Skip to content

Commit

Permalink
Merge pull request #758 from dequelabs/fix-vulns
Browse files Browse the repository at this point in the history
Address vulnerabilities found by retire.js
  • Loading branch information
WilcoFiers authored Mar 3, 2018
2 parents 5f2e3f9 + 0445964 commit aa074fe
Show file tree
Hide file tree
Showing 153 changed files with 4,267 additions and 3,674 deletions.
79 changes: 79 additions & 0 deletions .eslintrc
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
{
"env": {
"node": true
},
"globals": {
"axe": true
},
"rules": {
"no-bitwise": 2,
"camelcase": 2,
"curly": 2,
"eqeqeq": 2,
"guard-for-in": 2,
"wrap-iife": [
2,
"any"
],
"indent": ["error", "tab", {"SwitchCase": 0}],
"no-use-before-define": [
2,
{
"functions": false
}
],
"new-cap": 2,
"no-caller": 2,
"no-empty": 2,
"no-new": 2,
"no-plusplus": 0,
"quotes": [
2,
"single"
],
"no-undef": 2,
"no-unused-vars": 2,
"strict": 0,
"max-params": [
2,
5
],
"max-depth": [
2,
5
],
"max-statements": [
2,
15
],
"complexity": [
1,
12
],
"max-len": [
2,
{
"code": 120,
"ignoreComments": true
}
],
"semi": 0,
"no-cond-assign": 0,
"no-debugger": 0,
"no-eq-null": 0,
"no-eval": 0,
"no-unused-expressions": 0,
"block-scoped-var": 0,
"no-iterator": 0,
"linebreak-style": 0,
"comma-style": ["error", "last"],
"no-loop-func": 0,
"no-multi-str": 0,
"no-proto": 0,
"no-script-url": 0,
"no-shadow": 0,
"dot-notation": 2,
"no-new-func": 0,
"no-new-wrappers": 0
}
}
28 changes: 28 additions & 0 deletions .retireignore.json
Original file line number Diff line number Diff line change
Expand Up @@ -30,5 +30,33 @@
{
"path": "node_modules/growl",
"justification": "Temporary disabling until vuln is fixed"
},
{
"path": "node_modules/phantomjs-prebuilt",
"justification": "Temporary disabling until we switch to headless chrome"
},
{
"path": "node_modules/hawk",
"justification": "Sub-dependency of retire.js, which is being ignored"
},
{
"path": "node_modules/cryptiles",
"justification": "Sub-dependency of retire.js, which is being ignored"
},
{
"path": "node_modules/sntp",
"justification": "Sub-dependency of retire.js, which is being ignored"
},
{
"path": "node_modules/boom",
"justification": "Sub-dependency of retire.js, which is being ignored"
},
{
"path": "node_modules/hoek",
"justification": "Sub-dependency of retire.js, which is being ignored"
},
{
"path": "node_modules/grunt-contrib-watch",
"justification": "Ignoring until a new release is out"
}
]
37 changes: 19 additions & 18 deletions Gruntfile.js
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
//jshint maxcomplexity: 12, maxstatements: false, camelcase: false
/*eslint complexity: ["error",12], max-statements: ["error", 30],
camelcase: ["error", {"properties": "never"}]*/
var testConfig = require('./build/test/config');

module.exports = function (grunt) {
Expand All @@ -9,7 +10,7 @@ module.exports = function (grunt) {
grunt.loadNpmTasks('grunt-contrib-concat');
grunt.loadNpmTasks('grunt-contrib-connect');
grunt.loadNpmTasks('grunt-contrib-copy');
grunt.loadNpmTasks('grunt-contrib-jshint');
grunt.loadNpmTasks('grunt-eslint');
grunt.loadNpmTasks('grunt-contrib-uglify');
grunt.loadNpmTasks('grunt-contrib-watch');
grunt.loadNpmTasks('grunt-retire');
Expand All @@ -20,10 +21,10 @@ module.exports = function (grunt) {
var langs;
if (grunt.option('lang')) {
langs = (grunt.option('lang') || '')
.split(/[,;]/g).map(function (lang) {
lang = lang.trim();
return (lang !== 'en' ? '.' + lang : '');
});
.split(/[,;]/g).map(function (lang) {
lang = lang.trim();
return (lang !== 'en' ? '.' + lang : '');
});

} else if (grunt.option('all-lang')) {
var localeFiles = require('fs').readdirSync('./locales');
Expand Down Expand Up @@ -304,11 +305,11 @@ module.exports = function (grunt) {
var driverTests = {};

['firefox', 'chrome', 'ie', 'safari', 'edge', 'chrome-mobile']
.forEach(function (browser) {
driverTests[browser] = {
options: Object.assign({ browser: browser }, options)
};
});
.forEach(function (browser) {
driverTests[browser] = {
options: Object.assign({ browser: browser }, options)
};
});
return driverTests;
}()),
connect: {
Expand All @@ -320,10 +321,10 @@ module.exports = function (grunt) {
}
}
},
jshint: {
eslint: {
axe: {
options: {
jshintrc: true,
eslintrc: true,
reporter: grunt.option('report') ? 'checkstyle' : undefined,
reporterOutput: grunt.option('report') ? 'tmp/lint.xml' : undefined
},
Expand All @@ -338,19 +339,19 @@ module.exports = function (grunt) {

grunt.registerTask('default', ['build']);

grunt.registerTask('build', ['clean', 'jshint', 'validate', 'concat:commons', 'configure',
grunt.registerTask('build', ['clean', 'eslint', 'validate', 'concat:commons', 'configure',
'babel', 'concat:engine', 'uglify']);

grunt.registerTask('test', ['build', 'retire', 'testconfig', 'fixture', 'connect',
'mocha', 'parallel', 'jshint']);
'mocha', 'parallel', 'eslint']);

grunt.registerTask('ci-build', ['build', 'retire', 'testconfig', 'fixture', 'connect',
'parallel', 'jshint']);
'parallel', 'eslint']);

grunt.registerTask('test-fast', ['build', 'testconfig', 'fixture', 'connect',
'mocha', 'jshint']);
'mocha', 'eslint']);

grunt.registerTask('translate', ['clean', 'jshint', 'validate', 'concat:commons', 'add-locale']);
grunt.registerTask('translate', ['clean', 'eslint', 'validate', 'concat:commons', 'add-locale']);

grunt.registerTask('dev', ['build', 'testconfig', 'fixture', 'connect', 'watch']);

Expand Down
38 changes: 7 additions & 31 deletions build/build-manual.js
Original file line number Diff line number Diff line change
@@ -1,9 +1,8 @@
/*jshint node: true */
/*eslint-env node */
'use strict';

var path = require('path');
var templates = require('./templates');
var less = require('less');
var Promise = require('promise');

module.exports = function build(grunt, options, commons, callback) {
Expand All @@ -26,23 +25,6 @@ module.exports = function build(grunt, options, commons, callback) {
});
}

function parseStyle(src, callback) {
Promise
.all(grunt.file.expand(src).map(function(file) {
return new Promise(function(resolve, reject) {
less.render(grunt.file.read(file), function(err, result) {
if (err) {
return reject(err);
}
resolve(result.css);
});
});
}))
.then(function(values) {
callback(values.join('\n'));
});
}

function getSource(file, type) {
return grunt.template.process(templates[type], {
data: {
Expand All @@ -51,17 +33,11 @@ module.exports = function build(grunt, options, commons, callback) {
});
}

parseStyle(options.style, function(styles) {

callback({
rules: parseObject(options.rules),
checks: parseObject(options.checks),
tools: parseObject(options.tools),
misc: parseObject(options.misc),
commons: commons,
style: styles
});

callback({
rules: parseObject(options.rules),
checks: parseObject(options.checks),
tools: parseObject(options.tools),
misc: parseObject(options.misc),
commons: commons
});

};
6 changes: 3 additions & 3 deletions build/configure.js
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
/*jshint node: true, maxstatements: 20 */
/*eslint-env node */
/*eslint max-statements: ["error", 20] */
'use strict';

var clone = require('clone');
Expand Down Expand Up @@ -181,8 +182,7 @@ function buildRules(grunt, options, commons, callback) {
rules: rules,
checks: checks,
commons: result.commons,
tools: result.tools,
style: result.style
tools: result.tools
}, blacklist)),
descriptions: descriptionHeaders + descriptions.map(function (row) {
return '| ' + row.join(' | ') + ' |';
Expand Down
Loading

0 comments on commit aa074fe

Please sign in to comment.