Upgrade Node 16 to Node 20 (#161)

* Update action.yml

* Update Dockerfile

* Update main.yml

* Update action-cve version.

* Remove double quotes.

* Fix action version.

* Update action versions.

* Update deps.

* Upgrade versions, add missing packages.

* Linting.

* Upgrades via make dist-rebuild.

* Fix Mayhemfiles to work around comment bug in mayhem-core.

---------

Co-authored-by: Dylan Bargatze <dbargatz@users.noreply.github.com>

Author: vlussenburg

.github/workflows/dependabot-alerts.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       # X.X.X - Latest version available at: https://github.com/kunalnagarco/action-cve/releases
-      - uses: kunalnagarco/action-cve@v1.7.1
+      - uses: kunalnagarco/action-cve@v1.12.36
         with:
           token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
           slack_webhook: ${{ secrets.SLACK_WEBHOOK }}

.github/workflows/main.yml

@@ -15,7 +15,7 @@ jobs:
       MAYHEM_TOKEN: ${{ secrets.MAYHEM_TOKEN }}
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           # fetch entire history to compute diffs between jobs
           fetch-depth: 0
@@ -28,7 +28,7 @@ jobs:
     # make sure the action works on a clean machine without building
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           # fetch entire history to compute diffs between jobs
           fetch-depth: 0
@@ -44,7 +44,7 @@ jobs:
           args: --image forallsecure/lighttpd:vulnerable --duration 60
 
       - name: Upload SARIF file(s)
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: out/sarif
 
@@ -57,7 +57,7 @@ jobs:
     # make sure the action works on a clean machine without building
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           # fetch entire history to compute diffs between jobs
           fetch-depth: 0
@@ -75,21 +75,21 @@ jobs:
           args: --image forallsecure/lighttpd:vulnerable --duration 60
 
       - name: Archive Coverage report
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: coverage-report
           path: out/coverage/
           if-no-files-found: error
 
       - name: Archive JUnit results
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: mcode-junit
           path: out/junit/
           if-no-files-found: error
 
       - name: Upload SARIF file(s)
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: out/sarif
 
@@ -102,7 +102,7 @@ jobs:
     # make sure the action works on a clean machine without building
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           # fetch entire history to compute diffs between jobs
           fetch-depth: 0
@@ -125,7 +125,7 @@ jobs:
   test-override-inputs:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           # fetch entire history to compute diffs between jobs
           fetch-depth: 0
@@ -154,7 +154,7 @@ jobs:
     # make sure the action works on a clean machine without building
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           # fetch entire history to compute diffs between jobs
           fetch-depth: 0

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:16
+FROM node:20
 
 ARG SRCDIR=/workdir
 

Makefile

@@ -4,5 +4,5 @@
 .PHONY: dist-rebuild
 dist-rebuild:
 	docker build -t dist-builder .
-	docker run -u $(shell id -u):$(shell id -g) --rm -v $(shell pwd):/out dist-builder cp -rv /workdir/dist/. /out/dist""
+	docker run -u $(shell id -u):$(shell id -g) --rm -v $(shell pwd):/out dist-builder cp -rv /workdir/dist/. /out/dist
 	docker rmi -f dist-builder

README.md

@@ -69,7 +69,7 @@ jobs:
             triplet: x64-linux
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           submodules: recursive
 
@@ -115,7 +115,7 @@ jobs:
           # Specify one or many Mayhemfiles here
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Start analysis for ${{ matrix.mayhemfile }}
         uses: ForAllSecure/mcode-action@v1
@@ -128,24 +128,24 @@ jobs:
           coverage-output: coverage
 
       - name: Upload SARIF file(s)
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: sarif
 
       - name: Archive Coverage report
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: coverage-report
           path: coverage
 
       - name: Archive JUnit results
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: mcode-junit
           path: junit
 
       - name: Upload SARIF file(s)
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: sarif
 ```

__tests__/lighttpd/Mayhemfile

@@ -4,8 +4,7 @@ project: forallsecure/lighttpd                 # be filled at
 target: lighttpd                               # run creation time
 advanced_triage: true
 tasks:
-  # just do one quick task
-  - name: exploitability_factors
+  - name: exploitability_factors               # just do one quick task
 cmds:
   - cmd: /usr/local/sbin/lighttpd -D -f /usr/local/etc/lighttpd.conf
     network:

__tests__/mayhemit/Mayhemfile

@@ -3,7 +3,6 @@ duration: 60                                   # since they will
 project: forallsecure/mayhemit                 # be filled at
 target: mayhemit                               # run creation time
 tasks:
-  # just do one quick task
-  - name: regression_testing
+  - name: regression_testing                   # just do one quick task
 cmds:
   - cmd: /mayhemit @@

action.yml

@@ -20,7 +20,7 @@ inputs:
     required: false
     default: ${{ github.token }}
   sarif-output:
-    description: SARIF output path (must be a directory, doesn't have to exist yet). You can upload to to GitHub using the 'github/codeql-action/upload-sarif@v1' action
+    description: SARIF output path (must be a directory, doesn't have to exist yet). You can upload to to GitHub using the 'github/codeql-action/upload-sarif@v3' action
     required: false
   junit-output:
     description: JUnit output path (must be a directory, doesn't have to exist yet). You can upload the artifact to GitHub using the 'actions/upload-artifact' action
@@ -43,7 +43,7 @@ inputs:
     description: Command line arguments to override CLI behavior
     required: false
 runs:
-  using: "node16"
+  using: "node20"
   main: "dist/index.js"
 outputs:
   runId: