1
0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-25 00:07:47 +01:00
Commit Graph

7284 Commits

Author SHA1 Message Date
Renovate Bot
37268baa3a chore(deps): update dependency typescript to v4.7.2 2022-05-24 21:38:08 +00:00
Renovate Bot
b39c03e561 chore(deps): update storybook monorepo to v6.5.5 2022-05-24 20:19:06 +00:00
Renovate Bot
ad319f9016 chore(deps): update dependency lint-staged to v12.4.2 2022-05-24 17:27:32 +00:00
Renovate Bot
e3399cda89 chore(deps): update typescript-eslint monorepo to v5.26.0 2022-05-24 13:01:04 +00:00
Ivar Conradi Østhus
fe05ca656d
fix: upgrade multer to v1.4.4 2022-05-24 12:26:46 +02:00
Fredrik Strand Oseberg
7ba9d2a577 Feat/new strategies table (#1012)
* fix: add flex to toolbarcontainer

* feat: add initial new table

* feat: add styled badge

* feat: remove dead code

* fix: remove useContext import

* fix: update context buttons to icon buttons

* feat: add loading

* fix: remove unused imports

* Update src/component/strategies/StrategiesList/PredefinedBadge/PredefinedBadge.tsx

Co-authored-by: Tymoteusz Czech <2625371+Tymek@users.noreply.github.com>

* fix: update spacing to use theme

* fix: update loading

* fix: update type

Co-authored-by: Tymoteusz Czech <2625371+Tymek@users.noreply.github.com>
2022-05-24 10:58:06 +02:00
Thomas Heartman
9463c8df90 meta: add external PRs to project board (#1006)
The `pull_request` hook runs in the context of the proposed changes. That means that for forks, this action won't have access to the required secrets for it to complete. As such, PRs from outside contributors won't work correctly.

The `pull_request_target` hook, however, runs in the context of the target branch, and thus has all the permissions it needs. The [github docs for this hook](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target) also indicate that this is the way to go:

> This event allows your workflow to do things like label or comment on pull requests from forks. Avoid using this event if you need to build or run code from the pull request.

## Interesting note for PRs

It seems that when this change is proposed as a PR, the expected action (_add new item to project board_) does not run. However, this does not affect other new PRs. After merging, the pipeline works and triggers as expected, for both external and internal contributors.

## Isn't this potentially dangerous?

Good question! As far as I understand: no, it's not. The long answer is in [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/), but I'll try and summarize it here.

Some choice cuts from the article:

> TL;DR: Combining pull_request_target workflow trigger with an **explicit checkout of an untrusted PR** is a dangerous practice that may lead to repository compromise.

However, we do not check the PR out!

> Due to the dangers inherent to automatic processing of PRs, GitHub’s standard pull_request workflow trigger by default prevents write permissions and secrets access to the target repository. However, in some scenarios such access is needed to properly process the PR. To this end the pull_request_target workflow trigger was introduced.

> pull_request_target runs in the context of the target repository of the PR, rather than in the merge commit. This means the standard checkout action uses the target repository to prevent accidental usage of the user supplied code.

> These safeguards enable granting the pull_request_target additional permissions. The reason to introduce the pull_request_target trigger was to enable workflows to label PRs (e.g. needs review) or to comment on the PR. The intent is to use the trigger for PRs that do not require dangerous processing, say building or running the content of the PR.

That is: when using `pull_request_target`, the action will not check out the PR branch and thus, the PR cannot inject any code changes into the action. On the other hand `pull_request` uses the code that's in the PR to run actions, which is why it requires explicit authorization before being run.

`pull_request_target` runs in the context of the target branch (most commonly `main`) and only runs code that already exists in the target branch. No code from the PR gets used.

Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com>
2022-05-24 10:26:41 +02:00
olav
b742a69c4c refactor: improve OpenAPI refs (#1005)
* refactor: regenerate OpenAPI client

* refactor: update usage of OpenAPI client
2022-05-24 08:37:46 +02:00
olav
59060ed3ea
refactor: improve OpenAPI refs (#1620)
* refactor: simplify FeatureEnvironmentSchema name

* refactor: format schema files

* fix: pass nested schemas to FromSchema

* refactor: remove ref order note

* refactor: fix overly strict required fields

* refactor: clean up mapper names and paths

* refactor: replace mappers with optional fields
2022-05-24 08:37:35 +02:00
Renovate Bot
a0261daac6 chore(deps): update material-ui monorepo 2022-05-23 20:23:55 +00:00
Renovate Bot
d4581a1ae2 fix(deps): update dependency unleash-frontend to v4.11.2 2022-05-23 15:54:10 +00:00
Renovate Bot
eca933eb65 chore(deps): update storybook monorepo to v6.5.4 2022-05-23 13:37:39 +00:00
renovate[bot]
b57754ca35
chore(deps): update dependency eslint to v8.16.0 (#1622)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-23 12:29:59 +02:00
Fredrik Strand Oseberg
68661e983d fix: path param (#1011) 2022-05-23 12:28:57 +02:00
Ivar Conradi Østhus
5dc7d8dfac
Create codeql-analysis.yml 2022-05-23 12:22:31 +02:00
Tymoteusz Czech
0f272680ee
fix: project environments order (#1599) 2022-05-23 08:52:50 +00:00
Renovate Bot
d65ceeacc8 chore(deps): update dependency msw to v0.41.0 2022-05-22 04:49:14 +00:00
Renovate Bot
f306622580 chore(deps): update dependency ts-node to v10.8.0 2022-05-21 22:38:08 +00:00
Renovate Bot
caff12b6d6 chore(deps): update dependency vitest to v0.12.9 2022-05-21 22:00:27 +00:00
Renovate Bot
f15cc528bd chore(deps): update dependency eslint to v8.16.0 2022-05-21 04:25:33 +00:00
Renovate Bot
959fcf3ff3 chore(deps): update dependency sass to v1.52.1 2022-05-21 01:59:12 +00:00
Renovate Bot
16a2e74041 chore(deps): update storybook monorepo to v6.5.3 2022-05-20 23:39:01 +00:00
renovate[bot]
4cf5415957
fix(deps): update dependency unleash-frontend to v4.11.0 (#1597)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-20 22:32:00 +02:00
Renovate Bot
e2384a4434 chore(deps): update dependency msw to v0.40.2 2022-05-20 19:21:44 +00:00
Ivar Conradi Østhus
5460245a67
fix: do not produce report.json in coverage action for now 2022-05-20 19:29:14 +02:00
Ivar Conradi Østhus
3c91acca4c
fix: coverage action 2022-05-20 16:48:13 +02:00
Ivar Conradi Østhus
51c1c790b4
fix: inline coverage action script commands 2022-05-20 16:41:43 +02:00
Ivar Conradi Østhus
e2442f5a2c
chore: test 2022-05-20 16:36:06 +02:00
Ivar Conradi Østhus
477779069d
fix: switch gh token for coverage action 2022-05-20 16:23:42 +02:00
olav
b53912aef9
refactor: add regression test for long parameter values (#1617)
* refactor: add regression test for long parameter values

* refactor: format file
2022-05-20 15:44:41 +02:00
Thomas Heartman
312b5d42e8
meta: add external PRs to project board
The `pull_request` hook runs in the context of the proposed changes. That means that for forks, this action won't have access to the required secrets for it to complete. As such, PRs from outside contributors won't work correctly.

The `pull_request_target` hook, however, runs in the context of the target branch, and thus has all the permissions it needs. The [github docs for this hook](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target) also indicate that this is the way to go:

> This event allows your workflow to do things like label or comment on pull requests from forks. Avoid using this event if you need to build or run code from the pull request.

## Interesting note for PRs

It seems that when this change is proposed as a PR, the expected action (_add new item to project board_) does not run. However, this does not affect other new PRs. Also, after merging it works as expected, for both external and internal contributors.
2022-05-20 15:21:54 +02:00
Ivar Conradi Østhus
7b7f0b84e8
fix: coverage action need username 2022-05-20 12:53:55 +02:00
renovate[bot]
090d7155e0
chore(deps): update dependency ts-jest to v27.1.5 (#1606)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-20 12:43:33 +02:00
Ivar Conradi Østhus
4eaec6e1d3
fix: add gh creds to coverage action 2022-05-20 12:25:17 +02:00
renovate[bot]
f954de0ecf
chore(deps): update dependency @babel/core to v7.18.0 (#1612)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-05-20 12:20:44 +02:00
Ivar Conradi Østhus
f681f83706
fix: coverage action 2022-05-20 12:19:08 +02:00
Ivar Conradi Østhus
b25435052b
fix: coverage build for main should be a seperate workflow 2022-05-20 12:09:16 +02:00
Ivar Conradi Østhus
c928b20666
chore: update coverage reports 2022-05-20 12:03:31 +02:00
Ivar Conradi Østhus
b16e842849
fix: auto-push coverage 2022-05-20 12:00:30 +02:00
Ivar Conradi Østhus
083fd0dfa3
chore: update coverage 2022-05-20 11:49:56 +02:00
Ivar Conradi Østhus
3934509d4c
fix: failing test 2022-05-20 11:48:08 +02:00
Ivar Conradi Østhus
3d6cfb6582
fix: do not ignore coverage/report.json 2022-05-20 11:44:53 +02:00
Ivar Conradi Østhus
7ddb9f70eb
fix: more debugigng to jest coverage action (POC) 2022-05-20 11:38:54 +02:00
Ivar Conradi Østhus
4869ee8266
fix: more debug 2022-05-20 11:37:43 +02:00
olav
05808745a7
fix: remove parametersSchema maxLength requirement (#1616) 2022-05-20 11:31:34 +02:00
Nuno Góis
40c920f184
docs: use named export instead of default (#1615) 2022-05-20 10:31:05 +01:00
Ivar Conradi Østhus
efb69e6474
fix: add debug step 2022-05-20 11:30:20 +02:00
Ivar Conradi Østhus
590fa50edc
chore: fix coverage badge 2022-05-20 11:26:32 +02:00
Nuno Góis
46c253b964
docs: use named export instead of default (#1614) 2022-05-20 11:22:14 +02:00
Ivar Conradi Østhus
34c4f5bd84
fix: only specify base-cov-file for jest action (poc) 2022-05-20 11:20:09 +02:00