fix(xo-server-auth-ldap): get name from LDAP record not user input

Fixes vatesfr/xo-web#1655

@xen-orchestra/async-map/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "@xen-orchestra/async-map",
   "version": "0.0.0",
   "license": "ISC",

@xen-orchestra/backups-cli/commands/clean-vms.js

@@ -8,7 +8,6 @@ let force
 const assert = require('assert')
 const flatten = require('lodash/flatten')
 const getopts = require('getopts')
-const isValidXva = require('@xen-orchestra/backups/isValidXva')
 const lockfile = require('proper-lockfile')
 const pipe = require('promise-toolbox/pipe')
 const { default: Vhd } = require('vhd-lib')
@@ -22,6 +21,70 @@ const handler = require('@xen-orchestra/fs').getHandler({ url: 'file://' })
 
 // -----------------------------------------------------------------------------
 
+const isGzipFile = async fd => {
+  // https://tools.ietf.org/html/rfc1952.html#page-5
+  const magicNumber = Buffer.allocUnsafe(2)
+  assert.strictEqual(
+    await fs.read(fd, magicNumber, 0, magicNumber.length, 0),
+    magicNumber.length
+  )
+  return magicNumber[0] === 31 && magicNumber[1] === 139
+}
+
+// TODO: better check?
+//
+// our heuristic is not good enough, there has been some false positives
+// (detected as invalid by us but valid by `tar` and imported with success),
+// either THOUGH THEY MAY HAVE BEEN COMPRESSED FILES:
+// - these files were normal but the check is incorrect
+// - these files were invalid but without data loss
+// - these files were invalid but with silent data loss
+//
+// maybe reading the end of the file looking for a file named
+// /^Ref:\d+/\d+\.checksum$/ and then validating the tar structure from it
+//
+// https://github.com/npm/node-tar/issues/234#issuecomment-538190295
+const isValidTar = async (size, fd) => {
+  if (size <= 1024 || size % 512 !== 0) {
+    return false
+  }
+
+  const buf = Buffer.allocUnsafe(1024)
+  assert.strictEqual(
+    await fs.read(fd, buf, 0, buf.length, size - buf.length),
+    buf.length
+  )
+  return buf.every(_ => _ === 0)
+}
+
+// TODO: find an heuristic for compressed files
+const isValidXva = async path => {
+  try {
+    const fd = await fs.open(path, 'r')
+    try {
+      const { size } = await fs.fstat(fd)
+      if (size < 20) {
+        // neither a valid gzip not tar
+        return false
+      }
+
+      return (await isGzipFile(fd))
+        ? true // gzip files cannot be validated at this time
+        : await isValidTar(size, fd)
+    } finally {
+      fs.close(fd).catch(noop)
+    }
+  } catch (error) {
+    // never throw, log and report as valid to avoid side effects
+    console.error('isValidXva', path, error)
+    return true
+  }
+}
+
+const noop = Function.prototype
+
+// -----------------------------------------------------------------------------
+
 // chain is an array of VHDs from child to parent
 //
 // the whole chain will be merged into parent, parent will be renamed to child

@xen-orchestra/backups-cli/package.json

@@ -1,11 +1,9 @@
 {
-  "private": false,
   "bin": {
     "xo-backups": "index.js"
   },
   "bugs": "https://github.com/vatesfr/xen-orchestra/issues",
   "dependencies": {
-    "@xen-orchestra/backups": "^0.0.0",
     "@xen-orchestra/fs": "^0.10.2",
     "filenamify": "^4.1.0",
     "getopts": "^2.2.5",
@@ -17,10 +15,6 @@
   "engines": {
     "node": ">=7.10.1"
   },
-  "files": [
-    "commands",
-    "*.js"
-  ],
   "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/@xen-orchestra/backups-cli",
   "name": "@xen-orchestra/backups-cli",
   "repository": {

@xen-orchestra/backups/isValidXva.js

@@ -1,65 +0,0 @@
-const assert = require('assert')
-const fs = require('fs-extra')
-
-const isGzipFile = async fd => {
-  // https://tools.ietf.org/html/rfc1952.html#page-5
-  const magicNumber = Buffer.allocUnsafe(2)
-  assert.strictEqual(
-    await fs.read(fd, magicNumber, 0, magicNumber.length, 0),
-    magicNumber.length
-  )
-  return magicNumber[0] === 31 && magicNumber[1] === 139
-}
-
-// TODO: better check?
-//
-// our heuristic is not good enough, there has been some false positives
-// (detected as invalid by us but valid by `tar` and imported with success),
-// either THOUGH THEY MAY HAVE BEEN COMPRESSED FILES:
-// - these files were normal but the check is incorrect
-// - these files were invalid but without data loss
-// - these files were invalid but with silent data loss
-//
-// maybe reading the end of the file looking for a file named
-// /^Ref:\d+/\d+\.checksum$/ and then validating the tar structure from it
-//
-// https://github.com/npm/node-tar/issues/234#issuecomment-538190295
-const isValidTar = async (size, fd) => {
-  if (size <= 1024 || size % 512 !== 0) {
-    return false
-  }
-
-  const buf = Buffer.allocUnsafe(1024)
-  assert.strictEqual(
-    await fs.read(fd, buf, 0, buf.length, size - buf.length),
-    buf.length
-  )
-  return buf.every(_ => _ === 0)
-}
-
-// TODO: find an heuristic for compressed files
-const isValidXva = async path => {
-  try {
-    const fd = await fs.open(path, 'r')
-    try {
-      const { size } = await fs.fstat(fd)
-      if (size < 20) {
-        // neither a valid gzip not tar
-        return false
-      }
-
-      return (await isGzipFile(fd))
-        ? true // gzip files cannot be validated at this time
-        : await isValidTar(size, fd)
-    } finally {
-      fs.close(fd).catch(noop)
-    }
-  } catch (error) {
-    // never throw, log and report as valid to avoid side effects
-    console.error('isValidXva', path, error)
-    return true
-  }
-}
-exports.isValidXva = isValidXva
-
-const noop = Function.prototype

@xen-orchestra/backups/package.json

@@ -1,21 +0,0 @@
-{
-  "private": false,
-  "name": "@xen-orchestra/backups",
-  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/@xen-orchestra/backups",
-  "bugs": "https://github.com/vatesfr/xen-orchestra/issues",
-  "repository": {
-    "directory": "@xen-orchestra/backups",
-    "type": "git",
-    "url": "https://github.com/vatesfr/xen-orchestra.git"
-  },
-  "version": "0.0.0",
-  "engines": {
-    "node": ">=8.10"
-  },
-  "scripts": {
-    "postversion": "npm publish --access public"
-  },
-  "dependencies": {
-    "fs-extra": "^8.1.0"
-  }
-}

@xen-orchestra/cr-seed-cli/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "@xen-orchestra/cr-seed-cli",
   "version": "0.2.0",
   "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/@xen-orchestra/cr-seed-cli",
@@ -17,7 +16,7 @@
   },
   "dependencies": {
     "golike-defer": "^0.4.1",
-    "xen-api": "^0.27.4"
+    "xen-api": "^0.27.3"
   },
   "scripts": {
     "postversion": "npm publish"

@xen-orchestra/cron/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "@xen-orchestra/cron",
   "version": "1.0.6",
   "license": "ISC",

@xen-orchestra/defined/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "@xen-orchestra/defined",
   "version": "0.0.0",
   "license": "ISC",

@xen-orchestra/emit-async/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "@xen-orchestra/emit-async",
   "version": "0.0.0",
   "license": "ISC",

@xen-orchestra/fs/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "@xen-orchestra/fs",
   "version": "0.10.2",
   "license": "AGPL-3.0",

@xen-orchestra/log/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "@xen-orchestra/log",
   "version": "0.2.0",
   "license": "ISC",

@xen-orchestra/mixin/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "@xen-orchestra/mixin",
   "version": "0.0.0",
   "license": "ISC",

@xen-orchestra/template/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "@xen-orchestra/template",
   "version": "0.1.0",
   "license": "ISC",

CHANGELOG.md

@@ -8,28 +8,11 @@
 
 ### Released packages
 
-## **5.42.1** (2020-01-17)
-
-![Channel: latest](https://badgen.net/badge/channel/latest/yellow)
-
-### Enhancements
-
-- [Snapshot] Fallback to normal snapshot if quiesce is not available [#4735](https://github.com/vatesfr/xen-orchestra/issues/4735) (PR [#4736](https://github.com/vatesfr/xen-orchestra/pull/4736)) \
-  Fixes compatibility with **Citrix Hypervisor 8.1**.
-- [Uncompressed full backup] Quick healthcheck of downloaded XVAs in case there was an undetected issue (PR [#4741](https://github.com/vatesfr/xen-orchestra/pull/4741))
-- [Backup] Make built-in concurrency limits configurable (PR [#4743](https://github.com/vatesfr/xen-orchestra/pull/4743)) \
-  Via the following entries in `xo-server`'s configuration file:
-  - `xapiOptions.vdiExportConcurrency`
-  - `xapiOptions.vmExportConcurrency`
-  - `xapiOptions.vmSnapshotConcurrency`
-
-### Released packages
-
-- xo-server v5.55.0
-- xo-web v5.55.0
 
 ## **5.42.0** (2019-12-20)
 
+![Channel: latest](https://badgen.net/badge/channel/latest/yellow)
+
 ### Highlights
 
 - [SDN Controller] Allow private network creation on bond and VLAN (PR [#4682](https://github.com/vatesfr/xen-orchestra/pull/4682))

docs/README.md

@@ -8,7 +8,7 @@ XO is a web interface to visualize and administer your XenServer (or XAPI enable
 
 It aims to be easy to use on any device supporting modern web technologies (HTML 5, CSS 3, JavaScript), such as your desktop computer or your smartphone.
 
-![Xen Orchestra logo](./assets/logo.png)
+![](https://pbs.twimg.com/profile_images/601775622675898368/xWbbafyO_400x400.png)
 
 ## XOA quick deploy
 

docs/xosan.md

@@ -6,20 +6,29 @@ XOSAN is a virtual SAN that allows you to create a shared SR (Storage Repository
 
 ## Introduction
 
-This documentation will give you some advice and assistance in order to create an XOSAN storage on your XenServer or XCP-ng infrastructure.
+This documentation will give you some advices and assistance in order to create a XOSAN storage on your XenServer infrastructure.
 
 ## Objectives
 
-XOSAN will "gather" all your local disks (across multiple hosts) into a shared SR, that XenServer/XCP-ng will just see as any other shared SR, without limitations (you can live migrate, snapshot, backup, whatever you need). **It's a fully software defined solution** that doesn't require you to buy extra hardware. It can even run on the disk where your Citrix Hypervisor (Xenserver) or XCP-ng is already installed!
+XOSAN will "gather" all your local disks into a shared SR, that XenServer will just see as any other shared SR, without limitations on it (you can live migrate, snapshot, backup, whatever you need). **It's a fully software defined solution** that doesn't require to buy extra-hardware. It could even run on the disk where your XenServer is already installed!
 
 ![](https://xen-orchestra.com/blog/content/images/2016/12/hyperpool.jpg)
 
 The objectives are to:
 
-- protect your data thanks to replication of data across multiple hosts
-- Unlock High Availability without buying a NAS nor a SAN
+- protect your data thanks to replication of data on multiple hosts
+- provide XenServer high availability without buying a NAS nor a SAN
 - give you flexibility to grow your storage by adding new nodes
-- work on all kinds of hardware, HDDs or SSDs, with hardware RAID or not
+- work on all kind of hardware, from HDDs to SSDs, with hardware RAID or not
+
+## Beta access - Phase II
+
+XOSAN is currently in beta phase II. Every user can access this beta stage and try the solution in its current version.
+To activate you XOSAN beta, just go in the **"XOSAN"** menu in your (up-to-date) XOA. Once on the menu, click on **"Register for Beta"**.
+
+![](https://xen-orchestra.com/blog/content/images/2017/02/xosan-menu.png)
+
+> Even a free version of XOA can access the XOSAN beta.
 
 ## Deployment
 

packages/complex-matcher/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "complex-matcher",
   "version": "0.6.0",
   "license": "ISC",

packages/value-matcher/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "value-matcher",
   "version": "0.2.0",
   "license": "ISC",

packages/vhd-cli/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "vhd-cli",
   "version": "0.3.1",
   "license": "ISC",

packages/vhd-lib/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "vhd-lib",
   "version": "0.7.2",
   "license": "AGPL-3.0",

packages/xapi-explore-sr/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "xapi-explore-sr",
   "version": "0.2.1",
   "license": "ISC",
@@ -42,7 +41,7 @@
     "human-format": "^0.10.0",
     "lodash": "^4.17.4",
     "pw": "^0.0.4",
-    "xen-api": "^0.27.4"
+    "xen-api": "^0.27.3"
   },
   "devDependencies": {
     "@babel/cli": "^7.1.5",

packages/xen-api/package.json

@@ -1,7 +1,6 @@
 {
-  "private": false,
   "name": "xen-api",
-  "version": "0.27.4",
+  "version": "0.27.3",
   "license": "ISC",
   "description": "Connector to the Xen API",
   "keywords": [
@@ -39,7 +38,7 @@
     "debug": "^4.0.1",
     "event-to-promise": "^0.8.0",
     "exec-promise": "^0.7.0",
-    "http-request-plus": "^0.8.0",
+    "http-request-plus": "^0.9.1",
     "jest-diff": "^24.0.0",
     "json-rpc-protocol": "^0.13.1",
     "kindof": "^2.0.0",

packages/xen-api/src/index.js

@@ -506,13 +506,7 @@ export class Xapi extends EventEmitter {
     const { promise, resolve } = defer()
     eventWatchers[key] = resolve
 
-    await this._sessionCall('pool.add_to_other_config', [
-      poolRef,
-      key,
-
-      // use ms timestamp as values to enable identification of stale entries
-      String(Date.now()),
-    ])
+    await this._sessionCall('pool.add_to_other_config', [poolRef, key, ''])
 
     await promise
 

packages/xo-acl-resolver/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "xo-acl-resolver",
   "version": "0.4.1",
   "license": "ISC",

packages/xo-cli/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "xo-cli",
   "version": "0.10.1",
   "license": "AGPL-3.0",

packages/xo-collection/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "xo-collection",
   "version": "0.4.1",
   "license": "ISC",

packages/xo-common/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "xo-common",
   "version": "0.2.0",
   "license": "AGPL-3.0",

packages/xo-import-servers-csv/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "xo-import-servers-csv",
   "version": "1.1.0",
   "license": "ISC",

packages/xo-lib/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "xo-lib",
   "version": "0.9.0",
   "license": "ISC",

packages/xo-remote-parser/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "xo-remote-parser",
   "version": "0.5.0",
   "license": "AGPL-3.0",

packages/xo-server-auth-ldap/package.json

@@ -34,15 +34,18 @@
     "node": ">=6"
   },
   "dependencies": {
+    "event-to-promise": "^0.8.0",
     "exec-promise": "^0.7.0",
     "inquirer": "^7.0.0",
     "ldapjs": "^1.0.1",
+    "lodash": "^4.17.4",
     "promise-toolbox": "^0.15.0"
   },
   "devDependencies": {
     "@babel/cli": "^7.0.0",
     "@babel/core": "^7.0.0",
     "@babel/preset-env": "^7.0.0",
+    "babel-plugin-lodash": "^3.3.2",
     "cross-env": "^6.0.3",
     "rimraf": "^3.0.0"
   },

packages/xo-server-auth-ldap/src/index.js

@@ -1,8 +1,10 @@
 /* eslint no-throw-literal: 0 */
 
+import eventToPromise from 'event-to-promise'
+import { find, identity, noop } from 'lodash'
 import { createClient } from 'ldapjs'
 import { escape } from 'ldapjs/lib/filters/escape'
-import { fromEvent, promisify } from 'promise-toolbox'
+import { promisify } from 'promise-toolbox'
 import { readFile } from 'fs'
 
 // ===================================================================
@@ -23,8 +25,22 @@ const evalFilter = (filter, vars) =>
 
     return escape(value)
   })
+const makeEvalFormat = format =>
+  format === undefined
+    ? identity
+    : (input, record) =>
+        format.replace(VAR_RE, (_, name) => {
+          if (name === 'input') {
+            return input
+          }
 
-const noop = Function.prototype
+          let tmp = find(record.attributes, _ => _.type === name)
+          if (tmp !== undefined && (tmp = tmp.vals).length !== 0) {
+            return tmp[0]
+          }
+
+          throw new Error(`invalid entry ${name}`)
+        })
 
 export const configurationSchema = {
   type: 'object',
@@ -100,6 +116,12 @@ Or something like this if you also want to filter by group:
       type: 'string',
       default: DEFAULTS.filter,
     },
+    usernameFormat: {
+      description: `
+
+`.trim(),
+      type: 'string',
+    },
   },
   required: ['uri', 'base'],
 }
@@ -157,15 +179,10 @@ class AuthLdap {
       }
     }
 
-    const {
-      bind: credentials,
-      base: searchBase,
-      filter: searchFilter = DEFAULTS.filter,
-    } = conf
-
-    this._credentials = credentials
-    this._searchBase = searchBase
-    this._searchFilter = searchFilter
+    this._credentials = conf.bind
+    this._formatUsername = makeEvalFormat(conf.usernameFormat)
+    this._searchBase = conf.base
+    ;({ filter: this._searchFilter = DEFAULTS.filter } = conf)
   }
 
   load() {
@@ -201,7 +218,7 @@ class AuthLdap {
       const bind = promisify(client.bind, client)
       const search = promisify(client.search, client)
 
-      await fromEvent(client, 'connect')
+      await eventToPromise(client, 'connect')
 
       // Bind if necessary.
       {
@@ -229,7 +246,7 @@ class AuthLdap {
           entries.push(entry.json)
         })
 
-        const { status } = await fromEvent(response, 'end')
+        const { status } = await eventToPromise(response, 'end')
         if (status) {
           throw new Error('unexpected search response status: ' + status)
         }
@@ -242,6 +259,9 @@ class AuthLdap {
         try {
           logger(`attempting to bind as ${entry.objectName}`)
           await bind(entry.objectName, password)
+
+          username = this._formatUsername(username, entry)
+
           logger(
             `successfully bound as ${entry.objectName} => ${username} authenticated`
           )

packages/xo-server-auth-ldap/src/prompt-schema.js

@@ -1,3 +1,4 @@
+import { forEach, isFinite, isInteger } from 'lodash'
 import { pForOwn } from 'promise-toolbox'
 import { prompt } from 'inquirer'
 
@@ -121,7 +122,7 @@ const promptByType = {
     input(path, {
       default: defaultValue || schema.default,
       filter: input => +input,
-      validate: input => Number.isInteger(+input),
+      validate: input => isInteger(+input),
     }),
 
   number: (schema, defaultValue, path) =>
@@ -136,7 +137,7 @@ const promptByType = {
 
     const required = {}
     schema.required &&
-      schema.required.forEach(name => {
+      forEach(schema.required, name => {
         required[name] = true
       })
 
@@ -156,6 +157,8 @@ const promptByType = {
           defaultValue && defaultValue[name],
           subpath
         )
+      } else {
+        value[name] = schema.default
       }
     }
 

packages/xo-server-sdn-controller/package.json

@@ -30,7 +30,7 @@
   "dependencies": {
     "@xen-orchestra/log": "^0.2.0",
     "lodash": "^4.17.11",
-    "node-openssl-cert": "^0.0.117",
+    "node-openssl-cert": "^0.0.116",
     "promise-toolbox": "^0.15.0",
     "uuid": "^3.3.2"
   },

packages/xo-server/better-stacks.js

@@ -0,0 +1,30 @@
+Error.stackTraceLimit = 100
+
+// Removes internal modules.
+try {
+  const sep = require('path').sep
+
+  require('stack-chain').filter.attach(function(_, frames) {
+    const filtered = frames.filter(function(frame) {
+      const name = frame && frame.getFileName()
+
+      return (
+        // has a filename
+        name &&
+        // contains a separator (no internal modules)
+        name.indexOf(sep) !== -1 &&
+        // does not start with `internal`
+        name.lastIndexOf('internal', 0) !== -1
+      )
+    })
+
+    // depd (used amongst other by express requires at least 3 frames
+    // in the stack.
+    return filtered.length > 2 ? filtered : frames
+  })
+} catch (_) {}
+
+// Source maps.
+try {
+  require('julien-f-source-map-support/register')
+} catch (_) {}

packages/xo-server/bin/xo-server

@@ -10,11 +10,7 @@ if (process.env.NODE_ENV === undefined) {
 }
 
 // Better stack traces if possible.
-try {
-  require('source-map-support').install({
-    handleUncaughtExceptions: false
-  });
-} catch (_) {}
+require('../better-stacks')
 
 // Use Bluebird for all promises as it provides better performance and
 // less memory usage.

packages/xo-server/config.toml

@@ -74,7 +74,6 @@ poolMetadataTimeout = '10 minutes'
 
 # https://github.com/naugtur/blocked-at#params-and-return-value
 [blockedAtOptions]
-enabled = false
 threshold = 1000
 
 # Helmet handles HTTP security via headers
@@ -121,6 +120,3 @@ timeout = 600e3
 
 [xapiOptions]
 maxUncoalescedVdis = 1
-vdiExportConcurrency = 12
-vmExportConcurrency = 2
-vmSnapshotConcurrency = 2

packages/xo-server/package.json

@@ -1,7 +1,7 @@
 {
   "private": true,
   "name": "xo-server",
-  "version": "5.55.1",
+  "version": "5.54.0",
   "license": "AGPL-3.0",
   "description": "Server part of Xen-Orchestra",
   "keywords": [
@@ -35,7 +35,6 @@
   "dependencies": {
     "@iarna/toml": "^2.2.1",
     "@xen-orchestra/async-map": "^0.0.0",
-    "@xen-orchestra/backups": "^0.0.0",
     "@xen-orchestra/cron": "^1.0.6",
     "@xen-orchestra/defined": "^0.0.0",
     "@xen-orchestra/emit-async": "^0.0.0",
@@ -73,7 +72,7 @@
     "helmet": "^3.9.0",
     "highland": "^2.11.1",
     "http-proxy": "^1.16.2",
-    "http-request-plus": "^0.8.0",
+    "http-request-plus": "^0.9.1",
     "http-server-plus": "^0.11.0",
     "human-format": "^0.10.0",
     "is-redirect": "^1.0.0",
@@ -82,9 +81,12 @@
     "js-yaml": "^3.10.0",
     "json-rpc-peer": "^0.15.3",
     "json5": "^2.0.1",
+    "julien-f-source-map-support": "0.1.0",
     "julien-f-unzip": "^0.2.1",
     "kindof": "^2.0.0",
+    "level": "^6.0.0",
     "level-party": "^4.0.0",
+    "level-sublevel": "^6.6.1",
     "limit-concurrency-decorator": "^0.4.0",
     "lodash": "^4.17.4",
     "make-error": "^1",
@@ -110,13 +112,11 @@
     "schema-inspector": "^1.6.8",
     "semver": "^6.0.0",
     "serve-static": "^1.13.1",
-    "source-map-support": "^0.5.16",
     "split-lines": "^2.0.0",
     "stack-chain": "^2.0.0",
     "stoppable": "^1.0.5",
     "strict-timeout": "^1.0.0",
     "struct-fu": "^1.2.0",
-    "subleveldown": "^4.1.4",
     "tar-stream": "^2.0.1",
     "through2": "^3.0.0",
     "tmp": "^0.1.0",
@@ -124,7 +124,7 @@
     "value-matcher": "^0.2.0",
     "vhd-lib": "^0.7.2",
     "ws": "^7.1.2",
-    "xen-api": "^0.27.4",
+    "xen-api": "^0.27.3",
     "xml2js": "^0.4.19",
     "xo-acl-resolver": "^0.4.1",
     "xo-collection": "^0.4.1",

packages/xo-server/src/index.js

@@ -646,16 +646,13 @@ export default async function main(args) {
   const config = await loadConfiguration()
 
   {
-    const { enabled, ...options } = config.blockedAtOptions
-    if (enabled) {
-      const logPerf = createLogger('xo:perf')
-      blocked((time, stack) => {
-        logPerf.info(`blocked for ${ms(time)}`, {
-          time,
-          stack,
-        })
-      }, options)
-    }
+    const logPerf = createLogger('xo:perf')
+    blocked((time, stack) => {
+      logPerf.info(`blocked for ${ms(time)}`, {
+        time,
+        stack,
+      })
+    }, config.blockedAtOptions)
   }
 
   const webServer = await createWebServer(config.http)

packages/xo-server/src/xapi/index.js

@@ -94,31 +94,12 @@ export const IPV6_CONFIG_MODES = ['None', 'DHCP', 'Static', 'Autoconf']
 
 @mixin(mapToArray(mixins))
 export default class Xapi extends XapiBase {
-  constructor({
-    guessVhdSizeOnImport,
-    maxUncoalescedVdis,
-    vdiExportConcurrency,
-    vmExportConcurrency,
-    vmSnapshotConcurrency,
-    ...opts
-  }) {
+  constructor({ guessVhdSizeOnImport, maxUncoalescedVdis, ...opts }) {
     super(opts)
 
     this._guessVhdSizeOnImport = guessVhdSizeOnImport
     this._maxUncoalescedVdis = maxUncoalescedVdis
 
-    const waitStreamEnd = async stream => fromEvent(await stream, 'end')
-    this._exportVdi = concurrency(
-      vdiExportConcurrency,
-      waitStreamEnd
-    )(this._exportVdi)
-    this.exportVm = concurrency(
-      vmExportConcurrency,
-      waitStreamEnd
-    )(this.exportVm)
-
-    this._snapshotVm = concurrency(vmSnapshotConcurrency)(this._snapshotVm)
-
     // Patch getObject to resolve _xapiId property.
     this.getObject = (getObject => (...args) => {
       let tmp
@@ -708,6 +689,7 @@ export default class Xapi extends XapiBase {
   }
 
   // Returns a stream to the exported VM.
+  @concurrency(2, stream => stream.then(stream => fromEvent(stream, 'end')))
   @cancelable
   async exportVm($cancelToken, vmId, { compress = false } = {}) {
     const vm = this.getObject(vmId)
@@ -1477,6 +1459,7 @@ export default class Xapi extends XapiBase {
     }
   }
 
+  @concurrency(2)
   @cancelable
   async _snapshotVm($cancelToken, { $ref: vmRef }, nameLabel) {
     const vm = await this.getRecord('VM', vmRef)
@@ -1519,8 +1502,6 @@ export default class Xapi extends XapiBase {
         } catch (error) {
           const { code } = error
           if (
-            // removed in CH 8.1
-            code !== 'MESSAGE_REMOVED' &&
             code !== 'VM_SNAPSHOT_WITH_QUIESCE_NOT_SUPPORTED' &&
             // quiesce only work on a running VM
             code !== 'VM_BAD_POWER_STATE' &&
@@ -1933,6 +1914,7 @@ export default class Xapi extends XapiBase {
     return snap
   }
 
+  @concurrency(12, stream => stream.then(stream => fromEvent(stream, 'end')))
   @cancelable
   _exportVdi($cancelToken, vdi, base, format = VDI_FORMAT_VHD) {
     const query = {

packages/xo-server/src/xo-mixins/backups-ng/index.js

@@ -11,7 +11,6 @@ import { type Pattern, createPredicate } from 'value-matcher'
 import { type Readable, PassThrough } from 'stream'
 import { AssertionError } from 'assert'
 import { basename, dirname } from 'path'
-import { isValidXva } from '@xen-orchestra/backups/isValidXva'
 import {
   countBy,
   findLast,
@@ -1304,10 +1303,6 @@ export default class BackupNg {
                 writeStream(fork, handler, dataFilename)
               )
 
-              if (handler._getFilePath !== undefined) {
-                await isValidXva(handler._getFilePath(dataFilename))
-              }
-
               await handler.outputFile(metadataFilename, jsonMetadata)
 
               if (!deleteFirst) {

packages/xo-server/src/xo-mixins/store.js

@@ -1,7 +1,9 @@
 import levelup from 'level-party'
-import sublevel from 'subleveldown'
+import sublevel from 'level-sublevel'
 import { ensureDir } from 'fs-extra'
 
+import { forEach, promisify } from '../utils'
+
 // ===================================================================
 
 const _levelHas = function has(key, cb) {
@@ -27,19 +29,38 @@ const levelHas = db => {
   return db
 }
 
+const levelPromise = db => {
+  const dbP = {}
+  forEach(db, (value, name) => {
+    if (typeof value !== 'function') {
+      return
+    }
+
+    if (name.endsWith('Stream') || name.startsWith('is')) {
+      dbP[name] = db::value
+    } else {
+      dbP[name] = promisify(value, db)
+    }
+  })
+
+  return dbP
+}
+
 // ===================================================================
 
 export default class {
   constructor(xo, config) {
     const dir = `${config.datadir}/leveldb`
-    this._db = ensureDir(dir).then(() => levelup(dir))
+    this._db = ensureDir(dir).then(() => {
+      return sublevel(
+        levelup(dir, {
+          valueEncoding: 'json',
+        })
+      )
+    })
   }
 
-  async getStore(namespace) {
-    return levelHas(
-      sublevel(await this._db, namespace, {
-        valueEncoding: 'json',
-      })
-    )
+  getStore(namespace) {
+    return this._db.then(db => levelPromise(levelHas(db.sublevel(namespace))))
   }
 }

packages/xo-vmdk-to-vhd/package.json

@@ -1,5 +1,4 @@
 {
-  "private": false,
   "name": "xo-vmdk-to-vhd",
   "version": "0.1.8",
   "license": "AGPL-3.0",

packages/xo-web/package.json

@@ -1,7 +1,7 @@
 {
   "private": true,
   "name": "xo-web",
-  "version": "5.55.0",
+  "version": "5.54.0",
   "license": "AGPL-3.0",
   "description": "Web interface client for Xen-Orchestra",
   "keywords": [

packages/xo-web/src/common/report-bug-button.js

@@ -6,7 +6,7 @@ import PropTypes from 'prop-types'
 import React from 'react'
 import stripAnsi from 'strip-ansi'
 import xoaUpdater from 'xoa-updater'
-import { checkXoa, getApplianceInfo } from 'xo'
+import { checkXoa } from 'xo'
 import { createBlobFromString } from 'utils'
 import { createLogger } from '@xen-orchestra/log'
 import { identity, omit } from 'lodash'
@@ -17,30 +17,12 @@ import { timeout } from 'promise-toolbox'
 import ActionButton from './action-button'
 import ActionRowButton from './action-row-button'
 
-const ADDITIONAL_FILES_FETCH_TIMEOUT = 5e3
-
-const jsonStringify = json => JSON.stringify(json, null, 2)
 const logger = createLogger('report-bug-button')
 
 const GITHUB_URL = 'https://github.com/vatesfr/xen-orchestra/issues/new'
 const XO_SUPPORT_URL = 'https://xen-orchestra.com/#!/member/support'
 const SUPPORT_PANEL_URL = './api/support/create/ticket'
 
-const ADDITIONAL_FILES = [
-  {
-    fetch: () => xoaUpdater.getLocalManifest().then(jsonStringify),
-    name: 'manifest.json',
-  },
-  {
-    fetch: () => checkXoa().then(stripAnsi),
-    name: 'xoaCheck.txt',
-  },
-  {
-    fetch: () => getApplianceInfo().then(jsonStringify),
-    name: 'xoaInfo.json',
-  },
-]
-
 const reportInNewWindow = (
   url,
   { title, message, formatMessage = identity }
@@ -71,15 +53,26 @@ const reportOnSupportPanel = async ({
     formData.append('attachments', content, name)
   })
 
-  await Promise.all(
-    ADDITIONAL_FILES.map(({ fetch, name }) =>
-      timeout.call(fetch(), ADDITIONAL_FILES_FETCH_TIMEOUT).then(
-        file =>
-          formData.append('attachments', createBlobFromString(file), name),
-        error => logger.warn(`cannot get ${name}`, error)
-      )
-    )
-  )
+  await Promise.all([
+    timeout.call(xoaUpdater.getLocalManifest(), 5e3).then(
+      manifest =>
+        formData.append(
+          'attachments',
+          createBlobFromString(JSON.stringify(manifest, null, 2)),
+          'manifest.json'
+        ),
+      error => logger.warn('cannot get the local manifest', { error })
+    ),
+    timeout.call(checkXoa(), 5e3).then(
+      xoaCheck =>
+        formData.append(
+          'attachments',
+          createBlobFromString(stripAnsi(xoaCheck)),
+          'xoaCheck.txt'
+        ),
+      error => logger.warn('cannot get the xoa check', { error })
+    ),
+  ])
 
   try {
     const res = await timeout.call(post(SUPPORT_PANEL_URL, formData), 1e4)

scripts/normalize-packages

@@ -20,11 +20,6 @@ const deleteProperties = (object, property, properties) => {
 
 require('exec-promise')(() =>
   getPackages(true).map(({ dir, name, package: pkg, relativeDir }) => {
-    // consider packages as private by default to avoid publishing them by mistake
-    if (!('private' in pkg)) {
-      pkg.private = true
-    }
-
     pkg.name = name
     pkg.homepage = `https://github.com/vatesfr/xen-orchestra/tree/master/${relativeDir}`
     pkg.bugs = `https://github.com/vatesfr/xen-orchestra/issues`

yarn.lock

@@ -1306,7 +1306,7 @@ abbrev@1:
   resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.1.1.tgz#f8f2c887ad10bf67f634f005b6987fed3179aac8"
   integrity sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==
 
-abstract-leveldown@^6.1.1, abstract-leveldown@^6.2.1, abstract-leveldown@^6.2.2, abstract-leveldown@~6.2.1:
+abstract-leveldown@^6.2.1, abstract-leveldown@^6.2.2, abstract-leveldown@~6.2.1:
   version "6.2.2"
   resolved "https://registry.yarnpkg.com/abstract-leveldown/-/abstract-leveldown-6.2.2.tgz#677425beeb28204367c7639e264e93ea4b49971a"
   integrity sha512-/a+Iwj0rn//CX0EJOasNyZJd2o8xur8Ce9C57Sznti/Ilt/cb6Qd8/k98A4ZOklXgTG+iAYYUs1OTG0s1eH+zQ==
@@ -1315,6 +1315,13 @@ abstract-leveldown@^6.1.1, abstract-leveldown@^6.2.1, abstract-leveldown@^6.2.2,
     level-supports "~1.0.0"
     xtend "~4.0.0"
 
+abstract-leveldown@~0.12.1:
+  version "0.12.4"
+  resolved "https://registry.yarnpkg.com/abstract-leveldown/-/abstract-leveldown-0.12.4.tgz#29e18e632e60e4e221d5810247852a63d7b2e410"
+  integrity sha1-KeGOYy5g5OIh1YECR4UqY9ey5BA=
+  dependencies:
+    xtend "~3.0.0"
+
 accepts@~1.3.5, accepts@~1.3.7:
   version "1.3.7"
   resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.7.tgz#531bc726517a3b2b41f850021c6cc15eaab507cd"
@@ -2975,6 +2982,13 @@ bl@^3.0.0:
   dependencies:
     readable-stream "^3.0.1"
 
+bl@~0.8.1:
+  version "0.8.2"
+  resolved "https://registry.yarnpkg.com/bl/-/bl-0.8.2.tgz#c9b6bca08d1bc2ea00fc8afb4f1a5fd1e1c66e4e"
+  integrity sha1-yba8oI0bwuoA/Ir7Txpf0eHGbk4=
+  dependencies:
+    readable-stream "~1.0.26"
+
 block-stream@*:
   version "0.0.9"
   resolved "https://registry.yarnpkg.com/block-stream/-/block-stream-0.0.9.tgz#13ebfe778a03205cfe03751481ebb4b3300c126a"
@@ -3386,6 +3400,21 @@ bytes@3.1.0:
   resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.1.0.tgz#f6cf7933a360e0588fa9fde85651cdc7f805d1f6"
   integrity sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg==
 
+bytewise-core@^1.2.2:
+  version "1.2.3"
+  resolved "https://registry.yarnpkg.com/bytewise-core/-/bytewise-core-1.2.3.tgz#3fb410c7e91558eb1ab22a82834577aa6bd61d42"
+  integrity sha1-P7QQx+kVWOsasiqCg0V3qmvWHUI=
+  dependencies:
+    typewise-core "^1.2"
+
+bytewise@~1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/bytewise/-/bytewise-1.1.0.tgz#1d13cbff717ae7158094aa881b35d081b387253e"
+  integrity sha1-HRPL/3F65xWAlKqIGzXQgbOHJT4=
+  dependencies:
+    bytewise-core "^1.2.2"
+    typewise "^1.0.3"
+
 cache-base@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/cache-base/-/cache-base-1.0.1.tgz#0a7f46416831c8b662ee36fe4e7c59d76f666ab2"
@@ -4687,6 +4716,13 @@ default-resolution@^2.0.0:
   resolved "https://registry.yarnpkg.com/default-resolution/-/default-resolution-2.0.0.tgz#bcb82baa72ad79b426a76732f1a81ad6df26d684"
   integrity sha1-vLgrqnKtebQmp2cy8aga1t8m1oQ=
 
+deferred-leveldown@~0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/deferred-leveldown/-/deferred-leveldown-0.2.0.tgz#2cef1f111e1c57870d8bbb8af2650e587cd2f5b4"
+  integrity sha1-LO8fER4cV4cNi7uK8mUOWHzS9bQ=
+  dependencies:
+    abstract-leveldown "~0.12.1"
+
 deferred-leveldown@~5.3.0:
   version "5.3.0"
   resolved "https://registry.yarnpkg.com/deferred-leveldown/-/deferred-leveldown-5.3.0.tgz#27a997ad95408b61161aa69bd489b86c71b78058"
@@ -4729,11 +4765,6 @@ defined@^1.0.0:
   resolved "https://registry.yarnpkg.com/defined/-/defined-1.0.0.tgz#c98d9bcef75674188e110969151199e39b1fa693"
   integrity sha1-yY2bzvdWdBiOEQlpFRGZ45sfppM=
 
-defined@~0.0.0:
-  version "0.0.0"
-  resolved "https://registry.yarnpkg.com/defined/-/defined-0.0.0.tgz#f35eea7d705e933baf13b2f03b3f83d921403b3e"
-  integrity sha1-817qfXBekzuvE7LwOz+D2SFAOz4=
-
 degenerator@^1.0.4:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/degenerator/-/degenerator-1.0.4.tgz#fcf490a37ece266464d9cc431ab98c5819ced095"
@@ -5145,7 +5176,7 @@ encodeurl@~1.0.2:
   resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59"
   integrity sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=
 
-encoding-down@^6.2.0, encoding-down@^6.3.0:
+encoding-down@^6.3.0:
   version "6.3.0"
   resolved "https://registry.yarnpkg.com/encoding-down/-/encoding-down-6.3.0.tgz#b1c4eb0e1728c146ecaef8e32963c549e76d082b"
   integrity sha512-QKrV0iKR6MZVJV08QY0wp1e7vF6QbhnbQhb07bwpEyuz4uZiZgPlEGdkCROuFkUwdxlFaiPIhjyarH1ee/3vhw==
@@ -6313,7 +6344,7 @@ fs-extra@^2.0.0:
     graceful-fs "^4.1.2"
     jsonfile "^2.1.0"
 
-fs-extra@^8.0.1, fs-extra@^8.1.0:
+fs-extra@^8.0.1:
   version "8.1.0"
   resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-8.1.0.tgz#49d43c45a88cd9677668cb7be1b46efdb8d2e1c0"
   integrity sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==
@@ -7234,15 +7265,6 @@ http-proxy@^1.16.2:
     follow-redirects "^1.0.0"
     requires-port "^1.0.0"
 
-http-request-plus@^0.8.0:
-  version "0.8.0"
-  resolved "https://registry.yarnpkg.com/http-request-plus/-/http-request-plus-0.8.0.tgz#9d883be7122c96124eb5e5c96bee9dfba8abc338"
-  integrity sha512-nSx7ebXOnHFgwi67YgkdEoHpjx/OH4wOkiHgqUnLsqTRlCu1DDeE+QLRiOI1XnSkqk2Y0Srmg5b1P9ckAPuETw==
-  dependencies:
-    is-redirect "^1.0.0"
-    lodash "^4.17.4"
-    promise-toolbox "^0.12.1"
-
 http-request-plus@^0.9.1:
   version "0.9.1"
   resolved "https://registry.yarnpkg.com/http-request-plus/-/http-request-plus-0.9.1.tgz#ba724da3dabb48eb7962e83aec5f5b3cd7291166"
@@ -8625,6 +8647,14 @@ jsx-ast-utils@^2.2.3:
     array-includes "^3.0.3"
     object.assign "^4.1.0"
 
+julien-f-source-map-support@0.1.0:
+  version "0.1.0"
+  resolved "https://registry.yarnpkg.com/julien-f-source-map-support/-/julien-f-source-map-support-0.1.0.tgz#174152c8509538cf666d813eff77cb261711f0af"
+  integrity sha512-yLkXwMRQ8J2Hn9pkmRoexVPpRaeWBCJ6euf96KcYRqOR9Rek4tbebk6QwYJ42zyeFDHniweWV1Pgfrs8dDvv4A==
+  dependencies:
+    source-map "^0.6.1"
+    stack-chain "^2.0.0"
+
 julien-f-unzip@^0.2.1:
   version "0.2.1"
   resolved "https://registry.yarnpkg.com/julien-f-unzip/-/julien-f-unzip-0.2.1.tgz#62e6a85fa7fa4b875156442079adb4a8617c066a"
@@ -8819,13 +8849,6 @@ level-js@^5.0.0:
     inherits "^2.0.3"
     ltgt "^2.1.2"
 
-level-option-wrap@^1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/level-option-wrap/-/level-option-wrap-1.1.0.tgz#ad20e68d9f3c22c8897531cc6aa7af596b1ed129"
-  integrity sha1-rSDmjZ88IsiJdTHMaqevWWse0Sk=
-  dependencies:
-    defined "~0.0.0"
-
 level-packager@^5.1.0:
   version "5.1.1"
   resolved "https://registry.yarnpkg.com/level-packager/-/level-packager-5.1.1.tgz#323ec842d6babe7336f70299c14df2e329c18939"
@@ -8844,6 +8867,27 @@ level-party@^4.0.0:
     multileveldown "^3.0.0"
     pump "^3.0.0"
 
+level-post@^1.0.7:
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/level-post/-/level-post-1.0.7.tgz#19ccca9441a7cc527879a0635000f06d5e8f27d0"
+  integrity sha512-PWYqG4Q00asOrLhX7BejSajByB4EmG2GaKHfj3h5UmmZ2duciXLPGYWIjBzLECFWUGOZWlm5B20h/n3Gs3HKew==
+  dependencies:
+    ltgt "^2.1.2"
+
+level-sublevel@^6.6.1:
+  version "6.6.5"
+  resolved "https://registry.yarnpkg.com/level-sublevel/-/level-sublevel-6.6.5.tgz#acddfa2be033b9e503544e2c647f3c03d5a23fbd"
+  integrity sha512-SBSR60x+dghhwGUxPKS+BvV1xNqnwsEUBKmnFepPaHJ6VkBXyPK9SImGc3K2BkwBfpxlt7GKkBNlCnrdufsejA==
+  dependencies:
+    bytewise "~1.1.0"
+    levelup "~0.19.0"
+    ltgt "~2.1.1"
+    pull-defer "^0.2.2"
+    pull-level "^2.0.3"
+    pull-stream "^3.6.8"
+    typewiselite "~1.0.0"
+    xtend "~4.0.0"
+
 level-supports@~1.0.0:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/level-supports/-/level-supports-1.0.1.tgz#2f530a596834c7301622521988e2c36bb77d122d"
@@ -8870,7 +8914,7 @@ leveldown@^5.4.0:
     napi-macros "~2.0.0"
     node-gyp-build "~4.1.0"
 
-levelup@^4.3.1, levelup@^4.3.2:
+levelup@^4.3.2:
   version "4.3.2"
   resolved "https://registry.yarnpkg.com/levelup/-/levelup-4.3.2.tgz#31c5b1b29f146d1d35d692e01a6da4d28fa55ebd"
   integrity sha512-cRTjU4ktWo59wf13PHEiOayHC3n0dOh4i5+FHr4tv4MX9+l7mqETicNq3Aj07HKlLdk0z5muVoDL2RD+ovgiyA==
@@ -8881,6 +8925,19 @@ levelup@^4.3.1, levelup@^4.3.2:
     level-supports "~1.0.0"
     xtend "~4.0.0"
 
+levelup@~0.19.0:
+  version "0.19.1"
+  resolved "https://registry.yarnpkg.com/levelup/-/levelup-0.19.1.tgz#f3a6a7205272c4b5f35e412ff004a03a0aedf50b"
+  integrity sha1-86anIFJyxLXzXkEv8ASgOgrt9Qs=
+  dependencies:
+    bl "~0.8.1"
+    deferred-leveldown "~0.2.0"
+    errno "~0.1.1"
+    prr "~0.0.0"
+    readable-stream "~1.0.26"
+    semver "~5.1.0"
+    xtend "~3.0.0"
+
 leven@^3.1.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/leven/-/leven-3.1.0.tgz#77891de834064cccba82ae7842bb6b14a13ed7f2"
@@ -9273,6 +9330,16 @@ longest@^1.0.1:
   resolved "https://registry.yarnpkg.com/longest/-/longest-1.0.1.tgz#30a0b2da38f73770e8294a0d22e6625ed77d0097"
   integrity sha1-MKCy2jj3N3DoKUoNIuZiXtd9AJc=
 
+looper@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/looper/-/looper-2.0.0.tgz#66cd0c774af3d4fedac53794f742db56da8f09ec"
+  integrity sha1-Zs0Md0rz1P7axTeU90LbVtqPCew=
+
+looper@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/looper/-/looper-3.0.0.tgz#2efa54c3b1cbaba9b94aee2e5914b0be57fbb749"
+  integrity sha1-LvpUw7HLq6m5Su4uWRSwvlf7t0k=
+
 loose-envify@^1.0.0, loose-envify@^1.1.0, loose-envify@^1.2.0, loose-envify@^1.3.0, loose-envify@^1.3.1, loose-envify@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.4.0.tgz#71ee51fa7be4caec1a63839f7e682d8132d30caf"
@@ -9320,6 +9387,11 @@ ltgt@^2.1.2:
   resolved "https://registry.yarnpkg.com/ltgt/-/ltgt-2.2.1.tgz#f35ca91c493f7b73da0e07495304f17b31f87ee5"
   integrity sha1-81ypHEk/e3PaDgdJUwTxezH4fuU=
 
+ltgt@~2.1.1:
+  version "2.1.3"
+  resolved "https://registry.yarnpkg.com/ltgt/-/ltgt-2.1.3.tgz#10851a06d9964b971178441c23c9e52698eece34"
+  integrity sha1-EIUaBtmWS5cReEQcI8nlJpjuzjQ=
+
 ltx@^2.5.0, ltx@^2.6.2:
   version "2.9.2"
   resolved "https://registry.yarnpkg.com/ltx/-/ltx-2.9.2.tgz#222b28745142b71f66c566f20bb73648f82c0d86"
@@ -9878,7 +9950,7 @@ nearley@^2.7.10:
     randexp "0.4.6"
     semver "^5.4.1"
 
-needle@^2.2.0:
+needle@^2.2.0, needle@^2.2.1:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/needle/-/needle-2.4.0.tgz#6833e74975c444642590e15a750288c5f939b57c"
   integrity sha512-4Hnwzr3mi5L97hMYeNl8wRW/Onhy4nUKR/lVemJ8gJedxxUyBLm9kkrDColJvoSfwi0jCNhD+xCdOtiGDQiRZg==
@@ -9986,14 +10058,30 @@ node-notifier@^5.4.2:
     shellwords "^0.1.1"
     which "^1.3.0"
 
-node-openssl-cert@^0.0.117:
-  version "0.0.117"
-  resolved "https://registry.yarnpkg.com/node-openssl-cert/-/node-openssl-cert-0.0.117.tgz#d17e66e6c7e24b5433fa98fdcfe022de8c94155c"
-  integrity sha512-JOuYNy/D3SG8kzwpC9gMsZKTPrQqp+KX3S5AN8aQ8zSuiU17pWsF542/1J+/I+x1rI4CvrP12zyih7H7bBN8rw==
+node-openssl-cert@^0.0.116:
+  version "0.0.116"
+  resolved "https://registry.yarnpkg.com/node-openssl-cert/-/node-openssl-cert-0.0.116.tgz#d334dff79bc6b15bfffef96433687f68e9bf2109"
+  integrity sha512-IJY0uBYKzZ2BgE3v43rN+5bWRAcwUKZdZvQW7jXtNf4alGtgxuNbauclZNuGalscYWFvKGKndMjp2MxVON7Log==
   dependencies:
     moment "^2.22.1"
     tmp "^0.0.33"
 
+node-pre-gyp@*:
+  version "0.14.0"
+  resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.14.0.tgz#9a0596533b877289bcad4e143982ca3d904ddc83"
+  integrity sha512-+CvDC7ZttU/sSt9rFjix/P05iS43qHCOOGzcr3Ry99bXG7VX953+vFyEuph/tfqoYu8dttBkE86JSKBO2OzcxA==
+  dependencies:
+    detect-libc "^1.0.2"
+    mkdirp "^0.5.1"
+    needle "^2.2.1"
+    nopt "^4.0.1"
+    npm-packlist "^1.1.6"
+    npmlog "^4.0.2"
+    rc "^1.2.7"
+    rimraf "^2.6.1"
+    semver "^5.3.0"
+    tar "^4.4.2"
+
 node-pre-gyp@0.9.1:
   version "0.9.1"
   resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.9.1.tgz#f11c07516dd92f87199dbc7e1838eab7cd56c9e0"
@@ -11287,6 +11375,11 @@ proxy-from-env@^1.0.0:
   resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.0.0.tgz#33c50398f70ea7eb96d21f7b817630a55791c7ee"
   integrity sha1-M8UDmPcOp+uW0h97gXYwpVeRx+4=
 
+prr@~0.0.0:
+  version "0.0.0"
+  resolved "https://registry.yarnpkg.com/prr/-/prr-0.0.0.tgz#1a84b85908325501411853d0081ee3fa86e2926a"
+  integrity sha1-GoS4WQgyVQFBGFPQCB7j+obikmo=
+
 prr@~1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/prr/-/prr-1.0.1.tgz#d3fc114ba06995a45ec6893f484ceb1d78f5f476"
@@ -11419,6 +11512,54 @@ pug@^2.0.0-rc.4, pug@^2.0.3:
     pug-runtime "^2.0.5"
     pug-strip-comments "^1.0.4"
 
+pull-cat@^1.1.9:
+  version "1.1.11"
+  resolved "https://registry.yarnpkg.com/pull-cat/-/pull-cat-1.1.11.tgz#b642dd1255da376a706b6db4fa962f5fdb74c31b"
+  integrity sha1-tkLdElXaN2pwa220+pYvX9t0wxs=
+
+pull-defer@^0.2.2:
+  version "0.2.3"
+  resolved "https://registry.yarnpkg.com/pull-defer/-/pull-defer-0.2.3.tgz#4ee09c6d9e227bede9938db80391c3dac489d113"
+  integrity sha512-/An3KE7mVjZCqNhZsr22k1Tx8MACnUnHZZNPSJ0S62td8JtYr/AiRG42Vz7Syu31SoTLUzVIe61jtT/pNdjVYA==
+
+pull-level@^2.0.3:
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/pull-level/-/pull-level-2.0.4.tgz#4822e61757c10bdcc7cf4a03af04c92734c9afac"
+  integrity sha512-fW6pljDeUThpq5KXwKbRG3X7Ogk3vc75d5OQU/TvXXui65ykm+Bn+fiktg+MOx2jJ85cd+sheufPL+rw9QSVZg==
+  dependencies:
+    level-post "^1.0.7"
+    pull-cat "^1.1.9"
+    pull-live "^1.0.1"
+    pull-pushable "^2.0.0"
+    pull-stream "^3.4.0"
+    pull-window "^2.1.4"
+    stream-to-pull-stream "^1.7.1"
+
+pull-live@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/pull-live/-/pull-live-1.0.1.tgz#a4ecee01e330155e9124bbbcf4761f21b38f51f5"
+  integrity sha1-pOzuAeMwFV6RJLu89HYfIbOPUfU=
+  dependencies:
+    pull-cat "^1.1.9"
+    pull-stream "^3.4.0"
+
+pull-pushable@^2.0.0:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/pull-pushable/-/pull-pushable-2.2.0.tgz#5f2f3aed47ad86919f01b12a2e99d6f1bd776581"
+  integrity sha1-Xy867UethpGfAbEqLpnW8b13ZYE=
+
+pull-stream@^3.2.3, pull-stream@^3.4.0, pull-stream@^3.6.8:
+  version "3.6.14"
+  resolved "https://registry.yarnpkg.com/pull-stream/-/pull-stream-3.6.14.tgz#529dbd5b86131f4a5ed636fdf7f6af00781357ee"
+  integrity sha512-KIqdvpqHHaTUA2mCYcLG1ibEbu/LCKoJZsBWyv9lSYtPkJPBq8m3Hxa103xHi6D2thj5YXa0TqK3L3GUkwgnew==
+
+pull-window@^2.1.4:
+  version "2.1.4"
+  resolved "https://registry.yarnpkg.com/pull-window/-/pull-window-2.1.4.tgz#fc3b86feebd1920c7ae297691e23f705f88552f0"
+  integrity sha1-/DuG/uvRkgx64pdpHiP3BfiFUvA=
+  dependencies:
+    looper "^2.0.0"
+
 pullstream@~0.4.0:
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/pullstream/-/pullstream-0.4.1.tgz#d6fb3bf5aed697e831150eb1002c25a3f8ae1314"
@@ -11623,7 +11764,7 @@ raw-body@~2.1.5:
     iconv-lite "0.4.13"
     unpipe "1.0.0"
 
-rc@^1.1.7:
+rc@^1.1.7, rc@^1.2.7:
   version "1.2.8"
   resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed"
   integrity sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==
@@ -12014,7 +12155,7 @@ readable-stream@2, readable-stream@^2.0.0, readable-stream@^2.0.1, readable-stre
     string_decoder "^1.1.1"
     util-deprecate "^1.0.1"
 
-readable-stream@~1.0.0, readable-stream@~1.0.17, readable-stream@~1.0.31:
+readable-stream@~1.0.0, readable-stream@~1.0.17, readable-stream@~1.0.26, readable-stream@~1.0.31:
   version "1.0.34"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c"
   integrity sha1-Elgg40vIQtLyqq+v5MKRbuMsFXw=
@@ -12635,6 +12776,11 @@ semver@^6.0.0, semver@^6.1.0, semver@^6.1.2, semver@^6.2.0, semver@^6.3.0:
   resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d"
   integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==
 
+semver@~5.1.0:
+  version "5.1.1"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-5.1.1.tgz#a3292a373e6f3e0798da0b20641b9a9c5bc47e19"
+  integrity sha1-oykqNz5vPgeY2gsgZBuanFvEfhk=
+
 semver@~5.3.0:
   version "5.3.0"
   resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f"
@@ -13117,6 +13263,14 @@ stream-splicer@^2.0.0:
     inherits "^2.0.1"
     readable-stream "^2.0.2"
 
+stream-to-pull-stream@^1.7.1:
+  version "1.7.3"
+  resolved "https://registry.yarnpkg.com/stream-to-pull-stream/-/stream-to-pull-stream-1.7.3.tgz#4161aa2d2eb9964de60bfa1af7feaf917e874ece"
+  integrity sha512-6sNyqJpr5dIOQdgNy/xcDWwDuzAsAwVzhzrWlAPAQ7Lkjx/rv0wgvxEyKwTq6FmNd5rjTrELt/CLmaSw7crMGg==
+  dependencies:
+    looper "^3.0.0"
+    pull-stream "^3.2.3"
+
 strict-timeout@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/strict-timeout/-/strict-timeout-1.0.0.tgz#f77c6dedec379a3b9d8d922bee0398ae5b1415ee"
@@ -13366,18 +13520,6 @@ subarg@^1.0.0:
   dependencies:
     minimist "^1.1.0"
 
-subleveldown@^4.1.4:
-  version "4.1.4"
-  resolved "https://registry.yarnpkg.com/subleveldown/-/subleveldown-4.1.4.tgz#3579563e4de4b811008046ad33280679bc39dba4"
-  integrity sha512-njpSBP/Bxh7EahraG6IhR6goOH2ffMTMVt7Ud+k/OhNFHrrmuvK+XYfauI8KnjCm0w381cUF43pejlWeJMZChA==
-  dependencies:
-    abstract-leveldown "^6.1.1"
-    encoding-down "^6.2.0"
-    inherits "^2.0.3"
-    level-option-wrap "^1.1.0"
-    levelup "^4.3.1"
-    reachdown "^1.0.0"
-
 supports-color@^0.2.0:
   version "0.2.0"
   resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-0.2.0.tgz#d92de2694eb3f67323973d7ae3d8b55b4c22190a"
@@ -13471,7 +13613,7 @@ tar@^2.0.0:
     fstream "^1.0.12"
     inherits "2"
 
-tar@^4:
+tar@^4, tar@^4.4.2:
   version "4.4.13"
   resolved "https://registry.yarnpkg.com/tar/-/tar-4.4.13.tgz#43b364bc52888d555298637b10d60790254ab525"
   integrity sha512-w2VwSrBoHa5BsSyH+KxEqeQBAllHhccyMFVHtGtdMpF4W7IRWfZjFiQceJPChOeTsSDVUpER2T8FA93pr0L+QA==
@@ -13866,6 +14008,23 @@ typescript@^3.1.6:
   resolved "https://registry.yarnpkg.com/typescript/-/typescript-3.7.4.tgz#1743a5ec5fef6a1fa9f3e4708e33c81c73876c19"
   integrity sha512-A25xv5XCtarLwXpcDNZzCGvW2D1S3/bACratYBx2sax8PefsFhlYmkQicKHvpYflFS8if4zne5zT5kpJ7pzuvw==
 
+typewise-core@^1.2, typewise-core@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/typewise-core/-/typewise-core-1.2.0.tgz#97eb91805c7f55d2f941748fa50d315d991ef195"
+  integrity sha1-l+uRgFx/VdL5QXSPpQ0xXZke8ZU=
+
+typewise@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/typewise/-/typewise-1.0.3.tgz#1067936540af97937cc5dcf9922486e9fa284651"
+  integrity sha1-EGeTZUCvl5N8xdz5kiSG6fooRlE=
+  dependencies:
+    typewise-core "^1.2.0"
+
+typewiselite@~1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/typewiselite/-/typewiselite-1.0.0.tgz#c8882fa1bb1092c06005a97f34ef5c8508e3664e"
+  integrity sha1-yIgvobsQksBgBal/NO9chQjjZk4=
+
 ua-parser-js@^0.7.18:
   version "0.7.21"
   resolved "https://registry.yarnpkg.com/ua-parser-js/-/ua-parser-js-0.7.21.tgz#853cf9ce93f642f67174273cc34565ae6f308777"
@@ -14619,6 +14778,11 @@ xtend@~2.1.1:
   dependencies:
     object-keys "~0.4.0"
 
+xtend@~3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/xtend/-/xtend-3.0.0.tgz#5cce7407baf642cba7becda568111c493f59665a"
+  integrity sha1-XM50B7r2Qsunvs2laBEcST9ZZlo=
+
 xxhashjs@^0.2.1:
   version "0.2.2"
   resolved "https://registry.yarnpkg.com/xxhashjs/-/xxhashjs-0.2.2.tgz#8a6251567621a1c46a5ae204da0249c7f8caa9d8"