- fix: npm audit (#404)

* - fix: npm audit

* - fix: remove custom shell parms

* - fix: failing test after node upgrade

.github/workflows/audit.yml

@@ -18,18 +18,14 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
+      - name: Setup Node version
+        uses: actions/setup-node@v4
+        with:
+          node-version-file: '.nvmrc'
+          check-latest: false
+          cache: "npm"
+          cache-dependency-path: package-lock.json
+
       - name: Audit
-        # must use login shell (-l) to have nvm preinstalled, -e exits shell on nonzero exit codes
-        shell: bash -e -l {0}
         run: |
-          NODE=$(jq -r .engines.node ./package.json)
-          NPM=$(jq -r .engines.npm ./package.json)
-          echo "Node/npm version: ${NODE}/${NPM} - found on package.json"
-          echo "RUN:\"nvm i\" => Sets up npm."
-          nvm i
-          echo "RUN:\"npm i -g npm@${NPM}\" => Set up npm ${NPM}"
-          npm i -g npm@"${NPM}"
-          echo "RUN:\"npm i --package-lock-only\" => Creates package-lock.json which is used by audit, also audits, but always exits with 0 and gives a very short output."
-          npm i --package-lock-only --ignore-scripts
-          echo "RUN:\"npm audit\" => Runs the actual audit."
-          npm audit --audit-level=moderate --omit=dev @tauri-apps/cli
+          npm audit --omit=dev

.github/workflows/pr-ci-healchecks.yml

@@ -22,11 +22,10 @@ jobs:
 
 
       - name: Setup Node version
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version-file: '.nvmrc'
           check-latest: false
-          registry-url: https://registry.npmjs.org
           cache: "npm"
           cache-dependency-path: package-lock.json
 

.github/workflows/release-dev.yml

@@ -36,12 +36,11 @@ jobs:
           fetch-depth: 0
 
       - name: Setup Node version
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version-file: '.nvmrc'
           check-latest: false
-          registry-url: https://registry.npmjs.org
-          cache: 'npm'
+          cache: "npm"
           cache-dependency-path: package-lock.json
 
       - name: Install dependencies
@@ -194,12 +193,11 @@ jobs:
           key: ${{ matrix.arch }}-build-cargo-${{ hashFiles('**/Cargo.lock') }}
 
       - name: Setup Node version
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version-file: '.nvmrc'
           check-latest: false
-          registry-url: https://registry.npmjs.org
-          cache: 'npm'
+          cache: "npm"
           cache-dependency-path: package-lock.json
 
       - name: Install dependencies
@@ -296,12 +294,11 @@ jobs:
           fetch-depth: 0
 
       - name: Setup Node version
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version-file: '.nvmrc'
           check-latest: false
-          registry-url: https://registry.npmjs.org
-          cache: 'npm'
+          cache: "npm"
           cache-dependency-path: package-lock.json
 
       - name: Install dependencies
@@ -441,12 +438,11 @@ jobs:
   #       uses: nrwl/nx-set-shas@v3
 
   #     - name: Setup Node version
-  #       uses: actions/setup-node@v3
+  #       uses: actions/setup-node@v4
   #       with:
-  #         node-version: 18
+  #         node-version-file: '.nvmrc'
   #         check-latest: false
-  #         registry-url: https://registry.npmjs.org
-  #         cache: 'npm'
+  #         cache: "npm"
   #         cache-dependency-path: package-lock.json
 
   #     - name: Install dependencies

.github/workflows/release-prod.yml

@@ -42,12 +42,11 @@ jobs:
           fetch-depth: 0
 
       - name: Setup Node version
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version-file: '.nvmrc'
           check-latest: false
-          registry-url: https://registry.npmjs.org
-          cache: 'npm'
+          cache: "npm"
           cache-dependency-path: package-lock.json
 
       - name: Install dependencies
@@ -192,12 +191,11 @@ jobs:
           key: ${{ matrix.arch }}-build-cargo-${{ hashFiles('**/Cargo.lock') }}
 
       - name: Setup Node version
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version-file: '.nvmrc'
           check-latest: false
-          registry-url: https://registry.npmjs.org
-          cache: 'npm'
+          cache: "npm"
           cache-dependency-path: package-lock.json
 
       - name: Install dependencies
@@ -292,12 +290,11 @@ jobs:
           fetch-depth: 0
 
       - name: Setup Node version
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version-file: '.nvmrc'
           check-latest: false
-          registry-url: https://registry.npmjs.org
-          cache: 'npm'
+          cache: "npm"
           cache-dependency-path: package-lock.json
 
       - name: Install dependencies

libs/shinkai-message-ts/src/utils/wasm_helpers.test.ts

@@ -12,7 +12,9 @@ import {
 ed.etc.sha512Sync = (...m) => sha512(ed.etc.concatBytes(...m));
 
 const crypto = new Crypto();
-globalThis.crypto = crypto;
+Object.defineProperty(globalThis, 'crypto', {
+  value: crypto,
+});
 
 describe('Key generation functions', () => {
   test('should generate valid encryption keys', async () => {

libs/shinkai-message-ts/src/wasm/ShinkaiMessageBuilderWrapper.test.ts

@@ -12,7 +12,9 @@ import { ShinkaiMessageBuilderWrapper } from './ShinkaiMessageBuilderWrapper';
 ed.etc.sha512Sync = (...m) => sha512(ed.etc.concatBytes(...m));
 
 const crypto = new Crypto();
-globalThis.crypto = crypto;
+Object.defineProperty(globalThis, 'crypto', {
+  value: crypto,
+});
 
 const generateKeys = async () => {
   const seed = new Uint8Array(32);