chore: Update all non-major dependencies (v3.x.x) (#3904)

Signed-off-by: Renovate Bot <[email protected]>
Signed-off-by: Pavel Jareš <[email protected]>
Signed-off-by: Andrea Tabone <[email protected]>
Co-authored-by: Renovate Bot <[email protected]>
Co-authored-by: Pavel Jareš <[email protected]>
Co-authored-by: Pavel Jareš <[email protected]>
Co-authored-by: Andrea Tabone <[email protected]>

.github/workflows/integration-tests.yml

@@ -69,7 +69,7 @@ jobs:
                     SERVER_MAX_HTTP_REQUEST_HEADER_SIZE: 16348
                     SERVER_WEBSOCKET_REQUESTBUFFERSIZE: 16348
                     APIML_GATEWAY_SERVICESTOLIMITREQUESTRATE: discoverableclient
-                    APIML_GATEWAY_ROUTING_COOKIENAMEFORRATELIMIT: apimlAuthenticationToken
+                    APIML_GATEWAY_COOKIENAMEFORRATELIMIT: apimlAuthenticationToken
             zaas-service:
                 image: ghcr.io/balhar-jakub/zaas-service:${{ github.run_id }}-${{ github.run_number }}
                 env:

api-catalog-services/src/main/java/org/zowe/apiml/apicatalog/config/WebConfig.java

@@ -30,7 +30,7 @@ public void addResourceHandlers(ResourceHandlerRegistry registry) {
             .noStore()
             .cachePrivate()
             .mustRevalidate())
-        .addResourceLocations("/static/index.html", "classpath:/static/index.html");
+        .addResourceLocations("/static/", "classpath:/static/");
 
         registry
         .addResourceHandler("/static/**")
@@ -40,6 +40,6 @@ public void addResourceHandlers(ResourceHandlerRegistry registry) {
         registry
         .addResourceHandler("/resources/**")
         .setCacheControl(CacheControl.maxAge(Duration.ofDays(365L)))
-        .addResourceLocations("/resources/**", "/resources/static/**", "/resources/templates/**");
+        .addResourceLocations("/resources/", "/resources/static/", "/resources/templates/");
     }
 }

api-catalog-ui/frontend/package.json

@@ -6,8 +6,8 @@
     "dependencies": {
         "@emotion/core": "11.0.0",
         "@emotion/is-prop-valid": "1.3.1",
-        "@emotion/react": "11.13.3",
-        "@emotion/styled": "11.13.0",
+        "@emotion/react": "11.14.0",
+        "@emotion/styled": "11.14.0",
         "@eslint/migrate-config": "^1.3.1",
         "@jest/globals": "29.7.0",
         "@material-ui/core": "4.12.4",
@@ -17,13 +17,13 @@
         "@react-loadable/revised": "1.5.0",
         "@types/enzyme": "3.10.18",
         "@types/jest": "29.5.14",
-        "@types/react": "18.3.12",
-        "agentkeepalive": "4.5.0",
+        "@types/react": "18.3.18",
+        "agentkeepalive": "4.6.0",
         "buffer": "6.0.3",
         "emotion-theming": "11.0.0",
         "exception-formatter": "2.1.2",
-        "graphiql": "3.7.2",
-        "graphql": "16.9.0",
+        "graphiql": "3.8.3",
+        "graphql": "16.10.0",
         "graphql-ws": "^5.16.0",
         "history": "4.10.1",
         "htmr": "1.0.2",
@@ -36,8 +36,8 @@
         "react": "18.3.1",
         "react-app-polyfill": "3.0.0",
         "react-dom": "18.3.1",
-        "react-hook-form": "7.53.2",
-        "react-redux": "9.1.2",
+        "react-hook-form": "7.54.2",
+        "react-redux": "9.2.0",
         "react-router-dom": "5.3.4",
         "react-toastify": "10.0.6",
         "redux": "5.0.1",
@@ -48,7 +48,7 @@
         "redux-persist-transform-filter": "0.0.22",
         "redux-thunk": "3.1.0",
         "rxjs": "7.8.1",
-        "sass": "1.80.7",
+        "sass": "1.83.1",
         "stream": "0.0.3",
         "swagger-ui-react": "5.18.2",
         "url": "0.11.4",
@@ -84,25 +84,25 @@
         "@babel/eslint-parser": "7.25.9",
         "@babel/plugin-proposal-private-property-in-object": "7.21.11",
         "@babel/preset-env": "7.26.0",
-        "@babel/preset-react": "7.25.9",
+        "@babel/preset-react": "7.26.3",
         "@cfaester/enzyme-adapter-react-18": "0.8.0",
-        "@eslint/compat": "1.2.2",
-        "@eslint/js": "9.14.0",
+        "@eslint/compat": "1.2.4",
+        "@eslint/js": "9.17.0",
         "@testing-library/dom": "10.4.0",
         "@testing-library/jest-dom": "6.6.3",
-        "@testing-library/react": "16.0.1",
+        "@testing-library/react": "16.1.0",
         "@testing-library/user-event": "14.5.2",
         "ajv": "8.17.1",
         "ansi-regex": "6.1.0",
         "body-parser": "1.20.3",
-        "caniuse-lite": "1.0.30001680",
-        "concurrently": "9.1.0",
+        "caniuse-lite": "1.0.30001690",
+        "concurrently": "9.1.2",
         "cors": "2.8.5",
         "cross-env": "7.0.3",
-        "cypress": "13.15.2",
+        "cypress": "13.17.0",
         "cypress-file-upload": "5.0.8",
         "enzyme": "3.11.0",
-        "eslint": "9.14.0",
+        "eslint": "9.17.0",
         "eslint-config-airbnb": "19.0.4",
         "eslint-config-prettier": "9.1.0",
         "eslint-plugin-cypress": "4.1.0",
@@ -111,9 +111,9 @@
         "eslint-plugin-import": "2.31.0",
         "eslint-plugin-jsx-a11y": "6.10.2",
         "eslint-plugin-prettier": "5.2.1",
-        "eslint-plugin-react": "7.37.2",
-        "express": "4.21.1",
-        "globals": "15.12.0",
+        "eslint-plugin-react": "7.37.3",
+        "express": "4.21.2",
+        "globals": "15.14.0",
         "html-loader": "5.1.0",
         "jest": "29.7.0",
         "jest-environment-enzyme": "7.1.2",
@@ -124,9 +124,9 @@
         "jest-watch-typeahead": "2.2.2",
         "json-schema": "0.4.0",
         "mini-css-extract-plugin": "2.9.2",
-        "nodemon": "3.1.7",
+        "nodemon": "3.1.9",
         "nth-check": "2.1.1",
-        "prettier": "3.3.3",
+        "prettier": "3.4.2",
         "prop-types": "15.8.1",
         "querystring-es3": "0.2.1",
         "react-app-rewired": "2.2.1",
@@ -135,26 +135,27 @@
         "redux-mock-store": "1.5.5",
         "rimraf": "6.0.1",
         "source-map-explorer": "2.5.3",
-        "start-server-and-test": "2.0.8",
+        "start-server-and-test": "2.0.9",
         "tmpl": "1.0.5",
         "undici": "6.19.8",
-        "yaml": "2.6.0"
+        "yaml": "2.7.0"
     },
     "overrides": {
         "nth-check": "2.1.1",
         "jsdom": "16.7.0",
-        "got": "14.4.4",
+        "got": "14.4.5",
         "react-error-overlay": "6.0.11",
         "tough-cookie": "5.0.0",
-        "@braintree/sanitize-url": "7.1.0",
+        "@braintree/sanitize-url": "7.1.1",
         "resolve-url-loader": "5.0.0",
         "lodash": "4.17.21",
         "semver": "7.6.3",
-        "@babel/traverse": "7.25.9"
+        "@babel/traverse": "7.26.4",
+        "axios": "1.7.9"
     },
     "engines": {
-        "npm": "=10.9.0",
-        "node": "=20.18.0"
+        "npm": "=10.9.2",
+        "node": "=20.18.1"
     },
     "browserslist": [
         ">0.2%",

apiml-common/build.gradle

@@ -8,6 +8,7 @@ dependencies {
     implementation libs.spring.boot.starter.actuator
     implementation libs.spring.boot.starter.web
     implementation libs.spring.cloud.starter.eureka.client
+    implementation libs.eureka.core
 
     implementation libs.apache.commons.lang3
     implementation libs.janino

build.gradle

@@ -98,6 +98,9 @@ allprojects {
     configurations.all {
         resolutionStrategy.dependencySubstitution {
             substitute(module('javax.servlet:servlet-api')).using(module('javax.servlet:javax.servlet-api:4.0.1'))
+            // netty reactor contains a bug: https://github.com/reactor/reactor-netty/issues/3559 > https://github.com/reactor/reactor-netty/pull/3581
+            substitute(module('io.projectreactor.netty:reactor-netty-core')).using(module('io.projectreactor.netty:reactor-netty-core:1.1.23'))
+            substitute(module('io.projectreactor.netty:reactor-netty-http')).using(module('io.projectreactor.netty:reactor-netty-http:1.1.23'))
         }
     }
 

gateway-service/build.gradle

@@ -74,6 +74,7 @@ dependencies {
     implementation libs.spring.boot.starter.thymeleaf
     implementation libs.spring.doc.webflux
     implementation libs.netty.reactor.http
+    implementation libs.google.gson
     implementation libs.jjwt
     implementation libs.jjwt.impl
     implementation libs.jjwt.jackson

gateway-service/src/main/java/org/zowe/apiml/gateway/GatewayServiceApplication.java

@@ -13,7 +13,6 @@
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.security.oauth2.client.reactive.ReactiveOAuth2ClientAutoConfiguration;
-import org.springframework.cloud.gateway.config.GatewayReactiveOAuth2AutoConfiguration;
 
 @SpringBootApplication(
     scanBasePackages = {
@@ -24,7 +23,7 @@
         "org.zowe.apiml.product.logging",
         "org.zowe.apiml.security"
     },
-    exclude = {ReactiveOAuth2ClientAutoConfiguration.class, GatewayReactiveOAuth2AutoConfiguration.class}
+    exclude = {ReactiveOAuth2ClientAutoConfiguration.class}
 )
 public class GatewayServiceApplication {
 

gateway-service/src/main/java/org/zowe/apiml/gateway/filters/AbstractTokenFilterFactory.java

@@ -91,25 +91,28 @@ protected Mono<Void> processResponse(ServerWebExchange exchange, GatewayFilterCh
                     );
                     headers.set(HttpHeaders.COOKIE, cookieHeader);
                 }).build();
+                exchange = exchange.mutate().request(request).build();
             }
             if (!StringUtils.isEmpty(response.get().getHeaderName())) {
                 request = cleanHeadersOnAuthSuccess(exchange);
                 request = request.mutate().headers(headers ->
                     headers.add(response.get().getHeaderName(), response.get().getToken())
                 ).build();
+                exchange = exchange.mutate().request(request).build();
             }
             if (failureHeader.isPresent()) {
                 if (request != null) {
                     request = request.mutate().headers(httpHeaders -> httpHeaders.add(ApimlConstants.AUTH_FAIL_HEADER, failureHeader.get())).build();
+                    exchange = exchange.mutate().request(request).build();
                 }
                 exchange.getResponse().getHeaders().add(ApimlConstants.AUTH_FAIL_HEADER, failureHeader.get());
             }
         }
         if (request == null) {
             request = cleanHeadersOnAuthFail(exchange, failureHeader.orElse("Invalid or missing authentication"));
+            exchange = exchange.mutate().request(request).build();
         }
 
-        exchange = exchange.mutate().request(request).build();
         return chain.filter(exchange);
     }
 

gateway-service/src/main/java/org/zowe/apiml/gateway/filters/KeyResolver.java

@@ -20,7 +20,7 @@
 @Component
 public class KeyResolver implements org.springframework.cloud.gateway.filter.ratelimit.KeyResolver {
 
-    @Value("${apiml.gateway.routing.cookieNameForRateLimit:apimlAuthenticationToken}")
+    @Value("${apiml.gateway.cookieNameForRateLimit:apimlAuthenticationToken}")
     private String cookieName;
 
     @Override

gateway-service/src/test/java/org/zowe/apiml/gateway/filters/AbstractTokenFilterFactoryTest.java

@@ -10,44 +10,60 @@
 
 package org.zowe.apiml.gateway.filters;
 
+import lombok.Builder;
+import lombok.RequiredArgsConstructor;
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
+import org.mockito.ArgumentCaptor;
 import org.springframework.cloud.client.ServiceInstance;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.http.MediaType;
+import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
 import org.springframework.mock.web.server.MockServerWebExchange;
+import org.springframework.web.reactive.function.client.ClientResponse;
+import org.springframework.web.server.ServerWebExchange;
 import org.zowe.apiml.constants.ApimlConstants;
 import org.zowe.apiml.zaas.ZaasTokenResponse;
 
+import java.util.List;
+import java.util.Optional;
+import java.util.OptionalLong;
+
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
 
 class AbstractTokenFilterFactoryTest {
 
     @Nested
     class RequestUpdate {
 
-        private MockServerHttpRequest testRequestMutation(AbstractAuthSchemeFactory.AuthorizationResponse<ZaasTokenResponse> tokenResponse) {
-            MockServerHttpRequest request = MockServerHttpRequest.get("/url").build();
-            MockServerWebExchange exchange = MockServerWebExchange.from(request);
+        private ServerHttpRequest testRequestMutation(AbstractAuthSchemeFactory.AuthorizationResponse<ZaasTokenResponse> tokenResponse) {
+            var chain = mock(GatewayFilterChain.class);
+            var request = MockServerHttpRequest.get("/url").build();
+            var exchange = MockServerWebExchange.from(request);
 
             new AbstractTokenFilterFactory<>(AbstractTokenFilterFactory.Config.class, null, null, null) {
                 @Override
                 public String getEndpointUrl(ServiceInstance instance) {
                     return null;
                 }
-            }.processResponse(exchange, mock(GatewayFilterChain.class), tokenResponse);
+            }.processResponse(exchange, chain, tokenResponse);
+
+            var modifiedExchange = ArgumentCaptor.forClass(ServerWebExchange.class);
+            verify(chain).filter(modifiedExchange.capture());
 
-            return request;
+            return modifiedExchange.getValue().getRequest();
         }
 
         @Nested
         class ValidResponse {
 
             @Test
             void givenHeaderResponse_whenHandling_thenUpdateTheRequest() {
-                MockServerHttpRequest request = testRequestMutation(new AbstractAuthSchemeFactory.AuthorizationResponse<>(null,ZaasTokenResponse.builder()
+                var request = testRequestMutation(new AbstractAuthSchemeFactory.AuthorizationResponse<>(null,ZaasTokenResponse.builder()
                     .headerName("headerName")
                     .token("headerValue")
                     .build()
@@ -57,7 +73,7 @@ void givenHeaderResponse_whenHandling_thenUpdateTheRequest() {
 
             @Test
             void givenCookieResponse_whenHandling_thenUpdateTheRequest() {
-                MockServerHttpRequest request = testRequestMutation(new AbstractAuthSchemeFactory.AuthorizationResponse<>(null,ZaasTokenResponse.builder()
+                var request = testRequestMutation(new AbstractAuthSchemeFactory.AuthorizationResponse<>(null,ZaasTokenResponse.builder()
                     .cookieName("cookieName")
                     .token("cookieValue")
                     .build()
@@ -72,17 +88,34 @@ class InvalidResponse {
 
             @Test
             void givenEmptyResponse_whenHandling_thenNoUpdate() {
-                MockServerHttpRequest request = testRequestMutation(new AbstractAuthSchemeFactory.AuthorizationResponse<>(null,ZaasTokenResponse.builder()
+                var request = testRequestMutation(new AbstractAuthSchemeFactory.AuthorizationResponse<>(null, ZaasTokenResponse.builder()
                     .token("jwt")
                     .build()
                 ));
                 assertEquals(1, request.getHeaders().size());
                 assertTrue(request.getHeaders().containsKey(ApimlConstants.AUTH_FAIL_HEADER));
+                assertEquals("Invalid or missing authentication", request.getHeaders().getFirst(ApimlConstants.AUTH_FAIL_HEADER));
+            }
+
+            @Test
+            void givenEmptyResponseWithError_whenHandling_thenProvideErrorHeader() {
+                var request = testRequestMutation(new AbstractAuthSchemeFactory.AuthorizationResponse<>(
+                    MockHeaders.builder()
+                        .name(ApimlConstants.AUTH_FAIL_HEADER.toLowerCase())
+                        .value("anError")
+                        .build(),
+                    ZaasTokenResponse.builder()
+                        .token("jwt")
+                        .build()
+                ));
+                assertEquals(1, request.getHeaders().size());
+                assertTrue(request.getHeaders().containsKey(ApimlConstants.AUTH_FAIL_HEADER));
+                assertEquals("anError", request.getHeaders().getFirst(ApimlConstants.AUTH_FAIL_HEADER));
             }
 
             @Test
             void givenCookieAndHeaderInResponse_whenHandling_thenSetBoth() {
-                MockServerHttpRequest request = testRequestMutation(new AbstractAuthSchemeFactory.AuthorizationResponse<>(null,ZaasTokenResponse.builder()
+                var request = testRequestMutation(new AbstractAuthSchemeFactory.AuthorizationResponse<>(null,ZaasTokenResponse.builder()
                     .cookieName("cookie")
                     .headerName("header")
                     .token("jwt")
@@ -96,4 +129,35 @@ void givenCookieAndHeaderInResponse_whenHandling_thenSetBoth() {
 
     }
 
+    @RequiredArgsConstructor
+    @Builder
+    static class MockHeaders implements ClientResponse.Headers {
+
+        private final String name;
+        private final String value;
+
+        @Override
+        public OptionalLong contentLength() {
+            return OptionalLong.empty();
+        }
+
+        @Override
+        public Optional<MediaType> contentType() {
+            return Optional.empty();
+        }
+
+        @Override
+        public List<String> header(String headerName) {
+            return List.of(value);
+        }
+
+        @Override
+        public org.springframework.http.HttpHeaders asHttpHeaders() {
+            var headers = new org.springframework.http.HttpHeaders();
+            headers.add(name, value);
+            return headers;
+        }
+
+    }
+
 }