Merge pull request #1 from httpland/beta

Beta
httpland · Mar 18, 2023 · 7bcced0 · 7bcced0
2 parents 1b7b1e6 + 6432ea4
commit 7bcced0
Show file tree

Hide file tree

Showing 19 changed files with 643 additions and 6 deletions.
diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml
@@ -0,0 +1,42 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches:
+      - main
+
+  pull_request:
+    branches:
+      - main
+
+  schedule:
+    - cron: '18 15 * * 2'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'typescript' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/release-npm.yaml b/.github/workflows/release-npm.yaml
@@ -0,0 +1,57 @@
+name: release-npm
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  release:
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+        deno: [v1.x]
+        node: [16.x]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: denoland/setup-deno@v1
+        with:
+          deno-version: ${{ matrix.deno }}
+
+      - name: Cache node_modules
+        uses: actions/cache@v2
+        with:
+          path: ~/.pnpm-store
+          key: ${{ runner.os }}-${{ hashFiles('**/pnpm-lock.yaml') }}
+          restore-keys: |
+            ${{ runner.os }}-
+
+      - uses: pnpm/action-setup@v2.0.1
+        with:
+          version: 6.23.6
+          run_install: |
+            - recursive: true
+              args: [--frozen-lockfile, --prefer-offline, --ignore-scripts]
+
+      - name: Get tag version
+        if: startsWith(github.ref, 'refs/tags/')
+        id: get_tag_version
+        run: echo ::set-output name=TAG_VERSION::${GITHUB_REF/refs\/tags\//}
+
+      - uses: actions/setup-node@v2
+        with:
+          node-version: ${{ matrix.node }}
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: build
+        run: deno run -A ./_tools/build_npm.ts ${{steps.get_tag_version.outputs.TAG_VERSION}}
+
+      - name: publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+        run: deno run -A ./_tools/publish_npm.ts ${{steps.get_tag_version.outputs.TAG_VERSION}}
+
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -0,0 +1,77 @@
+name: release
+
+on:
+  push:
+    branches:
+      - beta
+      - main
+
+jobs:
+  lint:
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+        deno: [v1.x]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: denoland/setup-deno@v1
+        with:
+          deno-version: ${{ matrix.deno }}
+
+      - name: Lint
+        run: |
+          deno fmt --check
+          deno lint
+
+  test:
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+        deno: [v1.x]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: denoland/setup-deno@v1
+        with:
+          deno-version: ${{ matrix.deno }}
+
+      - name: Test
+        run: deno task test --coverage=coverage
+
+      - name: Generate coverage
+        run: deno coverage coverage --output=cov_profile.lcov --lcov
+
+      - uses: codecov/codecov-action@v3
+        with:
+          files: cov_profile.lcov
+
+  release:
+    needs: [lint, test]
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.GH_TOKEN }}
+
+      - uses: cycjimmy/semantic-release-action@v3
+        with:
+          extra_plugins: |
+            @semantic-release/changelog
+            @semantic-release/git
+        env:
+          GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -0,0 +1,43 @@
+name: test
+
+on: push
+jobs:
+  lint:
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        os: [ubuntu-latest, ubuntu-22.04, macos-latest, windows-latest]
+        deno: [v1.x]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: denoland/setup-deno@v1
+        with:
+          deno-version: ${{ matrix.deno }}
+
+      - name: Lint
+        run: |
+          deno fmt --check
+          deno lint
+
+  test:
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        os: [ubuntu-latest, ubuntu-22.04, macos-latest, windows-latest]
+        deno: [v1.x]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: denoland/setup-deno@v1
+        with:
+          deno-version: ${{ matrix.deno }}
+
+      - name: Test
+        run: deno task test
diff --git a/.releaserc b/.releaserc
@@ -0,0 +1,25 @@
+{
+  "branches": [
+    "main",
+    {
+      "name": "beta",
+      "prerelease": true
+    }
+  ],
+  "plugins": [
+    "@semantic-release/commit-analyzer",
+    "@semantic-release/release-notes-generator",
+    "@semantic-release/changelog",
+    "@semantic-release/github",
+    [
+      "@semantic-release/git",
+      {
+        "assets": [
+          "CHANGELOG.md"
+        ],
+        "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
+      }
+    ]
+  ],
+  "tagFormat": "${version}"
+}
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,20 @@
+# [1.0.0-beta.3](https://github.com/httpland/hsts-middleware/compare/1.0.0-beta.2...1.0.0-beta.3) (2023-03-18)
+
+
+### Features
+
+* **mod:** export related types ([30de550](https://github.com/httpland/hsts-middleware/commit/30de55028cf46e349e40cc0e71a5ab773f6f1640))
+
+# [1.0.0-beta.2](https://github.com/httpland/hsts-middleware/compare/1.0.0-beta.1...1.0.0-beta.2) (2023-03-18)
+
+
+### Features
+
+* **utils:** add preset for recommended sts value ([c63de41](https://github.com/httpland/hsts-middleware/commit/c63de419cc40bc38b9d59e8861c3540b1ca12f2e))
+
+# 1.0.0-beta.1 (2023-03-17)
+
+
+### Features
+
+* **middleware:** add HSTS header middleware factory ([4ead771](https://github.com/httpland/hsts-middleware/commit/4ead771fd712af62524758b8e4fc0beb7306c88a))
diff --git a/README.md b/README.md
@@ -3,16 +3,16 @@
 [![deno land](http://img.shields.io/badge/available%20on-deno.land/x-lightgrey.svg?logo=deno)](https://deno.land/x/hsts_middleware)
 [![deno doc](https://doc.deno.land/badge.svg)](https://doc.deno.land/https/deno.land/x/hsts_middleware/mod.ts)
 [![GitHub release (latest by date)](https://img.shields.io/github/v/release/httpland/hsts-middleware)](https://github.com/httpland/hsts-middleware/releases)
-[![codecov](https://codecov.io/github/httpland/hsts-middleware/branch/main/graph/badge.svg?token=MNFZEQH8OK)](https://codecov.io/gh/httpland/hsts-middleware)
+[![codecov](https://codecov.io/gh/httpland/hsts-middleware/branch/main/graph/badge.svg?token=ERELj74qaQ)](https://codecov.io/gh/httpland/hsts-middleware)
 [![GitHub](https://img.shields.io/github/license/httpland/hsts-middleware)](https://github.com/httpland/hsts-middleware/blob/main/LICENSE)
 
 [![test](https://github.com/httpland/hsts-middleware/actions/workflows/test.yaml/badge.svg)](https://github.com/httpland/hsts-middleware/actions/workflows/test.yaml)
 [![NPM](https://nodei.co/npm/@httpland/hsts-middleware.png?mini=true)](https://nodei.co/npm/@httpland/hsts-middleware/)
 
-HTTP Strict Transport Security middleware.
+HTTP Strict Transport Security(HSTS) middleware.
 
 Compliant with
-[RFC 6797, HTTP Strict Transport Security (HSTS)](https://www.rfc-editor.org/rfc/rfc6797).
+[RFC 6797, HTTP Strict Transport Security(HSTS)](https://www.rfc-editor.org/rfc/rfc6797).
 
 ## Middleware
 
@@ -37,8 +37,8 @@ const response = await middleware(
 assertEquals(
   response.headers.get(
     "strict-transport-security",
-    "max-age=15552000; includeSubDomains",
   ),
+  "max-age=15552000; includeSubDomains",
 );
 ```
 
@@ -48,7 +48,7 @@ Default is to add the following header to the response.
 Strict-Transport-Security: max-age=15552000; includeSubDomains
 ```
 
-## StrictTransportSecurity
+## Strict Transport Security
 
 `StrictTransportSecurity` is a structured object of the
 `Strict-Transport-Security` Header.
@@ -84,7 +84,7 @@ Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
 
 ## Throwing error
 
-[StrictTransportSecurity](#stricttransportsecurity) is an invalid value, it
+[Strict Transport Security](#strict-transport-security) is an invalid value, it
 throws `TypeError`.
 
 An invalid value is obtained in the following cases:
@@ -98,6 +98,25 @@ import { assertThrows } from "https://deno.land/std/testing/asserts.ts";
 assertThrows(() => hsts({ maxAge: NaN }));
 ```
 
+## Preset
+
+STS presets are provided. It is value recommended by several hosts.
+
+- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html)
+- [mozilla](https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security)
+
+```ts
+import { hsts, STS } from "https://deno.land/x/hsts_middleware@$VERSION/mod.ts";
+
+const middleware = hsts(STS);
+```
+
+yield:
+
+```http
+Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
+```
+
 ## Effects
 
 Middleware may make changes to the following elements of the HTTP message.
@@ -111,6 +130,11 @@ Middleware is executed if all of the following conditions are met
 
 - `Strict-Transport-Security` header does not exists in response
 
+## API
+
+All APIs can be found in the
+[deno doc](https://doc.deno.land/https/deno.land/x/hsts_middleware/mod.ts).
+
 ## License
 
 Copyright © 2023-present [httpland](https://github.com/httpland).

diff --git a/_dev_deps.ts b/_dev_deps.ts
@@ -0,0 +1,7 @@
+export {
+  assert,
+  assertEquals,
+  assertThrows,
+} from "https://deno.land/std@0.180.0/testing/asserts.ts";
+export { describe, it } from "https://deno.land/std@0.180.0/testing/bdd.ts";
+export { equalsResponse } from "https://deno.land/x/http_utils@1.0.0-beta.13/response.ts";
diff --git a/_test_import_map.json b/_test_import_map.json
@@ -0,0 +1,5 @@
+{
+  "imports": {
+    "https://deno.land/x/hsts_middleware@$VERSION/": "./"
+  }
+}
diff --git a/_tools/build_npm.ts b/_tools/build_npm.ts
@@ -0,0 +1,23 @@
+import { build, emptyDir } from "https://deno.land/x/dnt@0.33.1/mod.ts";
+import { join } from "https://deno.land/std@0.177.0/path/mod.ts";
+import { makeOptions } from "./meta.ts";
+
+async function buildPkg(version: string): Promise<void> {
+  await emptyDir("./npm");
+  const pkg = makeOptions(version);
+  await Deno.copyFile("LICENSE", join(pkg.outDir, "LICENSE"));
+  Deno.copyFile(
+    join(".", "README.md"),
+    join(pkg.outDir, "README.md"),
+  );
+  await build(pkg);
+}
+
+if (import.meta.main) {
+  const version = Deno.args[0];
+  if (!version) {
+    console.error("argument is required");
+    Deno.exit(1);
+  }
+  await buildPkg(version);
+}