Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

- Upgrade helmet to v4.6.0 #4136

Merged
merged 5 commits into from
Aug 12, 2021
Merged

- Upgrade helmet to v4.6.0 #4136

merged 5 commits into from
Aug 12, 2021

Conversation

TakeruUematsu-Grune
Copy link

  • Install nocache becaue helmet.noCache() removed and changed to separate plugin
  • Implement noCache() instead of helmet.noCache()
  • Change default options of current implementation
  • Checked and debug the app after upgrade

note

noCache has been removed from the new version (4) of helmet.

helmetjs/helmet#215

Declaring the options (new!)

There are different default options for helmet 3 and 4.
We adjusted the options to use helmet 4 based on the helmet 3 default options.
(Without the adjustment, it causes a security error when a user accesses the app.)

Helmet 3 default options:
https://github.com/helmetjs/helmet/tree/d75a4a34002bcd66d06723b175c50105fd4e4e11

Helmet 4 default options:
https://github.com/helmetjs/helmet

LuqmanHakim-Grune and others added 5 commits August 11, 2021 14:47
@LuqmanHakim-Grune
- Upgrade helmet tp v4.6.0
39fa5b6 
- Install nocache becaue helmet.noCache() removed and changed to separate plugin
- Implement noCache() instead of helmet.noCache()
- Change default options of current implementation
- Checked and debug the app after upgrade
@LuqmanHakim-Grune
Merge branch 'master' of https://github.com/weseek/growi into imprv/g…
6400d7a 
…w5983-update-helmet-4.6.0

* 'master' of https://github.com/weseek/growi: (358 commits)
  fix version
  write tar command with blob
  bugfix
  update workflow files
  add packages
  update docs
  fix label and encode spaces in Linker class
  remove getLinkForPreview method
  hide scrollbar of .grw-tag-labels when editing
  update docs
  hide footer on edit
  hide Fab on edit
  update README
  update ci settings
  update .env files
  ignore dist
  update ci.yml to upload artifact
  update jest settings
  fix ci.yml
  update ci settings
  ...

# Conflicts:
#	packages/app/package.json
#	yarn.lock
@LuqmanHakim-Grune
Fix Conflict
a68f06d 
yarn.lock :
- Resolve by use master head state (append new code)

packages/app/package.json:
- Using current branch head and adjust based on merged master state
- Remove "growi-plugin-attachment-refs" line
  because it has been changed to "@growi/plugin-attachment-refs"
  commit log = 204188f
- Remove "growi-plugin-lsx" line
  because it has been changed to "@growi/plugin-lsx"
  commit log = 1787cdd
@yuki-takei
Merge branch 'master' into imprv/gw5983-update-helmet-4.6.0
73644ac
@yuki-takei
update yarn.lock
b239e1a
@yuki-takei yuki-takei merged commit 42225d9 into master Aug 12, 2021
@yuki-takei yuki-takei deleted the imprv/gw5983-update-helmet-4.6.0 branch August 12, 2021 16:02
@yuki-takei yuki-takei changed the title - Upgrade helmet tp v4.6.0 - Upgrade helmet to v4.6.0 Aug 12, 2021
@yuki-takei yuki-takei mentioned this pull request Aug 12, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@TakeruUematsu-Grune @yuki-takei @LuqmanHakim-Grune