); - return copier; - }); - - return function (_x14) { - return _ref18.apply(this, arguments); - }; - })(), - CONCURRENT_QUEUE_ITEMS - ); - - // we need to copy symlinks last as they could reference files we were copying - const symlinkActions = actions.symlink; - yield (_promise || _load_promise()).queue(symlinkActions, function (data) { - const linkname = (_path || _load_path()).default.resolve( - (_path || _load_path()).default.dirname(data.dest), - data.linkname - ); - reporter.verbose(reporter.lang('verboseFileSymlink', data.dest, linkname)); - return symlink(linkname, data.dest); - }); - }); - - return function copyBulk(_x11, _x12, _x13) { - return _ref17.apply(this, arguments); - }; - })()); - - let hardlinkBulk = (exports.hardlinkBulk = (() => { - var _ref19 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - queue, - reporter, - _events - ) { - const events = { - onStart: (_events && _events.onStart) || noop, - onProgress: (_events && _events.onProgress) || noop, - possibleExtraneous: _events ? _events.possibleExtraneous : new Set(), - artifactFiles: (_events && _events.artifactFiles) || [], - ignoreBasenames: [], - }; - - const actions = yield buildActionsForHardlink(queue, events, events.possibleExtraneous, reporter); - events.onStart(actions.file.length + actions.symlink.length + actions.link.length); - - const fileActions = actions.link; - - yield (_promise || _load_promise()).queue( - fileActions, - (() => { - var _ref20 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (data) { - reporter.verbose(reporter.lang('verboseFileLink', data.src, data.dest)); - if (data.removeDest) { - yield (0, (_fsNormalized || _load_fsNormalized()).unlink)(data.dest); - } - yield link(data.src, data.dest); - }); - - return function (_x18) { - return _ref20.apply(this, arguments); - }; - })(), - CONCURRENT_QUEUE_ITEMS - ); - - // we need to copy symlinks last as they could reference files we were copying - const symlinkActions = actions.symlink; - yield (_promise || _load_promise()).queue(symlinkActions, function (data) { - const linkname = (_path || _load_path()).default.resolve( - (_path || _load_path()).default.dirname(data.dest), - data.linkname - ); - reporter.verbose(reporter.lang('verboseFileSymlink', data.dest, linkname)); - return symlink(linkname, data.dest); - }); - }); - - return function hardlinkBulk(_x15, _x16, _x17) { - return _ref19.apply(this, arguments); - }; - })()); - - let readFileAny = (exports.readFileAny = (() => { - var _ref21 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (files) { - for ( - var _iterator13 = files, - _isArray13 = Array.isArray(_iterator13), - _i13 = 0, - _iterator13 = _isArray13 ? _iterator13 : _iterator13[Symbol.iterator](); - ; - - ) { - var _ref22; - - if (_isArray13) { - if (_i13 >= _iterator13.length) break; - _ref22 = _iterator13[_i13++]; - } else { - _i13 = _iterator13.next(); - if (_i13.done) break; - _ref22 = _i13.value; - } - - const file = _ref22; - - if (yield exists(file)) { - return readFile(file); - } - } - return null; - }); - - return function readFileAny(_x19) { - return _ref21.apply(this, arguments); - }; - })()); - - let readJson = (exports.readJson = (() => { - var _ref23 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (loc) { - return (yield readJsonAndFile(loc)).object; - }); - - return function readJson(_x20) { - return _ref23.apply(this, arguments); - }; - })()); - - let readJsonAndFile = (exports.readJsonAndFile = (() => { - var _ref24 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (loc) { - const file = yield readFile(loc); - try { - return { - object: (0, (_map || _load_map()).default)(JSON.parse(stripBOM(file))), - content: file, - }; - } catch (err) { - err.message = `${loc}: ${err.message}`; - throw err; - } - }); - - return function readJsonAndFile(_x21) { - return _ref24.apply(this, arguments); - }; - })()); - - let find = (exports.find = (() => { - var _ref25 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (filename, dir) { - const parts = dir.split((_path || _load_path()).default.sep); - - while (parts.length) { - const loc = parts.concat(filename).join((_path || _load_path()).default.sep); - - if (yield exists(loc)) { - return loc; - } else { - parts.pop(); - } - } - - return false; - }); - - return function find(_x22, _x23) { - return _ref25.apply(this, arguments); - }; - })()); - - let symlink = (exports.symlink = (() => { - var _ref26 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (src, dest) { - if (process.platform !== 'win32') { - // use relative paths otherwise which will be retained if the directory is moved - src = (_path || _load_path()).default.relative( - (_path || _load_path()).default.dirname(dest), - src - ); - // When path.relative returns an empty string for the current directory, we should instead use - // '.', which is a valid fs.symlink target. - src = src || '.'; - } - - try { - const stats = yield lstat(dest); - if (stats.isSymbolicLink()) { - const resolved = dest; - if (resolved === src) { - return; - } - } - } catch (err) { - if (err.code !== 'ENOENT') { - throw err; - } - } - - // We use rimraf for unlink which never throws an ENOENT on missing target - yield (0, (_fsNormalized || _load_fsNormalized()).unlink)(dest); - - if (process.platform === 'win32') { - // use directory junctions if possible on win32, this requires absolute paths - yield fsSymlink(src, dest, 'junction'); - } else { - yield fsSymlink(src, dest); - } - }); - - return function symlink(_x24, _x25) { - return _ref26.apply(this, arguments); - }; - })()); - - let walk = (exports.walk = (() => { - var _ref27 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - dir, - relativeDir, - ignoreBasenames = new Set() - ) { - let files = []; - - let filenames = yield readdir(dir); - if (ignoreBasenames.size) { - filenames = filenames.filter(function (name) { - return !ignoreBasenames.has(name); - }); - } - - for ( - var _iterator14 = filenames, - _isArray14 = Array.isArray(_iterator14), - _i14 = 0, - _iterator14 = _isArray14 ? _iterator14 : _iterator14[Symbol.iterator](); - ; - - ) { - var _ref28; - - if (_isArray14) { - if (_i14 >= _iterator14.length) break; - _ref28 = _iterator14[_i14++]; - } else { - _i14 = _iterator14.next(); - if (_i14.done) break; - _ref28 = _i14.value; - } - - const name = _ref28; - - const relative = relativeDir ? (_path || _load_path()).default.join(relativeDir, name) : name; - const loc = (_path || _load_path()).default.join(dir, name); - const stat = yield lstat(loc); - - files.push({ - relative, - basename: name, - absolute: loc, - mtime: +stat.mtime, - }); - - if (stat.isDirectory()) { - files = files.concat(yield walk(loc, relative, ignoreBasenames)); - } - } - - return files; - }); - - return function walk(_x26, _x27) { - return _ref27.apply(this, arguments); - }; - })()); - - let getFileSizeOnDisk = (exports.getFileSizeOnDisk = (() => { - var _ref29 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (loc) { - const stat = yield lstat(loc); - const size = stat.size, - blockSize = stat.blksize; - - return Math.ceil(size / blockSize) * blockSize; - }); - - return function getFileSizeOnDisk(_x28) { - return _ref29.apply(this, arguments); - }; - })()); - - let getEolFromFile = (() => { - var _ref30 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (path) { - if (!(yield exists(path))) { - return undefined; - } - - const buffer = yield readFileBuffer(path); - - for (let i = 0; i < buffer.length; ++i) { - if (buffer[i] === cr) { - return '\r\n'; - } - if (buffer[i] === lf) { - return '\n'; - } - } - return undefined; - }); - - return function getEolFromFile(_x29) { - return _ref30.apply(this, arguments); - }; - })(); - - let writeFilePreservingEol = (exports.writeFilePreservingEol = (() => { - var _ref31 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (path, data) { - const eol = (yield getEolFromFile(path)) || (_os || _load_os()).default.EOL; - if (eol !== '\n') { - data = data.replace(/\n/g, eol); - } - yield writeFile(path, data); - }); - - return function writeFilePreservingEol(_x30, _x31) { - return _ref31.apply(this, arguments); - }; - })()); - - let hardlinksWork = (exports.hardlinksWork = (() => { - var _ref32 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (dir) { - const filename = 'test-file' + Math.random(); - const file = (_path || _load_path()).default.join(dir, filename); - const fileLink = (_path || _load_path()).default.join(dir, filename + '-link'); - try { - yield writeFile(file, 'test'); - yield link(file, fileLink); - } catch (err) { - return false; - } finally { - yield (0, (_fsNormalized || _load_fsNormalized()).unlink)(file); - yield (0, (_fsNormalized || _load_fsNormalized()).unlink)(fileLink); - } - return true; - }); - - return function hardlinksWork(_x32) { - return _ref32.apply(this, arguments); - }; - })()); - - // not a strict polyfill for Node's fs.mkdtemp - - let makeTempDir = (exports.makeTempDir = (() => { - var _ref33 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (prefix) { - const dir = (_path || _load_path()).default.join( - (_os || _load_os()).default.tmpdir(), - `yarn-${prefix || ''}-${Date.now()}-${Math.random()}` - ); - yield (0, (_fsNormalized || _load_fsNormalized()).unlink)(dir); - yield mkdirp(dir); - return dir; - }); - - return function makeTempDir(_x33) { - return _ref33.apply(this, arguments); - }; - })()); - - let readFirstAvailableStream = (exports.readFirstAvailableStream = (() => { - var _ref34 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (paths) { - for ( - var _iterator15 = paths, - _isArray15 = Array.isArray(_iterator15), - _i15 = 0, - _iterator15 = _isArray15 ? _iterator15 : _iterator15[Symbol.iterator](); - ; - - ) { - var _ref35; - - if (_isArray15) { - if (_i15 >= _iterator15.length) break; - _ref35 = _iterator15[_i15++]; - } else { - _i15 = _iterator15.next(); - if (_i15.done) break; - _ref35 = _i15.value; - } - - const path = _ref35; - - try { - const fd = yield open(path, 'r'); - return (_fs || _load_fs()).default.createReadStream(path, { fd }); - } catch (err) { - // Try the next one - } - } - return null; - }); - - return function readFirstAvailableStream(_x34) { - return _ref34.apply(this, arguments); - }; - })()); - - let getFirstSuitableFolder = (exports.getFirstSuitableFolder = (() => { - var _ref36 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - paths, - mode = constants.W_OK | constants.X_OK - ) { - const result = { - skipped: [], - folder: null, - }; - - for ( - var _iterator16 = paths, - _isArray16 = Array.isArray(_iterator16), - _i16 = 0, - _iterator16 = _isArray16 ? _iterator16 : _iterator16[Symbol.iterator](); - ; - - ) { - var _ref37; - - if (_isArray16) { - if (_i16 >= _iterator16.length) break; - _ref37 = _iterator16[_i16++]; - } else { - _i16 = _iterator16.next(); - if (_i16.done) break; - _ref37 = _i16.value; - } - - const folder = _ref37; - - try { - yield mkdirp(folder); - yield access(folder, mode); - - result.folder = folder; - - return result; - } catch (error) { - result.skipped.push({ - error, - folder, - }); - } - } - return result; - }); - - return function getFirstSuitableFolder(_x35) { - return _ref36.apply(this, arguments); - }; - })()); - - exports.copy = copy; - exports.readFile = readFile; - exports.readFileRaw = readFileRaw; - exports.normalizeOS = normalizeOS; - - var _fs; - - function _load_fs() { - return (_fs = _interopRequireDefault(__webpack_require__(4))); - } - - var _glob; - - function _load_glob() { - return (_glob = _interopRequireDefault(__webpack_require__(99))); - } - - var _os; - - function _load_os() { - return (_os = _interopRequireDefault(__webpack_require__(46))); - } - - var _path; - - function _load_path() { - return (_path = _interopRequireDefault(__webpack_require__(0))); - } - - var _blockingQueue; - - function _load_blockingQueue() { - return (_blockingQueue = _interopRequireDefault(__webpack_require__(110))); - } - - var _promise; - - function _load_promise() { - return (_promise = _interopRequireWildcard(__webpack_require__(51))); - } - - var _promise2; - - function _load_promise2() { - return (_promise2 = __webpack_require__(51)); - } - - var _map; - - function _load_map() { - return (_map = _interopRequireDefault(__webpack_require__(29))); - } - - var _fsNormalized; - - function _load_fsNormalized() { - return (_fsNormalized = __webpack_require__(216)); - } - - function _interopRequireWildcard(obj) { - if (obj && obj.__esModule) { - return obj; - } else { - var newObj = {}; - if (obj != null) { - for (var key in obj) { - if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; - } - } - newObj.default = obj; - return newObj; - } - } - - function _interopRequireDefault(obj) { - return obj && obj.__esModule ? obj : { default: obj }; - } - - const constants = (exports.constants = - typeof (_fs || _load_fs()).default.constants !== 'undefined' - ? (_fs || _load_fs()).default.constants - : { - R_OK: (_fs || _load_fs()).default.R_OK, - W_OK: (_fs || _load_fs()).default.W_OK, - X_OK: (_fs || _load_fs()).default.X_OK, - }); - - const lockQueue = (exports.lockQueue = new (_blockingQueue || _load_blockingQueue()).default( - 'fs lock' - )); - - const readFileBuffer = (exports.readFileBuffer = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.readFile - )); - const open = (exports.open = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.open - )); - const writeFile = (exports.writeFile = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.writeFile - )); - const readlink = (exports.readlink = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.readlink - )); - const realpath = (exports.realpath = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.realpath - )); - const readdir = (exports.readdir = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.readdir - )); - const rename = (exports.rename = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.rename - )); - const access = (exports.access = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.access - )); - const stat = (exports.stat = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.stat - )); - const mkdirp = (exports.mkdirp = (0, (_promise2 || _load_promise2()).promisify)( - __webpack_require__(145) - )); - const exists = (exports.exists = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.exists, - true - )); - const lstat = (exports.lstat = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.lstat - )); - const chmod = (exports.chmod = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.chmod - )); - const link = (exports.link = (0, (_promise2 || _load_promise2()).promisify)( - (_fs || _load_fs()).default.link - )); - const glob = (exports.glob = (0, (_promise2 || _load_promise2()).promisify)( - (_glob || _load_glob()).default - )); - exports.unlink = (_fsNormalized || _load_fsNormalized()).unlink; - - // fs.copyFile uses the native file copying instructions on the system, performing much better - // than any JS-based solution and consumes fewer resources. Repeated testing to fine tune the - // concurrency level revealed 128 as the sweet spot on a quad-core, 16 CPU Intel system with SSD. - - const CONCURRENT_QUEUE_ITEMS = (_fs || _load_fs()).default.copyFile ? 128 : 4; - - const fsSymlink = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.symlink); - const invariant = __webpack_require__(9); - const stripBOM = __webpack_require__(160); - - const noop = () => {}; - - function copy(src, dest, reporter) { - return copyBulk([{ src, dest }], reporter); - } - - function _readFile(loc, encoding) { - return new Promise((resolve, reject) => { - (_fs || _load_fs()).default.readFile(loc, encoding, function (err, content) { - if (err) { - reject(err); - } else { - resolve(content); - } - }); - }); - } - - function readFile(loc) { - return _readFile(loc, 'utf8').then(normalizeOS); - } - - function readFileRaw(loc) { - return _readFile(loc, 'binary'); - } - - function normalizeOS(body) { - return body.replace(/\r\n/g, '\n'); - } - - const cr = '\r'.charCodeAt(0); - const lf = '\n'.charCodeAt(0); - - /***/ - }, - /* 6 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - Object.defineProperty(exports, '__esModule', { - value: true, - }); - class MessageError extends Error { - constructor(msg, code) { - super(msg); - this.code = code; - } - } - - exports.MessageError = MessageError; - class ProcessSpawnError extends MessageError { - constructor(msg, code, process) { - super(msg, code); - this.process = process; - } - } - - exports.ProcessSpawnError = ProcessSpawnError; - class SecurityError extends MessageError {} - - exports.SecurityError = SecurityError; - class ProcessTermError extends MessageError {} - - exports.ProcessTermError = ProcessTermError; - class ResponseError extends Error { - constructor(msg, responseCode) { - super(msg); - this.responseCode = responseCode; - } - } - - exports.ResponseError = ResponseError; - class OneTimePasswordError extends Error { - constructor(notice) { - super(); - this.notice = notice; - } - } - exports.OneTimePasswordError = OneTimePasswordError; - - /***/ - }, - /* 7 */ - /***/ function (module, __webpack_exports__, __webpack_require__) { - 'use strict'; - /* harmony export (binding) */ __webpack_require__.d(__webpack_exports__, 'a', function () { - return Subscriber; - }); - /* unused harmony export SafeSubscriber */ - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_0_tslib__ = __webpack_require__(1); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_1__util_isFunction__ = __webpack_require__(154); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_2__Observer__ = __webpack_require__(420); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_3__Subscription__ = __webpack_require__(25); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_4__internal_symbol_rxSubscriber__ = - __webpack_require__(321); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_5__config__ = __webpack_require__(186); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_6__util_hostReportError__ = __webpack_require__(323); - /** PURE_IMPORTS_START tslib,_util_isFunction,_Observer,_Subscription,_internal_symbol_rxSubscriber,_config,_util_hostReportError PURE_IMPORTS_END */ - - var Subscriber = /*@__PURE__*/ (function (_super) { - __WEBPACK_IMPORTED_MODULE_0_tslib__['a' /* __extends */](Subscriber, _super); - function Subscriber(destinationOrNext, error, complete) { - var _this = _super.call(this) || this; - _this.syncErrorValue = null; - _this.syncErrorThrown = false; - _this.syncErrorThrowable = false; - _this.isStopped = false; - _this._parentSubscription = null; - switch (arguments.length) { - case 0: - _this.destination = __WEBPACK_IMPORTED_MODULE_2__Observer__['a' /* empty */]; - break; - case 1: - if (!destinationOrNext) { - _this.destination = __WEBPACK_IMPORTED_MODULE_2__Observer__['a' /* empty */]; - break; - } - if (typeof destinationOrNext === 'object') { - if (destinationOrNext instanceof Subscriber) { - _this.syncErrorThrowable = destinationOrNext.syncErrorThrowable; - _this.destination = destinationOrNext; - destinationOrNext.add(_this); - } else { - _this.syncErrorThrowable = true; - _this.destination = new SafeSubscriber(_this, destinationOrNext); - } - break; - } - default: - _this.syncErrorThrowable = true; - _this.destination = new SafeSubscriber(_this, destinationOrNext, error, complete); - break; - } - return _this; - } - Subscriber.prototype[ - __WEBPACK_IMPORTED_MODULE_4__internal_symbol_rxSubscriber__['a' /* rxSubscriber */] - ] = function () { - return this; - }; - Subscriber.create = function (next, error, complete) { - var subscriber = new Subscriber(next, error, complete); - subscriber.syncErrorThrowable = false; - return subscriber; - }; - Subscriber.prototype.next = function (value) { - if (!this.isStopped) { - this._next(value); - } - }; - Subscriber.prototype.error = function (err) { - if (!this.isStopped) { - this.isStopped = true; - this._error(err); - } - }; - Subscriber.prototype.complete = function () { - if (!this.isStopped) { - this.isStopped = true; - this._complete(); - } - }; - Subscriber.prototype.unsubscribe = function () { - if (this.closed) { - return; - } - this.isStopped = true; - _super.prototype.unsubscribe.call(this); - }; - Subscriber.prototype._next = function (value) { - this.destination.next(value); - }; - Subscriber.prototype._error = function (err) { - this.destination.error(err); - this.unsubscribe(); - }; - Subscriber.prototype._complete = function () { - this.destination.complete(); - this.unsubscribe(); - }; - Subscriber.prototype._unsubscribeAndRecycle = function () { - var _a = this, - _parent = _a._parent, - _parents = _a._parents; - this._parent = null; - this._parents = null; - this.unsubscribe(); - this.closed = false; - this.isStopped = false; - this._parent = _parent; - this._parents = _parents; - this._parentSubscription = null; - return this; - }; - return Subscriber; - })(__WEBPACK_IMPORTED_MODULE_3__Subscription__['a' /* Subscription */]); - - var SafeSubscriber = /*@__PURE__*/ (function (_super) { - __WEBPACK_IMPORTED_MODULE_0_tslib__['a' /* __extends */](SafeSubscriber, _super); - function SafeSubscriber(_parentSubscriber, observerOrNext, error, complete) { - var _this = _super.call(this) || this; - _this._parentSubscriber = _parentSubscriber; - var next; - var context = _this; - if ( - __webpack_require__.i(__WEBPACK_IMPORTED_MODULE_1__util_isFunction__['a' /* isFunction */])( - observerOrNext - ) - ) { - next = observerOrNext; - } else if (observerOrNext) { - next = observerOrNext.next; - error = observerOrNext.error; - complete = observerOrNext.complete; - if (observerOrNext !== __WEBPACK_IMPORTED_MODULE_2__Observer__['a' /* empty */]) { - context = Object.create(observerOrNext); - if ( - __webpack_require__.i(__WEBPACK_IMPORTED_MODULE_1__util_isFunction__['a' /* isFunction */])( - context.unsubscribe - ) - ) { - _this.add(context.unsubscribe.bind(context)); - } - context.unsubscribe = _this.unsubscribe.bind(_this); - } - } - _this._context = context; - _this._next = next; - _this._error = error; - _this._complete = complete; - return _this; - } - SafeSubscriber.prototype.next = function (value) { - if (!this.isStopped && this._next) { - var _parentSubscriber = this._parentSubscriber; - if ( - !__WEBPACK_IMPORTED_MODULE_5__config__['a' /* config */] - .useDeprecatedSynchronousErrorHandling || - !_parentSubscriber.syncErrorThrowable - ) { - this.__tryOrUnsub(this._next, value); - } else if (this.__tryOrSetError(_parentSubscriber, this._next, value)) { - this.unsubscribe(); - } - } - }; - SafeSubscriber.prototype.error = function (err) { - if (!this.isStopped) { - var _parentSubscriber = this._parentSubscriber; - var useDeprecatedSynchronousErrorHandling = - __WEBPACK_IMPORTED_MODULE_5__config__['a' /* config */].useDeprecatedSynchronousErrorHandling; - if (this._error) { - if (!useDeprecatedSynchronousErrorHandling || !_parentSubscriber.syncErrorThrowable) { - this.__tryOrUnsub(this._error, err); - this.unsubscribe(); - } else { - this.__tryOrSetError(_parentSubscriber, this._error, err); - this.unsubscribe(); - } - } else if (!_parentSubscriber.syncErrorThrowable) { - this.unsubscribe(); - if (useDeprecatedSynchronousErrorHandling) { - throw err; - } - __webpack_require__.i( - __WEBPACK_IMPORTED_MODULE_6__util_hostReportError__['a' /* hostReportError */] - )(err); - } else { - if (useDeprecatedSynchronousErrorHandling) { - _parentSubscriber.syncErrorValue = err; - _parentSubscriber.syncErrorThrown = true; - } else { - __webpack_require__.i( - __WEBPACK_IMPORTED_MODULE_6__util_hostReportError__['a' /* hostReportError */] - )(err); - } - this.unsubscribe(); - } - } - }; - SafeSubscriber.prototype.complete = function () { - var _this = this; - if (!this.isStopped) { - var _parentSubscriber = this._parentSubscriber; - if (this._complete) { - var wrappedComplete = function () { - return _this._complete.call(_this._context); - }; - if ( - !__WEBPACK_IMPORTED_MODULE_5__config__['a' /* config */] - .useDeprecatedSynchronousErrorHandling || - !_parentSubscriber.syncErrorThrowable - ) { - this.__tryOrUnsub(wrappedComplete); - this.unsubscribe(); - } else { - this.__tryOrSetError(_parentSubscriber, wrappedComplete); - this.unsubscribe(); - } - } else { - this.unsubscribe(); - } - } - }; - SafeSubscriber.prototype.__tryOrUnsub = function (fn, value) { - try { - fn.call(this._context, value); - } catch (err) { - this.unsubscribe(); - if ( - __WEBPACK_IMPORTED_MODULE_5__config__['a' /* config */].useDeprecatedSynchronousErrorHandling - ) { - throw err; - } else { - __webpack_require__.i( - __WEBPACK_IMPORTED_MODULE_6__util_hostReportError__['a' /* hostReportError */] - )(err); - } - } - }; - SafeSubscriber.prototype.__tryOrSetError = function (parent, fn, value) { - if ( - !__WEBPACK_IMPORTED_MODULE_5__config__['a' /* config */].useDeprecatedSynchronousErrorHandling - ) { - throw new Error('bad call'); - } - try { - fn.call(this._context, value); - } catch (err) { - if ( - __WEBPACK_IMPORTED_MODULE_5__config__['a' /* config */].useDeprecatedSynchronousErrorHandling - ) { - parent.syncErrorValue = err; - parent.syncErrorThrown = true; - return true; - } else { - __webpack_require__.i( - __WEBPACK_IMPORTED_MODULE_6__util_hostReportError__['a' /* hostReportError */] - )(err); - return true; - } - } - return false; - }; - SafeSubscriber.prototype._unsubscribe = function () { - var _parentSubscriber = this._parentSubscriber; - this._context = null; - this._parentSubscriber = null; - _parentSubscriber.unsubscribe(); - }; - return SafeSubscriber; - })(Subscriber); - - //# sourceMappingURL=Subscriber.js.map - - /***/ - }, - /* 8 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - Object.defineProperty(exports, '__esModule', { - value: true, - }); - exports.getPathKey = getPathKey; - const os = __webpack_require__(46); - const path = __webpack_require__(0); - const userHome = __webpack_require__(67).default; - - var _require = __webpack_require__(222); - - const getCacheDir = _require.getCacheDir, - getConfigDir = _require.getConfigDir, - getDataDir = _require.getDataDir; - - const isWebpackBundle = __webpack_require__(278); - - const DEPENDENCY_TYPES = (exports.DEPENDENCY_TYPES = [ - 'devDependencies', - 'dependencies', - 'optionalDependencies', - 'peerDependencies', - ]); - const OWNED_DEPENDENCY_TYPES = (exports.OWNED_DEPENDENCY_TYPES = [ - 'devDependencies', - 'dependencies', - 'optionalDependencies', - ]); - - const RESOLUTIONS = (exports.RESOLUTIONS = 'resolutions'); - const MANIFEST_FIELDS = (exports.MANIFEST_FIELDS = [RESOLUTIONS, ...DEPENDENCY_TYPES]); - - const SUPPORTED_NODE_VERSIONS = (exports.SUPPORTED_NODE_VERSIONS = - '^4.8.0 || ^5.7.0 || ^6.2.2 || >=8.0.0'); - - const YARN_REGISTRY = (exports.YARN_REGISTRY = 'https://registry.yarnpkg.com'); - const NPM_REGISTRY_RE = (exports.NPM_REGISTRY_RE = /https?:\/\/registry\.npmjs\.org/g); - - const YARN_DOCS = (exports.YARN_DOCS = 'https://yarnpkg.com/en/docs/cli/'); - const YARN_INSTALLER_SH = (exports.YARN_INSTALLER_SH = 'https://yarnpkg.com/install.sh'); - const YARN_INSTALLER_MSI = (exports.YARN_INSTALLER_MSI = 'https://yarnpkg.com/latest.msi'); - - const SELF_UPDATE_VERSION_URL = (exports.SELF_UPDATE_VERSION_URL = - 'https://yarnpkg.com/latest-version'); - - // cache version, bump whenever we make backwards incompatible changes - const CACHE_VERSION = (exports.CACHE_VERSION = 6); - - // lockfile version, bump whenever we make backwards incompatible changes - const LOCKFILE_VERSION = (exports.LOCKFILE_VERSION = 1); - - // max amount of network requests to perform concurrently - const NETWORK_CONCURRENCY = (exports.NETWORK_CONCURRENCY = 8); - - // HTTP timeout used when downloading packages - const NETWORK_TIMEOUT = (exports.NETWORK_TIMEOUT = 30 * 1000); // in milliseconds - - // max amount of child processes to execute concurrently - const CHILD_CONCURRENCY = (exports.CHILD_CONCURRENCY = 5); - - const REQUIRED_PACKAGE_KEYS = (exports.REQUIRED_PACKAGE_KEYS = ['name', 'version', '_uid']); - - function getPreferredCacheDirectories() { - const preferredCacheDirectories = [getCacheDir()]; - - if (process.getuid) { - // $FlowFixMe: process.getuid exists, dammit - preferredCacheDirectories.push(path.join(os.tmpdir(), `.yarn-cache-${process.getuid()}`)); - } - - preferredCacheDirectories.push(path.join(os.tmpdir(), `.yarn-cache`)); - - return preferredCacheDirectories; - } - - const PREFERRED_MODULE_CACHE_DIRECTORIES = (exports.PREFERRED_MODULE_CACHE_DIRECTORIES = - getPreferredCacheDirectories()); - const CONFIG_DIRECTORY = (exports.CONFIG_DIRECTORY = getConfigDir()); - const DATA_DIRECTORY = (exports.DATA_DIRECTORY = getDataDir()); - const LINK_REGISTRY_DIRECTORY = (exports.LINK_REGISTRY_DIRECTORY = path.join(DATA_DIRECTORY, 'link')); - const GLOBAL_MODULE_DIRECTORY = (exports.GLOBAL_MODULE_DIRECTORY = path.join(DATA_DIRECTORY, 'global')); - - const NODE_BIN_PATH = (exports.NODE_BIN_PATH = process.execPath); - const YARN_BIN_PATH = (exports.YARN_BIN_PATH = getYarnBinPath()); - - // Webpack needs to be configured with node.__dirname/__filename = false - function getYarnBinPath() { - if (isWebpackBundle) { - return __filename; - } else { - return path.join(__dirname, '..', 'bin', 'yarn.js'); - } - } - - const NODE_MODULES_FOLDER = (exports.NODE_MODULES_FOLDER = 'node_modules'); - const NODE_PACKAGE_JSON = (exports.NODE_PACKAGE_JSON = 'package.json'); - - const PNP_FILENAME = (exports.PNP_FILENAME = '.pnp.js'); - - const POSIX_GLOBAL_PREFIX = (exports.POSIX_GLOBAL_PREFIX = `${process.env.DESTDIR || ''}/usr/local`); - const FALLBACK_GLOBAL_PREFIX = (exports.FALLBACK_GLOBAL_PREFIX = path.join(userHome, '.yarn')); - - const META_FOLDER = (exports.META_FOLDER = '.yarn-meta'); - const INTEGRITY_FILENAME = (exports.INTEGRITY_FILENAME = '.yarn-integrity'); - const LOCKFILE_FILENAME = (exports.LOCKFILE_FILENAME = 'yarn.lock'); - const METADATA_FILENAME = (exports.METADATA_FILENAME = '.yarn-metadata.json'); - const TARBALL_FILENAME = (exports.TARBALL_FILENAME = '.yarn-tarball.tgz'); - const CLEAN_FILENAME = (exports.CLEAN_FILENAME = '.yarnclean'); - - const NPM_LOCK_FILENAME = (exports.NPM_LOCK_FILENAME = 'package-lock.json'); - const NPM_SHRINKWRAP_FILENAME = (exports.NPM_SHRINKWRAP_FILENAME = 'npm-shrinkwrap.json'); - - const DEFAULT_INDENT = (exports.DEFAULT_INDENT = ' '); - const SINGLE_INSTANCE_PORT = (exports.SINGLE_INSTANCE_PORT = 31997); - const SINGLE_INSTANCE_FILENAME = (exports.SINGLE_INSTANCE_FILENAME = '.yarn-single-instance'); - - const ENV_PATH_KEY = (exports.ENV_PATH_KEY = getPathKey(process.platform, process.env)); - - function getPathKey(platform, env) { - let pathKey = 'PATH'; - - // windows calls its path "Path" usually, but this is not guaranteed. - if (platform === 'win32') { - pathKey = 'Path'; - - for (const key in env) { - if (key.toLowerCase() === 'path') { - pathKey = key; - } - } - } - - return pathKey; - } - - const VERSION_COLOR_SCHEME = (exports.VERSION_COLOR_SCHEME = { - major: 'red', - premajor: 'red', - minor: 'yellow', - preminor: 'yellow', - patch: 'green', - prepatch: 'green', - prerelease: 'red', - unchanged: 'white', - unknown: 'red', - }); - - /***/ - }, - /* 9 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - /** - * Copyright (c) 2013-present, Facebook, Inc. - * - * This source code is licensed under the MIT license found in the - * LICENSE file in the root directory of this source tree. - */ - - /** - * Use invariant() to assert state which your program assumes to be true. - * - * Provide sprintf-style format (only %s is supported) and arguments - * to provide information about what broke and what you were - * expecting. - * - * The invariant message will be stripped in production, but the invariant - * will remain to ensure logic does not differ in production. - */ - - var NODE_ENV = process.env.NODE_ENV; - - var invariant = function (condition, format, a, b, c, d, e, f) { - if (NODE_ENV !== 'production') { - if (format === undefined) { - throw new Error('invariant requires an error message argument'); - } - } - - if (!condition) { - var error; - if (format === undefined) { - error = new Error( - 'Minified exception occurred; use the non-minified dev environment ' + - 'for the full error message and additional helpful warnings.' - ); - } else { - var args = [a, b, c, d, e, f]; - var argIndex = 0; - error = new Error( - format.replace(/%s/g, function () { - return args[argIndex++]; - }) - ); - error.name = 'Invariant Violation'; - } - - error.framesToPop = 1; // we don't care about invariant's own frame - throw error; - } - }; - - module.exports = invariant; - - /***/ - }, - /* 10 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - var YAMLException = __webpack_require__(55); - - var TYPE_CONSTRUCTOR_OPTIONS = [ - 'kind', - 'resolve', - 'construct', - 'instanceOf', - 'predicate', - 'represent', - 'defaultStyle', - 'styleAliases', - ]; - - var YAML_NODE_KINDS = ['scalar', 'sequence', 'mapping']; - - function compileStyleAliases(map) { - var result = {}; - - if (map !== null) { - Object.keys(map).forEach(function (style) { - map[style].forEach(function (alias) { - result[String(alias)] = style; - }); - }); - } - - return result; - } - - function Type(tag, options) { - options = options || {}; - - Object.keys(options).forEach(function (name) { - if (TYPE_CONSTRUCTOR_OPTIONS.indexOf(name) === -1) { - throw new YAMLException( - 'Unknown option "' + name + '" is met in definition of "' + tag + '" YAML type.' - ); - } - }); - - // TODO: Add tag format check. - this.tag = tag; - this.kind = options['kind'] || null; - this.resolve = - options['resolve'] || - function () { - return true; - }; - this.construct = - options['construct'] || - function (data) { - return data; - }; - this.instanceOf = options['instanceOf'] || null; - this.predicate = options['predicate'] || null; - this.represent = options['represent'] || null; - this.defaultStyle = options['defaultStyle'] || null; - this.styleAliases = compileStyleAliases(options['styleAliases'] || null); - - if (YAML_NODE_KINDS.indexOf(this.kind) === -1) { - throw new YAMLException( - 'Unknown kind "' + this.kind + '" is specified for "' + tag + '" YAML type.' - ); - } - } - - module.exports = Type; - - /***/ - }, - /* 11 */ - /***/ function (module, exports) { - module.exports = require('crypto'); - - /***/ - }, - /* 12 */ - /***/ function (module, __webpack_exports__, __webpack_require__) { - 'use strict'; - /* harmony export (binding) */ __webpack_require__.d(__webpack_exports__, 'a', function () { - return Observable; - }); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_0__util_canReportError__ = __webpack_require__(322); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_1__util_toSubscriber__ = __webpack_require__(932); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_2__internal_symbol_observable__ = - __webpack_require__(118); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_3__util_pipe__ = __webpack_require__(324); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_4__config__ = __webpack_require__(186); - /** PURE_IMPORTS_START _util_canReportError,_util_toSubscriber,_internal_symbol_observable,_util_pipe,_config PURE_IMPORTS_END */ - - var Observable = /*@__PURE__*/ (function () { - function Observable(subscribe) { - this._isScalar = false; - if (subscribe) { - this._subscribe = subscribe; - } - } - Observable.prototype.lift = function (operator) { - var observable = new Observable(); - observable.source = this; - observable.operator = operator; - return observable; - }; - Observable.prototype.subscribe = function (observerOrNext, error, complete) { - var operator = this.operator; - var sink = __webpack_require__.i( - __WEBPACK_IMPORTED_MODULE_1__util_toSubscriber__['a' /* toSubscriber */] - )(observerOrNext, error, complete); - if (operator) { - operator.call(sink, this.source); - } else { - sink.add( - this.source || - (__WEBPACK_IMPORTED_MODULE_4__config__['a' /* config */] - .useDeprecatedSynchronousErrorHandling && - !sink.syncErrorThrowable) - ? this._subscribe(sink) - : this._trySubscribe(sink) - ); - } - if (__WEBPACK_IMPORTED_MODULE_4__config__['a' /* config */].useDeprecatedSynchronousErrorHandling) { - if (sink.syncErrorThrowable) { - sink.syncErrorThrowable = false; - if (sink.syncErrorThrown) { - throw sink.syncErrorValue; - } - } - } - return sink; - }; - Observable.prototype._trySubscribe = function (sink) { - try { - return this._subscribe(sink); - } catch (err) { - if ( - __WEBPACK_IMPORTED_MODULE_4__config__['a' /* config */].useDeprecatedSynchronousErrorHandling - ) { - sink.syncErrorThrown = true; - sink.syncErrorValue = err; - } - if ( - __webpack_require__.i( - __WEBPACK_IMPORTED_MODULE_0__util_canReportError__['a' /* canReportError */] - )(sink) - ) { - sink.error(err); - } else { - console.warn(err); - } - } - }; - Observable.prototype.forEach = function (next, promiseCtor) { - var _this = this; - promiseCtor = getPromiseCtor(promiseCtor); - return new promiseCtor(function (resolve, reject) { - var subscription; - subscription = _this.subscribe( - function (value) { - try { - next(value); - } catch (err) { - reject(err); - if (subscription) { - subscription.unsubscribe(); - } - } - }, - reject, - resolve - ); - }); - }; - Observable.prototype._subscribe = function (subscriber) { - var source = this.source; - return source && source.subscribe(subscriber); - }; - Observable.prototype[ - __WEBPACK_IMPORTED_MODULE_2__internal_symbol_observable__['a' /* observable */] - ] = function () { - return this; - }; - Observable.prototype.pipe = function () { - var operations = []; - for (var _i = 0; _i < arguments.length; _i++) { - operations[_i] = arguments[_i]; - } - if (operations.length === 0) { - return this; - } - return __webpack_require__.i(__WEBPACK_IMPORTED_MODULE_3__util_pipe__['b' /* pipeFromArray */])( - operations - )(this); - }; - Observable.prototype.toPromise = function (promiseCtor) { - var _this = this; - promiseCtor = getPromiseCtor(promiseCtor); - return new promiseCtor(function (resolve, reject) { - var value; - _this.subscribe( - function (x) { - return (value = x); - }, - function (err) { - return reject(err); - }, - function () { - return resolve(value); - } - ); - }); - }; - Observable.create = function (subscribe) { - return new Observable(subscribe); - }; - return Observable; - })(); - - function getPromiseCtor(promiseCtor) { - if (!promiseCtor) { - promiseCtor = __WEBPACK_IMPORTED_MODULE_4__config__['a' /* config */].Promise || Promise; - } - if (!promiseCtor) { - throw new Error('no Promise impl found'); - } - return promiseCtor; - } - //# sourceMappingURL=Observable.js.map - - /***/ - }, - /* 13 */ - /***/ function (module, __webpack_exports__, __webpack_require__) { - 'use strict'; - /* harmony export (binding) */ __webpack_require__.d(__webpack_exports__, 'a', function () { - return OuterSubscriber; - }); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_0_tslib__ = __webpack_require__(1); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_1__Subscriber__ = __webpack_require__(7); - /** PURE_IMPORTS_START tslib,_Subscriber PURE_IMPORTS_END */ - - var OuterSubscriber = /*@__PURE__*/ (function (_super) { - __WEBPACK_IMPORTED_MODULE_0_tslib__['a' /* __extends */](OuterSubscriber, _super); - function OuterSubscriber() { - return (_super !== null && _super.apply(this, arguments)) || this; - } - OuterSubscriber.prototype.notifyNext = function ( - outerValue, - innerValue, - outerIndex, - innerIndex, - innerSub - ) { - this.destination.next(innerValue); - }; - OuterSubscriber.prototype.notifyError = function (error, innerSub) { - this.destination.error(error); - }; - OuterSubscriber.prototype.notifyComplete = function (innerSub) { - this.destination.complete(); - }; - return OuterSubscriber; - })(__WEBPACK_IMPORTED_MODULE_1__Subscriber__['a' /* Subscriber */]); - - //# sourceMappingURL=OuterSubscriber.js.map - - /***/ - }, - /* 14 */ - /***/ function (module, __webpack_exports__, __webpack_require__) { - 'use strict'; - /* harmony export (immutable) */ __webpack_exports__['a'] = subscribeToResult; - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_0__InnerSubscriber__ = __webpack_require__(84); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_1__subscribeTo__ = __webpack_require__(446); - /** PURE_IMPORTS_START _InnerSubscriber,_subscribeTo PURE_IMPORTS_END */ - - function subscribeToResult(outerSubscriber, result, outerValue, outerIndex, destination) { - if (destination === void 0) { - destination = new __WEBPACK_IMPORTED_MODULE_0__InnerSubscriber__['a' /* InnerSubscriber */]( - outerSubscriber, - outerValue, - outerIndex - ); - } - if (destination.closed) { - return; - } - return __webpack_require__.i(__WEBPACK_IMPORTED_MODULE_1__subscribeTo__['a' /* subscribeTo */])( - result - )(destination); - } - //# sourceMappingURL=subscribeToResult.js.map - - /***/ - }, - /* 15 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - /* eslint-disable node/no-deprecated-api */ - - var buffer = __webpack_require__(64); - var Buffer = buffer.Buffer; - - var safer = {}; - - var key; - - for (key in buffer) { - if (!buffer.hasOwnProperty(key)) continue; - if (key === 'SlowBuffer' || key === 'Buffer') continue; - safer[key] = buffer[key]; - } - - var Safer = (safer.Buffer = {}); - for (key in Buffer) { - if (!Buffer.hasOwnProperty(key)) continue; - if (key === 'allocUnsafe' || key === 'allocUnsafeSlow') continue; - Safer[key] = Buffer[key]; - } - - safer.Buffer.prototype = Buffer.prototype; - - if (!Safer.from || Safer.from === Uint8Array.from) { - Safer.from = function (value, encodingOrOffset, length) { - if (typeof value === 'number') { - throw new TypeError( - 'The "value" argument must not be of type number. Received type ' + typeof value - ); - } - if (value && typeof value.length === 'undefined') { - throw new TypeError( - 'The first argument must be one of type string, Buffer, ArrayBuffer, Array, or Array-like Object. Received type ' + - typeof value - ); - } - return Buffer(value, encodingOrOffset, length); - }; - } - - if (!Safer.alloc) { - Safer.alloc = function (size, fill, encoding) { - if (typeof size !== 'number') { - throw new TypeError('The "size" argument must be of type number. Received type ' + typeof size); - } - if (size < 0 || size >= 2 * (1 << 30)) { - throw new RangeError('The value "' + size + '" is invalid for option "size"'); - } - var buf = Buffer(size); - if (!fill || fill.length === 0) { - buf.fill(0); - } else if (typeof encoding === 'string') { - buf.fill(fill, encoding); - } else { - buf.fill(fill); - } - return buf; - }; - } - - if (!safer.kStringMaxLength) { - try { - safer.kStringMaxLength = process.binding('buffer').kStringMaxLength; - } catch (e) { - // we can't determine kStringMaxLength in environments where process.binding - // is unsupported, so let's not set it - } - } - - if (!safer.constants) { - safer.constants = { - MAX_LENGTH: safer.kMaxLength, - }; - if (safer.kStringMaxLength) { - safer.constants.MAX_STRING_LENGTH = safer.kStringMaxLength; - } - } - - module.exports = safer; - - /***/ - }, - /* 16 */ - /***/ function (module, exports, __webpack_require__) { - // Copyright (c) 2012, Mark Cavage. All rights reserved. - // Copyright 2015 Joyent, Inc. - - var assert = __webpack_require__(28); - var Stream = __webpack_require__(23).Stream; - var util = __webpack_require__(3); - - ///--- Globals - - /* JSSTYLED */ - var UUID_REGEXP = /^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$/; - - ///--- Internal - - function _capitalize(str) { - return str.charAt(0).toUpperCase() + str.slice(1); - } - - function _toss(name, expected, oper, arg, actual) { - throw new assert.AssertionError({ - message: util.format('%s (%s) is required', name, expected), - actual: actual === undefined ? typeof arg : actual(arg), - expected: expected, - operator: oper || '===', - stackStartFunction: _toss.caller, - }); - } - - function _getClass(arg) { - return Object.prototype.toString.call(arg).slice(8, -1); - } - - function noop() { - // Why even bother with asserts? - } - - ///--- Exports - - var types = { - bool: { - check: function (arg) { - return typeof arg === 'boolean'; - }, - }, - func: { - check: function (arg) { - return typeof arg === 'function'; - }, - }, - string: { - check: function (arg) { - return typeof arg === 'string'; - }, - }, - object: { - check: function (arg) { - return typeof arg === 'object' && arg !== null; - }, - }, - number: { - check: function (arg) { - return typeof arg === 'number' && !isNaN(arg); - }, - }, - finite: { - check: function (arg) { - return typeof arg === 'number' && !isNaN(arg) && isFinite(arg); - }, - }, - buffer: { - check: function (arg) { - return Buffer.isBuffer(arg); - }, - operator: 'Buffer.isBuffer', - }, - array: { - check: function (arg) { - return Array.isArray(arg); - }, - operator: 'Array.isArray', - }, - stream: { - check: function (arg) { - return arg instanceof Stream; - }, - operator: 'instanceof', - actual: _getClass, - }, - date: { - check: function (arg) { - return arg instanceof Date; - }, - operator: 'instanceof', - actual: _getClass, - }, - regexp: { - check: function (arg) { - return arg instanceof RegExp; - }, - operator: 'instanceof', - actual: _getClass, - }, - uuid: { - check: function (arg) { - return typeof arg === 'string' && UUID_REGEXP.test(arg); - }, - operator: 'isUUID', - }, - }; - - function _setExports(ndebug) { - var keys = Object.keys(types); - var out; - - /* re-export standard assert */ - if (process.env.NODE_NDEBUG) { - out = noop; - } else { - out = function (arg, msg) { - if (!arg) { - _toss(msg, 'true', arg); - } - }; - } - - /* standard checks */ - keys.forEach(function (k) { - if (ndebug) { - out[k] = noop; - return; - } - var type = types[k]; - out[k] = function (arg, msg) { - if (!type.check(arg)) { - _toss(msg, k, type.operator, arg, type.actual); - } - }; - }); - - /* optional checks */ - keys.forEach(function (k) { - var name = 'optional' + _capitalize(k); - if (ndebug) { - out[name] = noop; - return; - } - var type = types[k]; - out[name] = function (arg, msg) { - if (arg === undefined || arg === null) { - return; - } - if (!type.check(arg)) { - _toss(msg, k, type.operator, arg, type.actual); - } - }; - }); - - /* arrayOf checks */ - keys.forEach(function (k) { - var name = 'arrayOf' + _capitalize(k); - if (ndebug) { - out[name] = noop; - return; - } - var type = types[k]; - var expected = '[' + k + ']'; - out[name] = function (arg, msg) { - if (!Array.isArray(arg)) { - _toss(msg, expected, type.operator, arg, type.actual); - } - var i; - for (i = 0; i < arg.length; i++) { - if (!type.check(arg[i])) { - _toss(msg, expected, type.operator, arg, type.actual); - } - } - }; - }); - - /* optionalArrayOf checks */ - keys.forEach(function (k) { - var name = 'optionalArrayOf' + _capitalize(k); - if (ndebug) { - out[name] = noop; - return; - } - var type = types[k]; - var expected = '[' + k + ']'; - out[name] = function (arg, msg) { - if (arg === undefined || arg === null) { - return; - } - if (!Array.isArray(arg)) { - _toss(msg, expected, type.operator, arg, type.actual); - } - var i; - for (i = 0; i < arg.length; i++) { - if (!type.check(arg[i])) { - _toss(msg, expected, type.operator, arg, type.actual); - } - } - }; - }); - - /* re-export built-in assertions */ - Object.keys(assert).forEach(function (k) { - if (k === 'AssertionError') { - out[k] = assert[k]; - return; - } - if (ndebug) { - out[k] = noop; - return; - } - out[k] = assert[k]; - }); - - /* export ourselves (for unit tests _only_) */ - out._setExports = _setExports; - - return out; - } - - module.exports = _setExports(process.env.NODE_NDEBUG); - - /***/ - }, - /* 17 */ - /***/ function (module, exports) { - // https://github.com/zloirock/core-js/issues/86#issuecomment-115759028 - var global = (module.exports = - typeof window != 'undefined' && window.Math == Math - ? window - : typeof self != 'undefined' && self.Math == Math - ? self - : // eslint-disable-next-line no-new-func - Function('return this')()); - if (typeof __g == 'number') __g = global; // eslint-disable-line no-undef - - /***/ - }, - /* 18 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - Object.defineProperty(exports, '__esModule', { - value: true, - }); - exports.sortAlpha = sortAlpha; - exports.sortOptionsByFlags = sortOptionsByFlags; - exports.entries = entries; - exports.removePrefix = removePrefix; - exports.removeSuffix = removeSuffix; - exports.addSuffix = addSuffix; - exports.hyphenate = hyphenate; - exports.camelCase = camelCase; - exports.compareSortedArrays = compareSortedArrays; - exports.sleep = sleep; - const _camelCase = __webpack_require__(227); - - function sortAlpha(a, b) { - // sort alphabetically in a deterministic way - const shortLen = Math.min(a.length, b.length); - for (let i = 0; i < shortLen; i++) { - const aChar = a.charCodeAt(i); - const bChar = b.charCodeAt(i); - if (aChar !== bChar) { - return aChar - bChar; - } - } - return a.length - b.length; - } - - function sortOptionsByFlags(a, b) { - const aOpt = a.flags.replace(/-/g, ''); - const bOpt = b.flags.replace(/-/g, ''); - return sortAlpha(aOpt, bOpt); - } - - function entries(obj) { - const entries = []; - if (obj) { - for (const key in obj) { - entries.push([key, obj[key]]); - } - } - return entries; - } - - function removePrefix(pattern, prefix) { - if (pattern.startsWith(prefix)) { - pattern = pattern.slice(prefix.length); - } - - return pattern; - } - - function removeSuffix(pattern, suffix) { - if (pattern.endsWith(suffix)) { - return pattern.slice(0, -suffix.length); - } - - return pattern; - } - - function addSuffix(pattern, suffix) { - if (!pattern.endsWith(suffix)) { - return pattern + suffix; - } - - return pattern; - } - - function hyphenate(str) { - return str.replace(/[A-Z]/g, (match) => { - return '-' + match.charAt(0).toLowerCase(); - }); - } - - function camelCase(str) { - if (/[A-Z]/.test(str)) { - return null; - } else { - return _camelCase(str); - } - } - - function compareSortedArrays(array1, array2) { - if (array1.length !== array2.length) { - return false; - } - for (let i = 0, len = array1.length; i < len; i++) { - if (array1[i] !== array2[i]) { - return false; - } - } - return true; - } - - function sleep(ms) { - return new Promise((resolve) => { - setTimeout(resolve, ms); - }); - } - - /***/ - }, - /* 19 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - Object.defineProperty(exports, '__esModule', { - value: true, - }); - exports.stringify = exports.parse = undefined; - - var _asyncToGenerator2; - - function _load_asyncToGenerator() { - return (_asyncToGenerator2 = _interopRequireDefault(__webpack_require__(2))); - } - - var _parse; - - function _load_parse() { - return (_parse = __webpack_require__(106)); - } - - Object.defineProperty(exports, 'parse', { - enumerable: true, - get: function get() { - return _interopRequireDefault(_parse || _load_parse()).default; - }, - }); - - var _stringify; - - function _load_stringify() { - return (_stringify = __webpack_require__(200)); - } - - Object.defineProperty(exports, 'stringify', { - enumerable: true, - get: function get() { - return _interopRequireDefault(_stringify || _load_stringify()).default; - }, - }); - exports.implodeEntry = implodeEntry; - exports.explodeEntry = explodeEntry; - - var _misc; - - function _load_misc() { - return (_misc = __webpack_require__(18)); - } - - var _normalizePattern; - - function _load_normalizePattern() { - return (_normalizePattern = __webpack_require__(37)); - } - - var _parse2; - - function _load_parse2() { - return (_parse2 = _interopRequireDefault(__webpack_require__(106))); - } - - var _constants; - - function _load_constants() { - return (_constants = __webpack_require__(8)); - } - - var _fs; - - function _load_fs() { - return (_fs = _interopRequireWildcard(__webpack_require__(5))); - } - - function _interopRequireWildcard(obj) { - if (obj && obj.__esModule) { - return obj; - } else { - var newObj = {}; - if (obj != null) { - for (var key in obj) { - if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; - } - } - newObj.default = obj; - return newObj; - } - } - - function _interopRequireDefault(obj) { - return obj && obj.__esModule ? obj : { default: obj }; - } - - const invariant = __webpack_require__(9); - - const path = __webpack_require__(0); - const ssri = __webpack_require__(65); - - function getName(pattern) { - return (0, (_normalizePattern || _load_normalizePattern()).normalizePattern)(pattern).name; - } - - function blankObjectUndefined(obj) { - return obj && Object.keys(obj).length ? obj : undefined; - } - - function keyForRemote(remote) { - return ( - remote.resolved || (remote.reference && remote.hash ? `${remote.reference}#${remote.hash}` : null) - ); - } - - function serializeIntegrity(integrity) { - // We need this because `Integrity.toString()` does not use sorting to ensure a stable string output - // See https://git.io/vx2Hy - return integrity.toString().split(' ').sort().join(' '); - } - - function implodeEntry(pattern, obj) { - const inferredName = getName(pattern); - const integrity = obj.integrity ? serializeIntegrity(obj.integrity) : ''; - const imploded = { - name: inferredName === obj.name ? undefined : obj.name, - version: obj.version, - uid: obj.uid === obj.version ? undefined : obj.uid, - resolved: obj.resolved, - registry: obj.registry === 'npm' ? undefined : obj.registry, - dependencies: blankObjectUndefined(obj.dependencies), - optionalDependencies: blankObjectUndefined(obj.optionalDependencies), - permissions: blankObjectUndefined(obj.permissions), - prebuiltVariants: blankObjectUndefined(obj.prebuiltVariants), - }; - if (integrity) { - imploded.integrity = integrity; - } - return imploded; - } - - function explodeEntry(pattern, obj) { - obj.optionalDependencies = obj.optionalDependencies || {}; - obj.dependencies = obj.dependencies || {}; - obj.uid = obj.uid || obj.version; - obj.permissions = obj.permissions || {}; - obj.registry = obj.registry || 'npm'; - obj.name = obj.name || getName(pattern); - const integrity = obj.integrity; - if (integrity && integrity.isIntegrity) { - obj.integrity = ssri.parse(integrity); - } - return obj; - } - - class Lockfile { - constructor({ cache, source, parseResultType } = {}) { - this.source = source || ''; - this.cache = cache; - this.parseResultType = parseResultType; - } - - // source string if the `cache` was parsed - - // if true, we're parsing an old yarn file and need to update integrity fields - hasEntriesExistWithoutIntegrity() { - if (!this.cache) { - return false; - } - - for (const key in this.cache) { - // $FlowFixMe - `this.cache` is clearly defined at this point - if (!/^.*@(file:|http)/.test(key) && this.cache[key] && !this.cache[key].integrity) { - return true; - } - } - - return false; - } - - static fromDirectory(dir, reporter) { - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - // read the manifest in this directory - const lockfileLoc = path.join(dir, (_constants || _load_constants()).LOCKFILE_FILENAME); - - let lockfile; - let rawLockfile = ''; - let parseResult; - - if (yield (_fs || _load_fs()).exists(lockfileLoc)) { - rawLockfile = yield (_fs || _load_fs()).readFile(lockfileLoc); - parseResult = (0, (_parse2 || _load_parse2()).default)(rawLockfile, lockfileLoc); - - if (reporter) { - if (parseResult.type === 'merge') { - reporter.info(reporter.lang('lockfileMerged')); - } else if (parseResult.type === 'conflict') { - reporter.warn(reporter.lang('lockfileConflict')); - } - } - - lockfile = parseResult.object; - } else if (reporter) { - reporter.info(reporter.lang('noLockfileFound')); - } - - if (lockfile && lockfile.__metadata) { - const lockfilev2 = lockfile; - lockfile = {}; - } - - return new Lockfile({ - cache: lockfile, - source: rawLockfile, - parseResultType: parseResult && parseResult.type, - }); - })(); - } - - getLocked(pattern) { - const cache = this.cache; - if (!cache) { - return undefined; - } - - const shrunk = pattern in cache && cache[pattern]; - - if (typeof shrunk === 'string') { - return this.getLocked(shrunk); - } else if (shrunk) { - explodeEntry(pattern, shrunk); - return shrunk; - } - - return undefined; - } - - removePattern(pattern) { - const cache = this.cache; - if (!cache) { - return; - } - delete cache[pattern]; - } - - getLockfile(patterns) { - const lockfile = {}; - const seen = new Map(); - - // order by name so that lockfile manifest is assigned to the first dependency with this manifest - // the others that have the same remoteKey will just refer to the first - // ordering allows for consistency in lockfile when it is serialized - const sortedPatternsKeys = Object.keys(patterns).sort((_misc || _load_misc()).sortAlpha); - - for ( - var _iterator = sortedPatternsKeys, - _isArray = Array.isArray(_iterator), - _i = 0, - _iterator = _isArray ? _iterator : _iterator[Symbol.iterator](); - ; - - ) { - var _ref; - - if (_isArray) { - if (_i >= _iterator.length) break; - _ref = _iterator[_i++]; - } else { - _i = _iterator.next(); - if (_i.done) break; - _ref = _i.value; - } - - const pattern = _ref; - - const pkg = patterns[pattern]; - const remote = pkg._remote, - ref = pkg._reference; - - invariant(ref, 'Package is missing a reference'); - invariant(remote, 'Package is missing a remote'); - - const remoteKey = keyForRemote(remote); - const seenPattern = remoteKey && seen.get(remoteKey); - if (seenPattern) { - // no point in duplicating it - lockfile[pattern] = seenPattern; - - // if we're relying on our name being inferred and two of the patterns have - // different inferred names then we need to set it - if (!seenPattern.name && getName(pattern) !== pkg.name) { - seenPattern.name = pkg.name; - } - continue; - } - const obj = implodeEntry(pattern, { - name: pkg.name, - version: pkg.version, - uid: pkg._uid, - resolved: remote.resolved, - integrity: remote.integrity, - registry: remote.registry, - dependencies: pkg.dependencies, - peerDependencies: pkg.peerDependencies, - optionalDependencies: pkg.optionalDependencies, - permissions: ref.permissions, - prebuiltVariants: pkg.prebuiltVariants, - }); - - lockfile[pattern] = obj; - - if (remoteKey) { - seen.set(remoteKey, obj); - } - } - - return lockfile; - } - } - exports.default = Lockfile; - - /***/ - }, - /* 20 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - exports.__esModule = true; - - var _assign = __webpack_require__(559); - - var _assign2 = _interopRequireDefault(_assign); - - function _interopRequireDefault(obj) { - return obj && obj.__esModule ? obj : { default: obj }; - } - - exports.default = - _assign2.default || - function (target) { - for (var i = 1; i < arguments.length; i++) { - var source = arguments[i]; - - for (var key in source) { - if (Object.prototype.hasOwnProperty.call(source, key)) { - target[key] = source[key]; - } - } - } - - return target; - }; - - /***/ - }, - /* 21 */ - /***/ function (module, exports, __webpack_require__) { - var store = __webpack_require__(133)('wks'); - var uid = __webpack_require__(137); - var Symbol = __webpack_require__(17).Symbol; - var USE_SYMBOL = typeof Symbol == 'function'; - - var $exports = (module.exports = function (name) { - return ( - store[name] || - (store[name] = (USE_SYMBOL && Symbol[name]) || (USE_SYMBOL ? Symbol : uid)('Symbol.' + name)) - ); - }); - - $exports.store = store; - - /***/ - }, - /* 22 */ - /***/ function (module, exports) { - exports = module.exports = SemVer; - - // The debug function is excluded entirely from the minified version. - /* nomin */ var debug; - /* nomin */ if ( - typeof process === 'object' && - /* nomin */ process.env && - /* nomin */ process.env.NODE_DEBUG && - /* nomin */ /\bsemver\b/i.test(process.env.NODE_DEBUG) - ) - /* nomin */ debug = function () { - /* nomin */ var args = Array.prototype.slice.call(arguments, 0); - /* nomin */ args.unshift('SEMVER'); - /* nomin */ console.log.apply(console, args); - /* nomin */ - }; - /* nomin */ - /* nomin */ else debug = function () {}; - - // Note: this is the semver.org version of the spec that it implements - // Not necessarily the package version of this code. - exports.SEMVER_SPEC_VERSION = '2.0.0'; - - var MAX_LENGTH = 256; - var MAX_SAFE_INTEGER = Number.MAX_SAFE_INTEGER || 9007199254740991; - - // Max safe segment length for coercion. - var MAX_SAFE_COMPONENT_LENGTH = 16; - - // The actual regexps go on exports.re - var re = (exports.re = []); - var src = (exports.src = []); - var R = 0; - - // The following Regular Expressions can be used for tokenizing, - // validating, and parsing SemVer version strings. - - // ## Numeric Identifier - // A single `0`, or a non-zero digit followed by zero or more digits. - - var NUMERICIDENTIFIER = R++; - src[NUMERICIDENTIFIER] = '0|[1-9]\\d*'; - var NUMERICIDENTIFIERLOOSE = R++; - src[NUMERICIDENTIFIERLOOSE] = '[0-9]+'; - - // ## Non-numeric Identifier - // Zero or more digits, followed by a letter or hyphen, and then zero or - // more letters, digits, or hyphens. - - var NONNUMERICIDENTIFIER = R++; - src[NONNUMERICIDENTIFIER] = '\\d*[a-zA-Z-][a-zA-Z0-9-]*'; - - // ## Main Version - // Three dot-separated numeric identifiers. - - var MAINVERSION = R++; - src[MAINVERSION] = - '(' + - src[NUMERICIDENTIFIER] + - ')\\.' + - '(' + - src[NUMERICIDENTIFIER] + - ')\\.' + - '(' + - src[NUMERICIDENTIFIER] + - ')'; - - var MAINVERSIONLOOSE = R++; - src[MAINVERSIONLOOSE] = - '(' + - src[NUMERICIDENTIFIERLOOSE] + - ')\\.' + - '(' + - src[NUMERICIDENTIFIERLOOSE] + - ')\\.' + - '(' + - src[NUMERICIDENTIFIERLOOSE] + - ')'; - - // ## Pre-release Version Identifier - // A numeric identifier, or a non-numeric identifier. - - var PRERELEASEIDENTIFIER = R++; - src[PRERELEASEIDENTIFIER] = '(?:' + src[NUMERICIDENTIFIER] + '|' + src[NONNUMERICIDENTIFIER] + ')'; - - var PRERELEASEIDENTIFIERLOOSE = R++; - src[PRERELEASEIDENTIFIERLOOSE] = - '(?:' + src[NUMERICIDENTIFIERLOOSE] + '|' + src[NONNUMERICIDENTIFIER] + ')'; - - // ## Pre-release Version - // Hyphen, followed by one or more dot-separated pre-release version - // identifiers. - - var PRERELEASE = R++; - src[PRERELEASE] = '(?:-(' + src[PRERELEASEIDENTIFIER] + '(?:\\.' + src[PRERELEASEIDENTIFIER] + ')*))'; - - var PRERELEASELOOSE = R++; - src[PRERELEASELOOSE] = - '(?:-?(' + src[PRERELEASEIDENTIFIERLOOSE] + '(?:\\.' + src[PRERELEASEIDENTIFIERLOOSE] + ')*))'; - - // ## Build Metadata Identifier - // Any combination of digits, letters, or hyphens. - - var BUILDIDENTIFIER = R++; - src[BUILDIDENTIFIER] = '[0-9A-Za-z-]+'; - - // ## Build Metadata - // Plus sign, followed by one or more period-separated build metadata - // identifiers. - - var BUILD = R++; - src[BUILD] = '(?:\\+(' + src[BUILDIDENTIFIER] + '(?:\\.' + src[BUILDIDENTIFIER] + ')*))'; - - // ## Full Version String - // A main version, followed optionally by a pre-release version and - // build metadata. - - // Note that the only major, minor, patch, and pre-release sections of - // the version string are capturing groups. The build metadata is not a - // capturing group, because it should not ever be used in version - // comparison. - - var FULL = R++; - var FULLPLAIN = 'v?' + src[MAINVERSION] + src[PRERELEASE] + '?' + src[BUILD] + '?'; - - src[FULL] = '^' + FULLPLAIN + '$'; - - // like full, but allows v1.2.3 and =1.2.3, which people do sometimes. - // also, 1.0.0alpha1 (prerelease without the hyphen) which is pretty - // common in the npm registry. - var LOOSEPLAIN = '[v=\\s]*' + src[MAINVERSIONLOOSE] + src[PRERELEASELOOSE] + '?' + src[BUILD] + '?'; - - var LOOSE = R++; - src[LOOSE] = '^' + LOOSEPLAIN + '$'; - - var GTLT = R++; - src[GTLT] = '((?:<|>)?=?)'; - - // Something like "2.*" or "1.2.x". - // Note that "x.x" is a valid xRange identifer, meaning "any version" - // Only the first item is strictly required. - var XRANGEIDENTIFIERLOOSE = R++; - src[XRANGEIDENTIFIERLOOSE] = src[NUMERICIDENTIFIERLOOSE] + '|x|X|\\*'; - var XRANGEIDENTIFIER = R++; - src[XRANGEIDENTIFIER] = src[NUMERICIDENTIFIER] + '|x|X|\\*'; - - var XRANGEPLAIN = R++; - src[XRANGEPLAIN] = - '[v=\\s]*(' + - src[XRANGEIDENTIFIER] + - ')' + - '(?:\\.(' + - src[XRANGEIDENTIFIER] + - ')' + - '(?:\\.(' + - src[XRANGEIDENTIFIER] + - ')' + - '(?:' + - src[PRERELEASE] + - ')?' + - src[BUILD] + - '?' + - ')?)?'; - - var XRANGEPLAINLOOSE = R++; - src[XRANGEPLAINLOOSE] = - '[v=\\s]*(' + - src[XRANGEIDENTIFIERLOOSE] + - ')' + - '(?:\\.(' + - src[XRANGEIDENTIFIERLOOSE] + - ')' + - '(?:\\.(' + - src[XRANGEIDENTIFIERLOOSE] + - ')' + - '(?:' + - src[PRERELEASELOOSE] + - ')?' + - src[BUILD] + - '?' + - ')?)?'; - - var XRANGE = R++; - src[XRANGE] = '^' + src[GTLT] + '\\s*' + src[XRANGEPLAIN] + '$'; - var XRANGELOOSE = R++; - src[XRANGELOOSE] = '^' + src[GTLT] + '\\s*' + src[XRANGEPLAINLOOSE] + '$'; - - // Coercion. - // Extract anything that could conceivably be a part of a valid semver - var COERCE = R++; - src[COERCE] = - '(?:^|[^\\d])' + - '(\\d{1,' + - MAX_SAFE_COMPONENT_LENGTH + - '})' + - '(?:\\.(\\d{1,' + - MAX_SAFE_COMPONENT_LENGTH + - '}))?' + - '(?:\\.(\\d{1,' + - MAX_SAFE_COMPONENT_LENGTH + - '}))?' + - '(?:$|[^\\d])'; - - // Tilde ranges. - // Meaning is "reasonably at or greater than" - var LONETILDE = R++; - src[LONETILDE] = '(?:~>?)'; - - var TILDETRIM = R++; - src[TILDETRIM] = '(\\s*)' + src[LONETILDE] + '\\s+'; - re[TILDETRIM] = new RegExp(src[TILDETRIM], 'g'); - var tildeTrimReplace = '$1~'; - - var TILDE = R++; - src[TILDE] = '^' + src[LONETILDE] + src[XRANGEPLAIN] + '$'; - var TILDELOOSE = R++; - src[TILDELOOSE] = '^' + src[LONETILDE] + src[XRANGEPLAINLOOSE] + '$'; - - // Caret ranges. - // Meaning is "at least and backwards compatible with" - var LONECARET = R++; - src[LONECARET] = '(?:\\^)'; - - var CARETTRIM = R++; - src[CARETTRIM] = '(\\s*)' + src[LONECARET] + '\\s+'; - re[CARETTRIM] = new RegExp(src[CARETTRIM], 'g'); - var caretTrimReplace = '$1^'; - - var CARET = R++; - src[CARET] = '^' + src[LONECARET] + src[XRANGEPLAIN] + '$'; - var CARETLOOSE = R++; - src[CARETLOOSE] = '^' + src[LONECARET] + src[XRANGEPLAINLOOSE] + '$'; - - // A simple gt/lt/eq thing, or just "" to indicate "any version" - var COMPARATORLOOSE = R++; - src[COMPARATORLOOSE] = '^' + src[GTLT] + '\\s*(' + LOOSEPLAIN + ')$|^$'; - var COMPARATOR = R++; - src[COMPARATOR] = '^' + src[GTLT] + '\\s*(' + FULLPLAIN + ')$|^$'; - - // An expression to strip any whitespace between the gtlt and the thing - // it modifies, so that `> 1.2.3` ==> `>1.2.3` - var COMPARATORTRIM = R++; - src[COMPARATORTRIM] = '(\\s*)' + src[GTLT] + '\\s*(' + LOOSEPLAIN + '|' + src[XRANGEPLAIN] + ')'; - - // this one has to use the /g flag - re[COMPARATORTRIM] = new RegExp(src[COMPARATORTRIM], 'g'); - var comparatorTrimReplace = '$1$2$3'; - - // Something like `1.2.3 - 1.2.4` - // Note that these all use the loose form, because they'll be - // checked against either the strict or loose comparator form - // later. - var HYPHENRANGE = R++; - src[HYPHENRANGE] = - '^\\s*(' + src[XRANGEPLAIN] + ')' + '\\s+-\\s+' + '(' + src[XRANGEPLAIN] + ')' + '\\s*$'; - - var HYPHENRANGELOOSE = R++; - src[HYPHENRANGELOOSE] = - '^\\s*(' + src[XRANGEPLAINLOOSE] + ')' + '\\s+-\\s+' + '(' + src[XRANGEPLAINLOOSE] + ')' + '\\s*$'; - - // Star ranges basically just allow anything at all. - var STAR = R++; - src[STAR] = '(<|>)?=?\\s*\\*'; - - // Compile to actual regexp objects. - // All are flag-free, unless they were created above with a flag. - for (var i = 0; i < R; i++) { - debug(i, src[i]); - if (!re[i]) re[i] = new RegExp(src[i]); - } - - exports.parse = parse; - function parse(version, loose) { - if (version instanceof SemVer) return version; - - if (typeof version !== 'string') return null; - - if (version.length > MAX_LENGTH) return null; - - var r = loose ? re[LOOSE] : re[FULL]; - if (!r.test(version)) return null; - - try { - return new SemVer(version, loose); - } catch (er) { - return null; - } - } - - exports.valid = valid; - function valid(version, loose) { - var v = parse(version, loose); - return v ? v.version : null; - } - - exports.clean = clean; - function clean(version, loose) { - var s = parse(version.trim().replace(/^[=v]+/, ''), loose); - return s ? s.version : null; - } - - exports.SemVer = SemVer; - - function SemVer(version, loose) { - if (version instanceof SemVer) { - if (version.loose === loose) return version; - else version = version.version; - } else if (typeof version !== 'string') { - throw new TypeError('Invalid Version: ' + version); - } - - if (version.length > MAX_LENGTH) - throw new TypeError('version is longer than ' + MAX_LENGTH + ' characters'); - - if (!(this instanceof SemVer)) return new SemVer(version, loose); - - debug('SemVer', version, loose); - this.loose = loose; - var m = version.trim().match(loose ? re[LOOSE] : re[FULL]); - - if (!m) throw new TypeError('Invalid Version: ' + version); - - this.raw = version; - - // these are actually numbers - this.major = +m[1]; - this.minor = +m[2]; - this.patch = +m[3]; - - if (this.major > MAX_SAFE_INTEGER || this.major < 0) throw new TypeError('Invalid major version'); - - if (this.minor > MAX_SAFE_INTEGER || this.minor < 0) throw new TypeError('Invalid minor version'); - - if (this.patch > MAX_SAFE_INTEGER || this.patch < 0) throw new TypeError('Invalid patch version'); - - // numberify any prerelease numeric ids - if (!m[4]) this.prerelease = []; - else - this.prerelease = m[4].split('.').map(function (id) { - if (/^[0-9]+$/.test(id)) { - var num = +id; - if (num >= 0 && num < MAX_SAFE_INTEGER) return num; - } - return id; - }); - - this.build = m[5] ? m[5].split('.') : []; - this.format(); - } - - SemVer.prototype.format = function () { - this.version = this.major + '.' + this.minor + '.' + this.patch; - if (this.prerelease.length) this.version += '-' + this.prerelease.join('.'); - return this.version; - }; - - SemVer.prototype.toString = function () { - return this.version; - }; - - SemVer.prototype.compare = function (other) { - debug('SemVer.compare', this.version, this.loose, other); - if (!(other instanceof SemVer)) other = new SemVer(other, this.loose); - - return this.compareMain(other) || this.comparePre(other); - }; - - SemVer.prototype.compareMain = function (other) { - if (!(other instanceof SemVer)) other = new SemVer(other, this.loose); - - return ( - compareIdentifiers(this.major, other.major) || - compareIdentifiers(this.minor, other.minor) || - compareIdentifiers(this.patch, other.patch) - ); - }; - - SemVer.prototype.comparePre = function (other) { - if (!(other instanceof SemVer)) other = new SemVer(other, this.loose); - - // NOT having a prerelease is > having one - if (this.prerelease.length && !other.prerelease.length) return -1; - else if (!this.prerelease.length && other.prerelease.length) return 1; - else if (!this.prerelease.length && !other.prerelease.length) return 0; - - var i = 0; - do { - var a = this.prerelease[i]; - var b = other.prerelease[i]; - debug('prerelease compare', i, a, b); - if (a === undefined && b === undefined) return 0; - else if (b === undefined) return 1; - else if (a === undefined) return -1; - else if (a === b) continue; - else return compareIdentifiers(a, b); - } while (++i); - }; - - // preminor will bump the version up to the next minor release, and immediately - // down to pre-release. premajor and prepatch work the same way. - SemVer.prototype.inc = function (release, identifier) { - switch (release) { - case 'premajor': - this.prerelease.length = 0; - this.patch = 0; - this.minor = 0; - this.major++; - this.inc('pre', identifier); - break; - case 'preminor': - this.prerelease.length = 0; - this.patch = 0; - this.minor++; - this.inc('pre', identifier); - break; - case 'prepatch': - // If this is already a prerelease, it will bump to the next version - // drop any prereleases that might already exist, since they are not - // relevant at this point. - this.prerelease.length = 0; - this.inc('patch', identifier); - this.inc('pre', identifier); - break; - // If the input is a non-prerelease version, this acts the same as - // prepatch. - case 'prerelease': - if (this.prerelease.length === 0) this.inc('patch', identifier); - this.inc('pre', identifier); - break; - - case 'major': - // If this is a pre-major version, bump up to the same major version. - // Otherwise increment major. - // 1.0.0-5 bumps to 1.0.0 - // 1.1.0 bumps to 2.0.0 - if (this.minor !== 0 || this.patch !== 0 || this.prerelease.length === 0) this.major++; - this.minor = 0; - this.patch = 0; - this.prerelease = []; - break; - case 'minor': - // If this is a pre-minor version, bump up to the same minor version. - // Otherwise increment minor. - // 1.2.0-5 bumps to 1.2.0 - // 1.2.1 bumps to 1.3.0 - if (this.patch !== 0 || this.prerelease.length === 0) this.minor++; - this.patch = 0; - this.prerelease = []; - break; - case 'patch': - // If this is not a pre-release version, it will increment the patch. - // If it is a pre-release it will bump up to the same patch version. - // 1.2.0-5 patches to 1.2.0 - // 1.2.0 patches to 1.2.1 - if (this.prerelease.length === 0) this.patch++; - this.prerelease = []; - break; - // This probably shouldn't be used publicly. - // 1.0.0 "pre" would become 1.0.0-0 which is the wrong direction. - case 'pre': - if (this.prerelease.length === 0) this.prerelease = [0]; - else { - var i = this.prerelease.length; - while (--i >= 0) { - if (typeof this.prerelease[i] === 'number') { - this.prerelease[i]++; - i = -2; - } - } - if (i === -1) - // didn't increment anything - this.prerelease.push(0); - } - if (identifier) { - // 1.2.0-beta.1 bumps to 1.2.0-beta.2, - // 1.2.0-beta.fooblz or 1.2.0-beta bumps to 1.2.0-beta.0 - if (this.prerelease[0] === identifier) { - if (isNaN(this.prerelease[1])) this.prerelease = [identifier, 0]; - } else this.prerelease = [identifier, 0]; - } - break; - - default: - throw new Error('invalid increment argument: ' + release); - } - this.format(); - this.raw = this.version; - return this; - }; - - exports.inc = inc; - function inc(version, release, loose, identifier) { - if (typeof loose === 'string') { - identifier = loose; - loose = undefined; - } - - try { - return new SemVer(version, loose).inc(release, identifier).version; - } catch (er) { - return null; - } - } - - exports.diff = diff; - function diff(version1, version2) { - if (eq(version1, version2)) { - return null; - } else { - var v1 = parse(version1); - var v2 = parse(version2); - if (v1.prerelease.length || v2.prerelease.length) { - for (var key in v1) { - if (key === 'major' || key === 'minor' || key === 'patch') { - if (v1[key] !== v2[key]) { - return 'pre' + key; - } - } - } - return 'prerelease'; - } - for (var key in v1) { - if (key === 'major' || key === 'minor' || key === 'patch') { - if (v1[key] !== v2[key]) { - return key; - } - } - } - } - } - - exports.compareIdentifiers = compareIdentifiers; - - var numeric = /^[0-9]+$/; - function compareIdentifiers(a, b) { - var anum = numeric.test(a); - var bnum = numeric.test(b); - - if (anum && bnum) { - a = +a; - b = +b; - } - - return anum && !bnum ? -1 : bnum && !anum ? 1 : a < b ? -1 : a > b ? 1 : 0; - } - - exports.rcompareIdentifiers = rcompareIdentifiers; - function rcompareIdentifiers(a, b) { - return compareIdentifiers(b, a); - } - - exports.major = major; - function major(a, loose) { - return new SemVer(a, loose).major; - } - - exports.minor = minor; - function minor(a, loose) { - return new SemVer(a, loose).minor; - } - - exports.patch = patch; - function patch(a, loose) { - return new SemVer(a, loose).patch; - } - - exports.compare = compare; - function compare(a, b, loose) { - return new SemVer(a, loose).compare(new SemVer(b, loose)); - } - - exports.compareLoose = compareLoose; - function compareLoose(a, b) { - return compare(a, b, true); - } - - exports.rcompare = rcompare; - function rcompare(a, b, loose) { - return compare(b, a, loose); - } - - exports.sort = sort; - function sort(list, loose) { - return list.sort(function (a, b) { - return exports.compare(a, b, loose); - }); - } - - exports.rsort = rsort; - function rsort(list, loose) { - return list.sort(function (a, b) { - return exports.rcompare(a, b, loose); - }); - } - - exports.gt = gt; - function gt(a, b, loose) { - return compare(a, b, loose) > 0; - } - - exports.lt = lt; - function lt(a, b, loose) { - return compare(a, b, loose) < 0; - } - - exports.eq = eq; - function eq(a, b, loose) { - return compare(a, b, loose) === 0; - } - - exports.neq = neq; - function neq(a, b, loose) { - return compare(a, b, loose) !== 0; - } - - exports.gte = gte; - function gte(a, b, loose) { - return compare(a, b, loose) >= 0; - } - - exports.lte = lte; - function lte(a, b, loose) { - return compare(a, b, loose) <= 0; - } - - exports.cmp = cmp; - function cmp(a, op, b, loose) { - var ret; - switch (op) { - case '===': - if (typeof a === 'object') a = a.version; - if (typeof b === 'object') b = b.version; - ret = a === b; - break; - case '!==': - if (typeof a === 'object') a = a.version; - if (typeof b === 'object') b = b.version; - ret = a !== b; - break; - case '': - case '=': - case '==': - ret = eq(a, b, loose); - break; - case '!=': - ret = neq(a, b, loose); - break; - case '>': - ret = gt(a, b, loose); - break; - case '>=': - ret = gte(a, b, loose); - break; - case '<': - ret = lt(a, b, loose); - break; - case '<=': - ret = lte(a, b, loose); - break; - default: - throw new TypeError('Invalid operator: ' + op); - } - return ret; - } - - exports.Comparator = Comparator; - function Comparator(comp, loose) { - if (comp instanceof Comparator) { - if (comp.loose === loose) return comp; - else comp = comp.value; - } - - if (!(this instanceof Comparator)) return new Comparator(comp, loose); - - debug('comparator', comp, loose); - this.loose = loose; - this.parse(comp); - - if (this.semver === ANY) this.value = ''; - else this.value = this.operator + this.semver.version; - - debug('comp', this); - } - - var ANY = {}; - Comparator.prototype.parse = function (comp) { - var r = this.loose ? re[COMPARATORLOOSE] : re[COMPARATOR]; - var m = comp.match(r); - - if (!m) throw new TypeError('Invalid comparator: ' + comp); - - this.operator = m[1]; - if (this.operator === '=') this.operator = ''; - - // if it literally is just '>' or '' then allow anything. - if (!m[2]) this.semver = ANY; - else this.semver = new SemVer(m[2], this.loose); - }; - - Comparator.prototype.toString = function () { - return this.value; - }; - - Comparator.prototype.test = function (version) { - debug('Comparator.test', version, this.loose); - - if (this.semver === ANY) return true; - - if (typeof version === 'string') version = new SemVer(version, this.loose); - - return cmp(version, this.operator, this.semver, this.loose); - }; - - Comparator.prototype.intersects = function (comp, loose) { - if (!(comp instanceof Comparator)) { - throw new TypeError('a Comparator is required'); - } - - var rangeTmp; - - if (this.operator === '') { - rangeTmp = new Range(comp.value, loose); - return satisfies(this.value, rangeTmp, loose); - } else if (comp.operator === '') { - rangeTmp = new Range(this.value, loose); - return satisfies(comp.semver, rangeTmp, loose); - } - - var sameDirectionIncreasing = - (this.operator === '>=' || this.operator === '>') && - (comp.operator === '>=' || comp.operator === '>'); - var sameDirectionDecreasing = - (this.operator === '<=' || this.operator === '<') && - (comp.operator === '<=' || comp.operator === '<'); - var sameSemVer = this.semver.version === comp.semver.version; - var differentDirectionsInclusive = - (this.operator === '>=' || this.operator === '<=') && - (comp.operator === '>=' || comp.operator === '<='); - var oppositeDirectionsLessThan = - cmp(this.semver, '<', comp.semver, loose) && - (this.operator === '>=' || this.operator === '>') && - (comp.operator === '<=' || comp.operator === '<'); - var oppositeDirectionsGreaterThan = - cmp(this.semver, '>', comp.semver, loose) && - (this.operator === '<=' || this.operator === '<') && - (comp.operator === '>=' || comp.operator === '>'); - - return ( - sameDirectionIncreasing || - sameDirectionDecreasing || - (sameSemVer && differentDirectionsInclusive) || - oppositeDirectionsLessThan || - oppositeDirectionsGreaterThan - ); - }; - - exports.Range = Range; - function Range(range, loose) { - if (range instanceof Range) { - if (range.loose === loose) { - return range; - } else { - return new Range(range.raw, loose); - } - } - - if (range instanceof Comparator) { - return new Range(range.value, loose); - } - - if (!(this instanceof Range)) return new Range(range, loose); - - this.loose = loose; - - // First, split based on boolean or || - this.raw = range; - this.set = range - .split(/\s*\|\|\s*/) - .map(function (range) { - return this.parseRange(range.trim()); - }, this) - .filter(function (c) { - // throw out any that are not relevant for whatever reason - return c.length; - }); - - if (!this.set.length) { - throw new TypeError('Invalid SemVer Range: ' + range); - } - - this.format(); - } - - Range.prototype.format = function () { - this.range = this.set - .map(function (comps) { - return comps.join(' ').trim(); - }) - .join('||') - .trim(); - return this.range; - }; - - Range.prototype.toString = function () { - return this.range; - }; - - Range.prototype.parseRange = function (range) { - var loose = this.loose; - range = range.trim(); - debug('range', range, loose); - // `1.2.3 - 1.2.4` => `>=1.2.3 <=1.2.4` - var hr = loose ? re[HYPHENRANGELOOSE] : re[HYPHENRANGE]; - range = range.replace(hr, hyphenReplace); - debug('hyphen replace', range); - // `> 1.2.3 < 1.2.5` => `>1.2.3 <1.2.5` - range = range.replace(re[COMPARATORTRIM], comparatorTrimReplace); - debug('comparator trim', range, re[COMPARATORTRIM]); - - // `~ 1.2.3` => `~1.2.3` - range = range.replace(re[TILDETRIM], tildeTrimReplace); - - // `^ 1.2.3` => `^1.2.3` - range = range.replace(re[CARETTRIM], caretTrimReplace); - - // normalize spaces - range = range.split(/\s+/).join(' '); - - // At this point, the range is completely trimmed and - // ready to be split into comparators. - - var compRe = loose ? re[COMPARATORLOOSE] : re[COMPARATOR]; - var set = range - .split(' ') - .map(function (comp) { - return parseComparator(comp, loose); - }) - .join(' ') - .split(/\s+/); - if (this.loose) { - // in loose mode, throw out any that are not valid comparators - set = set.filter(function (comp) { - return !!comp.match(compRe); - }); - } - set = set.map(function (comp) { - return new Comparator(comp, loose); - }); - - return set; - }; - - Range.prototype.intersects = function (range, loose) { - if (!(range instanceof Range)) { - throw new TypeError('a Range is required'); - } - - return this.set.some(function (thisComparators) { - return thisComparators.every(function (thisComparator) { - return range.set.some(function (rangeComparators) { - return rangeComparators.every(function (rangeComparator) { - return thisComparator.intersects(rangeComparator, loose); - }); - }); - }); - }); - }; - - // Mostly just for testing and legacy API reasons - exports.toComparators = toComparators; - function toComparators(range, loose) { - return new Range(range, loose).set.map(function (comp) { - return comp - .map(function (c) { - return c.value; - }) - .join(' ') - .trim() - .split(' '); - }); - } - - // comprised of xranges, tildes, stars, and gtlt's at this point. - // already replaced the hyphen ranges - // turn into a set of JUST comparators. - function parseComparator(comp, loose) { - debug('comp', comp); - comp = replaceCarets(comp, loose); - debug('caret', comp); - comp = replaceTildes(comp, loose); - debug('tildes', comp); - comp = replaceXRanges(comp, loose); - debug('xrange', comp); - comp = replaceStars(comp, loose); - debug('stars', comp); - return comp; - } - - function isX(id) { - return !id || id.toLowerCase() === 'x' || id === '*'; - } - - // ~, ~> --> * (any, kinda silly) - // ~2, ~2.x, ~2.x.x, ~>2, ~>2.x ~>2.x.x --> >=2.0.0 <3.0.0 - // ~2.0, ~2.0.x, ~>2.0, ~>2.0.x --> >=2.0.0 <2.1.0 - // ~1.2, ~1.2.x, ~>1.2, ~>1.2.x --> >=1.2.0 <1.3.0 - // ~1.2.3, ~>1.2.3 --> >=1.2.3 <1.3.0 - // ~1.2.0, ~>1.2.0 --> >=1.2.0 <1.3.0 - function replaceTildes(comp, loose) { - return comp - .trim() - .split(/\s+/) - .map(function (comp) { - return replaceTilde(comp, loose); - }) - .join(' '); - } - - function replaceTilde(comp, loose) { - var r = loose ? re[TILDELOOSE] : re[TILDE]; - return comp.replace(r, function (_, M, m, p, pr) { - debug('tilde', comp, _, M, m, p, pr); - var ret; - - if (isX(M)) ret = ''; - else if (isX(m)) ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'; - else if (isX(p)) - // ~1.2 == >=1.2.0 <1.3.0 - ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'; - else if (pr) { - debug('replaceTilde pr', pr); - if (pr.charAt(0) !== '-') pr = '-' + pr; - ret = '>=' + M + '.' + m + '.' + p + pr + ' <' + M + '.' + (+m + 1) + '.0'; - } - // ~1.2.3 == >=1.2.3 <1.3.0 - else ret = '>=' + M + '.' + m + '.' + p + ' <' + M + '.' + (+m + 1) + '.0'; - - debug('tilde return', ret); - return ret; - }); - } - - // ^ --> * (any, kinda silly) - // ^2, ^2.x, ^2.x.x --> >=2.0.0 <3.0.0 - // ^2.0, ^2.0.x --> >=2.0.0 <3.0.0 - // ^1.2, ^1.2.x --> >=1.2.0 <2.0.0 - // ^1.2.3 --> >=1.2.3 <2.0.0 - // ^1.2.0 --> >=1.2.0 <2.0.0 - function replaceCarets(comp, loose) { - return comp - .trim() - .split(/\s+/) - .map(function (comp) { - return replaceCaret(comp, loose); - }) - .join(' '); - } - - function replaceCaret(comp, loose) { - debug('caret', comp, loose); - var r = loose ? re[CARETLOOSE] : re[CARET]; - return comp.replace(r, function (_, M, m, p, pr) { - debug('caret', comp, _, M, m, p, pr); - var ret; - - if (isX(M)) ret = ''; - else if (isX(m)) ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'; - else if (isX(p)) { - if (M === '0') ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'; - else ret = '>=' + M + '.' + m + '.0 <' + (+M + 1) + '.0.0'; - } else if (pr) { - debug('replaceCaret pr', pr); - if (pr.charAt(0) !== '-') pr = '-' + pr; - if (M === '0') { - if (m === '0') ret = '>=' + M + '.' + m + '.' + p + pr + ' <' + M + '.' + m + '.' + (+p + 1); - else ret = '>=' + M + '.' + m + '.' + p + pr + ' <' + M + '.' + (+m + 1) + '.0'; - } else ret = '>=' + M + '.' + m + '.' + p + pr + ' <' + (+M + 1) + '.0.0'; - } else { - debug('no pr'); - if (M === '0') { - if (m === '0') ret = '>=' + M + '.' + m + '.' + p + ' <' + M + '.' + m + '.' + (+p + 1); - else ret = '>=' + M + '.' + m + '.' + p + ' <' + M + '.' + (+m + 1) + '.0'; - } else ret = '>=' + M + '.' + m + '.' + p + ' <' + (+M + 1) + '.0.0'; - } - - debug('caret return', ret); - return ret; - }); - } - - function replaceXRanges(comp, loose) { - debug('replaceXRanges', comp, loose); - return comp - .split(/\s+/) - .map(function (comp) { - return replaceXRange(comp, loose); - }) - .join(' '); - } - - function replaceXRange(comp, loose) { - comp = comp.trim(); - var r = loose ? re[XRANGELOOSE] : re[XRANGE]; - return comp.replace(r, function (ret, gtlt, M, m, p, pr) { - debug('xRange', comp, ret, gtlt, M, m, p, pr); - var xM = isX(M); - var xm = xM || isX(m); - var xp = xm || isX(p); - var anyX = xp; - - if (gtlt === '=' && anyX) gtlt = ''; - - if (xM) { - if (gtlt === '>' || gtlt === '<') { - // nothing is allowed - ret = '<0.0.0'; - } else { - // nothing is forbidden - ret = '*'; - } - } else if (gtlt && anyX) { - // replace X with 0 - if (xm) m = 0; - if (xp) p = 0; - - if (gtlt === '>') { - // >1 => >=2.0.0 - // >1.2 => >=1.3.0 - // >1.2.3 => >= 1.2.4 - gtlt = '>='; - if (xm) { - M = +M + 1; - m = 0; - p = 0; - } else if (xp) { - m = +m + 1; - p = 0; - } - } else if (gtlt === '<=') { - // <=0.7.x is actually <0.8.0, since any 0.7.x should - // pass. Similarly, <=7.x is actually <8.0.0, etc. - gtlt = '<'; - if (xm) M = +M + 1; - else m = +m + 1; - } - - ret = gtlt + M + '.' + m + '.' + p; - } else if (xm) { - ret = '>=' + M + '.0.0 <' + (+M + 1) + '.0.0'; - } else if (xp) { - ret = '>=' + M + '.' + m + '.0 <' + M + '.' + (+m + 1) + '.0'; - } - - debug('xRange return', ret); - - return ret; - }); - } - - // Because * is AND-ed with everything else in the comparator, - // and '' means "any version", just remove the *s entirely. - function replaceStars(comp, loose) { - debug('replaceStars', comp, loose); - // Looseness is ignored here. star is always as loose as it gets! - return comp.trim().replace(re[STAR], ''); - } - - // This function is passed to string.replace(re[HYPHENRANGE]) - // M, m, patch, prerelease, build - // 1.2 - 3.4.5 => >=1.2.0 <=3.4.5 - // 1.2.3 - 3.4 => >=1.2.0 <3.5.0 Any 3.4.x will do - // 1.2 - 3.4 => >=1.2.0 <3.5.0 - function hyphenReplace($0, from, fM, fm, fp, fpr, fb, to, tM, tm, tp, tpr, tb) { - if (isX(fM)) from = ''; - else if (isX(fm)) from = '>=' + fM + '.0.0'; - else if (isX(fp)) from = '>=' + fM + '.' + fm + '.0'; - else from = '>=' + from; - - if (isX(tM)) to = ''; - else if (isX(tm)) to = '<' + (+tM + 1) + '.0.0'; - else if (isX(tp)) to = '<' + tM + '.' + (+tm + 1) + '.0'; - else if (tpr) to = '<=' + tM + '.' + tm + '.' + tp + '-' + tpr; - else to = '<=' + to; - - return (from + ' ' + to).trim(); - } - - // if ANY of the sets match ALL of its comparators, then pass - Range.prototype.test = function (version) { - if (!version) return false; - - if (typeof version === 'string') version = new SemVer(version, this.loose); - - for (var i = 0; i < this.set.length; i++) { - if (testSet(this.set[i], version)) return true; - } - return false; - }; - - function testSet(set, version) { - for (var i = 0; i < set.length; i++) { - if (!set[i].test(version)) return false; - } - - if (version.prerelease.length) { - // Find the set of versions that are allowed to have prereleases - // For example, ^1.2.3-pr.1 desugars to >=1.2.3-pr.1 <2.0.0 - // That should allow `1.2.3-pr.2` to pass. - // However, `1.2.4-alpha.notready` should NOT be allowed, - // even though it's within the range set by the comparators. - for (var i = 0; i < set.length; i++) { - debug(set[i].semver); - if (set[i].semver === ANY) continue; - - if (set[i].semver.prerelease.length > 0) { - var allowed = set[i].semver; - if ( - allowed.major === version.major && - allowed.minor === version.minor && - allowed.patch === version.patch - ) - return true; - } - } - - // Version has a -pre, but it's not one of the ones we like. - return false; - } - - return true; - } - - exports.satisfies = satisfies; - function satisfies(version, range, loose) { - try { - range = new Range(range, loose); - } catch (er) { - return false; - } - return range.test(version); - } - - exports.maxSatisfying = maxSatisfying; - function maxSatisfying(versions, range, loose) { - var max = null; - var maxSV = null; - try { - var rangeObj = new Range(range, loose); - } catch (er) { - return null; - } - versions.forEach(function (v) { - if (rangeObj.test(v)) { - // satisfies(v, range, loose) - if (!max || maxSV.compare(v) === -1) { - // compare(max, v, true) - max = v; - maxSV = new SemVer(max, loose); - } - } - }); - return max; - } - - exports.minSatisfying = minSatisfying; - function minSatisfying(versions, range, loose) { - var min = null; - var minSV = null; - try { - var rangeObj = new Range(range, loose); - } catch (er) { - return null; - } - versions.forEach(function (v) { - if (rangeObj.test(v)) { - // satisfies(v, range, loose) - if (!min || minSV.compare(v) === 1) { - // compare(min, v, true) - min = v; - minSV = new SemVer(min, loose); - } - } - }); - return min; - } - - exports.validRange = validRange; - function validRange(range, loose) { - try { - // Return '*' instead of '' so that truthiness works. - // This will throw if it's invalid anyway - return new Range(range, loose).range || '*'; - } catch (er) { - return null; - } - } - - // Determine if version is less than all the versions possible in the range - exports.ltr = ltr; - function ltr(version, range, loose) { - return outside(version, range, '<', loose); - } - - // Determine if version is greater than all the versions possible in the range. - exports.gtr = gtr; - function gtr(version, range, loose) { - return outside(version, range, '>', loose); - } - - exports.outside = outside; - function outside(version, range, hilo, loose) { - version = new SemVer(version, loose); - range = new Range(range, loose); - - var gtfn, ltefn, ltfn, comp, ecomp; - switch (hilo) { - case '>': - gtfn = gt; - ltefn = lte; - ltfn = lt; - comp = '>'; - ecomp = '>='; - break; - case '<': - gtfn = lt; - ltefn = gte; - ltfn = gt; - comp = '<'; - ecomp = '<='; - break; - default: - throw new TypeError('Must provide a hilo val of "<" or ">"'); - } - - // If it satisifes the range it is not outside - if (satisfies(version, range, loose)) { - return false; - } - - // From now on, variable terms are as if we're in "gtr" mode. - // but note that everything is flipped for the "ltr" function. - - for (var i = 0; i < range.set.length; ++i) { - var comparators = range.set[i]; - - var high = null; - var low = null; - - comparators.forEach(function (comparator) { - if (comparator.semver === ANY) { - comparator = new Comparator('>=0.0.0'); - } - high = high || comparator; - low = low || comparator; - if (gtfn(comparator.semver, high.semver, loose)) { - high = comparator; - } else if (ltfn(comparator.semver, low.semver, loose)) { - low = comparator; - } - }); - - // If the edge version comparator has a operator then our version - // isn't outside it - if (high.operator === comp || high.operator === ecomp) { - return false; - } - - // If the lowest version comparator has an operator and our version - // is less than it then it isn't higher than the range - if ((!low.operator || low.operator === comp) && ltefn(version, low.semver)) { - return false; - } else if (low.operator === ecomp && ltfn(version, low.semver)) { - return false; - } - } - return true; - } - - exports.prerelease = prerelease; - function prerelease(version, loose) { - var parsed = parse(version, loose); - return parsed && parsed.prerelease.length ? parsed.prerelease : null; - } - - exports.intersects = intersects; - function intersects(r1, r2, loose) { - r1 = new Range(r1, loose); - r2 = new Range(r2, loose); - return r1.intersects(r2); - } - - exports.coerce = coerce; - function coerce(version) { - if (version instanceof SemVer) return version; - - if (typeof version !== 'string') return null; - - var match = version.match(re[COERCE]); - - if (match == null) return null; - - return parse((match[1] || '0') + '.' + (match[2] || '0') + '.' + (match[3] || '0')); - } - - /***/ - }, - /* 23 */ - /***/ function (module, exports) { - module.exports = require('stream'); - - /***/ - }, - /* 24 */ - /***/ function (module, exports) { - module.exports = require('url'); - - /***/ - }, - /* 25 */ - /***/ function (module, __webpack_exports__, __webpack_require__) { - 'use strict'; - /* harmony export (binding) */ __webpack_require__.d(__webpack_exports__, 'a', function () { - return Subscription; - }); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_0__util_isArray__ = __webpack_require__(41); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_1__util_isObject__ = __webpack_require__(444); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_2__util_isFunction__ = __webpack_require__(154); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_3__util_tryCatch__ = __webpack_require__(57); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_4__util_errorObject__ = __webpack_require__(48); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_5__util_UnsubscriptionError__ = - __webpack_require__(441); - /** PURE_IMPORTS_START _util_isArray,_util_isObject,_util_isFunction,_util_tryCatch,_util_errorObject,_util_UnsubscriptionError PURE_IMPORTS_END */ - - var Subscription = /*@__PURE__*/ (function () { - function Subscription(unsubscribe) { - this.closed = false; - this._parent = null; - this._parents = null; - this._subscriptions = null; - if (unsubscribe) { - this._unsubscribe = unsubscribe; - } - } - Subscription.prototype.unsubscribe = function () { - var hasErrors = false; - var errors; - if (this.closed) { - return; - } - var _a = this, - _parent = _a._parent, - _parents = _a._parents, - _unsubscribe = _a._unsubscribe, - _subscriptions = _a._subscriptions; - this.closed = true; - this._parent = null; - this._parents = null; - this._subscriptions = null; - var index = -1; - var len = _parents ? _parents.length : 0; - while (_parent) { - _parent.remove(this); - _parent = (++index < len && _parents[index]) || null; - } - if ( - __webpack_require__.i(__WEBPACK_IMPORTED_MODULE_2__util_isFunction__['a' /* isFunction */])( - _unsubscribe - ) - ) { - var trial = __webpack_require__ - .i(__WEBPACK_IMPORTED_MODULE_3__util_tryCatch__['a' /* tryCatch */])(_unsubscribe) - .call(this); - if (trial === __WEBPACK_IMPORTED_MODULE_4__util_errorObject__['a' /* errorObject */]) { - hasErrors = true; - errors = - errors || - (__WEBPACK_IMPORTED_MODULE_4__util_errorObject__['a' /* errorObject */].e instanceof - __WEBPACK_IMPORTED_MODULE_5__util_UnsubscriptionError__['a' /* UnsubscriptionError */] - ? flattenUnsubscriptionErrors( - __WEBPACK_IMPORTED_MODULE_4__util_errorObject__['a' /* errorObject */].e.errors - ) - : [__WEBPACK_IMPORTED_MODULE_4__util_errorObject__['a' /* errorObject */].e]); - } - } - if ( - __webpack_require__.i(__WEBPACK_IMPORTED_MODULE_0__util_isArray__['a' /* isArray */])( - _subscriptions - ) - ) { - index = -1; - len = _subscriptions.length; - while (++index < len) { - var sub = _subscriptions[index]; - if ( - __webpack_require__.i(__WEBPACK_IMPORTED_MODULE_1__util_isObject__['a' /* isObject */])(sub) - ) { - var trial = __webpack_require__ - .i(__WEBPACK_IMPORTED_MODULE_3__util_tryCatch__['a' /* tryCatch */])(sub.unsubscribe) - .call(sub); - if (trial === __WEBPACK_IMPORTED_MODULE_4__util_errorObject__['a' /* errorObject */]) { - hasErrors = true; - errors = errors || []; - var err = __WEBPACK_IMPORTED_MODULE_4__util_errorObject__['a' /* errorObject */].e; - if ( - err instanceof - __WEBPACK_IMPORTED_MODULE_5__util_UnsubscriptionError__['a' /* UnsubscriptionError */] - ) { - errors = errors.concat(flattenUnsubscriptionErrors(err.errors)); - } else { - errors.push(err); - } - } - } - } - } - if (hasErrors) { - throw new __WEBPACK_IMPORTED_MODULE_5__util_UnsubscriptionError__['a' /* UnsubscriptionError */]( - errors - ); - } - }; - Subscription.prototype.add = function (teardown) { - if (!teardown || teardown === Subscription.EMPTY) { - return Subscription.EMPTY; - } - if (teardown === this) { - return this; - } - var subscription = teardown; - switch (typeof teardown) { - case 'function': - subscription = new Subscription(teardown); - case 'object': - if (subscription.closed || typeof subscription.unsubscribe !== 'function') { - return subscription; - } else if (this.closed) { - subscription.unsubscribe(); - return subscription; - } else if (typeof subscription._addParent !== 'function') { - var tmp = subscription; - subscription = new Subscription(); - subscription._subscriptions = [tmp]; - } - break; - default: - throw new Error('unrecognized teardown ' + teardown + ' added to Subscription.'); - } - var subscriptions = this._subscriptions || (this._subscriptions = []); - subscriptions.push(subscription); - subscription._addParent(this); - return subscription; - }; - Subscription.prototype.remove = function (subscription) { - var subscriptions = this._subscriptions; - if (subscriptions) { - var subscriptionIndex = subscriptions.indexOf(subscription); - if (subscriptionIndex !== -1) { - subscriptions.splice(subscriptionIndex, 1); - } - } - }; - Subscription.prototype._addParent = function (parent) { - var _a = this, - _parent = _a._parent, - _parents = _a._parents; - if (!_parent || _parent === parent) { - this._parent = parent; - } else if (!_parents) { - this._parents = [parent]; - } else if (_parents.indexOf(parent) === -1) { - _parents.push(parent); - } - }; - Subscription.EMPTY = (function (empty) { - empty.closed = true; - return empty; - })(new Subscription()); - return Subscription; - })(); - - function flattenUnsubscriptionErrors(errors) { - return errors.reduce(function (errs, err) { - return errs.concat( - err instanceof - __WEBPACK_IMPORTED_MODULE_5__util_UnsubscriptionError__['a' /* UnsubscriptionError */] - ? err.errors - : err - ); - }, []); - } - //# sourceMappingURL=Subscription.js.map - - /***/ - }, - /* 26 */ - /***/ function (module, exports, __webpack_require__) { - // Copyright 2015 Joyent, Inc. - - module.exports = { - bufferSplit: bufferSplit, - addRSAMissing: addRSAMissing, - calculateDSAPublic: calculateDSAPublic, - calculateED25519Public: calculateED25519Public, - calculateX25519Public: calculateX25519Public, - mpNormalize: mpNormalize, - mpDenormalize: mpDenormalize, - ecNormalize: ecNormalize, - countZeros: countZeros, - assertCompatible: assertCompatible, - isCompatible: isCompatible, - opensslKeyDeriv: opensslKeyDeriv, - opensshCipherInfo: opensshCipherInfo, - publicFromPrivateECDSA: publicFromPrivateECDSA, - zeroPadToLength: zeroPadToLength, - writeBitString: writeBitString, - readBitString: readBitString, - }; - - var assert = __webpack_require__(16); - var Buffer = __webpack_require__(15).Buffer; - var PrivateKey = __webpack_require__(33); - var Key = __webpack_require__(27); - var crypto = __webpack_require__(11); - var algs = __webpack_require__(32); - var asn1 = __webpack_require__(66); - - var ec, jsbn; - var nacl; - - var MAX_CLASS_DEPTH = 3; - - function isCompatible(obj, klass, needVer) { - if (obj === null || typeof obj !== 'object') return false; - if (needVer === undefined) needVer = klass.prototype._sshpkApiVersion; - if (obj instanceof klass && klass.prototype._sshpkApiVersion[0] == needVer[0]) return true; - var proto = Object.getPrototypeOf(obj); - var depth = 0; - while (proto.constructor.name !== klass.name) { - proto = Object.getPrototypeOf(proto); - if (!proto || ++depth > MAX_CLASS_DEPTH) return false; - } - if (proto.constructor.name !== klass.name) return false; - var ver = proto._sshpkApiVersion; - if (ver === undefined) ver = klass._oldVersionDetect(obj); - if (ver[0] != needVer[0] || ver[1] < needVer[1]) return false; - return true; - } - - function assertCompatible(obj, klass, needVer, name) { - if (name === undefined) name = 'object'; - assert.ok(obj, name + ' must not be null'); - assert.object(obj, name + ' must be an object'); - if (needVer === undefined) needVer = klass.prototype._sshpkApiVersion; - if (obj instanceof klass && klass.prototype._sshpkApiVersion[0] == needVer[0]) return; - var proto = Object.getPrototypeOf(obj); - var depth = 0; - while (proto.constructor.name !== klass.name) { - proto = Object.getPrototypeOf(proto); - assert.ok(proto && ++depth <= MAX_CLASS_DEPTH, name + ' must be a ' + klass.name + ' instance'); - } - assert.strictEqual( - proto.constructor.name, - klass.name, - name + ' must be a ' + klass.name + ' instance' - ); - var ver = proto._sshpkApiVersion; - if (ver === undefined) ver = klass._oldVersionDetect(obj); - assert.ok( - ver[0] == needVer[0] && ver[1] >= needVer[1], - name + - ' must be compatible with ' + - klass.name + - ' klass ' + - 'version ' + - needVer[0] + - '.' + - needVer[1] - ); - } - - var CIPHER_LEN = { - 'des-ede3-cbc': { key: 7, iv: 8 }, - 'aes-128-cbc': { key: 16, iv: 16 }, - }; - var PKCS5_SALT_LEN = 8; - - function opensslKeyDeriv(cipher, salt, passphrase, count) { - assert.buffer(salt, 'salt'); - assert.buffer(passphrase, 'passphrase'); - assert.number(count, 'iteration count'); - - var clen = CIPHER_LEN[cipher]; - assert.object(clen, 'supported cipher'); - - salt = salt.slice(0, PKCS5_SALT_LEN); - - var D, D_prev, bufs; - var material = Buffer.alloc(0); - while (material.length < clen.key + clen.iv) { - bufs = []; - if (D_prev) bufs.push(D_prev); - bufs.push(passphrase); - bufs.push(salt); - D = Buffer.concat(bufs); - for (var j = 0; j < count; ++j) D = crypto.createHash('md5').update(D).digest(); - material = Buffer.concat([material, D]); - D_prev = D; - } - - return { - key: material.slice(0, clen.key), - iv: material.slice(clen.key, clen.key + clen.iv), - }; - } - - /* Count leading zero bits on a buffer */ - function countZeros(buf) { - var o = 0, - obit = 8; - while (o < buf.length) { - var mask = 1 << obit; - if ((buf[o] & mask) === mask) break; - obit--; - if (obit < 0) { - o++; - obit = 8; - } - } - return o * 8 + (8 - obit) - 1; - } - - function bufferSplit(buf, chr) { - assert.buffer(buf); - assert.string(chr); - - var parts = []; - var lastPart = 0; - var matches = 0; - for (var i = 0; i < buf.length; ++i) { - if (buf[i] === chr.charCodeAt(matches)) ++matches; - else if (buf[i] === chr.charCodeAt(0)) matches = 1; - else matches = 0; - - if (matches >= chr.length) { - var newPart = i + 1; - parts.push(buf.slice(lastPart, newPart - matches)); - lastPart = newPart; - matches = 0; - } - } - if (lastPart <= buf.length) parts.push(buf.slice(lastPart, buf.length)); - - return parts; - } - - function ecNormalize(buf, addZero) { - assert.buffer(buf); - if (buf[0] === 0x00 && buf[1] === 0x04) { - if (addZero) return buf; - return buf.slice(1); - } else if (buf[0] === 0x04) { - if (!addZero) return buf; - } else { - while (buf[0] === 0x00) buf = buf.slice(1); - if (buf[0] === 0x02 || buf[0] === 0x03) - throw new Error('Compressed elliptic curve points ' + 'are not supported'); - if (buf[0] !== 0x04) throw new Error('Not a valid elliptic curve point'); - if (!addZero) return buf; - } - var b = Buffer.alloc(buf.length + 1); - b[0] = 0x0; - buf.copy(b, 1); - return b; - } - - function readBitString(der, tag) { - if (tag === undefined) tag = asn1.Ber.BitString; - var buf = der.readString(tag, true); - assert.strictEqual( - buf[0], - 0x00, - 'bit strings with unused bits are ' + 'not supported (0x' + buf[0].toString(16) + ')' - ); - return buf.slice(1); - } - - function writeBitString(der, buf, tag) { - if (tag === undefined) tag = asn1.Ber.BitString; - var b = Buffer.alloc(buf.length + 1); - b[0] = 0x00; - buf.copy(b, 1); - der.writeBuffer(b, tag); - } - - function mpNormalize(buf) { - assert.buffer(buf); - while (buf.length > 1 && buf[0] === 0x00 && (buf[1] & 0x80) === 0x00) buf = buf.slice(1); - if ((buf[0] & 0x80) === 0x80) { - var b = Buffer.alloc(buf.length + 1); - b[0] = 0x00; - buf.copy(b, 1); - buf = b; - } - return buf; - } - - function mpDenormalize(buf) { - assert.buffer(buf); - while (buf.length > 1 && buf[0] === 0x00) buf = buf.slice(1); - return buf; - } - - function zeroPadToLength(buf, len) { - assert.buffer(buf); - assert.number(len); - while (buf.length > len) { - assert.equal(buf[0], 0x00); - buf = buf.slice(1); - } - while (buf.length < len) { - var b = Buffer.alloc(buf.length + 1); - b[0] = 0x00; - buf.copy(b, 1); - buf = b; - } - return buf; - } - - function bigintToMpBuf(bigint) { - var buf = Buffer.from(bigint.toByteArray()); - buf = mpNormalize(buf); - return buf; - } - - function calculateDSAPublic(g, p, x) { - assert.buffer(g); - assert.buffer(p); - assert.buffer(x); - try { - var bigInt = __webpack_require__(81).BigInteger; - } catch (e) { - throw new Error('To load a PKCS#8 format DSA private key, ' + 'the node jsbn library is required.'); - } - g = new bigInt(g); - p = new bigInt(p); - x = new bigInt(x); - var y = g.modPow(x, p); - var ybuf = bigintToMpBuf(y); - return ybuf; - } - - function calculateED25519Public(k) { - assert.buffer(k); - - if (nacl === undefined) nacl = __webpack_require__(76); - - var kp = nacl.sign.keyPair.fromSeed(new Uint8Array(k)); - return Buffer.from(kp.publicKey); - } - - function calculateX25519Public(k) { - assert.buffer(k); - - if (nacl === undefined) nacl = __webpack_require__(76); - - var kp = nacl.box.keyPair.fromSeed(new Uint8Array(k)); - return Buffer.from(kp.publicKey); - } - - function addRSAMissing(key) { - assert.object(key); - assertCompatible(key, PrivateKey, [1, 1]); - try { - var bigInt = __webpack_require__(81).BigInteger; - } catch (e) { - throw new Error('To write a PEM private key from ' + 'this source, the node jsbn lib is required.'); - } - - var d = new bigInt(key.part.d.data); - var buf; - - if (!key.part.dmodp) { - var p = new bigInt(key.part.p.data); - var dmodp = d.mod(p.subtract(1)); - - buf = bigintToMpBuf(dmodp); - key.part.dmodp = { name: 'dmodp', data: buf }; - key.parts.push(key.part.dmodp); - } - if (!key.part.dmodq) { - var q = new bigInt(key.part.q.data); - var dmodq = d.mod(q.subtract(1)); - - buf = bigintToMpBuf(dmodq); - key.part.dmodq = { name: 'dmodq', data: buf }; - key.parts.push(key.part.dmodq); - } - } - - function publicFromPrivateECDSA(curveName, priv) { - assert.string(curveName, 'curveName'); - assert.buffer(priv); - if (ec === undefined) ec = __webpack_require__(139); - if (jsbn === undefined) jsbn = __webpack_require__(81).BigInteger; - var params = algs.curves[curveName]; - var p = new jsbn(params.p); - var a = new jsbn(params.a); - var b = new jsbn(params.b); - var curve = new ec.ECCurveFp(p, a, b); - var G = curve.decodePointHex(params.G.toString('hex')); - - var d = new jsbn(mpNormalize(priv)); - var pub = G.multiply(d); - pub = Buffer.from(curve.encodePointHex(pub), 'hex'); - - var parts = []; - parts.push({ name: 'curve', data: Buffer.from(curveName) }); - parts.push({ name: 'Q', data: pub }); - - var key = new Key({ type: 'ecdsa', curve: curve, parts: parts }); - return key; - } - - function opensshCipherInfo(cipher) { - var inf = {}; - switch (cipher) { - case '3des-cbc': - inf.keySize = 24; - inf.blockSize = 8; - inf.opensslName = 'des-ede3-cbc'; - break; - case 'blowfish-cbc': - inf.keySize = 16; - inf.blockSize = 8; - inf.opensslName = 'bf-cbc'; - break; - case 'aes128-cbc': - case 'aes128-ctr': - case 'aes128-gcm@openssh.com': - inf.keySize = 16; - inf.blockSize = 16; - inf.opensslName = 'aes-128-' + cipher.slice(7, 10); - break; - case 'aes192-cbc': - case 'aes192-ctr': - case 'aes192-gcm@openssh.com': - inf.keySize = 24; - inf.blockSize = 16; - inf.opensslName = 'aes-192-' + cipher.slice(7, 10); - break; - case 'aes256-cbc': - case 'aes256-ctr': - case 'aes256-gcm@openssh.com': - inf.keySize = 32; - inf.blockSize = 16; - inf.opensslName = 'aes-256-' + cipher.slice(7, 10); - break; - default: - throw new Error('Unsupported openssl cipher "' + cipher + '"'); - } - return inf; - } - - /***/ - }, - /* 27 */ - /***/ function (module, exports, __webpack_require__) { - // Copyright 2017 Joyent, Inc. - - module.exports = Key; - - var assert = __webpack_require__(16); - var algs = __webpack_require__(32); - var crypto = __webpack_require__(11); - var Fingerprint = __webpack_require__(156); - var Signature = __webpack_require__(75); - var DiffieHellman = __webpack_require__(325).DiffieHellman; - var errs = __webpack_require__(74); - var utils = __webpack_require__(26); - var PrivateKey = __webpack_require__(33); - var edCompat; - - try { - edCompat = __webpack_require__(454); - } catch (e) { - /* Just continue through, and bail out if we try to use it. */ - } - - var InvalidAlgorithmError = errs.InvalidAlgorithmError; - var KeyParseError = errs.KeyParseError; - - var formats = {}; - formats['auto'] = __webpack_require__(455); - formats['pem'] = __webpack_require__(86); - formats['pkcs1'] = __webpack_require__(327); - formats['pkcs8'] = __webpack_require__(157); - formats['rfc4253'] = __webpack_require__(103); - formats['ssh'] = __webpack_require__(456); - formats['ssh-private'] = __webpack_require__(193); - formats['openssh'] = formats['ssh-private']; - formats['dnssec'] = __webpack_require__(326); - - function Key(opts) { - assert.object(opts, 'options'); - assert.arrayOfObject(opts.parts, 'options.parts'); - assert.string(opts.type, 'options.type'); - assert.optionalString(opts.comment, 'options.comment'); - - var algInfo = algs.info[opts.type]; - if (typeof algInfo !== 'object') throw new InvalidAlgorithmError(opts.type); - - var partLookup = {}; - for (var i = 0; i < opts.parts.length; ++i) { - var part = opts.parts[i]; - partLookup[part.name] = part; - } - - this.type = opts.type; - this.parts = opts.parts; - this.part = partLookup; - this.comment = undefined; - this.source = opts.source; - - /* for speeding up hashing/fingerprint operations */ - this._rfc4253Cache = opts._rfc4253Cache; - this._hashCache = {}; - - var sz; - this.curve = undefined; - if (this.type === 'ecdsa') { - var curve = this.part.curve.data.toString(); - this.curve = curve; - sz = algs.curves[curve].size; - } else if (this.type === 'ed25519' || this.type === 'curve25519') { - sz = 256; - this.curve = 'curve25519'; - } else { - var szPart = this.part[algInfo.sizePart]; - sz = szPart.data.length; - sz = sz * 8 - utils.countZeros(szPart.data); - } - this.size = sz; - } - - Key.formats = formats; - - Key.prototype.toBuffer = function (format, options) { - if (format === undefined) format = 'ssh'; - assert.string(format, 'format'); - assert.object(formats[format], 'formats[format]'); - assert.optionalObject(options, 'options'); - - if (format === 'rfc4253') { - if (this._rfc4253Cache === undefined) this._rfc4253Cache = formats['rfc4253'].write(this); - return this._rfc4253Cache; - } - - return formats[format].write(this, options); - }; - - Key.prototype.toString = function (format, options) { - return this.toBuffer(format, options).toString(); - }; - - Key.prototype.hash = function (algo) { - assert.string(algo, 'algorithm'); - algo = algo.toLowerCase(); - if (algs.hashAlgs[algo] === undefined) throw new InvalidAlgorithmError(algo); - - if (this._hashCache[algo]) return this._hashCache[algo]; - var hash = crypto.createHash(algo).update(this.toBuffer('rfc4253')).digest(); - this._hashCache[algo] = hash; - return hash; - }; - - Key.prototype.fingerprint = function (algo) { - if (algo === undefined) algo = 'sha256'; - assert.string(algo, 'algorithm'); - var opts = { - type: 'key', - hash: this.hash(algo), - algorithm: algo, - }; - return new Fingerprint(opts); - }; - - Key.prototype.defaultHashAlgorithm = function () { - var hashAlgo = 'sha1'; - if (this.type === 'rsa') hashAlgo = 'sha256'; - if (this.type === 'dsa' && this.size > 1024) hashAlgo = 'sha256'; - if (this.type === 'ed25519') hashAlgo = 'sha512'; - if (this.type === 'ecdsa') { - if (this.size <= 256) hashAlgo = 'sha256'; - else if (this.size <= 384) hashAlgo = 'sha384'; - else hashAlgo = 'sha512'; - } - return hashAlgo; - }; - - Key.prototype.createVerify = function (hashAlgo) { - if (hashAlgo === undefined) hashAlgo = this.defaultHashAlgorithm(); - assert.string(hashAlgo, 'hash algorithm'); - - /* ED25519 is not supported by OpenSSL, use a javascript impl. */ - if (this.type === 'ed25519' && edCompat !== undefined) return new edCompat.Verifier(this, hashAlgo); - if (this.type === 'curve25519') - throw new Error('Curve25519 keys are not suitable for ' + 'signing or verification'); - - var v, nm, err; - try { - nm = hashAlgo.toUpperCase(); - v = crypto.createVerify(nm); - } catch (e) { - err = e; - } - if (v === undefined || (err instanceof Error && err.message.match(/Unknown message digest/))) { - nm = 'RSA-'; - nm += hashAlgo.toUpperCase(); - v = crypto.createVerify(nm); - } - assert.ok(v, 'failed to create verifier'); - var oldVerify = v.verify.bind(v); - var key = this.toBuffer('pkcs8'); - var curve = this.curve; - var self = this; - v.verify = function (signature, fmt) { - if (Signature.isSignature(signature, [2, 0])) { - if (signature.type !== self.type) return false; - if (signature.hashAlgorithm && signature.hashAlgorithm !== hashAlgo) return false; - if (signature.curve && self.type === 'ecdsa' && signature.curve !== curve) return false; - return oldVerify(key, signature.toBuffer('asn1')); - } else if (typeof signature === 'string' || Buffer.isBuffer(signature)) { - return oldVerify(key, signature, fmt); - - /* - * Avoid doing this on valid arguments, walking the prototype - * chain can be quite slow. - */ - } else if (Signature.isSignature(signature, [1, 0])) { - throw new Error( - 'signature was created by too old ' + 'a version of sshpk and cannot be verified' - ); - } else { - throw new TypeError('signature must be a string, ' + 'Buffer, or Signature object'); - } - }; - return v; - }; - - Key.prototype.createDiffieHellman = function () { - if (this.type === 'rsa') throw new Error('RSA keys do not support Diffie-Hellman'); - - return new DiffieHellman(this); - }; - Key.prototype.createDH = Key.prototype.createDiffieHellman; - - Key.parse = function (data, format, options) { - if (typeof data !== 'string') assert.buffer(data, 'data'); - if (format === undefined) format = 'auto'; - assert.string(format, 'format'); - if (typeof options === 'string') options = { filename: options }; - assert.optionalObject(options, 'options'); - if (options === undefined) options = {}; - assert.optionalString(options.filename, 'options.filename'); - if (options.filename === undefined) options.filename = '(unnamed)'; - - assert.object(formats[format], 'formats[format]'); - - try { - var k = formats[format].read(data, options); - if (k instanceof PrivateKey) k = k.toPublic(); - if (!k.comment) k.comment = options.filename; - return k; - } catch (e) { - if (e.name === 'KeyEncryptedError') throw e; - throw new KeyParseError(options.filename, format, e); - } - }; - - Key.isKey = function (obj, ver) { - return utils.isCompatible(obj, Key, ver); - }; - - /* - * API versions for Key: - * [1,0] -- initial ver, may take Signature for createVerify or may not - * [1,1] -- added pkcs1, pkcs8 formats - * [1,2] -- added auto, ssh-private, openssh formats - * [1,3] -- added defaultHashAlgorithm - * [1,4] -- added ed support, createDH - * [1,5] -- first explicitly tagged version - * [1,6] -- changed ed25519 part names - */ - Key.prototype._sshpkApiVersion = [1, 6]; - - Key._oldVersionDetect = function (obj) { - assert.func(obj.toBuffer); - assert.func(obj.fingerprint); - if (obj.createDH) return [1, 4]; - if (obj.defaultHashAlgorithm) return [1, 3]; - if (obj.formats['auto']) return [1, 2]; - if (obj.formats['pkcs1']) return [1, 1]; - return [1, 0]; - }; - - /***/ - }, - /* 28 */ - /***/ function (module, exports) { - module.exports = require('assert'); - - /***/ - }, - /* 29 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - Object.defineProperty(exports, '__esModule', { - value: true, - }); - exports.default = nullify; - function nullify(obj = {}) { - if (Array.isArray(obj)) { - for ( - var _iterator = obj, - _isArray = Array.isArray(_iterator), - _i = 0, - _iterator = _isArray ? _iterator : _iterator[Symbol.iterator](); - ; - - ) { - var _ref; - - if (_isArray) { - if (_i >= _iterator.length) break; - _ref = _iterator[_i++]; - } else { - _i = _iterator.next(); - if (_i.done) break; - _ref = _i.value; - } - - const item = _ref; - - nullify(item); - } - } else if ((obj !== null && typeof obj === 'object') || typeof obj === 'function') { - Object.setPrototypeOf(obj, null); - - // for..in can only be applied to 'object', not 'function' - if (typeof obj === 'object') { - for (const key in obj) { - nullify(obj[key]); - } - } - } - - return obj; - } - - /***/ - }, - /* 30 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - const escapeStringRegexp = __webpack_require__(382); - const ansiStyles = __webpack_require__(474); - const stdoutColor = __webpack_require__(566).stdout; - - const template = __webpack_require__(567); - - const isSimpleWindowsTerm = - process.platform === 'win32' && !(process.env.TERM || '').toLowerCase().startsWith('xterm'); - - // `supportsColor.level` → `ansiStyles.color[name]` mapping - const levelMapping = ['ansi', 'ansi', 'ansi256', 'ansi16m']; - - // `color-convert` models to exclude from the Chalk API due to conflicts and such - const skipModels = new Set(['gray']); - - const styles = Object.create(null); - - function applyOptions(obj, options) { - options = options || {}; - - // Detect level if not set manually - const scLevel = stdoutColor ? stdoutColor.level : 0; - obj.level = options.level === undefined ? scLevel : options.level; - obj.enabled = 'enabled' in options ? options.enabled : obj.level > 0; - } - - function Chalk(options) { - // We check for this.template here since calling `chalk.constructor()` - // by itself will have a `this` of a previously constructed chalk object - if (!this || !(this instanceof Chalk) || this.template) { - const chalk = {}; - applyOptions(chalk, options); - - chalk.template = function () { - const args = [].slice.call(arguments); - return chalkTag.apply(null, [chalk.template].concat(args)); - }; - - Object.setPrototypeOf(chalk, Chalk.prototype); - Object.setPrototypeOf(chalk.template, chalk); - - chalk.template.constructor = Chalk; - - return chalk.template; - } - - applyOptions(this, options); - } - - // Use bright blue on Windows as the normal blue color is illegible - if (isSimpleWindowsTerm) { - ansiStyles.blue.open = '\u001B[94m'; - } - - for (const key of Object.keys(ansiStyles)) { - ansiStyles[key].closeRe = new RegExp(escapeStringRegexp(ansiStyles[key].close), 'g'); - - styles[key] = { - get() { - const codes = ansiStyles[key]; - return build.call(this, this._styles ? this._styles.concat(codes) : [codes], this._empty, key); - }, - }; - } - - styles.visible = { - get() { - return build.call(this, this._styles || [], true, 'visible'); - }, - }; - - ansiStyles.color.closeRe = new RegExp(escapeStringRegexp(ansiStyles.color.close), 'g'); - for (const model of Object.keys(ansiStyles.color.ansi)) { - if (skipModels.has(model)) { - continue; - } - - styles[model] = { - get() { - const level = this.level; - return function () { - const open = ansiStyles.color[levelMapping[level]][model].apply(null, arguments); - const codes = { - open, - close: ansiStyles.color.close, - closeRe: ansiStyles.color.closeRe, - }; - return build.call( - this, - this._styles ? this._styles.concat(codes) : [codes], - this._empty, - model - ); - }; - }, - }; - } - - ansiStyles.bgColor.closeRe = new RegExp(escapeStringRegexp(ansiStyles.bgColor.close), 'g'); - for (const model of Object.keys(ansiStyles.bgColor.ansi)) { - if (skipModels.has(model)) { - continue; - } - - const bgModel = 'bg' + model[0].toUpperCase() + model.slice(1); - styles[bgModel] = { - get() { - const level = this.level; - return function () { - const open = ansiStyles.bgColor[levelMapping[level]][model].apply(null, arguments); - const codes = { - open, - close: ansiStyles.bgColor.close, - closeRe: ansiStyles.bgColor.closeRe, - }; - return build.call( - this, - this._styles ? this._styles.concat(codes) : [codes], - this._empty, - model - ); - }; - }, - }; - } - - const proto = Object.defineProperties(() => {}, styles); - - function build(_styles, _empty, key) { - const builder = function () { - return applyStyle.apply(builder, arguments); - }; - - builder._styles = _styles; - builder._empty = _empty; - - const self = this; - - Object.defineProperty(builder, 'level', { - enumerable: true, - get() { - return self.level; - }, - set(level) { - self.level = level; - }, - }); - - Object.defineProperty(builder, 'enabled', { - enumerable: true, - get() { - return self.enabled; - }, - set(enabled) { - self.enabled = enabled; - }, - }); - - // See below for fix regarding invisible grey/dim combination on Windows - builder.hasGrey = this.hasGrey || key === 'gray' || key === 'grey'; - - // `__proto__` is used because we must return a function, but there is - // no way to create a function with a different prototype - builder.__proto__ = proto; // eslint-disable-line no-proto - - return builder; - } - - function applyStyle() { - // Support varags, but simply cast to string in case there's only one arg - const args = arguments; - const argsLen = args.length; - let str = String(arguments[0]); - - if (argsLen === 0) { - return ''; - } - - if (argsLen > 1) { - // Don't slice `arguments`, it prevents V8 optimizations - for (let a = 1; a < argsLen; a++) { - str += ' ' + args[a]; - } - } - - if (!this.enabled || this.level <= 0 || !str) { - return this._empty ? '' : str; - } - - // Turns out that on Windows dimmed gray text becomes invisible in cmd.exe, - // see https://github.com/chalk/chalk/issues/58 - // If we're on Windows and we're dealing with a gray color, temporarily make 'dim' a noop. - const originalDim = ansiStyles.dim.open; - if (isSimpleWindowsTerm && this.hasGrey) { - ansiStyles.dim.open = ''; - } - - for (const code of this._styles.slice().reverse()) { - // Replace any instances already present with a re-opening code - // otherwise only the part of the string until said closing code - // will be colored, and the rest will simply be 'plain'. - str = code.open + str.replace(code.closeRe, code.open) + code.close; - - // Close the styling before a linebreak and reopen - // after next line to fix a bleed issue on macOS - // https://github.com/chalk/chalk/pull/92 - str = str.replace(/\r?\n/g, `${code.close}$&${code.open}`); - } - - // Reset the original `dim` if we changed it to work around the Windows dimmed gray issue - ansiStyles.dim.open = originalDim; - - return str; - } - - function chalkTag(chalk, strings) { - if (!Array.isArray(strings)) { - // If chalk() was called by itself or with a string, - // return the string itself as a string. - return [].slice.call(arguments, 1).join(' '); - } - - const args = [].slice.call(arguments, 2); - const parts = [strings.raw[0]]; - - for (let i = 1; i < strings.length; i++) { - parts.push(String(args[i - 1]).replace(/[{}\\]/g, '\\$&')); - parts.push(String(strings.raw[i])); - } - - return template(chalk, parts.join('')); - } - - Object.defineProperties(Chalk.prototype, styles); - - module.exports = Chalk(); // eslint-disable-line new-cap - module.exports.supportsColor = stdoutColor; - module.exports.default = module.exports; // For TypeScript - - /***/ - }, - /* 31 */ - /***/ function (module, exports) { - var core = (module.exports = { version: '2.5.7' }); - if (typeof __e == 'number') __e = core; // eslint-disable-line no-undef - - /***/ - }, - /* 32 */ - /***/ function (module, exports, __webpack_require__) { - // Copyright 2015 Joyent, Inc. - - var Buffer = __webpack_require__(15).Buffer; - - var algInfo = { - dsa: { - parts: ['p', 'q', 'g', 'y'], - sizePart: 'p', - }, - rsa: { - parts: ['e', 'n'], - sizePart: 'n', - }, - ecdsa: { - parts: ['curve', 'Q'], - sizePart: 'Q', - }, - ed25519: { - parts: ['A'], - sizePart: 'A', - }, - }; - algInfo['curve25519'] = algInfo['ed25519']; - - var algPrivInfo = { - dsa: { - parts: ['p', 'q', 'g', 'y', 'x'], - }, - rsa: { - parts: ['n', 'e', 'd', 'iqmp', 'p', 'q'], - }, - ecdsa: { - parts: ['curve', 'Q', 'd'], - }, - ed25519: { - parts: ['A', 'k'], - }, - }; - algPrivInfo['curve25519'] = algPrivInfo['ed25519']; - - var hashAlgs = { - md5: true, - sha1: true, - sha256: true, - sha384: true, - sha512: true, - }; - - /* - * Taken from - * http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf - */ - var curves = { - nistp256: { - size: 256, - pkcs8oid: '1.2.840.10045.3.1.7', - p: Buffer.from( - ('00' + 'ffffffff 00000001 00000000 00000000' + '00000000 ffffffff ffffffff ffffffff').replace( - / /g, - '' - ), - 'hex' - ), - a: Buffer.from( - ('00' + 'FFFFFFFF 00000001 00000000 00000000' + '00000000 FFFFFFFF FFFFFFFF FFFFFFFC').replace( - / /g, - '' - ), - 'hex' - ), - b: Buffer.from( - ('5ac635d8 aa3a93e7 b3ebbd55 769886bc' + '651d06b0 cc53b0f6 3bce3c3e 27d2604b').replace(/ /g, ''), - 'hex' - ), - s: Buffer.from( - ('00' + 'c49d3608 86e70493 6a6678e1 139d26b7' + '819f7e90').replace(/ /g, ''), - 'hex' - ), - n: Buffer.from( - ('00' + 'ffffffff 00000000 ffffffff ffffffff' + 'bce6faad a7179e84 f3b9cac2 fc632551').replace( - / /g, - '' - ), - 'hex' - ), - G: Buffer.from( - ( - '04' + - '6b17d1f2 e12c4247 f8bce6e5 63a440f2' + - '77037d81 2deb33a0 f4a13945 d898c296' + - '4fe342e2 fe1a7f9b 8ee7eb4a 7c0f9e16' + - '2bce3357 6b315ece cbb64068 37bf51f5' - ).replace(/ /g, ''), - 'hex' - ), - }, - nistp384: { - size: 384, - pkcs8oid: '1.3.132.0.34', - p: Buffer.from( - ( - '00' + - 'ffffffff ffffffff ffffffff ffffffff' + - 'ffffffff ffffffff ffffffff fffffffe' + - 'ffffffff 00000000 00000000 ffffffff' - ).replace(/ /g, ''), - 'hex' - ), - a: Buffer.from( - ( - '00' + - 'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF' + - 'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE' + - 'FFFFFFFF 00000000 00000000 FFFFFFFC' - ).replace(/ /g, ''), - 'hex' - ), - b: Buffer.from( - ( - 'b3312fa7 e23ee7e4 988e056b e3f82d19' + - '181d9c6e fe814112 0314088f 5013875a' + - 'c656398d 8a2ed19d 2a85c8ed d3ec2aef' - ).replace(/ /g, ''), - 'hex' - ), - s: Buffer.from( - ('00' + 'a335926a a319a27a 1d00896a 6773a482' + '7acdac73').replace(/ /g, ''), - 'hex' - ), - n: Buffer.from( - ( - '00' + - 'ffffffff ffffffff ffffffff ffffffff' + - 'ffffffff ffffffff c7634d81 f4372ddf' + - '581a0db2 48b0a77a ecec196a ccc52973' - ).replace(/ /g, ''), - 'hex' - ), - G: Buffer.from( - ( - '04' + - 'aa87ca22 be8b0537 8eb1c71e f320ad74' + - '6e1d3b62 8ba79b98 59f741e0 82542a38' + - '5502f25d bf55296c 3a545e38 72760ab7' + - '3617de4a 96262c6f 5d9e98bf 9292dc29' + - 'f8f41dbd 289a147c e9da3113 b5f0b8c0' + - '0a60b1ce 1d7e819d 7a431d7c 90ea0e5f' - ).replace(/ /g, ''), - 'hex' - ), - }, - nistp521: { - size: 521, - pkcs8oid: '1.3.132.0.35', - p: Buffer.from( - ( - '01ffffff ffffffff ffffffff ffffffff' + - 'ffffffff ffffffff ffffffff ffffffff' + - 'ffffffff ffffffff ffffffff ffffffff' + - 'ffffffff ffffffff ffffffff ffffffff' + - 'ffff' - ).replace(/ /g, ''), - 'hex' - ), - a: Buffer.from( - ( - '01FF' + - 'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF' + - 'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF' + - 'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF' + - 'FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFC' - ).replace(/ /g, ''), - 'hex' - ), - b: Buffer.from( - ( - '51' + - '953eb961 8e1c9a1f 929a21a0 b68540ee' + - 'a2da725b 99b315f3 b8b48991 8ef109e1' + - '56193951 ec7e937b 1652c0bd 3bb1bf07' + - '3573df88 3d2c34f1 ef451fd4 6b503f00' - ).replace(/ /g, ''), - 'hex' - ), - s: Buffer.from( - ('00' + 'd09e8800 291cb853 96cc6717 393284aa' + 'a0da64ba').replace(/ /g, ''), - 'hex' - ), - n: Buffer.from( - ( - '01ff' + - 'ffffffff ffffffff ffffffff ffffffff' + - 'ffffffff ffffffff ffffffff fffffffa' + - '51868783 bf2f966b 7fcc0148 f709a5d0' + - '3bb5c9b8 899c47ae bb6fb71e 91386409' - ).replace(/ /g, ''), - 'hex' - ), - G: Buffer.from( - ( - '04' + - '00c6 858e06b7 0404e9cd 9e3ecb66 2395b442' + - '9c648139 053fb521 f828af60 6b4d3dba' + - 'a14b5e77 efe75928 fe1dc127 a2ffa8de' + - '3348b3c1 856a429b f97e7e31 c2e5bd66' + - '0118 39296a78 9a3bc004 5c8a5fb4 2c7d1bd9' + - '98f54449 579b4468 17afbd17 273e662c' + - '97ee7299 5ef42640 c550b901 3fad0761' + - '353c7086 a272c240 88be9476 9fd16650' - ).replace(/ /g, ''), - 'hex' - ), - }, - }; - - module.exports = { - info: algInfo, - privInfo: algPrivInfo, - hashAlgs: hashAlgs, - curves: curves, - }; - - /***/ - }, - /* 33 */ - /***/ function (module, exports, __webpack_require__) { - // Copyright 2017 Joyent, Inc. - - module.exports = PrivateKey; - - var assert = __webpack_require__(16); - var Buffer = __webpack_require__(15).Buffer; - var algs = __webpack_require__(32); - var crypto = __webpack_require__(11); - var Fingerprint = __webpack_require__(156); - var Signature = __webpack_require__(75); - var errs = __webpack_require__(74); - var util = __webpack_require__(3); - var utils = __webpack_require__(26); - var dhe = __webpack_require__(325); - var generateECDSA = dhe.generateECDSA; - var generateED25519 = dhe.generateED25519; - var edCompat; - var nacl; - - try { - edCompat = __webpack_require__(454); - } catch (e) { - /* Just continue through, and bail out if we try to use it. */ - } - - var Key = __webpack_require__(27); - - var InvalidAlgorithmError = errs.InvalidAlgorithmError; - var KeyParseError = errs.KeyParseError; - var KeyEncryptedError = errs.KeyEncryptedError; - - var formats = {}; - formats['auto'] = __webpack_require__(455); - formats['pem'] = __webpack_require__(86); - formats['pkcs1'] = __webpack_require__(327); - formats['pkcs8'] = __webpack_require__(157); - formats['rfc4253'] = __webpack_require__(103); - formats['ssh-private'] = __webpack_require__(193); - formats['openssh'] = formats['ssh-private']; - formats['ssh'] = formats['ssh-private']; - formats['dnssec'] = __webpack_require__(326); - - function PrivateKey(opts) { - assert.object(opts, 'options'); - Key.call(this, opts); - - this._pubCache = undefined; - } - util.inherits(PrivateKey, Key); - - PrivateKey.formats = formats; - - PrivateKey.prototype.toBuffer = function (format, options) { - if (format === undefined) format = 'pkcs1'; - assert.string(format, 'format'); - assert.object(formats[format], 'formats[format]'); - assert.optionalObject(options, 'options'); - - return formats[format].write(this, options); - }; - - PrivateKey.prototype.hash = function (algo) { - return this.toPublic().hash(algo); - }; - - PrivateKey.prototype.toPublic = function () { - if (this._pubCache) return this._pubCache; - - var algInfo = algs.info[this.type]; - var pubParts = []; - for (var i = 0; i < algInfo.parts.length; ++i) { - var p = algInfo.parts[i]; - pubParts.push(this.part[p]); - } - - this._pubCache = new Key({ - type: this.type, - source: this, - parts: pubParts, - }); - if (this.comment) this._pubCache.comment = this.comment; - return this._pubCache; - }; - - PrivateKey.prototype.derive = function (newType) { - assert.string(newType, 'type'); - var priv, pub, pair; - - if (this.type === 'ed25519' && newType === 'curve25519') { - if (nacl === undefined) nacl = __webpack_require__(76); - - priv = this.part.k.data; - if (priv[0] === 0x00) priv = priv.slice(1); - - pair = nacl.box.keyPair.fromSecretKey(new Uint8Array(priv)); - pub = Buffer.from(pair.publicKey); - - return new PrivateKey({ - type: 'curve25519', - parts: [ - { name: 'A', data: utils.mpNormalize(pub) }, - { name: 'k', data: utils.mpNormalize(priv) }, - ], - }); - } else if (this.type === 'curve25519' && newType === 'ed25519') { - if (nacl === undefined) nacl = __webpack_require__(76); - - priv = this.part.k.data; - if (priv[0] === 0x00) priv = priv.slice(1); - - pair = nacl.sign.keyPair.fromSeed(new Uint8Array(priv)); - pub = Buffer.from(pair.publicKey); - - return new PrivateKey({ - type: 'ed25519', - parts: [ - { name: 'A', data: utils.mpNormalize(pub) }, - { name: 'k', data: utils.mpNormalize(priv) }, - ], - }); - } - throw new Error('Key derivation not supported from ' + this.type + ' to ' + newType); - }; - - PrivateKey.prototype.createVerify = function (hashAlgo) { - return this.toPublic().createVerify(hashAlgo); - }; - - PrivateKey.prototype.createSign = function (hashAlgo) { - if (hashAlgo === undefined) hashAlgo = this.defaultHashAlgorithm(); - assert.string(hashAlgo, 'hash algorithm'); - - /* ED25519 is not supported by OpenSSL, use a javascript impl. */ - if (this.type === 'ed25519' && edCompat !== undefined) return new edCompat.Signer(this, hashAlgo); - if (this.type === 'curve25519') - throw new Error('Curve25519 keys are not suitable for ' + 'signing or verification'); - - var v, nm, err; - try { - nm = hashAlgo.toUpperCase(); - v = crypto.createSign(nm); - } catch (e) { - err = e; - } - if (v === undefined || (err instanceof Error && err.message.match(/Unknown message digest/))) { - nm = 'RSA-'; - nm += hashAlgo.toUpperCase(); - v = crypto.createSign(nm); - } - assert.ok(v, 'failed to create verifier'); - var oldSign = v.sign.bind(v); - var key = this.toBuffer('pkcs1'); - var type = this.type; - var curve = this.curve; - v.sign = function () { - var sig = oldSign(key); - if (typeof sig === 'string') sig = Buffer.from(sig, 'binary'); - sig = Signature.parse(sig, type, 'asn1'); - sig.hashAlgorithm = hashAlgo; - sig.curve = curve; - return sig; - }; - return v; - }; - - PrivateKey.parse = function (data, format, options) { - if (typeof data !== 'string') assert.buffer(data, 'data'); - if (format === undefined) format = 'auto'; - assert.string(format, 'format'); - if (typeof options === 'string') options = { filename: options }; - assert.optionalObject(options, 'options'); - if (options === undefined) options = {}; - assert.optionalString(options.filename, 'options.filename'); - if (options.filename === undefined) options.filename = '(unnamed)'; - - assert.object(formats[format], 'formats[format]'); - - try { - var k = formats[format].read(data, options); - assert.ok(k instanceof PrivateKey, 'key is not a private key'); - if (!k.comment) k.comment = options.filename; - return k; - } catch (e) { - if (e.name === 'KeyEncryptedError') throw e; - throw new KeyParseError(options.filename, format, e); - } - }; - - PrivateKey.isPrivateKey = function (obj, ver) { - return utils.isCompatible(obj, PrivateKey, ver); - }; - - PrivateKey.generate = function (type, options) { - if (options === undefined) options = {}; - assert.object(options, 'options'); - - switch (type) { - case 'ecdsa': - if (options.curve === undefined) options.curve = 'nistp256'; - assert.string(options.curve, 'options.curve'); - return generateECDSA(options.curve); - case 'ed25519': - return generateED25519(); - default: - throw new Error('Key generation not supported with key ' + 'type "' + type + '"'); - } - }; - - /* - * API versions for PrivateKey: - * [1,0] -- initial ver - * [1,1] -- added auto, pkcs[18], openssh/ssh-private formats - * [1,2] -- added defaultHashAlgorithm - * [1,3] -- added derive, ed, createDH - * [1,4] -- first tagged version - * [1,5] -- changed ed25519 part names and format - */ - PrivateKey.prototype._sshpkApiVersion = [1, 5]; - - PrivateKey._oldVersionDetect = function (obj) { - assert.func(obj.toPublic); - assert.func(obj.createSign); - if (obj.derive) return [1, 3]; - if (obj.defaultHashAlgorithm) return [1, 2]; - if (obj.formats['auto']) return [1, 1]; - return [1, 0]; - }; - - /***/ - }, - /* 34 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - Object.defineProperty(exports, '__esModule', { - value: true, - }); - exports.wrapLifecycle = exports.run = exports.install = exports.Install = undefined; - - var _extends2; - - function _load_extends() { - return (_extends2 = _interopRequireDefault(__webpack_require__(20))); - } - - var _asyncToGenerator2; - - function _load_asyncToGenerator() { - return (_asyncToGenerator2 = _interopRequireDefault(__webpack_require__(2))); - } - - let install = (exports.install = (() => { - var _ref29 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - config, - reporter, - flags, - lockfile - ) { - yield wrapLifecycle( - config, - flags, - (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - const install = new Install(flags, config, reporter, lockfile); - yield install.init(); - }) - ); - }); - - return function install(_x7, _x8, _x9, _x10) { - return _ref29.apply(this, arguments); - }; - })()); - - let run = (exports.run = (() => { - var _ref31 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - config, - reporter, - flags, - args - ) { - let lockfile; - let error = 'installCommandRenamed'; - if (flags.lockfile === false) { - lockfile = new (_lockfile || _load_lockfile()).default(); - } else { - lockfile = yield (_lockfile || _load_lockfile()).default.fromDirectory( - config.lockfileFolder, - reporter - ); - } - - if (args.length) { - const exampleArgs = args.slice(); - - if (flags.saveDev) { - exampleArgs.push('--dev'); - } - if (flags.savePeer) { - exampleArgs.push('--peer'); - } - if (flags.saveOptional) { - exampleArgs.push('--optional'); - } - if (flags.saveExact) { - exampleArgs.push('--exact'); - } - if (flags.saveTilde) { - exampleArgs.push('--tilde'); - } - let command = 'add'; - if (flags.global) { - error = 'globalFlagRemoved'; - command = 'global add'; - } - throw new (_errors || _load_errors()).MessageError( - reporter.lang(error, `yarn ${command} ${exampleArgs.join(' ')}`) - ); - } - - yield install(config, reporter, flags, lockfile); - }); - - return function run(_x11, _x12, _x13, _x14) { - return _ref31.apply(this, arguments); - }; - })()); - - let wrapLifecycle = (exports.wrapLifecycle = (() => { - var _ref32 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - config, - flags, - factory - ) { - yield config.executeLifecycleScript('preinstall'); - - yield factory(); - - // npm behaviour, seems kinda funky but yay compatibility - yield config.executeLifecycleScript('install'); - yield config.executeLifecycleScript('postinstall'); - - if (!config.production) { - if (!config.disablePrepublish) { - yield config.executeLifecycleScript('prepublish'); - } - yield config.executeLifecycleScript('prepare'); - } - }); - - return function wrapLifecycle(_x15, _x16, _x17) { - return _ref32.apply(this, arguments); - }; - })()); - - exports.hasWrapper = hasWrapper; - exports.setFlags = setFlags; - - var _objectPath; - - function _load_objectPath() { - return (_objectPath = _interopRequireDefault(__webpack_require__(304))); - } - - var _hooks; - - function _load_hooks() { - return (_hooks = __webpack_require__(368)); - } - - var _index; - - function _load_index() { - return (_index = _interopRequireDefault(__webpack_require__(218))); - } - - var _errors; - - function _load_errors() { - return (_errors = __webpack_require__(6)); - } - - var _integrityChecker; - - function _load_integrityChecker() { - return (_integrityChecker = _interopRequireDefault(__webpack_require__(206))); - } - - var _lockfile; - - function _load_lockfile() { - return (_lockfile = _interopRequireDefault(__webpack_require__(19))); - } - - var _lockfile2; - - function _load_lockfile2() { - return (_lockfile2 = __webpack_require__(19)); - } - - var _packageFetcher; - - function _load_packageFetcher() { - return (_packageFetcher = _interopRequireWildcard(__webpack_require__(208))); - } - - var _packageInstallScripts; - - function _load_packageInstallScripts() { - return (_packageInstallScripts = _interopRequireDefault(__webpack_require__(525))); - } - - var _packageCompatibility; - - function _load_packageCompatibility() { - return (_packageCompatibility = _interopRequireWildcard(__webpack_require__(207))); - } - - var _packageResolver; - - function _load_packageResolver() { - return (_packageResolver = _interopRequireDefault(__webpack_require__(360))); - } - - var _packageLinker; - - function _load_packageLinker() { - return (_packageLinker = _interopRequireDefault(__webpack_require__(209))); - } - - var _index2; - - function _load_index2() { - return (_index2 = __webpack_require__(58)); - } - - var _index3; - - function _load_index3() { - return (_index3 = __webpack_require__(78)); - } - - var _autoclean; - - function _load_autoclean() { - return (_autoclean = __webpack_require__(348)); - } - - var _constants; - - function _load_constants() { - return (_constants = _interopRequireWildcard(__webpack_require__(8))); - } - - var _normalizePattern; - - function _load_normalizePattern() { - return (_normalizePattern = __webpack_require__(37)); - } - - var _fs; - - function _load_fs() { - return (_fs = _interopRequireWildcard(__webpack_require__(5))); - } - - var _map; - - function _load_map() { - return (_map = _interopRequireDefault(__webpack_require__(29))); - } - - var _yarnVersion; - - function _load_yarnVersion() { - return (_yarnVersion = __webpack_require__(105)); - } - - var _generatePnpMap; - - function _load_generatePnpMap() { - return (_generatePnpMap = __webpack_require__(547)); - } - - var _workspaceLayout; - - function _load_workspaceLayout() { - return (_workspaceLayout = _interopRequireDefault(__webpack_require__(90))); - } - - var _resolutionMap; - - function _load_resolutionMap() { - return (_resolutionMap = _interopRequireDefault(__webpack_require__(212))); - } - - var _guessName; - - function _load_guessName() { - return (_guessName = _interopRequireDefault(__webpack_require__(169))); - } - - var _audit; - - function _load_audit() { - return (_audit = _interopRequireDefault(__webpack_require__(347))); - } - - function _interopRequireWildcard(obj) { - if (obj && obj.__esModule) { - return obj; - } else { - var newObj = {}; - if (obj != null) { - for (var key in obj) { - if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; - } - } - newObj.default = obj; - return newObj; - } - } - - function _interopRequireDefault(obj) { - return obj && obj.__esModule ? obj : { default: obj }; - } - - const deepEqual = __webpack_require__(599); - - const emoji = __webpack_require__(302); - const invariant = __webpack_require__(9); - const path = __webpack_require__(0); - const semver = __webpack_require__(22); - const uuid = __webpack_require__(120); - const ssri = __webpack_require__(65); - - const ONE_DAY = 1000 * 60 * 60 * 24; - - /** - * Try and detect the installation method for Yarn and provide a command to update it with. - */ - - function getUpdateCommand(installationMethod) { - if (installationMethod === 'tar') { - return `curl --compressed -o- -L ${(_constants || _load_constants()).YARN_INSTALLER_SH} | bash`; - } - - if (installationMethod === 'homebrew') { - return 'brew upgrade yarn'; - } - - if (installationMethod === 'deb') { - return 'sudo apt-get update && sudo apt-get install yarn'; - } - - if (installationMethod === 'rpm') { - return 'sudo yum install yarn'; - } - - if (installationMethod === 'npm') { - return 'npm install --global yarn'; - } - - if (installationMethod === 'chocolatey') { - return 'choco upgrade yarn'; - } - - if (installationMethod === 'apk') { - return 'apk update && apk add -u yarn'; - } - - if (installationMethod === 'portage') { - return 'sudo emerge --sync && sudo emerge -au sys-apps/yarn'; - } - - return null; - } - - function getUpdateInstaller(installationMethod) { - // Windows - if (installationMethod === 'msi') { - return (_constants || _load_constants()).YARN_INSTALLER_MSI; - } - - return null; - } - - function normalizeFlags(config, rawFlags) { - const flags = { - // install - har: !!rawFlags.har, - ignorePlatform: !!rawFlags.ignorePlatform, - ignoreEngines: !!rawFlags.ignoreEngines, - ignoreScripts: !!rawFlags.ignoreScripts, - ignoreOptional: !!rawFlags.ignoreOptional, - force: !!rawFlags.force, - flat: !!rawFlags.flat, - lockfile: rawFlags.lockfile !== false, - pureLockfile: !!rawFlags.pureLockfile, - updateChecksums: !!rawFlags.updateChecksums, - skipIntegrityCheck: !!rawFlags.skipIntegrityCheck, - frozenLockfile: !!rawFlags.frozenLockfile, - linkDuplicates: !!rawFlags.linkDuplicates, - checkFiles: !!rawFlags.checkFiles, - audit: !!rawFlags.audit, - - // add - peer: !!rawFlags.peer, - dev: !!rawFlags.dev, - optional: !!rawFlags.optional, - exact: !!rawFlags.exact, - tilde: !!rawFlags.tilde, - ignoreWorkspaceRootCheck: !!rawFlags.ignoreWorkspaceRootCheck, - - // outdated, update-interactive - includeWorkspaceDeps: !!rawFlags.includeWorkspaceDeps, - - // add, remove, update - workspaceRootIsCwd: rawFlags.workspaceRootIsCwd !== false, - }; - - if (config.getOption('ignore-scripts')) { - flags.ignoreScripts = true; - } - - if (config.getOption('ignore-platform')) { - flags.ignorePlatform = true; - } - - if (config.getOption('ignore-engines')) { - flags.ignoreEngines = true; - } - - if (config.getOption('ignore-optional')) { - flags.ignoreOptional = true; - } - - if (config.getOption('force')) { - flags.force = true; - } - - return flags; - } - - class Install { - constructor(flags, config, reporter, lockfile) { - this.rootManifestRegistries = []; - this.rootPatternsToOrigin = (0, (_map || _load_map()).default)(); - this.lockfile = lockfile; - this.reporter = reporter; - this.config = config; - this.flags = normalizeFlags(config, flags); - this.resolutions = (0, (_map || _load_map()).default)(); // Legacy resolutions field used for flat install mode - this.resolutionMap = new (_resolutionMap || _load_resolutionMap()).default(config); // Selective resolutions for nested dependencies - this.resolver = new (_packageResolver || _load_packageResolver()).default( - config, - lockfile, - this.resolutionMap - ); - this.integrityChecker = new (_integrityChecker || _load_integrityChecker()).default(config); - this.linker = new (_packageLinker || _load_packageLinker()).default(config, this.resolver); - this.scripts = new (_packageInstallScripts || _load_packageInstallScripts()).default( - config, - this.resolver, - this.flags.force - ); - } - - /** - * Create a list of dependency requests from the current directories manifests. - */ - - fetchRequestFromCwd(excludePatterns = [], ignoreUnusedPatterns = false) { - var _this = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - const patterns = []; - const deps = []; - let resolutionDeps = []; - const manifest = {}; - - const ignorePatterns = []; - const usedPatterns = []; - let workspaceLayout; - - // some commands should always run in the context of the entire workspace - const cwd = - _this.flags.includeWorkspaceDeps || _this.flags.workspaceRootIsCwd - ? _this.config.lockfileFolder - : _this.config.cwd; - - // non-workspaces are always root, otherwise check for workspace root - const cwdIsRoot = !_this.config.workspaceRootFolder || _this.config.lockfileFolder === cwd; - - // exclude package names that are in install args - const excludeNames = []; - for ( - var _iterator = excludePatterns, - _isArray = Array.isArray(_iterator), - _i = 0, - _iterator = _isArray ? _iterator : _iterator[Symbol.iterator](); - ; - - ) { - var _ref; - - if (_isArray) { - if (_i >= _iterator.length) break; - _ref = _iterator[_i++]; - } else { - _i = _iterator.next(); - if (_i.done) break; - _ref = _i.value; - } - - const pattern = _ref; - - if ((0, (_index3 || _load_index3()).getExoticResolver)(pattern)) { - excludeNames.push((0, (_guessName || _load_guessName()).default)(pattern)); - } else { - // extract the name - const parts = (0, (_normalizePattern || _load_normalizePattern()).normalizePattern)(pattern); - excludeNames.push(parts.name); - } - } - - const stripExcluded = function stripExcluded(manifest) { - for ( - var _iterator2 = excludeNames, - _isArray2 = Array.isArray(_iterator2), - _i2 = 0, - _iterator2 = _isArray2 ? _iterator2 : _iterator2[Symbol.iterator](); - ; - - ) { - var _ref2; - - if (_isArray2) { - if (_i2 >= _iterator2.length) break; - _ref2 = _iterator2[_i2++]; - } else { - _i2 = _iterator2.next(); - if (_i2.done) break; - _ref2 = _i2.value; - } - - const exclude = _ref2; - - if (manifest.dependencies && manifest.dependencies[exclude]) { - delete manifest.dependencies[exclude]; - } - if (manifest.devDependencies && manifest.devDependencies[exclude]) { - delete manifest.devDependencies[exclude]; - } - if (manifest.optionalDependencies && manifest.optionalDependencies[exclude]) { - delete manifest.optionalDependencies[exclude]; - } - } - }; - - for ( - var _iterator3 = Object.keys((_index2 || _load_index2()).registries), - _isArray3 = Array.isArray(_iterator3), - _i3 = 0, - _iterator3 = _isArray3 ? _iterator3 : _iterator3[Symbol.iterator](); - ; - - ) { - var _ref3; - - if (_isArray3) { - if (_i3 >= _iterator3.length) break; - _ref3 = _iterator3[_i3++]; - } else { - _i3 = _iterator3.next(); - if (_i3.done) break; - _ref3 = _i3.value; - } - - const registry = _ref3; - - const filename = (_index2 || _load_index2()).registries[registry].filename; - - const loc = path.join(cwd, filename); - if (!(yield (_fs || _load_fs()).exists(loc))) { - continue; - } - - _this.rootManifestRegistries.push(registry); - - const projectManifestJson = yield _this.config.readJson(loc); - yield (0, (_index || _load_index()).default)(projectManifestJson, cwd, _this.config, cwdIsRoot); - - Object.assign(_this.resolutions, projectManifestJson.resolutions); - Object.assign(manifest, projectManifestJson); - - _this.resolutionMap.init(_this.resolutions); - for ( - var _iterator4 = Object.keys(_this.resolutionMap.resolutionsByPackage), - _isArray4 = Array.isArray(_iterator4), - _i4 = 0, - _iterator4 = _isArray4 ? _iterator4 : _iterator4[Symbol.iterator](); - ; - - ) { - var _ref4; - - if (_isArray4) { - if (_i4 >= _iterator4.length) break; - _ref4 = _iterator4[_i4++]; - } else { - _i4 = _iterator4.next(); - if (_i4.done) break; - _ref4 = _i4.value; - } - - const packageName = _ref4; - - const optional = - (_objectPath || _load_objectPath()).default.has( - manifest.optionalDependencies, - packageName - ) && _this.flags.ignoreOptional; - for ( - var _iterator8 = _this.resolutionMap.resolutionsByPackage[packageName], - _isArray8 = Array.isArray(_iterator8), - _i8 = 0, - _iterator8 = _isArray8 ? _iterator8 : _iterator8[Symbol.iterator](); - ; - - ) { - var _ref9; - - if (_isArray8) { - if (_i8 >= _iterator8.length) break; - _ref9 = _iterator8[_i8++]; - } else { - _i8 = _iterator8.next(); - if (_i8.done) break; - _ref9 = _i8.value; - } - - const _ref8 = _ref9; - const pattern = _ref8.pattern; - - resolutionDeps = [...resolutionDeps, { registry, pattern, optional, hint: 'resolution' }]; - } - } - - const pushDeps = function pushDeps(depType, manifest, { hint, optional }, isUsed) { - if (ignoreUnusedPatterns && !isUsed) { - return; - } - // We only take unused dependencies into consideration to get deterministic hoisting. - // Since flat mode doesn't care about hoisting and everything is top level and specified then we can safely - // leave these out. - if (_this.flags.flat && !isUsed) { - return; - } - const depMap = manifest[depType]; - for (const name in depMap) { - if (excludeNames.indexOf(name) >= 0) { - continue; - } - - let pattern = name; - if (!_this.lockfile.getLocked(pattern)) { - // when we use --save we save the dependency to the lockfile with just the name rather than the - // version combo - pattern += '@' + depMap[name]; - } - - // normalization made sure packages are mentioned only once - if (isUsed) { - usedPatterns.push(pattern); - } else { - ignorePatterns.push(pattern); - } - - _this.rootPatternsToOrigin[pattern] = depType; - patterns.push(pattern); - deps.push({ - pattern, - registry, - hint, - optional, - workspaceName: manifest.name, - workspaceLoc: manifest._loc, - }); - } - }; - - if (cwdIsRoot) { - pushDeps('dependencies', projectManifestJson, { hint: null, optional: false }, true); - pushDeps( - 'devDependencies', - projectManifestJson, - { hint: 'dev', optional: false }, - !_this.config.production - ); - pushDeps( - 'optionalDependencies', - projectManifestJson, - { hint: 'optional', optional: true }, - true - ); - } - - if (_this.config.workspaceRootFolder) { - const workspaceLoc = cwdIsRoot ? loc : path.join(_this.config.lockfileFolder, filename); - const workspacesRoot = path.dirname(workspaceLoc); - - let workspaceManifestJson = projectManifestJson; - if (!cwdIsRoot) { - // the manifest we read before was a child workspace, so get the root - workspaceManifestJson = yield _this.config.readJson(workspaceLoc); - yield (0, (_index || _load_index()).default)( - workspaceManifestJson, - workspacesRoot, - _this.config, - true - ); - } - - const workspaces = yield _this.config.resolveWorkspaces( - workspacesRoot, - workspaceManifestJson - ); - workspaceLayout = new (_workspaceLayout || _load_workspaceLayout()).default( - workspaces, - _this.config - ); - - // add virtual manifest that depends on all workspaces, this way package hoisters and resolvers will work fine - const workspaceDependencies = (0, (_extends2 || _load_extends()).default)( - {}, - workspaceManifestJson.dependencies - ); - for ( - var _iterator5 = Object.keys(workspaces), - _isArray5 = Array.isArray(_iterator5), - _i5 = 0, - _iterator5 = _isArray5 ? _iterator5 : _iterator5[Symbol.iterator](); - ; - - ) { - var _ref5; - - if (_isArray5) { - if (_i5 >= _iterator5.length) break; - _ref5 = _iterator5[_i5++]; - } else { - _i5 = _iterator5.next(); - if (_i5.done) break; - _ref5 = _i5.value; - } - - const workspaceName = _ref5; - - const workspaceManifest = workspaces[workspaceName].manifest; - workspaceDependencies[workspaceName] = workspaceManifest.version; - - // include dependencies from all workspaces - if (_this.flags.includeWorkspaceDeps) { - pushDeps('dependencies', workspaceManifest, { hint: null, optional: false }, true); - pushDeps( - 'devDependencies', - workspaceManifest, - { hint: 'dev', optional: false }, - !_this.config.production - ); - pushDeps( - 'optionalDependencies', - workspaceManifest, - { hint: 'optional', optional: true }, - true - ); - } - } - const virtualDependencyManifest = { - _uid: '', - name: `workspace-aggregator-${uuid.v4()}`, - version: '1.0.0', - _registry: 'npm', - _loc: workspacesRoot, - dependencies: workspaceDependencies, - devDependencies: (0, (_extends2 || _load_extends()).default)( - {}, - workspaceManifestJson.devDependencies - ), - optionalDependencies: (0, (_extends2 || _load_extends()).default)( - {}, - workspaceManifestJson.optionalDependencies - ), - private: workspaceManifestJson.private, - workspaces: workspaceManifestJson.workspaces, - }; - workspaceLayout.virtualManifestName = virtualDependencyManifest.name; - const virtualDep = {}; - virtualDep[virtualDependencyManifest.name] = virtualDependencyManifest.version; - workspaces[virtualDependencyManifest.name] = { - loc: workspacesRoot, - manifest: virtualDependencyManifest, - }; - - // ensure dependencies that should be excluded are stripped from the correct manifest - stripExcluded( - cwdIsRoot ? virtualDependencyManifest : workspaces[projectManifestJson.name].manifest - ); - - pushDeps( - 'workspaces', - { workspaces: virtualDep }, - { hint: 'workspaces', optional: false }, - true - ); - - const implicitWorkspaceDependencies = (0, (_extends2 || _load_extends()).default)( - {}, - workspaceDependencies - ); - - for ( - var _iterator6 = (_constants || _load_constants()).OWNED_DEPENDENCY_TYPES, - _isArray6 = Array.isArray(_iterator6), - _i6 = 0, - _iterator6 = _isArray6 ? _iterator6 : _iterator6[Symbol.iterator](); - ; - - ) { - var _ref6; - - if (_isArray6) { - if (_i6 >= _iterator6.length) break; - _ref6 = _iterator6[_i6++]; - } else { - _i6 = _iterator6.next(); - if (_i6.done) break; - _ref6 = _i6.value; - } - - const type = _ref6; - - for ( - var _iterator7 = Object.keys(projectManifestJson[type] || {}), - _isArray7 = Array.isArray(_iterator7), - _i7 = 0, - _iterator7 = _isArray7 ? _iterator7 : _iterator7[Symbol.iterator](); - ; - - ) { - var _ref7; - - if (_isArray7) { - if (_i7 >= _iterator7.length) break; - _ref7 = _iterator7[_i7++]; - } else { - _i7 = _iterator7.next(); - if (_i7.done) break; - _ref7 = _i7.value; - } - - const dependencyName = _ref7; - - delete implicitWorkspaceDependencies[dependencyName]; - } - } - - pushDeps( - 'dependencies', - { dependencies: implicitWorkspaceDependencies }, - { hint: 'workspaces', optional: false }, - true - ); - } - - break; - } - - // inherit root flat flag - if (manifest.flat) { - _this.flags.flat = true; - } - - return { - requests: [...resolutionDeps, ...deps], - patterns, - manifest, - usedPatterns, - ignorePatterns, - workspaceLayout, - }; - })(); - } - - /** - * TODO description - */ - - prepareRequests(requests) { - return requests; - } - - preparePatterns(patterns) { - return patterns; - } - preparePatternsForLinking(patterns, cwdManifest, cwdIsRoot) { - return patterns; - } - - prepareManifests() { - var _this2 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - const manifests = yield _this2.config.getRootManifests(); - return manifests; - })(); - } - - bailout(patterns, workspaceLayout) { - var _this3 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - // We don't want to skip the audit - it could yield important errors - if (_this3.flags.audit) { - return false; - } - // PNP is so fast that the integrity check isn't pertinent - if (_this3.config.plugnplayEnabled) { - return false; - } - if (_this3.flags.skipIntegrityCheck || _this3.flags.force) { - return false; - } - const lockfileCache = _this3.lockfile.cache; - if (!lockfileCache) { - return false; - } - const lockfileClean = _this3.lockfile.parseResultType === 'success'; - const match = yield _this3.integrityChecker.check( - patterns, - lockfileCache, - _this3.flags, - workspaceLayout - ); - if (_this3.flags.frozenLockfile && (!lockfileClean || match.missingPatterns.length > 0)) { - throw new (_errors || _load_errors()).MessageError(_this3.reporter.lang('frozenLockfileError')); - } - - const haveLockfile = yield (_fs || _load_fs()).exists( - path.join(_this3.config.lockfileFolder, (_constants || _load_constants()).LOCKFILE_FILENAME) - ); - - const lockfileIntegrityPresent = !_this3.lockfile.hasEntriesExistWithoutIntegrity(); - const integrityBailout = lockfileIntegrityPresent || !_this3.config.autoAddIntegrity; - - if (match.integrityMatches && haveLockfile && lockfileClean && integrityBailout) { - _this3.reporter.success(_this3.reporter.lang('upToDate')); - return true; - } - - if (match.integrityFileMissing && haveLockfile) { - // Integrity file missing, force script installations - _this3.scripts.setForce(true); - return false; - } - - if (match.hardRefreshRequired) { - // e.g. node version doesn't match, force script installations - _this3.scripts.setForce(true); - return false; - } - - if (!patterns.length && !match.integrityFileMissing) { - _this3.reporter.success(_this3.reporter.lang('nothingToInstall')); - yield _this3.createEmptyManifestFolders(); - yield _this3.saveLockfileAndIntegrity(patterns, workspaceLayout); - return true; - } - - return false; - })(); - } - - /** - * Produce empty folders for all used root manifests. - */ - - createEmptyManifestFolders() { - var _this4 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - if (_this4.config.modulesFolder) { - // already created - return; - } - - for ( - var _iterator9 = _this4.rootManifestRegistries, - _isArray9 = Array.isArray(_iterator9), - _i9 = 0, - _iterator9 = _isArray9 ? _iterator9 : _iterator9[Symbol.iterator](); - ; - - ) { - var _ref10; - - if (_isArray9) { - if (_i9 >= _iterator9.length) break; - _ref10 = _iterator9[_i9++]; - } else { - _i9 = _iterator9.next(); - if (_i9.done) break; - _ref10 = _i9.value; - } - - const registryName = _ref10; - const folder = _this4.config.registries[registryName].folder; - - yield (_fs || _load_fs()).mkdirp(path.join(_this4.config.lockfileFolder, folder)); - } - })(); - } - - /** - * TODO description - */ - - markIgnored(patterns) { - for ( - var _iterator10 = patterns, - _isArray10 = Array.isArray(_iterator10), - _i10 = 0, - _iterator10 = _isArray10 ? _iterator10 : _iterator10[Symbol.iterator](); - ; - - ) { - var _ref11; - - if (_isArray10) { - if (_i10 >= _iterator10.length) break; - _ref11 = _iterator10[_i10++]; - } else { - _i10 = _iterator10.next(); - if (_i10.done) break; - _ref11 = _i10.value; - } - - const pattern = _ref11; - - const manifest = this.resolver.getStrictResolvedPattern(pattern); - const ref = manifest._reference; - invariant(ref, 'expected package reference'); - - // just mark the package as ignored. if the package is used by a required package, the hoister - // will take care of that. - ref.ignore = true; - } - } - - /** - * helper method that gets only recent manifests - * used by global.ls command - */ - getFlattenedDeps() { - var _this5 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - var _ref12 = yield _this5.fetchRequestFromCwd(); - - const depRequests = _ref12.requests, - rawPatterns = _ref12.patterns; - - yield _this5.resolver.init(depRequests, {}); - - const manifests = yield (_packageFetcher || _load_packageFetcher()).fetch( - _this5.resolver.getManifests(), - _this5.config - ); - _this5.resolver.updateManifests(manifests); - - return _this5.flatten(rawPatterns); - })(); - } - - /** - * TODO description - */ - - init() { - var _this6 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - _this6.checkUpdate(); - - // warn if we have a shrinkwrap - if ( - yield (_fs || _load_fs()).exists( - path.join( - _this6.config.lockfileFolder, - (_constants || _load_constants()).NPM_SHRINKWRAP_FILENAME - ) - ) - ) { - _this6.reporter.warn(_this6.reporter.lang('shrinkwrapWarning')); - } - - // warn if we have an npm lockfile - if ( - yield (_fs || _load_fs()).exists( - path.join(_this6.config.lockfileFolder, (_constants || _load_constants()).NPM_LOCK_FILENAME) - ) - ) { - _this6.reporter.warn(_this6.reporter.lang('npmLockfileWarning')); - } - - if (_this6.config.plugnplayEnabled) { - _this6.reporter.info(_this6.reporter.lang('plugnplaySuggestV2L1')); - _this6.reporter.info(_this6.reporter.lang('plugnplaySuggestV2L2')); - } - - let flattenedTopLevelPatterns = []; - const steps = []; - - var _ref13 = yield _this6.fetchRequestFromCwd(); - - const depRequests = _ref13.requests, - rawPatterns = _ref13.patterns, - ignorePatterns = _ref13.ignorePatterns, - workspaceLayout = _ref13.workspaceLayout, - manifest = _ref13.manifest; - - let topLevelPatterns = []; - - const artifacts = yield _this6.integrityChecker.getArtifacts(); - if (artifacts) { - _this6.linker.setArtifacts(artifacts); - _this6.scripts.setArtifacts(artifacts); - } - - if ((_packageCompatibility || _load_packageCompatibility()).shouldCheck(manifest, _this6.flags)) { - steps.push( - (() => { - var _ref14 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - curr, - total - ) { - _this6.reporter.step( - curr, - total, - _this6.reporter.lang('checkingManifest'), - emoji.get('mag') - ); - yield _this6.checkCompatibility(); - }); - - return function (_x, _x2) { - return _ref14.apply(this, arguments); - }; - })() - ); - } - - const audit = new (_audit || _load_audit()).default(_this6.config, _this6.reporter, { - groups: (_constants || _load_constants()).OWNED_DEPENDENCY_TYPES, - }); - let auditFoundProblems = false; - - steps.push(function (curr, total) { - return (0, (_hooks || _load_hooks()).callThroughHook)( - 'resolveStep', - (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - _this6.reporter.step( - curr, - total, - _this6.reporter.lang('resolvingPackages'), - emoji.get('mag') - ); - yield _this6.resolver.init(_this6.prepareRequests(depRequests), { - isFlat: _this6.flags.flat, - isFrozen: _this6.flags.frozenLockfile, - workspaceLayout, - }); - topLevelPatterns = _this6.preparePatterns(rawPatterns); - flattenedTopLevelPatterns = yield _this6.flatten(topLevelPatterns); - return { - bailout: !_this6.flags.audit && (yield _this6.bailout(topLevelPatterns, workspaceLayout)), - }; - }) - ); - }); - - if (_this6.flags.audit) { - steps.push(function (curr, total) { - return (0, (_hooks || _load_hooks()).callThroughHook)( - 'auditStep', - (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - _this6.reporter.step(curr, total, _this6.reporter.lang('auditRunning'), emoji.get('mag')); - if (_this6.flags.offline) { - _this6.reporter.warn(_this6.reporter.lang('auditOffline')); - return { bailout: false }; - } - const preparedManifests = yield _this6.prepareManifests(); - // $FlowFixMe - Flow considers `m` in the map operation to be "mixed", so does not recognize `m.object` - const mergedManifest = Object.assign( - {}, - ...Object.values(preparedManifests).map(function (m) { - return m.object; - }) - ); - const auditVulnerabilityCounts = yield audit.performAudit( - mergedManifest, - _this6.lockfile, - _this6.resolver, - _this6.linker, - topLevelPatterns - ); - auditFoundProblems = - auditVulnerabilityCounts.info || - auditVulnerabilityCounts.low || - auditVulnerabilityCounts.moderate || - auditVulnerabilityCounts.high || - auditVulnerabilityCounts.critical; - return { bailout: yield _this6.bailout(topLevelPatterns, workspaceLayout) }; - }) - ); - }); - } - - steps.push(function (curr, total) { - return (0, (_hooks || _load_hooks()).callThroughHook)( - 'fetchStep', - (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - _this6.markIgnored(ignorePatterns); - _this6.reporter.step( - curr, - total, - _this6.reporter.lang('fetchingPackages'), - emoji.get('truck') - ); - const manifests = yield (_packageFetcher || _load_packageFetcher()).fetch( - _this6.resolver.getManifests(), - _this6.config - ); - _this6.resolver.updateManifests(manifests); - yield (_packageCompatibility || _load_packageCompatibility()).check( - _this6.resolver.getManifests(), - _this6.config, - _this6.flags.ignoreEngines - ); - }) - ); - }); - - steps.push(function (curr, total) { - return (0, (_hooks || _load_hooks()).callThroughHook)( - 'linkStep', - (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - // remove integrity hash to make this operation atomic - yield _this6.integrityChecker.removeIntegrityFile(); - _this6.reporter.step( - curr, - total, - _this6.reporter.lang('linkingDependencies'), - emoji.get('link') - ); - flattenedTopLevelPatterns = _this6.preparePatternsForLinking( - flattenedTopLevelPatterns, - manifest, - _this6.config.lockfileFolder === _this6.config.cwd - ); - yield _this6.linker.init(flattenedTopLevelPatterns, workspaceLayout, { - linkDuplicates: _this6.flags.linkDuplicates, - ignoreOptional: _this6.flags.ignoreOptional, - }); - }) - ); - }); - - if (_this6.config.plugnplayEnabled) { - steps.push(function (curr, total) { - return (0, (_hooks || _load_hooks()).callThroughHook)( - 'pnpStep', - (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - const pnpPath = `${_this6.config.lockfileFolder}/${ - (_constants || _load_constants()).PNP_FILENAME - }`; - - const code = yield (0, (_generatePnpMap || _load_generatePnpMap()).generatePnpMap)( - _this6.config, - flattenedTopLevelPatterns, - { - resolver: _this6.resolver, - reporter: _this6.reporter, - targetPath: pnpPath, - workspaceLayout, - } - ); - - try { - const file = yield (_fs || _load_fs()).readFile(pnpPath); - if (file === code) { - return; - } - } catch (error) {} - - yield (_fs || _load_fs()).writeFile(pnpPath, code); - yield (_fs || _load_fs()).chmod(pnpPath, 0o755); - }) - ); - }); - } - - steps.push(function (curr, total) { - return (0, (_hooks || _load_hooks()).callThroughHook)( - 'buildStep', - (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - _this6.reporter.step( - curr, - total, - _this6.flags.force - ? _this6.reporter.lang('rebuildingPackages') - : _this6.reporter.lang('buildingFreshPackages'), - emoji.get('hammer') - ); - - if (_this6.config.ignoreScripts) { - _this6.reporter.warn(_this6.reporter.lang('ignoredScripts')); - } else { - yield _this6.scripts.init(flattenedTopLevelPatterns); - } - }) - ); - }); - - if (_this6.flags.har) { - steps.push( - (() => { - var _ref21 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - curr, - total - ) { - const formattedDate = new Date().toISOString().replace(/:/g, '-'); - const filename = `yarn-install_${formattedDate}.har`; - _this6.reporter.step( - curr, - total, - _this6.reporter.lang('savingHar', filename), - emoji.get('black_circle_for_record') - ); - yield _this6.config.requestManager.saveHar(filename); - }); - - return function (_x3, _x4) { - return _ref21.apply(this, arguments); - }; - })() - ); - } - - if (yield _this6.shouldClean()) { - steps.push( - (() => { - var _ref22 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* ( - curr, - total - ) { - _this6.reporter.step( - curr, - total, - _this6.reporter.lang('cleaningModules'), - emoji.get('recycle') - ); - yield (0, (_autoclean || _load_autoclean()).clean)(_this6.config, _this6.reporter); - }); - - return function (_x5, _x6) { - return _ref22.apply(this, arguments); - }; - })() - ); - } - - let currentStep = 0; - for ( - var _iterator11 = steps, - _isArray11 = Array.isArray(_iterator11), - _i11 = 0, - _iterator11 = _isArray11 ? _iterator11 : _iterator11[Symbol.iterator](); - ; - - ) { - var _ref23; - - if (_isArray11) { - if (_i11 >= _iterator11.length) break; - _ref23 = _iterator11[_i11++]; - } else { - _i11 = _iterator11.next(); - if (_i11.done) break; - _ref23 = _i11.value; - } - - const step = _ref23; - - const stepResult = yield step(++currentStep, steps.length); - if (stepResult && stepResult.bailout) { - if (_this6.flags.audit) { - audit.summary(); - } - if (auditFoundProblems) { - _this6.reporter.warn(_this6.reporter.lang('auditRunAuditForDetails')); - } - _this6.maybeOutputUpdate(); - return flattenedTopLevelPatterns; - } - } - - // fin! - if (_this6.flags.audit) { - audit.summary(); - } - if (auditFoundProblems) { - _this6.reporter.warn(_this6.reporter.lang('auditRunAuditForDetails')); - } - yield _this6.saveLockfileAndIntegrity(topLevelPatterns, workspaceLayout); - yield _this6.persistChanges(); - _this6.maybeOutputUpdate(); - _this6.config.requestManager.clearCache(); - return flattenedTopLevelPatterns; - })(); - } - - checkCompatibility() { - var _this7 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - var _ref24 = yield _this7.fetchRequestFromCwd(); - - const manifest = _ref24.manifest; - - yield (_packageCompatibility || _load_packageCompatibility()).checkOne( - manifest, - _this7.config, - _this7.flags.ignoreEngines - ); - })(); - } - - persistChanges() { - var _this8 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - // get all the different registry manifests in this folder - const manifests = yield _this8.config.getRootManifests(); - - if (yield _this8.applyChanges(manifests)) { - yield _this8.config.saveRootManifests(manifests); - } - })(); - } - - applyChanges(manifests) { - let hasChanged = false; - - if (this.config.plugnplayPersist) { - const object = manifests.npm.object; - - if (typeof object.installConfig !== 'object') { - object.installConfig = {}; - } - - if (this.config.plugnplayEnabled && object.installConfig.pnp !== true) { - object.installConfig.pnp = true; - hasChanged = true; - } else if (!this.config.plugnplayEnabled && typeof object.installConfig.pnp !== 'undefined') { - delete object.installConfig.pnp; - hasChanged = true; - } - - if (Object.keys(object.installConfig).length === 0) { - delete object.installConfig; - } - } - - return Promise.resolve(hasChanged); - } - - /** - * Check if we should run the cleaning step. - */ - - shouldClean() { - return (_fs || _load_fs()).exists( - path.join(this.config.lockfileFolder, (_constants || _load_constants()).CLEAN_FILENAME) - ); - } - - /** - * TODO - */ - - flatten(patterns) { - var _this9 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - if (!_this9.flags.flat) { - return patterns; - } - - const flattenedPatterns = []; - - for ( - var _iterator12 = _this9.resolver.getAllDependencyNamesByLevelOrder(patterns), - _isArray12 = Array.isArray(_iterator12), - _i12 = 0, - _iterator12 = _isArray12 ? _iterator12 : _iterator12[Symbol.iterator](); - ; - - ) { - var _ref25; - - if (_isArray12) { - if (_i12 >= _iterator12.length) break; - _ref25 = _iterator12[_i12++]; - } else { - _i12 = _iterator12.next(); - if (_i12.done) break; - _ref25 = _i12.value; - } - - const name = _ref25; - - const infos = _this9.resolver.getAllInfoForPackageName(name).filter(function (manifest) { - const ref = manifest._reference; - invariant(ref, 'expected package reference'); - return !ref.ignore; - }); - - if (infos.length === 0) { - continue; - } - - if (infos.length === 1) { - // single version of this package - // take out a single pattern as multiple patterns may have resolved to this package - flattenedPatterns.push(_this9.resolver.patternsByPackage[name][0]); - continue; - } - - const options = infos.map(function (info) { - const ref = info._reference; - invariant(ref, 'expected reference'); - return { - // TODO `and is required by {PARENT}`, - name: _this9.reporter.lang( - 'manualVersionResolutionOption', - ref.patterns.join(', '), - info.version - ), - - value: info.version, - }; - }); - const versions = infos.map(function (info) { - return info.version; - }); - let version; - - const resolutionVersion = _this9.resolutions[name]; - if (resolutionVersion && versions.indexOf(resolutionVersion) >= 0) { - // use json `resolution` version - version = resolutionVersion; - } else { - version = yield _this9.reporter.select( - _this9.reporter.lang('manualVersionResolution', name), - _this9.reporter.lang('answer'), - options - ); - _this9.resolutions[name] = version; - } - - flattenedPatterns.push(_this9.resolver.collapseAllVersionsOfPackage(name, version)); - } - - // save resolutions to their appropriate root manifest - if (Object.keys(_this9.resolutions).length) { - const manifests = yield _this9.config.getRootManifests(); - - for (const name in _this9.resolutions) { - const version = _this9.resolutions[name]; - - const patterns = _this9.resolver.patternsByPackage[name]; - if (!patterns) { - continue; - } - - let manifest; - for ( - var _iterator13 = patterns, - _isArray13 = Array.isArray(_iterator13), - _i13 = 0, - _iterator13 = _isArray13 ? _iterator13 : _iterator13[Symbol.iterator](); - ; - - ) { - var _ref26; - - if (_isArray13) { - if (_i13 >= _iterator13.length) break; - _ref26 = _iterator13[_i13++]; - } else { - _i13 = _iterator13.next(); - if (_i13.done) break; - _ref26 = _i13.value; - } - - const pattern = _ref26; - - manifest = _this9.resolver.getResolvedPattern(pattern); - if (manifest) { - break; - } - } - invariant(manifest, 'expected manifest'); - - const ref = manifest._reference; - invariant(ref, 'expected reference'); - - const object = manifests[ref.registry].object; - object.resolutions = object.resolutions || {}; - object.resolutions[name] = version; - } - - yield _this9.config.saveRootManifests(manifests); - } - - return flattenedPatterns; - })(); - } - - /** - * Remove offline tarballs that are no longer required - */ - - pruneOfflineMirror(lockfile) { - var _this10 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - const mirror = _this10.config.getOfflineMirrorPath(); - if (!mirror) { - return; - } - - const requiredTarballs = new Set(); - for (const dependency in lockfile) { - const resolved = lockfile[dependency].resolved; - if (resolved) { - const basename = path.basename(resolved.split('#')[0]); - if (dependency[0] === '@' && basename[0] !== '@') { - requiredTarballs.add(`${dependency.split('/')[0]}-${basename}`); - } - requiredTarballs.add(basename); - } - } - - const mirrorFiles = yield (_fs || _load_fs()).walk(mirror); - for ( - var _iterator14 = mirrorFiles, - _isArray14 = Array.isArray(_iterator14), - _i14 = 0, - _iterator14 = _isArray14 ? _iterator14 : _iterator14[Symbol.iterator](); - ; - - ) { - var _ref27; - - if (_isArray14) { - if (_i14 >= _iterator14.length) break; - _ref27 = _iterator14[_i14++]; - } else { - _i14 = _iterator14.next(); - if (_i14.done) break; - _ref27 = _i14.value; - } - - const file = _ref27; - - const isTarball = path.extname(file.basename) === '.tgz'; - // if using experimental-pack-script-packages-in-mirror flag, don't unlink prebuilt packages - const hasPrebuiltPackage = file.relative.startsWith('prebuilt/'); - if (isTarball && !hasPrebuiltPackage && !requiredTarballs.has(file.basename)) { - yield (_fs || _load_fs()).unlink(file.absolute); - } - } - })(); - } - - /** - * Save updated integrity and lockfiles. - */ - - saveLockfileAndIntegrity(patterns, workspaceLayout) { - var _this11 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - const resolvedPatterns = {}; - Object.keys(_this11.resolver.patterns).forEach(function (pattern) { - if (!workspaceLayout || !workspaceLayout.getManifestByPattern(pattern)) { - resolvedPatterns[pattern] = _this11.resolver.patterns[pattern]; - } - }); - - // TODO this code is duplicated in a few places, need a common way to filter out workspace patterns from lockfile - patterns = patterns.filter(function (p) { - return !workspaceLayout || !workspaceLayout.getManifestByPattern(p); - }); - - const lockfileBasedOnResolver = _this11.lockfile.getLockfile(resolvedPatterns); - - if (_this11.config.pruneOfflineMirror) { - yield _this11.pruneOfflineMirror(lockfileBasedOnResolver); - } - - // write integrity hash - if (!_this11.config.plugnplayEnabled) { - yield _this11.integrityChecker.save( - patterns, - lockfileBasedOnResolver, - _this11.flags, - workspaceLayout, - _this11.scripts.getArtifacts() - ); - } - - // --no-lockfile or --pure-lockfile or --frozen-lockfile - if ( - _this11.flags.lockfile === false || - _this11.flags.pureLockfile || - _this11.flags.frozenLockfile - ) { - return; - } - - const lockFileHasAllPatterns = patterns.every(function (p) { - return _this11.lockfile.getLocked(p); - }); - const lockfilePatternsMatch = Object.keys(_this11.lockfile.cache || {}).every(function (p) { - return lockfileBasedOnResolver[p]; - }); - const resolverPatternsAreSameAsInLockfile = Object.keys(lockfileBasedOnResolver).every(function ( - pattern - ) { - const manifest = _this11.lockfile.getLocked(pattern); - return ( - manifest && - manifest.resolved === lockfileBasedOnResolver[pattern].resolved && - deepEqual(manifest.prebuiltVariants, lockfileBasedOnResolver[pattern].prebuiltVariants) - ); - }); - const integrityPatternsAreSameAsInLockfile = Object.keys(lockfileBasedOnResolver).every(function ( - pattern - ) { - const existingIntegrityInfo = lockfileBasedOnResolver[pattern].integrity; - if (!existingIntegrityInfo) { - // if this entry does not have an integrity, no need to re-write the lockfile because of it - return true; - } - const manifest = _this11.lockfile.getLocked(pattern); - if (manifest && manifest.integrity) { - const manifestIntegrity = ssri.stringify(manifest.integrity); - return manifestIntegrity === existingIntegrityInfo; - } - return false; - }); - - // remove command is followed by install with force, lockfile will be rewritten in any case then - if ( - !_this11.flags.force && - _this11.lockfile.parseResultType === 'success' && - lockFileHasAllPatterns && - lockfilePatternsMatch && - resolverPatternsAreSameAsInLockfile && - integrityPatternsAreSameAsInLockfile && - patterns.length - ) { - return; - } - - // build lockfile location - const loc = path.join( - _this11.config.lockfileFolder, - (_constants || _load_constants()).LOCKFILE_FILENAME - ); - - // write lockfile - const lockSource = (0, (_lockfile2 || _load_lockfile2()).stringify)( - lockfileBasedOnResolver, - false, - _this11.config.enableLockfileVersions - ); - yield (_fs || _load_fs()).writeFilePreservingEol(loc, lockSource); - - _this11._logSuccessSaveLockfile(); - })(); - } - - _logSuccessSaveLockfile() { - this.reporter.success(this.reporter.lang('savedLockfile')); - } - - /** - * Load the dependency graph of the current install. Only does package resolving and wont write to the cwd. - */ - hydrate(ignoreUnusedPatterns) { - var _this12 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - const request = yield _this12.fetchRequestFromCwd([], ignoreUnusedPatterns); - const depRequests = request.requests, - rawPatterns = request.patterns, - ignorePatterns = request.ignorePatterns, - workspaceLayout = request.workspaceLayout; - - yield _this12.resolver.init(depRequests, { - isFlat: _this12.flags.flat, - isFrozen: _this12.flags.frozenLockfile, - workspaceLayout, - }); - yield _this12.flatten(rawPatterns); - _this12.markIgnored(ignorePatterns); - - // fetch packages, should hit cache most of the time - const manifests = yield (_packageFetcher || _load_packageFetcher()).fetch( - _this12.resolver.getManifests(), - _this12.config - ); - _this12.resolver.updateManifests(manifests); - yield (_packageCompatibility || _load_packageCompatibility()).check( - _this12.resolver.getManifests(), - _this12.config, - _this12.flags.ignoreEngines - ); - - // expand minimal manifests - for ( - var _iterator15 = _this12.resolver.getManifests(), - _isArray15 = Array.isArray(_iterator15), - _i15 = 0, - _iterator15 = _isArray15 ? _iterator15 : _iterator15[Symbol.iterator](); - ; - - ) { - var _ref28; - - if (_isArray15) { - if (_i15 >= _iterator15.length) break; - _ref28 = _iterator15[_i15++]; - } else { - _i15 = _iterator15.next(); - if (_i15.done) break; - _ref28 = _i15.value; - } - - const manifest = _ref28; - - const ref = manifest._reference; - invariant(ref, 'expected reference'); - const type = ref.remote.type; - // link specifier won't ever hit cache - - let loc = ''; - if (type === 'link') { - continue; - } else if (type === 'workspace') { - if (!ref.remote.reference) { - continue; - } - loc = ref.remote.reference; - } else { - loc = _this12.config.generateModuleCachePath(ref); - } - const newPkg = yield _this12.config.readManifest(loc); - yield _this12.resolver.updateManifest(ref, newPkg); - } - - return request; - })(); - } - - /** - * Check for updates every day and output a nag message if there's a newer version. - */ - - checkUpdate() { - if (this.config.nonInteractive) { - // don't show upgrade dialog on CI or non-TTY terminals - return; - } - - // don't check if disabled - if (this.config.getOption('disable-self-update-check')) { - return; - } - - // only check for updates once a day - const lastUpdateCheck = Number(this.config.getOption('lastUpdateCheck')) || 0; - if (lastUpdateCheck && Date.now() - lastUpdateCheck < ONE_DAY) { - return; - } - - // don't bug for updates on tagged releases - if ((_yarnVersion || _load_yarnVersion()).version.indexOf('-') >= 0) { - return; - } - - this._checkUpdate().catch(() => { - // swallow errors - }); - } - - _checkUpdate() { - var _this13 = this; - - return (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* () { - let latestVersion = yield _this13.config.requestManager.request({ - url: (_constants || _load_constants()).SELF_UPDATE_VERSION_URL, - }); - invariant(typeof latestVersion === 'string', 'expected string'); - latestVersion = latestVersion.trim(); - if (!semver.valid(latestVersion)) { - return; - } - - // ensure we only check for updates periodically - _this13.config.registries.yarn.saveHomeConfig({ - lastUpdateCheck: Date.now(), - }); - - if (semver.gt(latestVersion, (_yarnVersion || _load_yarnVersion()).version)) { - const installationMethod = yield (0, - (_yarnVersion || _load_yarnVersion()).getInstallationMethod)(); - _this13.maybeOutputUpdate = function () { - _this13.reporter.warn( - _this13.reporter.lang( - 'yarnOutdated', - latestVersion, - (_yarnVersion || _load_yarnVersion()).version - ) - ); - - const command = getUpdateCommand(installationMethod); - if (command) { - _this13.reporter.info(_this13.reporter.lang('yarnOutdatedCommand')); - _this13.reporter.command(command); - } else { - const installer = getUpdateInstaller(installationMethod); - if (installer) { - _this13.reporter.info(_this13.reporter.lang('yarnOutdatedInstaller', installer)); - } - } - }; - } - })(); - } - - /** - * Method to override with a possible upgrade message. - */ - - maybeOutputUpdate() {} - } - - exports.Install = Install; - function hasWrapper(commander, args) { - return true; - } - - function setFlags(commander) { - commander.description('Yarn install is used to install all dependencies for a project.'); - commander.usage('install [flags]'); - commander.option('-A, --audit', 'Run vulnerability audit on installed packages'); - commander.option('-g, --global', 'DEPRECATED'); - commander.option('-S, --save', 'DEPRECATED - save package to your `dependencies`'); - commander.option('-D, --save-dev', 'DEPRECATED - save package to your `devDependencies`'); - commander.option('-P, --save-peer', 'DEPRECATED - save package to your `peerDependencies`'); - commander.option('-O, --save-optional', 'DEPRECATED - save package to your `optionalDependencies`'); - commander.option('-E, --save-exact', 'DEPRECATED'); - commander.option('-T, --save-tilde', 'DEPRECATED'); - } - - /***/ - }, - /* 35 */ - /***/ function (module, exports, __webpack_require__) { - var isObject = __webpack_require__(53); - module.exports = function (it) { - if (!isObject(it)) throw TypeError(it + ' is not an object!'); - return it; - }; - - /***/ - }, - /* 36 */ - /***/ function (module, __webpack_exports__, __webpack_require__) { - 'use strict'; - /* harmony export (binding) */ __webpack_require__.d(__webpack_exports__, 'b', function () { - return SubjectSubscriber; - }); - /* harmony export (binding) */ __webpack_require__.d(__webpack_exports__, 'a', function () { - return Subject; - }); - /* unused harmony export AnonymousSubject */ - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_0_tslib__ = __webpack_require__(1); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_1__Observable__ = __webpack_require__(12); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_2__Subscriber__ = __webpack_require__(7); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_3__Subscription__ = __webpack_require__(25); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_4__util_ObjectUnsubscribedError__ = - __webpack_require__(190); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_5__SubjectSubscription__ = __webpack_require__(422); - /* harmony import */ var __WEBPACK_IMPORTED_MODULE_6__internal_symbol_rxSubscriber__ = - __webpack_require__(321); - /** PURE_IMPORTS_START tslib,_Observable,_Subscriber,_Subscription,_util_ObjectUnsubscribedError,_SubjectSubscription,_internal_symbol_rxSubscriber PURE_IMPORTS_END */ - - var SubjectSubscriber = /*@__PURE__*/ (function (_super) { - __WEBPACK_IMPORTED_MODULE_0_tslib__['a' /* __extends */](SubjectSubscriber, _super); - function SubjectSubscriber(destination) { - var _this = _super.call(this, destination) || this; - _this.destination = destination; - return _this; - } - return SubjectSubscriber; - })(__WEBPACK_IMPORTED_MODULE_2__Subscriber__['a' /* Subscriber */]); - - var Subject = /*@__PURE__*/ (function (_super) { - __WEBPACK_IMPORTED_MODULE_0_tslib__['a' /* __extends */](Subject, _super); - function Subject() { - var _this = _super.call(this) || this; - _this.observers = []; - _this.closed = false; - _this.isStopped = false; - _this.hasError = false; - _this.thrownError = null; - return _this; - } - Subject.prototype[ - __WEBPACK_IMPORTED_MODULE_6__internal_symbol_rxSubscriber__['a' /* rxSubscriber */] - ] = function () { - return new SubjectSubscriber(this); - }; - Subject.prototype.lift = function (operator) { - var subject = new AnonymousSubject(this, this); - subject.operator = operator; - return subject; - }; - Subject.prototype.next = function (value) { - if (this.closed) { - throw new __WEBPACK_IMPORTED_MODULE_4__util_ObjectUnsubscribedError__[ - 'a' /* ObjectUnsubscribedError */ - ](); - } - if (!this.isStopped) { - var observers = this.observers; - var len = observers.length; - var copy = observers.slice(); - for (var i = 0; i < len; i++) { - copy[i].next(value); - } - } - }; - Subject.prototype.error = function (err) { - if (this.closed) { - throw new __WEBPACK_IMPORTED_MODULE_4__util_ObjectUnsubscribedError__[ - 'a' /* ObjectUnsubscribedError */ - ](); - } - this.hasError = true; - this.thrownError = err; - this.isStopped = true; - var observers = this.observers; - var len = observers.length; - var copy = observers.slice(); - for (var i = 0; i < len; i++) { - copy[i].error(err); - } - this.observers.length = 0; - }; - Subject.prototype.complete = function () { - if (this.closed) { - throw new __WEBPACK_IMPORTED_MODULE_4__util_ObjectUnsubscribedError__[ - 'a' /* ObjectUnsubscribedError */ - ](); - } - this.isStopped = true; - var observers = this.observers; - var len = observers.length; - var copy = observers.slice(); - for (var i = 0; i < len; i++) { - copy[i].complete(); - } - this.observers.length = 0; - }; - Subject.prototype.unsubscribe = function () { - this.isStopped = true; - this.closed = true; - this.observers = null; - }; - Subject.prototype._trySubscribe = function (subscriber) { - if (this.closed) { - throw new __WEBPACK_IMPORTED_MODULE_4__util_ObjectUnsubscribedError__[ - 'a' /* ObjectUnsubscribedError */ - ](); - } else { - return _super.prototype._trySubscribe.call(this, subscriber); - } - }; - Subject.prototype._subscribe = function (subscriber) { - if (this.closed) { - throw new __WEBPACK_IMPORTED_MODULE_4__util_ObjectUnsubscribedError__[ - 'a' /* ObjectUnsubscribedError */ - ](); - } else if (this.hasError) { - subscriber.error(this.thrownError); - return __WEBPACK_IMPORTED_MODULE_3__Subscription__['a' /* Subscription */].EMPTY; - } else if (this.isStopped) { - subscriber.complete(); - return __WEBPACK_IMPORTED_MODULE_3__Subscription__['a' /* Subscription */].EMPTY; - } else { - this.observers.push(subscriber); - return new __WEBPACK_IMPORTED_MODULE_5__SubjectSubscription__['a' /* SubjectSubscription */]( - this, - subscriber - ); - } - }; - Subject.prototype.asObservable = function () { - var observable = new __WEBPACK_IMPORTED_MODULE_1__Observable__['a' /* Observable */](); - observable.source = this; - return observable; - }; - Subject.create = function (destination, source) { - return new AnonymousSubject(destination, source); - }; - return Subject; - })(__WEBPACK_IMPORTED_MODULE_1__Observable__['a' /* Observable */]); - - var AnonymousSubject = /*@__PURE__*/ (function (_super) { - __WEBPACK_IMPORTED_MODULE_0_tslib__['a' /* __extends */](AnonymousSubject, _super); - function AnonymousSubject(destination, source) { - var _this = _super.call(this) || this; - _this.destination = destination; - _this.source = source; - return _this; - } - AnonymousSubject.prototype.next = function (value) { - var destination = this.destination; - if (destination && destination.next) { - destination.next(value); - } - }; - AnonymousSubject.prototype.error = function (err) { - var destination = this.destination; - if (destination && destination.error) { - this.destination.error(err); - } - }; - AnonymousSubject.prototype.complete = function () { - var destination = this.destination; - if (destination && destination.complete) { - this.destination.complete(); - } - }; - AnonymousSubject.prototype._subscribe = function (subscriber) { - var source = this.source; - if (source) { - return this.source.subscribe(subscriber); - } else { - return __WEBPACK_IMPORTED_MODULE_3__Subscription__['a' /* Subscription */].EMPTY; - } - }; - return AnonymousSubject; - })(Subject); - - //# sourceMappingURL=Subject.js.map - - /***/ - }, - /* 37 */ - /***/ function (module, exports, __webpack_require__) { - 'use strict'; - - Object.defineProperty(exports, '__esModule', { - value: true, - }); - exports.normalizePattern = normalizePattern; - - /** - * Explode and normalize a pattern into its name and range. - */ - - function normalizePattern(pattern) { - let hasVersion = false; - let range = 'latest'; - let name = pattern; - - // if we're a scope then remove the @ and add it back later - let isScoped = false; - if (name[0] === '@') { - isScoped = true; - name = name.slice(1); - } - - // take first part as the name - const parts = name.split('@'); - if (parts.length > 1) { - name = parts.shift(); - range = parts.join('@'); - - if (range) { - hasVersion = true; - } else { - range = '*'; - } - } - - // add back @ scope suffix - if (isScoped) { - name = `@${name}`; - } - - return { name, range, hasVersion }; - } - - /***/ - }, - /* 38 */ - /***/ function (module, exports, __webpack_require__) { - /* WEBPACK VAR INJECTION */ (function (module) { - var __WEBPACK_AMD_DEFINE_RESULT__; - /** - * @license - * Lodash - * Copyright JS Foundation and other contributors - * Released under MIT license - * Based on Underscore.js 1.8.3 - * Copyright Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors - */ - (function () { - /** Used as a safe reference for `undefined` in pre-ES5 environments. */ - var undefined; - - /** Used as the semantic version number. */ - var VERSION = '4.17.10'; - - /** Used as the size to enable large array optimizations. */ - var LARGE_ARRAY_SIZE = 200; - - /** Error message constants. */ - var CORE_ERROR_TEXT = 'Unsupported core-js use. Try https://npms.io/search?q=ponyfill.', - FUNC_ERROR_TEXT = 'Expected a function'; - - /** Used to stand-in for `undefined` hash values. */ - var HASH_UNDEFINED = '__lodash_hash_undefined__'; - - /** Used as the maximum memoize cache size. */ - var MAX_MEMOIZE_SIZE = 500; - - /** Used as the internal argument placeholder. */ - var PLACEHOLDER = '__lodash_placeholder__'; - - /** Used to compose bitmasks for cloning. */ - var CLONE_DEEP_FLAG = 1, - CLONE_FLAT_FLAG = 2, - CLONE_SYMBOLS_FLAG = 4; - - /** Used to compose bitmasks for value comparisons. */ - var COMPARE_PARTIAL_FLAG = 1, - COMPARE_UNORDERED_FLAG = 2; - - /** Used to compose bitmasks for function metadata. */ - var WRAP_BIND_FLAG = 1, - WRAP_BIND_KEY_FLAG = 2, - WRAP_CURRY_BOUND_FLAG = 4, - WRAP_CURRY_FLAG = 8, - WRAP_CURRY_RIGHT_FLAG = 16, - WRAP_PARTIAL_FLAG = 32, - WRAP_PARTIAL_RIGHT_FLAG = 64, - WRAP_ARY_FLAG = 128, - WRAP_REARG_FLAG = 256, - WRAP_FLIP_FLAG = 512; - - /** Used as default options for `_.truncate`. */ - var DEFAULT_TRUNC_LENGTH = 30, - DEFAULT_TRUNC_OMISSION = '...'; - - /** Used to detect hot functions by number of calls within a span of milliseconds. */ - var HOT_COUNT = 800, - HOT_SPAN = 16; - - /** Used to indicate the type of lazy iteratees. */ - var LAZY_FILTER_FLAG = 1, - LAZY_MAP_FLAG = 2, - LAZY_WHILE_FLAG = 3; - - /** Used as references for various `Number` constants. */ - var INFINITY = 1 / 0, - MAX_SAFE_INTEGER = 9007199254740991, - MAX_INTEGER = 1.7976931348623157e308, - NAN = 0 / 0; - - /** Used as references for the maximum length and index of an array. */ - var MAX_ARRAY_LENGTH = 4294967295, - MAX_ARRAY_INDEX = MAX_ARRAY_LENGTH - 1, - HALF_MAX_ARRAY_LENGTH = MAX_ARRAY_LENGTH >>> 1; - - /** Used to associate wrap methods with their bit flags. */ - var wrapFlags = [ - ['ary', WRAP_ARY_FLAG], - ['bind', WRAP_BIND_FLAG], - ['bindKey', WRAP_BIND_KEY_FLAG], - ['curry', WRAP_CURRY_FLAG], - ['curryRight', WRAP_CURRY_RIGHT_FLAG], - ['flip', WRAP_FLIP_FLAG], - ['partial', WRAP_PARTIAL_FLAG], - ['partialRight', WRAP_PARTIAL_RIGHT_FLAG], - ['rearg', WRAP_REARG_FLAG], - ]; - - /** `Object#toString` result references. */ - var argsTag = '[object Arguments]', - arrayTag = '[object Array]', - asyncTag = '[object AsyncFunction]', - boolTag = '[object Boolean]', - dateTag = '[object Date]', - domExcTag = '[object DOMException]', - errorTag = '[object Error]', - funcTag = '[object Function]', - genTag = '[object GeneratorFunction]', - mapTag = '[object Map]', - numberTag = '[object Number]', - nullTag = '[object Null]', - objectTag = '[object Object]', - promiseTag = '[object Promise]', - proxyTag = '[object Proxy]', - regexpTag = '[object RegExp]', - setTag = '[object Set]', - stringTag = '[object String]', - symbolTag = '[object Symbol]', - undefinedTag = '[object Undefined]', - weakMapTag = '[object WeakMap]', - weakSetTag = '[object WeakSet]'; - - var arrayBufferTag = '[object ArrayBuffer]', - dataViewTag = '[object DataView]', - float32Tag = '[object Float32Array]', - float64Tag = '[object Float64Array]', - int8Tag = '[object Int8Array]', - int16Tag = '[object Int16Array]', - int32Tag = '[object Int32Array]', - uint8Tag = '[object Uint8Array]', - uint8ClampedTag = '[object Uint8ClampedArray]', - uint16Tag = '[object Uint16Array]', - uint32Tag = '[object Uint32Array]'; - - /** Used to match empty string literals in compiled template source. */ - var reEmptyStringLeading = /\b__p \+= '';/g, - reEmptyStringMiddle = /\b(__p \+=) '' \+/g, - reEmptyStringTrailing = /(__e\(.*?\)|\b__t\)) \+\n'';/g; - - /** Used to match HTML entities and HTML characters. */ - var reEscapedHtml = /&(?:amp|lt|gt|quot|#39);/g, - reUnescapedHtml = /[&<>"']/g, - reHasEscapedHtml = RegExp(reEscapedHtml.source), - reHasUnescapedHtml = RegExp(reUnescapedHtml.source); - - /** Used to match template delimiters. */ - var reEscape = /<%-([\s\S]+?)%>/g, - reEvaluate = /<%([\s\S]+?)%>/g, - reInterpolate = /<%=([\s\S]+?)%>/g; - - /** Used to match property names within property paths. */ - var reIsDeepProp = /\.|\[(?:[^[\]]*|(["'])(?:(?!\1)[^\\]|\\.)*?\1)\]/, - reIsPlainProp = /^\w*$/, - rePropName = - /[^.[\]]+|\[(?:(-?\d+(?:\.\d+)?)|(["'])((?:(?!\2)[^\\]|\\.)*?)\2)\]|(?=(?:\.|\[\])(?:\.|\[\]|$))/g; - - /** - * Used to match `RegExp` - * [syntax characters](http://ecma-international.org/ecma-262/7.0/#sec-patterns). - */ - var reRegExpChar = /[\\^$.*+?()[\]{}|]/g, - reHasRegExpChar = RegExp(reRegExpChar.source); - - /** Used to match leading and trailing whitespace. */ - var reTrim = /^\s+|\s+$/g, - reTrimStart = /^\s+/, - reTrimEnd = /\s+$/; - - /** Used to match wrap detail comments. */ - var reWrapComment = /\{(?:\n\/\* \[wrapped with .+\] \*\/)?\n?/, - reWrapDetails = /\{\n\/\* \[wrapped with (.+)\] \*/, - reSplitDetails = /,? & /; - - /** Used to match words composed of alphanumeric characters. */ - var reAsciiWord = /[^\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f]+/g; - - /** Used to match backslashes in property paths. */ - var reEscapeChar = /\\(\\)?/g; - - /** - * Used to match - * [ES template delimiters](http://ecma-international.org/ecma-262/7.0/#sec-template-literal-lexical-components). - */ - var reEsTemplate = /\$\{([^\\}]*(?:\\.[^\\}]*)*)\}/g; - - /** Used to match `RegExp` flags from their coerced string values. */ - var reFlags = /\w*$/; - - /** Used to detect bad signed hexadecimal string values. */ - var reIsBadHex = /^[-+]0x[0-9a-f]+$/i; - - /** Used to detect binary string values. */ - var reIsBinary = /^0b[01]+$/i; - - /** Used to detect host constructors (Safari). */ - var reIsHostCtor = /^\[object .+?Constructor\]$/; - - /** Used to detect octal string values. */ - var reIsOctal = /^0o[0-7]+$/i; - - /** Used to detect unsigned integer values. */ - var reIsUint = /^(?:0|[1-9]\d*)$/; - - /** Used to match Latin Unicode letters (excluding mathematical operators). */ - var reLatin = /[\xc0-\xd6\xd8-\xf6\xf8-\xff\u0100-\u017f]/g; - - /** Used to ensure capturing order of template delimiters. */ - var reNoMatch = /($^)/; - - /** Used to match unescaped characters in compiled string literals. */ - var reUnescapedString = /['\n\r\u2028\u2029\\]/g; - - /** Used to compose unicode character classes. */ - var rsAstralRange = '\\ud800-\\udfff', - rsComboMarksRange = '\\u0300-\\u036f', - reComboHalfMarksRange = '\\ufe20-\\ufe2f', - rsComboSymbolsRange = '\\u20d0-\\u20ff', - rsComboRange = rsComboMarksRange + reComboHalfMarksRange + rsComboSymbolsRange, - rsDingbatRange = '\\u2700-\\u27bf', - rsLowerRange = 'a-z\\xdf-\\xf6\\xf8-\\xff', - rsMathOpRange = '\\xac\\xb1\\xd7\\xf7', - rsNonCharRange = '\\x00-\\x2f\\x3a-\\x40\\x5b-\\x60\\x7b-\\xbf', - rsPunctuationRange = '\\u2000-\\u206f', - rsSpaceRange = - ' \\t\\x0b\\f\\xa0\\ufeff\\n\\r\\u2028\\u2029\\u1680\\u180e\\u2000\\u2001\\u2002\\u2003\\u2004\\u2005\\u2006\\u2007\\u2008\\u2009\\u200a\\u202f\\u205f\\u3000', - rsUpperRange = 'A-Z\\xc0-\\xd6\\xd8-\\xde', - rsVarRange = '\\ufe0e\\ufe0f', - rsBreakRange = rsMathOpRange + rsNonCharRange + rsPunctuationRange + rsSpaceRange; - - /** Used to compose unicode capture groups. */ - var rsApos = "['\u2019]", - rsAstral = '[' + rsAstralRange + ']', - rsBreak = '[' + rsBreakRange + ']', - rsCombo = '[' + rsComboRange + ']', - rsDigits = '\\d+', - rsDingbat = '[' + rsDingbatRange + ']', - rsLower = '[' + rsLowerRange + ']', - rsMisc = - '[^' + - rsAstralRange + - rsBreakRange + - rsDigits + - rsDingbatRange + - rsLowerRange + - rsUpperRange + - ']', - rsFitz = '\\ud83c[\\udffb-\\udfff]', - rsModifier = '(?:' + rsCombo + '|' + rsFitz + ')', - rsNonAstral = '[^' + rsAstralRange + ']', - rsRegional = '(?:\\ud83c[\\udde6-\\uddff]){2}', - rsSurrPair = '[\\ud800-\\udbff][\\udc00-\\udfff]', - rsUpper = '[' + rsUpperRange + ']', - rsZWJ = '\\u200d'; - - /** Used to compose unicode regexes. */ - var rsMiscLower = '(?:' + rsLower + '|' + rsMisc + ')', - rsMiscUpper = '(?:' + rsUpper + '|' + rsMisc + ')', - rsOptContrLower = '(?:' + rsApos + '(?:d|ll|m|re|s|t|ve))?', - rsOptContrUpper = '(?:' + rsApos + '(?:D|LL|M|RE|S|T|VE))?', - reOptMod = rsModifier + '?', - rsOptVar = '[' + rsVarRange + ']?', - rsOptJoin = - '(?:' + - rsZWJ + - '(?:' + - [rsNonAstral, rsRegional, rsSurrPair].join('|') + - ')' + - rsOptVar + - reOptMod + - ')*', - rsOrdLower = '\\d*(?:1st|2nd|3rd|(?![123])\\dth)(?=\\b|[A-Z_])', - rsOrdUpper = '\\d*(?:1ST|2ND|3RD|(?![123])\\dTH)(?=\\b|[a-z_])', - rsSeq = rsOptVar + reOptMod + rsOptJoin, - rsEmoji = '(?:' + [rsDingbat, rsRegional, rsSurrPair].join('|') + ')' + rsSeq, - rsSymbol = - '(?:' + - [rsNonAstral + rsCombo + '?', rsCombo, rsRegional, rsSurrPair, rsAstral].join('|') + - ')'; - - /** Used to match apostrophes. */ - var reApos = RegExp(rsApos, 'g'); - - /** - * Used to match [combining diacritical marks](https://en.wikipedia.org/wiki/Combining_Diacritical_Marks) and - * [combining diacritical marks for symbols](https://en.wikipedia.org/wiki/Combining_Diacritical_Marks_for_Symbols). - */ - var reComboMark = RegExp(rsCombo, 'g'); - - /** Used to match [string symbols](https://mathiasbynens.be/notes/javascript-unicode). */ - var reUnicode = RegExp(rsFitz + '(?=' + rsFitz + ')|' + rsSymbol + rsSeq, 'g'); - - /** Used to match complex or compound words. */ - var reUnicodeWord = RegExp( - [ - rsUpper + - '?' + - rsLower + - '+' + - rsOptContrLower + - '(?=' + - [rsBreak, rsUpper, '$'].join('|') + - ')', - rsMiscUpper + - '+' + - rsOptContrUpper + - '(?=' + - [rsBreak, rsUpper + rsMiscLower, '$'].join('|') + - ')', - rsUpper + '?' + rsMiscLower + '+' + rsOptContrLower, - rsUpper + '+' + rsOptContrUpper, - rsOrdUpper, - rsOrdLower, - rsDigits, - rsEmoji, - ].join('|'), - 'g' - ); - - /** Used to detect strings with [zero-width joiners or code points from the astral planes](http://eev.ee/blog/2015/09/12/dark-corners-of-unicode/). */ - var reHasUnicode = RegExp('[' + rsZWJ + rsAstralRange + rsComboRange + rsVarRange + ']'); - - /** Used to detect strings that need a more robust regexp to match words. */ - var reHasUnicodeWord = /[a-z][A-Z]|[A-Z]{2,}[a-z]|[0-9][a-zA-Z]|[a-zA-Z][0-9]|[^a-zA-Z0-9 ]/; - - /** Used to assign default `context` object properties. */ - var contextProps = [ - 'Array', - 'Buffer', - 'DataView', - 'Date', - 'Error', - 'Float32Array', - 'Float64Array', - 'Function', - 'Int8Array', - 'Int16Array', - 'Int32Array', - 'Map', - 'Math', - 'Object', - 'Promise', - 'RegExp', - 'Set', - 'String', - 'Symbol', - 'TypeError', - 'Uint8Array', - 'Uint8ClampedArray', - 'Uint16Array', - 'Uint32Array', - 'WeakMap', - '_', - 'clearTimeout', - 'isFinite', - 'parseInt', - 'setTimeout', - ]; - - /** Used to make template sourceURLs easier to identify. */ - var templateCounter = -1; - - /** Used to identify `toStringTag` values of typed arrays. */ - var typedArrayTags = {}; - typedArrayTags[float32Tag] = - typedArrayTags[float64Tag] = - typedArrayTags[int8Tag] = - typedArrayTags[int16Tag] = - typedArrayTags[int32Tag] = - typedArrayTags[uint8Tag] = - typedArrayTags[uint8ClampedTag] = - typedArrayTags[uint16Tag] = - typedArrayTags[uint32Tag] = - true; - typedArrayTags[argsTag] = - typedArrayTags[arrayTag] = - typedArrayTags[arrayBufferTag] = - typedArrayTags[boolTag] = - typedArrayTags[dataViewTag] = - typedArrayTags[dateTag] = - typedArrayTags[errorTag] = - typedArrayTags[funcTag] = - typedArrayTags[mapTag] = - typedArrayTags[numberTag] = - typedArrayTags[objectTag] = - typedArrayTags[regexpTag] = - typedArrayTags[setTag] = - typedArrayTags[stringTag] = - typedArrayTags[weakMapTag] = - false; - - /** Used to identify `toStringTag` values supported by `_.clone`. */ - var cloneableTags = {}; - cloneableTags[argsTag] = - cloneableTags[arrayTag] = - cloneableTags[arrayBufferTag] = - cloneableTags[dataViewTag] = - cloneableTags[boolTag] = - cloneableTags[dateTag] = - cloneableTags[float32Tag] = - cloneableTags[float64Tag] = - cloneableTags[int8Tag] = - cloneableTags[int16Tag] = - cloneableTags[int32Tag] = - cloneableTags[mapTag] = - cloneableTags[numberTag] = - cloneableTags[objectTag] = - cloneableTags[regexpTag] = - cloneableTags[setTag] = - cloneableTags[stringTag] = - cloneableTags[symbolTag] = - cloneableTags[uint8Tag] = - cloneableTags[uint8ClampedTag] = - cloneableTags[uint16Tag] = - cloneableTags[uint32Tag] = - true; - cloneableTags[errorTag] = cloneableTags[funcTag] = cloneableTags[weakMapTag] = false; - - /** Used to map Latin Unicode letters to basic Latin letters. */ - var deburredLetters = { - // Latin-1 Supplement block. - '\xc0': 'A', - '\xc1': 'A', - '\xc2': 'A', - '\xc3': 'A', - '\xc4': 'A', - '\xc5': 'A', - '\xe0': 'a', - '\xe1': 'a', - '\xe2': 'a', - '\xe3': 'a', - '\xe4': 'a', - '\xe5': 'a', - '\xc7': 'C', - '\xe7': 'c', - '\xd0': 'D', - '\xf0': 'd', - '\xc8': 'E', - '\xc9': 'E', - '\xca': 'E', - '\xcb': 'E', - '\xe8': 'e', - '\xe9': 'e', - '\xea': 'e', - '\xeb': 'e', - '\xcc': 'I', - '\xcd': 'I', - '\xce': 'I', - '\xcf': 'I', - '\xec': 'i', - '\xed': 'i', - '\xee': 'i', - '\xef': 'i', - '\xd1': 'N', - '\xf1': 'n', - '\xd2': 'O', - '\xd3': 'O', - '\xd4': 'O', - '\xd5': 'O', - '\xd6': 'O', - '\xd8': 'O', - '\xf2': 'o', - '\xf3': 'o', - '\xf4': 'o', - '\xf5': 'o', - '\xf6': 'o', - '\xf8': 'o', - '\xd9': 'U', - '\xda': 'U', - '\xdb': 'U', - '\xdc': 'U', - '\xf9': 'u', - '\xfa': 'u', - '\xfb': 'u', - '\xfc': 'u', - '\xdd': 'Y', - '\xfd': 'y', - '\xff': 'y', - '\xc6': 'Ae', - '\xe6': 'ae', - '\xde': 'Th', - '\xfe': 'th', - '\xdf': 'ss', - // Latin Extended-A block. - '\u0100': 'A', - '\u0102': 'A', - '\u0104': 'A', - '\u0101': 'a', - '\u0103': 'a', - '\u0105': 'a', - '\u0106': 'C', - '\u0108': 'C', - '\u010a': 'C', - '\u010c': 'C', - '\u0107': 'c', - '\u0109': 'c', - '\u010b': 'c', - '\u010d': 'c', - '\u010e': 'D', - '\u0110': 'D', - '\u010f': 'd', - '\u0111': 'd', - '\u0112': 'E', - '\u0114': 'E', - '\u0116': 'E', - '\u0118': 'E', - '\u011a': 'E', - '\u0113': 'e', - '\u0115': 'e', - '\u0117': 'e', - '\u0119': 'e', - '\u011b': 'e', - '\u011c': 'G', - '\u011e': 'G', - '\u0120': 'G', - '\u0122': 'G', - '\u011d': 'g', - '\u011f': 'g', - '\u0121': 'g', - '\u0123': 'g', - '\u0124': 'H', - '\u0126': 'H', - '\u0125': 'h', - '\u0127': 'h', - '\u0128': 'I', - '\u012a': 'I', - '\u012c': 'I', - '\u012e': 'I', - '\u0130': 'I', - '\u0129': 'i', - '\u012b': 'i', - '\u012d': 'i', - '\u012f': 'i', - '\u0131': 'i', - '\u0134': 'J', - '\u0135': 'j', - '\u0136': 'K', - '\u0137': 'k', - '\u0138': 'k', - '\u0139': 'L', - '\u013b': 'L', - '\u013d': 'L', - '\u013f': 'L', - '\u0141': 'L', - '\u013a': 'l', - '\u013c': 'l', - '\u013e': 'l', - '\u0140': 'l', - '\u0142': 'l', - '\u0143': 'N', - '\u0145': 'N', - '\u0147': 'N', - '\u014a': 'N', - '\u0144': 'n', - '\u0146': 'n', - '\u0148': 'n', - '\u014b': 'n', - '\u014c': 'O', - '\u014e': 'O', - '\u0150': 'O', - '\u014d': 'o', - '\u014f': 'o', - '\u0151': 'o', - '\u0154': 'R', - '\u0156': 'R', - '\u0158': 'R', - '\u0155': 'r', - '\u0157': 'r', - '\u0159': 'r', - '\u015a': 'S', - '\u015c': 'S', - '\u015e': 'S', - '\u0160': 'S', - '\u015b': 's', - '\u015d': 's', - '\u015f': 's', - '\u0161': 's', - '\u0162': 'T', - '\u0164': 'T', - '\u0166': 'T', - '\u0163': 't', - '\u0165': 't', - '\u0167': 't', - '\u0168': 'U', - '\u016a': 'U', - '\u016c': 'U', - '\u016e': 'U', - '\u0170': 'U', - '\u0172': 'U', - '\u0169': 'u', - '\u016b': 'u', - '\u016d': 'u', - '\u016f': 'u', - '\u0171': 'u', - '\u0173': 'u', - '\u0174': 'W', - '\u0175': 'w', - '\u0176': 'Y', - '\u0177': 'y', - '\u0178': 'Y', - '\u0179': 'Z', - '\u017b': 'Z', - '\u017d': 'Z', - '\u017a': 'z', - '\u017c': 'z', - '\u017e': 'z', - '\u0132': 'IJ', - '\u0133': 'ij', - '\u0152': 'Oe', - '\u0153': 'oe', - '\u0149': "'n", - '\u017f': 's', - }; - - /** Used to map characters to HTML entities. */ - var htmlEscapes = { - '&': '&', - '<': '<', - '>': '>', - '"': '"', - "'": ''', - }; - - /** Used to map HTML entities to characters. */ - var htmlUnescapes = { - '&': '&', - '<': '<', - '>': '>', - '"': '"', - ''': "'", - }; - - /** Used to escape characters for inclusion in compiled string literals. */ - var stringEscapes = { - '\\': '\\', - "'": "'", - '\n': 'n', - '\r': 'r', - '\u2028': 'u2028', - '\u2029': 'u2029', - }; - - /** Built-in method references without a dependency on `root`. */ - var freeParseFloat = parseFloat, - freeParseInt = parseInt; - - /** Detect free variable `global` from Node.js. */ - var freeGlobal = typeof global == 'object' && global && global.Object === Object && global; - - /** Detect free variable `self`. */ - var freeSelf = typeof self == 'object' && self && self.Object === Object && self; - - /** Used as a reference to the global object. */ - var root = freeGlobal || freeSelf || Function('return this')(); - - /** Detect free variable `exports`. */ - var freeExports = typeof exports == 'object' && exports && !exports.nodeType && exports; - - /** Detect free variable `module`. */ - var freeModule = freeExports && typeof module == 'object' && module && !module.nodeType && module; - - /** Detect the popular CommonJS extension `module.exports`. */ - var moduleExports = freeModule && freeModule.exports === freeExports; - - /** Detect free variable `process` from Node.js. */ - var freeProcess = moduleExports && freeGlobal.process; - - /** Used to access faster Node.js helpers. */ - var nodeUtil = (function () { - try { - // Use `util.types` for Node.js 10+. - var types = freeModule && freeModule.require && freeModule.require('util').types; - - if (types) { - return types; - } - - // Legacy `process.binding('util')` for Node.js < 10. - return freeProcess && freeProcess.binding && freeProcess.binding('util'); - } catch (e) {} - })(); - - /* Node.js helper references. */ - var nodeIsArrayBuffer = nodeUtil && nodeUtil.isArrayBuffer, - nodeIsDate = nodeUtil && nodeUtil.isDate, - nodeIsMap = nodeUtil && nodeUtil.isMap, - nodeIsRegExp = nodeUtil && nodeUtil.isRegExp, - nodeIsSet = nodeUtil && nodeUtil.isSet, - nodeIsTypedArray = nodeUtil && nodeUtil.isTypedArray; - - /*--------------------------------------------------------------------------*/ - - /** - * A faster alternative to `Function#apply`, this function invokes `func` - * with the `this` binding of `thisArg` and the arguments of `args`. - * - * @private - * @param {Function} func The function to invoke. - * @param {*} thisArg The `this` binding of `func`. - * @param {Array} args The arguments to invoke `func` with. - * @returns {*} Returns the result of `func`. - */ - function apply(func, thisArg, args) { - switch (args.length) { - case 0: - return func.call(thisArg); - case 1: - return func.call(thisArg, args[0]); - case 2: - return func.call(thisArg, args[0], args[1]); - case 3: - return func.call(thisArg, args[0], args[1], args[2]); - } - return func.apply(thisArg, args); - } - - /** - * A specialized version of `baseAggregator` for arrays. - * - * @private - * @param {Array} [array] The array to iterate over. - * @param {Function} setter The function to set `accumulator` values. - * @param {Function} iteratee The iteratee to transform keys. - * @param {Object} accumulator The initial aggregated object. - * @returns {Function} Returns `accumulator`. - */ - function arrayAggregator(array, setter, iteratee, accumulator) { - var index = -1, - length = array == null ? 0 : array.length; - - while (++index < length) { - var value = array[index]; - setter(accumulator, value, iteratee(value), array); - } - return accumulator; - } - - /** - * A specialized version of `_.forEach` for arrays without support for - * iteratee shorthands. - * - * @private - * @param {Array} [array] The array to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @returns {Array} Returns `array`. - */ - function arrayEach(array, iteratee) { - var index = -1, - length = array == null ? 0 : array.length; - - while (++index < length) { - if (iteratee(array[index], index, array) === false) { - break; - } - } - return array; - } - - /** - * A specialized version of `_.forEachRight` for arrays without support for - * iteratee shorthands. - * - * @private - * @param {Array} [array] The array to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @returns {Array} Returns `array`. - */ - function arrayEachRight(array, iteratee) { - var length = array == null ? 0 : array.length; - - while (length--) { - if (iteratee(array[length], length, array) === false) { - break; - } - } - return array; - } - - /** - * A specialized version of `_.every` for arrays without support for - * iteratee shorthands. - * - * @private - * @param {Array} [array] The array to iterate over. - * @param {Function} predicate The function invoked per iteration. - * @returns {boolean} Returns `true` if all elements pass the predicate check, - * else `false`. - */ - function arrayEvery(array, predicate) { - var index = -1, - length = array == null ? 0 : array.length; - - while (++index < length) { - if (!predicate(array[index], index, array)) { - return false; - } - } - return true; - } - - /** - * A specialized version of `_.filter` for arrays without support for - * iteratee shorthands. - * - * @private - * @param {Array} [array] The array to iterate over. - * @param {Function} predicate The function invoked per iteration. - * @returns {Array} Returns the new filtered array. - */ - function arrayFilter(array, predicate) { - var index = -1, - length = array == null ? 0 : array.length, - resIndex = 0, - result = []; - - while (++index < length) { - var value = array[index]; - if (predicate(value, index, array)) { - result[resIndex++] = value; - } - } - return result; - } - - /** - * A specialized version of `_.includes` for arrays without support for - * specifying an index to search from. - * - * @private - * @param {Array} [array] The array to inspect. - * @param {*} target The value to search for. - * @returns {boolean} Returns `true` if `target` is found, else `false`. - */ - function arrayIncludes(array, value) { - var length = array == null ? 0 : array.length; - return !!length && baseIndexOf(array, value, 0) > -1; - } - - /** - * This function is like `arrayIncludes` except that it accepts a comparator. - * - * @private - * @param {Array} [array] The array to inspect. - * @param {*} target The value to search for. - * @param {Function} comparator The comparator invoked per element. - * @returns {boolean} Returns `true` if `target` is found, else `false`. - */ - function arrayIncludesWith(array, value, comparator) { - var index = -1, - length = array == null ? 0 : array.length; - - while (++index < length) { - if (comparator(value, array[index])) { - return true; - } - } - return false; - } - - /** - * A specialized version of `_.map` for arrays without support for iteratee - * shorthands. - * - * @private - * @param {Array} [array] The array to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @returns {Array} Returns the new mapped array. - */ - function arrayMap(array, iteratee) { - var index = -1, - length = array == null ? 0 : array.length, - result = Array(length); - - while (++index < length) { - result[index] = iteratee(array[index], index, array); - } - return result; - } - - /** - * Appends the elements of `values` to `array`. - * - * @private - * @param {Array} array The array to modify. - * @param {Array} values The values to append. - * @returns {Array} Returns `array`. - */ - function arrayPush(array, values) { - var index = -1, - length = values.length, - offset = array.length; - - while (++index < length) { - array[offset + index] = values[index]; - } - return array; - } - - /** - * A specialized version of `_.reduce` for arrays without support for - * iteratee shorthands. - * - * @private - * @param {Array} [array] The array to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @param {*} [accumulator] The initial value. - * @param {boolean} [initAccum] Specify using the first element of `array` as - * the initial value. - * @returns {*} Returns the accumulated value. - */ - function arrayReduce(array, iteratee, accumulator, initAccum) { - var index = -1, - length = array == null ? 0 : array.length; - - if (initAccum && length) { - accumulator = array[++index]; - } - while (++index < length) { - accumulator = iteratee(accumulator, array[index], index, array); - } - return accumulator; - } - - /** - * A specialized version of `_.reduceRight` for arrays without support for - * iteratee shorthands. - * - * @private - * @param {Array} [array] The array to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @param {*} [accumulator] The initial value. - * @param {boolean} [initAccum] Specify using the last element of `array` as - * the initial value. - * @returns {*} Returns the accumulated value. - */ - function arrayReduceRight(array, iteratee, accumulator, initAccum) { - var length = array == null ? 0 : array.length; - if (initAccum && length) { - accumulator = array[--length]; - } - while (length--) { - accumulator = iteratee(accumulator, array[length], length, array); - } - return accumulator; - } - - /** - * A specialized version of `_.some` for arrays without support for iteratee - * shorthands. - * - * @private - * @param {Array} [array] The array to iterate over. - * @param {Function} predicate The function invoked per iteration. - * @returns {boolean} Returns `true` if any element passes the predicate check, - * else `false`. - */ - function arraySome(array, predicate) { - var index = -1, - length = array == null ? 0 : array.length; - - while (++index < length) { - if (predicate(array[index], index, array)) { - return true; - } - } - return false; - } - - /** - * Gets the size of an ASCII `string`. - * - * @private - * @param {string} string The string inspect. - * @returns {number} Returns the string size. - */ - var asciiSize = baseProperty('length'); - - /** - * Converts an ASCII `string` to an array. - * - * @private - * @param {string} string The string to convert. - * @returns {Array} Returns the converted array. - */ - function asciiToArray(string) { - return string.split(''); - } - - /** - * Splits an ASCII `string` into an array of its words. - * - * @private - * @param {string} The string to inspect. - * @returns {Array} Returns the words of `string`. - */ - function asciiWords(string) { - return string.match(reAsciiWord) || []; - } - - /** - * The base implementation of methods like `_.findKey` and `_.findLastKey`, - * without support for iteratee shorthands, which iterates over `collection` - * using `eachFunc`. - * - * @private - * @param {Array|Object} collection The collection to inspect. - * @param {Function} predicate The function invoked per iteration. - * @param {Function} eachFunc The function to iterate over `collection`. - * @returns {*} Returns the found element or its key, else `undefined`. - */ - function baseFindKey(collection, predicate, eachFunc) { - var result; - eachFunc(collection, function (value, key, collection) { - if (predicate(value, key, collection)) { - result = key; - return false; - } - }); - return result; - } - - /** - * The base implementation of `_.findIndex` and `_.findLastIndex` without - * support for iteratee shorthands. - * - * @private - * @param {Array} array The array to inspect. - * @param {Function} predicate The function invoked per iteration. - * @param {number} fromIndex The index to search from. - * @param {boolean} [fromRight] Specify iterating from right to left. - * @returns {number} Returns the index of the matched value, else `-1`. - */ - function baseFindIndex(array, predicate, fromIndex, fromRight) { - var length = array.length, - index = fromIndex + (fromRight ? 1 : -1); - - while (fromRight ? index-- : ++index < length) { - if (predicate(array[index], index, array)) { - return index; - } - } - return -1; - } - - /** - * The base implementation of `_.indexOf` without `fromIndex` bounds checks. - * - * @private - * @param {Array} array The array to inspect. - * @param {*} value The value to search for. - * @param {number} fromIndex The index to search from. - * @returns {number} Returns the index of the matched value, else `-1`. - */ - function baseIndexOf(array, value, fromIndex) { - return value === value - ? strictIndexOf(array, value, fromIndex) - : baseFindIndex(array, baseIsNaN, fromIndex); - } - - /** - * This function is like `baseIndexOf` except that it accepts a comparator. - * - * @private - * @param {Array} array The array to inspect. - * @param {*} value The value to search for. - * @param {number} fromIndex The index to search from. - * @param {Function} comparator The comparator invoked per element. - * @returns {number} Returns the index of the matched value, else `-1`. - */ - function baseIndexOfWith(array, value, fromIndex, comparator) { - var index = fromIndex - 1, - length = array.length; - - while (++index < length) { - if (comparator(array[index], value)) { - return index; - } - } - return -1; - } - - /** - * The base implementation of `_.isNaN` without support for number objects. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is `NaN`, else `false`. - */ - function baseIsNaN(value) { - return value !== value; - } - - /** - * The base implementation of `_.mean` and `_.meanBy` without support for - * iteratee shorthands. - * - * @private - * @param {Array} array The array to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @returns {number} Returns the mean. - */ - function baseMean(array, iteratee) { - var length = array == null ? 0 : array.length; - return length ? baseSum(array, iteratee) / length : NAN; - } - - /** - * The base implementation of `_.property` without support for deep paths. - * - * @private - * @param {string} key The key of the property to get. - * @returns {Function} Returns the new accessor function. - */ - function baseProperty(key) { - return function (object) { - return object == null ? undefined : object[key]; - }; - } - - /** - * The base implementation of `_.propertyOf` without support for deep paths. - * - * @private - * @param {Object} object The object to query. - * @returns {Function} Returns the new accessor function. - */ - function basePropertyOf(object) { - return function (key) { - return object == null ? undefined : object[key]; - }; - } - - /** - * The base implementation of `_.reduce` and `_.reduceRight`, without support - * for iteratee shorthands, which iterates over `collection` using `eachFunc`. - * - * @private - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @param {*} accumulator The initial value. - * @param {boolean} initAccum Specify using the first or last element of - * `collection` as the initial value. - * @param {Function} eachFunc The function to iterate over `collection`. - * @returns {*} Returns the accumulated value. - */ - function baseReduce(collection, iteratee, accumulator, initAccum, eachFunc) { - eachFunc(collection, function (value, index, collection) { - accumulator = initAccum - ? ((initAccum = false), value) - : iteratee(accumulator, value, index, collection); - }); - return accumulator; - } - - /** - * The base implementation of `_.sortBy` which uses `comparer` to define the - * sort order of `array` and replaces criteria objects with their corresponding - * values. - * - * @private - * @param {Array} array The array to sort. - * @param {Function} comparer The function to define sort order. - * @returns {Array} Returns `array`. - */ - function baseSortBy(array, comparer) { - var length = array.length; - - array.sort(comparer); - while (length--) { - array[length] = array[length].value; - } - return array; - } - - /** - * The base implementation of `_.sum` and `_.sumBy` without support for - * iteratee shorthands. - * - * @private - * @param {Array} array The array to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @returns {number} Returns the sum. - */ - function baseSum(array, iteratee) { - var result, - index = -1, - length = array.length; - - while (++index < length) { - var current = iteratee(array[index]); - if (current !== undefined) { - result = result === undefined ? current : result + current; - } - } - return result; - } - - /** - * The base implementation of `_.times` without support for iteratee shorthands - * or max array length checks. - * - * @private - * @param {number} n The number of times to invoke `iteratee`. - * @param {Function} iteratee The function invoked per iteration. - * @returns {Array} Returns the array of results. - */ - function baseTimes(n, iteratee) { - var index = -1, - result = Array(n); - - while (++index < n) { - result[index] = iteratee(index); - } - return result; - } - - /** - * The base implementation of `_.toPairs` and `_.toPairsIn` which creates an array - * of key-value pairs for `object` corresponding to the property names of `props`. - * - * @private - * @param {Object} object The object to query. - * @param {Array} props The property names to get values for. - * @returns {Object} Returns the key-value pairs. - */ - function baseToPairs(object, props) { - return arrayMap(props, function (key) { - return [key, object[key]]; - }); - } - - /** - * The base implementation of `_.unary` without support for storing metadata. - * - * @private - * @param {Function} func The function to cap arguments for. - * @returns {Function} Returns the new capped function. - */ - function baseUnary(func) { - return function (value) { - return func(value); - }; - } - - /** - * The base implementation of `_.values` and `_.valuesIn` which creates an - * array of `object` property values corresponding to the property names - * of `props`. - * - * @private - * @param {Object} object The object to query. - * @param {Array} props The property names to get values for. - * @returns {Object} Returns the array of property values. - */ - function baseValues(object, props) { - return arrayMap(props, function (key) { - return object[key]; - }); - } - - /** - * Checks if a `cache` value for `key` exists. - * - * @private - * @param {Object} cache The cache to query. - * @param {string} key The key of the entry to check. - * @returns {boolean} Returns `true` if an entry for `key` exists, else `false`. - */ - function cacheHas(cache, key) { - return cache.has(key); - } - - /** - * Used by `_.trim` and `_.trimStart` to get the index of the first string symbol - * that is not found in the character symbols. - * - * @private - * @param {Array} strSymbols The string symbols to inspect. - * @param {Array} chrSymbols The character symbols to find. - * @returns {number} Returns the index of the first unmatched string symbol. - */ - function charsStartIndex(strSymbols, chrSymbols) { - var index = -1, - length = strSymbols.length; - - while (++index < length && baseIndexOf(chrSymbols, strSymbols[index], 0) > -1) {} - return index; - } - - /** - * Used by `_.trim` and `_.trimEnd` to get the index of the last string symbol - * that is not found in the character symbols. - * - * @private - * @param {Array} strSymbols The string symbols to inspect. - * @param {Array} chrSymbols The character symbols to find. - * @returns {number} Returns the index of the last unmatched string symbol. - */ - function charsEndIndex(strSymbols, chrSymbols) { - var index = strSymbols.length; - - while (index-- && baseIndexOf(chrSymbols, strSymbols[index], 0) > -1) {} - return index; - } - - /** - * Gets the number of `placeholder` occurrences in `array`. - * - * @private - * @param {Array} array The array to inspect. - * @param {*} placeholder The placeholder to search for. - * @returns {number} Returns the placeholder count. - */ - function countHolders(array, placeholder) { - var length = array.length, - result = 0; - - while (length--) { - if (array[length] === placeholder) { - ++result; - } - } - return result; - } - - /** - * Used by `_.deburr` to convert Latin-1 Supplement and Latin Extended-A - * letters to basic Latin letters. - * - * @private - * @param {string} letter The matched letter to deburr. - * @returns {string} Returns the deburred letter. - */ - var deburrLetter = basePropertyOf(deburredLetters); - - /** - * Used by `_.escape` to convert characters to HTML entities. - * - * @private - * @param {string} chr The matched character to escape. - * @returns {string} Returns the escaped character. - */ - var escapeHtmlChar = basePropertyOf(htmlEscapes); - - /** - * Used by `_.template` to escape characters for inclusion in compiled string literals. - * - * @private - * @param {string} chr The matched character to escape. - * @returns {string} Returns the escaped character. - */ - function escapeStringChar(chr) { - return '\\' + stringEscapes[chr]; - } - - /** - * Gets the value at `key` of `object`. - * - * @private - * @param {Object} [object] The object to query. - * @param {string} key The key of the property to get. - * @returns {*} Returns the property value. - */ - function getValue(object, key) { - return object == null ? undefined : object[key]; - } - - /** - * Checks if `string` contains Unicode symbols. - * - * @private - * @param {string} string The string to inspect. - * @returns {boolean} Returns `true` if a symbol is found, else `false`. - */ - function hasUnicode(string) { - return reHasUnicode.test(string); - } - - /** - * Checks if `string` contains a word composed of Unicode symbols. - * - * @private - * @param {string} string The string to inspect. - * @returns {boolean} Returns `true` if a word is found, else `false`. - */ - function hasUnicodeWord(string) { - return reHasUnicodeWord.test(string); - } - - /** - * Converts `iterator` to an array. - * - * @private - * @param {Object} iterator The iterator to convert. - * @returns {Array} Returns the converted array. - */ - function iteratorToArray(iterator) { - var data, - result = []; - - while (!(data = iterator.next()).done) { - result.push(data.value); - } - return result; - } - - /** - * Converts `map` to its key-value pairs. - * - * @private - * @param {Object} map The map to convert. - * @returns {Array} Returns the key-value pairs. - */ - function mapToArray(map) { - var index = -1, - result = Array(map.size); - - map.forEach(function (value, key) { - result[++index] = [key, value]; - }); - return result; - } - - /** - * Creates a unary function that invokes `func` with its argument transformed. - * - * @private - * @param {Function} func The function to wrap. - * @param {Function} transform The argument transform. - * @returns {Function} Returns the new function. - */ - function overArg(func, transform) { - return function (arg) { - return func(transform(arg)); - }; - } - - /** - * Replaces all `placeholder` elements in `array` with an internal placeholder - * and returns an array of their indexes. - * - * @private - * @param {Array} array The array to modify. - * @param {*} placeholder The placeholder to replace. - * @returns {Array} Returns the new array of placeholder indexes. - */ - function replaceHolders(array, placeholder) { - var index = -1, - length = array.length, - resIndex = 0, - result = []; - - while (++index < length) { - var value = array[index]; - if (value === placeholder || value === PLACEHOLDER) { - array[index] = PLACEHOLDER; - result[resIndex++] = index; - } - } - return result; - } - - /** - * Gets the value at `key`, unless `key` is "__proto__". - * - * @private - * @param {Object} object The object to query. - * @param {string} key The key of the property to get. - * @returns {*} Returns the property value. - */ - function safeGet(object, key) { - return key == '__proto__' ? undefined : object[key]; - } - - /** - * Converts `set` to an array of its values. - * - * @private - * @param {Object} set The set to convert. - * @returns {Array} Returns the values. - */ - function setToArray(set) { - var index = -1, - result = Array(set.size); - - set.forEach(function (value) { - result[++index] = value; - }); - return result; - } - - /** - * Converts `set` to its value-value pairs. - * - * @private - * @param {Object} set The set to convert. - * @returns {Array} Returns the value-value pairs. - */ - function setToPairs(set) { - var index = -1, - result = Array(set.size); - - set.forEach(function (value) { - result[++index] = [value, value]; - }); - return result; - } - - /** - * A specialized version of `_.indexOf` which performs strict equality - * comparisons of values, i.e. `===`. - * - * @private - * @param {Array} array The array to inspect. - * @param {*} value The value to search for. - * @param {number} fromIndex The index to search from. - * @returns {number} Returns the index of the matched value, else `-1`. - */ - function strictIndexOf(array, value, fromIndex) { - var index = fromIndex - 1, - length = array.length; - - while (++index < length) { - if (array[index] === value) { - return index; - } - } - return -1; - } - - /** - * A specialized version of `_.lastIndexOf` which performs strict equality - * comparisons of values, i.e. `===`. - * - * @private - * @param {Array} array The array to inspect. - * @param {*} value The value to search for. - * @param {number} fromIndex The index to search from. - * @returns {number} Returns the index of the matched value, else `-1`. - */ - function strictLastIndexOf(array, value, fromIndex) { - var index = fromIndex + 1; - while (index--) { - if (array[index] === value) { - return index; - } - } - return index; - } - - /** - * Gets the number of symbols in `string`. - * - * @private - * @param {string} string The string to inspect. - * @returns {number} Returns the string size. - */ - function stringSize(string) { - return hasUnicode(string) ? unicodeSize(string) : asciiSize(string); - } - - /** - * Converts `string` to an array. - * - * @private - * @param {string} string The string to convert. - * @returns {Array} Returns the converted array. - */ - function stringToArray(string) { - return hasUnicode(string) ? unicodeToArray(string) : asciiToArray(string); - } - - /** - * Used by `_.unescape` to convert HTML entities to characters. - * - * @private - * @param {string} chr The matched character to unescape. - * @returns {string} Returns the unescaped character. - */ - var unescapeHtmlChar = basePropertyOf(htmlUnescapes); - - /** - * Gets the size of a Unicode `string`. - * - * @private - * @param {string} string The string inspect. - * @returns {number} Returns the string size. - */ - function unicodeSize(string) { - var result = (reUnicode.lastIndex = 0); - while (reUnicode.test(string)) { - ++result; - } - return result; - } - - /** - * Converts a Unicode `string` to an array. - * - * @private - * @param {string} string The string to convert. - * @returns {Array} Returns the converted array. - */ - function unicodeToArray(string) { - return string.match(reUnicode) || []; - } - - /** - * Splits a Unicode `string` into an array of its words. - * - * @private - * @param {string} The string to inspect. - * @returns {Array} Returns the words of `string`. - */ - function unicodeWords(string) { - return string.match(reUnicodeWord) || []; - } - - /*--------------------------------------------------------------------------*/ - - /** - * Create a new pristine `lodash` function using the `context` object. - * - * @static - * @memberOf _ - * @since 1.1.0 - * @category Util - * @param {Object} [context=root] The context object. - * @returns {Function} Returns a new `lodash` function. - * @example - * - * _.mixin({ 'foo': _.constant('foo') }); - * - * var lodash = _.runInContext(); - * lodash.mixin({ 'bar': lodash.constant('bar') }); - * - * _.isFunction(_.foo); - * // => true - * _.isFunction(_.bar); - * // => false - * - * lodash.isFunction(lodash.foo); - * // => false - * lodash.isFunction(lodash.bar); - * // => true - * - * // Create a suped-up `defer` in Node.js. - * var defer = _.runInContext({ 'setTimeout': setImmediate }).defer; - */ - var runInContext = function runInContext(context) { - context = context == null ? root : _.defaults(root.Object(), context, _.pick(root, contextProps)); - - /** Built-in constructor references. */ - var Array = context.Array, - Date = context.Date, - Error = context.Error, - Function = context.Function, - Math = context.Math, - Object = context.Object, - RegExp = context.RegExp, - String = context.String, - TypeError = context.TypeError; - - /** Used for built-in method references. */ - var arrayProto = Array.prototype, - funcProto = Function.prototype, - objectProto = Object.prototype; - - /** Used to detect overreaching core-js shims. */ - var coreJsData = context['__core-js_shared__']; - - /** Used to resolve the decompiled source of functions. */ - var funcToString = funcProto.toString; - - /** Used to check objects for own properties. */ - var hasOwnProperty = objectProto.hasOwnProperty; - - /** Used to generate unique IDs. */ - var idCounter = 0; - - /** Used to detect methods masquerading as native. */ - var maskSrcKey = (function () { - var uid = /[^.]+$/.exec((coreJsData && coreJsData.keys && coreJsData.keys.IE_PROTO) || ''); - return uid ? 'Symbol(src)_1.' + uid : ''; - })(); - - /** - * Used to resolve the - * [`toStringTag`](http://ecma-international.org/ecma-262/7.0/#sec-object.prototype.tostring) - * of values. - */ - var nativeObjectToString = objectProto.toString; - - /** Used to infer the `Object` constructor. */ - var objectCtorString = funcToString.call(Object); - - /** Used to restore the original `_` reference in `_.noConflict`. */ - var oldDash = root._; - - /** Used to detect if a method is native. */ - var reIsNative = RegExp( - '^' + - funcToString - .call(hasOwnProperty) - .replace(reRegExpChar, '\\$&') - .replace(/hasOwnProperty|(function).*?(?=\\\()| for .+?(?=\\\])/g, '$1.*?') + - '$' - ); - - /** Built-in value references. */ - var Buffer = moduleExports ? context.Buffer : undefined, - Symbol = context.Symbol, - Uint8Array = context.Uint8Array, - allocUnsafe = Buffer ? Buffer.allocUnsafe : undefined, - getPrototype = overArg(Object.getPrototypeOf, Object), - objectCreate = Object.create, - propertyIsEnumerable = objectProto.propertyIsEnumerable, - splice = arrayProto.splice, - spreadableSymbol = Symbol ? Symbol.isConcatSpreadable : undefined, - symIterator = Symbol ? Symbol.iterator : undefined, - symToStringTag = Symbol ? Symbol.toStringTag : undefined; - - var defineProperty = (function () { - try { - var func = getNative(Object, 'defineProperty'); - func({}, '', {}); - return func; - } catch (e) {} - })(); - - /** Mocked built-ins. */ - var ctxClearTimeout = context.clearTimeout !== root.clearTimeout && context.clearTimeout, - ctxNow = Date && Date.now !== root.Date.now && Date.now, - ctxSetTimeout = context.setTimeout !== root.setTimeout && context.setTimeout; - - /* Built-in method references for those with the same name as other `lodash` methods. */ - var nativeCeil = Math.ceil, - nativeFloor = Math.floor, - nativeGetSymbols = Object.getOwnPropertySymbols, - nativeIsBuffer = Buffer ? Buffer.isBuffer : undefined, - nativeIsFinite = context.isFinite, - nativeJoin = arrayProto.join, - nativeKeys = overArg(Object.keys, Object), - nativeMax = Math.max, - nativeMin = Math.min, - nativeNow = Date.now, - nativeParseInt = context.parseInt, - nativeRandom = Math.random, - nativeReverse = arrayProto.reverse; - - /* Built-in method references that are verified to be native. */ - var DataView = getNative(context, 'DataView'), - Map = getNative(context, 'Map'), - Promise = getNative(context, 'Promise'), - Set = getNative(context, 'Set'), - WeakMap = getNative(context, 'WeakMap'), - nativeCreate = getNative(Object, 'create'); - - /** Used to store function metadata. */ - var metaMap = WeakMap && new WeakMap(); - - /** Used to lookup unminified function names. */ - var realNames = {}; - - /** Used to detect maps, sets, and weakmaps. */ - var dataViewCtorString = toSource(DataView), - mapCtorString = toSource(Map), - promiseCtorString = toSource(Promise), - setCtorString = toSource(Set), - weakMapCtorString = toSource(WeakMap); - - /** Used to convert symbols to primitives and strings. */ - var symbolProto = Symbol ? Symbol.prototype : undefined, - symbolValueOf = symbolProto ? symbolProto.valueOf : undefined, - symbolToString = symbolProto ? symbolProto.toString : undefined; - - /*------------------------------------------------------------------------*/ - - /** - * Creates a `lodash` object which wraps `value` to enable implicit method - * chain sequences. Methods that operate on and return arrays, collections, - * and functions can be chained together. Methods that retrieve a single value - * or may return a primitive value will automatically end the chain sequence - * and return the unwrapped value. Otherwise, the value must be unwrapped - * with `_#value`. - * - * Explicit chain sequences, which must be unwrapped with `_#value`, may be - * enabled using `_.chain`. - * - * The execution of chained methods is lazy, that is, it's deferred until - * `_#value` is implicitly or explicitly called. - * - * Lazy evaluation allows several methods to support shortcut fusion. - * Shortcut fusion is an optimization to merge iteratee calls; this avoids - * the creation of intermediate arrays and can greatly reduce the number of - * iteratee executions. Sections of a chain sequence qualify for shortcut - * fusion if the section is applied to an array and iteratees accept only - * one argument. The heuristic for whether a section qualifies for shortcut - * fusion is subject to change. - * - * Chaining is supported in custom builds as long as the `_#value` method is - * directly or indirectly included in the build. - * - * In addition to lodash methods, wrappers have `Array` and `String` methods. - * - * The wrapper `Array` methods are: - * `concat`, `join`, `pop`, `push`, `shift`, `sort`, `splice`, and `unshift` - * - * The wrapper `String` methods are: - * `replace` and `split` - * - * The wrapper methods that support shortcut fusion are: - * `at`, `compact`, `drop`, `dropRight`, `dropWhile`, `filter`, `find`, - * `findLast`, `head`, `initial`, `last`, `map`, `reject`, `reverse`, `slice`, - * `tail`, `take`, `takeRight`, `takeRightWhile`, `takeWhile`, and `toArray` - * - * The chainable wrapper methods are: - * `after`, `ary`, `assign`, `assignIn`, `assignInWith`, `assignWith`, `at`, - * `before`, `bind`, `bindAll`, `bindKey`, `castArray`, `chain`, `chunk`, - * `commit`, `compact`, `concat`, `conforms`, `constant`, `countBy`, `create`, - * `curry`, `debounce`, `defaults`, `defaultsDeep`, `defer`, `delay`, - * `difference`, `differenceBy`, `differenceWith`, `drop`, `dropRight`, - * `dropRightWhile`, `dropWhile`, `extend`, `extendWith`, `fill`, `filter`, - * `flatMap`, `flatMapDeep`, `flatMapDepth`, `flatten`, `flattenDeep`, - * `flattenDepth`, `flip`, `flow`, `flowRight`, `fromPairs`, `functions`, - * `functionsIn`, `groupBy`, `initial`, `intersection`, `intersectionBy`, - * `intersectionWith`, `invert`, `invertBy`, `invokeMap`, `iteratee`, `keyBy`, - * `keys`, `keysIn`, `map`, `mapKeys`, `mapValues`, `matches`, `matchesProperty`, - * `memoize`, `merge`, `mergeWith`, `method`, `methodOf`, `mixin`, `negate`, - * `nthArg`, `omit`, `omitBy`, `once`, `orderBy`, `over`, `overArgs`, - * `overEvery`, `overSome`, `partial`, `partialRight`, `partition`, `pick`, - * `pickBy`, `plant`, `property`, `propertyOf`, `pull`, `pullAll`, `pullAllBy`, - * `pullAllWith`, `pullAt`, `push`, `range`, `rangeRight`, `rearg`, `reject`, - * `remove`, `rest`, `reverse`, `sampleSize`, `set`, `setWith`, `shuffle`, - * `slice`, `sort`, `sortBy`, `splice`, `spread`, `tail`, `take`, `takeRight`, - * `takeRightWhile`, `takeWhile`, `tap`, `throttle`, `thru`, `toArray`, - * `toPairs`, `toPairsIn`, `toPath`, `toPlainObject`, `transform`, `unary`, - * `union`, `unionBy`, `unionWith`, `uniq`, `uniqBy`, `uniqWith`, `unset`, - * `unshift`, `unzip`, `unzipWith`, `update`, `updateWith`, `values`, - * `valuesIn`, `without`, `wrap`, `xor`, `xorBy`, `xorWith`, `zip`, - * `zipObject`, `zipObjectDeep`, and `zipWith` - * - * The wrapper methods that are **not** chainable by default are: - * `add`, `attempt`, `camelCase`, `capitalize`, `ceil`, `clamp`, `clone`, - * `cloneDeep`, `cloneDeepWith`, `cloneWith`, `conformsTo`, `deburr`, - * `defaultTo`, `divide`, `each`, `eachRight`, `endsWith`, `eq`, `escape`, - * `escapeRegExp`, `every`, `find`, `findIndex`, `findKey`, `findLast`, - * `findLastIndex`, `findLastKey`, `first`, `floor`, `forEach`, `forEachRight`, - * `forIn`, `forInRight`, `forOwn`, `forOwnRight`, `get`, `gt`, `gte`, `has`, - * `hasIn`, `head`, `identity`, `includes`, `indexOf`, `inRange`, `invoke`, - * `isArguments`, `isArray`, `isArrayBuffer`, `isArrayLike`, `isArrayLikeObject`, - * `isBoolean`, `isBuffer`, `isDate`, `isElement`, `isEmpty`, `isEqual`, - * `isEqualWith`, `isError`, `isFinite`, `isFunction`, `isInteger`, `isLength`, - * `isMap`, `isMatch`, `isMatchWith`, `isNaN`, `isNative`, `isNil`, `isNull`, - * `isNumber`, `isObject`, `isObjectLike`, `isPlainObject`, `isRegExp`, - * `isSafeInteger`, `isSet`, `isString`, `isUndefined`, `isTypedArray`, - * `isWeakMap`, `isWeakSet`, `join`, `kebabCase`, `last`, `lastIndexOf`, - * `lowerCase`, `lowerFirst`, `lt`, `lte`, `max`, `maxBy`, `mean`, `meanBy`, - * `min`, `minBy`, `multiply`, `noConflict`, `noop`, `now`, `nth`, `pad`, - * `padEnd`, `padStart`, `parseInt`, `pop`, `random`, `reduce`, `reduceRight`, - * `repeat`, `result`, `round`, `runInContext`, `sample`, `shift`, `size`, - * `snakeCase`, `some`, `sortedIndex`, `sortedIndexBy`, `sortedLastIndex`, - * `sortedLastIndexBy`, `startCase`, `startsWith`, `stubArray`, `stubFalse`, - * `stubObject`, `stubString`, `stubTrue`, `subtract`, `sum`, `sumBy`, - * `template`, `times`, `toFinite`, `toInteger`, `toJSON`, `toLength`, - * `toLower`, `toNumber`, `toSafeInteger`, `toString`, `toUpper`, `trim`, - * `trimEnd`, `trimStart`, `truncate`, `unescape`, `uniqueId`, `upperCase`, - * `upperFirst`, `value`, and `words` - * - * @name _ - * @constructor - * @category Seq - * @param {*} value The value to wrap in a `lodash` instance. - * @returns {Object} Returns the new `lodash` wrapper instance. - * @example - * - * function square(n) { - * return n * n; - * } - * - * var wrapped = _([1, 2, 3]); - * - * // Returns an unwrapped value. - * wrapped.reduce(_.add); - * // => 6 - * - * // Returns a wrapped value. - * var squares = wrapped.map(square); - * - * _.isArray(squares); - * // => false - * - * _.isArray(squares.value()); - * // => true - */ - function lodash(value) { - if (isObjectLike(value) && !isArray(value) && !(value instanceof LazyWrapper)) { - if (value instanceof LodashWrapper) { - return value; - } - if (hasOwnProperty.call(value, '__wrapped__')) { - return wrapperClone(value); - } - } - return new LodashWrapper(value); - } - - /** - * The base implementation of `_.create` without support for assigning - * properties to the created object. - * - * @private - * @param {Object} proto The object to inherit from. - * @returns {Object} Returns the new object. - */ - var baseCreate = (function () { - function object() {} - return function (proto) { - if (!isObject(proto)) { - return {}; - } - if (objectCreate) { - return objectCreate(proto); - } - object.prototype = proto; - var result = new object(); - object.prototype = undefined; - return result; - }; - })(); - - /** - * The function whose prototype chain sequence wrappers inherit from. - * - * @private - */ - function baseLodash() { - // No operation performed. - } - - /** - * The base constructor for creating `lodash` wrapper objects. - * - * @private - * @param {*} value The value to wrap. - * @param {boolean} [chainAll] Enable explicit method chain sequences. - */ - function LodashWrapper(value, chainAll) { - this.__wrapped__ = value; - this.__actions__ = []; - this.__chain__ = !!chainAll; - this.__index__ = 0; - this.__values__ = undefined; - } - - /** - * By default, the template delimiters used by lodash are like those in - * embedded Ruby (ERB) as well as ES2015 template strings. Change the - * following template settings to use alternative delimiters. - * - * @static - * @memberOf _ - * @type {Object} - */ - lodash.templateSettings = { - /** - * Used to detect `data` property values to be HTML-escaped. - * - * @memberOf _.templateSettings - * @type {RegExp} - */ - escape: reEscape, - - /** - * Used to detect code to be evaluated. - * - * @memberOf _.templateSettings - * @type {RegExp} - */ - evaluate: reEvaluate, - - /** - * Used to detect `data` property values to inject. - * - * @memberOf _.templateSettings - * @type {RegExp} - */ - interpolate: reInterpolate, - - /** - * Used to reference the data object in the template text. - * - * @memberOf _.templateSettings - * @type {string} - */ - variable: '', - - /** - * Used to import variables into the compiled template. - * - * @memberOf _.templateSettings - * @type {Object} - */ - imports: { - /** - * A reference to the `lodash` function. - * - * @memberOf _.templateSettings.imports - * @type {Function} - */ - _: lodash, - }, - }; - - // Ensure wrappers are instances of `baseLodash`. - lodash.prototype = baseLodash.prototype; - lodash.prototype.constructor = lodash; - - LodashWrapper.prototype = baseCreate(baseLodash.prototype); - LodashWrapper.prototype.constructor = LodashWrapper; - - /*------------------------------------------------------------------------*/ - - /** - * Creates a lazy wrapper object which wraps `value` to enable lazy evaluation. - * - * @private - * @constructor - * @param {*} value The value to wrap. - */ - function LazyWrapper(value) { - this.__wrapped__ = value; - this.__actions__ = []; - this.__dir__ = 1; - this.__filtered__ = false; - this.__iteratees__ = []; - this.__takeCount__ = MAX_ARRAY_LENGTH; - this.__views__ = []; - } - - /** - * Creates a clone of the lazy wrapper object. - * - * @private - * @name clone - * @memberOf LazyWrapper - * @returns {Object} Returns the cloned `LazyWrapper` object. - */ - function lazyClone() { - var result = new LazyWrapper(this.__wrapped__); - result.__actions__ = copyArray(this.__actions__); - result.__dir__ = this.__dir__; - result.__filtered__ = this.__filtered__; - result.__iteratees__ = copyArray(this.__iteratees__); - result.__takeCount__ = this.__takeCount__; - result.__views__ = copyArray(this.__views__); - return result; - } - - /** - * Reverses the direction of lazy iteration. - * - * @private - * @name reverse - * @memberOf LazyWrapper - * @returns {Object} Returns the new reversed `LazyWrapper` object. - */ - function lazyReverse() { - if (this.__filtered__) { - var result = new LazyWrapper(this); - result.__dir__ = -1; - result.__filtered__ = true; - } else { - result = this.clone(); - result.__dir__ *= -1; - } - return result; - } - - /** - * Extracts the unwrapped value from its lazy wrapper. - * - * @private - * @name value - * @memberOf LazyWrapper - * @returns {*} Returns the unwrapped value. - */ - function lazyValue() { - var array = this.__wrapped__.value(), - dir = this.__dir__, - isArr = isArray(array), - isRight = dir < 0, - arrLength = isArr ? array.length : 0, - view = getView(0, arrLength, this.__views__), - start = view.start, - end = view.end, - length = end - start, - index = isRight ? end : start - 1, - iteratees = this.__iteratees__, - iterLength = iteratees.length, - resIndex = 0, - takeCount = nativeMin(length, this.__takeCount__); - - if (!isArr || (!isRight && arrLength == length && takeCount == length)) { - return baseWrapperValue(array, this.__actions__); - } - var result = []; - - outer: while (length-- && resIndex < takeCount) { - index += dir; - - var iterIndex = -1, - value = array[index]; - - while (++iterIndex < iterLength) { - var data = iteratees[iterIndex], - iteratee = data.iteratee, - type = data.type, - computed = iteratee(value); - - if (type == LAZY_MAP_FLAG) { - value = computed; - } else if (!computed) { - if (type == LAZY_FILTER_FLAG) { - continue outer; - } else { - break outer; - } - } - } - result[resIndex++] = value; - } - return result; - } - - // Ensure `LazyWrapper` is an instance of `baseLodash`. - LazyWrapper.prototype = baseCreate(baseLodash.prototype); - LazyWrapper.prototype.constructor = LazyWrapper; - - /*------------------------------------------------------------------------*/ - - /** - * Creates a hash object. - * - * @private - * @constructor - * @param {Array} [entries] The key-value pairs to cache. - */ - function Hash(entries) { - var index = -1, - length = entries == null ? 0 : entries.length; - - this.clear(); - while (++index < length) { - var entry = entries[index]; - this.set(entry[0], entry[1]); - } - } - - /** - * Removes all key-value entries from the hash. - * - * @private - * @name clear - * @memberOf Hash - */ - function hashClear() { - this.__data__ = nativeCreate ? nativeCreate(null) : {}; - this.size = 0; - } - - /** - * Removes `key` and its value from the hash. - * - * @private - * @name delete - * @memberOf Hash - * @param {Object} hash The hash to modify. - * @param {string} key The key of the value to remove. - * @returns {boolean} Returns `true` if the entry was removed, else `false`. - */ - function hashDelete(key) { - var result = this.has(key) && delete this.__data__[key]; - this.size -= result ? 1 : 0; - return result; - } - - /** - * Gets the hash value for `key`. - * - * @private - * @name get - * @memberOf Hash - * @param {string} key The key of the value to get. - * @returns {*} Returns the entry value. - */ - function hashGet(key) { - var data = this.__data__; - if (nativeCreate) { - var result = data[key]; - return result === HASH_UNDEFINED ? undefined : result; - } - return hasOwnProperty.call(data, key) ? data[key] : undefined; - } - - /** - * Checks if a hash value for `key` exists. - * - * @private - * @name has - * @memberOf Hash - * @param {string} key The key of the entry to check. - * @returns {boolean} Returns `true` if an entry for `key` exists, else `false`. - */ - function hashHas(key) { - var data = this.__data__; - return nativeCreate ? data[key] !== undefined : hasOwnProperty.call(data, key); - } - - /** - * Sets the hash `key` to `value`. - * - * @private - * @name set - * @memberOf Hash - * @param {string} key The key of the value to set. - * @param {*} value The value to set. - * @returns {Object} Returns the hash instance. - */ - function hashSet(key, value) { - var data = this.__data__; - this.size += this.has(key) ? 0 : 1; - data[key] = nativeCreate && value === undefined ? HASH_UNDEFINED : value; - return this; - } - - // Add methods to `Hash`. - Hash.prototype.clear = hashClear; - Hash.prototype['delete'] = hashDelete; - Hash.prototype.get = hashGet; - Hash.prototype.has = hashHas; - Hash.prototype.set = hashSet; - - /*------------------------------------------------------------------------*/ - - /** - * Creates an list cache object. - * - * @private - * @constructor - * @param {Array} [entries] The key-value pairs to cache. - */ - function ListCache(entries) { - var index = -1, - length = entries == null ? 0 : entries.length; - - this.clear(); - while (++index < length) { - var entry = entries[index]; - this.set(entry[0], entry[1]); - } - } - - /** - * Removes all key-value entries from the list cache. - * - * @private - * @name clear - * @memberOf ListCache - */ - function listCacheClear() { - this.__data__ = []; - this.size = 0; - } - - /** - * Removes `key` and its value from the list cache. - * - * @private - * @name delete - * @memberOf ListCache - * @param {string} key The key of the value to remove. - * @returns {boolean} Returns `true` if the entry was removed, else `false`. - */ - function listCacheDelete(key) { - var data = this.__data__, - index = assocIndexOf(data, key); - - if (index < 0) { - return false; - } - var lastIndex = data.length - 1; - if (index == lastIndex) { - data.pop(); - } else { - splice.call(data, index, 1); - } - --this.size; - return true; - } - - /** - * Gets the list cache value for `key`. - * - * @private - * @name get - * @memberOf ListCache - * @param {string} key The key of the value to get. - * @returns {*} Returns the entry value. - */ - function listCacheGet(key) { - var data = this.__data__, - index = assocIndexOf(data, key); - - return index < 0 ? undefined : data[index][1]; - } - - /** - * Checks if a list cache value for `key` exists. - * - * @private - * @name has - * @memberOf ListCache - * @param {string} key The key of the entry to check. - * @returns {boolean} Returns `true` if an entry for `key` exists, else `false`. - */ - function listCacheHas(key) { - return assocIndexOf(this.__data__, key) > -1; - } - - /** - * Sets the list cache `key` to `value`. - * - * @private - * @name set - * @memberOf ListCache - * @param {string} key The key of the value to set. - * @param {*} value The value to set. - * @returns {Object} Returns the list cache instance. - */ - function listCacheSet(key, value) { - var data = this.__data__, - index = assocIndexOf(data, key); - - if (index < 0) { - ++this.size; - data.push([key, value]); - } else { - data[index][1] = value; - } - return this; - } - - // Add methods to `ListCache`. - ListCache.prototype.clear = listCacheClear; - ListCache.prototype['delete'] = listCacheDelete; - ListCache.prototype.get = listCacheGet; - ListCache.prototype.has = listCacheHas; - ListCache.prototype.set = listCacheSet; - - /*------------------------------------------------------------------------*/ - - /** - * Creates a map cache object to store key-value pairs. - * - * @private - * @constructor - * @param {Array} [entries] The key-value pairs to cache. - */ - function MapCache(entries) { - var index = -1, - length = entries == null ? 0 : entries.length; - - this.clear(); - while (++index < length) { - var entry = entries[index]; - this.set(entry[0], entry[1]); - } - } - - /** - * Removes all key-value entries from the map. - * - * @private - * @name clear - * @memberOf MapCache - */ - function mapCacheClear() { - this.size = 0; - this.__data__ = { - hash: new Hash(), - map: new (Map || ListCache)(), - string: new Hash(), - }; - } - - /** - * Removes `key` and its value from the map. - * - * @private - * @name delete - * @memberOf MapCache - * @param {string} key The key of the value to remove. - * @returns {boolean} Returns `true` if the entry was removed, else `false`. - */ - function mapCacheDelete(key) { - var result = getMapData(this, key)['delete'](key); - this.size -= result ? 1 : 0; - return result; - } - - /** - * Gets the map value for `key`. - * - * @private - * @name get - * @memberOf MapCache - * @param {string} key The key of the value to get. - * @returns {*} Returns the entry value. - */ - function mapCacheGet(key) { - return getMapData(this, key).get(key); - } - - /** - * Checks if a map value for `key` exists. - * - * @private - * @name has - * @memberOf MapCache - * @param {string} key The key of the entry to check. - * @returns {boolean} Returns `true` if an entry for `key` exists, else `false`. - */ - function mapCacheHas(key) { - return getMapData(this, key).has(key); - } - - /** - * Sets the map `key` to `value`. - * - * @private - * @name set - * @memberOf MapCache - * @param {string} key The key of the value to set. - * @param {*} value The value to set. - * @returns {Object} Returns the map cache instance. - */ - function mapCacheSet(key, value) { - var data = getMapData(this, key), - size = data.size; - - data.set(key, value); - this.size += data.size == size ? 0 : 1; - return this; - } - - // Add methods to `MapCache`. - MapCache.prototype.clear = mapCacheClear; - MapCache.prototype['delete'] = mapCacheDelete; - MapCache.prototype.get = mapCacheGet; - MapCache.prototype.has = mapCacheHas; - MapCache.prototype.set = mapCacheSet; - - /*------------------------------------------------------------------------*/ - - /** - * - * Creates an array cache object to store unique values. - * - * @private - * @constructor - * @param {Array} [values] The values to cache. - */ - function SetCache(values) { - var index = -1, - length = values == null ? 0 : values.length; - - this.__data__ = new MapCache(); - while (++index < length) { - this.add(values[index]); - } - } - - /** - * Adds `value` to the array cache. - * - * @private - * @name add - * @memberOf SetCache - * @alias push - * @param {*} value The value to cache. - * @returns {Object} Returns the cache instance. - */ - function setCacheAdd(value) { - this.__data__.set(value, HASH_UNDEFINED); - return this; - } - - /** - * Checks if `value` is in the array cache. - * - * @private - * @name has - * @memberOf SetCache - * @param {*} value The value to search for. - * @returns {number} Returns `true` if `value` is found, else `false`. - */ - function setCacheHas(value) { - return this.__data__.has(value); - } - - // Add methods to `SetCache`. - SetCache.prototype.add = SetCache.prototype.push = setCacheAdd; - SetCache.prototype.has = setCacheHas; - - /*------------------------------------------------------------------------*/ - - /** - * Creates a stack cache object to store key-value pairs. - * - * @private - * @constructor - * @param {Array} [entries] The key-value pairs to cache. - */ - function Stack(entries) { - var data = (this.__data__ = new ListCache(entries)); - this.size = data.size; - } - - /** - * Removes all key-value entries from the stack. - * - * @private - * @name clear - * @memberOf Stack - */ - function stackClear() { - this.__data__ = new ListCache(); - this.size = 0; - } - - /** - * Removes `key` and its value from the stack. - * - * @private - * @name delete - * @memberOf Stack - * @param {string} key The key of the value to remove. - * @returns {boolean} Returns `true` if the entry was removed, else `false`. - */ - function stackDelete(key) { - var data = this.__data__, - result = data['delete'](key); - - this.size = data.size; - return result; - } - - /** - * Gets the stack value for `key`. - * - * @private - * @name get - * @memberOf Stack - * @param {string} key The key of the value to get. - * @returns {*} Returns the entry value. - */ - function stackGet(key) { - return this.__data__.get(key); - } - - /** - * Checks if a stack value for `key` exists. - * - * @private - * @name has - * @memberOf Stack - * @param {string} key The key of the entry to check. - * @returns {boolean} Returns `true` if an entry for `key` exists, else `false`. - */ - function stackHas(key) { - return this.__data__.has(key); - } - - /** - * Sets the stack `key` to `value`. - * - * @private - * @name set - * @memberOf Stack - * @param {string} key The key of the value to set. - * @param {*} value The value to set. - * @returns {Object} Returns the stack cache instance. - */ - function stackSet(key, value) { - var data = this.__data__; - if (data instanceof ListCache) { - var pairs = data.__data__; - if (!Map || pairs.length < LARGE_ARRAY_SIZE - 1) { - pairs.push([key, value]); - this.size = ++data.size; - return this; - } - data = this.__data__ = new MapCache(pairs); - } - data.set(key, value); - this.size = data.size; - return this; - } - - // Add methods to `Stack`. - Stack.prototype.clear = stackClear; - Stack.prototype['delete'] = stackDelete; - Stack.prototype.get = stackGet; - Stack.prototype.has = stackHas; - Stack.prototype.set = stackSet; - - /*------------------------------------------------------------------------*/ - - /** - * Creates an array of the enumerable property names of the array-like `value`. - * - * @private - * @param {*} value The value to query. - * @param {boolean} inherited Specify returning inherited property names. - * @returns {Array} Returns the array of property names. - */ - function arrayLikeKeys(value, inherited) { - var isArr = isArray(value), - isArg = !isArr && isArguments(value), - isBuff = !isArr && !isArg && isBuffer(value), - isType = !isArr && !isArg && !isBuff && isTypedArray(value), - skipIndexes = isArr || isArg || isBuff || isType, - result = skipIndexes ? baseTimes(value.length, String) : [], - length = result.length; - - for (var key in value) { - if ( - (inherited || hasOwnProperty.call(value, key)) && - !( - skipIndexes && - // Safari 9 has enumerable `arguments.length` in strict mode. - (key == 'length' || - // Node.js 0.10 has enumerable non-index properties on buffers. - (isBuff && (key == 'offset' || key == 'parent')) || - // PhantomJS 2 has enumerable non-index properties on typed arrays. - (isType && (key == 'buffer' || key == 'byteLength' || key == 'byteOffset')) || - // Skip index properties. - isIndex(key, length)) - ) - ) { - result.push(key); - } - } - return result; - } - - /** - * A specialized version of `_.sample` for arrays. - * - * @private - * @param {Array} array The array to sample. - * @returns {*} Returns the random element. - */ - function arraySample(array) { - var length = array.length; - return length ? array[baseRandom(0, length - 1)] : undefined; - } - - /** - * A specialized version of `_.sampleSize` for arrays. - * - * @private - * @param {Array} array The array to sample. - * @param {number} n The number of elements to sample. - * @returns {Array} Returns the random elements. - */ - function arraySampleSize(array, n) { - return shuffleSelf(copyArray(array), baseClamp(n, 0, array.length)); - } - - /** - * A specialized version of `_.shuffle` for arrays. - * - * @private - * @param {Array} array The array to shuffle. - * @returns {Array} Returns the new shuffled array. - */ - function arrayShuffle(array) { - return shuffleSelf(copyArray(array)); - } - - /** - * This function is like `assignValue` except that it doesn't assign - * `undefined` values. - * - * @private - * @param {Object} object The object to modify. - * @param {string} key The key of the property to assign. - * @param {*} value The value to assign. - */ - function assignMergeValue(object, key, value) { - if ( - (value !== undefined && !eq(object[key], value)) || - (value === undefined && !(key in object)) - ) { - baseAssignValue(object, key, value); - } - } - - /** - * Assigns `value` to `key` of `object` if the existing value is not equivalent - * using [`SameValueZero`](http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero) - * for equality comparisons. - * - * @private - * @param {Object} object The object to modify. - * @param {string} key The key of the property to assign. - * @param {*} value The value to assign. - */ - function assignValue(object, key, value) { - var objValue = object[key]; - if ( - !(hasOwnProperty.call(object, key) && eq(objValue, value)) || - (value === undefined && !(key in object)) - ) { - baseAssignValue(object, key, value); - } - } - - /** - * Gets the index at which the `key` is found in `array` of key-value pairs. - * - * @private - * @param {Array} array The array to inspect. - * @param {*} key The key to search for. - * @returns {number} Returns the index of the matched value, else `-1`. - */ - function assocIndexOf(array, key) { - var length = array.length; - while (length--) { - if (eq(array[length][0], key)) { - return length; - } - } - return -1; - } - - /** - * Aggregates elements of `collection` on `accumulator` with keys transformed - * by `iteratee` and values set by `setter`. - * - * @private - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} setter The function to set `accumulator` values. - * @param {Function} iteratee The iteratee to transform keys. - * @param {Object} accumulator The initial aggregated object. - * @returns {Function} Returns `accumulator`. - */ - function baseAggregator(collection, setter, iteratee, accumulator) { - baseEach(collection, function (value, key, collection) { - setter(accumulator, value, iteratee(value), collection); - }); - return accumulator; - } - - /** - * The base implementation of `_.assign` without support for multiple sources - * or `customizer` functions. - * - * @private - * @param {Object} object The destination object. - * @param {Object} source The source object. - * @returns {Object} Returns `object`. - */ - function baseAssign(object, source) { - return object && copyObject(source, keys(source), object); - } - - /** - * The base implementation of `_.assignIn` without support for multiple sources - * or `customizer` functions. - * - * @private - * @param {Object} object The destination object. - * @param {Object} source The source object. - * @returns {Object} Returns `object`. - */ - function baseAssignIn(object, source) { - return object && copyObject(source, keysIn(source), object); - } - - /** - * The base implementation of `assignValue` and `assignMergeValue` without - * value checks. - * - * @private - * @param {Object} object The object to modify. - * @param {string} key The key of the property to assign. - * @param {*} value The value to assign. - */ - function baseAssignValue(object, key, value) { - if (key == '__proto__' && defineProperty) { - defineProperty(object, key, { - configurable: true, - enumerable: true, - value: value, - writable: true, - }); - } else { - object[key] = value; - } - } - - /** - * The base implementation of `_.at` without support for individual paths. - * - * @private - * @param {Object} object The object to iterate over. - * @param {string[]} paths The property paths to pick. - * @returns {Array} Returns the picked elements. - */ - function baseAt(object, paths) { - var index = -1, - length = paths.length, - result = Array(length), - skip = object == null; - - while (++index < length) { - result[index] = skip ? undefined : get(object, paths[index]); - } - return result; - } - - /** - * The base implementation of `_.clamp` which doesn't coerce arguments. - * - * @private - * @param {number} number The number to clamp. - * @param {number} [lower] The lower bound. - * @param {number} upper The upper bound. - * @returns {number} Returns the clamped number. - */ - function baseClamp(number, lower, upper) { - if (number === number) { - if (upper !== undefined) { - number = number <= upper ? number : upper; - } - if (lower !== undefined) { - number = number >= lower ? number : lower; - } - } - return number; - } - - /** - * The base implementation of `_.clone` and `_.cloneDeep` which tracks - * traversed objects. - * - * @private - * @param {*} value The value to clone. - * @param {boolean} bitmask The bitmask flags. - * 1 - Deep clone - * 2 - Flatten inherited properties - * 4 - Clone symbols - * @param {Function} [customizer] The function to customize cloning. - * @param {string} [key] The key of `value`. - * @param {Object} [object] The parent object of `value`. - * @param {Object} [stack] Tracks traversed objects and their clone counterparts. - * @returns {*} Returns the cloned value. - */ - function baseClone(value, bitmask, customizer, key, object, stack) { - var result, - isDeep = bitmask & CLONE_DEEP_FLAG, - isFlat = bitmask & CLONE_FLAT_FLAG, - isFull = bitmask & CLONE_SYMBOLS_FLAG; - - if (customizer) { - result = object ? customizer(value, key, object, stack) : customizer(value); - } - if (result !== undefined) { - return result; - } - if (!isObject(value)) { - return value; - } - var isArr = isArray(value); - if (isArr) { - result = initCloneArray(value); - if (!isDeep) { - return copyArray(value, result); - } - } else { - var tag = getTag(value), - isFunc = tag == funcTag || tag == genTag; - - if (isBuffer(value)) { - return cloneBuffer(value, isDeep); - } - if (tag == objectTag || tag == argsTag || (isFunc && !object)) { - result = isFlat || isFunc ? {} : initCloneObject(value); - if (!isDeep) { - return isFlat - ? copySymbolsIn(value, baseAssignIn(result, value)) - : copySymbols(value, baseAssign(result, value)); - } - } else { - if (!cloneableTags[tag]) { - return object ? value : {}; - } - result = initCloneByTag(value, tag, isDeep); - } - } - // Check for circular references and return its corresponding clone. - stack || (stack = new Stack()); - var stacked = stack.get(value); - if (stacked) { - return stacked; - } - stack.set(value, result); - - if (isSet(value)) { - value.forEach(function (subValue) { - result.add(baseClone(subValue, bitmask, customizer, subValue, value, stack)); - }); - - return result; - } - - if (isMap(value)) { - value.forEach(function (subValue, key) { - result.set(key, baseClone(subValue, bitmask, customizer, key, value, stack)); - }); - - return result; - } - - var keysFunc = isFull ? (isFlat ? getAllKeysIn : getAllKeys) : isFlat ? keysIn : keys; - - var props = isArr ? undefined : keysFunc(value); - arrayEach(props || value, function (subValue, key) { - if (props) { - key = subValue; - subValue = value[key]; - } - // Recursively populate clone (susceptible to call stack limits). - assignValue(result, key, baseClone(subValue, bitmask, customizer, key, value, stack)); - }); - return result; - } - - /** - * The base implementation of `_.conforms` which doesn't clone `source`. - * - * @private - * @param {Object} source The object of property predicates to conform to. - * @returns {Function} Returns the new spec function. - */ - function baseConforms(source) { - var props = keys(source); - return function (object) { - return baseConformsTo(object, source, props); - }; - } - - /** - * The base implementation of `_.conformsTo` which accepts `props` to check. - * - * @private - * @param {Object} object The object to inspect. - * @param {Object} source The object of property predicates to conform to. - * @returns {boolean} Returns `true` if `object` conforms, else `false`. - */ - function baseConformsTo(object, source, props) { - var length = props.length; - if (object == null) { - return !length; - } - object = Object(object); - while (length--) { - var key = props[length], - predicate = source[key], - value = object[key]; - - if ((value === undefined && !(key in object)) || !predicate(value)) { - return false; - } - } - return true; - } - - /** - * The base implementation of `_.delay` and `_.defer` which accepts `args` - * to provide to `func`. - * - * @private - * @param {Function} func The function to delay. - * @param {number} wait The number of milliseconds to delay invocation. - * @param {Array} args The arguments to provide to `func`. - * @returns {number|Object} Returns the timer id or timeout object. - */ - function baseDelay(func, wait, args) { - if (typeof func != 'function') { - throw new TypeError(FUNC_ERROR_TEXT); - } - return setTimeout(function () { - func.apply(undefined, args); - }, wait); - } - - /** - * The base implementation of methods like `_.difference` without support - * for excluding multiple arrays or iteratee shorthands. - * - * @private - * @param {Array} array The array to inspect. - * @param {Array} values The values to exclude. - * @param {Function} [iteratee] The iteratee invoked per element. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns the new array of filtered values. - */ - function baseDifference(array, values, iteratee, comparator) { - var index = -1, - includes = arrayIncludes, - isCommon = true, - length = array.length, - result = [], - valuesLength = values.length; - - if (!length) { - return result; - } - if (iteratee) { - values = arrayMap(values, baseUnary(iteratee)); - } - if (comparator) { - includes = arrayIncludesWith; - isCommon = false; - } else if (values.length >= LARGE_ARRAY_SIZE) { - includes = cacheHas; - isCommon = false; - values = new SetCache(values); - } - outer: while (++index < length) { - var value = array[index], - computed = iteratee == null ? value : iteratee(value); - - value = comparator || value !== 0 ? value : 0; - if (isCommon && computed === computed) { - var valuesIndex = valuesLength; - while (valuesIndex--) { - if (values[valuesIndex] === computed) { - continue outer; - } - } - result.push(value); - } else if (!includes(values, computed, comparator)) { - result.push(value); - } - } - return result; - } - - /** - * The base implementation of `_.forEach` without support for iteratee shorthands. - * - * @private - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @returns {Array|Object} Returns `collection`. - */ - var baseEach = createBaseEach(baseForOwn); - - /** - * The base implementation of `_.forEachRight` without support for iteratee shorthands. - * - * @private - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @returns {Array|Object} Returns `collection`. - */ - var baseEachRight = createBaseEach(baseForOwnRight, true); - - /** - * The base implementation of `_.every` without support for iteratee shorthands. - * - * @private - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} predicate The function invoked per iteration. - * @returns {boolean} Returns `true` if all elements pass the predicate check, - * else `false` - */ - function baseEvery(collection, predicate) { - var result = true; - baseEach(collection, function (value, index, collection) { - result = !!predicate(value, index, collection); - return result; - }); - return result; - } - - /** - * The base implementation of methods like `_.max` and `_.min` which accepts a - * `comparator` to determine the extremum value. - * - * @private - * @param {Array} array The array to iterate over. - * @param {Function} iteratee The iteratee invoked per iteration. - * @param {Function} comparator The comparator used to compare values. - * @returns {*} Returns the extremum value. - */ - function baseExtremum(array, iteratee, comparator) { - var index = -1, - length = array.length; - - while (++index < length) { - var value = array[index], - current = iteratee(value); - - if ( - current != null && - (computed === undefined - ? current === current && !isSymbol(current) - : comparator(current, computed)) - ) { - var computed = current, - result = value; - } - } - return result; - } - - /** - * The base implementation of `_.fill` without an iteratee call guard. - * - * @private - * @param {Array} array The array to fill. - * @param {*} value The value to fill `array` with. - * @param {number} [start=0] The start position. - * @param {number} [end=array.length] The end position. - * @returns {Array} Returns `array`. - */ - function baseFill(array, value, start, end) { - var length = array.length; - - start = toInteger(start); - if (start < 0) { - start = -start > length ? 0 : length + start; - } - end = end === undefined || end > length ? length : toInteger(end); - if (end < 0) { - end += length; - } - end = start > end ? 0 : toLength(end); - while (start < end) { - array[start++] = value; - } - return array; - } - - /** - * The base implementation of `_.filter` without support for iteratee shorthands. - * - * @private - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} predicate The function invoked per iteration. - * @returns {Array} Returns the new filtered array. - */ - function baseFilter(collection, predicate) { - var result = []; - baseEach(collection, function (value, index, collection) { - if (predicate(value, index, collection)) { - result.push(value); - } - }); - return result; - } - - /** - * The base implementation of `_.flatten` with support for restricting flattening. - * - * @private - * @param {Array} array The array to flatten. - * @param {number} depth The maximum recursion depth. - * @param {boolean} [predicate=isFlattenable] The function invoked per iteration. - * @param {boolean} [isStrict] Restrict to values that pass `predicate` checks. - * @param {Array} [result=[]] The initial result value. - * @returns {Array} Returns the new flattened array. - */ - function baseFlatten(array, depth, predicate, isStrict, result) { - var index = -1, - length = array.length; - - predicate || (predicate = isFlattenable); - result || (result = []); - - while (++index < length) { - var value = array[index]; - if (depth > 0 && predicate(value)) { - if (depth > 1) { - // Recursively flatten arrays (susceptible to call stack limits). - baseFlatten(value, depth - 1, predicate, isStrict, result); - } else { - arrayPush(result, value); - } - } else if (!isStrict) { - result[result.length] = value; - } - } - return result; - } - - /** - * The base implementation of `baseForOwn` which iterates over `object` - * properties returned by `keysFunc` and invokes `iteratee` for each property. - * Iteratee functions may exit iteration early by explicitly returning `false`. - * - * @private - * @param {Object} object The object to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @param {Function} keysFunc The function to get the keys of `object`. - * @returns {Object} Returns `object`. - */ - var baseFor = createBaseFor(); - - /** - * This function is like `baseFor` except that it iterates over properties - * in the opposite order. - * - * @private - * @param {Object} object The object to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @param {Function} keysFunc The function to get the keys of `object`. - * @returns {Object} Returns `object`. - */ - var baseForRight = createBaseFor(true); - - /** - * The base implementation of `_.forOwn` without support for iteratee shorthands. - * - * @private - * @param {Object} object The object to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @returns {Object} Returns `object`. - */ - function baseForOwn(object, iteratee) { - return object && baseFor(object, iteratee, keys); - } - - /** - * The base implementation of `_.forOwnRight` without support for iteratee shorthands. - * - * @private - * @param {Object} object The object to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @returns {Object} Returns `object`. - */ - function baseForOwnRight(object, iteratee) { - return object && baseForRight(object, iteratee, keys); - } - - /** - * The base implementation of `_.functions` which creates an array of - * `object` function property names filtered from `props`. - * - * @private - * @param {Object} object The object to inspect. - * @param {Array} props The property names to filter. - * @returns {Array} Returns the function names. - */ - function baseFunctions(object, props) { - return arrayFilter(props, function (key) { - return isFunction(object[key]); - }); - } - - /** - * The base implementation of `_.get` without support for default values. - * - * @private - * @param {Object} object The object to query. - * @param {Array|string} path The path of the property to get. - * @returns {*} Returns the resolved value. - */ - function baseGet(object, path) { - path = castPath(path, object); - - var index = 0, - length = path.length; - - while (object != null && index < length) { - object = object[toKey(path[index++])]; - } - return index && index == length ? object : undefined; - } - - /** - * The base implementation of `getAllKeys` and `getAllKeysIn` which uses - * `keysFunc` and `symbolsFunc` to get the enumerable property names and - * symbols of `object`. - * - * @private - * @param {Object} object The object to query. - * @param {Function} keysFunc The function to get the keys of `object`. - * @param {Function} symbolsFunc The function to get the symbols of `object`. - * @returns {Array} Returns the array of property names and symbols. - */ - function baseGetAllKeys(object, keysFunc, symbolsFunc) { - var result = keysFunc(object); - return isArray(object) ? result : arrayPush(result, symbolsFunc(object)); - } - - /** - * The base implementation of `getTag` without fallbacks for buggy environments. - * - * @private - * @param {*} value The value to query. - * @returns {string} Returns the `toStringTag`. - */ - function baseGetTag(value) { - if (value == null) { - return value === undefined ? undefinedTag : nullTag; - } - return symToStringTag && symToStringTag in Object(value) - ? getRawTag(value) - : objectToString(value); - } - - /** - * The base implementation of `_.gt` which doesn't coerce arguments. - * - * @private - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @returns {boolean} Returns `true` if `value` is greater than `other`, - * else `false`. - */ - function baseGt(value, other) { - return value > other; - } - - /** - * The base implementation of `_.has` without support for deep paths. - * - * @private - * @param {Object} [object] The object to query. - * @param {Array|string} key The key to check. - * @returns {boolean} Returns `true` if `key` exists, else `false`. - */ - function baseHas(object, key) { - return object != null && hasOwnProperty.call(object, key); - } - - /** - * The base implementation of `_.hasIn` without support for deep paths. - * - * @private - * @param {Object} [object] The object to query. - * @param {Array|string} key The key to check. - * @returns {boolean} Returns `true` if `key` exists, else `false`. - */ - function baseHasIn(object, key) { - return object != null && key in Object(object); - } - - /** - * The base implementation of `_.inRange` which doesn't coerce arguments. - * - * @private - * @param {number} number The number to check. - * @param {number} start The start of the range. - * @param {number} end The end of the range. - * @returns {boolean} Returns `true` if `number` is in the range, else `false`. - */ - function baseInRange(number, start, end) { - return number >= nativeMin(start, end) && number < nativeMax(start, end); - } - - /** - * The base implementation of methods like `_.intersection`, without support - * for iteratee shorthands, that accepts an array of arrays to inspect. - * - * @private - * @param {Array} arrays The arrays to inspect. - * @param {Function} [iteratee] The iteratee invoked per element. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns the new array of shared values. - */ - function baseIntersection(arrays, iteratee, comparator) { - var includes = comparator ? arrayIncludesWith : arrayIncludes, - length = arrays[0].length, - othLength = arrays.length, - othIndex = othLength, - caches = Array(othLength), - maxLength = Infinity, - result = []; - - while (othIndex--) { - var array = arrays[othIndex]; - if (othIndex && iteratee) { - array = arrayMap(array, baseUnary(iteratee)); - } - maxLength = nativeMin(array.length, maxLength); - caches[othIndex] = - !comparator && (iteratee || (length >= 120 && array.length >= 120)) - ? new SetCache(othIndex && array) - : undefined; - } - array = arrays[0]; - - var index = -1, - seen = caches[0]; - - outer: while (++index < length && result.length < maxLength) { - var value = array[index], - computed = iteratee ? iteratee(value) : value; - - value = comparator || value !== 0 ? value : 0; - if (!(seen ? cacheHas(seen, computed) : includes(result, computed, comparator))) { - othIndex = othLength; - while (--othIndex) { - var cache = caches[othIndex]; - if ( - !(cache ? cacheHas(cache, computed) : includes(arrays[othIndex], computed, comparator)) - ) { - continue outer; - } - } - if (seen) { - seen.push(computed); - } - result.push(value); - } - } - return result; - } - - /** - * The base implementation of `_.invert` and `_.invertBy` which inverts - * `object` with values transformed by `iteratee` and set by `setter`. - * - * @private - * @param {Object} object The object to iterate over. - * @param {Function} setter The function to set `accumulator` values. - * @param {Function} iteratee The iteratee to transform values. - * @param {Object} accumulator The initial inverted object. - * @returns {Function} Returns `accumulator`. - */ - function baseInverter(object, setter, iteratee, accumulator) { - baseForOwn(object, function (value, key, object) { - setter(accumulator, iteratee(value), key, object); - }); - return accumulator; - } - - /** - * The base implementation of `_.invoke` without support for individual - * method arguments. - * - * @private - * @param {Object} object The object to query. - * @param {Array|string} path The path of the method to invoke. - * @param {Array} args The arguments to invoke the method with. - * @returns {*} Returns the result of the invoked method. - */ - function baseInvoke(object, path, args) { - path = castPath(path, object); - object = parent(object, path); - var func = object == null ? object : object[toKey(last(path))]; - return func == null ? undefined : apply(func, object, args); - } - - /** - * The base implementation of `_.isArguments`. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is an `arguments` object, - */ - function baseIsArguments(value) { - return isObjectLike(value) && baseGetTag(value) == argsTag; - } - - /** - * The base implementation of `_.isArrayBuffer` without Node.js optimizations. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is an array buffer, else `false`. - */ - function baseIsArrayBuffer(value) { - return isObjectLike(value) && baseGetTag(value) == arrayBufferTag; - } - - /** - * The base implementation of `_.isDate` without Node.js optimizations. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a date object, else `false`. - */ - function baseIsDate(value) { - return isObjectLike(value) && baseGetTag(value) == dateTag; - } - - /** - * The base implementation of `_.isEqual` which supports partial comparisons - * and tracks traversed objects. - * - * @private - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @param {boolean} bitmask The bitmask flags. - * 1 - Unordered comparison - * 2 - Partial comparison - * @param {Function} [customizer] The function to customize comparisons. - * @param {Object} [stack] Tracks traversed `value` and `other` objects. - * @returns {boolean} Returns `true` if the values are equivalent, else `false`. - */ - function baseIsEqual(value, other, bitmask, customizer, stack) { - if (value === other) { - return true; - } - if (value == null || other == null || (!isObjectLike(value) && !isObjectLike(other))) { - return value !== value && other !== other; - } - return baseIsEqualDeep(value, other, bitmask, customizer, baseIsEqual, stack); - } - - /** - * A specialized version of `baseIsEqual` for arrays and objects which performs - * deep comparisons and tracks traversed objects enabling objects with circular - * references to be compared. - * - * @private - * @param {Object} object The object to compare. - * @param {Object} other The other object to compare. - * @param {number} bitmask The bitmask flags. See `baseIsEqual` for more details. - * @param {Function} customizer The function to customize comparisons. - * @param {Function} equalFunc The function to determine equivalents of values. - * @param {Object} [stack] Tracks traversed `object` and `other` objects. - * @returns {boolean} Returns `true` if the objects are equivalent, else `false`. - */ - function baseIsEqualDeep(object, other, bitmask, customizer, equalFunc, stack) { - var objIsArr = isArray(object), - othIsArr = isArray(other), - objTag = objIsArr ? arrayTag : getTag(object), - othTag = othIsArr ? arrayTag : getTag(other); - - objTag = objTag == argsTag ? objectTag : objTag; - othTag = othTag == argsTag ? objectTag : othTag; - - var objIsObj = objTag == objectTag, - othIsObj = othTag == objectTag, - isSameTag = objTag == othTag; - - if (isSameTag && isBuffer(object)) { - if (!isBuffer(other)) { - return false; - } - objIsArr = true; - objIsObj = false; - } - if (isSameTag && !objIsObj) { - stack || (stack = new Stack()); - return objIsArr || isTypedArray(object) - ? equalArrays(object, other, bitmask, customizer, equalFunc, stack) - : equalByTag(object, other, objTag, bitmask, customizer, equalFunc, stack); - } - if (!(bitmask & COMPARE_PARTIAL_FLAG)) { - var objIsWrapped = objIsObj && hasOwnProperty.call(object, '__wrapped__'), - othIsWrapped = othIsObj && hasOwnProperty.call(other, '__wrapped__'); - - if (objIsWrapped || othIsWrapped) { - var objUnwrapped = objIsWrapped ? object.value() : object, - othUnwrapped = othIsWrapped ? other.value() : other; - - stack || (stack = new Stack()); - return equalFunc(objUnwrapped, othUnwrapped, bitmask, customizer, stack); - } - } - if (!isSameTag) { - return false; - } - stack || (stack = new Stack()); - return equalObjects(object, other, bitmask, customizer, equalFunc, stack); - } - - /** - * The base implementation of `_.isMap` without Node.js optimizations. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a map, else `false`. - */ - function baseIsMap(value) { - return isObjectLike(value) && getTag(value) == mapTag; - } - - /** - * The base implementation of `_.isMatch` without support for iteratee shorthands. - * - * @private - * @param {Object} object The object to inspect. - * @param {Object} source The object of property values to match. - * @param {Array} matchData The property names, values, and compare flags to match. - * @param {Function} [customizer] The function to customize comparisons. - * @returns {boolean} Returns `true` if `object` is a match, else `false`. - */ - function baseIsMatch(object, source, matchData, customizer) { - var index = matchData.length, - length = index, - noCustomizer = !customizer; - - if (object == null) { - return !length; - } - object = Object(object); - while (index--) { - var data = matchData[index]; - if (noCustomizer && data[2] ? data[1] !== object[data[0]] : !(data[0] in object)) { - return false; - } - } - while (++index < length) { - data = matchData[index]; - var key = data[0], - objValue = object[key], - srcValue = data[1]; - - if (noCustomizer && data[2]) { - if (objValue === undefined && !(key in object)) { - return false; - } - } else { - var stack = new Stack(); - if (customizer) { - var result = customizer(objValue, srcValue, key, object, source, stack); - } - if ( - !(result === undefined - ? baseIsEqual( - srcValue, - objValue, - COMPARE_PARTIAL_FLAG | COMPARE_UNORDERED_FLAG, - customizer, - stack - ) - : result) - ) { - return false; - } - } - } - return true; - } - - /** - * The base implementation of `_.isNative` without bad shim checks. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a native function, - * else `false`. - */ - function baseIsNative(value) { - if (!isObject(value) || isMasked(value)) { - return false; - } - var pattern = isFunction(value) ? reIsNative : reIsHostCtor; - return pattern.test(toSource(value)); - } - - /** - * The base implementation of `_.isRegExp` without Node.js optimizations. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a regexp, else `false`. - */ - function baseIsRegExp(value) { - return isObjectLike(value) && baseGetTag(value) == regexpTag; - } - - /** - * The base implementation of `_.isSet` without Node.js optimizations. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a set, else `false`. - */ - function baseIsSet(value) { - return isObjectLike(value) && getTag(value) == setTag; - } - - /** - * The base implementation of `_.isTypedArray` without Node.js optimizations. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a typed array, else `false`. - */ - function baseIsTypedArray(value) { - return isObjectLike(value) && isLength(value.length) && !!typedArrayTags[baseGetTag(value)]; - } - - /** - * The base implementation of `_.iteratee`. - * - * @private - * @param {*} [value=_.identity] The value to convert to an iteratee. - * @returns {Function} Returns the iteratee. - */ - function baseIteratee(value) { - // Don't store the `typeof` result in a variable to avoid a JIT bug in Safari 9. - // See https://bugs.webkit.org/show_bug.cgi?id=156034 for more details. - if (typeof value == 'function') { - return value; - } - if (value == null) { - return identity; - } - if (typeof value == 'object') { - return isArray(value) ? baseMatchesProperty(value[0], value[1]) : baseMatches(value); - } - return property(value); - } - - /** - * The base implementation of `_.keys` which doesn't treat sparse arrays as dense. - * - * @private - * @param {Object} object The object to query. - * @returns {Array} Returns the array of property names. - */ - function baseKeys(object) { - if (!isPrototype(object)) { - return nativeKeys(object); - } - var result = []; - for (var key in Object(object)) { - if (hasOwnProperty.call(object, key) && key != 'constructor') { - result.push(key); - } - } - return result; - } - - /** - * The base implementation of `_.keysIn` which doesn't treat sparse arrays as dense. - * - * @private - * @param {Object} object The object to query. - * @returns {Array} Returns the array of property names. - */ - function baseKeysIn(object) { - if (!isObject(object)) { - return nativeKeysIn(object); - } - var isProto = isPrototype(object), - result = []; - - for (var key in object) { - if (!(key == 'constructor' && (isProto || !hasOwnProperty.call(object, key)))) { - result.push(key); - } - } - return result; - } - - /** - * The base implementation of `_.lt` which doesn't coerce arguments. - * - * @private - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @returns {boolean} Returns `true` if `value` is less than `other`, - * else `false`. - */ - function baseLt(value, other) { - return value < other; - } - - /** - * The base implementation of `_.map` without support for iteratee shorthands. - * - * @private - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} iteratee The function invoked per iteration. - * @returns {Array} Returns the new mapped array. - */ - function baseMap(collection, iteratee) { - var index = -1, - result = isArrayLike(collection) ? Array(collection.length) : []; - - baseEach(collection, function (value, key, collection) { - result[++index] = iteratee(value, key, collection); - }); - return result; - } - - /** - * The base implementation of `_.matches` which doesn't clone `source`. - * - * @private - * @param {Object} source The object of property values to match. - * @returns {Function} Returns the new spec function. - */ - function baseMatches(source) { - var matchData = getMatchData(source); - if (matchData.length == 1 && matchData[0][2]) { - return matchesStrictComparable(matchData[0][0], matchData[0][1]); - } - return function (object) { - return object === source || baseIsMatch(object, source, matchData); - }; - } - - /** - * The base implementation of `_.matchesProperty` which doesn't clone `srcValue`. - * - * @private - * @param {string} path The path of the property to get. - * @param {*} srcValue The value to match. - * @returns {Function} Returns the new spec function. - */ - function baseMatchesProperty(path, srcValue) { - if (isKey(path) && isStrictComparable(srcValue)) { - return matchesStrictComparable(toKey(path), srcValue); - } - return function (object) { - var objValue = get(object, path); - return objValue === undefined && objValue === srcValue - ? hasIn(object, path) - : baseIsEqual(srcValue, objValue, COMPARE_PARTIAL_FLAG | COMPARE_UNORDERED_FLAG); - }; - } - - /** - * The base implementation of `_.merge` without support for multiple sources. - * - * @private - * @param {Object} object The destination object. - * @param {Object} source The source object. - * @param {number} srcIndex The index of `source`. - * @param {Function} [customizer] The function to customize merged values. - * @param {Object} [stack] Tracks traversed source values and their merged - * counterparts. - */ - function baseMerge(object, source, srcIndex, customizer, stack) { - if (object === source) { - return; - } - baseFor( - source, - function (srcValue, key) { - if (isObject(srcValue)) { - stack || (stack = new Stack()); - baseMergeDeep(object, source, key, srcIndex, baseMerge, customizer, stack); - } else { - var newValue = customizer - ? customizer(safeGet(object, key), srcValue, key + '', object, source, stack) - : undefined; - - if (newValue === undefined) { - newValue = srcValue; - } - assignMergeValue(object, key, newValue); - } - }, - keysIn - ); - } - - /** - * A specialized version of `baseMerge` for arrays and objects which performs - * deep merges and tracks traversed objects enabling objects with circular - * references to be merged. - * - * @private - * @param {Object} object The destination object. - * @param {Object} source The source object. - * @param {string} key The key of the value to merge. - * @param {number} srcIndex The index of `source`. - * @param {Function} mergeFunc The function to merge values. - * @param {Function} [customizer] The function to customize assigned values. - * @param {Object} [stack] Tracks traversed source values and their merged - * counterparts. - */ - function baseMergeDeep(object, source, key, srcIndex, mergeFunc, customizer, stack) { - var objValue = safeGet(object, key), - srcValue = safeGet(source, key), - stacked = stack.get(srcValue); - - if (stacked) { - assignMergeValue(object, key, stacked); - return; - } - var newValue = customizer - ? customizer(objValue, srcValue, key + '', object, source, stack) - : undefined; - - var isCommon = newValue === undefined; - - if (isCommon) { - var isArr = isArray(srcValue), - isBuff = !isArr && isBuffer(srcValue), - isTyped = !isArr && !isBuff && isTypedArray(srcValue); - - newValue = srcValue; - if (isArr || isBuff || isTyped) { - if (isArray(objValue)) { - newValue = objValue; - } else if (isArrayLikeObject(objValue)) { - newValue = copyArray(objValue); - } else if (isBuff) { - isCommon = false; - newValue = cloneBuffer(srcValue, true); - } else if (isTyped) { - isCommon = false; - newValue = cloneTypedArray(srcValue, true); - } else { - newValue = []; - } - } else if (isPlainObject(srcValue) || isArguments(srcValue)) { - newValue = objValue; - if (isArguments(objValue)) { - newValue = toPlainObject(objValue); - } else if (!isObject(objValue) || (srcIndex && isFunction(objValue))) { - newValue = initCloneObject(srcValue); - } - } else { - isCommon = false; - } - } - if (isCommon) { - // Recursively merge objects and arrays (susceptible to call stack limits). - stack.set(srcValue, newValue); - mergeFunc(newValue, srcValue, srcIndex, customizer, stack); - stack['delete'](srcValue); - } - assignMergeValue(object, key, newValue); - } - - /** - * The base implementation of `_.nth` which doesn't coerce arguments. - * - * @private - * @param {Array} array The array to query. - * @param {number} n The index of the element to return. - * @returns {*} Returns the nth element of `array`. - */ - function baseNth(array, n) { - var length = array.length; - if (!length) { - return; - } - n += n < 0 ? length : 0; - return isIndex(n, length) ? array[n] : undefined; - } - - /** - * The base implementation of `_.orderBy` without param guards. - * - * @private - * @param {Array|Object} collection The collection to iterate over. - * @param {Function[]|Object[]|string[]} iteratees The iteratees to sort by. - * @param {string[]} orders The sort orders of `iteratees`. - * @returns {Array} Returns the new sorted array. - */ - function baseOrderBy(collection, iteratees, orders) { - var index = -1; - iteratees = arrayMap(iteratees.length ? iteratees : [identity], baseUnary(getIteratee())); - - var result = baseMap(collection, function (value, key, collection) { - var criteria = arrayMap(iteratees, function (iteratee) { - return iteratee(value); - }); - return { criteria: criteria, index: ++index, value: value }; - }); - - return baseSortBy(result, function (object, other) { - return compareMultiple(object, other, orders); - }); - } - - /** - * The base implementation of `_.pick` without support for individual - * property identifiers. - * - * @private - * @param {Object} object The source object. - * @param {string[]} paths The property paths to pick. - * @returns {Object} Returns the new object. - */ - function basePick(object, paths) { - return basePickBy(object, paths, function (value, path) { - return hasIn(object, path); - }); - } - - /** - * The base implementation of `_.pickBy` without support for iteratee shorthands. - * - * @private - * @param {Object} object The source object. - * @param {string[]} paths The property paths to pick. - * @param {Function} predicate The function invoked per property. - * @returns {Object} Returns the new object. - */ - function basePickBy(object, paths, predicate) { - var index = -1, - length = paths.length, - result = {}; - - while (++index < length) { - var path = paths[index], - value = baseGet(object, path); - - if (predicate(value, path)) { - baseSet(result, castPath(path, object), value); - } - } - return result; - } - - /** - * A specialized version of `baseProperty` which supports deep paths. - * - * @private - * @param {Array|string} path The path of the property to get. - * @returns {Function} Returns the new accessor function. - */ - function basePropertyDeep(path) { - return function (object) { - return baseGet(object, path); - }; - } - - /** - * The base implementation of `_.pullAllBy` without support for iteratee - * shorthands. - * - * @private - * @param {Array} array The array to modify. - * @param {Array} values The values to remove. - * @param {Function} [iteratee] The iteratee invoked per element. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns `array`. - */ - function basePullAll(array, values, iteratee, comparator) { - var indexOf = comparator ? baseIndexOfWith : baseIndexOf, - index = -1, - length = values.length, - seen = array; - - if (array === values) { - values = copyArray(values); - } - if (iteratee) { - seen = arrayMap(array, baseUnary(iteratee)); - } - while (++index < length) { - var fromIndex = 0, - value = values[index], - computed = iteratee ? iteratee(value) : value; - - while ((fromIndex = indexOf(seen, computed, fromIndex, comparator)) > -1) { - if (seen !== array) { - splice.call(seen, fromIndex, 1); - } - splice.call(array, fromIndex, 1); - } - } - return array; - } - - /** - * The base implementation of `_.pullAt` without support for individual - * indexes or capturing the removed elements. - * - * @private - * @param {Array} array The array to modify. - * @param {number[]} indexes The indexes of elements to remove. - * @returns {Array} Returns `array`. - */ - function basePullAt(array, indexes) { - var length = array ? indexes.length : 0, - lastIndex = length - 1; - - while (length--) { - var index = indexes[length]; - if (length == lastIndex || index !== previous) { - var previous = index; - if (isIndex(index)) { - splice.call(array, index, 1); - } else { - baseUnset(array, index); - } - } - } - return array; - } - - /** - * The base implementation of `_.random` without support for returning - * floating-point numbers. - * - * @private - * @param {number} lower The lower bound. - * @param {number} upper The upper bound. - * @returns {number} Returns the random number. - */ - function baseRandom(lower, upper) { - return lower + nativeFloor(nativeRandom() * (upper - lower + 1)); - } - - /** - * The base implementation of `_.range` and `_.rangeRight` which doesn't - * coerce arguments. - * - * @private - * @param {number} start The start of the range. - * @param {number} end The end of the range. - * @param {number} step The value to increment or decrement by. - * @param {boolean} [fromRight] Specify iterating from right to left. - * @returns {Array} Returns the range of numbers. - */ - function baseRange(start, end, step, fromRight) { - var index = -1, - length = nativeMax(nativeCeil((end - start) / (step || 1)), 0), - result = Array(length); - - while (length--) { - result[fromRight ? length : ++index] = start; - start += step; - } - return result; - } - - /** - * The base implementation of `_.repeat` which doesn't coerce arguments. - * - * @private - * @param {string} string The string to repeat. - * @param {number} n The number of times to repeat the string. - * @returns {string} Returns the repeated string. - */ - function baseRepeat(string, n) { - var result = ''; - if (!string || n < 1 || n > MAX_SAFE_INTEGER) { - return result; - } - // Leverage the exponentiation by squaring algorithm for a faster repeat. - // See https://en.wikipedia.org/wiki/Exponentiation_by_squaring for more details. - do { - if (n % 2) { - result += string; - } - n = nativeFloor(n / 2); - if (n) { - string += string; - } - } while (n); - - return result; - } - - /** - * The base implementation of `_.rest` which doesn't validate or coerce arguments. - * - * @private - * @param {Function} func The function to apply a rest parameter to. - * @param {number} [start=func.length-1] The start position of the rest parameter. - * @returns {Function} Returns the new function. - */ - function baseRest(func, start) { - return setToString(overRest(func, start, identity), func + ''); - } - - /** - * The base implementation of `_.sample`. - * - * @private - * @param {Array|Object} collection The collection to sample. - * @returns {*} Returns the random element. - */ - function baseSample(collection) { - return arraySample(values(collection)); - } - - /** - * The base implementation of `_.sampleSize` without param guards. - * - * @private - * @param {Array|Object} collection The collection to sample. - * @param {number} n The number of elements to sample. - * @returns {Array} Returns the random elements. - */ - function baseSampleSize(collection, n) { - var array = values(collection); - return shuffleSelf(array, baseClamp(n, 0, array.length)); - } - - /** - * The base implementation of `_.set`. - * - * @private - * @param {Object} object The object to modify. - * @param {Array|string} path The path of the property to set. - * @param {*} value The value to set. - * @param {Function} [customizer] The function to customize path creation. - * @returns {Object} Returns `object`. - */ - function baseSet(object, path, value, customizer) { - if (!isObject(object)) { - return object; - } - path = castPath(path, object); - - var index = -1, - length = path.length, - lastIndex = length - 1, - nested = object; - - while (nested != null && ++index < length) { - var key = toKey(path[index]), - newValue = value; - - if (index != lastIndex) { - var objValue = nested[key]; - newValue = customizer ? customizer(objValue, key, nested) : undefined; - if (newValue === undefined) { - newValue = isObject(objValue) ? objValue : isIndex(path[index + 1]) ? [] : {}; - } - } - assignValue(nested, key, newValue); - nested = nested[key]; - } - return object; - } - - /** - * The base implementation of `setData` without support for hot loop shorting. - * - * @private - * @param {Function} func The function to associate metadata with. - * @param {*} data The metadata. - * @returns {Function} Returns `func`. - */ - var baseSetData = !metaMap - ? identity - : function (func, data) { - metaMap.set(func, data); - return func; - }; - - /** - * The base implementation of `setToString` without support for hot loop shorting. - * - * @private - * @param {Function} func The function to modify. - * @param {Function} string The `toString` result. - * @returns {Function} Returns `func`. - */ - var baseSetToString = !defineProperty - ? identity - : function (func, string) { - return defineProperty(func, 'toString', { - configurable: true, - enumerable: false, - value: constant(string), - writable: true, - }); - }; - - /** - * The base implementation of `_.shuffle`. - * - * @private - * @param {Array|Object} collection The collection to shuffle. - * @returns {Array} Returns the new shuffled array. - */ - function baseShuffle(collection) { - return shuffleSelf(values(collection)); - } - - /** - * The base implementation of `_.slice` without an iteratee call guard. - * - * @private - * @param {Array} array The array to slice. - * @param {number} [start=0] The start position. - * @param {number} [end=array.length] The end position. - * @returns {Array} Returns the slice of `array`. - */ - function baseSlice(array, start, end) { - var index = -1, - length = array.length; - - if (start < 0) { - start = -start > length ? 0 : length + start; - } - end = end > length ? length : end; - if (end < 0) { - end += length; - } - length = start > end ? 0 : (end - start) >>> 0; - start >>>= 0; - - var result = Array(length); - while (++index < length) { - result[index] = array[index + start]; - } - return result; - } - - /** - * The base implementation of `_.some` without support for iteratee shorthands. - * - * @private - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} predicate The function invoked per iteration. - * @returns {boolean} Returns `true` if any element passes the predicate check, - * else `false`. - */ - function baseSome(collection, predicate) { - var result; - - baseEach(collection, function (value, index, collection) { - result = predicate(value, index, collection); - return !result; - }); - return !!result; - } - - /** - * The base implementation of `_.sortedIndex` and `_.sortedLastIndex` which - * performs a binary search of `array` to determine the index at which `value` - * should be inserted into `array` in order to maintain its sort order. - * - * @private - * @param {Array} array The sorted array to inspect. - * @param {*} value The value to evaluate. - * @param {boolean} [retHighest] Specify returning the highest qualified index. - * @returns {number} Returns the index at which `value` should be inserted - * into `array`. - */ - function baseSortedIndex(array, value, retHighest) { - var low = 0, - high = array == null ? low : array.length; - - if (typeof value == 'number' && value === value && high <= HALF_MAX_ARRAY_LENGTH) { - while (low < high) { - var mid = (low + high) >>> 1, - computed = array[mid]; - - if ( - computed !== null && - !isSymbol(computed) && - (retHighest ? computed <= value : computed < value) - ) { - low = mid + 1; - } else { - high = mid; - } - } - return high; - } - return baseSortedIndexBy(array, value, identity, retHighest); - } - - /** - * The base implementation of `_.sortedIndexBy` and `_.sortedLastIndexBy` - * which invokes `iteratee` for `value` and each element of `array` to compute - * their sort ranking. The iteratee is invoked with one argument; (value). - * - * @private - * @param {Array} array The sorted array to inspect. - * @param {*} value The value to evaluate. - * @param {Function} iteratee The iteratee invoked per element. - * @param {boolean} [retHighest] Specify returning the highest qualified index. - * @returns {number} Returns the index at which `value` should be inserted - * into `array`. - */ - function baseSortedIndexBy(array, value, iteratee, retHighest) { - value = iteratee(value); - - var low = 0, - high = array == null ? 0 : array.length, - valIsNaN = value !== value, - valIsNull = value === null, - valIsSymbol = isSymbol(value), - valIsUndefined = value === undefined; - - while (low < high) { - var mid = nativeFloor((low + high) / 2), - computed = iteratee(array[mid]), - othIsDefined = computed !== undefined, - othIsNull = computed === null, - othIsReflexive = computed === computed, - othIsSymbol = isSymbol(computed); - - if (valIsNaN) { - var setLow = retHighest || othIsReflexive; - } else if (valIsUndefined) { - setLow = othIsReflexive && (retHighest || othIsDefined); - } else if (valIsNull) { - setLow = othIsReflexive && othIsDefined && (retHighest || !othIsNull); - } else if (valIsSymbol) { - setLow = othIsReflexive && othIsDefined && !othIsNull && (retHighest || !othIsSymbol); - } else if (othIsNull || othIsSymbol) { - setLow = false; - } else { - setLow = retHighest ? computed <= value : computed < value; - } - if (setLow) { - low = mid + 1; - } else { - high = mid; - } - } - return nativeMin(high, MAX_ARRAY_INDEX); - } - - /** - * The base implementation of `_.sortedUniq` and `_.sortedUniqBy` without - * support for iteratee shorthands. - * - * @private - * @param {Array} array The array to inspect. - * @param {Function} [iteratee] The iteratee invoked per element. - * @returns {Array} Returns the new duplicate free array. - */ - function baseSortedUniq(array, iteratee) { - var index = -1, - length = array.length, - resIndex = 0, - result = []; - - while (++index < length) { - var value = array[index], - computed = iteratee ? iteratee(value) : value; - - if (!index || !eq(computed, seen)) { - var seen = computed; - result[resIndex++] = value === 0 ? 0 : value; - } - } - return result; - } - - /** - * The base implementation of `_.toNumber` which doesn't ensure correct - * conversions of binary, hexadecimal, or octal string values. - * - * @private - * @param {*} value The value to process. - * @returns {number} Returns the number. - */ - function baseToNumber(value) { - if (typeof value == 'number') { - return value; - } - if (isSymbol(value)) { - return NAN; - } - return +value; - } - - /** - * The base implementation of `_.toString` which doesn't convert nullish - * values to empty strings. - * - * @private - * @param {*} value The value to process. - * @returns {string} Returns the string. - */ - function baseToString(value) { - // Exit early for strings to avoid a performance hit in some environments. - if (typeof value == 'string') { - return value; - } - if (isArray(value)) { - // Recursively convert values (susceptible to call stack limits). - return arrayMap(value, baseToString) + ''; - } - if (isSymbol(value)) { - return symbolToString ? symbolToString.call(value) : ''; - } - var result = value + ''; - return result == '0' && 1 / value == -INFINITY ? '-0' : result; - } - - /** - * The base implementation of `_.uniqBy` without support for iteratee shorthands. - * - * @private - * @param {Array} array The array to inspect. - * @param {Function} [iteratee] The iteratee invoked per element. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns the new duplicate free array. - */ - function baseUniq(array, iteratee, comparator) { - var index = -1, - includes = arrayIncludes, - length = array.length, - isCommon = true, - result = [], - seen = result; - - if (comparator) { - isCommon = false; - includes = arrayIncludesWith; - } else if (length >= LARGE_ARRAY_SIZE) { - var set = iteratee ? null : createSet(array); - if (set) { - return setToArray(set); - } - isCommon = false; - includes = cacheHas; - seen = new SetCache(); - } else { - seen = iteratee ? [] : result; - } - outer: while (++index < length) { - var value = array[index], - computed = iteratee ? iteratee(value) : value; - - value = comparator || value !== 0 ? value : 0; - if (isCommon && computed === computed) { - var seenIndex = seen.length; - while (seenIndex--) { - if (seen[seenIndex] === computed) { - continue outer; - } - } - if (iteratee) { - seen.push(computed); - } - result.push(value); - } else if (!includes(seen, computed, comparator)) { - if (seen !== result) { - seen.push(computed); - } - result.push(value); - } - } - return result; - } - - /** - * The base implementation of `_.unset`. - * - * @private - * @param {Object} object The object to modify. - * @param {Array|string} path The property path to unset. - * @returns {boolean} Returns `true` if the property is deleted, else `false`. - */ - function baseUnset(object, path) { - path = castPath(path, object); - object = parent(object, path); - return object == null || delete object[toKey(last(path))]; - } - - /** - * The base implementation of `_.update`. - * - * @private - * @param {Object} object The object to modify. - * @param {Array|string} path The path of the property to update. - * @param {Function} updater The function to produce the updated value. - * @param {Function} [customizer] The function to customize path creation. - * @returns {Object} Returns `object`. - */ - function baseUpdate(object, path, updater, customizer) { - return baseSet(object, path, updater(baseGet(object, path)), customizer); - } - - /** - * The base implementation of methods like `_.dropWhile` and `_.takeWhile` - * without support for iteratee shorthands. - * - * @private - * @param {Array} array The array to query. - * @param {Function} predicate The function invoked per iteration. - * @param {boolean} [isDrop] Specify dropping elements instead of taking them. - * @param {boolean} [fromRight] Specify iterating from right to left. - * @returns {Array} Returns the slice of `array`. - */ - function baseWhile(array, predicate, isDrop, fromRight) { - var length = array.length, - index = fromRight ? length : -1; - - while ((fromRight ? index-- : ++index < length) && predicate(array[index], index, array)) {} - - return isDrop - ? baseSlice(array, fromRight ? 0 : index, fromRight ? index + 1 : length) - : baseSlice(array, fromRight ? index + 1 : 0, fromRight ? length : index); - } - - /** - * The base implementation of `wrapperValue` which returns the result of - * performing a sequence of actions on the unwrapped `value`, where each - * successive action is supplied the return value of the previous. - * - * @private - * @param {*} value The unwrapped value. - * @param {Array} actions Actions to perform to resolve the unwrapped value. - * @returns {*} Returns the resolved value. - */ - function baseWrapperValue(value, actions) { - var result = value; - if (result instanceof LazyWrapper) { - result = result.value(); - } - return arrayReduce( - actions, - function (result, action) { - return action.func.apply(action.thisArg, arrayPush([result], action.args)); - }, - result - ); - } - - /** - * The base implementation of methods like `_.xor`, without support for - * iteratee shorthands, that accepts an array of arrays to inspect. - * - * @private - * @param {Array} arrays The arrays to inspect. - * @param {Function} [iteratee] The iteratee invoked per element. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns the new array of values. - */ - function baseXor(arrays, iteratee, comparator) { - var length = arrays.length; - if (length < 2) { - return length ? baseUniq(arrays[0]) : []; - } - var index = -1, - result = Array(length); - - while (++index < length) { - var array = arrays[index], - othIndex = -1; - - while (++othIndex < length) { - if (othIndex != index) { - result[index] = baseDifference( - result[index] || array, - arrays[othIndex], - iteratee, - comparator - ); - } - } - } - return baseUniq(baseFlatten(result, 1), iteratee, comparator); - } - - /** - * This base implementation of `_.zipObject` which assigns values using `assignFunc`. - * - * @private - * @param {Array} props The property identifiers. - * @param {Array} values The property values. - * @param {Function} assignFunc The function to assign values. - * @returns {Object} Returns the new object. - */ - function baseZipObject(props, values, assignFunc) { - var index = -1, - length = props.length, - valsLength = values.length, - result = {}; - - while (++index < length) { - var value = index < valsLength ? values[index] : undefined; - assignFunc(result, props[index], value); - } - return result; - } - - /** - * Casts `value` to an empty array if it's not an array like object. - * - * @private - * @param {*} value The value to inspect. - * @returns {Array|Object} Returns the cast array-like object. - */ - function castArrayLikeObject(value) { - return isArrayLikeObject(value) ? value : []; - } - - /** - * Casts `value` to `identity` if it's not a function. - * - * @private - * @param {*} value The value to inspect. - * @returns {Function} Returns cast function. - */ - function castFunction(value) { - return typeof value == 'function' ? value : identity; - } - - /** - * Casts `value` to a path array if it's not one. - * - * @private - * @param {*} value The value to inspect. - * @param {Object} [object] The object to query keys on. - * @returns {Array} Returns the cast property path array. - */ - function castPath(value, object) { - if (isArray(value)) { - return value; - } - return isKey(value, object) ? [value] : stringToPath(toString(value)); - } - - /** - * A `baseRest` alias which can be replaced with `identity` by module - * replacement plugins. - * - * @private - * @type {Function} - * @param {Function} func The function to apply a rest parameter to. - * @returns {Function} Returns the new function. - */ - var castRest = baseRest; - - /** - * Casts `array` to a slice if it's needed. - * - * @private - * @param {Array} array The array to inspect. - * @param {number} start The start position. - * @param {number} [end=array.length] The end position. - * @returns {Array} Returns the cast slice. - */ - function castSlice(array, start, end) { - var length = array.length; - end = end === undefined ? length : end; - return !start && end >= length ? array : baseSlice(array, start, end); - } - - /** - * A simple wrapper around the global [`clearTimeout`](https://mdn.io/clearTimeout). - * - * @private - * @param {number|Object} id The timer id or timeout object of the timer to clear. - */ - var clearTimeout = - ctxClearTimeout || - function (id) { - return root.clearTimeout(id); - }; - - /** - * Creates a clone of `buffer`. - * - * @private - * @param {Buffer} buffer The buffer to clone. - * @param {boolean} [isDeep] Specify a deep clone. - * @returns {Buffer} Returns the cloned buffer. - */ - function cloneBuffer(buffer, isDeep) { - if (isDeep) { - return buffer.slice(); - } - var length = buffer.length, - result = allocUnsafe ? allocUnsafe(length) : new buffer.constructor(length); - - buffer.copy(result); - return result; - } - - /** - * Creates a clone of `arrayBuffer`. - * - * @private - * @param {ArrayBuffer} arrayBuffer The array buffer to clone. - * @returns {ArrayBuffer} Returns the cloned array buffer. - */ - function cloneArrayBuffer(arrayBuffer) { - var result = new arrayBuffer.constructor(arrayBuffer.byteLength); - new Uint8Array(result).set(new Uint8Array(arrayBuffer)); - return result; - } - - /** - * Creates a clone of `dataView`. - * - * @private - * @param {Object} dataView The data view to clone. - * @param {boolean} [isDeep] Specify a deep clone. - * @returns {Object} Returns the cloned data view. - */ - function cloneDataView(dataView, isDeep) { - var buffer = isDeep ? cloneArrayBuffer(dataView.buffer) : dataView.buffer; - return new dataView.constructor(buffer, dataView.byteOffset, dataView.byteLength); - } - - /** - * Creates a clone of `regexp`. - * - * @private - * @param {Object} regexp The regexp to clone. - * @returns {Object} Returns the cloned regexp. - */ - function cloneRegExp(regexp) { - var result = new regexp.constructor(regexp.source, reFlags.exec(regexp)); - result.lastIndex = regexp.lastIndex; - return result; - } - - /** - * Creates a clone of the `symbol` object. - * - * @private - * @param {Object} symbol The symbol object to clone. - * @returns {Object} Returns the cloned symbol object. - */ - function cloneSymbol(symbol) { - return symbolValueOf ? Object(symbolValueOf.call(symbol)) : {}; - } - - /** - * Creates a clone of `typedArray`. - * - * @private - * @param {Object} typedArray The typed array to clone. - * @param {boolean} [isDeep] Specify a deep clone. - * @returns {Object} Returns the cloned typed array. - */ - function cloneTypedArray(typedArray, isDeep) { - var buffer = isDeep ? cloneArrayBuffer(typedArray.buffer) : typedArray.buffer; - return new typedArray.constructor(buffer, typedArray.byteOffset, typedArray.length); - } - - /** - * Compares values to sort them in ascending order. - * - * @private - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @returns {number} Returns the sort order indicator for `value`. - */ - function compareAscending(value, other) { - if (value !== other) { - var valIsDefined = value !== undefined, - valIsNull = value === null, - valIsReflexive = value === value, - valIsSymbol = isSymbol(value); - - var othIsDefined = other !== undefined, - othIsNull = other === null, - othIsReflexive = other === other, - othIsSymbol = isSymbol(other); - - if ( - (!othIsNull && !othIsSymbol && !valIsSymbol && value > other) || - (valIsSymbol && othIsDefined && othIsReflexive && !othIsNull && !othIsSymbol) || - (valIsNull && othIsDefined && othIsReflexive) || - (!valIsDefined && othIsReflexive) || - !valIsReflexive - ) { - return 1; - } - if ( - (!valIsNull && !valIsSymbol && !othIsSymbol && value < other) || - (othIsSymbol && valIsDefined && valIsReflexive && !valIsNull && !valIsSymbol) || - (othIsNull && valIsDefined && valIsReflexive) || - (!othIsDefined && valIsReflexive) || - !othIsReflexive - ) { - return -1; - } - } - return 0; - } - - /** - * Used by `_.orderBy` to compare multiple properties of a value to another - * and stable sort them. - * - * If `orders` is unspecified, all values are sorted in ascending order. Otherwise, - * specify an order of "desc" for descending or "asc" for ascending sort order - * of corresponding values. - * - * @private - * @param {Object} object The object to compare. - * @param {Object} other The other object to compare. - * @param {boolean[]|string[]} orders The order to sort by for each property. - * @returns {number} Returns the sort order indicator for `object`. - */ - function compareMultiple(object, other, orders) { - var index = -1, - objCriteria = object.criteria, - othCriteria = other.criteria, - length = objCriteria.length, - ordersLength = orders.length; - - while (++index < length) { - var result = compareAscending(objCriteria[index], othCriteria[index]); - if (result) { - if (index >= ordersLength) { - return result; - } - var order = orders[index]; - return result * (order == 'desc' ? -1 : 1); - } - } - // Fixes an `Array#sort` bug in the JS engine embedded in Adobe applications - // that causes it, under certain circumstances, to provide the same value for - // `object` and `other`. See https://github.com/jashkenas/underscore/pull/1247 - // for more details. - // - // This also ensures a stable sort in V8 and other engines. - // See https://bugs.chromium.org/p/v8/issues/detail?id=90 for more details. - return object.index - other.index; - } - - /** - * Creates an array that is the composition of partially applied arguments, - * placeholders, and provided arguments into a single array of arguments. - * - * @private - * @param {Array} args The provided arguments. - * @param {Array} partials The arguments to prepend to those provided. - * @param {Array} holders The `partials` placeholder indexes. - * @params {boolean} [isCurried] Specify composing for a curried function. - * @returns {Array} Returns the new array of composed arguments. - */ - function composeArgs(args, partials, holders, isCurried) { - var argsIndex = -1, - argsLength = args.length, - holdersLength = holders.length, - leftIndex = -1, - leftLength = partials.length, - rangeLength = nativeMax(argsLength - holdersLength, 0), - result = Array(leftLength + rangeLength), - isUncurried = !isCurried; - - while (++leftIndex < leftLength) { - result[leftIndex] = partials[leftIndex]; - } - while (++argsIndex < holdersLength) { - if (isUncurried || argsIndex < argsLength) { - result[holders[argsIndex]] = args[argsIndex]; - } - } - while (rangeLength--) { - result[leftIndex++] = args[argsIndex++]; - } - return result; - } - - /** - * This function is like `composeArgs` except that the arguments composition - * is tailored for `_.partialRight`. - * - * @private - * @param {Array} args The provided arguments. - * @param {Array} partials The arguments to append to those provided. - * @param {Array} holders The `partials` placeholder indexes. - * @params {boolean} [isCurried] Specify composing for a curried function. - * @returns {Array} Returns the new array of composed arguments. - */ - function composeArgsRight(args, partials, holders, isCurried) { - var argsIndex = -1, - argsLength = args.length, - holdersIndex = -1, - holdersLength = holders.length, - rightIndex = -1, - rightLength = partials.length, - rangeLength = nativeMax(argsLength - holdersLength, 0), - result = Array(rangeLength + rightLength), - isUncurried = !isCurried; - - while (++argsIndex < rangeLength) { - result[argsIndex] = args[argsIndex]; - } - var offset = argsIndex; - while (++rightIndex < rightLength) { - result[offset + rightIndex] = partials[rightIndex]; - } - while (++holdersIndex < holdersLength) { - if (isUncurried || argsIndex < argsLength) { - result[offset + holders[holdersIndex]] = args[argsIndex++]; - } - } - return result; - } - - /** - * Copies the values of `source` to `array`. - * - * @private - * @param {Array} source The array to copy values from. - * @param {Array} [array=[]] The array to copy values to. - * @returns {Array} Returns `array`. - */ - function copyArray(source, array) { - var index = -1, - length = source.length; - - array || (array = Array(length)); - while (++index < length) { - array[index] = source[index]; - } - return array; - } - - /** - * Copies properties of `source` to `object`. - * - * @private - * @param {Object} source The object to copy properties from. - * @param {Array} props The property identifiers to copy. - * @param {Object} [object={}] The object to copy properties to. - * @param {Function} [customizer] The function to customize copied values. - * @returns {Object} Returns `object`. - */ - function copyObject(source, props, object, customizer) { - var isNew = !object; - object || (object = {}); - - var index = -1, - length = props.length; - - while (++index < length) { - var key = props[index]; - - var newValue = customizer - ? customizer(object[key], source[key], key, object, source) - : undefined; - - if (newValue === undefined) { - newValue = source[key]; - } - if (isNew) { - baseAssignValue(object, key, newValue); - } else { - assignValue(object, key, newValue); - } - } - return object; - } - - /** - * Copies own symbols of `source` to `object`. - * - * @private - * @param {Object} source The object to copy symbols from. - * @param {Object} [object={}] The object to copy symbols to. - * @returns {Object} Returns `object`. - */ - function copySymbols(source, object) { - return copyObject(source, getSymbols(source), object); - } - - /** - * Copies own and inherited symbols of `source` to `object`. - * - * @private - * @param {Object} source The object to copy symbols from. - * @param {Object} [object={}] The object to copy symbols to. - * @returns {Object} Returns `object`. - */ - function copySymbolsIn(source, object) { - return copyObject(source, getSymbolsIn(source), object); - } - - /** - * Creates a function like `_.groupBy`. - * - * @private - * @param {Function} setter The function to set accumulator values. - * @param {Function} [initializer] The accumulator object initializer. - * @returns {Function} Returns the new aggregator function. - */ - function createAggregator(setter, initializer) { - return function (collection, iteratee) { - var func = isArray(collection) ? arrayAggregator : baseAggregator, - accumulator = initializer ? initializer() : {}; - - return func(collection, setter, getIteratee(iteratee, 2), accumulator); - }; - } - - /** - * Creates a function like `_.assign`. - * - * @private - * @param {Function} assigner The function to assign values. - * @returns {Function} Returns the new assigner function. - */ - function createAssigner(assigner) { - return baseRest(function (object, sources) { - var index = -1, - length = sources.length, - customizer = length > 1 ? sources[length - 1] : undefined, - guard = length > 2 ? sources[2] : undefined; - - customizer = - assigner.length > 3 && typeof customizer == 'function' ? (length--, customizer) : undefined; - - if (guard && isIterateeCall(sources[0], sources[1], guard)) { - customizer = length < 3 ? undefined : customizer; - length = 1; - } - object = Object(object); - while (++index < length) { - var source = sources[index]; - if (source) { - assigner(object, source, index, customizer); - } - } - return object; - }); - } - - /** - * Creates a `baseEach` or `baseEachRight` function. - * - * @private - * @param {Function} eachFunc The function to iterate over a collection. - * @param {boolean} [fromRight] Specify iterating from right to left. - * @returns {Function} Returns the new base function. - */ - function createBaseEach(eachFunc, fromRight) { - return function (collection, iteratee) { - if (collection == null) { - return collection; - } - if (!isArrayLike(collection)) { - return eachFunc(collection, iteratee); - } - var length = collection.length, - index = fromRight ? length : -1, - iterable = Object(collection); - - while (fromRight ? index-- : ++index < length) { - if (iteratee(iterable[index], index, iterable) === false) { - break; - } - } - return collection; - }; - } - - /** - * Creates a base function for methods like `_.forIn` and `_.forOwn`. - * - * @private - * @param {boolean} [fromRight] Specify iterating from right to left. - * @returns {Function} Returns the new base function. - */ - function createBaseFor(fromRight) { - return function (object, iteratee, keysFunc) { - var index = -1, - iterable = Object(object), - props = keysFunc(object), - length = props.length; - - while (length--) { - var key = props[fromRight ? length : ++index]; - if (iteratee(iterable[key], key, iterable) === false) { - break; - } - } - return object; - }; - } - - /** - * Creates a function that wraps `func` to invoke it with the optional `this` - * binding of `thisArg`. - * - * @private - * @param {Function} func The function to wrap. - * @param {number} bitmask The bitmask flags. See `createWrap` for more details. - * @param {*} [thisArg] The `this` binding of `func`. - * @returns {Function} Returns the new wrapped function. - */ - function createBind(func, bitmask, thisArg) { - var isBind = bitmask & WRAP_BIND_FLAG, - Ctor = createCtor(func); - - function wrapper() { - var fn = this && this !== root && this instanceof wrapper ? Ctor : func; - return fn.apply(isBind ? thisArg : this, arguments); - } - return wrapper; - } - - /** - * Creates a function like `_.lowerFirst`. - * - * @private - * @param {string} methodName The name of the `String` case method to use. - * @returns {Function} Returns the new case function. - */ - function createCaseFirst(methodName) { - return function (string) { - string = toString(string); - - var strSymbols = hasUnicode(string) ? stringToArray(string) : undefined; - - var chr = strSymbols ? strSymbols[0] : string.charAt(0); - - var trailing = strSymbols ? castSlice(strSymbols, 1).join('') : string.slice(1); - - return chr[methodName]() + trailing; - }; - } - - /** - * Creates a function like `_.camelCase`. - * - * @private - * @param {Function} callback The function to combine each word. - * @returns {Function} Returns the new compounder function. - */ - function createCompounder(callback) { - return function (string) { - return arrayReduce(words(deburr(string).replace(reApos, '')), callback, ''); - }; - } - - /** - * Creates a function that produces an instance of `Ctor` regardless of - * whether it was invoked as part of a `new` expression or by `call` or `apply`. - * - * @private - * @param {Function} Ctor The constructor to wrap. - * @returns {Function} Returns the new wrapped function. - */ - function createCtor(Ctor) { - return function () { - // Use a `switch` statement to work with class constructors. See - // http://ecma-international.org/ecma-262/7.0/#sec-ecmascript-function-objects-call-thisargument-argumentslist - // for more details. - var args = arguments; - switch (args.length) { - case 0: - return new Ctor(); - case 1: - return new Ctor(args[0]); - case 2: - return new Ctor(args[0], args[1]); - case 3: - return new Ctor(args[0], args[1], args[2]); - case 4: - return new Ctor(args[0], args[1], args[2], args[3]); - case 5: - return new Ctor(args[0], args[1], args[2], args[3], args[4]); - case 6: - return new Ctor(args[0], args[1], args[2], args[3], args[4], args[5]); - case 7: - return new Ctor(args[0], args[1], args[2], args[3], args[4], args[5], args[6]); - } - var thisBinding = baseCreate(Ctor.prototype), - result = Ctor.apply(thisBinding, args); - - // Mimic the constructor's `return` behavior. - // See https://es5.github.io/#x13.2.2 for more details. - return isObject(result) ? result : thisBinding; - }; - } - - /** - * Creates a function that wraps `func` to enable currying. - * - * @private - * @param {Function} func The function to wrap. - * @param {number} bitmask The bitmask flags. See `createWrap` for more details. - * @param {number} arity The arity of `func`. - * @returns {Function} Returns the new wrapped function. - */ - function createCurry(func, bitmask, arity) { - var Ctor = createCtor(func); - - function wrapper() { - var length = arguments.length, - args = Array(length), - index = length, - placeholder = getHolder(wrapper); - - while (index--) { - args[index] = arguments[index]; - } - var holders = - length < 3 && args[0] !== placeholder && args[length - 1] !== placeholder - ? [] - : replaceHolders(args, placeholder); - - length -= holders.length; - if (length < arity) { - return createRecurry( - func, - bitmask, - createHybrid, - wrapper.placeholder, - undefined, - args, - holders, - undefined, - undefined, - arity - length - ); - } - var fn = this && this !== root && this instanceof wrapper ? Ctor : func; - return apply(fn, this, args); - } - return wrapper; - } - - /** - * Creates a `_.find` or `_.findLast` function. - * - * @private - * @param {Function} findIndexFunc The function to find the collection index. - * @returns {Function} Returns the new find function. - */ - function createFind(findIndexFunc) { - return function (collection, predicate, fromIndex) { - var iterable = Object(collection); - if (!isArrayLike(collection)) { - var iteratee = getIteratee(predicate, 3); - collection = keys(collection); - predicate = function (key) { - return iteratee(iterable[key], key, iterable); - }; - } - var index = findIndexFunc(collection, predicate, fromIndex); - return index > -1 ? iterable[iteratee ? collection[index] : index] : undefined; - }; - } - - /** - * Creates a `_.flow` or `_.flowRight` function. - * - * @private - * @param {boolean} [fromRight] Specify iterating from right to left. - * @returns {Function} Returns the new flow function. - */ - function createFlow(fromRight) { - return flatRest(function (funcs) { - var length = funcs.length, - index = length, - prereq = LodashWrapper.prototype.thru; - - if (fromRight) { - funcs.reverse(); - } - while (index--) { - var func = funcs[index]; - if (typeof func != 'function') { - throw new TypeError(FUNC_ERROR_TEXT); - } - if (prereq && !wrapper && getFuncName(func) == 'wrapper') { - var wrapper = new LodashWrapper([], true); - } - } - index = wrapper ? index : length; - while (++index < length) { - func = funcs[index]; - - var funcName = getFuncName(func), - data = funcName == 'wrapper' ? getData(func) : undefined; - - if ( - data && - isLaziable(data[0]) && - data[1] == (WRAP_ARY_FLAG | WRAP_CURRY_FLAG | WRAP_PARTIAL_FLAG | WRAP_REARG_FLAG) && - !data[4].length && - data[9] == 1 - ) { - wrapper = wrapper[getFuncName(data[0])].apply(wrapper, data[3]); - } else { - wrapper = func.length == 1 && isLaziable(func) ? wrapper[funcName]() : wrapper.thru(func); - } - } - return function () { - var args = arguments, - value = args[0]; - - if (wrapper && args.length == 1 && isArray(value)) { - return wrapper.plant(value).value(); - } - var index = 0, - result = length ? funcs[index].apply(this, args) : value; - - while (++index < length) { - result = funcs[index].call(this, result); - } - return result; - }; - }); - } - - /** - * Creates a function that wraps `func` to invoke it with optional `this` - * binding of `thisArg`, partial application, and currying. - * - * @private - * @param {Function|string} func The function or method name to wrap. - * @param {number} bitmask The bitmask flags. See `createWrap` for more details. - * @param {*} [thisArg] The `this` binding of `func`. - * @param {Array} [partials] The arguments to prepend to those provided to - * the new function. - * @param {Array} [holders] The `partials` placeholder indexes. - * @param {Array} [partialsRight] The arguments to append to those provided - * to the new function. - * @param {Array} [holdersRight] The `partialsRight` placeholder indexes. - * @param {Array} [argPos] The argument positions of the new function. - * @param {number} [ary] The arity cap of `func`. - * @param {number} [arity] The arity of `func`. - * @returns {Function} Returns the new wrapped function. - */ - function createHybrid( - func, - bitmask, - thisArg, - partials, - holders, - partialsRight, - holdersRight, - argPos, - ary, - arity - ) { - var isAry = bitmask & WRAP_ARY_FLAG, - isBind = bitmask & WRAP_BIND_FLAG, - isBindKey = bitmask & WRAP_BIND_KEY_FLAG, - isCurried = bitmask & (WRAP_CURRY_FLAG | WRAP_CURRY_RIGHT_FLAG), - isFlip = bitmask & WRAP_FLIP_FLAG, - Ctor = isBindKey ? undefined : createCtor(func); - - function wrapper() { - var length = arguments.length, - args = Array(length), - index = length; - - while (index--) { - args[index] = arguments[index]; - } - if (isCurried) { - var placeholder = getHolder(wrapper), - holdersCount = countHolders(args, placeholder); - } - if (partials) { - args = composeArgs(args, partials, holders, isCurried); - } - if (partialsRight) { - args = composeArgsRight(args, partialsRight, holdersRight, isCurried); - } - length -= holdersCount; - if (isCurried && length < arity) { - var newHolders = replaceHolders(args, placeholder); - return createRecurry( - func, - bitmask, - createHybrid, - wrapper.placeholder, - thisArg, - args, - newHolders, - argPos, - ary, - arity - length - ); - } - var thisBinding = isBind ? thisArg : this, - fn = isBindKey ? thisBinding[func] : func; - - length = args.length; - if (argPos) { - args = reorder(args, argPos); - } else if (isFlip && length > 1) { - args.reverse(); - } - if (isAry && ary < length) { - args.length = ary; - } - if (this && this !== root && this instanceof wrapper) { - fn = Ctor || createCtor(fn); - } - return fn.apply(thisBinding, args); - } - return wrapper; - } - - /** - * Creates a function like `_.invertBy`. - * - * @private - * @param {Function} setter The function to set accumulator values. - * @param {Function} toIteratee The function to resolve iteratees. - * @returns {Function} Returns the new inverter function. - */ - function createInverter(setter, toIteratee) { - return function (object, iteratee) { - return baseInverter(object, setter, toIteratee(iteratee), {}); - }; - } - - /** - * Creates a function that performs a mathematical operation on two values. - * - * @private - * @param {Function} operator The function to perform the operation. - * @param {number} [defaultValue] The value used for `undefined` arguments. - * @returns {Function} Returns the new mathematical operation function. - */ - function createMathOperation(operator, defaultValue) { - return function (value, other) { - var result; - if (value === undefined && other === undefined) { - return defaultValue; - } - if (value !== undefined) { - result = value; - } - if (other !== undefined) { - if (result === undefined) { - return other; - } - if (typeof value == 'string' || typeof other == 'string') { - value = baseToString(value); - other = baseToString(other); - } else { - value = baseToNumber(value); - other = baseToNumber(other); - } - result = operator(value, other); - } - return result; - }; - } - - /** - * Creates a function like `_.over`. - * - * @private - * @param {Function} arrayFunc The function to iterate over iteratees. - * @returns {Function} Returns the new over function. - */ - function createOver(arrayFunc) { - return flatRest(function (iteratees) { - iteratees = arrayMap(iteratees, baseUnary(getIteratee())); - return baseRest(function (args) { - var thisArg = this; - return arrayFunc(iteratees, function (iteratee) { - return apply(iteratee, thisArg, args); - }); - }); - }); - } - - /** - * Creates the padding for `string` based on `length`. The `chars` string - * is truncated if the number of characters exceeds `length`. - * - * @private - * @param {number} length The padding length. - * @param {string} [chars=' '] The string used as padding. - * @returns {string} Returns the padding for `string`. - */ - function createPadding(length, chars) { - chars = chars === undefined ? ' ' : baseToString(chars); - - var charsLength = chars.length; - if (charsLength < 2) { - return charsLength ? baseRepeat(chars, length) : chars; - } - var result = baseRepeat(chars, nativeCeil(length / stringSize(chars))); - return hasUnicode(chars) - ? castSlice(stringToArray(result), 0, length).join('') - : result.slice(0, length); - } - - /** - * Creates a function that wraps `func` to invoke it with the `this` binding - * of `thisArg` and `partials` prepended to the arguments it receives. - * - * @private - * @param {Function} func The function to wrap. - * @param {number} bitmask The bitmask flags. See `createWrap` for more details. - * @param {*} thisArg The `this` binding of `func`. - * @param {Array} partials The arguments to prepend to those provided to - * the new function. - * @returns {Function} Returns the new wrapped function. - */ - function createPartial(func, bitmask, thisArg, partials) { - var isBind = bitmask & WRAP_BIND_FLAG, - Ctor = createCtor(func); - - function wrapper() { - var argsIndex = -1, - argsLength = arguments.length, - leftIndex = -1, - leftLength = partials.length, - args = Array(leftLength + argsLength), - fn = this && this !== root && this instanceof wrapper ? Ctor : func; - - while (++leftIndex < leftLength) { - args[leftIndex] = partials[leftIndex]; - } - while (argsLength--) { - args[leftIndex++] = arguments[++argsIndex]; - } - return apply(fn, isBind ? thisArg : this, args); - } - return wrapper; - } - - /** - * Creates a `_.range` or `_.rangeRight` function. - * - * @private - * @param {boolean} [fromRight] Specify iterating from right to left. - * @returns {Function} Returns the new range function. - */ - function createRange(fromRight) { - return function (start, end, step) { - if (step && typeof step != 'number' && isIterateeCall(start, end, step)) { - end = step = undefined; - } - // Ensure the sign of `-0` is preserved. - start = toFinite(start); - if (end === undefined) { - end = start; - start = 0; - } else { - end = toFinite(end); - } - step = step === undefined ? (start < end ? 1 : -1) : toFinite(step); - return baseRange(start, end, step, fromRight); - }; - } - - /** - * Creates a function that performs a relational operation on two values. - * - * @private - * @param {Function} operator The function to perform the operation. - * @returns {Function} Returns the new relational operation function. - */ - function createRelationalOperation(operator) { - return function (value, other) { - if (!(typeof value == 'string' && typeof other == 'string')) { - value = toNumber(value); - other = toNumber(other); - } - return operator(value, other); - }; - } - - /** - * Creates a function that wraps `func` to continue currying. - * - * @private - * @param {Function} func The function to wrap. - * @param {number} bitmask The bitmask flags. See `createWrap` for more details. - * @param {Function} wrapFunc The function to create the `func` wrapper. - * @param {*} placeholder The placeholder value. - * @param {*} [thisArg] The `this` binding of `func`. - * @param {Array} [partials] The arguments to prepend to those provided to - * the new function. - * @param {Array} [holders] The `partials` placeholder indexes. - * @param {Array} [argPos] The argument positions of the new function. - * @param {number} [ary] The arity cap of `func`. - * @param {number} [arity] The arity of `func`. - * @returns {Function} Returns the new wrapped function. - */ - function createRecurry( - func, - bitmask, - wrapFunc, - placeholder, - thisArg, - partials, - holders, - argPos, - ary, - arity - ) { - var isCurry = bitmask & WRAP_CURRY_FLAG, - newHolders = isCurry ? holders : undefined, - newHoldersRight = isCurry ? undefined : holders, - newPartials = isCurry ? partials : undefined, - newPartialsRight = isCurry ? undefined : partials; - - bitmask |= isCurry ? WRAP_PARTIAL_FLAG : WRAP_PARTIAL_RIGHT_FLAG; - bitmask &= ~(isCurry ? WRAP_PARTIAL_RIGHT_FLAG : WRAP_PARTIAL_FLAG); - - if (!(bitmask & WRAP_CURRY_BOUND_FLAG)) { - bitmask &= ~(WRAP_BIND_FLAG | WRAP_BIND_KEY_FLAG); - } - var newData = [ - func, - bitmask, - thisArg, - newPartials, - newHolders, - newPartialsRight, - newHoldersRight, - argPos, - ary, - arity, - ]; - - var result = wrapFunc.apply(undefined, newData); - if (isLaziable(func)) { - setData(result, newData); - } - result.placeholder = placeholder; - return setWrapToString(result, func, bitmask); - } - - /** - * Creates a function like `_.round`. - * - * @private - * @param {string} methodName The name of the `Math` method to use when rounding. - * @returns {Function} Returns the new round function. - */ - function createRound(methodName) { - var func = Math[methodName]; - return function (number, precision) { - number = toNumber(number); - precision = precision == null ? 0 : nativeMin(toInteger(precision), 292); - if (precision) { - // Shift with exponential notation to avoid floating-point issues. - // See [MDN](https://mdn.io/round#Examples) for more details. - var pair = (toString(number) + 'e').split('e'), - value = func(pair[0] + 'e' + (+pair[1] + precision)); - - pair = (toString(value) + 'e').split('e'); - return +(pair[0] + 'e' + (+pair[1] - precision)); - } - return func(number); - }; - } - - /** - * Creates a set object of `values`. - * - * @private - * @param {Array} values The values to add to the set. - * @returns {Object} Returns the new set. - */ - var createSet = !(Set && 1 / setToArray(new Set([, -0]))[1] == INFINITY) - ? noop - : function (values) { - return new Set(values); - }; - - /** - * Creates a `_.toPairs` or `_.toPairsIn` function. - * - * @private - * @param {Function} keysFunc The function to get the keys of a given object. - * @returns {Function} Returns the new pairs function. - */ - function createToPairs(keysFunc) { - return function (object) { - var tag = getTag(object); - if (tag == mapTag) { - return mapToArray(object); - } - if (tag == setTag) { - return setToPairs(object); - } - return baseToPairs(object, keysFunc(object)); - }; - } - - /** - * Creates a function that either curries or invokes `func` with optional - * `this` binding and partially applied arguments. - * - * @private - * @param {Function|string} func The function or method name to wrap. - * @param {number} bitmask The bitmask flags. - * 1 - `_.bind` - * 2 - `_.bindKey` - * 4 - `_.curry` or `_.curryRight` of a bound function - * 8 - `_.curry` - * 16 - `_.curryRight` - * 32 - `_.partial` - * 64 - `_.partialRight` - * 128 - `_.rearg` - * 256 - `_.ary` - * 512 - `_.flip` - * @param {*} [thisArg] The `this` binding of `func`. - * @param {Array} [partials] The arguments to be partially applied. - * @param {Array} [holders] The `partials` placeholder indexes. - * @param {Array} [argPos] The argument positions of the new function. - * @param {number} [ary] The arity cap of `func`. - * @param {number} [arity] The arity of `func`. - * @returns {Function} Returns the new wrapped function. - */ - function createWrap(func, bitmask, thisArg, partials, holders, argPos, ary, arity) { - var isBindKey = bitmask & WRAP_BIND_KEY_FLAG; - if (!isBindKey && typeof func != 'function') { - throw new TypeError(FUNC_ERROR_TEXT); - } - var length = partials ? partials.length : 0; - if (!length) { - bitmask &= ~(WRAP_PARTIAL_FLAG | WRAP_PARTIAL_RIGHT_FLAG); - partials = holders = undefined; - } - ary = ary === undefined ? ary : nativeMax(toInteger(ary), 0); - arity = arity === undefined ? arity : toInteger(arity); - length -= holders ? holders.length : 0; - - if (bitmask & WRAP_PARTIAL_RIGHT_FLAG) { - var partialsRight = partials, - holdersRight = holders; - - partials = holders = undefined; - } - var data = isBindKey ? undefined : getData(func); - - var newData = [ - func, - bitmask, - thisArg, - partials, - holders, - partialsRight, - holdersRight, - argPos, - ary, - arity, - ]; - - if (data) { - mergeData(newData, data); - } - func = newData[0]; - bitmask = newData[1]; - thisArg = newData[2]; - partials = newData[3]; - holders = newData[4]; - arity = newData[9] = - newData[9] === undefined ? (isBindKey ? 0 : func.length) : nativeMax(newData[9] - length, 0); - - if (!arity && bitmask & (WRAP_CURRY_FLAG | WRAP_CURRY_RIGHT_FLAG)) { - bitmask &= ~(WRAP_CURRY_FLAG | WRAP_CURRY_RIGHT_FLAG); - } - if (!bitmask || bitmask == WRAP_BIND_FLAG) { - var result = createBind(func, bitmask, thisArg); - } else if (bitmask == WRAP_CURRY_FLAG || bitmask == WRAP_CURRY_RIGHT_FLAG) { - result = createCurry(func, bitmask, arity); - } else if ( - (bitmask == WRAP_PARTIAL_FLAG || bitmask == (WRAP_BIND_FLAG | WRAP_PARTIAL_FLAG)) && - !holders.length - ) { - result = createPartial(func, bitmask, thisArg, partials); - } else { - result = createHybrid.apply(undefined, newData); - } - var setter = data ? baseSetData : setData; - return setWrapToString(setter(result, newData), func, bitmask); - } - - /** - * Used by `_.defaults` to customize its `_.assignIn` use to assign properties - * of source objects to the destination object for all destination properties - * that resolve to `undefined`. - * - * @private - * @param {*} objValue The destination value. - * @param {*} srcValue The source value. - * @param {string} key The key of the property to assign. - * @param {Object} object The parent object of `objValue`. - * @returns {*} Returns the value to assign. - */ - function customDefaultsAssignIn(objValue, srcValue, key, object) { - if ( - objValue === undefined || - (eq(objValue, objectProto[key]) && !hasOwnProperty.call(object, key)) - ) { - return srcValue; - } - return objValue; - } - - /** - * Used by `_.defaultsDeep` to customize its `_.merge` use to merge source - * objects into destination objects that are passed thru. - * - * @private - * @param {*} objValue The destination value. - * @param {*} srcValue The source value. - * @param {string} key The key of the property to merge. - * @param {Object} object The parent object of `objValue`. - * @param {Object} source The parent object of `srcValue`. - * @param {Object} [stack] Tracks traversed source values and their merged - * counterparts. - * @returns {*} Returns the value to assign. - */ - function customDefaultsMerge(objValue, srcValue, key, object, source, stack) { - if (isObject(objValue) && isObject(srcValue)) { - // Recursively merge objects and arrays (susceptible to call stack limits). - stack.set(srcValue, objValue); - baseMerge(objValue, srcValue, undefined, customDefaultsMerge, stack); - stack['delete'](srcValue); - } - return objValue; - } - - /** - * Used by `_.omit` to customize its `_.cloneDeep` use to only clone plain - * objects. - * - * @private - * @param {*} value The value to inspect. - * @param {string} key The key of the property to inspect. - * @returns {*} Returns the uncloned value or `undefined` to defer cloning to `_.cloneDeep`. - */ - function customOmitClone(value) { - return isPlainObject(value) ? undefined : value; - } - - /** - * A specialized version of `baseIsEqualDeep` for arrays with support for - * partial deep comparisons. - * - * @private - * @param {Array} array The array to compare. - * @param {Array} other The other array to compare. - * @param {number} bitmask The bitmask flags. See `baseIsEqual` for more details. - * @param {Function} customizer The function to customize comparisons. - * @param {Function} equalFunc The function to determine equivalents of values. - * @param {Object} stack Tracks traversed `array` and `other` objects. - * @returns {boolean} Returns `true` if the arrays are equivalent, else `false`. - */ - function equalArrays(array, other, bitmask, customizer, equalFunc, stack) { - var isPartial = bitmask & COMPARE_PARTIAL_FLAG, - arrLength = array.length, - othLength = other.length; - - if (arrLength != othLength && !(isPartial && othLength > arrLength)) { - return false; - } - // Assume cyclic values are equal. - var stacked = stack.get(array); - if (stacked && stack.get(other)) { - return stacked == other; - } - var index = -1, - result = true, - seen = bitmask & COMPARE_UNORDERED_FLAG ? new SetCache() : undefined; - - stack.set(array, other); - stack.set(other, array); - - // Ignore non-index properties. - while (++index < arrLength) { - var arrValue = array[index], - othValue = other[index]; - - if (customizer) { - var compared = isPartial - ? customizer(othValue, arrValue, index, other, array, stack) - : customizer(arrValue, othValue, index, array, other, stack); - } - if (compared !== undefined) { - if (compared) { - continue; - } - result = false; - break; - } - // Recursively compare arrays (susceptible to call stack limits). - if (seen) { - if ( - !arraySome(other, function (othValue, othIndex) { - if ( - !cacheHas(seen, othIndex) && - (arrValue === othValue || equalFunc(arrValue, othValue, bitmask, customizer, stack)) - ) { - return seen.push(othIndex); - } - }) - ) { - result = false; - break; - } - } else if ( - !(arrValue === othValue || equalFunc(arrValue, othValue, bitmask, customizer, stack)) - ) { - result = false; - break; - } - } - stack['delete'](array); - stack['delete'](other); - return result; - } - - /** - * A specialized version of `baseIsEqualDeep` for comparing objects of - * the same `toStringTag`. - * - * **Note:** This function only supports comparing values with tags of - * `Boolean`, `Date`, `Error`, `Number`, `RegExp`, or `String`. - * - * @private - * @param {Object} object The object to compare. - * @param {Object} other The other object to compare. - * @param {string} tag The `toStringTag` of the objects to compare. - * @param {number} bitmask The bitmask flags. See `baseIsEqual` for more details. - * @param {Function} customizer The function to customize comparisons. - * @param {Function} equalFunc The function to determine equivalents of values. - * @param {Object} stack Tracks traversed `object` and `other` objects. - * @returns {boolean} Returns `true` if the objects are equivalent, else `false`. - */ - function equalByTag(object, other, tag, bitmask, customizer, equalFunc, stack) { - switch (tag) { - case dataViewTag: - if (object.byteLength != other.byteLength || object.byteOffset != other.byteOffset) { - return false; - } - object = object.buffer; - other = other.buffer; - - case arrayBufferTag: - if ( - object.byteLength != other.byteLength || - !equalFunc(new Uint8Array(object), new Uint8Array(other)) - ) { - return false; - } - return true; - - case boolTag: - case dateTag: - case numberTag: - // Coerce booleans to `1` or `0` and dates to milliseconds. - // Invalid dates are coerced to `NaN`. - return eq(+object, +other); - - case errorTag: - return object.name == other.name && object.message == other.message; - - case regexpTag: - case stringTag: - // Coerce regexes to strings and treat strings, primitives and objects, - // as equal. See http://www.ecma-international.org/ecma-262/7.0/#sec-regexp.prototype.tostring - // for more details. - return object == other + ''; - - case mapTag: - var convert = mapToArray; - - case setTag: - var isPartial = bitmask & COMPARE_PARTIAL_FLAG; - convert || (convert = setToArray); - - if (object.size != other.size && !isPartial) { - return false; - } - // Assume cyclic values are equal. - var stacked = stack.get(object); - if (stacked) { - return stacked == other; - } - bitmask |= COMPARE_UNORDERED_FLAG; - - // Recursively compare objects (susceptible to call stack limits). - stack.set(object, other); - var result = equalArrays( - convert(object), - convert(other), - bitmask, - customizer, - equalFunc, - stack - ); - stack['delete'](object); - return result; - - case symbolTag: - if (symbolValueOf) { - return symbolValueOf.call(object) == symbolValueOf.call(other); - } - } - return false; - } - - /** - * A specialized version of `baseIsEqualDeep` for objects with support for - * partial deep comparisons. - * - * @private - * @param {Object} object The object to compare. - * @param {Object} other The other object to compare. - * @param {number} bitmask The bitmask flags. See `baseIsEqual` for more details. - * @param {Function} customizer The function to customize comparisons. - * @param {Function} equalFunc The function to determine equivalents of values. - * @param {Object} stack Tracks traversed `object` and `other` objects. - * @returns {boolean} Returns `true` if the objects are equivalent, else `false`. - */ - function equalObjects(object, other, bitmask, customizer, equalFunc, stack) { - var isPartial = bitmask & COMPARE_PARTIAL_FLAG, - objProps = getAllKeys(object), - objLength = objProps.length, - othProps = getAllKeys(other), - othLength = othProps.length; - - if (objLength != othLength && !isPartial) { - return false; - } - var index = objLength; - while (index--) { - var key = objProps[index]; - if (!(isPartial ? key in other : hasOwnProperty.call(other, key))) { - return false; - } - } - // Assume cyclic values are equal. - var stacked = stack.get(object); - if (stacked && stack.get(other)) { - return stacked == other; - } - var result = true; - stack.set(object, other); - stack.set(other, object); - - var skipCtor = isPartial; - while (++index < objLength) { - key = objProps[index]; - var objValue = object[key], - othValue = other[key]; - - if (customizer) { - var compared = isPartial - ? customizer(othValue, objValue, key, other, object, stack) - : customizer(objValue, othValue, key, object, other, stack); - } - // Recursively compare objects (susceptible to call stack limits). - if ( - !(compared === undefined - ? objValue === othValue || equalFunc(objValue, othValue, bitmask, customizer, stack) - : compared) - ) { - result = false; - break; - } - skipCtor || (skipCtor = key == 'constructor'); - } - if (result && !skipCtor) { - var objCtor = object.constructor, - othCtor = other.constructor; - - // Non `Object` object instances with different constructors are not equal. - if ( - objCtor != othCtor && - 'constructor' in object && - 'constructor' in other && - !( - typeof objCtor == 'function' && - objCtor instanceof objCtor && - typeof othCtor == 'function' && - othCtor instanceof othCtor - ) - ) { - result = false; - } - } - stack['delete'](object); - stack['delete'](other); - return result; - } - - /** - * A specialized version of `baseRest` which flattens the rest array. - * - * @private - * @param {Function} func The function to apply a rest parameter to. - * @returns {Function} Returns the new function. - */ - function flatRest(func) { - return setToString(overRest(func, undefined, flatten), func + ''); - } - - /** - * Creates an array of own enumerable property names and symbols of `object`. - * - * @private - * @param {Object} object The object to query. - * @returns {Array} Returns the array of property names and symbols. - */ - function getAllKeys(object) { - return baseGetAllKeys(object, keys, getSymbols); - } - - /** - * Creates an array of own and inherited enumerable property names and - * symbols of `object`. - * - * @private - * @param {Object} object The object to query. - * @returns {Array} Returns the array of property names and symbols. - */ - function getAllKeysIn(object) { - return baseGetAllKeys(object, keysIn, getSymbolsIn); - } - - /** - * Gets metadata for `func`. - * - * @private - * @param {Function} func The function to query. - * @returns {*} Returns the metadata for `func`. - */ - var getData = !metaMap - ? noop - : function (func) { - return metaMap.get(func); - }; - - /** - * Gets the name of `func`. - * - * @private - * @param {Function} func The function to query. - * @returns {string} Returns the function name. - */ - function getFuncName(func) { - var result = func.name + '', - array = realNames[result], - length = hasOwnProperty.call(realNames, result) ? array.length : 0; - - while (length--) { - var data = array[length], - otherFunc = data.func; - if (otherFunc == null || otherFunc == func) { - return data.name; - } - } - return result; - } - - /** - * Gets the argument placeholder value for `func`. - * - * @private - * @param {Function} func The function to inspect. - * @returns {*} Returns the placeholder value. - */ - function getHolder(func) { - var object = hasOwnProperty.call(lodash, 'placeholder') ? lodash : func; - return object.placeholder; - } - - /** - * Gets the appropriate "iteratee" function. If `_.iteratee` is customized, - * this function returns the custom method, otherwise it returns `baseIteratee`. - * If arguments are provided, the chosen function is invoked with them and - * its result is returned. - * - * @private - * @param {*} [value] The value to convert to an iteratee. - * @param {number} [arity] The arity of the created iteratee. - * @returns {Function} Returns the chosen function or its result. - */ - function getIteratee() { - var result = lodash.iteratee || iteratee; - result = result === iteratee ? baseIteratee : result; - return arguments.length ? result(arguments[0], arguments[1]) : result; - } - - /** - * Gets the data for `map`. - * - * @private - * @param {Object} map The map to query. - * @param {string} key The reference key. - * @returns {*} Returns the map data. - */ - function getMapData(map, key) { - var data = map.__data__; - return isKeyable(key) ? data[typeof key == 'string' ? 'string' : 'hash'] : data.map; - } - - /** - * Gets the property names, values, and compare flags of `object`. - * - * @private - * @param {Object} object The object to query. - * @returns {Array} Returns the match data of `object`. - */ - function getMatchData(object) { - var result = keys(object), - length = result.length; - - while (length--) { - var key = result[length], - value = object[key]; - - result[length] = [key, value, isStrictComparable(value)]; - } - return result; - } - - /** - * Gets the native function at `key` of `object`. - * - * @private - * @param {Object} object The object to query. - * @param {string} key The key of the method to get. - * @returns {*} Returns the function if it's native, else `undefined`. - */ - function getNative(object, key) { - var value = getValue(object, key); - return baseIsNative(value) ? value : undefined; - } - - /** - * A specialized version of `baseGetTag` which ignores `Symbol.toStringTag` values. - * - * @private - * @param {*} value The value to query. - * @returns {string} Returns the raw `toStringTag`. - */ - function getRawTag(value) { - var isOwn = hasOwnProperty.call(value, symToStringTag), - tag = value[symToStringTag]; - - try { - value[symToStringTag] = undefined; - var unmasked = true; - } catch (e) {} - - var result = nativeObjectToString.call(value); - if (unmasked) { - if (isOwn) { - value[symToStringTag] = tag; - } else { - delete value[symToStringTag]; - } - } - return result; - } - - /** - * Creates an array of the own enumerable symbols of `object`. - * - * @private - * @param {Object} object The object to query. - * @returns {Array} Returns the array of symbols. - */ - var getSymbols = !nativeGetSymbols - ? stubArray - : function (object) { - if (object == null) { - return []; - } - object = Object(object); - return arrayFilter(nativeGetSymbols(object), function (symbol) { - return propertyIsEnumerable.call(object, symbol); - }); - }; - - /** - * Creates an array of the own and inherited enumerable symbols of `object`. - * - * @private - * @param {Object} object The object to query. - * @returns {Array} Returns the array of symbols. - */ - var getSymbolsIn = !nativeGetSymbols - ? stubArray - : function (object) { - var result = []; - while (object) { - arrayPush(result, getSymbols(object)); - object = getPrototype(object); - } - return result; - }; - - /** - * Gets the `toStringTag` of `value`. - * - * @private - * @param {*} value The value to query. - * @returns {string} Returns the `toStringTag`. - */ - var getTag = baseGetTag; - - // Fallback for data views, maps, sets, and weak maps in IE 11 and promises in Node.js < 6. - if ( - (DataView && getTag(new DataView(new ArrayBuffer(1))) != dataViewTag) || - (Map && getTag(new Map()) != mapTag) || - (Promise && getTag(Promise.resolve()) != promiseTag) || - (Set && getTag(new Set()) != setTag) || - (WeakMap && getTag(new WeakMap()) != weakMapTag) - ) { - getTag = function (value) { - var result = baseGetTag(value), - Ctor = result == objectTag ? value.constructor : undefined, - ctorString = Ctor ? toSource(Ctor) : ''; - - if (ctorString) { - switch (ctorString) { - case dataViewCtorString: - return dataViewTag; - case mapCtorString: - return mapTag; - case promiseCtorString: - return promiseTag; - case setCtorString: - return setTag; - case weakMapCtorString: - return weakMapTag; - } - } - return result; - }; - } - - /** - * Gets the view, applying any `transforms` to the `start` and `end` positions. - * - * @private - * @param {number} start The start of the view. - * @param {number} end The end of the view. - * @param {Array} transforms The transformations to apply to the view. - * @returns {Object} Returns an object containing the `start` and `end` - * positions of the view. - */ - function getView(start, end, transforms) { - var index = -1, - length = transforms.length; - - while (++index < length) { - var data = transforms[index], - size = data.size; - - switch (data.type) { - case 'drop': - start += size; - break; - case 'dropRight': - end -= size; - break; - case 'take': - end = nativeMin(end, start + size); - break; - case 'takeRight': - start = nativeMax(start, end - size); - break; - } - } - return { start: start, end: end }; - } - - /** - * Extracts wrapper details from the `source` body comment. - * - * @private - * @param {string} source The source to inspect. - * @returns {Array} Returns the wrapper details. - */ - function getWrapDetails(source) { - var match = source.match(reWrapDetails); - return match ? match[1].split(reSplitDetails) : []; - } - - /** - * Checks if `path` exists on `object`. - * - * @private - * @param {Object} object The object to query. - * @param {Array|string} path The path to check. - * @param {Function} hasFunc The function to check properties. - * @returns {boolean} Returns `true` if `path` exists, else `false`. - */ - function hasPath(object, path, hasFunc) { - path = castPath(path, object); - - var index = -1, - length = path.length, - result = false; - - while (++index < length) { - var key = toKey(path[index]); - if (!(result = object != null && hasFunc(object, key))) { - break; - } - object = object[key]; - } - if (result || ++index != length) { - return result; - } - length = object == null ? 0 : object.length; - return ( - !!length && - isLength(length) && - isIndex(key, length) && - (isArray(object) || isArguments(object)) - ); - } - - /** - * Initializes an array clone. - * - * @private - * @param {Array} array The array to clone. - * @returns {Array} Returns the initialized clone. - */ - function initCloneArray(array) { - var length = array.length, - result = new array.constructor(length); - - // Add properties assigned by `RegExp#exec`. - if (length && typeof array[0] == 'string' && hasOwnProperty.call(array, 'index')) { - result.index = array.index; - result.input = array.input; - } - return result; - } - - /** - * Initializes an object clone. - * - * @private - * @param {Object} object The object to clone. - * @returns {Object} Returns the initialized clone. - */ - function initCloneObject(object) { - return typeof object.constructor == 'function' && !isPrototype(object) - ? baseCreate(getPrototype(object)) - : {}; - } - - /** - * Initializes an object clone based on its `toStringTag`. - * - * **Note:** This function only supports cloning values with tags of - * `Boolean`, `Date`, `Error`, `Map`, `Number`, `RegExp`, `Set`, or `String`. - * - * @private - * @param {Object} object The object to clone. - * @param {string} tag The `toStringTag` of the object to clone. - * @param {boolean} [isDeep] Specify a deep clone. - * @returns {Object} Returns the initialized clone. - */ - function initCloneByTag(object, tag, isDeep) { - var Ctor = object.constructor; - switch (tag) { - case arrayBufferTag: - return cloneArrayBuffer(object); - - case boolTag: - case dateTag: - return new Ctor(+object); - - case dataViewTag: - return cloneDataView(object, isDeep); - - case float32Tag: - case float64Tag: - case int8Tag: - case int16Tag: - case int32Tag: - case uint8Tag: - case uint8ClampedTag: - case uint16Tag: - case uint32Tag: - return cloneTypedArray(object, isDeep); - - case mapTag: - return new Ctor(); - - case numberTag: - case stringTag: - return new Ctor(object); - - case regexpTag: - return cloneRegExp(object); - - case setTag: - return new Ctor(); - - case symbolTag: - return cloneSymbol(object); - } - } - - /** - * Inserts wrapper `details` in a comment at the top of the `source` body. - * - * @private - * @param {string} source The source to modify. - * @returns {Array} details The details to insert. - * @returns {string} Returns the modified source. - */ - function insertWrapDetails(source, details) { - var length = details.length; - if (!length) { - return source; - } - var lastIndex = length - 1; - details[lastIndex] = (length > 1 ? '& ' : '') + details[lastIndex]; - details = details.join(length > 2 ? ', ' : ' '); - return source.replace(reWrapComment, '{\n/* [wrapped with ' + details + '] */\n'); - } - - /** - * Checks if `value` is a flattenable `arguments` object or array. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is flattenable, else `false`. - */ - function isFlattenable(value) { - return ( - isArray(value) || - isArguments(value) || - !!(spreadableSymbol && value && value[spreadableSymbol]) - ); - } - - /** - * Checks if `value` is a valid array-like index. - * - * @private - * @param {*} value The value to check. - * @param {number} [length=MAX_SAFE_INTEGER] The upper bounds of a valid index. - * @returns {boolean} Returns `true` if `value` is a valid index, else `false`. - */ - function isIndex(value, length) { - var type = typeof value; - length = length == null ? MAX_SAFE_INTEGER : length; - - return ( - !!length && - (type == 'number' || (type != 'symbol' && reIsUint.test(value))) && - value > -1 && - value % 1 == 0 && - value < length - ); - } - - /** - * Checks if the given arguments are from an iteratee call. - * - * @private - * @param {*} value The potential iteratee value argument. - * @param {*} index The potential iteratee index or key argument. - * @param {*} object The potential iteratee object argument. - * @returns {boolean} Returns `true` if the arguments are from an iteratee call, - * else `false`. - */ - function isIterateeCall(value, index, object) { - if (!isObject(object)) { - return false; - } - var type = typeof index; - if ( - type == 'number' - ? isArrayLike(object) && isIndex(index, object.length) - : type == 'string' && index in object - ) { - return eq(object[index], value); - } - return false; - } - - /** - * Checks if `value` is a property name and not a property path. - * - * @private - * @param {*} value The value to check. - * @param {Object} [object] The object to query keys on. - * @returns {boolean} Returns `true` if `value` is a property name, else `false`. - */ - function isKey(value, object) { - if (isArray(value)) { - return false; - } - var type = typeof value; - if ( - type == 'number' || - type == 'symbol' || - type == 'boolean' || - value == null || - isSymbol(value) - ) { - return true; - } - return ( - reIsPlainProp.test(value) || - !reIsDeepProp.test(value) || - (object != null && value in Object(object)) - ); - } - - /** - * Checks if `value` is suitable for use as unique object key. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is suitable, else `false`. - */ - function isKeyable(value) { - var type = typeof value; - return type == 'string' || type == 'number' || type == 'symbol' || type == 'boolean' - ? value !== '__proto__' - : value === null; - } - - /** - * Checks if `func` has a lazy counterpart. - * - * @private - * @param {Function} func The function to check. - * @returns {boolean} Returns `true` if `func` has a lazy counterpart, - * else `false`. - */ - function isLaziable(func) { - var funcName = getFuncName(func), - other = lodash[funcName]; - - if (typeof other != 'function' || !(funcName in LazyWrapper.prototype)) { - return false; - } - if (func === other) { - return true; - } - var data = getData(other); - return !!data && func === data[0]; - } - - /** - * Checks if `func` has its source masked. - * - * @private - * @param {Function} func The function to check. - * @returns {boolean} Returns `true` if `func` is masked, else `false`. - */ - function isMasked(func) { - return !!maskSrcKey && maskSrcKey in func; - } - - /** - * Checks if `func` is capable of being masked. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `func` is maskable, else `false`. - */ - var isMaskable = coreJsData ? isFunction : stubFalse; - - /** - * Checks if `value` is likely a prototype object. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a prototype, else `false`. - */ - function isPrototype(value) { - var Ctor = value && value.constructor, - proto = (typeof Ctor == 'function' && Ctor.prototype) || objectProto; - - return value === proto; - } - - /** - * Checks if `value` is suitable for strict equality comparisons, i.e. `===`. - * - * @private - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` if suitable for strict - * equality comparisons, else `false`. - */ - function isStrictComparable(value) { - return value === value && !isObject(value); - } - - /** - * A specialized version of `matchesProperty` for source values suitable - * for strict equality comparisons, i.e. `===`. - * - * @private - * @param {string} key The key of the property to get. - * @param {*} srcValue The value to match. - * @returns {Function} Returns the new spec function. - */ - function matchesStrictComparable(key, srcValue) { - return function (object) { - if (object == null) { - return false; - } - return object[key] === srcValue && (srcValue !== undefined || key in Object(object)); - }; - } - - /** - * A specialized version of `_.memoize` which clears the memoized function's - * cache when it exceeds `MAX_MEMOIZE_SIZE`. - * - * @private - * @param {Function} func The function to have its output memoized. - * @returns {Function} Returns the new memoized function. - */ - function memoizeCapped(func) { - var result = memoize(func, function (key) { - if (cache.size === MAX_MEMOIZE_SIZE) { - cache.clear(); - } - return key; - }); - - var cache = result.cache; - return result; - } - - /** - * Merges the function metadata of `source` into `data`. - * - * Merging metadata reduces the number of wrappers used to invoke a function. - * This is possible because methods like `_.bind`, `_.curry`, and `_.partial` - * may be applied regardless of execution order. Methods like `_.ary` and - * `_.rearg` modify function arguments, making the order in which they are - * executed important, preventing the merging of metadata. However, we make - * an exception for a safe combined case where curried functions have `_.ary` - * and or `_.rearg` applied. - * - * @private - * @param {Array} data The destination metadata. - * @param {Array} source The source metadata. - * @returns {Array} Returns `data`. - */ - function mergeData(data, source) { - var bitmask = data[1], - srcBitmask = source[1], - newBitmask = bitmask | srcBitmask, - isCommon = newBitmask < (WRAP_BIND_FLAG | WRAP_BIND_KEY_FLAG | WRAP_ARY_FLAG); - - var isCombo = - (srcBitmask == WRAP_ARY_FLAG && bitmask == WRAP_CURRY_FLAG) || - (srcBitmask == WRAP_ARY_FLAG && bitmask == WRAP_REARG_FLAG && data[7].length <= source[8]) || - (srcBitmask == (WRAP_ARY_FLAG | WRAP_REARG_FLAG) && - source[7].length <= source[8] && - bitmask == WRAP_CURRY_FLAG); - - // Exit early if metadata can't be merged. - if (!(isCommon || isCombo)) { - return data; - } - // Use source `thisArg` if available. - if (srcBitmask & WRAP_BIND_FLAG) { - data[2] = source[2]; - // Set when currying a bound function. - newBitmask |= bitmask & WRAP_BIND_FLAG ? 0 : WRAP_CURRY_BOUND_FLAG; - } - // Compose partial arguments. - var value = source[3]; - if (value) { - var partials = data[3]; - data[3] = partials ? composeArgs(partials, value, source[4]) : value; - data[4] = partials ? replaceHolders(data[3], PLACEHOLDER) : source[4]; - } - // Compose partial right arguments. - value = source[5]; - if (value) { - partials = data[5]; - data[5] = partials ? composeArgsRight(partials, value, source[6]) : value; - data[6] = partials ? replaceHolders(data[5], PLACEHOLDER) : source[6]; - } - // Use source `argPos` if available. - value = source[7]; - if (value) { - data[7] = value; - } - // Use source `ary` if it's smaller. - if (srcBitmask & WRAP_ARY_FLAG) { - data[8] = data[8] == null ? source[8] : nativeMin(data[8], source[8]); - } - // Use source `arity` if one is not provided. - if (data[9] == null) { - data[9] = source[9]; - } - // Use source `func` and merge bitmasks. - data[0] = source[0]; - data[1] = newBitmask; - - return data; - } - - /** - * This function is like - * [`Object.keys`](http://ecma-international.org/ecma-262/7.0/#sec-object.keys) - * except that it includes inherited enumerable properties. - * - * @private - * @param {Object} object The object to query. - * @returns {Array} Returns the array of property names. - */ - function nativeKeysIn(object) { - var result = []; - if (object != null) { - for (var key in Object(object)) { - result.push(key); - } - } - return result; - } - - /** - * Converts `value` to a string using `Object.prototype.toString`. - * - * @private - * @param {*} value The value to convert. - * @returns {string} Returns the converted string. - */ - function objectToString(value) { - return nativeObjectToString.call(value); - } - - /** - * A specialized version of `baseRest` which transforms the rest array. - * - * @private - * @param {Function} func The function to apply a rest parameter to. - * @param {number} [start=func.length-1] The start position of the rest parameter. - * @param {Function} transform The rest array transform. - * @returns {Function} Returns the new function. - */ - function overRest(func, start, transform) { - start = nativeMax(start === undefined ? func.length - 1 : start, 0); - return function () { - var args = arguments, - index = -1, - length = nativeMax(args.length - start, 0), - array = Array(length); - - while (++index < length) { - array[index] = args[start + index]; - } - index = -1; - var otherArgs = Array(start + 1); - while (++index < start) { - otherArgs[index] = args[index]; - } - otherArgs[start] = transform(array); - return apply(func, this, otherArgs); - }; - } - - /** - * Gets the parent value at `path` of `object`. - * - * @private - * @param {Object} object The object to query. - * @param {Array} path The path to get the parent value of. - * @returns {*} Returns the parent value. - */ - function parent(object, path) { - return path.length < 2 ? object : baseGet(object, baseSlice(path, 0, -1)); - } - - /** - * Reorder `array` according to the specified indexes where the element at - * the first index is assigned as the first element, the element at - * the second index is assigned as the second element, and so on. - * - * @private - * @param {Array} array The array to reorder. - * @param {Array} indexes The arranged array indexes. - * @returns {Array} Returns `array`. - */ - function reorder(array, indexes) { - var arrLength = array.length, - length = nativeMin(indexes.length, arrLength), - oldArray = copyArray(array); - - while (length--) { - var index = indexes[length]; - array[length] = isIndex(index, arrLength) ? oldArray[index] : undefined; - } - return array; - } - - /** - * Sets metadata for `func`. - * - * **Note:** If this function becomes hot, i.e. is invoked a lot in a short - * period of time, it will trip its breaker and transition to an identity - * function to avoid garbage collection pauses in V8. See - * [V8 issue 2070](https://bugs.chromium.org/p/v8/issues/detail?id=2070) - * for more details. - * - * @private - * @param {Function} func The function to associate metadata with. - * @param {*} data The metadata. - * @returns {Function} Returns `func`. - */ - var setData = shortOut(baseSetData); - - /** - * A simple wrapper around the global [`setTimeout`](https://mdn.io/setTimeout). - * - * @private - * @param {Function} func The function to delay. - * @param {number} wait The number of milliseconds to delay invocation. - * @returns {number|Object} Returns the timer id or timeout object. - */ - var setTimeout = - ctxSetTimeout || - function (func, wait) { - return root.setTimeout(func, wait); - }; - - /** - * Sets the `toString` method of `func` to return `string`. - * - * @private - * @param {Function} func The function to modify. - * @param {Function} string The `toString` result. - * @returns {Function} Returns `func`. - */ - var setToString = shortOut(baseSetToString); - - /** - * Sets the `toString` method of `wrapper` to mimic the source of `reference` - * with wrapper details in a comment at the top of the source body. - * - * @private - * @param {Function} wrapper The function to modify. - * @param {Function} reference The reference function. - * @param {number} bitmask The bitmask flags. See `createWrap` for more details. - * @returns {Function} Returns `wrapper`. - */ - function setWrapToString(wrapper, reference, bitmask) { - var source = reference + ''; - return setToString( - wrapper, - insertWrapDetails(source, updateWrapDetails(getWrapDetails(source), bitmask)) - ); - } - - /** - * Creates a function that'll short out and invoke `identity` instead - * of `func` when it's called `HOT_COUNT` or more times in `HOT_SPAN` - * milliseconds. - * - * @private - * @param {Function} func The function to restrict. - * @returns {Function} Returns the new shortable function. - */ - function shortOut(func) { - var count = 0, - lastCalled = 0; - - return function () { - var stamp = nativeNow(), - remaining = HOT_SPAN - (stamp - lastCalled); - - lastCalled = stamp; - if (remaining > 0) { - if (++count >= HOT_COUNT) { - return arguments[0]; - } - } else { - count = 0; - } - return func.apply(undefined, arguments); - }; - } - - /** - * A specialized version of `_.shuffle` which mutates and sets the size of `array`. - * - * @private - * @param {Array} array The array to shuffle. - * @param {number} [size=array.length] The size of `array`. - * @returns {Array} Returns `array`. - */ - function shuffleSelf(array, size) { - var index = -1, - length = array.length, - lastIndex = length - 1; - - size = size === undefined ? length : size; - while (++index < size) { - var rand = baseRandom(index, lastIndex), - value = array[rand]; - - array[rand] = array[index]; - array[index] = value; - } - array.length = size; - return array; - } - - /** - * Converts `string` to a property path array. - * - * @private - * @param {string} string The string to convert. - * @returns {Array} Returns the property path array. - */ - var stringToPath = memoizeCapped(function (string) { - var result = []; - if (string.charCodeAt(0) === 46 /* . */) { - result.push(''); - } - string.replace(rePropName, function (match, number, quote, subString) { - result.push(quote ? subString.replace(reEscapeChar, '$1') : number || match); - }); - return result; - }); - - /** - * Converts `value` to a string key if it's not a string or symbol. - * - * @private - * @param {*} value The value to inspect. - * @returns {string|symbol} Returns the key. - */ - function toKey(value) { - if (typeof value == 'string' || isSymbol(value)) { - return value; - } - var result = value + ''; - return result == '0' && 1 / value == -INFINITY ? '-0' : result; - } - - /** - * Converts `func` to its source code. - * - * @private - * @param {Function} func The function to convert. - * @returns {string} Returns the source code. - */ - function toSource(func) { - if (func != null) { - try { - return funcToString.call(func); - } catch (e) {} - try { - return func + ''; - } catch (e) {} - } - return ''; - } - - /** - * Updates wrapper `details` based on `bitmask` flags. - * - * @private - * @returns {Array} details The details to modify. - * @param {number} bitmask The bitmask flags. See `createWrap` for more details. - * @returns {Array} Returns `details`. - */ - function updateWrapDetails(details, bitmask) { - arrayEach(wrapFlags, function (pair) { - var value = '_.' + pair[0]; - if (bitmask & pair[1] && !arrayIncludes(details, value)) { - details.push(value); - } - }); - return details.sort(); - } - - /** - * Creates a clone of `wrapper`. - * - * @private - * @param {Object} wrapper The wrapper to clone. - * @returns {Object} Returns the cloned wrapper. - */ - function wrapperClone(wrapper) { - if (wrapper instanceof LazyWrapper) { - return wrapper.clone(); - } - var result = new LodashWrapper(wrapper.__wrapped__, wrapper.__chain__); - result.__actions__ = copyArray(wrapper.__actions__); - result.__index__ = wrapper.__index__; - result.__values__ = wrapper.__values__; - return result; - } - - /*------------------------------------------------------------------------*/ - - /** - * Creates an array of elements split into groups the length of `size`. - * If `array` can't be split evenly, the final chunk will be the remaining - * elements. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The array to process. - * @param {number} [size=1] The length of each chunk - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {Array} Returns the new array of chunks. - * @example - * - * _.chunk(['a', 'b', 'c', 'd'], 2); - * // => [['a', 'b'], ['c', 'd']] - * - * _.chunk(['a', 'b', 'c', 'd'], 3); - * // => [['a', 'b', 'c'], ['d']] - */ - function chunk(array, size, guard) { - if (guard ? isIterateeCall(array, size, guard) : size === undefined) { - size = 1; - } else { - size = nativeMax(toInteger(size), 0); - } - var length = array == null ? 0 : array.length; - if (!length || size < 1) { - return []; - } - var index = 0, - resIndex = 0, - result = Array(nativeCeil(length / size)); - - while (index < length) { - result[resIndex++] = baseSlice(array, index, (index += size)); - } - return result; - } - - /** - * Creates an array with all falsey values removed. The values `false`, `null`, - * `0`, `""`, `undefined`, and `NaN` are falsey. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The array to compact. - * @returns {Array} Returns the new array of filtered values. - * @example - * - * _.compact([0, 1, false, 2, '', 3]); - * // => [1, 2, 3] - */ - function compact(array) { - var index = -1, - length = array == null ? 0 : array.length, - resIndex = 0, - result = []; - - while (++index < length) { - var value = array[index]; - if (value) { - result[resIndex++] = value; - } - } - return result; - } - - /** - * Creates a new array concatenating `array` with any additional arrays - * and/or values. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to concatenate. - * @param {...*} [values] The values to concatenate. - * @returns {Array} Returns the new concatenated array. - * @example - * - * var array = [1]; - * var other = _.concat(array, 2, [3], [[4]]); - * - * console.log(other); - * // => [1, 2, 3, [4]] - * - * console.log(array); - * // => [1] - */ - function concat() { - var length = arguments.length; - if (!length) { - return []; - } - var args = Array(length - 1), - array = arguments[0], - index = length; - - while (index--) { - args[index - 1] = arguments[index]; - } - return arrayPush(isArray(array) ? copyArray(array) : [array], baseFlatten(args, 1)); - } - - /** - * Creates an array of `array` values not included in the other given arrays - * using [`SameValueZero`](http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero) - * for equality comparisons. The order and references of result values are - * determined by the first array. - * - * **Note:** Unlike `_.pullAll`, this method returns a new array. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {...Array} [values] The values to exclude. - * @returns {Array} Returns the new array of filtered values. - * @see _.without, _.xor - * @example - * - * _.difference([2, 1], [2, 3]); - * // => [1] - */ - var difference = baseRest(function (array, values) { - return isArrayLikeObject(array) - ? baseDifference(array, baseFlatten(values, 1, isArrayLikeObject, true)) - : []; - }); - - /** - * This method is like `_.difference` except that it accepts `iteratee` which - * is invoked for each element of `array` and `values` to generate the criterion - * by which they're compared. The order and references of result values are - * determined by the first array. The iteratee is invoked with one argument: - * (value). - * - * **Note:** Unlike `_.pullAllBy`, this method returns a new array. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {...Array} [values] The values to exclude. - * @param {Function} [iteratee=_.identity] The iteratee invoked per element. - * @returns {Array} Returns the new array of filtered values. - * @example - * - * _.differenceBy([2.1, 1.2], [2.3, 3.4], Math.floor); - * // => [1.2] - * - * // The `_.property` iteratee shorthand. - * _.differenceBy([{ 'x': 2 }, { 'x': 1 }], [{ 'x': 1 }], 'x'); - * // => [{ 'x': 2 }] - */ - var differenceBy = baseRest(function (array, values) { - var iteratee = last(values); - if (isArrayLikeObject(iteratee)) { - iteratee = undefined; - } - return isArrayLikeObject(array) - ? baseDifference( - array, - baseFlatten(values, 1, isArrayLikeObject, true), - getIteratee(iteratee, 2) - ) - : []; - }); - - /** - * This method is like `_.difference` except that it accepts `comparator` - * which is invoked to compare elements of `array` to `values`. The order and - * references of result values are determined by the first array. The comparator - * is invoked with two arguments: (arrVal, othVal). - * - * **Note:** Unlike `_.pullAllWith`, this method returns a new array. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {...Array} [values] The values to exclude. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns the new array of filtered values. - * @example - * - * var objects = [{ 'x': 1, 'y': 2 }, { 'x': 2, 'y': 1 }]; - * - * _.differenceWith(objects, [{ 'x': 1, 'y': 2 }], _.isEqual); - * // => [{ 'x': 2, 'y': 1 }] - */ - var differenceWith = baseRest(function (array, values) { - var comparator = last(values); - if (isArrayLikeObject(comparator)) { - comparator = undefined; - } - return isArrayLikeObject(array) - ? baseDifference( - array, - baseFlatten(values, 1, isArrayLikeObject, true), - undefined, - comparator - ) - : []; - }); - - /** - * Creates a slice of `array` with `n` elements dropped from the beginning. - * - * @static - * @memberOf _ - * @since 0.5.0 - * @category Array - * @param {Array} array The array to query. - * @param {number} [n=1] The number of elements to drop. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {Array} Returns the slice of `array`. - * @example - * - * _.drop([1, 2, 3]); - * // => [2, 3] - * - * _.drop([1, 2, 3], 2); - * // => [3] - * - * _.drop([1, 2, 3], 5); - * // => [] - * - * _.drop([1, 2, 3], 0); - * // => [1, 2, 3] - */ - function drop(array, n, guard) { - var length = array == null ? 0 : array.length; - if (!length) { - return []; - } - n = guard || n === undefined ? 1 : toInteger(n); - return baseSlice(array, n < 0 ? 0 : n, length); - } - - /** - * Creates a slice of `array` with `n` elements dropped from the end. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The array to query. - * @param {number} [n=1] The number of elements to drop. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {Array} Returns the slice of `array`. - * @example - * - * _.dropRight([1, 2, 3]); - * // => [1, 2] - * - * _.dropRight([1, 2, 3], 2); - * // => [1] - * - * _.dropRight([1, 2, 3], 5); - * // => [] - * - * _.dropRight([1, 2, 3], 0); - * // => [1, 2, 3] - */ - function dropRight(array, n, guard) { - var length = array == null ? 0 : array.length; - if (!length) { - return []; - } - n = guard || n === undefined ? 1 : toInteger(n); - n = length - n; - return baseSlice(array, 0, n < 0 ? 0 : n); - } - - /** - * Creates a slice of `array` excluding elements dropped from the end. - * Elements are dropped until `predicate` returns falsey. The predicate is - * invoked with three arguments: (value, index, array). - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The array to query. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @returns {Array} Returns the slice of `array`. - * @example - * - * var users = [ - * { 'user': 'barney', 'active': true }, - * { 'user': 'fred', 'active': false }, - * { 'user': 'pebbles', 'active': false } - * ]; - * - * _.dropRightWhile(users, function(o) { return !o.active; }); - * // => objects for ['barney'] - * - * // The `_.matches` iteratee shorthand. - * _.dropRightWhile(users, { 'user': 'pebbles', 'active': false }); - * // => objects for ['barney', 'fred'] - * - * // The `_.matchesProperty` iteratee shorthand. - * _.dropRightWhile(users, ['active', false]); - * // => objects for ['barney'] - * - * // The `_.property` iteratee shorthand. - * _.dropRightWhile(users, 'active'); - * // => objects for ['barney', 'fred', 'pebbles'] - */ - function dropRightWhile(array, predicate) { - return array && array.length ? baseWhile(array, getIteratee(predicate, 3), true, true) : []; - } - - /** - * Creates a slice of `array` excluding elements dropped from the beginning. - * Elements are dropped until `predicate` returns falsey. The predicate is - * invoked with three arguments: (value, index, array). - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The array to query. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @returns {Array} Returns the slice of `array`. - * @example - * - * var users = [ - * { 'user': 'barney', 'active': false }, - * { 'user': 'fred', 'active': false }, - * { 'user': 'pebbles', 'active': true } - * ]; - * - * _.dropWhile(users, function(o) { return !o.active; }); - * // => objects for ['pebbles'] - * - * // The `_.matches` iteratee shorthand. - * _.dropWhile(users, { 'user': 'barney', 'active': false }); - * // => objects for ['fred', 'pebbles'] - * - * // The `_.matchesProperty` iteratee shorthand. - * _.dropWhile(users, ['active', false]); - * // => objects for ['pebbles'] - * - * // The `_.property` iteratee shorthand. - * _.dropWhile(users, 'active'); - * // => objects for ['barney', 'fred', 'pebbles'] - */ - function dropWhile(array, predicate) { - return array && array.length ? baseWhile(array, getIteratee(predicate, 3), true) : []; - } - - /** - * Fills elements of `array` with `value` from `start` up to, but not - * including, `end`. - * - * **Note:** This method mutates `array`. - * - * @static - * @memberOf _ - * @since 3.2.0 - * @category Array - * @param {Array} array The array to fill. - * @param {*} value The value to fill `array` with. - * @param {number} [start=0] The start position. - * @param {number} [end=array.length] The end position. - * @returns {Array} Returns `array`. - * @example - * - * var array = [1, 2, 3]; - * - * _.fill(array, 'a'); - * console.log(array); - * // => ['a', 'a', 'a'] - * - * _.fill(Array(3), 2); - * // => [2, 2, 2] - * - * _.fill([4, 6, 8, 10], '*', 1, 3); - * // => [4, '*', '*', 10] - */ - function fill(array, value, start, end) { - var length = array == null ? 0 : array.length; - if (!length) { - return []; - } - if (start && typeof start != 'number' && isIterateeCall(array, value, start)) { - start = 0; - end = length; - } - return baseFill(array, value, start, end); - } - - /** - * This method is like `_.find` except that it returns the index of the first - * element `predicate` returns truthy for instead of the element itself. - * - * @static - * @memberOf _ - * @since 1.1.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @param {number} [fromIndex=0] The index to search from. - * @returns {number} Returns the index of the found element, else `-1`. - * @example - * - * var users = [ - * { 'user': 'barney', 'active': false }, - * { 'user': 'fred', 'active': false }, - * { 'user': 'pebbles', 'active': true } - * ]; - * - * _.findIndex(users, function(o) { return o.user == 'barney'; }); - * // => 0 - * - * // The `_.matches` iteratee shorthand. - * _.findIndex(users, { 'user': 'fred', 'active': false }); - * // => 1 - * - * // The `_.matchesProperty` iteratee shorthand. - * _.findIndex(users, ['active', false]); - * // => 0 - * - * // The `_.property` iteratee shorthand. - * _.findIndex(users, 'active'); - * // => 2 - */ - function findIndex(array, predicate, fromIndex) { - var length = array == null ? 0 : array.length; - if (!length) { - return -1; - } - var index = fromIndex == null ? 0 : toInteger(fromIndex); - if (index < 0) { - index = nativeMax(length + index, 0); - } - return baseFindIndex(array, getIteratee(predicate, 3), index); - } - - /** - * This method is like `_.findIndex` except that it iterates over elements - * of `collection` from right to left. - * - * @static - * @memberOf _ - * @since 2.0.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @param {number} [fromIndex=array.length-1] The index to search from. - * @returns {number} Returns the index of the found element, else `-1`. - * @example - * - * var users = [ - * { 'user': 'barney', 'active': true }, - * { 'user': 'fred', 'active': false }, - * { 'user': 'pebbles', 'active': false } - * ]; - * - * _.findLastIndex(users, function(o) { return o.user == 'pebbles'; }); - * // => 2 - * - * // The `_.matches` iteratee shorthand. - * _.findLastIndex(users, { 'user': 'barney', 'active': true }); - * // => 0 - * - * // The `_.matchesProperty` iteratee shorthand. - * _.findLastIndex(users, ['active', false]); - * // => 2 - * - * // The `_.property` iteratee shorthand. - * _.findLastIndex(users, 'active'); - * // => 0 - */ - function findLastIndex(array, predicate, fromIndex) { - var length = array == null ? 0 : array.length; - if (!length) { - return -1; - } - var index = length - 1; - if (fromIndex !== undefined) { - index = toInteger(fromIndex); - index = fromIndex < 0 ? nativeMax(length + index, 0) : nativeMin(index, length - 1); - } - return baseFindIndex(array, getIteratee(predicate, 3), index, true); - } - - /** - * Flattens `array` a single level deep. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The array to flatten. - * @returns {Array} Returns the new flattened array. - * @example - * - * _.flatten([1, [2, [3, [4]], 5]]); - * // => [1, 2, [3, [4]], 5] - */ - function flatten(array) { - var length = array == null ? 0 : array.length; - return length ? baseFlatten(array, 1) : []; - } - - /** - * Recursively flattens `array`. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The array to flatten. - * @returns {Array} Returns the new flattened array. - * @example - * - * _.flattenDeep([1, [2, [3, [4]], 5]]); - * // => [1, 2, 3, 4, 5] - */ - function flattenDeep(array) { - var length = array == null ? 0 : array.length; - return length ? baseFlatten(array, INFINITY) : []; - } - - /** - * Recursively flatten `array` up to `depth` times. - * - * @static - * @memberOf _ - * @since 4.4.0 - * @category Array - * @param {Array} array The array to flatten. - * @param {number} [depth=1] The maximum recursion depth. - * @returns {Array} Returns the new flattened array. - * @example - * - * var array = [1, [2, [3, [4]], 5]]; - * - * _.flattenDepth(array, 1); - * // => [1, 2, [3, [4]], 5] - * - * _.flattenDepth(array, 2); - * // => [1, 2, 3, [4], 5] - */ - function flattenDepth(array, depth) { - var length = array == null ? 0 : array.length; - if (!length) { - return []; - } - depth = depth === undefined ? 1 : toInteger(depth); - return baseFlatten(array, depth); - } - - /** - * The inverse of `_.toPairs`; this method returns an object composed - * from key-value `pairs`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} pairs The key-value pairs. - * @returns {Object} Returns the new object. - * @example - * - * _.fromPairs([['a', 1], ['b', 2]]); - * // => { 'a': 1, 'b': 2 } - */ - function fromPairs(pairs) { - var index = -1, - length = pairs == null ? 0 : pairs.length, - result = {}; - - while (++index < length) { - var pair = pairs[index]; - result[pair[0]] = pair[1]; - } - return result; - } - - /** - * Gets the first element of `array`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @alias first - * @category Array - * @param {Array} array The array to query. - * @returns {*} Returns the first element of `array`. - * @example - * - * _.head([1, 2, 3]); - * // => 1 - * - * _.head([]); - * // => undefined - */ - function head(array) { - return array && array.length ? array[0] : undefined; - } - - /** - * Gets the index at which the first occurrence of `value` is found in `array` - * using [`SameValueZero`](http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero) - * for equality comparisons. If `fromIndex` is negative, it's used as the - * offset from the end of `array`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {*} value The value to search for. - * @param {number} [fromIndex=0] The index to search from. - * @returns {number} Returns the index of the matched value, else `-1`. - * @example - * - * _.indexOf([1, 2, 1, 2], 2); - * // => 1 - * - * // Search from the `fromIndex`. - * _.indexOf([1, 2, 1, 2], 2, 2); - * // => 3 - */ - function indexOf(array, value, fromIndex) { - var length = array == null ? 0 : array.length; - if (!length) { - return -1; - } - var index = fromIndex == null ? 0 : toInteger(fromIndex); - if (index < 0) { - index = nativeMax(length + index, 0); - } - return baseIndexOf(array, value, index); - } - - /** - * Gets all but the last element of `array`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The array to query. - * @returns {Array} Returns the slice of `array`. - * @example - * - * _.initial([1, 2, 3]); - * // => [1, 2] - */ - function initial(array) { - var length = array == null ? 0 : array.length; - return length ? baseSlice(array, 0, -1) : []; - } - - /** - * Creates an array of unique values that are included in all given arrays - * using [`SameValueZero`](http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero) - * for equality comparisons. The order and references of result values are - * determined by the first array. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {...Array} [arrays] The arrays to inspect. - * @returns {Array} Returns the new array of intersecting values. - * @example - * - * _.intersection([2, 1], [2, 3]); - * // => [2] - */ - var intersection = baseRest(function (arrays) { - var mapped = arrayMap(arrays, castArrayLikeObject); - return mapped.length && mapped[0] === arrays[0] ? baseIntersection(mapped) : []; - }); - - /** - * This method is like `_.intersection` except that it accepts `iteratee` - * which is invoked for each element of each `arrays` to generate the criterion - * by which they're compared. The order and references of result values are - * determined by the first array. The iteratee is invoked with one argument: - * (value). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {...Array} [arrays] The arrays to inspect. - * @param {Function} [iteratee=_.identity] The iteratee invoked per element. - * @returns {Array} Returns the new array of intersecting values. - * @example - * - * _.intersectionBy([2.1, 1.2], [2.3, 3.4], Math.floor); - * // => [2.1] - * - * // The `_.property` iteratee shorthand. - * _.intersectionBy([{ 'x': 1 }], [{ 'x': 2 }, { 'x': 1 }], 'x'); - * // => [{ 'x': 1 }] - */ - var intersectionBy = baseRest(function (arrays) { - var iteratee = last(arrays), - mapped = arrayMap(arrays, castArrayLikeObject); - - if (iteratee === last(mapped)) { - iteratee = undefined; - } else { - mapped.pop(); - } - return mapped.length && mapped[0] === arrays[0] - ? baseIntersection(mapped, getIteratee(iteratee, 2)) - : []; - }); - - /** - * This method is like `_.intersection` except that it accepts `comparator` - * which is invoked to compare elements of `arrays`. The order and references - * of result values are determined by the first array. The comparator is - * invoked with two arguments: (arrVal, othVal). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {...Array} [arrays] The arrays to inspect. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns the new array of intersecting values. - * @example - * - * var objects = [{ 'x': 1, 'y': 2 }, { 'x': 2, 'y': 1 }]; - * var others = [{ 'x': 1, 'y': 1 }, { 'x': 1, 'y': 2 }]; - * - * _.intersectionWith(objects, others, _.isEqual); - * // => [{ 'x': 1, 'y': 2 }] - */ - var intersectionWith = baseRest(function (arrays) { - var comparator = last(arrays), - mapped = arrayMap(arrays, castArrayLikeObject); - - comparator = typeof comparator == 'function' ? comparator : undefined; - if (comparator) { - mapped.pop(); - } - return mapped.length && mapped[0] === arrays[0] - ? baseIntersection(mapped, undefined, comparator) - : []; - }); - - /** - * Converts all elements in `array` into a string separated by `separator`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to convert. - * @param {string} [separator=','] The element separator. - * @returns {string} Returns the joined string. - * @example - * - * _.join(['a', 'b', 'c'], '~'); - * // => 'a~b~c' - */ - function join(array, separator) { - return array == null ? '' : nativeJoin.call(array, separator); - } - - /** - * Gets the last element of `array`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The array to query. - * @returns {*} Returns the last element of `array`. - * @example - * - * _.last([1, 2, 3]); - * // => 3 - */ - function last(array) { - var length = array == null ? 0 : array.length; - return length ? array[length - 1] : undefined; - } - - /** - * This method is like `_.indexOf` except that it iterates over elements of - * `array` from right to left. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {*} value The value to search for. - * @param {number} [fromIndex=array.length-1] The index to search from. - * @returns {number} Returns the index of the matched value, else `-1`. - * @example - * - * _.lastIndexOf([1, 2, 1, 2], 2); - * // => 3 - * - * // Search from the `fromIndex`. - * _.lastIndexOf([1, 2, 1, 2], 2, 2); - * // => 1 - */ - function lastIndexOf(array, value, fromIndex) { - var length = array == null ? 0 : array.length; - if (!length) { - return -1; - } - var index = length; - if (fromIndex !== undefined) { - index = toInteger(fromIndex); - index = index < 0 ? nativeMax(length + index, 0) : nativeMin(index, length - 1); - } - return value === value - ? strictLastIndexOf(array, value, index) - : baseFindIndex(array, baseIsNaN, index, true); - } - - /** - * Gets the element at index `n` of `array`. If `n` is negative, the nth - * element from the end is returned. - * - * @static - * @memberOf _ - * @since 4.11.0 - * @category Array - * @param {Array} array The array to query. - * @param {number} [n=0] The index of the element to return. - * @returns {*} Returns the nth element of `array`. - * @example - * - * var array = ['a', 'b', 'c', 'd']; - * - * _.nth(array, 1); - * // => 'b' - * - * _.nth(array, -2); - * // => 'c'; - */ - function nth(array, n) { - return array && array.length ? baseNth(array, toInteger(n)) : undefined; - } - - /** - * Removes all given values from `array` using - * [`SameValueZero`](http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero) - * for equality comparisons. - * - * **Note:** Unlike `_.without`, this method mutates `array`. Use `_.remove` - * to remove elements from an array by predicate. - * - * @static - * @memberOf _ - * @since 2.0.0 - * @category Array - * @param {Array} array The array to modify. - * @param {...*} [values] The values to remove. - * @returns {Array} Returns `array`. - * @example - * - * var array = ['a', 'b', 'c', 'a', 'b', 'c']; - * - * _.pull(array, 'a', 'c'); - * console.log(array); - * // => ['b', 'b'] - */ - var pull = baseRest(pullAll); - - /** - * This method is like `_.pull` except that it accepts an array of values to remove. - * - * **Note:** Unlike `_.difference`, this method mutates `array`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to modify. - * @param {Array} values The values to remove. - * @returns {Array} Returns `array`. - * @example - * - * var array = ['a', 'b', 'c', 'a', 'b', 'c']; - * - * _.pullAll(array, ['a', 'c']); - * console.log(array); - * // => ['b', 'b'] - */ - function pullAll(array, values) { - return array && array.length && values && values.length ? basePullAll(array, values) : array; - } - - /** - * This method is like `_.pullAll` except that it accepts `iteratee` which is - * invoked for each element of `array` and `values` to generate the criterion - * by which they're compared. The iteratee is invoked with one argument: (value). - * - * **Note:** Unlike `_.differenceBy`, this method mutates `array`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to modify. - * @param {Array} values The values to remove. - * @param {Function} [iteratee=_.identity] The iteratee invoked per element. - * @returns {Array} Returns `array`. - * @example - * - * var array = [{ 'x': 1 }, { 'x': 2 }, { 'x': 3 }, { 'x': 1 }]; - * - * _.pullAllBy(array, [{ 'x': 1 }, { 'x': 3 }], 'x'); - * console.log(array); - * // => [{ 'x': 2 }] - */ - function pullAllBy(array, values, iteratee) { - return array && array.length && values && values.length - ? basePullAll(array, values, getIteratee(iteratee, 2)) - : array; - } - - /** - * This method is like `_.pullAll` except that it accepts `comparator` which - * is invoked to compare elements of `array` to `values`. The comparator is - * invoked with two arguments: (arrVal, othVal). - * - * **Note:** Unlike `_.differenceWith`, this method mutates `array`. - * - * @static - * @memberOf _ - * @since 4.6.0 - * @category Array - * @param {Array} array The array to modify. - * @param {Array} values The values to remove. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns `array`. - * @example - * - * var array = [{ 'x': 1, 'y': 2 }, { 'x': 3, 'y': 4 }, { 'x': 5, 'y': 6 }]; - * - * _.pullAllWith(array, [{ 'x': 3, 'y': 4 }], _.isEqual); - * console.log(array); - * // => [{ 'x': 1, 'y': 2 }, { 'x': 5, 'y': 6 }] - */ - function pullAllWith(array, values, comparator) { - return array && array.length && values && values.length - ? basePullAll(array, values, undefined, comparator) - : array; - } - - /** - * Removes elements from `array` corresponding to `indexes` and returns an - * array of removed elements. - * - * **Note:** Unlike `_.at`, this method mutates `array`. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The array to modify. - * @param {...(number|number[])} [indexes] The indexes of elements to remove. - * @returns {Array} Returns the new array of removed elements. - * @example - * - * var array = ['a', 'b', 'c', 'd']; - * var pulled = _.pullAt(array, [1, 3]); - * - * console.log(array); - * // => ['a', 'c'] - * - * console.log(pulled); - * // => ['b', 'd'] - */ - var pullAt = flatRest(function (array, indexes) { - var length = array == null ? 0 : array.length, - result = baseAt(array, indexes); - - basePullAt( - array, - arrayMap(indexes, function (index) { - return isIndex(index, length) ? +index : index; - }).sort(compareAscending) - ); - - return result; - }); - - /** - * Removes all elements from `array` that `predicate` returns truthy for - * and returns an array of the removed elements. The predicate is invoked - * with three arguments: (value, index, array). - * - * **Note:** Unlike `_.filter`, this method mutates `array`. Use `_.pull` - * to pull elements from an array by value. - * - * @static - * @memberOf _ - * @since 2.0.0 - * @category Array - * @param {Array} array The array to modify. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @returns {Array} Returns the new array of removed elements. - * @example - * - * var array = [1, 2, 3, 4]; - * var evens = _.remove(array, function(n) { - * return n % 2 == 0; - * }); - * - * console.log(array); - * // => [1, 3] - * - * console.log(evens); - * // => [2, 4] - */ - function remove(array, predicate) { - var result = []; - if (!(array && array.length)) { - return result; - } - var index = -1, - indexes = [], - length = array.length; - - predicate = getIteratee(predicate, 3); - while (++index < length) { - var value = array[index]; - if (predicate(value, index, array)) { - result.push(value); - indexes.push(index); - } - } - basePullAt(array, indexes); - return result; - } - - /** - * Reverses `array` so that the first element becomes the last, the second - * element becomes the second to last, and so on. - * - * **Note:** This method mutates `array` and is based on - * [`Array#reverse`](https://mdn.io/Array/reverse). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to modify. - * @returns {Array} Returns `array`. - * @example - * - * var array = [1, 2, 3]; - * - * _.reverse(array); - * // => [3, 2, 1] - * - * console.log(array); - * // => [3, 2, 1] - */ - function reverse(array) { - return array == null ? array : nativeReverse.call(array); - } - - /** - * Creates a slice of `array` from `start` up to, but not including, `end`. - * - * **Note:** This method is used instead of - * [`Array#slice`](https://mdn.io/Array/slice) to ensure dense arrays are - * returned. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The array to slice. - * @param {number} [start=0] The start position. - * @param {number} [end=array.length] The end position. - * @returns {Array} Returns the slice of `array`. - */ - function slice(array, start, end) { - var length = array == null ? 0 : array.length; - if (!length) { - return []; - } - if (end && typeof end != 'number' && isIterateeCall(array, start, end)) { - start = 0; - end = length; - } else { - start = start == null ? 0 : toInteger(start); - end = end === undefined ? length : toInteger(end); - } - return baseSlice(array, start, end); - } - - /** - * Uses a binary search to determine the lowest index at which `value` - * should be inserted into `array` in order to maintain its sort order. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The sorted array to inspect. - * @param {*} value The value to evaluate. - * @returns {number} Returns the index at which `value` should be inserted - * into `array`. - * @example - * - * _.sortedIndex([30, 50], 40); - * // => 1 - */ - function sortedIndex(array, value) { - return baseSortedIndex(array, value); - } - - /** - * This method is like `_.sortedIndex` except that it accepts `iteratee` - * which is invoked for `value` and each element of `array` to compute their - * sort ranking. The iteratee is invoked with one argument: (value). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The sorted array to inspect. - * @param {*} value The value to evaluate. - * @param {Function} [iteratee=_.identity] The iteratee invoked per element. - * @returns {number} Returns the index at which `value` should be inserted - * into `array`. - * @example - * - * var objects = [{ 'x': 4 }, { 'x': 5 }]; - * - * _.sortedIndexBy(objects, { 'x': 4 }, function(o) { return o.x; }); - * // => 0 - * - * // The `_.property` iteratee shorthand. - * _.sortedIndexBy(objects, { 'x': 4 }, 'x'); - * // => 0 - */ - function sortedIndexBy(array, value, iteratee) { - return baseSortedIndexBy(array, value, getIteratee(iteratee, 2)); - } - - /** - * This method is like `_.indexOf` except that it performs a binary - * search on a sorted `array`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {*} value The value to search for. - * @returns {number} Returns the index of the matched value, else `-1`. - * @example - * - * _.sortedIndexOf([4, 5, 5, 5, 6], 5); - * // => 1 - */ - function sortedIndexOf(array, value) { - var length = array == null ? 0 : array.length; - if (length) { - var index = baseSortedIndex(array, value); - if (index < length && eq(array[index], value)) { - return index; - } - } - return -1; - } - - /** - * This method is like `_.sortedIndex` except that it returns the highest - * index at which `value` should be inserted into `array` in order to - * maintain its sort order. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The sorted array to inspect. - * @param {*} value The value to evaluate. - * @returns {number} Returns the index at which `value` should be inserted - * into `array`. - * @example - * - * _.sortedLastIndex([4, 5, 5, 5, 6], 5); - * // => 4 - */ - function sortedLastIndex(array, value) { - return baseSortedIndex(array, value, true); - } - - /** - * This method is like `_.sortedLastIndex` except that it accepts `iteratee` - * which is invoked for `value` and each element of `array` to compute their - * sort ranking. The iteratee is invoked with one argument: (value). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The sorted array to inspect. - * @param {*} value The value to evaluate. - * @param {Function} [iteratee=_.identity] The iteratee invoked per element. - * @returns {number} Returns the index at which `value` should be inserted - * into `array`. - * @example - * - * var objects = [{ 'x': 4 }, { 'x': 5 }]; - * - * _.sortedLastIndexBy(objects, { 'x': 4 }, function(o) { return o.x; }); - * // => 1 - * - * // The `_.property` iteratee shorthand. - * _.sortedLastIndexBy(objects, { 'x': 4 }, 'x'); - * // => 1 - */ - function sortedLastIndexBy(array, value, iteratee) { - return baseSortedIndexBy(array, value, getIteratee(iteratee, 2), true); - } - - /** - * This method is like `_.lastIndexOf` except that it performs a binary - * search on a sorted `array`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {*} value The value to search for. - * @returns {number} Returns the index of the matched value, else `-1`. - * @example - * - * _.sortedLastIndexOf([4, 5, 5, 5, 6], 5); - * // => 3 - */ - function sortedLastIndexOf(array, value) { - var length = array == null ? 0 : array.length; - if (length) { - var index = baseSortedIndex(array, value, true) - 1; - if (eq(array[index], value)) { - return index; - } - } - return -1; - } - - /** - * This method is like `_.uniq` except that it's designed and optimized - * for sorted arrays. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to inspect. - * @returns {Array} Returns the new duplicate free array. - * @example - * - * _.sortedUniq([1, 1, 2]); - * // => [1, 2] - */ - function sortedUniq(array) { - return array && array.length ? baseSortedUniq(array) : []; - } - - /** - * This method is like `_.uniqBy` except that it's designed and optimized - * for sorted arrays. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {Function} [iteratee] The iteratee invoked per element. - * @returns {Array} Returns the new duplicate free array. - * @example - * - * _.sortedUniqBy([1.1, 1.2, 2.3, 2.4], Math.floor); - * // => [1.1, 2.3] - */ - function sortedUniqBy(array, iteratee) { - return array && array.length ? baseSortedUniq(array, getIteratee(iteratee, 2)) : []; - } - - /** - * Gets all but the first element of `array`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to query. - * @returns {Array} Returns the slice of `array`. - * @example - * - * _.tail([1, 2, 3]); - * // => [2, 3] - */ - function tail(array) { - var length = array == null ? 0 : array.length; - return length ? baseSlice(array, 1, length) : []; - } - - /** - * Creates a slice of `array` with `n` elements taken from the beginning. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The array to query. - * @param {number} [n=1] The number of elements to take. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {Array} Returns the slice of `array`. - * @example - * - * _.take([1, 2, 3]); - * // => [1] - * - * _.take([1, 2, 3], 2); - * // => [1, 2] - * - * _.take([1, 2, 3], 5); - * // => [1, 2, 3] - * - * _.take([1, 2, 3], 0); - * // => [] - */ - function take(array, n, guard) { - if (!(array && array.length)) { - return []; - } - n = guard || n === undefined ? 1 : toInteger(n); - return baseSlice(array, 0, n < 0 ? 0 : n); - } - - /** - * Creates a slice of `array` with `n` elements taken from the end. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The array to query. - * @param {number} [n=1] The number of elements to take. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {Array} Returns the slice of `array`. - * @example - * - * _.takeRight([1, 2, 3]); - * // => [3] - * - * _.takeRight([1, 2, 3], 2); - * // => [2, 3] - * - * _.takeRight([1, 2, 3], 5); - * // => [1, 2, 3] - * - * _.takeRight([1, 2, 3], 0); - * // => [] - */ - function takeRight(array, n, guard) { - var length = array == null ? 0 : array.length; - if (!length) { - return []; - } - n = guard || n === undefined ? 1 : toInteger(n); - n = length - n; - return baseSlice(array, n < 0 ? 0 : n, length); - } - - /** - * Creates a slice of `array` with elements taken from the end. Elements are - * taken until `predicate` returns falsey. The predicate is invoked with - * three arguments: (value, index, array). - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The array to query. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @returns {Array} Returns the slice of `array`. - * @example - * - * var users = [ - * { 'user': 'barney', 'active': true }, - * { 'user': 'fred', 'active': false }, - * { 'user': 'pebbles', 'active': false } - * ]; - * - * _.takeRightWhile(users, function(o) { return !o.active; }); - * // => objects for ['fred', 'pebbles'] - * - * // The `_.matches` iteratee shorthand. - * _.takeRightWhile(users, { 'user': 'pebbles', 'active': false }); - * // => objects for ['pebbles'] - * - * // The `_.matchesProperty` iteratee shorthand. - * _.takeRightWhile(users, ['active', false]); - * // => objects for ['fred', 'pebbles'] - * - * // The `_.property` iteratee shorthand. - * _.takeRightWhile(users, 'active'); - * // => [] - */ - function takeRightWhile(array, predicate) { - return array && array.length ? baseWhile(array, getIteratee(predicate, 3), false, true) : []; - } - - /** - * Creates a slice of `array` with elements taken from the beginning. Elements - * are taken until `predicate` returns falsey. The predicate is invoked with - * three arguments: (value, index, array). - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Array - * @param {Array} array The array to query. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @returns {Array} Returns the slice of `array`. - * @example - * - * var users = [ - * { 'user': 'barney', 'active': false }, - * { 'user': 'fred', 'active': false }, - * { 'user': 'pebbles', 'active': true } - * ]; - * - * _.takeWhile(users, function(o) { return !o.active; }); - * // => objects for ['barney', 'fred'] - * - * // The `_.matches` iteratee shorthand. - * _.takeWhile(users, { 'user': 'barney', 'active': false }); - * // => objects for ['barney'] - * - * // The `_.matchesProperty` iteratee shorthand. - * _.takeWhile(users, ['active', false]); - * // => objects for ['barney', 'fred'] - * - * // The `_.property` iteratee shorthand. - * _.takeWhile(users, 'active'); - * // => [] - */ - function takeWhile(array, predicate) { - return array && array.length ? baseWhile(array, getIteratee(predicate, 3)) : []; - } - - /** - * Creates an array of unique values, in order, from all given arrays using - * [`SameValueZero`](http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero) - * for equality comparisons. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {...Array} [arrays] The arrays to inspect. - * @returns {Array} Returns the new array of combined values. - * @example - * - * _.union([2], [1, 2]); - * // => [2, 1] - */ - var union = baseRest(function (arrays) { - return baseUniq(baseFlatten(arrays, 1, isArrayLikeObject, true)); - }); - - /** - * This method is like `_.union` except that it accepts `iteratee` which is - * invoked for each element of each `arrays` to generate the criterion by - * which uniqueness is computed. Result values are chosen from the first - * array in which the value occurs. The iteratee is invoked with one argument: - * (value). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {...Array} [arrays] The arrays to inspect. - * @param {Function} [iteratee=_.identity] The iteratee invoked per element. - * @returns {Array} Returns the new array of combined values. - * @example - * - * _.unionBy([2.1], [1.2, 2.3], Math.floor); - * // => [2.1, 1.2] - * - * // The `_.property` iteratee shorthand. - * _.unionBy([{ 'x': 1 }], [{ 'x': 2 }, { 'x': 1 }], 'x'); - * // => [{ 'x': 1 }, { 'x': 2 }] - */ - var unionBy = baseRest(function (arrays) { - var iteratee = last(arrays); - if (isArrayLikeObject(iteratee)) { - iteratee = undefined; - } - return baseUniq(baseFlatten(arrays, 1, isArrayLikeObject, true), getIteratee(iteratee, 2)); - }); - - /** - * This method is like `_.union` except that it accepts `comparator` which - * is invoked to compare elements of `arrays`. Result values are chosen from - * the first array in which the value occurs. The comparator is invoked - * with two arguments: (arrVal, othVal). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {...Array} [arrays] The arrays to inspect. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns the new array of combined values. - * @example - * - * var objects = [{ 'x': 1, 'y': 2 }, { 'x': 2, 'y': 1 }]; - * var others = [{ 'x': 1, 'y': 1 }, { 'x': 1, 'y': 2 }]; - * - * _.unionWith(objects, others, _.isEqual); - * // => [{ 'x': 1, 'y': 2 }, { 'x': 2, 'y': 1 }, { 'x': 1, 'y': 1 }] - */ - var unionWith = baseRest(function (arrays) { - var comparator = last(arrays); - comparator = typeof comparator == 'function' ? comparator : undefined; - return baseUniq(baseFlatten(arrays, 1, isArrayLikeObject, true), undefined, comparator); - }); - - /** - * Creates a duplicate-free version of an array, using - * [`SameValueZero`](http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero) - * for equality comparisons, in which only the first occurrence of each element - * is kept. The order of result values is determined by the order they occur - * in the array. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The array to inspect. - * @returns {Array} Returns the new duplicate free array. - * @example - * - * _.uniq([2, 1, 2]); - * // => [2, 1] - */ - function uniq(array) { - return array && array.length ? baseUniq(array) : []; - } - - /** - * This method is like `_.uniq` except that it accepts `iteratee` which is - * invoked for each element in `array` to generate the criterion by which - * uniqueness is computed. The order of result values is determined by the - * order they occur in the array. The iteratee is invoked with one argument: - * (value). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {Function} [iteratee=_.identity] The iteratee invoked per element. - * @returns {Array} Returns the new duplicate free array. - * @example - * - * _.uniqBy([2.1, 1.2, 2.3], Math.floor); - * // => [2.1, 1.2] - * - * // The `_.property` iteratee shorthand. - * _.uniqBy([{ 'x': 1 }, { 'x': 2 }, { 'x': 1 }], 'x'); - * // => [{ 'x': 1 }, { 'x': 2 }] - */ - function uniqBy(array, iteratee) { - return array && array.length ? baseUniq(array, getIteratee(iteratee, 2)) : []; - } - - /** - * This method is like `_.uniq` except that it accepts `comparator` which - * is invoked to compare elements of `array`. The order of result values is - * determined by the order they occur in the array.The comparator is invoked - * with two arguments: (arrVal, othVal). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns the new duplicate free array. - * @example - * - * var objects = [{ 'x': 1, 'y': 2 }, { 'x': 2, 'y': 1 }, { 'x': 1, 'y': 2 }]; - * - * _.uniqWith(objects, _.isEqual); - * // => [{ 'x': 1, 'y': 2 }, { 'x': 2, 'y': 1 }] - */ - function uniqWith(array, comparator) { - comparator = typeof comparator == 'function' ? comparator : undefined; - return array && array.length ? baseUniq(array, undefined, comparator) : []; - } - - /** - * This method is like `_.zip` except that it accepts an array of grouped - * elements and creates an array regrouping the elements to their pre-zip - * configuration. - * - * @static - * @memberOf _ - * @since 1.2.0 - * @category Array - * @param {Array} array The array of grouped elements to process. - * @returns {Array} Returns the new array of regrouped elements. - * @example - * - * var zipped = _.zip(['a', 'b'], [1, 2], [true, false]); - * // => [['a', 1, true], ['b', 2, false]] - * - * _.unzip(zipped); - * // => [['a', 'b'], [1, 2], [true, false]] - */ - function unzip(array) { - if (!(array && array.length)) { - return []; - } - var length = 0; - array = arrayFilter(array, function (group) { - if (isArrayLikeObject(group)) { - length = nativeMax(group.length, length); - return true; - } - }); - return baseTimes(length, function (index) { - return arrayMap(array, baseProperty(index)); - }); - } - - /** - * This method is like `_.unzip` except that it accepts `iteratee` to specify - * how regrouped values should be combined. The iteratee is invoked with the - * elements of each group: (...group). - * - * @static - * @memberOf _ - * @since 3.8.0 - * @category Array - * @param {Array} array The array of grouped elements to process. - * @param {Function} [iteratee=_.identity] The function to combine - * regrouped values. - * @returns {Array} Returns the new array of regrouped elements. - * @example - * - * var zipped = _.zip([1, 2], [10, 20], [100, 200]); - * // => [[1, 10, 100], [2, 20, 200]] - * - * _.unzipWith(zipped, _.add); - * // => [3, 30, 300] - */ - function unzipWith(array, iteratee) { - if (!(array && array.length)) { - return []; - } - var result = unzip(array); - if (iteratee == null) { - return result; - } - return arrayMap(result, function (group) { - return apply(iteratee, undefined, group); - }); - } - - /** - * Creates an array excluding all given values using - * [`SameValueZero`](http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero) - * for equality comparisons. - * - * **Note:** Unlike `_.pull`, this method returns a new array. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {Array} array The array to inspect. - * @param {...*} [values] The values to exclude. - * @returns {Array} Returns the new array of filtered values. - * @see _.difference, _.xor - * @example - * - * _.without([2, 1, 2, 3], 1, 2); - * // => [3] - */ - var without = baseRest(function (array, values) { - return isArrayLikeObject(array) ? baseDifference(array, values) : []; - }); - - /** - * Creates an array of unique values that is the - * [symmetric difference](https://en.wikipedia.org/wiki/Symmetric_difference) - * of the given arrays. The order of result values is determined by the order - * they occur in the arrays. - * - * @static - * @memberOf _ - * @since 2.4.0 - * @category Array - * @param {...Array} [arrays] The arrays to inspect. - * @returns {Array} Returns the new array of filtered values. - * @see _.difference, _.without - * @example - * - * _.xor([2, 1], [2, 3]); - * // => [1, 3] - */ - var xor = baseRest(function (arrays) { - return baseXor(arrayFilter(arrays, isArrayLikeObject)); - }); - - /** - * This method is like `_.xor` except that it accepts `iteratee` which is - * invoked for each element of each `arrays` to generate the criterion by - * which by which they're compared. The order of result values is determined - * by the order they occur in the arrays. The iteratee is invoked with one - * argument: (value). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {...Array} [arrays] The arrays to inspect. - * @param {Function} [iteratee=_.identity] The iteratee invoked per element. - * @returns {Array} Returns the new array of filtered values. - * @example - * - * _.xorBy([2.1, 1.2], [2.3, 3.4], Math.floor); - * // => [1.2, 3.4] - * - * // The `_.property` iteratee shorthand. - * _.xorBy([{ 'x': 1 }], [{ 'x': 2 }, { 'x': 1 }], 'x'); - * // => [{ 'x': 2 }] - */ - var xorBy = baseRest(function (arrays) { - var iteratee = last(arrays); - if (isArrayLikeObject(iteratee)) { - iteratee = undefined; - } - return baseXor(arrayFilter(arrays, isArrayLikeObject), getIteratee(iteratee, 2)); - }); - - /** - * This method is like `_.xor` except that it accepts `comparator` which is - * invoked to compare elements of `arrays`. The order of result values is - * determined by the order they occur in the arrays. The comparator is invoked - * with two arguments: (arrVal, othVal). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Array - * @param {...Array} [arrays] The arrays to inspect. - * @param {Function} [comparator] The comparator invoked per element. - * @returns {Array} Returns the new array of filtered values. - * @example - * - * var objects = [{ 'x': 1, 'y': 2 }, { 'x': 2, 'y': 1 }]; - * var others = [{ 'x': 1, 'y': 1 }, { 'x': 1, 'y': 2 }]; - * - * _.xorWith(objects, others, _.isEqual); - * // => [{ 'x': 2, 'y': 1 }, { 'x': 1, 'y': 1 }] - */ - var xorWith = baseRest(function (arrays) { - var comparator = last(arrays); - comparator = typeof comparator == 'function' ? comparator : undefined; - return baseXor(arrayFilter(arrays, isArrayLikeObject), undefined, comparator); - }); - - /** - * Creates an array of grouped elements, the first of which contains the - * first elements of the given arrays, the second of which contains the - * second elements of the given arrays, and so on. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Array - * @param {...Array} [arrays] The arrays to process. - * @returns {Array} Returns the new array of grouped elements. - * @example - * - * _.zip(['a', 'b'], [1, 2], [true, false]); - * // => [['a', 1, true], ['b', 2, false]] - */ - var zip = baseRest(unzip); - - /** - * This method is like `_.fromPairs` except that it accepts two arrays, - * one of property identifiers and one of corresponding values. - * - * @static - * @memberOf _ - * @since 0.4.0 - * @category Array - * @param {Array} [props=[]] The property identifiers. - * @param {Array} [values=[]] The property values. - * @returns {Object} Returns the new object. - * @example - * - * _.zipObject(['a', 'b'], [1, 2]); - * // => { 'a': 1, 'b': 2 } - */ - function zipObject(props, values) { - return baseZipObject(props || [], values || [], assignValue); - } - - /** - * This method is like `_.zipObject` except that it supports property paths. - * - * @static - * @memberOf _ - * @since 4.1.0 - * @category Array - * @param {Array} [props=[]] The property identifiers. - * @param {Array} [values=[]] The property values. - * @returns {Object} Returns the new object. - * @example - * - * _.zipObjectDeep(['a.b[0].c', 'a.b[1].d'], [1, 2]); - * // => { 'a': { 'b': [{ 'c': 1 }, { 'd': 2 }] } } - */ - function zipObjectDeep(props, values) { - return baseZipObject(props || [], values || [], baseSet); - } - - /** - * This method is like `_.zip` except that it accepts `iteratee` to specify - * how grouped values should be combined. The iteratee is invoked with the - * elements of each group: (...group). - * - * @static - * @memberOf _ - * @since 3.8.0 - * @category Array - * @param {...Array} [arrays] The arrays to process. - * @param {Function} [iteratee=_.identity] The function to combine - * grouped values. - * @returns {Array} Returns the new array of grouped elements. - * @example - * - * _.zipWith([1, 2], [10, 20], [100, 200], function(a, b, c) { - * return a + b + c; - * }); - * // => [111, 222] - */ - var zipWith = baseRest(function (arrays) { - var length = arrays.length, - iteratee = length > 1 ? arrays[length - 1] : undefined; - - iteratee = typeof iteratee == 'function' ? (arrays.pop(), iteratee) : undefined; - return unzipWith(arrays, iteratee); - }); - - /*------------------------------------------------------------------------*/ - - /** - * Creates a `lodash` wrapper instance that wraps `value` with explicit method - * chain sequences enabled. The result of such sequences must be unwrapped - * with `_#value`. - * - * @static - * @memberOf _ - * @since 1.3.0 - * @category Seq - * @param {*} value The value to wrap. - * @returns {Object} Returns the new `lodash` wrapper instance. - * @example - * - * var users = [ - * { 'user': 'barney', 'age': 36 }, - * { 'user': 'fred', 'age': 40 }, - * { 'user': 'pebbles', 'age': 1 } - * ]; - * - * var youngest = _ - * .chain(users) - * .sortBy('age') - * .map(function(o) { - * return o.user + ' is ' + o.age; - * }) - * .head() - * .value(); - * // => 'pebbles is 1' - */ - function chain(value) { - var result = lodash(value); - result.__chain__ = true; - return result; - } - - /** - * This method invokes `interceptor` and returns `value`. The interceptor - * is invoked with one argument; (value). The purpose of this method is to - * "tap into" a method chain sequence in order to modify intermediate results. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Seq - * @param {*} value The value to provide to `interceptor`. - * @param {Function} interceptor The function to invoke. - * @returns {*} Returns `value`. - * @example - * - * _([1, 2, 3]) - * .tap(function(array) { - * // Mutate input array. - * array.pop(); - * }) - * .reverse() - * .value(); - * // => [2, 1] - */ - function tap(value, interceptor) { - interceptor(value); - return value; - } - - /** - * This method is like `_.tap` except that it returns the result of `interceptor`. - * The purpose of this method is to "pass thru" values replacing intermediate - * results in a method chain sequence. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Seq - * @param {*} value The value to provide to `interceptor`. - * @param {Function} interceptor The function to invoke. - * @returns {*} Returns the result of `interceptor`. - * @example - * - * _(' abc ') - * .chain() - * .trim() - * .thru(function(value) { - * return [value]; - * }) - * .value(); - * // => ['abc'] - */ - function thru(value, interceptor) { - return interceptor(value); - } - - /** - * This method is the wrapper version of `_.at`. - * - * @name at - * @memberOf _ - * @since 1.0.0 - * @category Seq - * @param {...(string|string[])} [paths] The property paths to pick. - * @returns {Object} Returns the new `lodash` wrapper instance. - * @example - * - * var object = { 'a': [{ 'b': { 'c': 3 } }, 4] }; - * - * _(object).at(['a[0].b.c', 'a[1]']).value(); - * // => [3, 4] - */ - var wrapperAt = flatRest(function (paths) { - var length = paths.length, - start = length ? paths[0] : 0, - value = this.__wrapped__, - interceptor = function (object) { - return baseAt(object, paths); - }; - - if ( - length > 1 || - this.__actions__.length || - !(value instanceof LazyWrapper) || - !isIndex(start) - ) { - return this.thru(interceptor); - } - value = value.slice(start, +start + (length ? 1 : 0)); - value.__actions__.push({ - func: thru, - args: [interceptor], - thisArg: undefined, - }); - return new LodashWrapper(value, this.__chain__).thru(function (array) { - if (length && !array.length) { - array.push(undefined); - } - return array; - }); - }); - - /** - * Creates a `lodash` wrapper instance with explicit method chain sequences enabled. - * - * @name chain - * @memberOf _ - * @since 0.1.0 - * @category Seq - * @returns {Object} Returns the new `lodash` wrapper instance. - * @example - * - * var users = [ - * { 'user': 'barney', 'age': 36 }, - * { 'user': 'fred', 'age': 40 } - * ]; - * - * // A sequence without explicit chaining. - * _(users).head(); - * // => { 'user': 'barney', 'age': 36 } - * - * // A sequence with explicit chaining. - * _(users) - * .chain() - * .head() - * .pick('user') - * .value(); - * // => { 'user': 'barney' } - */ - function wrapperChain() { - return chain(this); - } - - /** - * Executes the chain sequence and returns the wrapped result. - * - * @name commit - * @memberOf _ - * @since 3.2.0 - * @category Seq - * @returns {Object} Returns the new `lodash` wrapper instance. - * @example - * - * var array = [1, 2]; - * var wrapped = _(array).push(3); - * - * console.log(array); - * // => [1, 2] - * - * wrapped = wrapped.commit(); - * console.log(array); - * // => [1, 2, 3] - * - * wrapped.last(); - * // => 3 - * - * console.log(array); - * // => [1, 2, 3] - */ - function wrapperCommit() { - return new LodashWrapper(this.value(), this.__chain__); - } - - /** - * Gets the next value on a wrapped object following the - * [iterator protocol](https://mdn.io/iteration_protocols#iterator). - * - * @name next - * @memberOf _ - * @since 4.0.0 - * @category Seq - * @returns {Object} Returns the next iterator value. - * @example - * - * var wrapped = _([1, 2]); - * - * wrapped.next(); - * // => { 'done': false, 'value': 1 } - * - * wrapped.next(); - * // => { 'done': false, 'value': 2 } - * - * wrapped.next(); - * // => { 'done': true, 'value': undefined } - */ - function wrapperNext() { - if (this.__values__ === undefined) { - this.__values__ = toArray(this.value()); - } - var done = this.__index__ >= this.__values__.length, - value = done ? undefined : this.__values__[this.__index__++]; - - return { done: done, value: value }; - } - - /** - * Enables the wrapper to be iterable. - * - * @name Symbol.iterator - * @memberOf _ - * @since 4.0.0 - * @category Seq - * @returns {Object} Returns the wrapper object. - * @example - * - * var wrapped = _([1, 2]); - * - * wrapped[Symbol.iterator]() === wrapped; - * // => true - * - * Array.from(wrapped); - * // => [1, 2] - */ - function wrapperToIterator() { - return this; - } - - /** - * Creates a clone of the chain sequence planting `value` as the wrapped value. - * - * @name plant - * @memberOf _ - * @since 3.2.0 - * @category Seq - * @param {*} value The value to plant. - * @returns {Object} Returns the new `lodash` wrapper instance. - * @example - * - * function square(n) { - * return n * n; - * } - * - * var wrapped = _([1, 2]).map(square); - * var other = wrapped.plant([3, 4]); - * - * other.value(); - * // => [9, 16] - * - * wrapped.value(); - * // => [1, 4] - */ - function wrapperPlant(value) { - var result, - parent = this; - - while (parent instanceof baseLodash) { - var clone = wrapperClone(parent); - clone.__index__ = 0; - clone.__values__ = undefined; - if (result) { - previous.__wrapped__ = clone; - } else { - result = clone; - } - var previous = clone; - parent = parent.__wrapped__; - } - previous.__wrapped__ = value; - return result; - } - - /** - * This method is the wrapper version of `_.reverse`. - * - * **Note:** This method mutates the wrapped array. - * - * @name reverse - * @memberOf _ - * @since 0.1.0 - * @category Seq - * @returns {Object} Returns the new `lodash` wrapper instance. - * @example - * - * var array = [1, 2, 3]; - * - * _(array).reverse().value() - * // => [3, 2, 1] - * - * console.log(array); - * // => [3, 2, 1] - */ - function wrapperReverse() { - var value = this.__wrapped__; - if (value instanceof LazyWrapper) { - var wrapped = value; - if (this.__actions__.length) { - wrapped = new LazyWrapper(this); - } - wrapped = wrapped.reverse(); - wrapped.__actions__.push({ - func: thru, - args: [reverse], - thisArg: undefined, - }); - return new LodashWrapper(wrapped, this.__chain__); - } - return this.thru(reverse); - } - - /** - * Executes the chain sequence to resolve the unwrapped value. - * - * @name value - * @memberOf _ - * @since 0.1.0 - * @alias toJSON, valueOf - * @category Seq - * @returns {*} Returns the resolved unwrapped value. - * @example - * - * _([1, 2, 3]).value(); - * // => [1, 2, 3] - */ - function wrapperValue() { - return baseWrapperValue(this.__wrapped__, this.__actions__); - } - - /*------------------------------------------------------------------------*/ - - /** - * Creates an object composed of keys generated from the results of running - * each element of `collection` thru `iteratee`. The corresponding value of - * each key is the number of times the key was returned by `iteratee`. The - * iteratee is invoked with one argument: (value). - * - * @static - * @memberOf _ - * @since 0.5.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The iteratee to transform keys. - * @returns {Object} Returns the composed aggregate object. - * @example - * - * _.countBy([6.1, 4.2, 6.3], Math.floor); - * // => { '4': 1, '6': 2 } - * - * // The `_.property` iteratee shorthand. - * _.countBy(['one', 'two', 'three'], 'length'); - * // => { '3': 2, '5': 1 } - */ - var countBy = createAggregator(function (result, value, key) { - if (hasOwnProperty.call(result, key)) { - ++result[key]; - } else { - baseAssignValue(result, key, 1); - } - }); - - /** - * Checks if `predicate` returns truthy for **all** elements of `collection`. - * Iteration is stopped once `predicate` returns falsey. The predicate is - * invoked with three arguments: (value, index|key, collection). - * - * **Note:** This method returns `true` for - * [empty collections](https://en.wikipedia.org/wiki/Empty_set) because - * [everything is true](https://en.wikipedia.org/wiki/Vacuous_truth) of - * elements of empty collections. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {boolean} Returns `true` if all elements pass the predicate check, - * else `false`. - * @example - * - * _.every([true, 1, null, 'yes'], Boolean); - * // => false - * - * var users = [ - * { 'user': 'barney', 'age': 36, 'active': false }, - * { 'user': 'fred', 'age': 40, 'active': false } - * ]; - * - * // The `_.matches` iteratee shorthand. - * _.every(users, { 'user': 'barney', 'active': false }); - * // => false - * - * // The `_.matchesProperty` iteratee shorthand. - * _.every(users, ['active', false]); - * // => true - * - * // The `_.property` iteratee shorthand. - * _.every(users, 'active'); - * // => false - */ - function every(collection, predicate, guard) { - var func = isArray(collection) ? arrayEvery : baseEvery; - if (guard && isIterateeCall(collection, predicate, guard)) { - predicate = undefined; - } - return func(collection, getIteratee(predicate, 3)); - } - - /** - * Iterates over elements of `collection`, returning an array of all elements - * `predicate` returns truthy for. The predicate is invoked with three - * arguments: (value, index|key, collection). - * - * **Note:** Unlike `_.remove`, this method returns a new array. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @returns {Array} Returns the new filtered array. - * @see _.reject - * @example - * - * var users = [ - * { 'user': 'barney', 'age': 36, 'active': true }, - * { 'user': 'fred', 'age': 40, 'active': false } - * ]; - * - * _.filter(users, function(o) { return !o.active; }); - * // => objects for ['fred'] - * - * // The `_.matches` iteratee shorthand. - * _.filter(users, { 'age': 36, 'active': true }); - * // => objects for ['barney'] - * - * // The `_.matchesProperty` iteratee shorthand. - * _.filter(users, ['active', false]); - * // => objects for ['fred'] - * - * // The `_.property` iteratee shorthand. - * _.filter(users, 'active'); - * // => objects for ['barney'] - */ - function filter(collection, predicate) { - var func = isArray(collection) ? arrayFilter : baseFilter; - return func(collection, getIteratee(predicate, 3)); - } - - /** - * Iterates over elements of `collection`, returning the first element - * `predicate` returns truthy for. The predicate is invoked with three - * arguments: (value, index|key, collection). - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to inspect. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @param {number} [fromIndex=0] The index to search from. - * @returns {*} Returns the matched element, else `undefined`. - * @example - * - * var users = [ - * { 'user': 'barney', 'age': 36, 'active': true }, - * { 'user': 'fred', 'age': 40, 'active': false }, - * { 'user': 'pebbles', 'age': 1, 'active': true } - * ]; - * - * _.find(users, function(o) { return o.age < 40; }); - * // => object for 'barney' - * - * // The `_.matches` iteratee shorthand. - * _.find(users, { 'age': 1, 'active': true }); - * // => object for 'pebbles' - * - * // The `_.matchesProperty` iteratee shorthand. - * _.find(users, ['active', false]); - * // => object for 'fred' - * - * // The `_.property` iteratee shorthand. - * _.find(users, 'active'); - * // => object for 'barney' - */ - var find = createFind(findIndex); - - /** - * This method is like `_.find` except that it iterates over elements of - * `collection` from right to left. - * - * @static - * @memberOf _ - * @since 2.0.0 - * @category Collection - * @param {Array|Object} collection The collection to inspect. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @param {number} [fromIndex=collection.length-1] The index to search from. - * @returns {*} Returns the matched element, else `undefined`. - * @example - * - * _.findLast([1, 2, 3, 4], function(n) { - * return n % 2 == 1; - * }); - * // => 3 - */ - var findLast = createFind(findLastIndex); - - /** - * Creates a flattened array of values by running each element in `collection` - * thru `iteratee` and flattening the mapped results. The iteratee is invoked - * with three arguments: (value, index|key, collection). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Array} Returns the new flattened array. - * @example - * - * function duplicate(n) { - * return [n, n]; - * } - * - * _.flatMap([1, 2], duplicate); - * // => [1, 1, 2, 2] - */ - function flatMap(collection, iteratee) { - return baseFlatten(map(collection, iteratee), 1); - } - - /** - * This method is like `_.flatMap` except that it recursively flattens the - * mapped results. - * - * @static - * @memberOf _ - * @since 4.7.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Array} Returns the new flattened array. - * @example - * - * function duplicate(n) { - * return [[[n, n]]]; - * } - * - * _.flatMapDeep([1, 2], duplicate); - * // => [1, 1, 2, 2] - */ - function flatMapDeep(collection, iteratee) { - return baseFlatten(map(collection, iteratee), INFINITY); - } - - /** - * This method is like `_.flatMap` except that it recursively flattens the - * mapped results up to `depth` times. - * - * @static - * @memberOf _ - * @since 4.7.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @param {number} [depth=1] The maximum recursion depth. - * @returns {Array} Returns the new flattened array. - * @example - * - * function duplicate(n) { - * return [[[n, n]]]; - * } - * - * _.flatMapDepth([1, 2], duplicate, 2); - * // => [[1, 1], [2, 2]] - */ - function flatMapDepth(collection, iteratee, depth) { - depth = depth === undefined ? 1 : toInteger(depth); - return baseFlatten(map(collection, iteratee), depth); - } - - /** - * Iterates over elements of `collection` and invokes `iteratee` for each element. - * The iteratee is invoked with three arguments: (value, index|key, collection). - * Iteratee functions may exit iteration early by explicitly returning `false`. - * - * **Note:** As with other "Collections" methods, objects with a "length" - * property are iterated like arrays. To avoid this behavior use `_.forIn` - * or `_.forOwn` for object iteration. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @alias each - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Array|Object} Returns `collection`. - * @see _.forEachRight - * @example - * - * _.forEach([1, 2], function(value) { - * console.log(value); - * }); - * // => Logs `1` then `2`. - * - * _.forEach({ 'a': 1, 'b': 2 }, function(value, key) { - * console.log(key); - * }); - * // => Logs 'a' then 'b' (iteration order is not guaranteed). - */ - function forEach(collection, iteratee) { - var func = isArray(collection) ? arrayEach : baseEach; - return func(collection, getIteratee(iteratee, 3)); - } - - /** - * This method is like `_.forEach` except that it iterates over elements of - * `collection` from right to left. - * - * @static - * @memberOf _ - * @since 2.0.0 - * @alias eachRight - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Array|Object} Returns `collection`. - * @see _.forEach - * @example - * - * _.forEachRight([1, 2], function(value) { - * console.log(value); - * }); - * // => Logs `2` then `1`. - */ - function forEachRight(collection, iteratee) { - var func = isArray(collection) ? arrayEachRight : baseEachRight; - return func(collection, getIteratee(iteratee, 3)); - } - - /** - * Creates an object composed of keys generated from the results of running - * each element of `collection` thru `iteratee`. The order of grouped values - * is determined by the order they occur in `collection`. The corresponding - * value of each key is an array of elements responsible for generating the - * key. The iteratee is invoked with one argument: (value). - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The iteratee to transform keys. - * @returns {Object} Returns the composed aggregate object. - * @example - * - * _.groupBy([6.1, 4.2, 6.3], Math.floor); - * // => { '4': [4.2], '6': [6.1, 6.3] } - * - * // The `_.property` iteratee shorthand. - * _.groupBy(['one', 'two', 'three'], 'length'); - * // => { '3': ['one', 'two'], '5': ['three'] } - */ - var groupBy = createAggregator(function (result, value, key) { - if (hasOwnProperty.call(result, key)) { - result[key].push(value); - } else { - baseAssignValue(result, key, [value]); - } - }); - - /** - * Checks if `value` is in `collection`. If `collection` is a string, it's - * checked for a substring of `value`, otherwise - * [`SameValueZero`](http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero) - * is used for equality comparisons. If `fromIndex` is negative, it's used as - * the offset from the end of `collection`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object|string} collection The collection to inspect. - * @param {*} value The value to search for. - * @param {number} [fromIndex=0] The index to search from. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.reduce`. - * @returns {boolean} Returns `true` if `value` is found, else `false`. - * @example - * - * _.includes([1, 2, 3], 1); - * // => true - * - * _.includes([1, 2, 3], 1, 2); - * // => false - * - * _.includes({ 'a': 1, 'b': 2 }, 1); - * // => true - * - * _.includes('abcd', 'bc'); - * // => true - */ - function includes(collection, value, fromIndex, guard) { - collection = isArrayLike(collection) ? collection : values(collection); - fromIndex = fromIndex && !guard ? toInteger(fromIndex) : 0; - - var length = collection.length; - if (fromIndex < 0) { - fromIndex = nativeMax(length + fromIndex, 0); - } - return isString(collection) - ? fromIndex <= length && collection.indexOf(value, fromIndex) > -1 - : !!length && baseIndexOf(collection, value, fromIndex) > -1; - } - - /** - * Invokes the method at `path` of each element in `collection`, returning - * an array of the results of each invoked method. Any additional arguments - * are provided to each invoked method. If `path` is a function, it's invoked - * for, and `this` bound to, each element in `collection`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Array|Function|string} path The path of the method to invoke or - * the function invoked per iteration. - * @param {...*} [args] The arguments to invoke each method with. - * @returns {Array} Returns the array of results. - * @example - * - * _.invokeMap([[5, 1, 7], [3, 2, 1]], 'sort'); - * // => [[1, 5, 7], [1, 2, 3]] - * - * _.invokeMap([123, 456], String.prototype.split, ''); - * // => [['1', '2', '3'], ['4', '5', '6']] - */ - var invokeMap = baseRest(function (collection, path, args) { - var index = -1, - isFunc = typeof path == 'function', - result = isArrayLike(collection) ? Array(collection.length) : []; - - baseEach(collection, function (value) { - result[++index] = isFunc ? apply(path, value, args) : baseInvoke(value, path, args); - }); - return result; - }); - - /** - * Creates an object composed of keys generated from the results of running - * each element of `collection` thru `iteratee`. The corresponding value of - * each key is the last element responsible for generating the key. The - * iteratee is invoked with one argument: (value). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The iteratee to transform keys. - * @returns {Object} Returns the composed aggregate object. - * @example - * - * var array = [ - * { 'dir': 'left', 'code': 97 }, - * { 'dir': 'right', 'code': 100 } - * ]; - * - * _.keyBy(array, function(o) { - * return String.fromCharCode(o.code); - * }); - * // => { 'a': { 'dir': 'left', 'code': 97 }, 'd': { 'dir': 'right', 'code': 100 } } - * - * _.keyBy(array, 'dir'); - * // => { 'left': { 'dir': 'left', 'code': 97 }, 'right': { 'dir': 'right', 'code': 100 } } - */ - var keyBy = createAggregator(function (result, value, key) { - baseAssignValue(result, key, value); - }); - - /** - * Creates an array of values by running each element in `collection` thru - * `iteratee`. The iteratee is invoked with three arguments: - * (value, index|key, collection). - * - * Many lodash methods are guarded to work as iteratees for methods like - * `_.every`, `_.filter`, `_.map`, `_.mapValues`, `_.reject`, and `_.some`. - * - * The guarded methods are: - * `ary`, `chunk`, `curry`, `curryRight`, `drop`, `dropRight`, `every`, - * `fill`, `invert`, `parseInt`, `random`, `range`, `rangeRight`, `repeat`, - * `sampleSize`, `slice`, `some`, `sortBy`, `split`, `take`, `takeRight`, - * `template`, `trim`, `trimEnd`, `trimStart`, and `words` - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Array} Returns the new mapped array. - * @example - * - * function square(n) { - * return n * n; - * } - * - * _.map([4, 8], square); - * // => [16, 64] - * - * _.map({ 'a': 4, 'b': 8 }, square); - * // => [16, 64] (iteration order is not guaranteed) - * - * var users = [ - * { 'user': 'barney' }, - * { 'user': 'fred' } - * ]; - * - * // The `_.property` iteratee shorthand. - * _.map(users, 'user'); - * // => ['barney', 'fred'] - */ - function map(collection, iteratee) { - var func = isArray(collection) ? arrayMap : baseMap; - return func(collection, getIteratee(iteratee, 3)); - } - - /** - * This method is like `_.sortBy` except that it allows specifying the sort - * orders of the iteratees to sort by. If `orders` is unspecified, all values - * are sorted in ascending order. Otherwise, specify an order of "desc" for - * descending or "asc" for ascending sort order of corresponding values. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Array[]|Function[]|Object[]|string[]} [iteratees=[_.identity]] - * The iteratees to sort by. - * @param {string[]} [orders] The sort orders of `iteratees`. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.reduce`. - * @returns {Array} Returns the new sorted array. - * @example - * - * var users = [ - * { 'user': 'fred', 'age': 48 }, - * { 'user': 'barney', 'age': 34 }, - * { 'user': 'fred', 'age': 40 }, - * { 'user': 'barney', 'age': 36 } - * ]; - * - * // Sort by `user` in ascending order and by `age` in descending order. - * _.orderBy(users, ['user', 'age'], ['asc', 'desc']); - * // => objects for [['barney', 36], ['barney', 34], ['fred', 48], ['fred', 40]] - */ - function orderBy(collection, iteratees, orders, guard) { - if (collection == null) { - return []; - } - if (!isArray(iteratees)) { - iteratees = iteratees == null ? [] : [iteratees]; - } - orders = guard ? undefined : orders; - if (!isArray(orders)) { - orders = orders == null ? [] : [orders]; - } - return baseOrderBy(collection, iteratees, orders); - } - - /** - * Creates an array of elements split into two groups, the first of which - * contains elements `predicate` returns truthy for, the second of which - * contains elements `predicate` returns falsey for. The predicate is - * invoked with one argument: (value). - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @returns {Array} Returns the array of grouped elements. - * @example - * - * var users = [ - * { 'user': 'barney', 'age': 36, 'active': false }, - * { 'user': 'fred', 'age': 40, 'active': true }, - * { 'user': 'pebbles', 'age': 1, 'active': false } - * ]; - * - * _.partition(users, function(o) { return o.active; }); - * // => objects for [['fred'], ['barney', 'pebbles']] - * - * // The `_.matches` iteratee shorthand. - * _.partition(users, { 'age': 1, 'active': false }); - * // => objects for [['pebbles'], ['barney', 'fred']] - * - * // The `_.matchesProperty` iteratee shorthand. - * _.partition(users, ['active', false]); - * // => objects for [['barney', 'pebbles'], ['fred']] - * - * // The `_.property` iteratee shorthand. - * _.partition(users, 'active'); - * // => objects for [['fred'], ['barney', 'pebbles']] - */ - var partition = createAggregator( - function (result, value, key) { - result[key ? 0 : 1].push(value); - }, - function () { - return [[], []]; - } - ); - - /** - * Reduces `collection` to a value which is the accumulated result of running - * each element in `collection` thru `iteratee`, where each successive - * invocation is supplied the return value of the previous. If `accumulator` - * is not given, the first element of `collection` is used as the initial - * value. The iteratee is invoked with four arguments: - * (accumulator, value, index|key, collection). - * - * Many lodash methods are guarded to work as iteratees for methods like - * `_.reduce`, `_.reduceRight`, and `_.transform`. - * - * The guarded methods are: - * `assign`, `defaults`, `defaultsDeep`, `includes`, `merge`, `orderBy`, - * and `sortBy` - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @param {*} [accumulator] The initial value. - * @returns {*} Returns the accumulated value. - * @see _.reduceRight - * @example - * - * _.reduce([1, 2], function(sum, n) { - * return sum + n; - * }, 0); - * // => 3 - * - * _.reduce({ 'a': 1, 'b': 2, 'c': 1 }, function(result, value, key) { - * (result[value] || (result[value] = [])).push(key); - * return result; - * }, {}); - * // => { '1': ['a', 'c'], '2': ['b'] } (iteration order is not guaranteed) - */ - function reduce(collection, iteratee, accumulator) { - var func = isArray(collection) ? arrayReduce : baseReduce, - initAccum = arguments.length < 3; - - return func(collection, getIteratee(iteratee, 4), accumulator, initAccum, baseEach); - } - - /** - * This method is like `_.reduce` except that it iterates over elements of - * `collection` from right to left. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @param {*} [accumulator] The initial value. - * @returns {*} Returns the accumulated value. - * @see _.reduce - * @example - * - * var array = [[0, 1], [2, 3], [4, 5]]; - * - * _.reduceRight(array, function(flattened, other) { - * return flattened.concat(other); - * }, []); - * // => [4, 5, 2, 3, 0, 1] - */ - function reduceRight(collection, iteratee, accumulator) { - var func = isArray(collection) ? arrayReduceRight : baseReduce, - initAccum = arguments.length < 3; - - return func(collection, getIteratee(iteratee, 4), accumulator, initAccum, baseEachRight); - } - - /** - * The opposite of `_.filter`; this method returns the elements of `collection` - * that `predicate` does **not** return truthy for. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @returns {Array} Returns the new filtered array. - * @see _.filter - * @example - * - * var users = [ - * { 'user': 'barney', 'age': 36, 'active': false }, - * { 'user': 'fred', 'age': 40, 'active': true } - * ]; - * - * _.reject(users, function(o) { return !o.active; }); - * // => objects for ['fred'] - * - * // The `_.matches` iteratee shorthand. - * _.reject(users, { 'age': 40, 'active': true }); - * // => objects for ['barney'] - * - * // The `_.matchesProperty` iteratee shorthand. - * _.reject(users, ['active', false]); - * // => objects for ['fred'] - * - * // The `_.property` iteratee shorthand. - * _.reject(users, 'active'); - * // => objects for ['barney'] - */ - function reject(collection, predicate) { - var func = isArray(collection) ? arrayFilter : baseFilter; - return func(collection, negate(getIteratee(predicate, 3))); - } - - /** - * Gets a random element from `collection`. - * - * @static - * @memberOf _ - * @since 2.0.0 - * @category Collection - * @param {Array|Object} collection The collection to sample. - * @returns {*} Returns the random element. - * @example - * - * _.sample([1, 2, 3, 4]); - * // => 2 - */ - function sample(collection) { - var func = isArray(collection) ? arraySample : baseSample; - return func(collection); - } - - /** - * Gets `n` random elements at unique keys from `collection` up to the - * size of `collection`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Collection - * @param {Array|Object} collection The collection to sample. - * @param {number} [n=1] The number of elements to sample. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {Array} Returns the random elements. - * @example - * - * _.sampleSize([1, 2, 3], 2); - * // => [3, 1] - * - * _.sampleSize([1, 2, 3], 4); - * // => [2, 3, 1] - */ - function sampleSize(collection, n, guard) { - if (guard ? isIterateeCall(collection, n, guard) : n === undefined) { - n = 1; - } else { - n = toInteger(n); - } - var func = isArray(collection) ? arraySampleSize : baseSampleSize; - return func(collection, n); - } - - /** - * Creates an array of shuffled values, using a version of the - * [Fisher-Yates shuffle](https://en.wikipedia.org/wiki/Fisher-Yates_shuffle). - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to shuffle. - * @returns {Array} Returns the new shuffled array. - * @example - * - * _.shuffle([1, 2, 3, 4]); - * // => [4, 1, 3, 2] - */ - function shuffle(collection) { - var func = isArray(collection) ? arrayShuffle : baseShuffle; - return func(collection); - } - - /** - * Gets the size of `collection` by returning its length for array-like - * values or the number of own enumerable string keyed properties for objects. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object|string} collection The collection to inspect. - * @returns {number} Returns the collection size. - * @example - * - * _.size([1, 2, 3]); - * // => 3 - * - * _.size({ 'a': 1, 'b': 2 }); - * // => 2 - * - * _.size('pebbles'); - * // => 7 - */ - function size(collection) { - if (collection == null) { - return 0; - } - if (isArrayLike(collection)) { - return isString(collection) ? stringSize(collection) : collection.length; - } - var tag = getTag(collection); - if (tag == mapTag || tag == setTag) { - return collection.size; - } - return baseKeys(collection).length; - } - - /** - * Checks if `predicate` returns truthy for **any** element of `collection`. - * Iteration is stopped once `predicate` returns truthy. The predicate is - * invoked with three arguments: (value, index|key, collection). - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {boolean} Returns `true` if any element passes the predicate check, - * else `false`. - * @example - * - * _.some([null, 0, 'yes', false], Boolean); - * // => true - * - * var users = [ - * { 'user': 'barney', 'active': true }, - * { 'user': 'fred', 'active': false } - * ]; - * - * // The `_.matches` iteratee shorthand. - * _.some(users, { 'user': 'barney', 'active': false }); - * // => false - * - * // The `_.matchesProperty` iteratee shorthand. - * _.some(users, ['active', false]); - * // => true - * - * // The `_.property` iteratee shorthand. - * _.some(users, 'active'); - * // => true - */ - function some(collection, predicate, guard) { - var func = isArray(collection) ? arraySome : baseSome; - if (guard && isIterateeCall(collection, predicate, guard)) { - predicate = undefined; - } - return func(collection, getIteratee(predicate, 3)); - } - - /** - * Creates an array of elements, sorted in ascending order by the results of - * running each element in a collection thru each iteratee. This method - * performs a stable sort, that is, it preserves the original sort order of - * equal elements. The iteratees are invoked with one argument: (value). - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Collection - * @param {Array|Object} collection The collection to iterate over. - * @param {...(Function|Function[])} [iteratees=[_.identity]] - * The iteratees to sort by. - * @returns {Array} Returns the new sorted array. - * @example - * - * var users = [ - * { 'user': 'fred', 'age': 48 }, - * { 'user': 'barney', 'age': 36 }, - * { 'user': 'fred', 'age': 40 }, - * { 'user': 'barney', 'age': 34 } - * ]; - * - * _.sortBy(users, [function(o) { return o.user; }]); - * // => objects for [['barney', 36], ['barney', 34], ['fred', 48], ['fred', 40]] - * - * _.sortBy(users, ['user', 'age']); - * // => objects for [['barney', 34], ['barney', 36], ['fred', 40], ['fred', 48]] - */ - var sortBy = baseRest(function (collection, iteratees) { - if (collection == null) { - return []; - } - var length = iteratees.length; - if (length > 1 && isIterateeCall(collection, iteratees[0], iteratees[1])) { - iteratees = []; - } else if (length > 2 && isIterateeCall(iteratees[0], iteratees[1], iteratees[2])) { - iteratees = [iteratees[0]]; - } - return baseOrderBy(collection, baseFlatten(iteratees, 1), []); - }); - - /*------------------------------------------------------------------------*/ - - /** - * Gets the timestamp of the number of milliseconds that have elapsed since - * the Unix epoch (1 January 1970 00:00:00 UTC). - * - * @static - * @memberOf _ - * @since 2.4.0 - * @category Date - * @returns {number} Returns the timestamp. - * @example - * - * _.defer(function(stamp) { - * console.log(_.now() - stamp); - * }, _.now()); - * // => Logs the number of milliseconds it took for the deferred invocation. - */ - var now = - ctxNow || - function () { - return root.Date.now(); - }; - - /*------------------------------------------------------------------------*/ - - /** - * The opposite of `_.before`; this method creates a function that invokes - * `func` once it's called `n` or more times. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Function - * @param {number} n The number of calls before `func` is invoked. - * @param {Function} func The function to restrict. - * @returns {Function} Returns the new restricted function. - * @example - * - * var saves = ['profile', 'settings']; - * - * var done = _.after(saves.length, function() { - * console.log('done saving!'); - * }); - * - * _.forEach(saves, function(type) { - * asyncSave({ 'type': type, 'complete': done }); - * }); - * // => Logs 'done saving!' after the two async saves have completed. - */ - function after(n, func) { - if (typeof func != 'function') { - throw new TypeError(FUNC_ERROR_TEXT); - } - n = toInteger(n); - return function () { - if (--n < 1) { - return func.apply(this, arguments); - } - }; - } - - /** - * Creates a function that invokes `func`, with up to `n` arguments, - * ignoring any additional arguments. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Function - * @param {Function} func The function to cap arguments for. - * @param {number} [n=func.length] The arity cap. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {Function} Returns the new capped function. - * @example - * - * _.map(['6', '8', '10'], _.ary(parseInt, 1)); - * // => [6, 8, 10] - */ - function ary(func, n, guard) { - n = guard ? undefined : n; - n = func && n == null ? func.length : n; - return createWrap(func, WRAP_ARY_FLAG, undefined, undefined, undefined, undefined, n); - } - - /** - * Creates a function that invokes `func`, with the `this` binding and arguments - * of the created function, while it's called less than `n` times. Subsequent - * calls to the created function return the result of the last `func` invocation. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Function - * @param {number} n The number of calls at which `func` is no longer invoked. - * @param {Function} func The function to restrict. - * @returns {Function} Returns the new restricted function. - * @example - * - * jQuery(element).on('click', _.before(5, addContactToList)); - * // => Allows adding up to 4 contacts to the list. - */ - function before(n, func) { - var result; - if (typeof func != 'function') { - throw new TypeError(FUNC_ERROR_TEXT); - } - n = toInteger(n); - return function () { - if (--n > 0) { - result = func.apply(this, arguments); - } - if (n <= 1) { - func = undefined; - } - return result; - }; - } - - /** - * Creates a function that invokes `func` with the `this` binding of `thisArg` - * and `partials` prepended to the arguments it receives. - * - * The `_.bind.placeholder` value, which defaults to `_` in monolithic builds, - * may be used as a placeholder for partially applied arguments. - * - * **Note:** Unlike native `Function#bind`, this method doesn't set the "length" - * property of bound functions. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Function - * @param {Function} func The function to bind. - * @param {*} thisArg The `this` binding of `func`. - * @param {...*} [partials] The arguments to be partially applied. - * @returns {Function} Returns the new bound function. - * @example - * - * function greet(greeting, punctuation) { - * return greeting + ' ' + this.user + punctuation; - * } - * - * var object = { 'user': 'fred' }; - * - * var bound = _.bind(greet, object, 'hi'); - * bound('!'); - * // => 'hi fred!' - * - * // Bound with placeholders. - * var bound = _.bind(greet, object, _, '!'); - * bound('hi'); - * // => 'hi fred!' - */ - var bind = baseRest(function (func, thisArg, partials) { - var bitmask = WRAP_BIND_FLAG; - if (partials.length) { - var holders = replaceHolders(partials, getHolder(bind)); - bitmask |= WRAP_PARTIAL_FLAG; - } - return createWrap(func, bitmask, thisArg, partials, holders); - }); - - /** - * Creates a function that invokes the method at `object[key]` with `partials` - * prepended to the arguments it receives. - * - * This method differs from `_.bind` by allowing bound functions to reference - * methods that may be redefined or don't yet exist. See - * [Peter Michaux's article](http://peter.michaux.ca/articles/lazy-function-definition-pattern) - * for more details. - * - * The `_.bindKey.placeholder` value, which defaults to `_` in monolithic - * builds, may be used as a placeholder for partially applied arguments. - * - * @static - * @memberOf _ - * @since 0.10.0 - * @category Function - * @param {Object} object The object to invoke the method on. - * @param {string} key The key of the method. - * @param {...*} [partials] The arguments to be partially applied. - * @returns {Function} Returns the new bound function. - * @example - * - * var object = { - * 'user': 'fred', - * 'greet': function(greeting, punctuation) { - * return greeting + ' ' + this.user + punctuation; - * } - * }; - * - * var bound = _.bindKey(object, 'greet', 'hi'); - * bound('!'); - * // => 'hi fred!' - * - * object.greet = function(greeting, punctuation) { - * return greeting + 'ya ' + this.user + punctuation; - * }; - * - * bound('!'); - * // => 'hiya fred!' - * - * // Bound with placeholders. - * var bound = _.bindKey(object, 'greet', _, '!'); - * bound('hi'); - * // => 'hiya fred!' - */ - var bindKey = baseRest(function (object, key, partials) { - var bitmask = WRAP_BIND_FLAG | WRAP_BIND_KEY_FLAG; - if (partials.length) { - var holders = replaceHolders(partials, getHolder(bindKey)); - bitmask |= WRAP_PARTIAL_FLAG; - } - return createWrap(key, bitmask, object, partials, holders); - }); - - /** - * Creates a function that accepts arguments of `func` and either invokes - * `func` returning its result, if at least `arity` number of arguments have - * been provided, or returns a function that accepts the remaining `func` - * arguments, and so on. The arity of `func` may be specified if `func.length` - * is not sufficient. - * - * The `_.curry.placeholder` value, which defaults to `_` in monolithic builds, - * may be used as a placeholder for provided arguments. - * - * **Note:** This method doesn't set the "length" property of curried functions. - * - * @static - * @memberOf _ - * @since 2.0.0 - * @category Function - * @param {Function} func The function to curry. - * @param {number} [arity=func.length] The arity of `func`. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {Function} Returns the new curried function. - * @example - * - * var abc = function(a, b, c) { - * return [a, b, c]; - * }; - * - * var curried = _.curry(abc); - * - * curried(1)(2)(3); - * // => [1, 2, 3] - * - * curried(1, 2)(3); - * // => [1, 2, 3] - * - * curried(1, 2, 3); - * // => [1, 2, 3] - * - * // Curried with placeholders. - * curried(1)(_, 3)(2); - * // => [1, 2, 3] - */ - function curry(func, arity, guard) { - arity = guard ? undefined : arity; - var result = createWrap( - func, - WRAP_CURRY_FLAG, - undefined, - undefined, - undefined, - undefined, - undefined, - arity - ); - result.placeholder = curry.placeholder; - return result; - } - - /** - * This method is like `_.curry` except that arguments are applied to `func` - * in the manner of `_.partialRight` instead of `_.partial`. - * - * The `_.curryRight.placeholder` value, which defaults to `_` in monolithic - * builds, may be used as a placeholder for provided arguments. - * - * **Note:** This method doesn't set the "length" property of curried functions. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Function - * @param {Function} func The function to curry. - * @param {number} [arity=func.length] The arity of `func`. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {Function} Returns the new curried function. - * @example - * - * var abc = function(a, b, c) { - * return [a, b, c]; - * }; - * - * var curried = _.curryRight(abc); - * - * curried(3)(2)(1); - * // => [1, 2, 3] - * - * curried(2, 3)(1); - * // => [1, 2, 3] - * - * curried(1, 2, 3); - * // => [1, 2, 3] - * - * // Curried with placeholders. - * curried(3)(1, _)(2); - * // => [1, 2, 3] - */ - function curryRight(func, arity, guard) { - arity = guard ? undefined : arity; - var result = createWrap( - func, - WRAP_CURRY_RIGHT_FLAG, - undefined, - undefined, - undefined, - undefined, - undefined, - arity - ); - result.placeholder = curryRight.placeholder; - return result; - } - - /** - * Creates a debounced function that delays invoking `func` until after `wait` - * milliseconds have elapsed since the last time the debounced function was - * invoked. The debounced function comes with a `cancel` method to cancel - * delayed `func` invocations and a `flush` method to immediately invoke them. - * Provide `options` to indicate whether `func` should be invoked on the - * leading and/or trailing edge of the `wait` timeout. The `func` is invoked - * with the last arguments provided to the debounced function. Subsequent - * calls to the debounced function return the result of the last `func` - * invocation. - * - * **Note:** If `leading` and `trailing` options are `true`, `func` is - * invoked on the trailing edge of the timeout only if the debounced function - * is invoked more than once during the `wait` timeout. - * - * If `wait` is `0` and `leading` is `false`, `func` invocation is deferred - * until to the next tick, similar to `setTimeout` with a timeout of `0`. - * - * See [David Corbacho's article](https://css-tricks.com/debouncing-throttling-explained-examples/) - * for details over the differences between `_.debounce` and `_.throttle`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Function - * @param {Function} func The function to debounce. - * @param {number} [wait=0] The number of milliseconds to delay. - * @param {Object} [options={}] The options object. - * @param {boolean} [options.leading=false] - * Specify invoking on the leading edge of the timeout. - * @param {number} [options.maxWait] - * The maximum time `func` is allowed to be delayed before it's invoked. - * @param {boolean} [options.trailing=true] - * Specify invoking on the trailing edge of the timeout. - * @returns {Function} Returns the new debounced function. - * @example - * - * // Avoid costly calculations while the window size is in flux. - * jQuery(window).on('resize', _.debounce(calculateLayout, 150)); - * - * // Invoke `sendMail` when clicked, debouncing subsequent calls. - * jQuery(element).on('click', _.debounce(sendMail, 300, { - * 'leading': true, - * 'trailing': false - * })); - * - * // Ensure `batchLog` is invoked once after 1 second of debounced calls. - * var debounced = _.debounce(batchLog, 250, { 'maxWait': 1000 }); - * var source = new EventSource('/stream'); - * jQuery(source).on('message', debounced); - * - * // Cancel the trailing debounced invocation. - * jQuery(window).on('popstate', debounced.cancel); - */ - function debounce(func, wait, options) { - var lastArgs, - lastThis, - maxWait, - result, - timerId, - lastCallTime, - lastInvokeTime = 0, - leading = false, - maxing = false, - trailing = true; - - if (typeof func != 'function') { - throw new TypeError(FUNC_ERROR_TEXT); - } - wait = toNumber(wait) || 0; - if (isObject(options)) { - leading = !!options.leading; - maxing = 'maxWait' in options; - maxWait = maxing ? nativeMax(toNumber(options.maxWait) || 0, wait) : maxWait; - trailing = 'trailing' in options ? !!options.trailing : trailing; - } - - function invokeFunc(time) { - var args = lastArgs, - thisArg = lastThis; - - lastArgs = lastThis = undefined; - lastInvokeTime = time; - result = func.apply(thisArg, args); - return result; - } - - function leadingEdge(time) { - // Reset any `maxWait` timer. - lastInvokeTime = time; - // Start the timer for the trailing edge. - timerId = setTimeout(timerExpired, wait); - // Invoke the leading edge. - return leading ? invokeFunc(time) : result; - } - - function remainingWait(time) { - var timeSinceLastCall = time - lastCallTime, - timeSinceLastInvoke = time - lastInvokeTime, - timeWaiting = wait - timeSinceLastCall; - - return maxing ? nativeMin(timeWaiting, maxWait - timeSinceLastInvoke) : timeWaiting; - } - - function shouldInvoke(time) { - var timeSinceLastCall = time - lastCallTime, - timeSinceLastInvoke = time - lastInvokeTime; - - // Either this is the first call, activity has stopped and we're at the - // trailing edge, the system time has gone backwards and we're treating - // it as the trailing edge, or we've hit the `maxWait` limit. - return ( - lastCallTime === undefined || - timeSinceLastCall >= wait || - timeSinceLastCall < 0 || - (maxing && timeSinceLastInvoke >= maxWait) - ); - } - - function timerExpired() { - var time = now(); - if (shouldInvoke(time)) { - return trailingEdge(time); - } - // Restart the timer. - timerId = setTimeout(timerExpired, remainingWait(time)); - } - - function trailingEdge(time) { - timerId = undefined; - - // Only invoke if we have `lastArgs` which means `func` has been - // debounced at least once. - if (trailing && lastArgs) { - return invokeFunc(time); - } - lastArgs = lastThis = undefined; - return result; - } - - function cancel() { - if (timerId !== undefined) { - clearTimeout(timerId); - } - lastInvokeTime = 0; - lastArgs = lastCallTime = lastThis = timerId = undefined; - } - - function flush() { - return timerId === undefined ? result : trailingEdge(now()); - } - - function debounced() { - var time = now(), - isInvoking = shouldInvoke(time); - - lastArgs = arguments; - lastThis = this; - lastCallTime = time; - - if (isInvoking) { - if (timerId === undefined) { - return leadingEdge(lastCallTime); - } - if (maxing) { - // Handle invocations in a tight loop. - timerId = setTimeout(timerExpired, wait); - return invokeFunc(lastCallTime); - } - } - if (timerId === undefined) { - timerId = setTimeout(timerExpired, wait); - } - return result; - } - debounced.cancel = cancel; - debounced.flush = flush; - return debounced; - } - - /** - * Defers invoking the `func` until the current call stack has cleared. Any - * additional arguments are provided to `func` when it's invoked. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Function - * @param {Function} func The function to defer. - * @param {...*} [args] The arguments to invoke `func` with. - * @returns {number} Returns the timer id. - * @example - * - * _.defer(function(text) { - * console.log(text); - * }, 'deferred'); - * // => Logs 'deferred' after one millisecond. - */ - var defer = baseRest(function (func, args) { - return baseDelay(func, 1, args); - }); - - /** - * Invokes `func` after `wait` milliseconds. Any additional arguments are - * provided to `func` when it's invoked. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Function - * @param {Function} func The function to delay. - * @param {number} wait The number of milliseconds to delay invocation. - * @param {...*} [args] The arguments to invoke `func` with. - * @returns {number} Returns the timer id. - * @example - * - * _.delay(function(text) { - * console.log(text); - * }, 1000, 'later'); - * // => Logs 'later' after one second. - */ - var delay = baseRest(function (func, wait, args) { - return baseDelay(func, toNumber(wait) || 0, args); - }); - - /** - * Creates a function that invokes `func` with arguments reversed. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Function - * @param {Function} func The function to flip arguments for. - * @returns {Function} Returns the new flipped function. - * @example - * - * var flipped = _.flip(function() { - * return _.toArray(arguments); - * }); - * - * flipped('a', 'b', 'c', 'd'); - * // => ['d', 'c', 'b', 'a'] - */ - function flip(func) { - return createWrap(func, WRAP_FLIP_FLAG); - } - - /** - * Creates a function that memoizes the result of `func`. If `resolver` is - * provided, it determines the cache key for storing the result based on the - * arguments provided to the memoized function. By default, the first argument - * provided to the memoized function is used as the map cache key. The `func` - * is invoked with the `this` binding of the memoized function. - * - * **Note:** The cache is exposed as the `cache` property on the memoized - * function. Its creation may be customized by replacing the `_.memoize.Cache` - * constructor with one whose instances implement the - * [`Map`](http://ecma-international.org/ecma-262/7.0/#sec-properties-of-the-map-prototype-object) - * method interface of `clear`, `delete`, `get`, `has`, and `set`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Function - * @param {Function} func The function to have its output memoized. - * @param {Function} [resolver] The function to resolve the cache key. - * @returns {Function} Returns the new memoized function. - * @example - * - * var object = { 'a': 1, 'b': 2 }; - * var other = { 'c': 3, 'd': 4 }; - * - * var values = _.memoize(_.values); - * values(object); - * // => [1, 2] - * - * values(other); - * // => [3, 4] - * - * object.a = 2; - * values(object); - * // => [1, 2] - * - * // Modify the result cache. - * values.cache.set(object, ['a', 'b']); - * values(object); - * // => ['a', 'b'] - * - * // Replace `_.memoize.Cache`. - * _.memoize.Cache = WeakMap; - */ - function memoize(func, resolver) { - if (typeof func != 'function' || (resolver != null && typeof resolver != 'function')) { - throw new TypeError(FUNC_ERROR_TEXT); - } - var memoized = function () { - var args = arguments, - key = resolver ? resolver.apply(this, args) : args[0], - cache = memoized.cache; - - if (cache.has(key)) { - return cache.get(key); - } - var result = func.apply(this, args); - memoized.cache = cache.set(key, result) || cache; - return result; - }; - memoized.cache = new (memoize.Cache || MapCache)(); - return memoized; - } - - // Expose `MapCache`. - memoize.Cache = MapCache; - - /** - * Creates a function that negates the result of the predicate `func`. The - * `func` predicate is invoked with the `this` binding and arguments of the - * created function. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Function - * @param {Function} predicate The predicate to negate. - * @returns {Function} Returns the new negated function. - * @example - * - * function isEven(n) { - * return n % 2 == 0; - * } - * - * _.filter([1, 2, 3, 4, 5, 6], _.negate(isEven)); - * // => [1, 3, 5] - */ - function negate(predicate) { - if (typeof predicate != 'function') { - throw new TypeError(FUNC_ERROR_TEXT); - } - return function () { - var args = arguments; - switch (args.length) { - case 0: - return !predicate.call(this); - case 1: - return !predicate.call(this, args[0]); - case 2: - return !predicate.call(this, args[0], args[1]); - case 3: - return !predicate.call(this, args[0], args[1], args[2]); - } - return !predicate.apply(this, args); - }; - } - - /** - * Creates a function that is restricted to invoking `func` once. Repeat calls - * to the function return the value of the first invocation. The `func` is - * invoked with the `this` binding and arguments of the created function. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Function - * @param {Function} func The function to restrict. - * @returns {Function} Returns the new restricted function. - * @example - * - * var initialize = _.once(createApplication); - * initialize(); - * initialize(); - * // => `createApplication` is invoked once - */ - function once(func) { - return before(2, func); - } - - /** - * Creates a function that invokes `func` with its arguments transformed. - * - * @static - * @since 4.0.0 - * @memberOf _ - * @category Function - * @param {Function} func The function to wrap. - * @param {...(Function|Function[])} [transforms=[_.identity]] - * The argument transforms. - * @returns {Function} Returns the new function. - * @example - * - * function doubled(n) { - * return n * 2; - * } - * - * function square(n) { - * return n * n; - * } - * - * var func = _.overArgs(function(x, y) { - * return [x, y]; - * }, [square, doubled]); - * - * func(9, 3); - * // => [81, 6] - * - * func(10, 5); - * // => [100, 10] - */ - var overArgs = castRest(function (func, transforms) { - transforms = - transforms.length == 1 && isArray(transforms[0]) - ? arrayMap(transforms[0], baseUnary(getIteratee())) - : arrayMap(baseFlatten(transforms, 1), baseUnary(getIteratee())); - - var funcsLength = transforms.length; - return baseRest(function (args) { - var index = -1, - length = nativeMin(args.length, funcsLength); - - while (++index < length) { - args[index] = transforms[index].call(this, args[index]); - } - return apply(func, this, args); - }); - }); - - /** - * Creates a function that invokes `func` with `partials` prepended to the - * arguments it receives. This method is like `_.bind` except it does **not** - * alter the `this` binding. - * - * The `_.partial.placeholder` value, which defaults to `_` in monolithic - * builds, may be used as a placeholder for partially applied arguments. - * - * **Note:** This method doesn't set the "length" property of partially - * applied functions. - * - * @static - * @memberOf _ - * @since 0.2.0 - * @category Function - * @param {Function} func The function to partially apply arguments to. - * @param {...*} [partials] The arguments to be partially applied. - * @returns {Function} Returns the new partially applied function. - * @example - * - * function greet(greeting, name) { - * return greeting + ' ' + name; - * } - * - * var sayHelloTo = _.partial(greet, 'hello'); - * sayHelloTo('fred'); - * // => 'hello fred' - * - * // Partially applied with placeholders. - * var greetFred = _.partial(greet, _, 'fred'); - * greetFred('hi'); - * // => 'hi fred' - */ - var partial = baseRest(function (func, partials) { - var holders = replaceHolders(partials, getHolder(partial)); - return createWrap(func, WRAP_PARTIAL_FLAG, undefined, partials, holders); - }); - - /** - * This method is like `_.partial` except that partially applied arguments - * are appended to the arguments it receives. - * - * The `_.partialRight.placeholder` value, which defaults to `_` in monolithic - * builds, may be used as a placeholder for partially applied arguments. - * - * **Note:** This method doesn't set the "length" property of partially - * applied functions. - * - * @static - * @memberOf _ - * @since 1.0.0 - * @category Function - * @param {Function} func The function to partially apply arguments to. - * @param {...*} [partials] The arguments to be partially applied. - * @returns {Function} Returns the new partially applied function. - * @example - * - * function greet(greeting, name) { - * return greeting + ' ' + name; - * } - * - * var greetFred = _.partialRight(greet, 'fred'); - * greetFred('hi'); - * // => 'hi fred' - * - * // Partially applied with placeholders. - * var sayHelloTo = _.partialRight(greet, 'hello', _); - * sayHelloTo('fred'); - * // => 'hello fred' - */ - var partialRight = baseRest(function (func, partials) { - var holders = replaceHolders(partials, getHolder(partialRight)); - return createWrap(func, WRAP_PARTIAL_RIGHT_FLAG, undefined, partials, holders); - }); - - /** - * Creates a function that invokes `func` with arguments arranged according - * to the specified `indexes` where the argument value at the first index is - * provided as the first argument, the argument value at the second index is - * provided as the second argument, and so on. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Function - * @param {Function} func The function to rearrange arguments for. - * @param {...(number|number[])} indexes The arranged argument indexes. - * @returns {Function} Returns the new function. - * @example - * - * var rearged = _.rearg(function(a, b, c) { - * return [a, b, c]; - * }, [2, 0, 1]); - * - * rearged('b', 'c', 'a') - * // => ['a', 'b', 'c'] - */ - var rearg = flatRest(function (func, indexes) { - return createWrap(func, WRAP_REARG_FLAG, undefined, undefined, undefined, indexes); - }); - - /** - * Creates a function that invokes `func` with the `this` binding of the - * created function and arguments from `start` and beyond provided as - * an array. - * - * **Note:** This method is based on the - * [rest parameter](https://mdn.io/rest_parameters). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Function - * @param {Function} func The function to apply a rest parameter to. - * @param {number} [start=func.length-1] The start position of the rest parameter. - * @returns {Function} Returns the new function. - * @example - * - * var say = _.rest(function(what, names) { - * return what + ' ' + _.initial(names).join(', ') + - * (_.size(names) > 1 ? ', & ' : '') + _.last(names); - * }); - * - * say('hello', 'fred', 'barney', 'pebbles'); - * // => 'hello fred, barney, & pebbles' - */ - function rest(func, start) { - if (typeof func != 'function') { - throw new TypeError(FUNC_ERROR_TEXT); - } - start = start === undefined ? start : toInteger(start); - return baseRest(func, start); - } - - /** - * Creates a function that invokes `func` with the `this` binding of the - * create function and an array of arguments much like - * [`Function#apply`](http://www.ecma-international.org/ecma-262/7.0/#sec-function.prototype.apply). - * - * **Note:** This method is based on the - * [spread operator](https://mdn.io/spread_operator). - * - * @static - * @memberOf _ - * @since 3.2.0 - * @category Function - * @param {Function} func The function to spread arguments over. - * @param {number} [start=0] The start position of the spread. - * @returns {Function} Returns the new function. - * @example - * - * var say = _.spread(function(who, what) { - * return who + ' says ' + what; - * }); - * - * say(['fred', 'hello']); - * // => 'fred says hello' - * - * var numbers = Promise.all([ - * Promise.resolve(40), - * Promise.resolve(36) - * ]); - * - * numbers.then(_.spread(function(x, y) { - * return x + y; - * })); - * // => a Promise of 76 - */ - function spread(func, start) { - if (typeof func != 'function') { - throw new TypeError(FUNC_ERROR_TEXT); - } - start = start == null ? 0 : nativeMax(toInteger(start), 0); - return baseRest(function (args) { - var array = args[start], - otherArgs = castSlice(args, 0, start); - - if (array) { - arrayPush(otherArgs, array); - } - return apply(func, this, otherArgs); - }); - } - - /** - * Creates a throttled function that only invokes `func` at most once per - * every `wait` milliseconds. The throttled function comes with a `cancel` - * method to cancel delayed `func` invocations and a `flush` method to - * immediately invoke them. Provide `options` to indicate whether `func` - * should be invoked on the leading and/or trailing edge of the `wait` - * timeout. The `func` is invoked with the last arguments provided to the - * throttled function. Subsequent calls to the throttled function return the - * result of the last `func` invocation. - * - * **Note:** If `leading` and `trailing` options are `true`, `func` is - * invoked on the trailing edge of the timeout only if the throttled function - * is invoked more than once during the `wait` timeout. - * - * If `wait` is `0` and `leading` is `false`, `func` invocation is deferred - * until to the next tick, similar to `setTimeout` with a timeout of `0`. - * - * See [David Corbacho's article](https://css-tricks.com/debouncing-throttling-explained-examples/) - * for details over the differences between `_.throttle` and `_.debounce`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Function - * @param {Function} func The function to throttle. - * @param {number} [wait=0] The number of milliseconds to throttle invocations to. - * @param {Object} [options={}] The options object. - * @param {boolean} [options.leading=true] - * Specify invoking on the leading edge of the timeout. - * @param {boolean} [options.trailing=true] - * Specify invoking on the trailing edge of the timeout. - * @returns {Function} Returns the new throttled function. - * @example - * - * // Avoid excessively updating the position while scrolling. - * jQuery(window).on('scroll', _.throttle(updatePosition, 100)); - * - * // Invoke `renewToken` when the click event is fired, but not more than once every 5 minutes. - * var throttled = _.throttle(renewToken, 300000, { 'trailing': false }); - * jQuery(element).on('click', throttled); - * - * // Cancel the trailing throttled invocation. - * jQuery(window).on('popstate', throttled.cancel); - */ - function throttle(func, wait, options) { - var leading = true, - trailing = true; - - if (typeof func != 'function') { - throw new TypeError(FUNC_ERROR_TEXT); - } - if (isObject(options)) { - leading = 'leading' in options ? !!options.leading : leading; - trailing = 'trailing' in options ? !!options.trailing : trailing; - } - return debounce(func, wait, { - leading: leading, - maxWait: wait, - trailing: trailing, - }); - } - - /** - * Creates a function that accepts up to one argument, ignoring any - * additional arguments. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Function - * @param {Function} func The function to cap arguments for. - * @returns {Function} Returns the new capped function. - * @example - * - * _.map(['6', '8', '10'], _.unary(parseInt)); - * // => [6, 8, 10] - */ - function unary(func) { - return ary(func, 1); - } - - /** - * Creates a function that provides `value` to `wrapper` as its first - * argument. Any additional arguments provided to the function are appended - * to those provided to the `wrapper`. The wrapper is invoked with the `this` - * binding of the created function. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Function - * @param {*} value The value to wrap. - * @param {Function} [wrapper=identity] The wrapper function. - * @returns {Function} Returns the new function. - * @example - * - * var p = _.wrap(_.escape, function(func, text) { - * return '

' + func(text) + '

'; - * }); - * - * p('fred, barney, & pebbles'); - * // => '

fred, barney, & pebbles

' - */ - function wrap(value, wrapper) { - return partial(castFunction(wrapper), value); - } - - /*------------------------------------------------------------------------*/ - - /** - * Casts `value` as an array if it's not one. - * - * @static - * @memberOf _ - * @since 4.4.0 - * @category Lang - * @param {*} value The value to inspect. - * @returns {Array} Returns the cast array. - * @example - * - * _.castArray(1); - * // => [1] - * - * _.castArray({ 'a': 1 }); - * // => [{ 'a': 1 }] - * - * _.castArray('abc'); - * // => ['abc'] - * - * _.castArray(null); - * // => [null] - * - * _.castArray(undefined); - * // => [undefined] - * - * _.castArray(); - * // => [] - * - * var array = [1, 2, 3]; - * console.log(_.castArray(array) === array); - * // => true - */ - function castArray() { - if (!arguments.length) { - return []; - } - var value = arguments[0]; - return isArray(value) ? value : [value]; - } - - /** - * Creates a shallow clone of `value`. - * - * **Note:** This method is loosely based on the - * [structured clone algorithm](https://mdn.io/Structured_clone_algorithm) - * and supports cloning arrays, array buffers, booleans, date objects, maps, - * numbers, `Object` objects, regexes, sets, strings, symbols, and typed - * arrays. The own enumerable properties of `arguments` objects are cloned - * as plain objects. An empty object is returned for uncloneable values such - * as error objects, functions, DOM nodes, and WeakMaps. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to clone. - * @returns {*} Returns the cloned value. - * @see _.cloneDeep - * @example - * - * var objects = [{ 'a': 1 }, { 'b': 2 }]; - * - * var shallow = _.clone(objects); - * console.log(shallow[0] === objects[0]); - * // => true - */ - function clone(value) { - return baseClone(value, CLONE_SYMBOLS_FLAG); - } - - /** - * This method is like `_.clone` except that it accepts `customizer` which - * is invoked to produce the cloned value. If `customizer` returns `undefined`, - * cloning is handled by the method instead. The `customizer` is invoked with - * up to four arguments; (value [, index|key, object, stack]). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to clone. - * @param {Function} [customizer] The function to customize cloning. - * @returns {*} Returns the cloned value. - * @see _.cloneDeepWith - * @example - * - * function customizer(value) { - * if (_.isElement(value)) { - * return value.cloneNode(false); - * } - * } - * - * var el = _.cloneWith(document.body, customizer); - * - * console.log(el === document.body); - * // => false - * console.log(el.nodeName); - * // => 'BODY' - * console.log(el.childNodes.length); - * // => 0 - */ - function cloneWith(value, customizer) { - customizer = typeof customizer == 'function' ? customizer : undefined; - return baseClone(value, CLONE_SYMBOLS_FLAG, customizer); - } - - /** - * This method is like `_.clone` except that it recursively clones `value`. - * - * @static - * @memberOf _ - * @since 1.0.0 - * @category Lang - * @param {*} value The value to recursively clone. - * @returns {*} Returns the deep cloned value. - * @see _.clone - * @example - * - * var objects = [{ 'a': 1 }, { 'b': 2 }]; - * - * var deep = _.cloneDeep(objects); - * console.log(deep[0] === objects[0]); - * // => false - */ - function cloneDeep(value) { - return baseClone(value, CLONE_DEEP_FLAG | CLONE_SYMBOLS_FLAG); - } - - /** - * This method is like `_.cloneWith` except that it recursively clones `value`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to recursively clone. - * @param {Function} [customizer] The function to customize cloning. - * @returns {*} Returns the deep cloned value. - * @see _.cloneWith - * @example - * - * function customizer(value) { - * if (_.isElement(value)) { - * return value.cloneNode(true); - * } - * } - * - * var el = _.cloneDeepWith(document.body, customizer); - * - * console.log(el === document.body); - * // => false - * console.log(el.nodeName); - * // => 'BODY' - * console.log(el.childNodes.length); - * // => 20 - */ - function cloneDeepWith(value, customizer) { - customizer = typeof customizer == 'function' ? customizer : undefined; - return baseClone(value, CLONE_DEEP_FLAG | CLONE_SYMBOLS_FLAG, customizer); - } - - /** - * Checks if `object` conforms to `source` by invoking the predicate - * properties of `source` with the corresponding property values of `object`. - * - * **Note:** This method is equivalent to `_.conforms` when `source` is - * partially applied. - * - * @static - * @memberOf _ - * @since 4.14.0 - * @category Lang - * @param {Object} object The object to inspect. - * @param {Object} source The object of property predicates to conform to. - * @returns {boolean} Returns `true` if `object` conforms, else `false`. - * @example - * - * var object = { 'a': 1, 'b': 2 }; - * - * _.conformsTo(object, { 'b': function(n) { return n > 1; } }); - * // => true - * - * _.conformsTo(object, { 'b': function(n) { return n > 2; } }); - * // => false - */ - function conformsTo(object, source) { - return source == null || baseConformsTo(object, source, keys(source)); - } - - /** - * Performs a - * [`SameValueZero`](http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero) - * comparison between two values to determine if they are equivalent. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @returns {boolean} Returns `true` if the values are equivalent, else `false`. - * @example - * - * var object = { 'a': 1 }; - * var other = { 'a': 1 }; - * - * _.eq(object, object); - * // => true - * - * _.eq(object, other); - * // => false - * - * _.eq('a', 'a'); - * // => true - * - * _.eq('a', Object('a')); - * // => false - * - * _.eq(NaN, NaN); - * // => true - */ - function eq(value, other) { - return value === other || (value !== value && other !== other); - } - - /** - * Checks if `value` is greater than `other`. - * - * @static - * @memberOf _ - * @since 3.9.0 - * @category Lang - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @returns {boolean} Returns `true` if `value` is greater than `other`, - * else `false`. - * @see _.lt - * @example - * - * _.gt(3, 1); - * // => true - * - * _.gt(3, 3); - * // => false - * - * _.gt(1, 3); - * // => false - */ - var gt = createRelationalOperation(baseGt); - - /** - * Checks if `value` is greater than or equal to `other`. - * - * @static - * @memberOf _ - * @since 3.9.0 - * @category Lang - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @returns {boolean} Returns `true` if `value` is greater than or equal to - * `other`, else `false`. - * @see _.lte - * @example - * - * _.gte(3, 1); - * // => true - * - * _.gte(3, 3); - * // => true - * - * _.gte(1, 3); - * // => false - */ - var gte = createRelationalOperation(function (value, other) { - return value >= other; - }); - - /** - * Checks if `value` is likely an `arguments` object. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is an `arguments` object, - * else `false`. - * @example - * - * _.isArguments(function() { return arguments; }()); - * // => true - * - * _.isArguments([1, 2, 3]); - * // => false - */ - var isArguments = baseIsArguments( - (function () { - return arguments; - })() - ) - ? baseIsArguments - : function (value) { - return ( - isObjectLike(value) && - hasOwnProperty.call(value, 'callee') && - !propertyIsEnumerable.call(value, 'callee') - ); - }; - - /** - * Checks if `value` is classified as an `Array` object. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is an array, else `false`. - * @example - * - * _.isArray([1, 2, 3]); - * // => true - * - * _.isArray(document.body.children); - * // => false - * - * _.isArray('abc'); - * // => false - * - * _.isArray(_.noop); - * // => false - */ - var isArray = Array.isArray; - - /** - * Checks if `value` is classified as an `ArrayBuffer` object. - * - * @static - * @memberOf _ - * @since 4.3.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is an array buffer, else `false`. - * @example - * - * _.isArrayBuffer(new ArrayBuffer(2)); - * // => true - * - * _.isArrayBuffer(new Array(2)); - * // => false - */ - var isArrayBuffer = nodeIsArrayBuffer ? baseUnary(nodeIsArrayBuffer) : baseIsArrayBuffer; - - /** - * Checks if `value` is array-like. A value is considered array-like if it's - * not a function and has a `value.length` that's an integer greater than or - * equal to `0` and less than or equal to `Number.MAX_SAFE_INTEGER`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is array-like, else `false`. - * @example - * - * _.isArrayLike([1, 2, 3]); - * // => true - * - * _.isArrayLike(document.body.children); - * // => true - * - * _.isArrayLike('abc'); - * // => true - * - * _.isArrayLike(_.noop); - * // => false - */ - function isArrayLike(value) { - return value != null && isLength(value.length) && !isFunction(value); - } - - /** - * This method is like `_.isArrayLike` except that it also checks if `value` - * is an object. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is an array-like object, - * else `false`. - * @example - * - * _.isArrayLikeObject([1, 2, 3]); - * // => true - * - * _.isArrayLikeObject(document.body.children); - * // => true - * - * _.isArrayLikeObject('abc'); - * // => false - * - * _.isArrayLikeObject(_.noop); - * // => false - */ - function isArrayLikeObject(value) { - return isObjectLike(value) && isArrayLike(value); - } - - /** - * Checks if `value` is classified as a boolean primitive or object. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a boolean, else `false`. - * @example - * - * _.isBoolean(false); - * // => true - * - * _.isBoolean(null); - * // => false - */ - function isBoolean(value) { - return ( - value === true || value === false || (isObjectLike(value) && baseGetTag(value) == boolTag) - ); - } - - /** - * Checks if `value` is a buffer. - * - * @static - * @memberOf _ - * @since 4.3.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a buffer, else `false`. - * @example - * - * _.isBuffer(new Buffer(2)); - * // => true - * - * _.isBuffer(new Uint8Array(2)); - * // => false - */ - var isBuffer = nativeIsBuffer || stubFalse; - - /** - * Checks if `value` is classified as a `Date` object. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a date object, else `false`. - * @example - * - * _.isDate(new Date); - * // => true - * - * _.isDate('Mon April 23 2012'); - * // => false - */ - var isDate = nodeIsDate ? baseUnary(nodeIsDate) : baseIsDate; - - /** - * Checks if `value` is likely a DOM element. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a DOM element, else `false`. - * @example - * - * _.isElement(document.body); - * // => true - * - * _.isElement(''); - * // => false - */ - function isElement(value) { - return isObjectLike(value) && value.nodeType === 1 && !isPlainObject(value); - } - - /** - * Checks if `value` is an empty object, collection, map, or set. - * - * Objects are considered empty if they have no own enumerable string keyed - * properties. - * - * Array-like values such as `arguments` objects, arrays, buffers, strings, or - * jQuery-like collections are considered empty if they have a `length` of `0`. - * Similarly, maps and sets are considered empty if they have a `size` of `0`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is empty, else `false`. - * @example - * - * _.isEmpty(null); - * // => true - * - * _.isEmpty(true); - * // => true - * - * _.isEmpty(1); - * // => true - * - * _.isEmpty([1, 2, 3]); - * // => false - * - * _.isEmpty({ 'a': 1 }); - * // => false - */ - function isEmpty(value) { - if (value == null) { - return true; - } - if ( - isArrayLike(value) && - (isArray(value) || - typeof value == 'string' || - typeof value.splice == 'function' || - isBuffer(value) || - isTypedArray(value) || - isArguments(value)) - ) { - return !value.length; - } - var tag = getTag(value); - if (tag == mapTag || tag == setTag) { - return !value.size; - } - if (isPrototype(value)) { - return !baseKeys(value).length; - } - for (var key in value) { - if (hasOwnProperty.call(value, key)) { - return false; - } - } - return true; - } - - /** - * Performs a deep comparison between two values to determine if they are - * equivalent. - * - * **Note:** This method supports comparing arrays, array buffers, booleans, - * date objects, error objects, maps, numbers, `Object` objects, regexes, - * sets, strings, symbols, and typed arrays. `Object` objects are compared - * by their own, not inherited, enumerable properties. Functions and DOM - * nodes are compared by strict equality, i.e. `===`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @returns {boolean} Returns `true` if the values are equivalent, else `false`. - * @example - * - * var object = { 'a': 1 }; - * var other = { 'a': 1 }; - * - * _.isEqual(object, other); - * // => true - * - * object === other; - * // => false - */ - function isEqual(value, other) { - return baseIsEqual(value, other); - } - - /** - * This method is like `_.isEqual` except that it accepts `customizer` which - * is invoked to compare values. If `customizer` returns `undefined`, comparisons - * are handled by the method instead. The `customizer` is invoked with up to - * six arguments: (objValue, othValue [, index|key, object, other, stack]). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @param {Function} [customizer] The function to customize comparisons. - * @returns {boolean} Returns `true` if the values are equivalent, else `false`. - * @example - * - * function isGreeting(value) { - * return /^h(?:i|ello)$/.test(value); - * } - * - * function customizer(objValue, othValue) { - * if (isGreeting(objValue) && isGreeting(othValue)) { - * return true; - * } - * } - * - * var array = ['hello', 'goodbye']; - * var other = ['hi', 'goodbye']; - * - * _.isEqualWith(array, other, customizer); - * // => true - */ - function isEqualWith(value, other, customizer) { - customizer = typeof customizer == 'function' ? customizer : undefined; - var result = customizer ? customizer(value, other) : undefined; - return result === undefined ? baseIsEqual(value, other, undefined, customizer) : !!result; - } - - /** - * Checks if `value` is an `Error`, `EvalError`, `RangeError`, `ReferenceError`, - * `SyntaxError`, `TypeError`, or `URIError` object. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is an error object, else `false`. - * @example - * - * _.isError(new Error); - * // => true - * - * _.isError(Error); - * // => false - */ - function isError(value) { - if (!isObjectLike(value)) { - return false; - } - var tag = baseGetTag(value); - return ( - tag == errorTag || - tag == domExcTag || - (typeof value.message == 'string' && typeof value.name == 'string' && !isPlainObject(value)) - ); - } - - /** - * Checks if `value` is a finite primitive number. - * - * **Note:** This method is based on - * [`Number.isFinite`](https://mdn.io/Number/isFinite). - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a finite number, else `false`. - * @example - * - * _.isFinite(3); - * // => true - * - * _.isFinite(Number.MIN_VALUE); - * // => true - * - * _.isFinite(Infinity); - * // => false - * - * _.isFinite('3'); - * // => false - */ - function isFinite(value) { - return typeof value == 'number' && nativeIsFinite(value); - } - - /** - * Checks if `value` is classified as a `Function` object. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a function, else `false`. - * @example - * - * _.isFunction(_); - * // => true - * - * _.isFunction(/abc/); - * // => false - */ - function isFunction(value) { - if (!isObject(value)) { - return false; - } - // The use of `Object#toString` avoids issues with the `typeof` operator - // in Safari 9 which returns 'object' for typed arrays and other constructors. - var tag = baseGetTag(value); - return tag == funcTag || tag == genTag || tag == asyncTag || tag == proxyTag; - } - - /** - * Checks if `value` is an integer. - * - * **Note:** This method is based on - * [`Number.isInteger`](https://mdn.io/Number/isInteger). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is an integer, else `false`. - * @example - * - * _.isInteger(3); - * // => true - * - * _.isInteger(Number.MIN_VALUE); - * // => false - * - * _.isInteger(Infinity); - * // => false - * - * _.isInteger('3'); - * // => false - */ - function isInteger(value) { - return typeof value == 'number' && value == toInteger(value); - } - - /** - * Checks if `value` is a valid array-like length. - * - * **Note:** This method is loosely based on - * [`ToLength`](http://ecma-international.org/ecma-262/7.0/#sec-tolength). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a valid length, else `false`. - * @example - * - * _.isLength(3); - * // => true - * - * _.isLength(Number.MIN_VALUE); - * // => false - * - * _.isLength(Infinity); - * // => false - * - * _.isLength('3'); - * // => false - */ - function isLength(value) { - return typeof value == 'number' && value > -1 && value % 1 == 0 && value <= MAX_SAFE_INTEGER; - } - - /** - * Checks if `value` is the - * [language type](http://www.ecma-international.org/ecma-262/7.0/#sec-ecmascript-language-types) - * of `Object`. (e.g. arrays, functions, objects, regexes, `new Number(0)`, and `new String('')`) - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is an object, else `false`. - * @example - * - * _.isObject({}); - * // => true - * - * _.isObject([1, 2, 3]); - * // => true - * - * _.isObject(_.noop); - * // => true - * - * _.isObject(null); - * // => false - */ - function isObject(value) { - var type = typeof value; - return value != null && (type == 'object' || type == 'function'); - } - - /** - * Checks if `value` is object-like. A value is object-like if it's not `null` - * and has a `typeof` result of "object". - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is object-like, else `false`. - * @example - * - * _.isObjectLike({}); - * // => true - * - * _.isObjectLike([1, 2, 3]); - * // => true - * - * _.isObjectLike(_.noop); - * // => false - * - * _.isObjectLike(null); - * // => false - */ - function isObjectLike(value) { - return value != null && typeof value == 'object'; - } - - /** - * Checks if `value` is classified as a `Map` object. - * - * @static - * @memberOf _ - * @since 4.3.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a map, else `false`. - * @example - * - * _.isMap(new Map); - * // => true - * - * _.isMap(new WeakMap); - * // => false - */ - var isMap = nodeIsMap ? baseUnary(nodeIsMap) : baseIsMap; - - /** - * Performs a partial deep comparison between `object` and `source` to - * determine if `object` contains equivalent property values. - * - * **Note:** This method is equivalent to `_.matches` when `source` is - * partially applied. - * - * Partial comparisons will match empty array and empty object `source` - * values against any array or object value, respectively. See `_.isEqual` - * for a list of supported value comparisons. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Lang - * @param {Object} object The object to inspect. - * @param {Object} source The object of property values to match. - * @returns {boolean} Returns `true` if `object` is a match, else `false`. - * @example - * - * var object = { 'a': 1, 'b': 2 }; - * - * _.isMatch(object, { 'b': 2 }); - * // => true - * - * _.isMatch(object, { 'b': 1 }); - * // => false - */ - function isMatch(object, source) { - return object === source || baseIsMatch(object, source, getMatchData(source)); - } - - /** - * This method is like `_.isMatch` except that it accepts `customizer` which - * is invoked to compare values. If `customizer` returns `undefined`, comparisons - * are handled by the method instead. The `customizer` is invoked with five - * arguments: (objValue, srcValue, index|key, object, source). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {Object} object The object to inspect. - * @param {Object} source The object of property values to match. - * @param {Function} [customizer] The function to customize comparisons. - * @returns {boolean} Returns `true` if `object` is a match, else `false`. - * @example - * - * function isGreeting(value) { - * return /^h(?:i|ello)$/.test(value); - * } - * - * function customizer(objValue, srcValue) { - * if (isGreeting(objValue) && isGreeting(srcValue)) { - * return true; - * } - * } - * - * var object = { 'greeting': 'hello' }; - * var source = { 'greeting': 'hi' }; - * - * _.isMatchWith(object, source, customizer); - * // => true - */ - function isMatchWith(object, source, customizer) { - customizer = typeof customizer == 'function' ? customizer : undefined; - return baseIsMatch(object, source, getMatchData(source), customizer); - } - - /** - * Checks if `value` is `NaN`. - * - * **Note:** This method is based on - * [`Number.isNaN`](https://mdn.io/Number/isNaN) and is not the same as - * global [`isNaN`](https://mdn.io/isNaN) which returns `true` for - * `undefined` and other non-number values. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is `NaN`, else `false`. - * @example - * - * _.isNaN(NaN); - * // => true - * - * _.isNaN(new Number(NaN)); - * // => true - * - * isNaN(undefined); - * // => true - * - * _.isNaN(undefined); - * // => false - */ - function isNaN(value) { - // An `NaN` primitive is the only value that is not equal to itself. - // Perform the `toStringTag` check first to avoid errors with some - // ActiveX objects in IE. - return isNumber(value) && value != +value; - } - - /** - * Checks if `value` is a pristine native function. - * - * **Note:** This method can't reliably detect native functions in the presence - * of the core-js package because core-js circumvents this kind of detection. - * Despite multiple requests, the core-js maintainer has made it clear: any - * attempt to fix the detection will be obstructed. As a result, we're left - * with little choice but to throw an error. Unfortunately, this also affects - * packages, like [babel-polyfill](https://www.npmjs.com/package/babel-polyfill), - * which rely on core-js. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a native function, - * else `false`. - * @example - * - * _.isNative(Array.prototype.push); - * // => true - * - * _.isNative(_); - * // => false - */ - function isNative(value) { - if (isMaskable(value)) { - throw new Error(CORE_ERROR_TEXT); - } - return baseIsNative(value); - } - - /** - * Checks if `value` is `null`. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is `null`, else `false`. - * @example - * - * _.isNull(null); - * // => true - * - * _.isNull(void 0); - * // => false - */ - function isNull(value) { - return value === null; - } - - /** - * Checks if `value` is `null` or `undefined`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is nullish, else `false`. - * @example - * - * _.isNil(null); - * // => true - * - * _.isNil(void 0); - * // => true - * - * _.isNil(NaN); - * // => false - */ - function isNil(value) { - return value == null; - } - - /** - * Checks if `value` is classified as a `Number` primitive or object. - * - * **Note:** To exclude `Infinity`, `-Infinity`, and `NaN`, which are - * classified as numbers, use the `_.isFinite` method. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a number, else `false`. - * @example - * - * _.isNumber(3); - * // => true - * - * _.isNumber(Number.MIN_VALUE); - * // => true - * - * _.isNumber(Infinity); - * // => true - * - * _.isNumber('3'); - * // => false - */ - function isNumber(value) { - return typeof value == 'number' || (isObjectLike(value) && baseGetTag(value) == numberTag); - } - - /** - * Checks if `value` is a plain object, that is, an object created by the - * `Object` constructor or one with a `[[Prototype]]` of `null`. - * - * @static - * @memberOf _ - * @since 0.8.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a plain object, else `false`. - * @example - * - * function Foo() { - * this.a = 1; - * } - * - * _.isPlainObject(new Foo); - * // => false - * - * _.isPlainObject([1, 2, 3]); - * // => false - * - * _.isPlainObject({ 'x': 0, 'y': 0 }); - * // => true - * - * _.isPlainObject(Object.create(null)); - * // => true - */ - function isPlainObject(value) { - if (!isObjectLike(value) || baseGetTag(value) != objectTag) { - return false; - } - var proto = getPrototype(value); - if (proto === null) { - return true; - } - var Ctor = hasOwnProperty.call(proto, 'constructor') && proto.constructor; - return ( - typeof Ctor == 'function' && - Ctor instanceof Ctor && - funcToString.call(Ctor) == objectCtorString - ); - } - - /** - * Checks if `value` is classified as a `RegExp` object. - * - * @static - * @memberOf _ - * @since 0.1.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a regexp, else `false`. - * @example - * - * _.isRegExp(/abc/); - * // => true - * - * _.isRegExp('/abc/'); - * // => false - */ - var isRegExp = nodeIsRegExp ? baseUnary(nodeIsRegExp) : baseIsRegExp; - - /** - * Checks if `value` is a safe integer. An integer is safe if it's an IEEE-754 - * double precision number which isn't the result of a rounded unsafe integer. - * - * **Note:** This method is based on - * [`Number.isSafeInteger`](https://mdn.io/Number/isSafeInteger). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a safe integer, else `false`. - * @example - * - * _.isSafeInteger(3); - * // => true - * - * _.isSafeInteger(Number.MIN_VALUE); - * // => false - * - * _.isSafeInteger(Infinity); - * // => false - * - * _.isSafeInteger('3'); - * // => false - */ - function isSafeInteger(value) { - return isInteger(value) && value >= -MAX_SAFE_INTEGER && value <= MAX_SAFE_INTEGER; - } - - /** - * Checks if `value` is classified as a `Set` object. - * - * @static - * @memberOf _ - * @since 4.3.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a set, else `false`. - * @example - * - * _.isSet(new Set); - * // => true - * - * _.isSet(new WeakSet); - * // => false - */ - var isSet = nodeIsSet ? baseUnary(nodeIsSet) : baseIsSet; - - /** - * Checks if `value` is classified as a `String` primitive or object. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a string, else `false`. - * @example - * - * _.isString('abc'); - * // => true - * - * _.isString(1); - * // => false - */ - function isString(value) { - return ( - typeof value == 'string' || - (!isArray(value) && isObjectLike(value) && baseGetTag(value) == stringTag) - ); - } - - /** - * Checks if `value` is classified as a `Symbol` primitive or object. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a symbol, else `false`. - * @example - * - * _.isSymbol(Symbol.iterator); - * // => true - * - * _.isSymbol('abc'); - * // => false - */ - function isSymbol(value) { - return typeof value == 'symbol' || (isObjectLike(value) && baseGetTag(value) == symbolTag); - } - - /** - * Checks if `value` is classified as a typed array. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a typed array, else `false`. - * @example - * - * _.isTypedArray(new Uint8Array); - * // => true - * - * _.isTypedArray([]); - * // => false - */ - var isTypedArray = nodeIsTypedArray ? baseUnary(nodeIsTypedArray) : baseIsTypedArray; - - /** - * Checks if `value` is `undefined`. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is `undefined`, else `false`. - * @example - * - * _.isUndefined(void 0); - * // => true - * - * _.isUndefined(null); - * // => false - */ - function isUndefined(value) { - return value === undefined; - } - - /** - * Checks if `value` is classified as a `WeakMap` object. - * - * @static - * @memberOf _ - * @since 4.3.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a weak map, else `false`. - * @example - * - * _.isWeakMap(new WeakMap); - * // => true - * - * _.isWeakMap(new Map); - * // => false - */ - function isWeakMap(value) { - return isObjectLike(value) && getTag(value) == weakMapTag; - } - - /** - * Checks if `value` is classified as a `WeakSet` object. - * - * @static - * @memberOf _ - * @since 4.3.0 - * @category Lang - * @param {*} value The value to check. - * @returns {boolean} Returns `true` if `value` is a weak set, else `false`. - * @example - * - * _.isWeakSet(new WeakSet); - * // => true - * - * _.isWeakSet(new Set); - * // => false - */ - function isWeakSet(value) { - return isObjectLike(value) && baseGetTag(value) == weakSetTag; - } - - /** - * Checks if `value` is less than `other`. - * - * @static - * @memberOf _ - * @since 3.9.0 - * @category Lang - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @returns {boolean} Returns `true` if `value` is less than `other`, - * else `false`. - * @see _.gt - * @example - * - * _.lt(1, 3); - * // => true - * - * _.lt(3, 3); - * // => false - * - * _.lt(3, 1); - * // => false - */ - var lt = createRelationalOperation(baseLt); - - /** - * Checks if `value` is less than or equal to `other`. - * - * @static - * @memberOf _ - * @since 3.9.0 - * @category Lang - * @param {*} value The value to compare. - * @param {*} other The other value to compare. - * @returns {boolean} Returns `true` if `value` is less than or equal to - * `other`, else `false`. - * @see _.gte - * @example - * - * _.lte(1, 3); - * // => true - * - * _.lte(3, 3); - * // => true - * - * _.lte(3, 1); - * // => false - */ - var lte = createRelationalOperation(function (value, other) { - return value <= other; - }); - - /** - * Converts `value` to an array. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Lang - * @param {*} value The value to convert. - * @returns {Array} Returns the converted array. - * @example - * - * _.toArray({ 'a': 1, 'b': 2 }); - * // => [1, 2] - * - * _.toArray('abc'); - * // => ['a', 'b', 'c'] - * - * _.toArray(1); - * // => [] - * - * _.toArray(null); - * // => [] - */ - function toArray(value) { - if (!value) { - return []; - } - if (isArrayLike(value)) { - return isString(value) ? stringToArray(value) : copyArray(value); - } - if (symIterator && value[symIterator]) { - return iteratorToArray(value[symIterator]()); - } - var tag = getTag(value), - func = tag == mapTag ? mapToArray : tag == setTag ? setToArray : values; - - return func(value); - } - - /** - * Converts `value` to a finite number. - * - * @static - * @memberOf _ - * @since 4.12.0 - * @category Lang - * @param {*} value The value to convert. - * @returns {number} Returns the converted number. - * @example - * - * _.toFinite(3.2); - * // => 3.2 - * - * _.toFinite(Number.MIN_VALUE); - * // => 5e-324 - * - * _.toFinite(Infinity); - * // => 1.7976931348623157e+308 - * - * _.toFinite('3.2'); - * // => 3.2 - */ - function toFinite(value) { - if (!value) { - return value === 0 ? value : 0; - } - value = toNumber(value); - if (value === INFINITY || value === -INFINITY) { - var sign = value < 0 ? -1 : 1; - return sign * MAX_INTEGER; - } - return value === value ? value : 0; - } - - /** - * Converts `value` to an integer. - * - * **Note:** This method is loosely based on - * [`ToInteger`](http://www.ecma-international.org/ecma-262/7.0/#sec-tointeger). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to convert. - * @returns {number} Returns the converted integer. - * @example - * - * _.toInteger(3.2); - * // => 3 - * - * _.toInteger(Number.MIN_VALUE); - * // => 0 - * - * _.toInteger(Infinity); - * // => 1.7976931348623157e+308 - * - * _.toInteger('3.2'); - * // => 3 - */ - function toInteger(value) { - var result = toFinite(value), - remainder = result % 1; - - return result === result ? (remainder ? result - remainder : result) : 0; - } - - /** - * Converts `value` to an integer suitable for use as the length of an - * array-like object. - * - * **Note:** This method is based on - * [`ToLength`](http://ecma-international.org/ecma-262/7.0/#sec-tolength). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to convert. - * @returns {number} Returns the converted integer. - * @example - * - * _.toLength(3.2); - * // => 3 - * - * _.toLength(Number.MIN_VALUE); - * // => 0 - * - * _.toLength(Infinity); - * // => 4294967295 - * - * _.toLength('3.2'); - * // => 3 - */ - function toLength(value) { - return value ? baseClamp(toInteger(value), 0, MAX_ARRAY_LENGTH) : 0; - } - - /** - * Converts `value` to a number. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to process. - * @returns {number} Returns the number. - * @example - * - * _.toNumber(3.2); - * // => 3.2 - * - * _.toNumber(Number.MIN_VALUE); - * // => 5e-324 - * - * _.toNumber(Infinity); - * // => Infinity - * - * _.toNumber('3.2'); - * // => 3.2 - */ - function toNumber(value) { - if (typeof value == 'number') { - return value; - } - if (isSymbol(value)) { - return NAN; - } - if (isObject(value)) { - var other = typeof value.valueOf == 'function' ? value.valueOf() : value; - value = isObject(other) ? other + '' : other; - } - if (typeof value != 'string') { - return value === 0 ? value : +value; - } - value = value.replace(reTrim, ''); - var isBinary = reIsBinary.test(value); - return isBinary || reIsOctal.test(value) - ? freeParseInt(value.slice(2), isBinary ? 2 : 8) - : reIsBadHex.test(value) - ? NAN - : +value; - } - - /** - * Converts `value` to a plain object flattening inherited enumerable string - * keyed properties of `value` to own properties of the plain object. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Lang - * @param {*} value The value to convert. - * @returns {Object} Returns the converted plain object. - * @example - * - * function Foo() { - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.assign({ 'a': 1 }, new Foo); - * // => { 'a': 1, 'b': 2 } - * - * _.assign({ 'a': 1 }, _.toPlainObject(new Foo)); - * // => { 'a': 1, 'b': 2, 'c': 3 } - */ - function toPlainObject(value) { - return copyObject(value, keysIn(value)); - } - - /** - * Converts `value` to a safe integer. A safe integer can be compared and - * represented correctly. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to convert. - * @returns {number} Returns the converted integer. - * @example - * - * _.toSafeInteger(3.2); - * // => 3 - * - * _.toSafeInteger(Number.MIN_VALUE); - * // => 0 - * - * _.toSafeInteger(Infinity); - * // => 9007199254740991 - * - * _.toSafeInteger('3.2'); - * // => 3 - */ - function toSafeInteger(value) { - return value - ? baseClamp(toInteger(value), -MAX_SAFE_INTEGER, MAX_SAFE_INTEGER) - : value === 0 - ? value - : 0; - } - - /** - * Converts `value` to a string. An empty string is returned for `null` - * and `undefined` values. The sign of `-0` is preserved. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Lang - * @param {*} value The value to convert. - * @returns {string} Returns the converted string. - * @example - * - * _.toString(null); - * // => '' - * - * _.toString(-0); - * // => '-0' - * - * _.toString([1, 2, 3]); - * // => '1,2,3' - */ - function toString(value) { - return value == null ? '' : baseToString(value); - } - - /*------------------------------------------------------------------------*/ - - /** - * Assigns own enumerable string keyed properties of source objects to the - * destination object. Source objects are applied from left to right. - * Subsequent sources overwrite property assignments of previous sources. - * - * **Note:** This method mutates `object` and is loosely based on - * [`Object.assign`](https://mdn.io/Object/assign). - * - * @static - * @memberOf _ - * @since 0.10.0 - * @category Object - * @param {Object} object The destination object. - * @param {...Object} [sources] The source objects. - * @returns {Object} Returns `object`. - * @see _.assignIn - * @example - * - * function Foo() { - * this.a = 1; - * } - * - * function Bar() { - * this.c = 3; - * } - * - * Foo.prototype.b = 2; - * Bar.prototype.d = 4; - * - * _.assign({ 'a': 0 }, new Foo, new Bar); - * // => { 'a': 1, 'c': 3 } - */ - var assign = createAssigner(function (object, source) { - if (isPrototype(source) || isArrayLike(source)) { - copyObject(source, keys(source), object); - return; - } - for (var key in source) { - if (hasOwnProperty.call(source, key)) { - assignValue(object, key, source[key]); - } - } - }); - - /** - * This method is like `_.assign` except that it iterates over own and - * inherited source properties. - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @alias extend - * @category Object - * @param {Object} object The destination object. - * @param {...Object} [sources] The source objects. - * @returns {Object} Returns `object`. - * @see _.assign - * @example - * - * function Foo() { - * this.a = 1; - * } - * - * function Bar() { - * this.c = 3; - * } - * - * Foo.prototype.b = 2; - * Bar.prototype.d = 4; - * - * _.assignIn({ 'a': 0 }, new Foo, new Bar); - * // => { 'a': 1, 'b': 2, 'c': 3, 'd': 4 } - */ - var assignIn = createAssigner(function (object, source) { - copyObject(source, keysIn(source), object); - }); - - /** - * This method is like `_.assignIn` except that it accepts `customizer` - * which is invoked to produce the assigned values. If `customizer` returns - * `undefined`, assignment is handled by the method instead. The `customizer` - * is invoked with five arguments: (objValue, srcValue, key, object, source). - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @alias extendWith - * @category Object - * @param {Object} object The destination object. - * @param {...Object} sources The source objects. - * @param {Function} [customizer] The function to customize assigned values. - * @returns {Object} Returns `object`. - * @see _.assignWith - * @example - * - * function customizer(objValue, srcValue) { - * return _.isUndefined(objValue) ? srcValue : objValue; - * } - * - * var defaults = _.partialRight(_.assignInWith, customizer); - * - * defaults({ 'a': 1 }, { 'b': 2 }, { 'a': 3 }); - * // => { 'a': 1, 'b': 2 } - */ - var assignInWith = createAssigner(function (object, source, srcIndex, customizer) { - copyObject(source, keysIn(source), object, customizer); - }); - - /** - * This method is like `_.assign` except that it accepts `customizer` - * which is invoked to produce the assigned values. If `customizer` returns - * `undefined`, assignment is handled by the method instead. The `customizer` - * is invoked with five arguments: (objValue, srcValue, key, object, source). - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Object - * @param {Object} object The destination object. - * @param {...Object} sources The source objects. - * @param {Function} [customizer] The function to customize assigned values. - * @returns {Object} Returns `object`. - * @see _.assignInWith - * @example - * - * function customizer(objValue, srcValue) { - * return _.isUndefined(objValue) ? srcValue : objValue; - * } - * - * var defaults = _.partialRight(_.assignWith, customizer); - * - * defaults({ 'a': 1 }, { 'b': 2 }, { 'a': 3 }); - * // => { 'a': 1, 'b': 2 } - */ - var assignWith = createAssigner(function (object, source, srcIndex, customizer) { - copyObject(source, keys(source), object, customizer); - }); - - /** - * Creates an array of values corresponding to `paths` of `object`. - * - * @static - * @memberOf _ - * @since 1.0.0 - * @category Object - * @param {Object} object The object to iterate over. - * @param {...(string|string[])} [paths] The property paths to pick. - * @returns {Array} Returns the picked values. - * @example - * - * var object = { 'a': [{ 'b': { 'c': 3 } }, 4] }; - * - * _.at(object, ['a[0].b.c', 'a[1]']); - * // => [3, 4] - */ - var at = flatRest(baseAt); - - /** - * Creates an object that inherits from the `prototype` object. If a - * `properties` object is given, its own enumerable string keyed properties - * are assigned to the created object. - * - * @static - * @memberOf _ - * @since 2.3.0 - * @category Object - * @param {Object} prototype The object to inherit from. - * @param {Object} [properties] The properties to assign to the object. - * @returns {Object} Returns the new object. - * @example - * - * function Shape() { - * this.x = 0; - * this.y = 0; - * } - * - * function Circle() { - * Shape.call(this); - * } - * - * Circle.prototype = _.create(Shape.prototype, { - * 'constructor': Circle - * }); - * - * var circle = new Circle; - * circle instanceof Circle; - * // => true - * - * circle instanceof Shape; - * // => true - */ - function create(prototype, properties) { - var result = baseCreate(prototype); - return properties == null ? result : baseAssign(result, properties); - } - - /** - * Assigns own and inherited enumerable string keyed properties of source - * objects to the destination object for all destination properties that - * resolve to `undefined`. Source objects are applied from left to right. - * Once a property is set, additional values of the same property are ignored. - * - * **Note:** This method mutates `object`. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Object - * @param {Object} object The destination object. - * @param {...Object} [sources] The source objects. - * @returns {Object} Returns `object`. - * @see _.defaultsDeep - * @example - * - * _.defaults({ 'a': 1 }, { 'b': 2 }, { 'a': 3 }); - * // => { 'a': 1, 'b': 2 } - */ - var defaults = baseRest(function (object, sources) { - object = Object(object); - - var index = -1; - var length = sources.length; - var guard = length > 2 ? sources[2] : undefined; - - if (guard && isIterateeCall(sources[0], sources[1], guard)) { - length = 1; - } - - while (++index < length) { - var source = sources[index]; - var props = keysIn(source); - var propsIndex = -1; - var propsLength = props.length; - - while (++propsIndex < propsLength) { - var key = props[propsIndex]; - var value = object[key]; - - if ( - value === undefined || - (eq(value, objectProto[key]) && !hasOwnProperty.call(object, key)) - ) { - object[key] = source[key]; - } - } - } - - return object; - }); - - /** - * This method is like `_.defaults` except that it recursively assigns - * default properties. - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 3.10.0 - * @category Object - * @param {Object} object The destination object. - * @param {...Object} [sources] The source objects. - * @returns {Object} Returns `object`. - * @see _.defaults - * @example - * - * _.defaultsDeep({ 'a': { 'b': 2 } }, { 'a': { 'b': 1, 'c': 3 } }); - * // => { 'a': { 'b': 2, 'c': 3 } } - */ - var defaultsDeep = baseRest(function (args) { - args.push(undefined, customDefaultsMerge); - return apply(mergeWith, undefined, args); - }); - - /** - * This method is like `_.find` except that it returns the key of the first - * element `predicate` returns truthy for instead of the element itself. - * - * @static - * @memberOf _ - * @since 1.1.0 - * @category Object - * @param {Object} object The object to inspect. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @returns {string|undefined} Returns the key of the matched element, - * else `undefined`. - * @example - * - * var users = { - * 'barney': { 'age': 36, 'active': true }, - * 'fred': { 'age': 40, 'active': false }, - * 'pebbles': { 'age': 1, 'active': true } - * }; - * - * _.findKey(users, function(o) { return o.age < 40; }); - * // => 'barney' (iteration order is not guaranteed) - * - * // The `_.matches` iteratee shorthand. - * _.findKey(users, { 'age': 1, 'active': true }); - * // => 'pebbles' - * - * // The `_.matchesProperty` iteratee shorthand. - * _.findKey(users, ['active', false]); - * // => 'fred' - * - * // The `_.property` iteratee shorthand. - * _.findKey(users, 'active'); - * // => 'barney' - */ - function findKey(object, predicate) { - return baseFindKey(object, getIteratee(predicate, 3), baseForOwn); - } - - /** - * This method is like `_.findKey` except that it iterates over elements of - * a collection in the opposite order. - * - * @static - * @memberOf _ - * @since 2.0.0 - * @category Object - * @param {Object} object The object to inspect. - * @param {Function} [predicate=_.identity] The function invoked per iteration. - * @returns {string|undefined} Returns the key of the matched element, - * else `undefined`. - * @example - * - * var users = { - * 'barney': { 'age': 36, 'active': true }, - * 'fred': { 'age': 40, 'active': false }, - * 'pebbles': { 'age': 1, 'active': true } - * }; - * - * _.findLastKey(users, function(o) { return o.age < 40; }); - * // => returns 'pebbles' assuming `_.findKey` returns 'barney' - * - * // The `_.matches` iteratee shorthand. - * _.findLastKey(users, { 'age': 36, 'active': true }); - * // => 'barney' - * - * // The `_.matchesProperty` iteratee shorthand. - * _.findLastKey(users, ['active', false]); - * // => 'fred' - * - * // The `_.property` iteratee shorthand. - * _.findLastKey(users, 'active'); - * // => 'pebbles' - */ - function findLastKey(object, predicate) { - return baseFindKey(object, getIteratee(predicate, 3), baseForOwnRight); - } - - /** - * Iterates over own and inherited enumerable string keyed properties of an - * object and invokes `iteratee` for each property. The iteratee is invoked - * with three arguments: (value, key, object). Iteratee functions may exit - * iteration early by explicitly returning `false`. - * - * @static - * @memberOf _ - * @since 0.3.0 - * @category Object - * @param {Object} object The object to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Object} Returns `object`. - * @see _.forInRight - * @example - * - * function Foo() { - * this.a = 1; - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.forIn(new Foo, function(value, key) { - * console.log(key); - * }); - * // => Logs 'a', 'b', then 'c' (iteration order is not guaranteed). - */ - function forIn(object, iteratee) { - return object == null ? object : baseFor(object, getIteratee(iteratee, 3), keysIn); - } - - /** - * This method is like `_.forIn` except that it iterates over properties of - * `object` in the opposite order. - * - * @static - * @memberOf _ - * @since 2.0.0 - * @category Object - * @param {Object} object The object to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Object} Returns `object`. - * @see _.forIn - * @example - * - * function Foo() { - * this.a = 1; - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.forInRight(new Foo, function(value, key) { - * console.log(key); - * }); - * // => Logs 'c', 'b', then 'a' assuming `_.forIn` logs 'a', 'b', then 'c'. - */ - function forInRight(object, iteratee) { - return object == null ? object : baseForRight(object, getIteratee(iteratee, 3), keysIn); - } - - /** - * Iterates over own enumerable string keyed properties of an object and - * invokes `iteratee` for each property. The iteratee is invoked with three - * arguments: (value, key, object). Iteratee functions may exit iteration - * early by explicitly returning `false`. - * - * @static - * @memberOf _ - * @since 0.3.0 - * @category Object - * @param {Object} object The object to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Object} Returns `object`. - * @see _.forOwnRight - * @example - * - * function Foo() { - * this.a = 1; - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.forOwn(new Foo, function(value, key) { - * console.log(key); - * }); - * // => Logs 'a' then 'b' (iteration order is not guaranteed). - */ - function forOwn(object, iteratee) { - return object && baseForOwn(object, getIteratee(iteratee, 3)); - } - - /** - * This method is like `_.forOwn` except that it iterates over properties of - * `object` in the opposite order. - * - * @static - * @memberOf _ - * @since 2.0.0 - * @category Object - * @param {Object} object The object to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Object} Returns `object`. - * @see _.forOwn - * @example - * - * function Foo() { - * this.a = 1; - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.forOwnRight(new Foo, function(value, key) { - * console.log(key); - * }); - * // => Logs 'b' then 'a' assuming `_.forOwn` logs 'a' then 'b'. - */ - function forOwnRight(object, iteratee) { - return object && baseForOwnRight(object, getIteratee(iteratee, 3)); - } - - /** - * Creates an array of function property names from own enumerable properties - * of `object`. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Object - * @param {Object} object The object to inspect. - * @returns {Array} Returns the function names. - * @see _.functionsIn - * @example - * - * function Foo() { - * this.a = _.constant('a'); - * this.b = _.constant('b'); - * } - * - * Foo.prototype.c = _.constant('c'); - * - * _.functions(new Foo); - * // => ['a', 'b'] - */ - function functions(object) { - return object == null ? [] : baseFunctions(object, keys(object)); - } - - /** - * Creates an array of function property names from own and inherited - * enumerable properties of `object`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Object - * @param {Object} object The object to inspect. - * @returns {Array} Returns the function names. - * @see _.functions - * @example - * - * function Foo() { - * this.a = _.constant('a'); - * this.b = _.constant('b'); - * } - * - * Foo.prototype.c = _.constant('c'); - * - * _.functionsIn(new Foo); - * // => ['a', 'b', 'c'] - */ - function functionsIn(object) { - return object == null ? [] : baseFunctions(object, keysIn(object)); - } - - /** - * Gets the value at `path` of `object`. If the resolved value is - * `undefined`, the `defaultValue` is returned in its place. - * - * @static - * @memberOf _ - * @since 3.7.0 - * @category Object - * @param {Object} object The object to query. - * @param {Array|string} path The path of the property to get. - * @param {*} [defaultValue] The value returned for `undefined` resolved values. - * @returns {*} Returns the resolved value. - * @example - * - * var object = { 'a': [{ 'b': { 'c': 3 } }] }; - * - * _.get(object, 'a[0].b.c'); - * // => 3 - * - * _.get(object, ['a', '0', 'b', 'c']); - * // => 3 - * - * _.get(object, 'a.b.c', 'default'); - * // => 'default' - */ - function get(object, path, defaultValue) { - var result = object == null ? undefined : baseGet(object, path); - return result === undefined ? defaultValue : result; - } - - /** - * Checks if `path` is a direct property of `object`. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Object - * @param {Object} object The object to query. - * @param {Array|string} path The path to check. - * @returns {boolean} Returns `true` if `path` exists, else `false`. - * @example - * - * var object = { 'a': { 'b': 2 } }; - * var other = _.create({ 'a': _.create({ 'b': 2 }) }); - * - * _.has(object, 'a'); - * // => true - * - * _.has(object, 'a.b'); - * // => true - * - * _.has(object, ['a', 'b']); - * // => true - * - * _.has(other, 'a'); - * // => false - */ - function has(object, path) { - return object != null && hasPath(object, path, baseHas); - } - - /** - * Checks if `path` is a direct or inherited property of `object`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Object - * @param {Object} object The object to query. - * @param {Array|string} path The path to check. - * @returns {boolean} Returns `true` if `path` exists, else `false`. - * @example - * - * var object = _.create({ 'a': _.create({ 'b': 2 }) }); - * - * _.hasIn(object, 'a'); - * // => true - * - * _.hasIn(object, 'a.b'); - * // => true - * - * _.hasIn(object, ['a', 'b']); - * // => true - * - * _.hasIn(object, 'b'); - * // => false - */ - function hasIn(object, path) { - return object != null && hasPath(object, path, baseHasIn); - } - - /** - * Creates an object composed of the inverted keys and values of `object`. - * If `object` contains duplicate values, subsequent values overwrite - * property assignments of previous values. - * - * @static - * @memberOf _ - * @since 0.7.0 - * @category Object - * @param {Object} object The object to invert. - * @returns {Object} Returns the new inverted object. - * @example - * - * var object = { 'a': 1, 'b': 2, 'c': 1 }; - * - * _.invert(object); - * // => { '1': 'c', '2': 'b' } - */ - var invert = createInverter(function (result, value, key) { - if (value != null && typeof value.toString != 'function') { - value = nativeObjectToString.call(value); - } - - result[value] = key; - }, constant(identity)); - - /** - * This method is like `_.invert` except that the inverted object is generated - * from the results of running each element of `object` thru `iteratee`. The - * corresponding inverted value of each inverted key is an array of keys - * responsible for generating the inverted value. The iteratee is invoked - * with one argument: (value). - * - * @static - * @memberOf _ - * @since 4.1.0 - * @category Object - * @param {Object} object The object to invert. - * @param {Function} [iteratee=_.identity] The iteratee invoked per element. - * @returns {Object} Returns the new inverted object. - * @example - * - * var object = { 'a': 1, 'b': 2, 'c': 1 }; - * - * _.invertBy(object); - * // => { '1': ['a', 'c'], '2': ['b'] } - * - * _.invertBy(object, function(value) { - * return 'group' + value; - * }); - * // => { 'group1': ['a', 'c'], 'group2': ['b'] } - */ - var invertBy = createInverter(function (result, value, key) { - if (value != null && typeof value.toString != 'function') { - value = nativeObjectToString.call(value); - } - - if (hasOwnProperty.call(result, value)) { - result[value].push(key); - } else { - result[value] = [key]; - } - }, getIteratee); - - /** - * Invokes the method at `path` of `object`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Object - * @param {Object} object The object to query. - * @param {Array|string} path The path of the method to invoke. - * @param {...*} [args] The arguments to invoke the method with. - * @returns {*} Returns the result of the invoked method. - * @example - * - * var object = { 'a': [{ 'b': { 'c': [1, 2, 3, 4] } }] }; - * - * _.invoke(object, 'a[0].b.c.slice', 1, 3); - * // => [2, 3] - */ - var invoke = baseRest(baseInvoke); - - /** - * Creates an array of the own enumerable property names of `object`. - * - * **Note:** Non-object values are coerced to objects. See the - * [ES spec](http://ecma-international.org/ecma-262/7.0/#sec-object.keys) - * for more details. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Object - * @param {Object} object The object to query. - * @returns {Array} Returns the array of property names. - * @example - * - * function Foo() { - * this.a = 1; - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.keys(new Foo); - * // => ['a', 'b'] (iteration order is not guaranteed) - * - * _.keys('hi'); - * // => ['0', '1'] - */ - function keys(object) { - return isArrayLike(object) ? arrayLikeKeys(object) : baseKeys(object); - } - - /** - * Creates an array of the own and inherited enumerable property names of `object`. - * - * **Note:** Non-object values are coerced to objects. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Object - * @param {Object} object The object to query. - * @returns {Array} Returns the array of property names. - * @example - * - * function Foo() { - * this.a = 1; - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.keysIn(new Foo); - * // => ['a', 'b', 'c'] (iteration order is not guaranteed) - */ - function keysIn(object) { - return isArrayLike(object) ? arrayLikeKeys(object, true) : baseKeysIn(object); - } - - /** - * The opposite of `_.mapValues`; this method creates an object with the - * same values as `object` and keys generated by running each own enumerable - * string keyed property of `object` thru `iteratee`. The iteratee is invoked - * with three arguments: (value, key, object). - * - * @static - * @memberOf _ - * @since 3.8.0 - * @category Object - * @param {Object} object The object to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Object} Returns the new mapped object. - * @see _.mapValues - * @example - * - * _.mapKeys({ 'a': 1, 'b': 2 }, function(value, key) { - * return key + value; - * }); - * // => { 'a1': 1, 'b2': 2 } - */ - function mapKeys(object, iteratee) { - var result = {}; - iteratee = getIteratee(iteratee, 3); - - baseForOwn(object, function (value, key, object) { - baseAssignValue(result, iteratee(value, key, object), value); - }); - return result; - } - - /** - * Creates an object with the same keys as `object` and values generated - * by running each own enumerable string keyed property of `object` thru - * `iteratee`. The iteratee is invoked with three arguments: - * (value, key, object). - * - * @static - * @memberOf _ - * @since 2.4.0 - * @category Object - * @param {Object} object The object to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @returns {Object} Returns the new mapped object. - * @see _.mapKeys - * @example - * - * var users = { - * 'fred': { 'user': 'fred', 'age': 40 }, - * 'pebbles': { 'user': 'pebbles', 'age': 1 } - * }; - * - * _.mapValues(users, function(o) { return o.age; }); - * // => { 'fred': 40, 'pebbles': 1 } (iteration order is not guaranteed) - * - * // The `_.property` iteratee shorthand. - * _.mapValues(users, 'age'); - * // => { 'fred': 40, 'pebbles': 1 } (iteration order is not guaranteed) - */ - function mapValues(object, iteratee) { - var result = {}; - iteratee = getIteratee(iteratee, 3); - - baseForOwn(object, function (value, key, object) { - baseAssignValue(result, key, iteratee(value, key, object)); - }); - return result; - } - - /** - * This method is like `_.assign` except that it recursively merges own and - * inherited enumerable string keyed properties of source objects into the - * destination object. Source properties that resolve to `undefined` are - * skipped if a destination value exists. Array and plain object properties - * are merged recursively. Other objects and value types are overridden by - * assignment. Source objects are applied from left to right. Subsequent - * sources overwrite property assignments of previous sources. - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 0.5.0 - * @category Object - * @param {Object} object The destination object. - * @param {...Object} [sources] The source objects. - * @returns {Object} Returns `object`. - * @example - * - * var object = { - * 'a': [{ 'b': 2 }, { 'd': 4 }] - * }; - * - * var other = { - * 'a': [{ 'c': 3 }, { 'e': 5 }] - * }; - * - * _.merge(object, other); - * // => { 'a': [{ 'b': 2, 'c': 3 }, { 'd': 4, 'e': 5 }] } - */ - var merge = createAssigner(function (object, source, srcIndex) { - baseMerge(object, source, srcIndex); - }); - - /** - * This method is like `_.merge` except that it accepts `customizer` which - * is invoked to produce the merged values of the destination and source - * properties. If `customizer` returns `undefined`, merging is handled by the - * method instead. The `customizer` is invoked with six arguments: - * (objValue, srcValue, key, object, source, stack). - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Object - * @param {Object} object The destination object. - * @param {...Object} sources The source objects. - * @param {Function} customizer The function to customize assigned values. - * @returns {Object} Returns `object`. - * @example - * - * function customizer(objValue, srcValue) { - * if (_.isArray(objValue)) { - * return objValue.concat(srcValue); - * } - * } - * - * var object = { 'a': [1], 'b': [2] }; - * var other = { 'a': [3], 'b': [4] }; - * - * _.mergeWith(object, other, customizer); - * // => { 'a': [1, 3], 'b': [2, 4] } - */ - var mergeWith = createAssigner(function (object, source, srcIndex, customizer) { - baseMerge(object, source, srcIndex, customizer); - }); - - /** - * The opposite of `_.pick`; this method creates an object composed of the - * own and inherited enumerable property paths of `object` that are not omitted. - * - * **Note:** This method is considerably slower than `_.pick`. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Object - * @param {Object} object The source object. - * @param {...(string|string[])} [paths] The property paths to omit. - * @returns {Object} Returns the new object. - * @example - * - * var object = { 'a': 1, 'b': '2', 'c': 3 }; - * - * _.omit(object, ['a', 'c']); - * // => { 'b': '2' } - */ - var omit = flatRest(function (object, paths) { - var result = {}; - if (object == null) { - return result; - } - var isDeep = false; - paths = arrayMap(paths, function (path) { - path = castPath(path, object); - isDeep || (isDeep = path.length > 1); - return path; - }); - copyObject(object, getAllKeysIn(object), result); - if (isDeep) { - result = baseClone( - result, - CLONE_DEEP_FLAG | CLONE_FLAT_FLAG | CLONE_SYMBOLS_FLAG, - customOmitClone - ); - } - var length = paths.length; - while (length--) { - baseUnset(result, paths[length]); - } - return result; - }); - - /** - * The opposite of `_.pickBy`; this method creates an object composed of - * the own and inherited enumerable string keyed properties of `object` that - * `predicate` doesn't return truthy for. The predicate is invoked with two - * arguments: (value, key). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Object - * @param {Object} object The source object. - * @param {Function} [predicate=_.identity] The function invoked per property. - * @returns {Object} Returns the new object. - * @example - * - * var object = { 'a': 1, 'b': '2', 'c': 3 }; - * - * _.omitBy(object, _.isNumber); - * // => { 'b': '2' } - */ - function omitBy(object, predicate) { - return pickBy(object, negate(getIteratee(predicate))); - } - - /** - * Creates an object composed of the picked `object` properties. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Object - * @param {Object} object The source object. - * @param {...(string|string[])} [paths] The property paths to pick. - * @returns {Object} Returns the new object. - * @example - * - * var object = { 'a': 1, 'b': '2', 'c': 3 }; - * - * _.pick(object, ['a', 'c']); - * // => { 'a': 1, 'c': 3 } - */ - var pick = flatRest(function (object, paths) { - return object == null ? {} : basePick(object, paths); - }); - - /** - * Creates an object composed of the `object` properties `predicate` returns - * truthy for. The predicate is invoked with two arguments: (value, key). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Object - * @param {Object} object The source object. - * @param {Function} [predicate=_.identity] The function invoked per property. - * @returns {Object} Returns the new object. - * @example - * - * var object = { 'a': 1, 'b': '2', 'c': 3 }; - * - * _.pickBy(object, _.isNumber); - * // => { 'a': 1, 'c': 3 } - */ - function pickBy(object, predicate) { - if (object == null) { - return {}; - } - var props = arrayMap(getAllKeysIn(object), function (prop) { - return [prop]; - }); - predicate = getIteratee(predicate); - return basePickBy(object, props, function (value, path) { - return predicate(value, path[0]); - }); - } - - /** - * This method is like `_.get` except that if the resolved value is a - * function it's invoked with the `this` binding of its parent object and - * its result is returned. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Object - * @param {Object} object The object to query. - * @param {Array|string} path The path of the property to resolve. - * @param {*} [defaultValue] The value returned for `undefined` resolved values. - * @returns {*} Returns the resolved value. - * @example - * - * var object = { 'a': [{ 'b': { 'c1': 3, 'c2': _.constant(4) } }] }; - * - * _.result(object, 'a[0].b.c1'); - * // => 3 - * - * _.result(object, 'a[0].b.c2'); - * // => 4 - * - * _.result(object, 'a[0].b.c3', 'default'); - * // => 'default' - * - * _.result(object, 'a[0].b.c3', _.constant('default')); - * // => 'default' - */ - function result(object, path, defaultValue) { - path = castPath(path, object); - - var index = -1, - length = path.length; - - // Ensure the loop is entered when path is empty. - if (!length) { - length = 1; - object = undefined; - } - while (++index < length) { - var value = object == null ? undefined : object[toKey(path[index])]; - if (value === undefined) { - index = length; - value = defaultValue; - } - object = isFunction(value) ? value.call(object) : value; - } - return object; - } - - /** - * Sets the value at `path` of `object`. If a portion of `path` doesn't exist, - * it's created. Arrays are created for missing index properties while objects - * are created for all other missing properties. Use `_.setWith` to customize - * `path` creation. - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 3.7.0 - * @category Object - * @param {Object} object The object to modify. - * @param {Array|string} path The path of the property to set. - * @param {*} value The value to set. - * @returns {Object} Returns `object`. - * @example - * - * var object = { 'a': [{ 'b': { 'c': 3 } }] }; - * - * _.set(object, 'a[0].b.c', 4); - * console.log(object.a[0].b.c); - * // => 4 - * - * _.set(object, ['x', '0', 'y', 'z'], 5); - * console.log(object.x[0].y.z); - * // => 5 - */ - function set(object, path, value) { - return object == null ? object : baseSet(object, path, value); - } - - /** - * This method is like `_.set` except that it accepts `customizer` which is - * invoked to produce the objects of `path`. If `customizer` returns `undefined` - * path creation is handled by the method instead. The `customizer` is invoked - * with three arguments: (nsValue, key, nsObject). - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Object - * @param {Object} object The object to modify. - * @param {Array|string} path The path of the property to set. - * @param {*} value The value to set. - * @param {Function} [customizer] The function to customize assigned values. - * @returns {Object} Returns `object`. - * @example - * - * var object = {}; - * - * _.setWith(object, '[0][1]', 'a', Object); - * // => { '0': { '1': 'a' } } - */ - function setWith(object, path, value, customizer) { - customizer = typeof customizer == 'function' ? customizer : undefined; - return object == null ? object : baseSet(object, path, value, customizer); - } - - /** - * Creates an array of own enumerable string keyed-value pairs for `object` - * which can be consumed by `_.fromPairs`. If `object` is a map or set, its - * entries are returned. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @alias entries - * @category Object - * @param {Object} object The object to query. - * @returns {Array} Returns the key-value pairs. - * @example - * - * function Foo() { - * this.a = 1; - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.toPairs(new Foo); - * // => [['a', 1], ['b', 2]] (iteration order is not guaranteed) - */ - var toPairs = createToPairs(keys); - - /** - * Creates an array of own and inherited enumerable string keyed-value pairs - * for `object` which can be consumed by `_.fromPairs`. If `object` is a map - * or set, its entries are returned. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @alias entriesIn - * @category Object - * @param {Object} object The object to query. - * @returns {Array} Returns the key-value pairs. - * @example - * - * function Foo() { - * this.a = 1; - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.toPairsIn(new Foo); - * // => [['a', 1], ['b', 2], ['c', 3]] (iteration order is not guaranteed) - */ - var toPairsIn = createToPairs(keysIn); - - /** - * An alternative to `_.reduce`; this method transforms `object` to a new - * `accumulator` object which is the result of running each of its own - * enumerable string keyed properties thru `iteratee`, with each invocation - * potentially mutating the `accumulator` object. If `accumulator` is not - * provided, a new object with the same `[[Prototype]]` will be used. The - * iteratee is invoked with four arguments: (accumulator, value, key, object). - * Iteratee functions may exit iteration early by explicitly returning `false`. - * - * @static - * @memberOf _ - * @since 1.3.0 - * @category Object - * @param {Object} object The object to iterate over. - * @param {Function} [iteratee=_.identity] The function invoked per iteration. - * @param {*} [accumulator] The custom accumulator value. - * @returns {*} Returns the accumulated value. - * @example - * - * _.transform([2, 3, 4], function(result, n) { - * result.push(n *= n); - * return n % 2 == 0; - * }, []); - * // => [4, 9] - * - * _.transform({ 'a': 1, 'b': 2, 'c': 1 }, function(result, value, key) { - * (result[value] || (result[value] = [])).push(key); - * }, {}); - * // => { '1': ['a', 'c'], '2': ['b'] } - */ - function transform(object, iteratee, accumulator) { - var isArr = isArray(object), - isArrLike = isArr || isBuffer(object) || isTypedArray(object); - - iteratee = getIteratee(iteratee, 4); - if (accumulator == null) { - var Ctor = object && object.constructor; - if (isArrLike) { - accumulator = isArr ? new Ctor() : []; - } else if (isObject(object)) { - accumulator = isFunction(Ctor) ? baseCreate(getPrototype(object)) : {}; - } else { - accumulator = {}; - } - } - (isArrLike ? arrayEach : baseForOwn)(object, function (value, index, object) { - return iteratee(accumulator, value, index, object); - }); - return accumulator; - } - - /** - * Removes the property at `path` of `object`. - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Object - * @param {Object} object The object to modify. - * @param {Array|string} path The path of the property to unset. - * @returns {boolean} Returns `true` if the property is deleted, else `false`. - * @example - * - * var object = { 'a': [{ 'b': { 'c': 7 } }] }; - * _.unset(object, 'a[0].b.c'); - * // => true - * - * console.log(object); - * // => { 'a': [{ 'b': {} }] }; - * - * _.unset(object, ['a', '0', 'b', 'c']); - * // => true - * - * console.log(object); - * // => { 'a': [{ 'b': {} }] }; - */ - function unset(object, path) { - return object == null ? true : baseUnset(object, path); - } - - /** - * This method is like `_.set` except that accepts `updater` to produce the - * value to set. Use `_.updateWith` to customize `path` creation. The `updater` - * is invoked with one argument: (value). - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 4.6.0 - * @category Object - * @param {Object} object The object to modify. - * @param {Array|string} path The path of the property to set. - * @param {Function} updater The function to produce the updated value. - * @returns {Object} Returns `object`. - * @example - * - * var object = { 'a': [{ 'b': { 'c': 3 } }] }; - * - * _.update(object, 'a[0].b.c', function(n) { return n * n; }); - * console.log(object.a[0].b.c); - * // => 9 - * - * _.update(object, 'x[0].y.z', function(n) { return n ? n + 1 : 0; }); - * console.log(object.x[0].y.z); - * // => 0 - */ - function update(object, path, updater) { - return object == null ? object : baseUpdate(object, path, castFunction(updater)); - } - - /** - * This method is like `_.update` except that it accepts `customizer` which is - * invoked to produce the objects of `path`. If `customizer` returns `undefined` - * path creation is handled by the method instead. The `customizer` is invoked - * with three arguments: (nsValue, key, nsObject). - * - * **Note:** This method mutates `object`. - * - * @static - * @memberOf _ - * @since 4.6.0 - * @category Object - * @param {Object} object The object to modify. - * @param {Array|string} path The path of the property to set. - * @param {Function} updater The function to produce the updated value. - * @param {Function} [customizer] The function to customize assigned values. - * @returns {Object} Returns `object`. - * @example - * - * var object = {}; - * - * _.updateWith(object, '[0][1]', _.constant('a'), Object); - * // => { '0': { '1': 'a' } } - */ - function updateWith(object, path, updater, customizer) { - customizer = typeof customizer == 'function' ? customizer : undefined; - return object == null ? object : baseUpdate(object, path, castFunction(updater), customizer); - } - - /** - * Creates an array of the own enumerable string keyed property values of `object`. - * - * **Note:** Non-object values are coerced to objects. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category Object - * @param {Object} object The object to query. - * @returns {Array} Returns the array of property values. - * @example - * - * function Foo() { - * this.a = 1; - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.values(new Foo); - * // => [1, 2] (iteration order is not guaranteed) - * - * _.values('hi'); - * // => ['h', 'i'] - */ - function values(object) { - return object == null ? [] : baseValues(object, keys(object)); - } - - /** - * Creates an array of the own and inherited enumerable string keyed property - * values of `object`. - * - * **Note:** Non-object values are coerced to objects. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category Object - * @param {Object} object The object to query. - * @returns {Array} Returns the array of property values. - * @example - * - * function Foo() { - * this.a = 1; - * this.b = 2; - * } - * - * Foo.prototype.c = 3; - * - * _.valuesIn(new Foo); - * // => [1, 2, 3] (iteration order is not guaranteed) - */ - function valuesIn(object) { - return object == null ? [] : baseValues(object, keysIn(object)); - } - - /*------------------------------------------------------------------------*/ - - /** - * Clamps `number` within the inclusive `lower` and `upper` bounds. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category Number - * @param {number} number The number to clamp. - * @param {number} [lower] The lower bound. - * @param {number} upper The upper bound. - * @returns {number} Returns the clamped number. - * @example - * - * _.clamp(-10, -5, 5); - * // => -5 - * - * _.clamp(10, -5, 5); - * // => 5 - */ - function clamp(number, lower, upper) { - if (upper === undefined) { - upper = lower; - lower = undefined; - } - if (upper !== undefined) { - upper = toNumber(upper); - upper = upper === upper ? upper : 0; - } - if (lower !== undefined) { - lower = toNumber(lower); - lower = lower === lower ? lower : 0; - } - return baseClamp(toNumber(number), lower, upper); - } - - /** - * Checks if `n` is between `start` and up to, but not including, `end`. If - * `end` is not specified, it's set to `start` with `start` then set to `0`. - * If `start` is greater than `end` the params are swapped to support - * negative ranges. - * - * @static - * @memberOf _ - * @since 3.3.0 - * @category Number - * @param {number} number The number to check. - * @param {number} [start=0] The start of the range. - * @param {number} end The end of the range. - * @returns {boolean} Returns `true` if `number` is in the range, else `false`. - * @see _.range, _.rangeRight - * @example - * - * _.inRange(3, 2, 4); - * // => true - * - * _.inRange(4, 8); - * // => true - * - * _.inRange(4, 2); - * // => false - * - * _.inRange(2, 2); - * // => false - * - * _.inRange(1.2, 2); - * // => true - * - * _.inRange(5.2, 4); - * // => false - * - * _.inRange(-3, -2, -6); - * // => true - */ - function inRange(number, start, end) { - start = toFinite(start); - if (end === undefined) { - end = start; - start = 0; - } else { - end = toFinite(end); - } - number = toNumber(number); - return baseInRange(number, start, end); - } - - /** - * Produces a random number between the inclusive `lower` and `upper` bounds. - * If only one argument is provided a number between `0` and the given number - * is returned. If `floating` is `true`, or either `lower` or `upper` are - * floats, a floating-point number is returned instead of an integer. - * - * **Note:** JavaScript follows the IEEE-754 standard for resolving - * floating-point values which can produce unexpected results. - * - * @static - * @memberOf _ - * @since 0.7.0 - * @category Number - * @param {number} [lower=0] The lower bound. - * @param {number} [upper=1] The upper bound. - * @param {boolean} [floating] Specify returning a floating-point number. - * @returns {number} Returns the random number. - * @example - * - * _.random(0, 5); - * // => an integer between 0 and 5 - * - * _.random(5); - * // => also an integer between 0 and 5 - * - * _.random(5, true); - * // => a floating-point number between 0 and 5 - * - * _.random(1.2, 5.2); - * // => a floating-point number between 1.2 and 5.2 - */ - function random(lower, upper, floating) { - if (floating && typeof floating != 'boolean' && isIterateeCall(lower, upper, floating)) { - upper = floating = undefined; - } - if (floating === undefined) { - if (typeof upper == 'boolean') { - floating = upper; - upper = undefined; - } else if (typeof lower == 'boolean') { - floating = lower; - lower = undefined; - } - } - if (lower === undefined && upper === undefined) { - lower = 0; - upper = 1; - } else { - lower = toFinite(lower); - if (upper === undefined) { - upper = lower; - lower = 0; - } else { - upper = toFinite(upper); - } - } - if (lower > upper) { - var temp = lower; - lower = upper; - upper = temp; - } - if (floating || lower % 1 || upper % 1) { - var rand = nativeRandom(); - return nativeMin( - lower + rand * (upper - lower + freeParseFloat('1e-' + ((rand + '').length - 1))), - upper - ); - } - return baseRandom(lower, upper); - } - - /*------------------------------------------------------------------------*/ - - /** - * Converts `string` to [camel case](https://en.wikipedia.org/wiki/CamelCase). - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category String - * @param {string} [string=''] The string to convert. - * @returns {string} Returns the camel cased string. - * @example - * - * _.camelCase('Foo Bar'); - * // => 'fooBar' - * - * _.camelCase('--foo-bar--'); - * // => 'fooBar' - * - * _.camelCase('__FOO_BAR__'); - * // => 'fooBar' - */ - var camelCase = createCompounder(function (result, word, index) { - word = word.toLowerCase(); - return result + (index ? capitalize(word) : word); - }); - - /** - * Converts the first character of `string` to upper case and the remaining - * to lower case. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category String - * @param {string} [string=''] The string to capitalize. - * @returns {string} Returns the capitalized string. - * @example - * - * _.capitalize('FRED'); - * // => 'Fred' - */ - function capitalize(string) { - return upperFirst(toString(string).toLowerCase()); - } - - /** - * Deburrs `string` by converting - * [Latin-1 Supplement](https://en.wikipedia.org/wiki/Latin-1_Supplement_(Unicode_block)#Character_table) - * and [Latin Extended-A](https://en.wikipedia.org/wiki/Latin_Extended-A) - * letters to basic Latin letters and removing - * [combining diacritical marks](https://en.wikipedia.org/wiki/Combining_Diacritical_Marks). - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category String - * @param {string} [string=''] The string to deburr. - * @returns {string} Returns the deburred string. - * @example - * - * _.deburr('déjà vu'); - * // => 'deja vu' - */ - function deburr(string) { - string = toString(string); - return string && string.replace(reLatin, deburrLetter).replace(reComboMark, ''); - } - - /** - * Checks if `string` ends with the given target string. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category String - * @param {string} [string=''] The string to inspect. - * @param {string} [target] The string to search for. - * @param {number} [position=string.length] The position to search up to. - * @returns {boolean} Returns `true` if `string` ends with `target`, - * else `false`. - * @example - * - * _.endsWith('abc', 'c'); - * // => true - * - * _.endsWith('abc', 'b'); - * // => false - * - * _.endsWith('abc', 'b', 2); - * // => true - */ - function endsWith(string, target, position) { - string = toString(string); - target = baseToString(target); - - var length = string.length; - position = position === undefined ? length : baseClamp(toInteger(position), 0, length); - - var end = position; - position -= target.length; - return position >= 0 && string.slice(position, end) == target; - } - - /** - * Converts the characters "&", "<", ">", '"', and "'" in `string` to their - * corresponding HTML entities. - * - * **Note:** No other characters are escaped. To escape additional - * characters use a third-party library like [_he_](https://mths.be/he). - * - * Though the ">" character is escaped for symmetry, characters like - * ">" and "/" don't need escaping in HTML and have no special meaning - * unless they're part of a tag or unquoted attribute value. See - * [Mathias Bynens's article](https://mathiasbynens.be/notes/ambiguous-ampersands) - * (under "semi-related fun fact") for more details. - * - * When working with HTML you should always - * [quote attribute values](http://wonko.com/post/html-escaping) to reduce - * XSS vectors. - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category String - * @param {string} [string=''] The string to escape. - * @returns {string} Returns the escaped string. - * @example - * - * _.escape('fred, barney, & pebbles'); - * // => 'fred, barney, & pebbles' - */ - function escape(string) { - string = toString(string); - return string && reHasUnescapedHtml.test(string) - ? string.replace(reUnescapedHtml, escapeHtmlChar) - : string; - } - - /** - * Escapes the `RegExp` special characters "^", "$", "\", ".", "*", "+", - * "?", "(", ")", "[", "]", "{", "}", and "|" in `string`. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category String - * @param {string} [string=''] The string to escape. - * @returns {string} Returns the escaped string. - * @example - * - * _.escapeRegExp('[lodash](https://lodash.com/)'); - * // => '\[lodash\]\(https://lodash\.com/\)' - */ - function escapeRegExp(string) { - string = toString(string); - return string && reHasRegExpChar.test(string) ? string.replace(reRegExpChar, '\\$&') : string; - } - - /** - * Converts `string` to - * [kebab case](https://en.wikipedia.org/wiki/Letter_case#Special_case_styles). - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category String - * @param {string} [string=''] The string to convert. - * @returns {string} Returns the kebab cased string. - * @example - * - * _.kebabCase('Foo Bar'); - * // => 'foo-bar' - * - * _.kebabCase('fooBar'); - * // => 'foo-bar' - * - * _.kebabCase('__FOO_BAR__'); - * // => 'foo-bar' - */ - var kebabCase = createCompounder(function (result, word, index) { - return result + (index ? '-' : '') + word.toLowerCase(); - }); - - /** - * Converts `string`, as space separated words, to lower case. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category String - * @param {string} [string=''] The string to convert. - * @returns {string} Returns the lower cased string. - * @example - * - * _.lowerCase('--Foo-Bar--'); - * // => 'foo bar' - * - * _.lowerCase('fooBar'); - * // => 'foo bar' - * - * _.lowerCase('__FOO_BAR__'); - * // => 'foo bar' - */ - var lowerCase = createCompounder(function (result, word, index) { - return result + (index ? ' ' : '') + word.toLowerCase(); - }); - - /** - * Converts the first character of `string` to lower case. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category String - * @param {string} [string=''] The string to convert. - * @returns {string} Returns the converted string. - * @example - * - * _.lowerFirst('Fred'); - * // => 'fred' - * - * _.lowerFirst('FRED'); - * // => 'fRED' - */ - var lowerFirst = createCaseFirst('toLowerCase'); - - /** - * Pads `string` on the left and right sides if it's shorter than `length`. - * Padding characters are truncated if they can't be evenly divided by `length`. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category String - * @param {string} [string=''] The string to pad. - * @param {number} [length=0] The padding length. - * @param {string} [chars=' '] The string used as padding. - * @returns {string} Returns the padded string. - * @example - * - * _.pad('abc', 8); - * // => ' abc ' - * - * _.pad('abc', 8, '_-'); - * // => '_-abc_-_' - * - * _.pad('abc', 3); - * // => 'abc' - */ - function pad(string, length, chars) { - string = toString(string); - length = toInteger(length); - - var strLength = length ? stringSize(string) : 0; - if (!length || strLength >= length) { - return string; - } - var mid = (length - strLength) / 2; - return createPadding(nativeFloor(mid), chars) + string + createPadding(nativeCeil(mid), chars); - } - - /** - * Pads `string` on the right side if it's shorter than `length`. Padding - * characters are truncated if they exceed `length`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category String - * @param {string} [string=''] The string to pad. - * @param {number} [length=0] The padding length. - * @param {string} [chars=' '] The string used as padding. - * @returns {string} Returns the padded string. - * @example - * - * _.padEnd('abc', 6); - * // => 'abc ' - * - * _.padEnd('abc', 6, '_-'); - * // => 'abc_-_' - * - * _.padEnd('abc', 3); - * // => 'abc' - */ - function padEnd(string, length, chars) { - string = toString(string); - length = toInteger(length); - - var strLength = length ? stringSize(string) : 0; - return length && strLength < length - ? string + createPadding(length - strLength, chars) - : string; - } - - /** - * Pads `string` on the left side if it's shorter than `length`. Padding - * characters are truncated if they exceed `length`. - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category String - * @param {string} [string=''] The string to pad. - * @param {number} [length=0] The padding length. - * @param {string} [chars=' '] The string used as padding. - * @returns {string} Returns the padded string. - * @example - * - * _.padStart('abc', 6); - * // => ' abc' - * - * _.padStart('abc', 6, '_-'); - * // => '_-_abc' - * - * _.padStart('abc', 3); - * // => 'abc' - */ - function padStart(string, length, chars) { - string = toString(string); - length = toInteger(length); - - var strLength = length ? stringSize(string) : 0; - return length && strLength < length - ? createPadding(length - strLength, chars) + string - : string; - } - - /** - * Converts `string` to an integer of the specified radix. If `radix` is - * `undefined` or `0`, a `radix` of `10` is used unless `value` is a - * hexadecimal, in which case a `radix` of `16` is used. - * - * **Note:** This method aligns with the - * [ES5 implementation](https://es5.github.io/#x15.1.2.2) of `parseInt`. - * - * @static - * @memberOf _ - * @since 1.1.0 - * @category String - * @param {string} string The string to convert. - * @param {number} [radix=10] The radix to interpret `value` by. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {number} Returns the converted integer. - * @example - * - * _.parseInt('08'); - * // => 8 - * - * _.map(['6', '08', '10'], _.parseInt); - * // => [6, 8, 10] - */ - function parseInt(string, radix, guard) { - if (guard || radix == null) { - radix = 0; - } else if (radix) { - radix = +radix; - } - return nativeParseInt(toString(string).replace(reTrimStart, ''), radix || 0); - } - - /** - * Repeats the given string `n` times. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category String - * @param {string} [string=''] The string to repeat. - * @param {number} [n=1] The number of times to repeat the string. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {string} Returns the repeated string. - * @example - * - * _.repeat('*', 3); - * // => '***' - * - * _.repeat('abc', 2); - * // => 'abcabc' - * - * _.repeat('abc', 0); - * // => '' - */ - function repeat(string, n, guard) { - if (guard ? isIterateeCall(string, n, guard) : n === undefined) { - n = 1; - } else { - n = toInteger(n); - } - return baseRepeat(toString(string), n); - } - - /** - * Replaces matches for `pattern` in `string` with `replacement`. - * - * **Note:** This method is based on - * [`String#replace`](https://mdn.io/String/replace). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category String - * @param {string} [string=''] The string to modify. - * @param {RegExp|string} pattern The pattern to replace. - * @param {Function|string} replacement The match replacement. - * @returns {string} Returns the modified string. - * @example - * - * _.replace('Hi Fred', 'Fred', 'Barney'); - * // => 'Hi Barney' - */ - function replace() { - var args = arguments, - string = toString(args[0]); - - return args.length < 3 ? string : string.replace(args[1], args[2]); - } - - /** - * Converts `string` to - * [snake case](https://en.wikipedia.org/wiki/Snake_case). - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category String - * @param {string} [string=''] The string to convert. - * @returns {string} Returns the snake cased string. - * @example - * - * _.snakeCase('Foo Bar'); - * // => 'foo_bar' - * - * _.snakeCase('fooBar'); - * // => 'foo_bar' - * - * _.snakeCase('--FOO-BAR--'); - * // => 'foo_bar' - */ - var snakeCase = createCompounder(function (result, word, index) { - return result + (index ? '_' : '') + word.toLowerCase(); - }); - - /** - * Splits `string` by `separator`. - * - * **Note:** This method is based on - * [`String#split`](https://mdn.io/String/split). - * - * @static - * @memberOf _ - * @since 4.0.0 - * @category String - * @param {string} [string=''] The string to split. - * @param {RegExp|string} separator The separator pattern to split by. - * @param {number} [limit] The length to truncate results to. - * @returns {Array} Returns the string segments. - * @example - * - * _.split('a-b-c', '-', 2); - * // => ['a', 'b'] - */ - function split(string, separator, limit) { - if (limit && typeof limit != 'number' && isIterateeCall(string, separator, limit)) { - separator = limit = undefined; - } - limit = limit === undefined ? MAX_ARRAY_LENGTH : limit >>> 0; - if (!limit) { - return []; - } - string = toString(string); - if (string && (typeof separator == 'string' || (separator != null && !isRegExp(separator)))) { - separator = baseToString(separator); - if (!separator && hasUnicode(string)) { - return castSlice(stringToArray(string), 0, limit); - } - } - return string.split(separator, limit); - } - - /** - * Converts `string` to - * [start case](https://en.wikipedia.org/wiki/Letter_case#Stylistic_or_specialised_usage). - * - * @static - * @memberOf _ - * @since 3.1.0 - * @category String - * @param {string} [string=''] The string to convert. - * @returns {string} Returns the start cased string. - * @example - * - * _.startCase('--foo-bar--'); - * // => 'Foo Bar' - * - * _.startCase('fooBar'); - * // => 'Foo Bar' - * - * _.startCase('__FOO_BAR__'); - * // => 'FOO BAR' - */ - var startCase = createCompounder(function (result, word, index) { - return result + (index ? ' ' : '') + upperFirst(word); - }); - - /** - * Checks if `string` starts with the given target string. - * - * @static - * @memberOf _ - * @since 3.0.0 - * @category String - * @param {string} [string=''] The string to inspect. - * @param {string} [target] The string to search for. - * @param {number} [position=0] The position to search from. - * @returns {boolean} Returns `true` if `string` starts with `target`, - * else `false`. - * @example - * - * _.startsWith('abc', 'a'); - * // => true - * - * _.startsWith('abc', 'b'); - * // => false - * - * _.startsWith('abc', 'b', 1); - * // => true - */ - function startsWith(string, target, position) { - string = toString(string); - position = position == null ? 0 : baseClamp(toInteger(position), 0, string.length); - - target = baseToString(target); - return string.slice(position, position + target.length) == target; - } - - /** - * Creates a compiled template function that can interpolate data properties - * in "interpolate" delimiters, HTML-escape interpolated data properties in - * "escape" delimiters, and execute JavaScript in "evaluate" delimiters. Data - * properties may be accessed as free variables in the template. If a setting - * object is given, it takes precedence over `_.templateSettings` values. - * - * **Note:** In the development build `_.template` utilizes - * [sourceURLs](http://www.html5rocks.com/en/tutorials/developertools/sourcemaps/#toc-sourceurl) - * for easier debugging. - * - * For more information on precompiling templates see - * [lodash's custom builds documentation](https://lodash.com/custom-builds). - * - * For more information on Chrome extension sandboxes see - * [Chrome's extensions documentation](https://developer.chrome.com/extensions/sandboxingEval). - * - * @static - * @since 0.1.0 - * @memberOf _ - * @category String - * @param {string} [string=''] The template string. - * @param {Object} [options={}] The options object. - * @param {RegExp} [options.escape=_.templateSettings.escape] - * The HTML "escape" delimiter. - * @param {RegExp} [options.evaluate=_.templateSettings.evaluate] - * The "evaluate" delimiter. - * @param {Object} [options.imports=_.templateSettings.imports] - * An object to import into the template as free variables. - * @param {RegExp} [options.interpolate=_.templateSettings.interpolate] - * The "interpolate" delimiter. - * @param {string} [options.sourceURL='lodash.templateSources[n]'] - * The sourceURL of the compiled template. - * @param {string} [options.variable='obj'] - * The data object variable name. - * @param- {Object} [guard] Enables use as an iteratee for methods like `_.map`. - * @returns {Function} Returns the compiled template function. - * @example - * - * // Use the "interpolate" delimiter to create a compiled template. - * var compiled = _.template('hello <%= user %>!'); - * compiled({ 'user': 'fred' }); - * // => 'hello fred!' - * - * // Use the HTML "escape" delimiter to escape data property values. - * var compiled = _.template('<%- value %>'); - * compiled({ 'value': '