fix: update passport-saml dependency + set cert as required

2 years ago · 2cb7b9fb4e
3 changed files with 842 additions and 500 deletions
--- a/package.json
+++ b/package.json
@ -36,24 +36,24 @@
    "node": ">=10.12"
  },
  "dependencies": {
-    "@azure/storage-blob": "12.2.1",
+    "@azure/storage-blob": "12.9.0",
    "@exlinc/keycloak-passport": "1.0.2",
    "@joplin/turndown-plugin-gfm": "1.0.43",
    "@root/csr": "0.8.1",
    "@root/keypairs": "0.10.3",
    "@root/pem": "1.0.4",
    "acme": "3.0.3",
-    "akismet-api": "5.2.1",
+    "akismet-api": "5.3.0",
    "algoliasearch": "4.5.1",
    "apollo-fetch": "0.7.0",
    "apollo-server": "2.25.2",
    "apollo-server-express": "2.25.2",
    "auto-load": "3.0.4",
-    "aws-sdk": "2.1043.0",
+    "aws-sdk": "2.1125.0",
    "azure-search-client": "3.1.5",
    "bcryptjs-then": "1.0.1",
    "bluebird": "3.7.2",
-    "body-parser": "1.19.1",
+    "body-parser": "1.20.0",
    "chalk": "4.1.0",
    "cheerio": "1.0.0-rc.5",
    "chokidar": "3.5.3",
@ -75,7 +75,7 @@
    "elasticsearch7": "npm:@elastic/elasticsearch@7",
    "emoji-regex": "9.2.2",
    "eventemitter2": "6.4.5",
-    "express": "4.17.2",
+    "express": "4.18.1",
    "express-brute": "1.0.1",
    "express-session": "1.17.2",
    "file-type": "15.0.1",
@ -118,8 +118,8 @@
    "markdown-it-sup": "1.0.0",
    "markdown-it-task-lists": "2.1.1",
    "mathjax": "3.1.2",
-    "mime-types": "2.1.34",
-    "moment": "2.29.1",
+    "mime-types": "2.1.35",
+    "moment": "2.29.3",
    "moment-timezone": "0.5.31",
    "mongodb": "3.6.5",
    "ms": "2.1.3",
@ -129,7 +129,7 @@
    "nanoid": "3.2.0",
    "node-2fa": "1.1.2",
    "node-cache": "5.1.2",
-    "nodemailer": "6.7.2",
+    "nodemailer": "6.7.4",
    "objection": "2.2.18",
    "passport": "0.4.1",
    "passport-auth0": "1.4.2",
@ -142,13 +142,13 @@
    "passport-gitlab2": "5.0.0",
    "passport-google-oauth20": "2.0.0",
    "passport-jwt": "4.0.0",
-    "passport-ldapauth": "2.1.4",
+    "passport-ldapauth": "3.0.1",
    "passport-local": "1.0.0",
    "passport-microsoft": "0.1.0",
    "passport-oauth2": "1.6.1",
    "passport-okta-oauth": "0.0.1",
    "passport-openidconnect": "0.0.2",
-    "passport-saml": "1.3.5",
+    "passport-saml": "3.2.1",
    "passport-slack-oauth2": "1.1.1",
    "passport-twitch-oauth": "1.0.0",
    "pem-jwk": "2.0.0",
@ -167,11 +167,11 @@
    "safe-regex": "2.1.1",
    "sanitize-filename": "1.6.3",
    "scim-query-filter-parser": "2.0.4",
-    "semver": "7.3.5",
+    "semver": "7.3.7",
    "serve-favicon": "2.5.0",
    "simple-git": "2.21.0",
    "solr-node": "1.2.1",
-    "sqlite3": "5.0.2",
+    "sqlite3": "5.0.6",
    "ssh2": "1.5.0",
    "ssh2-promise": "1.0.2",
    "striptags": "3.2.0",
@ -183,7 +183,7 @@
    "uuid": "8.3.2",
    "validate.js": "0.13.1",
    "winston": "3.3.3",
-    "xss": "1.0.10",
+    "xss": "1.0.11",
    "yargs": "16.1.0"
  },
  "devDependencies": {
@ -225,10 +225,10 @@
    "babel-plugin-transform-imports": "2.0.0",
    "cache-loader": "4.1.0",
    "canvas-confetti": "1.3.1",
-    "cash-dom": "8.1.0",
+    "cash-dom": "8.1.1",
    "chart.js": "2.9.4",
    "clean-webpack-plugin": "3.0.0",
-    "clipboard": "2.0.8",
+    "clipboard": "2.0.10",
    "codemirror": "5.58.2",
    "copy-webpack-plugin": "6.2.1",
    "core-js": "3.6.5",
@ -249,7 +249,7 @@
    "eslint-plugin-vue": "7.1.0",
    "file-loader": "6.1.1",
    "filepond": "4.21.1",
-    "filepond-plugin-file-validate-type": "1.2.6",
+    "filepond-plugin-file-validate-type": "1.2.7",
    "filesize.js": "2.0.0",
    "graphql-persisted-document-loader": "2.0.0",
    "graphql-tag": "2.11.0",
@ -276,7 +276,7 @@
    "postcss-import": "12.0.1",
    "postcss-loader": "3.0.0",
    "postcss-preset-env": "6.7.0",
-    "postcss-selector-parser": "6.0.9",
+    "postcss-selector-parser": "6.0.10",
    "prismjs": "1.22.0",
    "pug-lint": "2.6.0",
    "pug-loader": "2.4.0",
--- a/server/modules/authentication/saml/definition.yml
+++ b/server/modules/authentication/saml/definition.yml
@ -21,12 +21,12 @@ props:
  audience:
    type: String
    title: Audience
-    hint: (Optional) - Expected SAML response Audience (if not provided, Audience won't be verified)
+    hint: Expected SAML response Audience (if not provided, audience won't be verified)
    order: 3
  cert:
    type: String
    title: Certificate
-    hint: (Optional) - Public PEM-encoded X.509 signing certificate. If the provider has multiple certificates that are valid, join them together using the | pipe symbol.
+    hint: Public PEM-encoded X.509 signing certificate. If the provider has multiple certificates that are valid, join them together using the | pipe symbol.
    multiline: true
    order: 4
  privateCert:
--- a/yarn.lock
+++ b/yarn.lock