InseeFr · RenauxLeaInsee · Feb 16, 2023 · Mar 29, 2023 · Jun 1, 2023 · Jul 31, 2023
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -6,27 +6,33 @@ on:
       - "*"
 
 jobs:
-  install:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Use Node.js 14C
-        uses: actions/setup-node@v1
-        with:
-          node-version: 14
-      - run: yarn --frozen-lockfile
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - name: Use Node.js 14
-        uses: actions/setup-node@v1
+      - uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 10
+
+      - name: Use Node.js
+        uses: actions/setup-node@v4
         with:
-          node-version: 14
-      - run: yarn
-      - run: yarn run test
-      - run: yarn build
+          node-version: 20
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Test
+        run: pnpm test
+
+      - name: Build
+        run: pnpm build
+
       - name: Upload build
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: build
-          path: build
+          path: build
diff --git a/.github/workflows/develop-release.yml b/.github/workflows/develop-release.yml
@@ -11,31 +11,27 @@ jobs:
   install:
     runs-on: ubuntu-latest
     steps:
-      - name: Use Node.js 14C
-        uses: actions/setup-node@v1
-        with:
-          node-version: 14
-      - run: yarn --frozen-lockfile
+      - name: Use Node.js
+        uses: actions/setup-node@v4
+      - run: pnpm --frozen-lockfile
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - name: Use Node.js 14
-        uses: actions/setup-node@v1
-        with:
-          node-version: 14
-      - run: yarn
-      - run: yarn build
+      - uses: actions/checkout@v4
+      - name: Use Node.js
+        uses: actions/setup-node@v4
+      - run: pnpm run
+      - run: pnpm build
       - name: Upload build
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: build
           path: build
   release:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout current branch
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       - name: Get current version
         id: version
         uses: notiz-dev/github-action-json-property@release

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -8,34 +8,39 @@ on:
       - '*'
 
 jobs:
-  install:
+  install-and-build:
     runs-on: ubuntu-latest
     steps:
-      - name: Use Node.js 14C
-        uses: actions/setup-node@v1
+      - uses: actions/checkout@v4
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
         with:
-          node-version: 14
-      - run: yarn --frozen-lockfile
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Use Node.js 14
-        uses: actions/setup-node@v1
+          version: 10
+
+      - name: Use Node.js
+        uses: actions/setup-node@v4
         with:
-          node-version: 14
-      - run: yarn
-      - run: yarn build
+          node-version: 20
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Build
+        run: pnpm build
+
       - name: Upload build
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: build
           path: build
+
   release:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout current branch
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       - name: Get current version
         id: version
         uses: notiz-dev/github-action-json-property@release
@@ -53,29 +58,33 @@ jobs:
           release_name: ${{steps.version.outputs.prop}}
           draft: false
           prerelease: false
+
   docker:
-    needs: build
+    needs: install-and-build
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
+
       - name: Download build
         id: download
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v4
         with:
           name: build
           path: build
+
       - name: Get current version
         id: version
         uses: notiz-dev/github-action-json-property@release
         with:
           path: 'package.json'
           prop_path: 'version'
+
       - run: echo ${{steps.version.outputs.prop}}
+
       - name: Publish to Registry
         uses: elgohr/Publish-Docker-Github-Action@master
         with:
           name: inseefr/moog
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-          tags: ${{steps.version.outputs.prop}}
-
+          tags: ${{steps.version.outputs.prop}}
diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml
@@ -10,11 +10,11 @@ jobs:
     name: SonarCloud
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
       - name: SonarCloud Scan
-        uses: SonarSource/sonarcloud-github-action@master
+        uses: SonarSource/sonarcloud-github-action@ffc3010689be73b8e5ae0c57ce35968afd7909e8
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -0,0 +1,32 @@
+name: Trivy Analysis
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  build:
+    name: Build and analyze
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: 21
+          distribution: 'temurin'
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2
+        env:
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
+        with:
+          format: 'table'
+          scan-type: 'repo'
+          exit-code: '1'
+          vuln-type: 'os,library'
+          severity: 'CRITICAL'
diff --git a/.gitignore b/.gitignore
@@ -16,7 +16,6 @@
 .env.test.local
 .env.production.local
 *.zip
-*.lock
 
 npm-debug.log*
 yarn-debug.log*

diff --git a/jsconfig.json b/jsconfig.json
@@ -0,0 +1,5 @@
+{
+    "compilerOptions": {
+      "baseUrl": "src"
+    }
+  }
diff --git a/package.json b/package.json
@@ -1,37 +1,35 @@
 {
   "name": "front-moog",
-  "version": "2.2.6",
+  "version": "2.3.0",
   "private": true,
   "dependencies": {
-    "@vtex/react-csv-parse": "^3.0.2",
-    "axios": "^0.18.1",
+    "axios": "^0.30.2",
     "babel-polyfill": "^6.23.0",
+    "eslint": "^8.57.0",
     "file-saver": "^2.0.5",
     "json2csv": "^5.0.5",
-    "keycloak-js": "^18.0.0",
-    "papaparse": "^4.6.2",
+    "keycloak-js": "26.0.5",
+    "papaparse": "^5.2.0",
     "prop-types": "^15.7.2",
     "react": "^16.14.0",
     "react-csv": "^1.1.2",
-    "react-csv-reader": "^1.3.1",
     "react-dom": "^16.14.0",
-    "react-js-pagination": "^3.0.2",
+    "react-js-pagination": "^3.0.3",
     "react-loading": "^2.0.3",
     "react-redux": "^6.0.1",
     "react-responsive-modal": "^3.5.1",
     "react-router": "^3.2.6",
     "react-router-dom": "^4.3.1",
-    "react-scripts": "2.0.5",
+    "react-scripts": "5.0.1",
     "redux": "^4.0.5",
     "redux-logger": "^3.0.6",
     "redux-thunk": "^2.3.0",
     "tachyons-components": "^1.0.1"
   },
   "scripts": {
-    "start": "cross-env NODE_PATH=src/ react-scripts start ",
-    "build": "cross-env NODE_PATH=src/ react-scripts build",
-    "test": "cross-env NODE_PATH=src/ react-scripts test",
-    "eject": "react-scripts eject"
+    "start": "cross-env NODE_PATH=src/  react-scripts --openssl-legacy-provider start ",
+    "build": "cross-env NODE_PATH=src/ react-scripts --openssl-legacy-provider build",
+    "test": "cross-env NODE_PATH=src/ react-scripts --openssl-legacy-provider test"
   },
   "eslintConfig": {
     "extends": "react-app"
@@ -43,16 +41,17 @@
     "not op_mini all"
   ],
   "devDependencies": {
-    "bestzip": "^2.1.7",
-    "copy-and-watch": "^0.1.5",
-    "cross-env": "^5.2.1",
+    "cross-env": "^7.0.3",
     "eslint-config-airbnb": "^17.1.1",
     "eslint-config-prettier": "^3.6.0",
     "eslint-plugin-import": "^2.22.1",
     "eslint-plugin-jsx-a11y": "^6.4.1",
     "eslint-plugin-prettier": "^3.1.4",
-    "eslint-plugin-react": "^7.21.5",
-    "ftp-deploy": "^2.3.8",
+    "eslint-plugin-react": "^7.37.1",
     "prettier": "^1.19.1"
+  },
+    "resolutions": {
+    "tar": "^6.1.9",
+    "nth-check": "2.1.1"
   }
 }