From b808ebcd607e51f681316c839140483d4c5e2a89 Mon Sep 17 00:00:00 2001
From: fengmk2 <fengmk2@gmail.com>
Date: Sun, 24 Nov 2024 12:59:15 +0800
Subject: [PATCH] chore: security support >= 3.0.0 (#732)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

- **Documentation**
- Updated the "Supported Versions" section in the SECURITY.md file to
reflect that security updates are now provided for versions 3.0.0 and
above.
- Minor formatting adjustments made in the "Disclosure Policy" section
for consistency.
- **Chores**
- Simplified debugger configurations by removing explicit protocol and
port settings from the `.vscode/launch.json` file.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: elrrrrrrr <elrrrrrrr@gmail.com>
---
 .vscode/launch.json                | 4 ----
 SECURITY.md                        | 8 ++++----
 app/repository/SearchRepository.ts | 3 ++-
 3 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/.vscode/launch.json b/.vscode/launch.json
index cb6ae5f2..fb1e44a8 100644
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -17,8 +17,6 @@
       ],
       "console": "integratedTerminal",
       "restart": true,
-      "protocol": "auto",
-      "port": 9229,
       "autoAttachChildProcesses": true
     },
     {
@@ -32,8 +30,6 @@
         "--",
         "--inspect-brk"
       ],
-      "protocol": "auto",
-      "port": 9229,
       "autoAttachChildProcesses": true
     }
   ]
diff --git a/SECURITY.md b/SECURITY.md
index 7caa1993..4dd77e38 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -6,7 +6,7 @@ Currently being supported with security updates.
 
 | Version  | Supported          |
 | -------- | ------------------ |
-| >= 1.0.0 | :white_check_mark: |
+| >= 3.0.0 | :white_check_mark: |
 
 ## Reporting a Vulnerability
 
@@ -35,7 +35,7 @@ When the security team receives a security bug report, they will assign it
 to a primary handler. This person will coordinate the fix and release
 process, involving the following steps:
 
-  * Confirm the problem and determine the affected versions.
-  * Audit code to find any potential similar problems.
-  * Prepare fixes for all releases still under maintenance. These fixes
+* Confirm the problem and determine the affected versions.
+* Audit code to find any potential similar problems.
+* Prepare fixes for all releases still under maintenance. These fixes
     will be released as fast as possible to NPM.
diff --git a/app/repository/SearchRepository.ts b/app/repository/SearchRepository.ts
index 9559fbd4..2cdf7cd5 100644
--- a/app/repository/SearchRepository.ts
+++ b/app/repository/SearchRepository.ts
@@ -1,6 +1,7 @@
 import { SingletonProto, AccessLevel, Inject } from '@eggjs/tegg';
 import { SearchAdapter } from '../common/typing';
 import { AuthorType, CnpmcorePatchInfo, PackageManifestType } from './PackageRepository';
+import { estypes } from '@elastic/elasticsearch';
 
 export type SearchJSONPickKey = '_rev' | 'name' | 'description' | 'keywords' | 'license' | 'maintainers' | 'dist-tags' | '_source_registry_name';
 
@@ -34,7 +35,7 @@ export class SearchRepository {
   private readonly searchAdapter: SearchAdapter;
 
 
-  async searchPackage(query) {
+  async searchPackage(query): Promise<estypes.SearchHitsMetadata<SearchManifestType>> {
     return await this.searchAdapter.search<SearchManifestType>(query);
   }