chore(project): Bump packages (#225)

* fix(bundler): resolve bundler issues where crypto is blocking

* chore(bundler): update actions

* chore(bundler): return to lerna 6.x.x

* chore(bundler): increase calc time for OCD test

* refactor(project): improve code

.github/workflows/build.js.yml

@@ -20,10 +20,10 @@ jobs:
 
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v3
         with:
           node-version: ${{ matrix.node-version }}
 

.github/workflows/docs.js.yml

@@ -16,10 +16,10 @@ jobs:
 
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Set up Node.js
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v3
         with:
           node-version: 18
 

.github/workflows/lint.js.yml

@@ -16,10 +16,10 @@ jobs:
 
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Set up Node.js
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v3
         with:
           node-version: 18
 

.github/workflows/test.js.yml

@@ -20,10 +20,10 @@ jobs:
 
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v3
         with:
           node-version: ${{ matrix.node-version }}
 

.nvmrc

@@ -1 +1 @@
-18.12.1
+18.16.1

data-scripts/latin2Decoder.ts

@@ -169,6 +169,7 @@ export default (
     const byteValue = input[index]
     // “If `byte` is an ASCII byte, return a code point whose value is
     // `byte`.”
+    // @ts-ignore
     if (byteValue >= 0x00 && byteValue <= 0x7f) {
       // @ts-ignore
       buffer.push(stringFromCharCode(byteValue))

package.json

@@ -31,57 +31,57 @@
     "docs:build": "vuepress build docs"
   },
   "devDependencies": {
-    "@babel/cli": "7.21.5",
-    "@babel/core": "7.21.8",
-    "@babel/preset-env": "7.21.5",
+    "@babel/cli": "7.22.9",
+    "@babel/core": "7.22.9",
+    "@babel/preset-env": "7.22.9",
     "@rollup/plugin-alias": "5.0.0",
     "@rollup/plugin-babel": "6.0.3",
-    "@rollup/plugin-commonjs": "24.1.0",
+    "@rollup/plugin-commonjs": "25.0.2",
     "@rollup/plugin-json": "6.0.0",
-    "@rollup/plugin-node-resolve": "15.0.2",
+    "@rollup/plugin-node-resolve": "15.1.0",
     "@rollup/plugin-replace": "5.0.2",
-    "@rollup/plugin-typescript": "11.1.0",
+    "@rollup/plugin-typescript": "11.1.2",
     "@types/byline": "4.2.33",
-    "@types/jest": "29.5.1",
+    "@types/jest": "29.5.3",
     "@types/sprintf-js": "1.1.2",
-    "@typescript-eslint/eslint-plugin": "5.59.2",
-    "@typescript-eslint/parser": "5.59.2",
+    "@typescript-eslint/eslint-plugin": "6.0.0",
+    "@typescript-eslint/parser": "6.0.0",
     "@vuepress/plugin-register-components": "2.0.0-beta.61",
     "axios": "1.4.0",
     "babel-eslint": "10.1.0",
-    "babel-jest": "29.5.0",
+    "babel-jest": "29.6.1",
     "babel-plugin-dynamic-import-node": "2.3.3",
     "byline": "5.0.0",
-    "cross-fetch": "3.1.5",
-    "esbuild": "0.17.18",
+    "cross-fetch": "4.0.0",
+    "esbuild": "0.18.12",
     "esbuild-register": "3.4.2",
-    "eslint": "8.40.0",
+    "eslint": "8.44.0",
     "eslint-config-airbnb-base": "15.0.0",
     "eslint-config-prettier": "8.8.0",
     "eslint-import-resolver-alias": "1.1.2",
     "eslint-import-resolver-webpack": "0.13.2",
     "eslint-plugin-compat": "4.1.4",
     "eslint-plugin-import": "2.27.5",
-    "eslint-plugin-jest": "27.2.1",
-    "eslint-plugin-prettier": "4.2.1",
+    "eslint-plugin-jest": "27.2.3",
+    "eslint-plugin-prettier": "5.0.0",
     "esm": "3.2.25",
     "glob-all": "3.3.1",
     "iconv-lite": "0.6.3",
-    "jest": "29.5.0",
+    "jest": "29.6.1",
     "jszip": "^3.10.1",
     "kuroshiro": "1.2.0",
     "kuroshiro-analyzer-kuromoji": "1.1.0",
     "lerna": "6.6.2",
-    "natural": "6.3.0",
-    "prettier": "2.8.8",
-    "rollup": "3.21.5",
+    "natural": "6.5.0",
+    "prettier": "3.0.0",
+    "rollup": "3.26.2",
     "rollup-plugin-copy": "3.4.0",
     "rollup-plugin-delete": "2.0.0",
     "sprintf-js": "1.1.2",
-    "ts-jest": "29.1.0",
-    "typescript": "4.9.4",
+    "ts-jest": "29.1.1",
+    "typescript": "5.1.6",
     "vuepress": "2.0.0-beta.61",
-    "xlsx": "https://cdn.sheetjs.com/xlsx-0.19.3/xlsx-0.19.3.tgz",
+    "xlsx": "https://cdn.sheetjs.com/xlsx-0.20.0/xlsx-0.20.0.tgz",
     "zxcvbn": "4.4.2"
   },
   "keywords": [
@@ -102,7 +102,8 @@
   "resolutions": {
     "minimist": "^1.2.8",
     "http-cache-semantics": "^4.1.1",
-    "json5": "2.2.2"
+    "json5": "2.2.3",
+    "semver": "7.5.4"
   },
   "overrides": {},
   "dependencies": {}

packages/libraries/main/src/matcher/dictionary/variants/matching/l33t.ts

@@ -6,7 +6,11 @@ import getCleanPasswords, {
   PasswordWithSubs,
 } from './unmunger/getCleanPasswords'
 
-const getExtras = (passwordWithSubs: PasswordWithSubs, i: number, j: number) => {
+const getExtras = (
+  passwordWithSubs: PasswordWithSubs,
+  i: number,
+  j: number,
+) => {
   const previousChanges = passwordWithSubs.changes.filter((changes) => {
     return changes.i < i
   })
@@ -16,9 +20,12 @@ const getExtras = (passwordWithSubs: PasswordWithSubs, i: number, j: number) =>
   const usedChanges = passwordWithSubs.changes.filter((changes) => {
     return changes.i >= i && changes.i <= j
   })
-  const jUnsubbed = usedChanges.reduce((value, change) => {
-    return value - change.letter.length + change.substitution.length
-  }, j - i + iUnsubbed)
+  const jUnsubbed = usedChanges.reduce(
+    (value, change) => {
+      return value - change.letter.length + change.substitution.length
+    },
+    j - i + iUnsubbed,
+  )
   const filtered: PasswordChanges[] = []
   const subDisplay: string[] = []
   usedChanges.forEach((value) => {

packages/libraries/main/src/matcher/dictionary/variants/matching/unmunger/getCleanPasswords.ts

@@ -12,72 +12,107 @@ export interface PasswordChanges {
   substitution: string
 }
 
-export type IndexedPasswordChanges = PasswordChanges & {i: number}
+export type IndexedPasswordChanges = PasswordChanges & { i: number }
 
 export interface PasswordWithSubs {
   password: string
   changes: IndexedPasswordChanges[]
 }
 
-const getAllSubCombosHelper = ({
-  substr,
-  buffer,
-  limit,
-  trieRoot,
-}: GetAllSubCombosHelperOptions): PasswordWithSubs[] => {
-  const finalPasswords: PasswordWithSubs[] = []
-
-  // eslint-disable-next-line max-statements
-  const helper = (
-    onlyFullSub: boolean,
-    isFullSub: boolean,
-    index: number,
-    subIndex: number,
-    changes: IndexedPasswordChanges[],
-  ): void => {
-    if (finalPasswords.length >= limit) {
-      return
-    }
+interface HelperOptions {
+  onlyFullSub: boolean
+  isFullSub: boolean
+  index: number
+  subIndex: number
+  changes: IndexedPasswordChanges[]
+}
 
-    if (index === substr.length) {
-      if (onlyFullSub === isFullSub) {
-        finalPasswords.push({ password: buffer.join(''), changes })
-      }
-      return
-    }
+class CleanPasswords {
+  private substr: string
 
-    // first, exhaust all possible substitutions at this index
+  private buffer: string[]
+
+  private limit: number
+
+  private trieRoot: TrieNode
+
+  private finalPasswords: PasswordWithSubs[] = []
+
+  constructor({
+    substr,
+    buffer,
+    limit,
+    trieRoot,
+  }: GetAllSubCombosHelperOptions) {
+    this.substr = substr
+    this.buffer = buffer
+    this.limit = limit
+    this.trieRoot = trieRoot
+  }
+
+  private getAllPossibleSubsAtIndex(index: number) {
     const nodes: TrieNode[] = []
-    let cur = trieRoot
-    for (let i = index; i < substr.length; i += 1) {
-      const character = substr.charAt(i)
+    let cur = this.trieRoot
+    for (let i = index; i < this.substr.length; i += 1) {
+      const character = this.substr.charAt(i)
       cur = cur.getChild(character)!
       if (!cur) {
         break
       }
       nodes.push(cur)
     }
+    return nodes
+  }
+
+  // eslint-disable-next-line complexity,max-statements
+  private helper({
+    onlyFullSub,
+    isFullSub,
+    index,
+    subIndex,
+    changes,
+  }: HelperOptions): void {
+    if (this.finalPasswords.length >= this.limit) {
+      return
+    }
+
+    if (index === this.substr.length) {
+      if (onlyFullSub === isFullSub) {
+        this.finalPasswords.push({ password: this.buffer.join(''), changes })
+      }
+      return
+    }
+
+    // first, exhaust all possible substitutions at this index
+    const nodes: TrieNode[] = [...this.getAllPossibleSubsAtIndex(index)]
+
     let hasSubs = false
     // iterate backward to get wider substitutions first
     for (let i = index + nodes.length - 1; i >= index; i -= 1) {
-      cur = nodes[i - index]
+      const cur = nodes[i - index]
       if (cur.isTerminal()) {
         hasSubs = true
         const subs = cur.subs!
         // eslint-disable-next-line no-restricted-syntax
         for (const sub of subs) {
-          buffer.push(sub)
+          this.buffer.push(sub)
           const newSubs = changes.concat({
             i: subIndex,
             letter: sub,
             substitution: cur.parents.join(''),
           })
 
           // recursively build the rest of the string
-          helper(onlyFullSub, isFullSub, i + 1, subIndex + sub.length, newSubs)
+          this.helper({
+            onlyFullSub,
+            isFullSub,
+            index: i + 1,
+            subIndex: subIndex + sub.length,
+            changes: newSubs,
+          })
           // backtrack by ignoring the added postfix
-          buffer.pop()
-          if (finalPasswords.length >= limit) {
+          this.buffer.pop()
+          if (this.finalPasswords.length >= this.limit) {
             return
           }
         }
@@ -86,31 +121,53 @@ const getAllSubCombosHelper = ({
     // next, generate all combos without doing a substitution at this index
     // if a partial substitution is requested or there are no substitutions at this index
     if (!onlyFullSub || !hasSubs) {
-      const firstChar = substr.charAt(index)
-      buffer.push(firstChar)
-      helper(onlyFullSub, isFullSub && !hasSubs, index + 1, subIndex + 1, changes)
-      buffer.pop()
+      const firstChar = this.substr.charAt(index)
+      this.buffer.push(firstChar)
+      this.helper({
+        onlyFullSub,
+        isFullSub: isFullSub && !hasSubs,
+        index: index + 1,
+        subIndex: subIndex + 1,
+        changes,
+      })
+      this.buffer.pop()
     }
   }
 
-  // only full substitution
-  helper(true, true, 0, 0, [])
-  // only partial substitution
-  helper(false, true, 0, 0, [])
+  getAll() {
+    // only full substitution
+    this.helper({
+      onlyFullSub: true,
+      isFullSub: true,
+      index: 0,
+      subIndex: 0,
+      changes: [],
+    })
+    // only partial substitution
+    this.helper({
+      onlyFullSub: false,
+      isFullSub: true,
+      index: 0,
+      subIndex: 0,
+      changes: [],
+    })
 
-  return finalPasswords
+    return this.finalPasswords
+  }
 }
 
 const getCleanPasswords = (
   string: string,
   limit: number,
   trieRoot: TrieNode,
 ): PasswordWithSubs[] => {
-  return getAllSubCombosHelper({
+  const helper = new CleanPasswords({
     substr: string,
     buffer: [],
     limit,
     trieRoot,
   })
+
+  return helper.getAll()
 }
 export default getCleanPasswords

packages/libraries/main/test/main.spec.ts

@@ -163,7 +163,7 @@ describe('main', () => {
       const result = zxcvbn(
         '4@8({[</369&#!1/|0$5+7%2/4@8({[</369&#!1/|0$5+7%2/"',
       )
-      expect(result.calcTime).toBeLessThan(4000)
+      expect(result.calcTime).toBeLessThan(5000)
     })
 
     it('should not die while processing and have a appropriate calcTime for regex attacks', () => {