Merge commercial repo (origin/main) back into open-source

Syncs all changes from jazzer.js-commercial back into the open-source repo:
- Features: SSRF bug detector, eval/Function sanitizers, global function hooking,
  per-test dictionaries, built-in class function hooking
- Breaking changes: FDP uses UTF-8 for strings, removed printable string generation
- Releases: 3.0.0 and 3.1.0
- CI: updated pipelines, self-hosted macOS runner, grouped dependabot PRs
- Dependency bumps to latest versions

Conflict resolution:
- All package.json/package-lock.json conflicts resolved by taking origin/main
  (newer dependency versions)
- Restored Apache 2.0 LICENSE (removed in commercial repo)
- Removed 'no longer open source' README banner (re-open-sourcing)

Author: oetr

.github/dependabot.yml

@@ -3,5 +3,10 @@ updates:
   - package-ecosystem: "npm"
     directory: "/"
     schedule:
-      interval: "daily"
+      interval: "weekly"
     versioning-strategy: increase
+    groups:
+      minor-dependencies:
+        update-types:
+          - "minor"
+          - "patch"

.github/workflows/prerelease.yaml

@@ -1,13 +1,52 @@
 name: "🚀 Release"
 
 on:
-  release:
-    types: [released]
+  workflow_dispatch:
+  push:
+    tags:
+      - "v*.*.*"
 
 jobs:
+  prebuilds:
+    name: create prebuilds
+    strategy:
+      matrix:
+        os: [ubuntu-20.04, selfhosted-macos, windows-2019]
+        opts: [""]
+        include:
+          - os: selfhosted-macos
+            opts: "--arch x86_64"
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+      - name: node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          cache: "npm"
+      - name: MSVC (windows)
+        uses: ilammy/msvc-dev-cmd@v1
+        if: contains(matrix.os, 'windows')
+      - name: install dependencies
+        run: npm ci
+      - name: build
+        run: |
+          npm run prebuild --workspace=@jazzer.js/fuzzer -- ${{ matrix.opts }}
+          npm run build --workspace=@jazzer.js/fuzzer -- ${{ matrix.opts }}
+      - name: upload
+        uses: actions/upload-artifact@v3
+        with:
+          name: native-addon
+          path: packages/fuzzer/prebuilds
+          if-no-files-found: error
+
   release:
     name: release
+    needs: [prebuilds]
     runs-on: ubuntu-20.04
+    permissions:
+      contents: write # for creating releases
     steps:
       - name: checkout
         uses: actions/checkout@v3
@@ -16,10 +55,31 @@ jobs:
         with:
           node-version: 16
           cache: "npm"
-          registry-url: https://registry.npmjs.org
-      - name: install & build
-        run: npm ci && npm run build
-      - name: publish to npm
+          registry-url: https://gitlab.code-intelligence.com/api/v4/projects/89/packages/npm/
+      - name: install
+        run: npm ci
+      - name: build
+        run: npm run build
+      - name: download prebuilds
+        uses: actions/download-artifact@v3
+        with:
+          name: native-addon
+          path: packages/fuzzer/prebuilds
+          if-no-files-found: error
+      - name: publish
         run: npm publish --workspaces --access public
         env:
           NODE_AUTH_TOKEN: ${{secrets.NPM_ACCESS_TOKEN}}
+      # create GitHub release
+      - name: read version
+        id: read-version
+        run: |
+          echo ::set-output name=version::\
+          $(cat ./package.json | jq '.version' | tr -d '"')
+        shell: bash
+      - name: create release
+        uses: softprops/action-gh-release@v1
+        with:
+          name: Release ${{ steps.read-version.outputs.version }}
+          body_path: ./.github/release_template.md
+          generate_release_notes: true

.github/workflows/release.yaml

@@ -0,0 +1,131 @@
+name: "🔍 Tests Main"
+on:
+  push:
+    branches: [main]
+  merge_group:
+  workflow_dispatch:
+concurrency:
+  group:
+    ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+jobs:
+  tests:
+    name: tests
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [windows-2019, ubuntu-20.04, selfhosted-macos]
+        node: [16]
+        include:
+          # Test LTS versions on main
+          # 18 on Ubuntu is sufficient, and 20 already tested in PR
+          - os: ubuntu-20.04
+            node: 18
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+      - uses: actions/cache@v3
+        id: cache-fuzzer
+        with:
+          path: |
+            packages/fuzzer/prebuilds
+          key:
+            fuzzer-cache-${{ matrix.os }}-${{
+            hashFiles('packages/fuzzer/CMakeLists.txt',
+            'packages/fuzzer/**/*.h', 'packages/fuzzer/**/*.cpp') }}
+      - name: node
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node }}
+          cache: "npm"
+      - name: MSVC (windows)
+        uses: ilammy/msvc-dev-cmd@v1
+        if: contains(matrix.os, 'windows')
+      - name: install dependencies
+        run: npm ci
+      - name: build project
+        run: npm run build
+      - name: build fuzzer
+        if: ${{ steps.cache-fuzzer.outputs.cache-hit != 'true' }}
+        run: npm run build --workspace=@jazzer.js/fuzzer
+      - name: run all tests
+        run: npm run test
+  fuzz_tests:
+    name: fuzz tests
+    runs-on: ubuntu-20.04
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+      - uses: actions/cache@v3
+        id: cache-fuzzer
+        with:
+          path: |
+            packages/fuzzer/prebuilds
+          key:
+            fuzzer-cache-${{ runner.os }}-${{
+            hashFiles('packages/fuzzer/CMakeLists.txt',
+            'packages/fuzzer/**/*.h', 'packages/fuzzer/**/*.cpp') }}
+      - name: node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          cache: "npm"
+      - name: install dependencies
+        run: npm ci
+      - name: build project
+        run: npm run build
+      - name: build fuzzer
+        if: ${{ steps.cache-fuzzer.outputs.cache-hit != 'true' }}
+        run: npm run build --workspace=@jazzer.js/fuzzer
+      - name: run all fuzz tests
+        run: node fuzztests/runFuzzTests.js
+  end-to-end:
+    name: end-to-end
+    runs-on: ubuntu-20.04
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+      # Build with node.js 16
+      - name: node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          cache: "npm"
+      - name: pack jazzer.js
+        run: cd end-to-end && ./package-jazzer-js.sh
+      - name: build example
+        run: cd end-to-end && npm install --save-dev *.tgz && npm run build
+
+      # Run with different node.js versions
+      # all in one job to avoid rebuilding
+      - name: "node 14"
+        uses: actions/setup-node@v3
+        with:
+          node-version: 14
+          cache: "npm"
+      - name: run tests
+        run: cd end-to-end && npx jest
+
+      - name: "node 16"
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          cache: "npm"
+      - name: run tests
+        run: cd end-to-end && npx jest
+
+      - name: "node 18"
+        uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          cache: "npm"
+      - name: run tests
+        run: cd end-to-end && npx jest
+
+      - name: "node 20"
+        uses: actions/setup-node@v3
+        with:
+          node-version: 20
+          cache: "npm"
+      - name: run tests
+        run: cd end-to-end && npx jest