Merge branch 'master' into chore/fix-dependencies

This commit is contained in:
Adria Navarro 2024-11-18 15:54:34 +01:00 committed by GitHub
commit 7003499b87
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 17 additions and 21 deletions

View File

@ -199,18 +199,22 @@ jobs:
env: env:
DATASOURCE: ${{ matrix.datasource }} DATASOURCE: ${{ matrix.datasource }}
run: | run: |
AFFECTED=$(yarn --silent nx show projects --affected -t test --base=${{ env.NX_BASE_BRANCH }} -p @budibase/server) if ${{ env.ONLY_AFFECTED_TASKS }}; then
if [ -n "$AFFECTED" ]; then AFFECTED=$(yarn --silent nx show projects --affected -t test --base=${{ env.NX_BASE_BRANCH }} -p @budibase/server)
cd packages/server if [ -z "$AFFECTED" ]; then
if [ "${{ matrix.datasource }}" == "none" ]; then echo "No affected tests to run"
yarn test --filter ./src/tests/filters/non-datasource-tests.js --passWithNoTests exit 0
else
yarn test --filter ./src/tests/filters/datasource-tests.js --passWithNoTests
fi fi
else
echo "No affected tests to run"
fi fi
FILTER="./src/tests/filters/datasource-tests.js"
if [ "${{ matrix.datasource }}" == "none" ]; then
FILTER="./src/tests/filters/non-datasource-tests.js"
fi
cd packages/server
yarn test --filter $FILTER --passWithNoTests
check-pro-submodule: check-pro-submodule:
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: inputs.run_as_oss != true && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == 'Budibase/budibase') if: inputs.run_as_oss != true && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == 'Budibase/budibase')

View File

@ -231,9 +231,6 @@ const environment = {
MIN_VERSION_WITHOUT_POWER_ROLE: MIN_VERSION_WITHOUT_POWER_ROLE:
process.env.MIN_VERSION_WITHOUT_POWER_ROLE || "3.0.0", process.env.MIN_VERSION_WITHOUT_POWER_ROLE || "3.0.0",
DISABLE_CONTENT_SECURITY_POLICY: process.env.DISABLE_CONTENT_SECURITY_POLICY, DISABLE_CONTENT_SECURITY_POLICY: process.env.DISABLE_CONTENT_SECURITY_POLICY,
// stopgap migration strategy until we can ensure backwards compat without unsafe-inline in CSP
DISABLE_CSP_UNSAFE_INLINE_SCRIPTS:
process.env.DISABLE_CSP_UNSAFE_INLINE_SCRIPTS,
} }
export function setEnv(newEnvVars: Partial<typeof environment>): () => void { export function setEnv(newEnvVars: Partial<typeof environment>): () => void {

View File

@ -1,5 +1,4 @@
import crypto from "crypto" import crypto from "crypto"
import env from "../environment"
const CSP_DIRECTIVES = { const CSP_DIRECTIVES = {
"default-src": ["'self'"], "default-src": ["'self'"],
@ -97,10 +96,6 @@ export async function contentSecurityPolicy(ctx: any, next: any) {
`'nonce-${nonce}'`, `'nonce-${nonce}'`,
] ]
if (!env.DISABLE_CSP_UNSAFE_INLINE_SCRIPTS) {
directives["script-src"].push("'unsafe-inline'")
}
ctx.state.nonce = nonce ctx.state.nonce = nonce
const cspHeader = Object.entries(directives) const cspHeader = Object.entries(directives)

View File

@ -84,8 +84,8 @@
on:mouseleave on:mouseleave
on:click={onClick} on:click={onClick}
on:contextmenu on:contextmenu
ondragover="return false" on:dragover={e => e.preventDefault()}
ondragenter="return false" on:dragenter={e => e.preventDefault()}
{id} {id}
{style} {style}
{draggable} {draggable}

View File

@ -68,8 +68,8 @@
on:scroll on:scroll
bind:this={scrollRef} bind:this={scrollRef}
on:drop={onDrop} on:drop={onDrop}
ondragover="return false" on:dragover={e => e.preventDefault()}
ondragenter="return false" on:dragenter={e => e.preventDefault()}
> >
<slot /> <slot />
</div> </div>