build(deps): bump formidable from 2.1.2 to 3.5.0 in /src (#5796)

* build(deps): bump formidable from 2.1.2 to 3.5.0 in /src

Bumps [formidable](https://github.com/node-formidable/formidable) from 2.1.2 to 3.5.0.
- [Release notes](https://github.com/node-formidable/formidable/releases)
- [Changelog](https://github.com/node-formidable/formidable/blob/master/CHANGELOG.md)
- [Commits](https://github.com/node-formidable/formidable/commits/v3.5.0)

---
updated-dependencies:
- dependency-name: formidable
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* formidable migration

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: John McLear <john@mclear.co.uk>
pull/5863/head
dependabot[bot] 2023-08-05 15:48:23 +02:00 committed by GitHub
parent 24720abdc8
commit 4da66d19dc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 64 additions and 38 deletions

View File

@ -89,24 +89,24 @@ const doImport = async (req, res, padId, authorId) => {
maxFileSize: settings.importMaxFileSize,
});
// locally wrapped Promise, since form.parse requires a callback
let srcFile = await new Promise((resolve, reject) => {
form.parse(req, (err, fields, files) => {
if (err != null) {
logger.warn(`Import failed due to form error: ${err.stack || err}`);
// I hate doing indexOf here but I can't see anything to use...
if (err && err.stack && err.stack.indexOf('maxFileSize') !== -1) {
return reject(new ImportError('maxFileSize'));
}
return reject(new ImportError('uploadFailed'));
}
if (!files.file) {
logger.warn('Import failed because form had no file');
return reject(new ImportError('uploadFailed'));
}
resolve(files.file.filepath);
});
});
let srcFile;
let files;
let fields;
try {
[fields, files] = await form.parse(req);
} catch (err) {
logger.warn(`Import failed due to form error: ${err.stack || err}`);
if (err.code === Formidable.formidableErrors.biggerThanMaxFileSize) {
throw new ImportError('maxFileSize');
}
throw new ImportError('uploadFailed');
}
if (!files.file) {
logger.warn('Import failed because form had no file');
throw new ImportError('uploadFailed');
} else {
srcFile = files.file[0].filepath;
}
// ensure this is a file ending we know, else we change the file ending to .txt
// this allows us to accept source code files like .c or .java

View File

@ -8,20 +8,19 @@ const util = require('util');
exports.expressPreSession = async (hookName, {app}) => {
// The Etherpad client side sends information about how a disconnect happened
app.post('/ep/pad/connection-diagnostic-info', (req, res) => {
new Formidable().parse(req, (err, fields, files) => {
clientLogger.info(`DIAGNOSTIC-INFO: ${fields.diagnosticInfo}`);
res.end('OK');
});
app.post('/ep/pad/connection-diagnostic-info', async (req, res) => {
const [fields, files] = await (new Formidable({})).parse(req);
clientLogger.info(`DIAGNOSTIC-INFO: ${fields.diagnosticInfo}`);
res.end('OK');
});
const parseJserrorForm = async (req) => await new Promise((resolve, reject) => {
const parseJserrorForm = async (req) => {
const form = new Formidable({
maxFileSize: 1, // Files are not expected. Not sure if 0 means unlimited, so 1 is used.
});
form.on('error', (err) => reject(err));
form.parse(req, (err, fields) => err != null ? reject(err) : resolve(fields.errorInfo));
});
const [fields, files] = await form.parse(req);
return fields.errorInfo;
};
// The Etherpad client side sends information about client side javscript errors
app.post('/jserror', (req, res, next) => {

View File

@ -15,8 +15,7 @@
*/
const OpenAPIBackend = require('openapi-backend').default;
const formidable = require('formidable');
const {promisify} = require('util');
const IncomingForm = require('formidable').IncomingForm;
const cloneDeep = require('lodash.clonedeep');
const createHTTPError = require('http-errors');
@ -596,9 +595,13 @@ exports.expressPreSession = async (hookName, {app}) => {
// read form data if method was POST
let formData = {};
if (c.request.method === 'post') {
const form = new formidable.IncomingForm();
const parseForm = promisify(form.parse).bind(form);
formData = await parseForm(req);
const form = new IncomingForm();
formData = (await form.parse(req))[0];
for (const k of Object.keys(formData)) {
if (formData[k] instanceof Array) {
formData[k] = formData[k][0];
}
}
}
const fields = Object.assign({}, header, params, query, formData);

34
src/package-lock.json generated
View File

@ -3312,6 +3312,20 @@
"qs": "^6.10.3",
"readable-stream": "^3.6.0",
"semver": "^7.3.7"
},
"dependencies": {
"formidable": {
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/formidable/-/formidable-2.1.2.tgz",
"integrity": "sha512-CM3GuJ57US06mlpQ47YcunuUZ9jpm8Vx+P2CGt2j7HpgkKZO/DJYQ0Bobim8G6PFQmK5lOqOOdUXboU+h73A4g==",
"dev": true,
"requires": {
"dezalgo": "^1.0.4",
"hexoid": "^1.0.0",
"once": "^1.4.0",
"qs": "^6.11.0"
}
}
}
}
}
@ -3644,14 +3658,13 @@
}
},
"formidable": {
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/formidable/-/formidable-2.1.2.tgz",
"integrity": "sha512-CM3GuJ57US06mlpQ47YcunuUZ9jpm8Vx+P2CGt2j7HpgkKZO/DJYQ0Bobim8G6PFQmK5lOqOOdUXboU+h73A4g==",
"version": "3.5.0",
"resolved": "https://registry.npmjs.org/formidable/-/formidable-3.5.0.tgz",
"integrity": "sha512-WwsMWvPmY+Kv37C3+KP3A+2Ym1aZoac4nz4ZEe5z0UPBoCg0O/wHay3eeYkZr4KJIbCzpSUeno+STMhde+KCfw==",
"requires": {
"dezalgo": "^1.0.4",
"hexoid": "^1.0.0",
"once": "^1.4.0",
"qs": "^6.11.0"
"once": "^1.4.0"
}
},
"forwarded": {
@ -10598,6 +10611,17 @@
"ms": "2.1.2"
}
},
"formidable": {
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/formidable/-/formidable-2.1.2.tgz",
"integrity": "sha512-CM3GuJ57US06mlpQ47YcunuUZ9jpm8Vx+P2CGt2j7HpgkKZO/DJYQ0Bobim8G6PFQmK5lOqOOdUXboU+h73A4g==",
"requires": {
"dezalgo": "^1.0.4",
"hexoid": "^1.0.0",
"once": "^1.4.0",
"qs": "^6.11.0"
}
},
"mime": {
"version": "2.6.0",
"resolved": "https://registry.npmjs.org/mime/-/mime-2.6.0.tgz",

View File

@ -43,7 +43,7 @@
"express-session": "npm:@etherpad/express-session@^1.18.2",
"fast-deep-equal": "^3.1.3",
"find-root": "1.1.0",
"formidable": "^2.1.2",
"formidable": "^3.5.0",
"http-errors": "^2.0.0",
"js-cookie": "^3.0.5",
"jsdom": "^20.0.0",