Skip to content

Commit

Permalink
Merge branch 'master' into npm-latest-package-update
Browse files Browse the repository at this point in the history
  • Loading branch information
MohanKumarAmbati authored Oct 28, 2024
2 parents a22b707 + 6243039 commit 4842112
Show file tree
Hide file tree
Showing 16 changed files with 46 additions and 159 deletions.
1 change: 1 addition & 0 deletions core/base-service/legacy-result-sender.js
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ function streamFromString(str) {

function sendSVG(res, askres, end) {
askres.setHeader('Content-Type', 'image/svg+xml;charset=utf-8')
askres.setHeader('Content-Security-Policy', "script-src 'none';")
askres.setHeader('Content-Length', Buffer.byteLength(res, 'utf8'))
end(null, { template: streamFromString(res) })
}
Expand Down
21 changes: 21 additions & 0 deletions core/server/server.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,27 @@ describe('The server', function () {
expect(() => JSON.parse(body)).not.to.throw()
})

describe('Content Security Policy', function () {
it('should disable javascript when serving SVG content (no extension)', async function () {
const { headers } = await got(`${baseUrl}:fruit-apple-green`)
expect(headers['content-security-policy']).to.equal(
"script-src 'none';",
)
})

it('should disable javascript when serving SVG content (with extension)', async function () {
const { headers } = await got(`${baseUrl}:fruit-apple-green.svg`)
expect(headers['content-security-policy']).to.equal(
"script-src 'none';",
)
})

it('should not send content security headers when serving JSON content', async function () {
const { headers } = await got(`${baseUrl}:fruit-apple-green.json`)
expect(headers).not.to.have.property('content-security-policy')
})
})

it('should preserve label case', async function () {
const { statusCode, body } = await got(`${baseUrl}:fRuiT-apple-green.svg`)
expect(statusCode).to.equal(200)
Expand Down
4 changes: 4 additions & 0 deletions services/clojars/clojars-version.service.js
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,10 @@ class ClojarsVersionService extends BaseClojarsService {
static defaultBadgeData = { label: 'clojars' }

static render({ clojar, version }) {
// clojars format is non standard to fit community style
// dont use renderVersionBadge
// see also https://github.com/badges/shields/pull/431
// commit d0414c9
return {
message: `[${clojar} "${version}"]`,
color: versionColor(version),
Expand Down
5 changes: 4 additions & 1 deletion services/color-formatters.js
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,10 @@ function version(version) {
if (first === 'v') {
first = version[1]
}
if (first === '0' || /alpha|beta|snapshot|dev|pre|rc/i.test(version)) {
if (
first === '0' ||
/alpha|beta|snapshot|dev|pre|rc|scm|cvs/i.test(version)
) {
return 'orange'
} else {
return 'blue'
Expand Down
2 changes: 2 additions & 0 deletions services/color-formatters.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,8 @@ describe('Color formatters', function () {
given('1.0.1-dev'),
given('2.1.6-prerelease'),
given('2.1.6-RC1'),
given('cvs-1'),
given('scm-2'),
]).expect('orange')

expect(() => version(null)).to.throw(
Expand Down
10 changes: 3 additions & 7 deletions services/feedz/feedz.service.js
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
import Joi from 'joi'
import { BaseJsonService, NotFound, pathParams } from '../index.js'
import {
renderVersionBadge,
searchServiceUrl,
stripBuildMetadata,
selectVersion,
} from '../nuget/nuget-helpers.js'
import { renderVersionBadge } from '../version.js'

const singlePageSchema = Joi.object({
'@id': Joi.string().required(),
Expand Down Expand Up @@ -64,10 +64,6 @@ class FeedzVersionService extends BaseJsonService {
label: 'feedz',
}

static render(props) {
return renderVersionBadge(props)
}

apiUrl({ organization, repository }) {
return `https://f.feedz.io/${organization}/${repository}/nuget`
}
Expand Down Expand Up @@ -122,9 +118,9 @@ class FeedzVersionService extends BaseJsonService {
const json = await this.fetch({ baseUrl, packageName })
const fetchedJson = await this.fetchItems({ json })
const version = this.transform({ json: fetchedJson, includePrereleases })
return this.constructor.render({
return renderVersionBadge({
version,
feed: FeedzVersionService.defaultBadgeData.label,
defaultLabel: FeedzVersionService.defaultBadgeData.label,
})
}
}
Expand Down
16 changes: 0 additions & 16 deletions services/feedz/feedz.tester.js
Original file line number Diff line number Diff line change
Expand Up @@ -24,14 +24,6 @@ t.create('version (valid)')
color: 'blue',
})

t.create('version (yellow badge)')
.get('/feedz/v/shieldstests/public/Shields.TestPreOnly.json')
.expectBadge({
label: 'feedz',
message: 'v0.1.0-pre',
color: 'yellow',
})

t.create('version (orange badge)')
.get('/feedz/v/shieldstests/public/Shields.NoV1.json')
.expectBadge({
Expand Down Expand Up @@ -77,14 +69,6 @@ t.create('version (pre) (valid)')
color: 'blue',
})

t.create('version (pre) (yellow badge)')
.get('/feedz/vpre/shieldstests/public/Shields.TestPreOnly.json')
.expectBadge({
label: 'feedz',
message: 'v0.1.0-pre',
color: 'yellow',
})

t.create('version (pre) (orange badge)')
.get('/feedz/vpre/shieldstests/public/Shields.NoV1.json')
.expectBadge({
Expand Down
13 changes: 2 additions & 11 deletions services/gitlab/gitlab-tag.service.js
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
import Joi from 'joi'
import { version as versionColor } from '../color-formatters.js'
import { optionalUrl } from '../validators.js'
import { latest } from '../version.js'
import { addv } from '../text-formatters.js'
import { latest, renderVersionBadge } from '../version.js'
import { NotFound, pathParam, queryParam } from '../index.js'
import { description, httpErrorsFor } from './gitlab-helper.js'
import GitLabBase from './gitlab-base.js'
Expand Down Expand Up @@ -63,13 +61,6 @@ export default class GitlabTag extends GitLabBase {

static defaultBadgeData = { label: 'tag' }

static render({ version, sort }) {
return {
message: addv(version),
color: sort === 'semver' ? versionColor(version) : 'blue',
}
}

async fetch({ project, baseUrl }) {
// https://docs.gitlab.com/ee/api/tags.html
// N.B. the documentation has contradictory information about default sort order.
Expand Down Expand Up @@ -114,6 +105,6 @@ export default class GitlabTag extends GitLabBase {
sort,
includePrereleases: pre !== undefined,
})
return this.constructor.render({ version, sort })
return renderVersionBadge({ version })
}
}
1 change: 1 addition & 0 deletions services/gitlab/gitlab-tag.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ describe('GitLabTag', function () {
).to.deep.equal({
message: 'v1.9',
color: 'blue',
label: undefined,
})

scope.done()
Expand Down
23 changes: 2 additions & 21 deletions services/luarocks/luarocks.service.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import Joi from 'joi'
import { addv } from '../text-formatters.js'
import { BaseJsonService, NotFound, pathParams } from '../index.js'
import { renderVersionBadge } from '../version.js'
import { latestVersion } from './luarocks-version-helpers.js'

const schema = Joi.object({
Expand Down Expand Up @@ -42,25 +42,6 @@ export default class Luarocks extends BaseJsonService {
label: 'luarocks',
}

static render({ version }) {
// The badge colors are following the heuristic rule where `scm < dev <
// stable` (e.g., `scm-1` < `dev-1` < `0.1.0-1`).
let color
switch (version.slice(0, 3).toLowerCase()) {
case 'dev':
color = 'yellow'
break
case 'scm':
case 'cvs':
color = 'orange'
break
default:
color = 'brightgreen'
}

return { message: addv(version), color }
}

async fetch({ user, moduleName }) {
const { repository } = await this._requestJson({
url: `https://luarocks.org/manifests/${encodeURIComponent(
Expand Down Expand Up @@ -91,6 +72,6 @@ export default class Luarocks extends BaseJsonService {
const versions = Object.keys(moduleInfo)
version = latestVersion(versions)
}
return this.constructor.render({ version })
return renderVersionBadge({ version })
}
}
12 changes: 0 additions & 12 deletions services/luarocks/luarocks.spec.js

This file was deleted.

20 changes: 1 addition & 19 deletions services/nuget/nuget-helpers.js
Original file line number Diff line number Diff line change
@@ -1,25 +1,8 @@
import semver from 'semver'
import { metric, addv } from '../text-formatters.js'
import { metric } from '../text-formatters.js'
import { downloadCount as downloadCountColor } from '../color-formatters.js'
import { getCachedResource } from '../../core/base-service/resource-cache.js'

function renderVersionBadge({ version, feed }) {
let color
if (version.includes('-')) {
color = 'yellow'
} else if (version.startsWith('0')) {
color = 'orange'
} else {
color = 'blue'
}

return {
message: addv(version),
color,
label: feed,
}
}

function renderDownloadBadge({ downloads }) {
return {
message: metric(downloads),
Expand Down Expand Up @@ -100,7 +83,6 @@ function selectVersion(versions, includePrereleases) {
}

export {
renderVersionBadge,
renderDownloadBadge,
odataToObject,
searchServiceUrl,
Expand Down
19 changes: 0 additions & 19 deletions services/nuget/nuget-helpers.spec.js
Original file line number Diff line number Diff line change
@@ -1,30 +1,11 @@
import { test, given } from 'sazerac'
import {
renderVersionBadge,
odataToObject,
stripBuildMetadata,
selectVersion,
} from './nuget-helpers.js'

describe('NuGet helpers', function () {
test(renderVersionBadge, () => {
given({ version: '1.2-beta' }).expect({
label: undefined,
message: 'v1.2-beta',
color: 'yellow',
})
given({ version: '0.35' }).expect({
label: undefined,
message: 'v0.35',
color: 'orange',
})
given({ version: '1.2.7' }).expect({
label: undefined,
message: 'v1.2.7',
color: 'blue',
})
})

test(odataToObject, () => {
given({ 'm:properties': { 'd:Version': '1.2.3' } }).expect({
Version: '1.2.3',
Expand Down
13 changes: 3 additions & 10 deletions services/nuget/nuget-v2-service-family.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,8 @@ import {
pathParam,
queryParam,
} from '../index.js'
import {
renderVersionBadge,
renderDownloadBadge,
odataToObject,
} from './nuget-helpers.js'
import { renderVersionBadge } from '../version.js'
import { renderDownloadBadge, odataToObject } from './nuget-helpers.js'

function createFilter({ packageName, includePrereleases }) {
const releaseTypeFilter = includePrereleases
Expand Down Expand Up @@ -127,18 +124,14 @@ function createServiceFamily({
label: defaultLabel,
}

static render(props) {
return renderVersionBadge(props)
}

async handle({ packageName }, queryParams) {
const packageData = await fetch(this, {
baseUrl: apiBaseUrl,
packageName,
includePrereleases: queryParams.include_prereleases !== undefined,
})
const version = packageData.NormalizedVersion || `${packageData.Version}`
return this.constructor.render({ version })
return renderVersionBadge({ version })
}
}

Expand Down
8 changes: 2 additions & 6 deletions services/nuget/nuget-v3-service-family.js
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import Joi from 'joi'
import RouteBuilder from '../route-builder.js'
import { BaseJsonService, NotFound } from '../index.js'
import { renderVersionBadge } from '../version.js'
import {
renderVersionBadge,
renderDownloadBadge,
searchServiceUrl,
stripBuildMetadata,
Expand Down Expand Up @@ -127,10 +127,6 @@ function createServiceFamily({
label: defaultLabel,
}

static render(props) {
return renderVersionBadge(props)
}

/*
* Extract version information from the raw package info.
*/
Expand Down Expand Up @@ -158,7 +154,7 @@ function createServiceFamily({
})
const json = await fetch(this, { baseUrl, packageName })
const version = this.transform({ json, includePrereleases })
return this.constructor.render({ version, feed })
return renderVersionBadge({ version, defaultLabel: feed })
}
}

Expand Down
Loading

0 comments on commit 4842112

Please sign in to comment.