Merge branch 'feat_update_node_and_deps' into 'develop'

Update Node.js dependencies

See merge request dojo/samourai-dojo!240

accounts/notifications-service.js

@@ -38,7 +38,7 @@ class NotificationsService {
 
     // Cache registering the most recent subscriptions received
     // Used to filter multiple subscriptions sent by external apps.
-    this.cacheSubs = LRU({
+    this.cacheSubs = new LRU({
       // Maximum number of subscriptions to store in cache
       // Estimate: 1000 clients with an average of 5 subscriptions
       max: 5000,

docker/my-dojo/explorer/Dockerfile

@@ -1,4 +1,4 @@
-FROM    node:12-alpine
+FROM    node:14-alpine
 
 ENV     NODE_ENV production
 

lib/bitcoin/addresses-helper.js

@@ -65,7 +65,7 @@ class AddressesHelper {
   verifySignature(msg, address, sig) {
     try {
       const prefix = activeNet.messagePrefix
-      return btcMessage.verify(msg, prefix, address, sig)
+      return btcMessage.verify(msg, address, sig, prefix)
     } catch(e) {
       return false
     }

lib/bitcoin/hd-accounts-helper.js

@@ -41,7 +41,7 @@ class HDAccountsHelper {
     this.MAGIC_VPUB = 0x045f1cf6
 
     // HD accounts cache
-    this.nodes = LRU({
+    this.nodes = new LRU({
       // Maximum number of nodes to store in cache
       max: 1000,
       // Function used to compute length of item

lib/bitcoind-rpc/headers.js

@@ -19,7 +19,7 @@ class Headers {
    */
   constructor() {
     // Cache
-    this.headers = LRU({
+    this.headers = new LRU({
       // Maximum number of headers to store in cache
       max: 2016,
       // Function used to compute length of item

lib/bitcoind-rpc/transactions.js

@@ -23,7 +23,7 @@ class Transactions {
    */
   constructor() {
     // Caches
-    this.prevCache = LRU({
+    this.prevCache = new LRU({
       // Maximum number of transactions to store
       max: 20000,
       // Function used to compute length of item

lib/http-server/http-server.js

@@ -7,6 +7,7 @@
 const { App } = require('@tinyhttp/app')
 const sirv = require('sirv')
 const helmet = require('helmet')
+const nocache = require('nocache')
 const Logger = require('../logger')
 const errors = require('../errors');
 
@@ -48,6 +49,7 @@ class HttpServer {
     this.app.use(HttpServer.requestLogger)
     this.app.use(HttpServer.setCrossOrigin)
     this.app.use(helmet(HttpServer.HELMET_POLICY))
+    this.app.use(nocache())
 
     this.app.use('/static', sirv('../static'));
 
@@ -218,16 +220,11 @@ HttpServer.HELMET_POLICY = {
       'style-src': ["'self'", "https:", "'unsafe-inline'"],
       'media-src': ["'self'", 'data:'],
     },
-    'browserSniff': false,
-    'disableAndroid': true
   },
   'dnsPrefetchControl': true,
   'frameguard': true,
   'hidePoweredBy': true,
-  'hpkp': false,
-  'hsts': true,
   'ieNoOpen': true,
-  'noCache': true,
   'noSniff': true,
   'referrerPolicy': true,
   'xssFilter': true

package.json

@@ -14,31 +14,32 @@
   "license": "AGPL-3.0-only",
   "homepage": "https://code.samourai.io/dojo/samourai-dojo",
   "dependencies": {
-    "@tinyhttp/app": "1.3.3",
+    "@tinyhttp/app": "1.3.15",
-    "async-sema": "2.1.2",
+    "async-sema": "3.1.0",
     "axios": "0.21.1",
-    "bip39": "2.4.0",
+    "bip39": "3.0.4",
     "bitcoinjs-lib": "5.2.0",
-    "bitcoinjs-message": "1.0.1",
+    "bitcoinjs-message": "2.2.0",
     "body-parser": "1.19.0",
-    "helmet": "3.23.3",
+    "helmet": "4.6.0",
     "jsonwebtoken": "8.5.1",
     "lodash": "4.17.21",
-    "lru-cache": "4.0.2",
+    "lru-cache": "6.0.0",
     "make-concurrent": "5.3.0",
     "minimist": "1.2.5",
     "mysql": "2.18.1",
+    "nocache": "3.0.1",
     "passport": "0.4.1",
     "passport-localapikey-update": "0.6.0",
     "rpc-bitcoin": "2.0.0",
-    "sirv": "1.0.11",
+    "sirv": "1.0.12",
-    "socks-proxy-agent": "4.0.1",
+    "socks-proxy-agent": "6.0.0",
-    "validator": "10.8.0",
+    "validator": "13.6.0",
     "websocket": "1.0.34",
-    "workerpool": "6.1.4",
+    "workerpool": "6.1.5",
     "zeromq": "4.2.0"
   },
   "devDependencies": {
-    "mocha": "^7.1.1"
+    "mocha": "9.0.3"
   }
 }

pushtx/orchestrator.js

@@ -5,7 +5,7 @@
 'use strict'
 
 const zmq = require('zeromq')
-const Sema = require('async-sema')
+const { Sema } = require('async-sema')
 const Logger = require('../lib/logger')
 const db = require('../lib/db/mysql-db-wrapper')
 const { createRpcClient, isConnectionError } = require('../lib/bitcoind-rpc/rpc-client')

test/lib/bitcoin/addresses-helper-test.js

@@ -149,7 +149,7 @@ describe('AddressesHelper', function() {
           const targetSig = Buffer.from(stc[1], 'hex')
           const expectedResult = stc[2]
 
-          const sig = btcMessage.sign(msg, prefix, privKey, true)
+          const sig = btcMessage.sign(msg, privKey, true, prefix)
 
           // Check that library returns valid result
           assert((sig.compare(targetSig) == 0) == expectedResult)

tracker/blockchain-processor.js

@@ -6,7 +6,7 @@
 
 const _ = require('lodash')
 const zmq = require('zeromq')
-const Sema = require('async-sema')
+const { Sema } = require('async-sema')
 const util = require('../lib/util')
 const Logger = require('../lib/logger')
 const db = require('../lib/db/mysql-db-wrapper')

tracker/blocks-processor.js

@@ -5,7 +5,7 @@
 'use strict'
 
 const os = require('os')
-const Sema = require('async-sema')
+const { Sema } = require('async-sema')
 const { Worker } = require('worker_threads')
 const Logger = require('../lib/logger')
 const util = require('../lib/util')

tracker/transactions-bundle.js

@@ -187,7 +187,7 @@ class TransactionsBundle {
  * Additionally, the transaction comes in a block
  * Orphaned transactions are deleted during the routine check
  */
-TransactionsBundle.cache = LRU({
+TransactionsBundle.cache = new LRU({
   // Maximum number of txids to store in cache
   max: 100000,
   // Function used to compute length of item