Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Fix] Address all CodeQL scan results #1122

Merged
merged 13 commits into from
Oct 30, 2023
Merged

[Fix] Address all CodeQL scan results #1122

merged 13 commits into from
Oct 30, 2023

Conversation

jkasten2
Copy link
Member

@jkasten2 jkasten2 commented Oct 25, 2023
edited
Loading

Description

1 Line Summary

Address all CodeQL scan results.

Details

Address all issues detected by CodeQL in example project as well as change to the source.

Validation

Tests

Manually tested on macOS with Safari 17 to ensuring subscribing an unsubscribing works from the bell and custom link.

Info

Checklist

  • All the automated tests pass or I explained why that is not possible
  • I have personally tested this on my machine or explained why that is not possible
  • I have included test coverage for these changes or explained why they are not needed

Programming Checklist
Interfaces:

  • Don't use default export
  • New interfaces are in model files

Functions:

  • Don't use default export
  • All function signatures have return types
  • Helpers should not access any data but rather be given the data to operate on.

Typescript:

  • No Typescript warnings
  • Avoid silencing null/undefined warnings with the exclamation point

Other:

  • Iteration: refrain from using elem of array syntax. Prefer forEach or use map
  • Avoid using global OneSignal accessor for context if possible. Instead, we can pass it to function/constructor so that we don't call OneSignal.context

Screenshots

Info

Checklist

  • I have included screenshots/recordings of the intended results or explained why they are not needed

Related Tickets

This PR depends on PR #1121

This change is Reviewable

jkasten2 added 11 commits October 25, 2023 21:03
@jkasten2
optimize email regex
4c98ce2
@jkasten2
address CodeQL inefficient regular expression
3a17aaa
@jkasten2
clean up getUrlQueryParam
688c255 
Remove dead getUrlQueryParam in SDK code, and also improve
implementation in example project
@jkasten2
add sanitize-filename to example
27ed361
@jkasten2
add express-rate-limit to example
d924672
@jkasten2
remove fallback UUID generation
65ec0ba 
This is no longer needed as all browsers in the past few years have
window.crypto now.
Also removed duplicate test implementation of getRandomUuid().
@jkasten2
remove hosting all dist file from example
676c923 
These are not needed as has a risk of leaking package.json details
@jkasten2
fix example hosting server worker files
93d15cb
@jkasten2
use safer HTML decode
d79a4fa
@jkasten2
address code scan failure
f4a66ff 
This code will be removed in the near future
@jkasten2
write page contains with textContent
17e2042 
Instead of innerHTML when value comes from the DOM or user input
@jkasten2 jkasten2 changed the title [WIP] Fix/scan results [Fix] Address all CodeQL scan results Oct 26, 2023
@jkasten2 jkasten2 changed the base branch from main to add-codeql October 26, 2023 21:37
emawby
emawby approved these changes Oct 26, 2023
View reviewed changes
Copy link
Contributor

@emawby emawby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 2 of 2 files at r1, 1 of 1 files at r2, 1 of 1 files at r3, 1 of 1 files at r4, 3 of 3 files at r5, 3 of 3 files at r6, 3 of 3 files at r7, 3 of 3 files at r8, 1 of 1 files at r9, 1 of 1 files at r10, 4 of 4 files at r11, 1 of 1 files at r12, 1 of 1 files at r13, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved (waiting on @iAmWillShepherd and @rgomezp)

Base automatically changed from add-codeql to main October 30, 2023 18:56
@jkasten2 jkasten2 merged commit 8aaa320 into main Oct 30, 2023
4 checks passed
@jkasten2 jkasten2 deleted the fix/scan-results branch October 30, 2023 18:56
@jkasten2 jkasten2 mentioned this pull request Nov 13, 2023
Merged
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emawby emawby emawby approved these changes

@iAmWillShepherd iAmWillShepherd Awaiting requested review from iAmWillShepherd

@rgomezp rgomezp Awaiting requested review from rgomezp

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jkasten2 @emawby