From 3847309eca4516f9d90be2378343c512b123d792 Mon Sep 17 00:00:00 2001
From: Marco Ferrari <ferrari.marco@gmail.com>
Date: Wed, 3 Jan 2024 16:54:06 +0100
Subject: [PATCH] build: remove unneeded Node dependencies (#5093)

- Remove axios, immer, ini, lodash, node-fetch that were installed to
  run Trivy reports. We can remove them because we use the Trivy action.
- Remove the Trivy workflow that was disabled anyway.
---
 .github/workflows/trivy.yml                   | 47 ---------
 dependencies/package-lock.json                | 98 -------------------
 dependencies/package.json                     |  5 -
 .../super-linter/controls/super_linter.rb     |  5 -
 4 files changed, 155 deletions(-)
 delete mode 100644 .github/workflows/trivy.yml

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
deleted file mode 100644
index 6d65078d..00000000
--- a/.github/workflows/trivy.yml
+++ /dev/null
@@ -1,47 +0,0 @@
-# Disabling trivy scans while they get troubleshooting for failures
----
-name: Trivy Container Scan
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-  merge_group:
-
-permissions:
-  contents: read
-
-jobs:
-  scan-container:
-    permissions:
-      contents: read  # for actions/checkout to fetch code
-      security-events: write  # for github/codeql-action/upload-sarif to upload SARIF results
-    name: Build
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-    steps:
-      ######################
-      # Checkout code base #
-      ######################
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      #################################
-      # Run Trivy Scan of source code #
-      #################################
-      - name: Trivy Scan
-        uses: aquasecurity/trivy-action@master
-        with:
-          scan-type: 'fs'
-          format: 'template'
-          template: '@/contrib/sarif.tpl'
-          output: 'report.sarif'
-          severity: 'HIGH,CRITICAL'
-
-      #################################
-      # Upload report to security tab #
-      #################################
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: 'report.sarif'
diff --git a/dependencies/package-lock.json b/dependencies/package-lock.json
index 574d071e..d7d7d6c8 100644
--- a/dependencies/package-lock.json
+++ b/dependencies/package-lock.json
@@ -16,7 +16,6 @@
         "@typescript-eslint/eslint-plugin": "^5.60.0",
         "@typescript-eslint/parser": "^5.61.0",
         "asl-validator": "^3.8.2",
-        "axios": "^1.6.2",
         "eslint": "^8.56.0",
         "eslint-config-airbnb": "^19.0.4",
         "eslint-config-prettier": "^9.1.0",
@@ -30,14 +29,10 @@
         "eslint-plugin-vue": "^9.19.2",
         "gherkin-lint": "^4.2.4",
         "htmlhint": "^1.1.4",
-        "immer": "^10.0.3",
-        "ini": "^4.1.1",
         "jscpd": "^3.5.10",
-        "lodash": "^4.17.21",
         "markdownlint-cli": "^0.38.0",
         "next": "^14.0.4",
         "next-pwa": "^5.6.0",
-        "node-fetch": "^3.3.2",
         "npm-groovy-lint": "^14.0.1",
         "postcss-less": "^6.0.0",
         "prettier": "^3.1.1",
@@ -9377,14 +9372,6 @@
         "node": ">=8"
       }
     },
-    "node_modules/data-uri-to-buffer": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-4.0.0.tgz",
-      "integrity": "sha512-Vr3mLBA8qWmcuschSLAOogKgQ/Jwxulv3RNE4FXnYWRGujzrRWQI4m12fQqRkwX06C0KanhLr4hK+GydchZsaA==",
-      "engines": {
-        "node": ">= 12"
-      }
-    },
     "node_modules/debug": {
       "version": "4.3.4",
       "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz",
@@ -11440,28 +11427,6 @@
         "pend": "~1.2.0"
       }
     },
-    "node_modules/fetch-blob": {
-      "version": "3.1.5",
-      "resolved": "https://registry.npmjs.org/fetch-blob/-/fetch-blob-3.1.5.tgz",
-      "integrity": "sha512-N64ZpKqoLejlrwkIAnb9iLSA3Vx/kjgzpcDhygcqJ2KKjky8nCgUQ+dzXtbrLaWZGZNmNfQTsiQ0weZ1svglHg==",
-      "funding": [
-        {
-          "type": "github",
-          "url": "https://github.com/sponsors/jimmywarting"
-        },
-        {
-          "type": "paypal",
-          "url": "https://paypal.me/jimmywarting"
-        }
-      ],
-      "dependencies": {
-        "node-domexception": "^1.0.0",
-        "web-streams-polyfill": "^3.0.3"
-      },
-      "engines": {
-        "node": "^12.20 || >= 14.13"
-      }
-    },
     "node_modules/file-entry-cache": {
       "version": "6.0.1",
       "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz",
@@ -11696,17 +11661,6 @@
         "node": ">=0.4.x"
       }
     },
-    "node_modules/formdata-polyfill": {
-      "version": "4.0.10",
-      "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz",
-      "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==",
-      "dependencies": {
-        "fetch-blob": "^3.1.2"
-      },
-      "engines": {
-        "node": ">=12.20.0"
-      }
-    },
     "node_modules/fs-extra": {
       "version": "9.1.0",
       "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
@@ -12919,15 +12873,6 @@
       "resolved": "https://registry.npmjs.org/immediate/-/immediate-3.0.6.tgz",
       "integrity": "sha512-XXOFtyqDjNDAQxVfYxuF7g9Il/IbWmmlQg2MYKOH8ExIT1qg6xc4zyS3HaEEATgs1btfzxq15ciUiY7gjSXRGQ=="
     },
-    "node_modules/immer": {
-      "version": "10.0.3",
-      "resolved": "https://registry.npmjs.org/immer/-/immer-10.0.3.tgz",
-      "integrity": "sha512-pwupu3eWfouuaowscykeckFmVTpqbzW+rXFCX8rQLkZzM9ftBmU/++Ra+o+L27mz03zJTlyV4UUr+fdKNffo4A==",
-      "funding": {
-        "type": "opencollective",
-        "url": "https://opencollective.com/immer"
-      }
-    },
     "node_modules/import-fresh": {
       "version": "3.3.0",
       "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz",
@@ -15423,41 +15368,6 @@
         "tslib": "^2.0.3"
       }
     },
-    "node_modules/node-domexception": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/node-domexception/-/node-domexception-1.0.0.tgz",
-      "integrity": "sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==",
-      "funding": [
-        {
-          "type": "github",
-          "url": "https://github.com/sponsors/jimmywarting"
-        },
-        {
-          "type": "github",
-          "url": "https://paypal.me/jimmywarting"
-        }
-      ],
-      "engines": {
-        "node": ">=10.5.0"
-      }
-    },
-    "node_modules/node-fetch": {
-      "version": "3.3.2",
-      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-3.3.2.tgz",
-      "integrity": "sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==",
-      "dependencies": {
-        "data-uri-to-buffer": "^4.0.0",
-        "fetch-blob": "^3.1.4",
-        "formdata-polyfill": "^4.0.10"
-      },
-      "engines": {
-        "node": "^12.20.0 || ^14.13.1 || >=16.0.0"
-      },
-      "funding": {
-        "type": "opencollective",
-        "url": "https://opencollective.com/node-fetch"
-      }
-    },
     "node_modules/node-gyp": {
       "version": "10.0.1",
       "resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-10.0.1.tgz",
@@ -21016,14 +20926,6 @@
         "node": ">=10.13.0"
       }
     },
-    "node_modules/web-streams-polyfill": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.2.1.tgz",
-      "integrity": "sha512-e0MO3wdXWKrLbL0DgGnUV7WHVuw9OUvL4hjgnPkIeEvESk74gAITi5G606JtZPp39cd8HA9VQzCIvA49LpPN5Q==",
-      "engines": {
-        "node": ">= 8"
-      }
-    },
     "node_modules/webidl-conversions": {
       "version": "3.0.1",
       "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
diff --git a/dependencies/package.json b/dependencies/package.json
index a45ee4fd..839ad5e2 100644
--- a/dependencies/package.json
+++ b/dependencies/package.json
@@ -11,7 +11,6 @@
     "@typescript-eslint/eslint-plugin": "^5.60.0",
     "@typescript-eslint/parser": "^5.61.0",
     "asl-validator": "^3.8.2",
-    "axios": "^1.6.2",
     "eslint": "^8.56.0",
     "eslint-config-airbnb": "^19.0.4",
     "eslint-config-prettier": "^9.1.0",
@@ -25,14 +24,10 @@
     "eslint-plugin-vue": "^9.19.2",
     "gherkin-lint": "^4.2.4",
     "htmlhint": "^1.1.4",
-    "immer": "^10.0.3",
-    "ini": "^4.1.1",
     "jscpd": "^3.5.10",
-    "lodash": "^4.17.21",
     "markdownlint-cli": "^0.38.0",
     "next": "^14.0.4",
     "next-pwa": "^5.6.0",
-    "node-fetch": "^3.3.2",
     "npm-groovy-lint": "^14.0.1",
     "postcss-less": "^6.0.0",
     "prettier": "^3.1.1",
diff --git a/test/inspec/super-linter/controls/super_linter.rb b/test/inspec/super-linter/controls/super_linter.rb
index 4a540769..fb566d7d 100644
--- a/test/inspec/super-linter/controls/super_linter.rb
+++ b/test/inspec/super-linter/controls/super_linter.rb
@@ -302,7 +302,6 @@ control "super-linter-installed-npm-packages" do
     "@typescript-eslint/eslint-plugin",
     "@typescript-eslint/parser",
     "asl-validator",
-    "axios",
     "eslint",
     "eslint-config-airbnb",
     "eslint-config-prettier",
@@ -316,14 +315,10 @@ control "super-linter-installed-npm-packages" do
     "eslint-plugin-vue",
     "gherkin-lint",
     "htmlhint",
-    "immer",
-    "ini",
     "jscpd",
-    "lodash",
     "markdownlint-cli",
     "next",
     "next-pwa",
-    "node-fetch",
     "npm-groovy-lint",
     "postcss-less",
     "prettier",