elasticio · davydova-oleksandra · Dec 3, 2025 · Dec 3, 2025 · Dec 3, 2025
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -2,7 +2,7 @@ version: 2.1
 parameters:
   node-version:
     type: string
-    default: "18.13.0"
+    default: "24.10.0"
 orbs:
   node: circleci/node@5.0.0
   slack: circleci/slack@4.5.3
@@ -71,8 +71,8 @@ commands:
             }
 jobs:
   test:
-    docker: # run the steps with Docker
-      - image: cimg/node:18.13.0
+    docker:
+      - image: cimg/node:24.10.0
     steps:
       - checkout
       - node/install:
@@ -88,14 +88,14 @@ jobs:
           command: npm test
   build:
     docker:
-      - image: cimg/node:18.13.0
+      - image: cimg/node:24.10.0
         user: root
     steps:
       - checkout
       - node/install:
           node-version: << pipeline.parameters.node-version >>
       - setup_remote_docker:
-          version: 19.03.13
+          version: default
           docker_layer_caching: true
       # build and push Docker image
       - run:

diff --git a/.grype-ignore.yaml b/.grype-ignore.yaml
@@ -8,3 +8,18 @@ ignore:
     package:
       name: libcrypto3
       version: 3.0.7-r0
+
+  - vulnerability: CVE-2023-5363
+    package:
+      name: libssl3
+      version: 3.1.3-r0
+
+  - vulnerability: CVE-2023-5363
+    package:
+      name: libcrypto3
+      version: 3.1.3-r0
+
+  - vulnerability: CVE-2023-45853
+    package:
+      name: zlib
+      version: 1.3.1-r2
diff --git a/.nsprc b/.nsprc
@@ -10,5 +10,9 @@
   "GHSA-hrpp-h998-j3pp": {
     "active": true,
     "notes": "There is no query-string user input in sailor"
-  }
+  },
+    "GHSA-fjxv-7rqg-78g4": {
+      "active": true,
+      "notes": "This vulnerability is in form-data used transitively via deprecated 'request' library. We do not use form-data directly. Waiting on upstream libraries to upgrade."
+    }
 }
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 1.2.13 (December 03, 2025)
+
+* Update Sailor version to 2.7.7
+* Remove unused `elasticio-node` dependency
+* Update the Node engine to version 24.x.
+
 ## 1.2.12 (September 12, 2024)
 
 * Update Sailor version to 2.7.3

diff --git a/actions/code.js b/actions/code.js
@@ -1,7 +1,6 @@
 // eslint-disable-next-line import/no-extraneous-dependencies
 const _ = require('lodash');
 const vm = require('vm');
-const { messages } = require('elasticio-node');
 const co = require('co');
 const request = require('co-request');
 
@@ -15,6 +14,11 @@ function wait(timeout) {
   });
 }
 
+const messages = {
+  newMessageWithBody: (body) => ({ body, headers: {} }),
+  newEmptyMessage: () => ({ body: {}, headers: {} }),
+};
+
 // eslint-disable-next-line consistent-return,func-names
 exports.process = async function (msg, conf, snapshot) {
   const vmExports = {};

diff --git a/component.json b/component.json
@@ -1,6 +1,6 @@
 {
     "title": "Node.js Code",
-    "version": "1.2.12",
+    "version": "1.2.13-dev.1",
     "description": "You can write your own code and deploy it as part of integration process.",
     "docsUrl": "http://go2.elastic.io/code-component",
     "fields": {