Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security updates #85

Merged
merged 14 commits into from
Jan 8, 2021
Merged

Security updates #85

merged 14 commits into from
Jan 8, 2021

Conversation

byrond
Copy link
Collaborator

@byrond byrond commented Jan 5, 2021
edited
Loading

Notes

Testing

  cors.config:
    enabled: true
    # Specify allowed headers, like 'x-allowed-header'.
    allowedHeaders: ['*']
    # Specify allowed request methods, specify ['*'] to allow all possible ones.
    allowedMethods: ['*']
    # Configure requests allowed from specific origins.
    allowedOrigins: ['*']
    # Sets the Access-Control-Expose-Headers header.
    exposedHeaders: false
    # Sets the Access-Control-Max-Age header.
    maxAge: false
    # Sets the Access-Control-Allow-Credentials header.
    supportsCredentials: false
  • Create .eslintignore in the root of this project with * as its contents.
  • Create .env.local.js from the example file, and update the hostname:
hostname: "d8.fs-demo.local",
  • yarn start
  • Test the search and facets to verify you see the expected results.

dependabot bot and others added 8 commits June 6, 2020 13:50
@dependabot
Bump websocket-extensions from 0.1.3 to 0.1.4
58f4eac 
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](faye/websocket-extensions-node@0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump elliptic from 6.5.2 to 6.5.3
1c525a7 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](indutny/elliptic@v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump http-proxy from 1.18.0 to 1.18.1
36bbb21 
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](http-party/node-http-proxy@1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump ini from 1.3.5 to 1.3.7
ef0491a 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.7.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](npm/ini@v1.3.5...v1.3.7)

Signed-off-by: dependabot[bot] <[email protected]>
@byrond
Merge pull request #84 from palantirnet/dependabot/npm_and_yarn/ini-1…
9b72144 
….3.7

Bump ini from 1.3.5 to 1.3.7
@byrond
Merge pull request #83 from palantirnet/dependabot/npm_and_yarn/http-…
0678e36 
…proxy-1.18.1

Bump http-proxy from 1.18.0 to 1.18.1
@byrond
Merge pull request #82 from palantirnet/dependabot/npm_and_yarn/ellip…
eaa5cb2 
…tic-6.5.3

Bump elliptic from 6.5.2 to 6.5.3
@byrond
Merge pull request #81 from palantirnet/dependabot/npm_and_yarn/webso…
78c64b3 
…cket-extensions-0.1.4

Bump websocket-extensions from 0.1.3 to 0.1.4
@byrond byrond added the Work in-Progress Do not merge PR, currently being worked on. label Jan 5, 2021
@byrond byrond self-assigned this Jan 5, 2021
@byrond byrond added Ready for Review and removed Work in-Progress Do not merge PR, currently being worked on. labels Jan 5, 2021
@agentrickard
Copy link
Contributor

agentrickard commented Jan 5, 2021
edited
Loading

I now have these:

Untracked files:
  (use "git add <file>..." to include in what will be committed)
	.eslintcache
	.eslintignore

@byrond
Copy link
Collaborator Author

byrond commented Jan 5, 2021

@agentrickard I added .eslintcache to .gitignore. I am leaving .eslintignore out, since we may need to add one later.

agentrickard
agentrickard approved these changes Jan 6, 2021
View reviewed changes
Copy link
Contributor

@agentrickard agentrickard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This tests correctly both with and without the proxy enabled.

@agentrickard
Copy link
Contributor

@byrond are you doing the linting in this branch or another?

@byrond
Copy link
Collaborator Author

byrond commented Jan 8, 2021

@agentrickard I'm creating a new branch for fixing the linting errors.

@byrond byrond merged commit b247c05 into 3.x Jan 8, 2021
@byrond byrond deleted the security-updates branch January 8, 2021 20:02
@byrond byrond mentioned this pull request Jan 12, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@agentrickard agentrickard agentrickard approved these changes

Assignees

@byrond byrond

Labels
Ready for Review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@byrond @agentrickard