Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hackathon24 #100

Merged
merged 1 commit into from
Aug 19, 2024
Merged

Hackathon24 #100

merged 1 commit into from
Aug 19, 2024

Conversation

mmiller42
Copy link
Contributor

Summary of changes

The app should continue to work without clearing localStorage, but a few things might not function quite as intended.

  • Added routing via react-router-dom built-in; the new basename prop passed to the BadMagic component defines the Bad Magic URL root
  • Highlighted active item in nav sidebar
  • JSON keys are in alphabetical order
  • Syntax highlighting is applied to code blocks in Markdown docs
  • Search text is persisted to localStorage
  • Added a button to clear history (both at an individual endpoint level as well as globally)
  • Fixed all the eslint warnings
  • Created a config provider to store the given BadMagicProps
  • Fixed various bugs where the incorrect route could be "matched" for a HistoricResponse (uniqueness requires workspace + path + http method + endpoint name)
  • Added deprecated label to the nav sidebar
  • Routes are sorted in nav somewhat logically

Testing

via example project

To test with the included example project, follow the instructions in README.md, i.e.:

  1. Run yarn && yarn link in the root directory
  2. Run yarn && yarn link badmagic in the ./example directory
    1. Note that I had to use a different nodejs version because of craco, if you have issues inside the example directory, run asdf install && npm i -g yarn
  3. Run yarn in the ./example-api directory
  4. In the root directory, ./example directory, and ./example-api directory, run yarn start

in CMW

You should also be able to test inside of CMW.

  1. First, verify you have not installed yarn via homebrew, or it'll cause issues: which yarn
    1. If so, brew uninstall yarn
    2. Since asdf should be set up to read the .tool-versions file in your working directory, cd into badmagic, run asdf install if necessary, and install yarn via npm i -g yarn
  2. cd into the root directory of badmagic. Run yarn -v and verify that you are running on 1.x (i.e. 1.22.22)
  3. Run yarn && yarn build && yarn pack
  4. The yarn pack command should return a path to the generated tarball file; copy it to your clipboard
  5. cd into the root directory of control.smartrent.com. Run yarn -v and verify that the yarn binary is being used from the project (i.e. 3.2.0-rc.13)
  6. Run yarn add badmagic@file:<paste clipboard>, e.g. yarn add badmagic@/Users/yourname/code/badmagic/badmagic-v0.0.39.tgz
  7. Open assets/js/react/bundles/devtools/BadMagicClient.tsx. Add the prop basename="/dev/api" to the <BadMagic /> component returned by BadMagicClient

Markdown CSS

I made some slight adjustments to the Markdown CSS file as well, though due to the fact that the syntax highlighter tries to automatically infer the language even without a language tag, I don't think you'll actually see the CSS changes because they were only affecting some unhighlighted code elements. Regardless, if you want to also test it with the latest CSS file:

  1. Make sure you've run yarn build inside of the badmagic repository root so that markdown.min.css is generated and put inside of ./example/public/
  2. Make sure the example UI server is running, i.e. cd ./example && yarn start and verify the example UI loads at http://localhost:3000/dev/api
    1. We only need this because the example UI server also serves the stylesheet
  3. In CMW, open apps/control_room/lib/control_room_web/templates/development/react/badmagic.html.eex. Replace the unpkg URL for BadMagic's stylesheet with http://localhost:3000/dev/api/markdown.min.css
  4. Open apps/control_room/lib/control_room_web/plugs/secure_browser_headers.ex. Find the "style-src" list and append the "http://localhost:3000" string to the list of allowed domains.
  5. Run CMW as normal!

Most of the features are also testable in the demo app. An API server is included as well.

@socket-security Socket Security
Copy link

socket-security bot commented Aug 16, 2024
edited
Loading

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: npm/@alloc/quick-lru@5.2.0, npm/@ampproject/remapping@2.3.0, npm/@apideck/better-ajv-errors@0.3.6, npm/@babel/compat-data@7.24.7, npm/@babel/core@7.24.7, npm/@babel/eslint-parser@7.24.7, npm/@babel/generator@7.24.7, npm/@babel/helper-compilation-targets@7.24.7, npm/@babel/helper-create-class-features-plugin@7.24.7, npm/@babel/helper-create-regexp-features-plugin@7.24.7, npm/@babel/helper-environment-visitor@7.24.7, npm/@babel/helper-function-name@7.24.7, npm/@babel/helper-hoist-variables@7.24.7, npm/@babel/helper-member-expression-to-functions@7.24.7, npm/@babel/helper-module-transforms@7.24.7, npm/@babel/helper-plugin-utils@7.24.7, npm/@babel/helper-remap-async-to-generator@7.24.7, npm/@babel/helper-replace-supers@7.24.7, npm/@babel/helper-split-export-declaration@7.24.7, npm/@babel/helper-string-parser@7.24.7, npm/@babel/helper-validator-option@7.24.7, npm/@babel/helper-wrap-function@7.24.7, npm/@babel/helpers@7.24.7, npm/@babel/parser@7.24.7, npm/@babel/plugin-bugfix-firefox-class-in-computed-class-key@7.24.7, npm/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression@7.24.7, npm/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly@7.24.7, npm/@babel/plugin-transform-async-generator-functions@7.24.7, npm/@babel/plugin-transform-block-scoping@7.24.7, npm/@babel/plugin-transform-classes@7.24.7, npm/@babel/plugin-transform-destructuring@7.24.7, npm/@babel/plugin-transform-flow-strip-types@7.24.7, npm/@babel/plugin-transform-function-name@7.24.7, npm/@babel/plugin-transform-literals@7.24.7, npm/@babel/plugin-transform-modules-commonjs@7.24.7, npm/@babel/plugin-transform-modules-systemjs@7.24.7, npm/@babel/plugin-transform-optional-chaining@7.24.7, npm/@babel/plugin-transform-react-constant-elements@7.24.7, npm/@babel/plugin-transform-react-jsx@7.24.7, npm/@babel/plugin-transform-typeof-symbol@7.24.7, npm/@babel/plugin-transform-typescript@7.24.7, npm/@babel/preset-env@7.24.7, npm/@babel/runtime@7.24.7, npm/@babel/template@7.24.7, npm/@babel/traverse@7.24.7, npm/@babel/types@7.24.7, npm/@craco/craco@7.1.0, npm/@cspotcode/source-map-support@0.8.1, npm/@csstools/normalize.css@12.1.1, npm/@csstools/postcss-cascade-layers@1.1.1, npm/@csstools/postcss-color-function@1.1.1, npm/@csstools/postcss-font-format-keywords@1.0.1, npm/@csstools/postcss-hwb-function@1.0.2, npm/@csstools/postcss-ic-unit@1.0.1, npm/@csstools/postcss-is-pseudo-class@2.0.7, npm/@csstools/postcss-nested-calc@1.0.0, npm/@csstools/postcss-normalize-display-values@1.0.1, npm/@csstools/postcss-oklab-function@1.1.1, npm/@csstools/postcss-progressive-custom-properties@1.3.0, npm/@csstools/postcss-stepped-value-functions@1.0.1, npm/@csstools/postcss-text-decoration-shorthand@1.0.0, npm/@csstools/postcss-trigonometric-functions@1.0.2, npm/@csstools/postcss-unset-value@1.0.2, npm/@csstools/selector-specificity@2.2.0, npm/@eslint-community/eslint-utils@4.4.0, npm/@eslint-community/regexpp@4.11.0, npm/@eslint/eslintrc@2.1.4, npm/@eslint/js@8.57.0, npm/@humanwhocodes/config-array@0.11.14, npm/@humanwhocodes/object-schema@2.0.3, npm/@isaacs/cliui@8.0.2, npm/@jest/console@27.5.1, npm/@jest/core@27.5.1, npm/@jest/environment@27.5.1, npm/@jest/fake-timers@27.5.1, npm/@jest/globals@27.5.1, npm/@jest/reporters@27.5.1, npm/@jest/source-map@27.5.1, npm/@jest/test-result@27.5.1, npm/@jest/test-sequencer@27.5.1, npm/@jest/transform@27.5.1, npm/@jest/types@27.5.1, npm/@jridgewell/resolve-uri@3.1.2, npm/@jridgewell/sourcemap-codec@1.4.15, npm/@leichtgewicht/ip-codec@2.0.5, npm/@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1, npm/@pkgjs/parseargs@0.11.0, npm/@pmmmwh/react-refresh-webpack-plugin@0.5.15, npm/@rollup/plugin-babel@5.3.1, npm/@rollup/plugin-node-resolve@11.2.1, npm/@rushstack/eslint-patch@1.10.3, npm/@sinonjs/commons@1.8.6, npm/@sinonjs/fake-timers@8.1.0, npm/@surma/rollup-plugin-off-main-thread@2.2.3, npm/@trysound/sax@0.2.0, npm/@tsconfig/node10@1.0.11, npm/@tsconfig/node12@1.0.11, npm/@tsconfig/node14@1.0.3, npm/@tsconfig/node16@1.0.4, npm/@types/babel__core@7.20.5, npm/@types/babel__generator@7.6.8, npm/@types/babel__template@7.4.4, npm/@types/babel__traverse@7.20.6, npm/@types/body-parser@1.19.5, npm/@types/bonjour@3.5.13, npm/@types/connect-history-api-fallback@1.5.4, npm/@types/connect@3.4.38, npm/@types/cors@2.8.17, npm/@types/debug@4.1.12, npm/@types/eslint-scope@3.7.7, npm/@types/eslint@8.56.10, npm/@types/express-serve-static-core@4.19.5, npm/@types/express@4.17.21, npm/@types/graceful-fs@4.1.9, npm/@types/hast@2.3.10, npm/@types/html-minifier-terser@6.1.0, npm/@types/http-errors@2.0.4, npm/@types/http-proxy@1.17.14, npm/@types/istanbul-lib-coverage@2.0.6, npm/@types/istanbul-lib-report@3.0.3, npm/@types/istanbul-reports@3.0.4, npm/@types/json-schema@7.0.15, npm/@types/lodash@4.17.6, npm/@types/mdast@3.0.15, npm/@types/mime@1.3.5, npm/@types/ms@0.7.34, npm/@types/node-forge@1.3.11, npm/@types/node@20.14.10, npm/@types/node@20.14.8, npm/@types/prettier@2.7.3, npm/@types/prop-types@15.7.12, npm/@types/qs@6.9.15, npm/@types/range-parser@1.2.7, npm/@types/react-syntax-highlighter@15.5.13, npm/@types/resolve@1.17.1, npm/@types/retry@0.12.0, npm/@types/semver@7.5.8, npm/@types/send@0.17.4, npm/@types/serve-index@1.9.4, npm/@types/serve-static@1.15.7, npm/@types/sockjs@0.3.36, npm/@types/stack-utils@2.0.3, npm/@types/trusted-types@2.0.7, npm/@types/unist@2.0.10, npm/@types/ws@8.5.10, npm/@types/yargs-parser@21.0.3, npm/@types/yargs@16.0.9, npm/@typescript-eslint/eslint-plugin@5.62.0, npm/@typescript-eslint/experimental-utils@5.62.0, npm/@typescript-eslint/parser@5.62.0, npm/@typescript-eslint/scope-manager@5.62.0, npm/@typescript-eslint/type-utils@5.62.0, npm/@typescript-eslint/types@5.62.0, npm/@typescript-eslint/typescript-estree@5.62.0, npm/@typescript-eslint/utils@5.62.0, npm/@typescript-eslint/visitor-keys@5.62.0, npm/@ungap/structured-clone@1.2.0, npm/@webassemblyjs/ast@1.12.1, npm/@webassemblyjs/floating-point-hex-parser@1.11.6, npm/@webassemblyjs/helper-api-error@1.11.6, npm/@webassemblyjs/helper-buffer@1.12.1, npm/@webassemblyjs/helper-numbers@1.11.6, npm/@webassemblyjs/helper-wasm-bytecode@1.11.6, npm/@webassemblyjs/helper-wasm-section@1.12.1, npm/@webassemblyjs/ieee754@1.11.6, npm/@webassemblyjs/leb128@1.11.6, npm/@webassemblyjs/utf8@1.11.6, npm/@webassemblyjs/wasm-edit@1.12.1, npm/@webassemblyjs/wasm-gen@1.12.1, npm/@webassemblyjs/wasm-opt@1.12.1, npm/@webassemblyjs/wasm-parser@1.12.1, npm/@webassemblyjs/wast-printer@1.12.1, npm/acorn-import-attributes@1.9.5, npm/address@1.2.2, npm/adjust-sourcemap-loader@4.0.0, npm/ajv-formats@2.1.1, npm/ajv-keywords@5.1.0, npm/ansi-html-community@0.0.8, npm/ansi-html@0.0.9, npm/any-promise@1.3.0, npm/arg@5.0.2, npm/array.prototype.findlast@1.2.5, npm/array.prototype.toreversed@1.1.2, npm/array.prototype.tosorted@1.1.4, npm/async@3.2.5, npm/autoprefixer@10.4.19, npm/axe-core@4.9.1, npm/babel-jest@27.5.1, npm/babel-loader@8.3.0, npm/babel-plugin-jest-hoist@27.5.1, npm/babel-plugin-polyfill-corejs3@0.10.4, npm/babel-preset-jest@27.5.1, npm/bonjour-service@1.2.1, npm/browserslist@4.23.1, npm/camelcase-css@2.0.1, npm/caniuse-lite@1.0.30001640, npm/case-sensitive-paths-webpack-plugin@2.4.0, npm/chalk@5.3.0, npm/character-entities-legacy@1.1.4, npm/character-reference-invalid@1.1.4, npm/ci-info@3.9.0, npm/cjs-module-lexer@1.3.1, npm/classnames@2.5.1, npm/clean-css@5.3.3, npm/cliui@7.0.4, npm/clone-deep@4.0.1, npm/collect-v8-coverage@1.0.2, npm/colord@2.9.3, npm/colorette@2.0.20, npm/comma-separated-tokens@2.0.3, npm/commander@7.2.0, npm/connect-history-api-fallback@2.0.0, npm/core-js-compat@3.37.1, npm/core-js-pure@3.37.1, npm/core-js@3.37.1, npm/cors@2.8.5, npm/cosmiconfig-typescript-loader@1.0.9, npm/create-require@1.1.1, npm/cross-fetch@3.1.8, npm/crypto-random-string@2.0.0, npm/css-blank-pseudo@3.0.3, npm/css-declaration-sorter@6.4.1, npm/css-declaration-sorter@7.2.0, npm/css-has-pseudo@3.0.4, npm/css-loader@6.11.0, npm/css-minimizer-webpack-plugin@3.4.1, npm/css-prefers-color-scheme@6.0.3, npm/cssdb@7.11.2, npm/cssnano-preset-default@5.2.14, npm/cssnano-preset-default@6.1.2, npm/cssnano-utils@3.1.0, npm/cssnano-utils@4.0.2, npm/cssnano@5.1.15, npm/cssnano@6.1.2, npm/csso@5.0.5, npm/debug@4.3.5, npm/decimal.js@10.4.3, npm/deepmerge@4.3.1, npm/default-gateway@6.0.3, npm/define-lazy-prop@2.0.0, npm/dependency-graph@0.11.0, npm/didyoumean@1.2.2, npm/diff-sequences@27.5.1, npm/diff@5.2.0, npm/dlv@1.1.3, npm/dns-packet@5.6.1, npm/dom-align@1.12.4, npm/domutils@3.1.0, npm/dotenv@10.0.0, npm/ejs@3.1.10, npm/electron-to-chromium@1.4.818, npm/enhanced-resolve@5.17.0, npm/entities@4.5.0, npm/es-module-lexer@1.5.4, npm/eslint-config-react-app@7.0.1, npm/eslint-plugin-flowtype@8.0.3, npm/eslint-plugin-jest@25.7.0, npm/eslint-plugin-react-hooks@4.6.2, npm/eslint-plugin-react@7.34.3, npm/eslint-plugin-testing-library@5.11.1, npm/eslint-visitor-keys@3.4.3, npm/eslint-webpack-plugin@3.2.0, npm/eslint@8.57.0, npm/espree@9.6.1, npm/esquery@1.5.0, npm/expect@27.5.1, npm/fast-glob@3.3.2, npm/fastq@1.17.1, npm/fault@1.0.4, npm/fbjs@3.0.5, npm/file-loader@6.2.0, npm/filelist@1.0.4, npm/filesize@8.0.7, npm/flat-cache@3.2.0, npm/flat@5.0.2, npm/flatted@3.3.1, npm/flux@4.0.4, npm/follow-redirects@1.15.6, npm/foreground-child@3.2.1, npm/fork-ts-checker-webpack-plugin@6.5.3, npm/format@0.2.2, npm/fraction.js@4.3.7, npm/fs-extra@10.1.0, npm/fs-extra@11.2.0, npm/fs-monkey@1.0.6, npm/fsevents@2.3.3, npm/get-stdin@9.0.0, npm/glob-parent@6.0.2, npm/glob-to-regexp@0.4.1, npm/graceful-fs@4.2.11, npm/graphemer@1.4.0, npm/gzip-size@6.0.0, npm/hast-util-parse-selector@2.2.5, npm/hast-util-whitespace@2.0.1, npm/hastscript@6.0.0, npm/highlight.js@10.7.3, npm/html-entities@2.5.2, npm/html-minifier-terser@6.1.0, npm/html-webpack-plugin@5.6.0, npm/http-proxy-middleware@2.0.6, npm/icss-utils@5.1.0, npm/idb@7.1.1, npm/ignore@5.3.1, npm/immer@9.0.21, npm/ipaddr.js@2.2.0, npm/is-alphabetical@1.0.4, npm/is-alphanumerical@1.0.4, npm/is-core-module@2.14.0, npm/is-decimal@1.0.4, npm/is-hexadecimal@1.0.4, npm/is-path-inside@3.0.3, npm/istanbul-lib-coverage@3.2.2, npm/istanbul-lib-report@3.0.1, npm/istanbul-reports@3.1.7, npm/jackspeak@3.4.1, npm/jake@10.9.1, npm/jest-changed-files@27.5.1, npm/jest-circus@27.5.1, npm/jest-cli@27.5.1, npm/jest-config@27.5.1, npm/jest-diff@27.5.1, npm/jest-docblock@27.5.1, npm/jest-each@27.5.1, npm/jest-environment-jsdom@27.5.1, npm/jest-environment-node@27.5.1, npm/jest-get-type@27.5.1, npm/jest-haste-map@27.5.1, npm/jest-jasmine2@27.5.1, npm/jest-leak-detector@27.5.1, npm/jest-matcher-utils@27.5.1, npm/jest-message-util@27.5.1, npm/jest-mock@27.5.1, npm/jest-pnp-resolver@1.2.3, npm/jest-regex-util@27.5.1, npm/jest-resolve-dependencies@27.5.1, npm/jest-resolve@27.5.1, npm/jest-runner@27.5.1, npm/jest-runtime@27.5.1, npm/jest-serializer@27.5.1, npm/jest-snapshot@27.5.1, npm/jest-util@27.5.1, npm/jest-validate@27.5.1, npm/jest-watch-typeahead@1.1.0, npm/jest-watcher@27.5.1, npm/jest@27.5.1, npm/jiti@1.21.6, npm/json-buffer@3.0.1, npm/json-schema@0.4.0, npm/jsonpointer@5.0.1, npm/keyv@4.5.4, npm/launch-editor@2.8.0, npm/lilconfig@2.1.0, npm/lilconfig@3.1.2, npm/loader-runner@4.3.0, npm/lowlight@1.20.0, npm/mdast-util-definitions@5.1.2, npm/mdast-util-from-markdown@1.3.1, npm/mdast-util-to-hast@12.3.0, npm/mdast-util-to-string@3.2.0, npm/memfs@3.6.0, npm/micromark-core-commonmark@1.1.0, npm/micromark-factory-destination@1.1.0, npm/micromark-factory-label@1.1.0, npm/micromark-factory-space@1.1.0, npm/micromark-factory-title@1.1.0, npm/micromark-factory-whitespace@1.1.0, npm/micromark-util-character@1.2.0, npm/micromark-util-chunked@1.1.0, npm/micromark-util-classify-character@1.1.0, npm/micromark-util-combine-extensions@1.1.0, npm/micromark-util-decode-numeric-character-reference@1.1.0, npm/micromark-util-decode-string@1.1.0, npm/micromark-util-encode@1.1.0, npm/micromark-util-html-tag-name@1.2.0, npm/micromark-util-normalize-identifier@1.1.0, npm/micromark-util-resolve-all@1.1.0, npm/micromark-util-sanitize-uri@1.2.0, npm/micromark-util-subtokenize@1.1.0, npm/micromark-util-symbol@1.1.0, npm/micromark-util-types@1.1.0, npm/micromark@3.2.0, npm/micromatch@4.0.7, npm/mini-css-extract-plugin@2.9.0, npm/minipass@7.1.2, npm/multicast-dns@7.2.5, npm/mz@2.7.0, npm/natural-compare-lite@1.4.0, npm/node-fetch@2.7.0, npm/node-forge@1.3.1, npm/node-releases@2.0.14, npm/normalize-url@6.1.0, npm/nwsapi@2.2.10, npm/object-hash@3.0.0, npm/object.entries@1.1.8, npm/object.hasown@1.1.4, npm/open@8.4.2, npm/optionator@0.9.4, npm/p-retry@4.6.2, npm/package-json-from-dist@1.0.0, npm/parse-entities@2.0.0, npm/path-scurry@1.11.1, npm/pirates@4.0.6, npm/postcss-attribute-case-insensitive@5.0.2, npm/postcss-browser-comments@4.0.0, npm/postcss-calc@8.2.4, npm/postcss-calc@9.0.1, npm/postcss-clamp@4.1.0, npm/postcss-cli@10.1.0, npm/postcss-color-functional-notation@4.2.4, npm/postcss-color-hex-alpha@8.0.4, npm/postcss-color-rebeccapurple@7.1.1, npm/postcss-colormin@5.3.1, npm/postcss-colormin@6.1.0, npm/postcss-convert-values@5.1.3, npm/postcss-convert-values@6.1.0, npm/postcss-custom-media@8.0.2, npm/postcss-custom-properties@12.1.11, npm/postcss-custom-selectors@6.0.3, npm/postcss-dir-pseudo-class@6.0.5, npm/postcss-discard-comments@5.1.2, npm/postcss-discard-comments@6.0.2, npm/postcss-discard-duplicates@5.1.0, npm/postcss-discard-duplicates@6.0.3, npm/postcss-discard-empty@5.1.1, npm/postcss-discard-empty@6.0.3, npm/postcss-discard-overridden@5.1.0, npm/postcss-discard-overridden@6.0.2, npm/postcss-double-position-gradients@3.1.2, npm/postcss-env-function@4.0.6, npm/postcss-flexbugs-fixes@5.0.2, npm/postcss-focus-visible@6.0.4, npm/postcss-focus-within@5.0.4, npm/postcss-font-variant@5.0.0, npm/postcss-gap-properties@3.0.5, npm/postcss-image-set-function@4.0.7, npm/postcss-import@15.1.0, npm/postcss-initial@4.0.1, npm/postcss-js@4.0.1, npm/postcss-lab-function@4.2.1, npm/postcss-load-config@4.0.2, npm/postcss-loader@6.2.1, npm/postcss-logical@5.0.4, npm/postcss-media-minmax@5.0.0, npm/postcss-merge-longhand@5.1.7, npm/postcss-merge-longhand@6.0.5, npm/postcss-merge-rules@5.1.4, npm/postcss-merge-rules@6.1.1, npm/postcss-minify-font-values@5.1.0, npm/postcss-minify-font-values@6.1.0, npm/postcss-minify-gradients@5.1.1, npm/postcss-minify-gradients@6.0.3, npm/postcss-minify-params@5.1.4, npm/postcss-minify-params@6.1.0, npm/postcss-minify-selectors@5.2.1, npm/postcss-minify-selectors@6.0.4, npm/postcss-modules-extract-imports@3.1.0, npm/postcss-modules-local-by-default@4.0.5, npm/postcss-modules-scope@3.2.0, npm/postcss-modules-values@4.0.0, npm/postcss-nested@6.0.1, npm/postcss-nesting@10.2.0, npm/postcss-normalize-charset@5.1.0, npm/postcss-normalize-charset@6.0.2, npm/postcss-normalize-display-values@5.1.0, npm/postcss-normalize-display-values@6.0.2, npm/postcss-normalize-positions@5.1.1, npm/postcss-normalize-positions@6.0.2, npm/postcss-normalize-repeat-style@5.1.1, npm/postcss-normalize-repeat-style@6.0.2, npm/postcss-normalize-string@5.1.0, npm/postcss-normalize-string@6.0.2, npm/postcss-normalize-timing-functions@5.1.0, npm/postcss-normalize-timing-functions@6.0.2, npm/postcss-normalize-unicode@5.1.1, npm/postcss-normalize-unicode@6.1.0, npm/postcss-normalize-url@5.1.0, npm/postcss-normalize-url@6.0.2, npm/postcss-normalize-whitespace@5.1.1, npm/postcss-normalize-whitespace@6.0.2, npm/postcss-normalize@10.0.1, npm/postcss-opacity-percentage@1.1.3, npm/postcss-ordered-values@5.1.3, npm/postcss-ordered-values@6.0.2, npm/postcss-overflow-shorthand@3.0.4, npm/postcss-page-break@3.0.4, npm/postcss-place@7.0.5, npm/postcss-preset-env@7.8.3, npm/postcss-pseudo-class-any-link@7.1.6, npm/postcss-reduce-initial@5.1.2, npm/postcss-reduce-initial@6.1.0, npm/postcss-reduce-transforms@5.1.0, npm/postcss-reduce-transforms@6.0.2, npm/postcss-replace-overflow-wrap@4.0.0, npm/postcss-reporter@7.1.0, npm/postcss-selector-not@6.0.1, npm/postcss-selector-parser@6.1.0, npm/postcss-svgo@5.1.0, npm/postcss-svgo@6.0.3, npm/postcss-unique-selectors@5.1.1, npm/postcss-unique-selectors@6.0.4, npm/postcss@8.4.39, npm/pretty-error@4.0.0, npm/pretty-format@27.5.1, npm/pretty-hrtime@1.0.3, npm/prismjs@1.29.0, npm/property-expr@2.0.6, npm/property-information@6.5.0, npm/rc-align@4.0.15, npm/rc-motion@2.9.2, npm/rc-tooltip@5.3.1, npm/rc-trigger@5.3.4, npm/rc-util@5.43.0, npm/react-app-polyfill@3.0.0, npm/react-dev-utils@12.0.1, npm/react-markdown@8.0.7, npm/react-native-svg@13.14.1, npm/react-refresh@0.11.0, npm/react-scripts@5.0.1, npm/react-syntax-highlighter@15.5.0, npm/react-textarea-autosize@8.5.3, npm/read-cache@1.0.0, npm/recursive-readdir@2.2.3, npm/refractor@3.6.0, npm/regenerator-runtime@0.14.1, npm/remark-parse@10.0.2, npm/renderkid@3.0.0, npm/resolve-from@5.0.0, npm/resolve-url-loader@4.0.0, npm/resolve.exports@1.1.1, npm/retry@0.13.1, npm/rollup-plugin-terser@7.0.2, npm/rollup@2.79.1, npm/sanitize.css@13.0.0, npm/sass-loader@12.6.0, npm/schema-utils@4.2.0, npm/selfsigned@2.4.1, npm/semver@7.6.2, npm/serialize-javascript@6.0.2, npm/shallow-clone@3.0.1, npm/shell-quote@1.8.1, npm/source-map-loader@3.0.2, npm/space-separated-tokens@2.0.2, npm/stack-utils@2.0.6, npm/string-width-cjs@4.2.3, npm/string.prototype.matchall@4.0.11, npm/strip-ansi-cjs@6.0.1, npm/strip-comments@2.0.1, npm/style-loader@3.3.4, npm/style-to-object@0.4.4, npm/stylehacks@5.1.1, npm/stylehacks@6.1.1, npm/sucrase@3.35.0, npm/svgo@3.3.2, npm/tailwindcss@3.4.4, npm/tapable@2.2.1, npm/temp-dir@2.0.0, npm/tempy@0.6.0, npm/terser-webpack-plugin@5.3.10, npm/terser@5.31.1, npm/thenby@1.3.4, npm/thenify-all@1.6.0, npm/thenify@3.3.1, npm/throat@6.0.2, npm/tough-cookie@4.1.4, npm/trough@2.2.0, npm/ts-interface-checker@0.1.13, npm/ts-node@10.9.2, npm/ua-parser-js@1.0.38, npm/undici-types@5.26.5, npm/unique-string@2.0.0, npm/unist-util-generated@2.0.1, npm/unist-util-is@5.2.1, npm/unist-util-position@4.0.4, npm/unist-util-stringify-position@3.0.3, npm/unist-util-visit-parents@5.1.3, npm/unist-util-visit@4.1.2, npm/util.promisify@1.0.1, npm/v8-compile-cache-lib@3.0.1, npm/v8-to-istanbul@8.1.1, npm/vfile-message@3.1.4, npm/vfile@5.3.7, npm/watchpack@2.4.1, npm/webpack-dev-middleware@5.3.4, npm/webpack-dev-server@4.15.2, npm/webpack-manifest-plugin@4.1.1, npm/webpack-merge@5.10.0, npm/webpack@5.92.1, npm/which-builtin-type@1.1.3, npm/wildcard@2.0.1, npm/workbox-background-sync@6.6.1, npm/workbox-broadcast-update@6.6.1, npm/workbox-build@6.6.1, npm/workbox-cacheable-response@6.6.1, npm/workbox-core@6.6.1, npm/workbox-expiration@6.6.1, npm/workbox-google-analytics@6.6.1, npm/workbox-navigation-preload@6.6.1, npm/workbox-precaching@6.6.1, npm/workbox-range-requests@6.6.1, npm/workbox-recipes@6.6.1, npm/workbox-routing@6.6.1, npm/workbox-strategies@6.6.1, npm/workbox-streams@6.6.1, npm/workbox-sw@6.6.1, npm/workbox-webpack-plugin@6.6.1, npm/workbox-window@6.6.1, npm/wrap-ansi-cjs@7.0.0, npm/ws@8.18.0, npm/yaml@2.4.5, npm/yargs-parser@20.2.9, npm/yargs@16.2.0, npm/yn@3.1.1

View full report↗︎

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

@mmiller42
Copy link
Contributor Author

@SocketSecurity ignore-all

@justincy
Copy link

😞 CodeQL again

@mmiller42 mmiller42 closed this Aug 19, 2024
@mmiller42 mmiller42 reopened this Aug 19, 2024
@socket-security Socket Security
Copy link

Report too large to display inline

View full report↗︎

@mmiller42 mmiller42 merged commit 80df67f into main Aug 19, 2024
3 checks passed
@mmiller42 mmiller42 deleted the hackathon24-take-2 branch August 19, 2024 20:01
@northkevin
Copy link

@SocketSecurity ignore-all

I was lurking here today and this made me laugh really hard after seeing how long that list was 😆

@mmiller42
Copy link
Contributor Author

...i am so sorry, basically after i did this i was like... how do i undo now plz, and couldn't figure it out :O

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@justincy justincy justincy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mmiller42 @justincy @northkevin