Skip to content

Commit

Permalink
Merge pull request #50 from kaloyan-marinov/2024/03/16/13_14/50/attem…
Browse files Browse the repository at this point in the history 
…pt-to-resolve-a-security-alert-related-to-xmldom

Attempt to resolve a security alert related to `xmldom`
  • Loading branch information
@kaloyan-marinov
kaloyan-marinov authored Mar 19, 2024
2 parents ce34b5f + ff41d13 commit 591a9b2
Show file tree
Hide file tree
Showing 9 changed files with 245 additions and 145 deletions.
277 changes: 183 additions & 94 deletions frontend/package-lock.json
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion frontend/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
"@types/react-router-dom": "^5.1.7",
"@types/redux-mock-store": "^1.0.2",
"@types/uuid": "^8.3.0",
"msw": "^0.29.0",
"msw": "^1.3.3",
"redux-mock-store": "^1.5.4"
}
}
12 changes: 3 additions & 9 deletions frontend/src/App.test.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import { Provider } from "react-redux";
import { createMemoryHistory, MemoryHistory } from "history";
import { Router } from "react-router-dom";
import { rest } from "msw";
import { setupServer, SetupServerApi } from "msw/node";
import { setupServer, SetupServer } from "msw/node";
import thunkMiddleware from "redux-thunk";

import { IState } from "./types";
Expand All @@ -21,9 +21,6 @@ import {
createMockOneOrManyFailures,
requestHandlers,
RequestHandlingFacilitator,
PutRequestBody,
PutResponseBody,
PutRequestParams,
} from "./testHelpers";
import { App } from "./App";

Expand Down Expand Up @@ -51,7 +48,7 @@ const requestHandlersToMock = [
rest.delete("/api/examples/:id", mockMultipleFailures),
];

const requestInterceptionLayer: SetupServerApi = setupServer(
const requestInterceptionLayer: SetupServer = setupServer(
...requestHandlersToMock
);

Expand Down Expand Up @@ -1210,10 +1207,7 @@ test(

rest.get("/api/examples", rhf.createMockFetchExamples()),

rest.put<PutRequestBody, PutResponseBody, PutRequestParams>(
"/api/examples/:id",
rhf.createMockEditExample()
),
rest.put("/api/examples/:id", rhf.createMockEditExample()),
rest.get("/api/examples", rhf.createMockFetchExamples()),
rest.get("/api/examples", rhf.createMockFetchExamples())
);
Expand Down
9 changes: 4 additions & 5 deletions frontend/src/features/auth/Login.test.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@ import thunkMiddleware from "redux-thunk";
import { Provider } from "react-redux";
import { createMemoryHistory, MemoryHistory } from "history";
import { Router } from "react-router-dom";
import { DefaultRequestBody, MockedRequest, rest, RestHandler } from "msw";
import { setupServer, SetupServerApi } from "msw/node";
import { DefaultBodyType, MockedRequest, rest, RestHandler } from "msw";
import { setupServer, SetupServer } from "msw/node";

import { rootReducer, TEnhancer } from "../../store";
import { Login } from "./Login";
Expand Down Expand Up @@ -85,10 +85,9 @@ describe("<Login>", () => {
});

/* Create an MSW "request-interception layer". */
const requestHandlersToMock: RestHandler<MockedRequest<DefaultRequestBody>>[] =
[];
const requestHandlersToMock: RestHandler<MockedRequest<DefaultBodyType>>[] = [];

const requestInterceptionLayer: SetupServerApi = setupServer(
const requestInterceptionLayer: SetupServer = setupServer(
...requestHandlersToMock
);

Expand Down
9 changes: 4 additions & 5 deletions frontend/src/features/auth/Register.test.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@ import thunkMiddleware from "redux-thunk";
import { Provider } from "react-redux";
import { createMemoryHistory, MemoryHistory } from "history";
import { Router } from "react-router-dom";
import { DefaultRequestBody, MockedRequest, rest, RestHandler } from "msw";
import { setupServer, SetupServerApi } from "msw/node";
import { DefaultBodyType, MockedRequest, rest, RestHandler } from "msw";
import { setupServer, SetupServer } from "msw/node";

import { IState } from "../../types";
import { INITIAL_STATE, rootReducer, TEnhancer } from "../../store";
Expand Down Expand Up @@ -169,10 +169,9 @@ describe("<Register>", () => {
});

/* Create an MSW "request-interception layer". */
const requestHandlersToMock: RestHandler<MockedRequest<DefaultRequestBody>>[] =
[];
const requestHandlersToMock: RestHandler<MockedRequest<DefaultBodyType>>[] = [];

const requestInterceptionLayer: SetupServerApi = setupServer(
const requestInterceptionLayer: SetupServer = setupServer(
...requestHandlersToMock
);

Expand Down
9 changes: 4 additions & 5 deletions frontend/src/features/auth/authSlice.test.ts
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import { setupServer, SetupServerApi } from "msw/node";
import { setupServer, SetupServer } from "msw/node";
import { MockStoreEnhanced } from "redux-mock-store";
import configureMockStore from "redux-mock-store";
import thunkMiddleware, { ThunkDispatch } from "redux-thunk";
import { DefaultRequestBody, MockedRequest, rest, RestHandler } from "msw";
import { DefaultBodyType, MockedRequest, rest, RestHandler } from "msw";
import { AnyAction } from "redux";

import { RequestStatus, IProfile, IStateAuth, IState } from "../../types";
Expand Down Expand Up @@ -638,10 +638,9 @@ describe("reducer", () => {
});

/* Create an MSW "request-interception layer". */
const requestHandlersToMock: RestHandler<MockedRequest<DefaultRequestBody>>[] =
[];
const requestHandlersToMock: RestHandler<MockedRequest<DefaultBodyType>>[] = [];

const requestInterceptionLayer: SetupServerApi = setupServer(
const requestInterceptionLayer: SetupServer = setupServer(
...requestHandlersToMock
);

Expand Down
11 changes: 6 additions & 5 deletions frontend/src/features/examples/OwnVocabTreasury.test.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ import { createStore } from "redux";
import { Provider } from "react-redux";
import { applyMiddleware } from "redux";
import thunkMiddleware from "redux-thunk";
import { DefaultRequestBody, MockedRequest, rest, RestHandler } from "msw";
import { setupServer, SetupServerApi } from "msw/node";
import { DefaultBodyType, MockedRequest, rest, RestHandler } from "msw";
import { setupServer, SetupServer } from "msw/node";

import { IState } from "../../types";
import { INITIAL_STATE, rootReducer, TEnhancer } from "../../store";
Expand All @@ -24,10 +24,11 @@ const mockMultipleFailures = createMockOneOrManyFailures("multiple failures", {
error: "[mocked] Unauthorized",
message: "[mocked] Authentication in the Basic Auth format is required.",
});
const requestHandlersToMock: RestHandler<MockedRequest<DefaultRequestBody>>[] =
[rest.get("/api/examples", mockMultipleFailures)];
const requestHandlersToMock: RestHandler<MockedRequest<DefaultBodyType>>[] = [
rest.get("/api/examples", mockMultipleFailures),
];

const requestInterceptionLayer: SetupServerApi = setupServer(
const requestInterceptionLayer: SetupServer = setupServer(
...requestHandlersToMock
);

Expand Down
9 changes: 4 additions & 5 deletions frontend/src/features/examples/examplesSlice.test.ts
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import { setupServer, SetupServerApi } from "msw/node";
import { setupServer, SetupServer } from "msw/node";
import { MockStoreEnhanced } from "redux-mock-store";
import configureMockStore from "redux-mock-store";
import thunkMiddleware, { ThunkDispatch } from "redux-thunk";
import { DefaultRequestBody, MockedRequest, rest, RestHandler } from "msw";
import { DefaultBodyType, MockedRequest, rest, RestHandler } from "msw";
import { AnyAction } from "redux";

import {
Expand Down Expand Up @@ -986,10 +986,9 @@ describe("reducer", () => {
});

/* Create an MSW "request-interception layer". */
const requestHandlersToMock: RestHandler<MockedRequest<DefaultRequestBody>>[] =
[];
const requestHandlersToMock: RestHandler<MockedRequest<DefaultBodyType>>[] = [];

const requestInterceptionLayer: SetupServerApi = setupServer(
const requestInterceptionLayer: SetupServer = setupServer(
...requestHandlersToMock
);

Expand Down
52 changes: 36 additions & 16 deletions frontend/src/testHelpers.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import {
DefaultRequestBody,
RequestParams,
DefaultBodyType,
PathParams,
ResponseComposition,
RestContext,
RestRequest,
Expand All @@ -25,7 +25,7 @@ export const createMockOneOrManyFailures = (
switch (description) {
case "single failure": {
const mockSingleFailure = (
req: RestRequest<DefaultRequestBody, RequestParams>,
req: RestRequest<DefaultBodyType, PathParams<string>>,
res: ResponseComposition<any>,
ctx: RestContext
) => {
Expand All @@ -43,7 +43,7 @@ export const createMockOneOrManyFailures = (

case "multiple failures": {
const mockMultipleFailures = (
req: RestRequest<DefaultRequestBody, RequestParams>,
req: RestRequest<DefaultBodyType, PathParams<string>>,
res: ResponseComposition<any>,
ctx: RestContext
) => {
Expand All @@ -65,7 +65,7 @@ export const createMockOneOrManyFailures = (
};

const mockCreateUser = (
req: RestRequest<DefaultRequestBody, RequestParams>,
req: RestRequest<DefaultBodyType, PathParams<string>>,
res: ResponseComposition<any>,
ctx: RestContext
) => {
Expand All @@ -79,7 +79,7 @@ const mockCreateUser = (
};

const mockConfirmEmailAddress = (
req: RestRequest<DefaultRequestBody, RequestParams>,
req: RestRequest<DefaultBodyType, PathParams<string>>,
res: ResponseComposition<any>,
ctx: RestContext
) => {
Expand All @@ -94,7 +94,7 @@ const mockConfirmEmailAddress = (
};

const mockIssueJWSToken = (
req: RestRequest<DefaultRequestBody, RequestParams>,
req: RestRequest<DefaultBodyType, PathParams<string>>,
res: ResponseComposition<any>,
ctx: RestContext
) => {
Expand All @@ -107,15 +107,15 @@ const mockIssueJWSToken = (
};

const mockFetchUserProfile = (
req: RestRequest<DefaultRequestBody, RequestParams>,
req: RestRequest<DefaultBodyType, PathParams<string>>,
res: ResponseComposition<any>,
ctx: RestContext
) => {
return res.once(ctx.status(200), ctx.json(MOCK_PROFILE));
};

const mockRequestPasswordReset = (
req: RestRequest<DefaultRequestBody, RequestParams>,
req: RestRequest<DefaultBodyType, PathParams<string>>,
res: ResponseComposition<any>,
ctx: RestContext
) => {
Expand Down Expand Up @@ -147,9 +147,11 @@ export interface PutResponseBody {

// Describe the shape of the "req.params".
export interface PutRequestParams {
id: string;
[id: string]: string;
}

export interface DeleteRequestParams extends PutRequestParams {}

export class RequestHandlingFacilitator {
/*
An instance of this class makes it possible
Expand All @@ -169,7 +171,7 @@ export class RequestHandlingFacilitator {

createMockFetchExamples() {
const mockFetchExamples = (
req: RestRequest<DefaultRequestBody, RequestParams>,
req: RestRequest<DefaultBodyType, PathParams<string>>,
res: ResponseComposition<any>,
ctx: RestContext
) => {
Expand Down Expand Up @@ -227,7 +229,7 @@ export class RequestHandlingFacilitator {

createMockCreateExample() {
const mockCreateExample = (
req: RestRequest<DefaultRequestBody, RequestParams>,
req: RestRequest<DefaultBodyType, PathParams<string>>,
res: ResponseComposition<any>,
ctx: RestContext
) => {
Expand Down Expand Up @@ -257,11 +259,20 @@ export class RequestHandlingFacilitator {
createMockEditExample() {
const mockEditExample = (
req: RestRequest<PutRequestBody, PutRequestParams>,
// res: ResponseComposition<any>,
res: ResponseComposition<PutResponseBody>,
ctx: RestContext
) => {
const exampleId: number = parseInt(req.params.id);
let exampleIdStr: string;
if (typeof req.params.id === "string") {
exampleIdStr = req.params.id;
} else {
throw TypeError(
`'typeof req.params.id' evaluates to ${typeof req.params.id}` +
` but must instead evaluate to 'string'`
);
}
const exampleId: number = parseInt(exampleIdStr);

const exampleIndex: number = this.mockExamples.findIndex(
(e: IExampleFromBackend) => e.id === exampleId
);
Expand Down Expand Up @@ -294,11 +305,20 @@ export class RequestHandlingFacilitator {

createMockDeleteExample() {
const mockDeleteExample = (
req: RestRequest<DefaultRequestBody, RequestParams>,
req: RestRequest<DefaultBodyType, DeleteRequestParams>,
res: ResponseComposition<any>,
ctx: RestContext
) => {
const exampleId: number = parseInt(req.params.id);
let exampleIdStr: string;
if (typeof req.params.id === "string") {
exampleIdStr = req.params.id;
} else {
throw TypeError(
`'typeof req.params.id' evaluates to ${typeof req.params.id}` +
` but must instead evaluate to 'string'`
);
}
const exampleId: number = parseInt(exampleIdStr);

this.mockExamples = this.mockExamples.filter(
(example: IExampleFromBackend) => example.id !== exampleId
Expand Down

2 comments on commit 591a9b2

@github-actions
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

badge-test-coverage

@github-actions
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

badge-test-coverage

Please sign in to comment.