diff --git a/.github/workflows/budibase_ci.yml b/.github/workflows/budibase_ci.yml index 128b38a704..e894a91703 100644 --- a/.github/workflows/budibase_ci.yml +++ b/.github/workflows/budibase_ci.yml @@ -199,18 +199,22 @@ jobs: env: DATASOURCE: ${{ matrix.datasource }} run: | - AFFECTED=$(yarn --silent nx show projects --affected -t test --base=${{ env.NX_BASE_BRANCH }} -p @budibase/server) - if [ -n "$AFFECTED" ]; then - cd packages/server - if [ "${{ matrix.datasource }}" == "none" ]; then - yarn test --filter ./src/tests/filters/non-datasource-tests.js --passWithNoTests - else - yarn test --filter ./src/tests/filters/datasource-tests.js --passWithNoTests + if ${{ env.ONLY_AFFECTED_TASKS }}; then + AFFECTED=$(yarn --silent nx show projects --affected -t test --base=${{ env.NX_BASE_BRANCH }} -p @budibase/server) + if [ -z "$AFFECTED" ]; then + echo "No affected tests to run" + exit 0 fi - else - echo "No affected tests to run" fi + FILTER="./src/tests/filters/datasource-tests.js" + if [ "${{ matrix.datasource }}" == "none" ]; then + FILTER="./src/tests/filters/non-datasource-tests.js" + fi + + cd packages/server + yarn test --filter $FILTER --passWithNoTests + check-pro-submodule: runs-on: ubuntu-latest if: inputs.run_as_oss != true && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == 'Budibase/budibase') diff --git a/packages/backend-core/src/environment.ts b/packages/backend-core/src/environment.ts index b808dca72c..2763944d2f 100644 --- a/packages/backend-core/src/environment.ts +++ b/packages/backend-core/src/environment.ts @@ -231,9 +231,6 @@ const environment = { MIN_VERSION_WITHOUT_POWER_ROLE: process.env.MIN_VERSION_WITHOUT_POWER_ROLE || "3.0.0", DISABLE_CONTENT_SECURITY_POLICY: process.env.DISABLE_CONTENT_SECURITY_POLICY, - // stopgap migration strategy until we can ensure backwards compat without unsafe-inline in CSP - DISABLE_CSP_UNSAFE_INLINE_SCRIPTS: - process.env.DISABLE_CSP_UNSAFE_INLINE_SCRIPTS, } export function setEnv(newEnvVars: Partial): () => void { diff --git a/packages/backend-core/src/middleware/contentSecurityPolicy.ts b/packages/backend-core/src/middleware/contentSecurityPolicy.ts index e0dfbe6f64..d1668d3dd5 100644 --- a/packages/backend-core/src/middleware/contentSecurityPolicy.ts +++ b/packages/backend-core/src/middleware/contentSecurityPolicy.ts @@ -1,5 +1,4 @@ import crypto from "crypto" -import env from "../environment" const CSP_DIRECTIVES = { "default-src": ["'self'"], @@ -97,10 +96,6 @@ export async function contentSecurityPolicy(ctx: any, next: any) { `'nonce-${nonce}'`, ] - if (!env.DISABLE_CSP_UNSAFE_INLINE_SCRIPTS) { - directives["script-src"].push("'unsafe-inline'") - } - ctx.state.nonce = nonce const cspHeader = Object.entries(directives) diff --git a/packages/builder/src/components/common/NavItem.svelte b/packages/builder/src/components/common/NavItem.svelte index 039f94bbc0..ea61c8cecf 100644 --- a/packages/builder/src/components/common/NavItem.svelte +++ b/packages/builder/src/components/common/NavItem.svelte @@ -84,8 +84,8 @@ on:mouseleave on:click={onClick} on:contextmenu - ondragover="return false" - ondragenter="return false" + on:dragover={e => e.preventDefault()} + on:dragenter={e => e.preventDefault()} {id} {style} {draggable} diff --git a/packages/builder/src/pages/builder/app/[application]/design/[screenId]/_components/ComponentList/ComponentScrollWrapper.svelte b/packages/builder/src/pages/builder/app/[application]/design/[screenId]/_components/ComponentList/ComponentScrollWrapper.svelte index c64877e3e6..4bcb74fdd9 100644 --- a/packages/builder/src/pages/builder/app/[application]/design/[screenId]/_components/ComponentList/ComponentScrollWrapper.svelte +++ b/packages/builder/src/pages/builder/app/[application]/design/[screenId]/_components/ComponentList/ComponentScrollWrapper.svelte @@ -68,8 +68,8 @@ on:scroll bind:this={scrollRef} on:drop={onDrop} - ondragover="return false" - ondragenter="return false" + on:dragover={e => e.preventDefault()} + on:dragenter={e => e.preventDefault()} >