descope · asafshen · Feb 7, 2024 · Jan 15, 2024 · Feb 6, 2024 · Feb 6, 2024
diff --git a/.eslintrc b/.eslintrc
@@ -0,0 +1,118 @@
+{
+	"env": {
+		"browser": true,
+		"es2021": true
+	},
+	"extends": [
+		"airbnb",
+		"airbnb-typescript",
+		"plugin:import/typescript",
+		"prettier",
+		"plugin:testing-library/react",
+		"plugin:jest-dom/recommended"
+	],
+	"parser": "@typescript-eslint/parser",
+	"ignorePatterns": [
+		".eslintrc",
+		"jest.config.js",
+		"babel.config.js",
+		"build/*",
+		"dist/*",
+		"webpack.config.js",
+		"bundle/*",
+		"coverage/*",
+		"testUtils/*"
+	],
+	"parserOptions": {
+		"ecmaFeatures": {
+			"jsx": true
+		},
+		"ecmaVersion": "latest",
+		"sourceType": "module",
+		"project": "./tsconfig.json"
+	},
+	"plugins": [
+		"react",
+		"@typescript-eslint",
+		"prettier",
+		"testing-library",
+		"import",
+		"prefer-arrow",
+		"jest-dom",
+		"jest",
+		"jest-formatting",
+		"no-only-tests"
+	],
+	"settings": {
+		"import/parsers": {
+			"@typescript-eslint/parser": [".ts", ".tsx"]
+		},
+		"import/resolver": {
+			"typescript": {
+				"alwaysTryTypes": true
+			}
+		}
+	},
+	"rules": {
+		"no-tabs": ["error", { "allowIndentationTabs": true }],
+		"@typescript-eslint/indent": ["off"],
+		"react/jsx-indent": [2, "tab"],
+		"quotes": [
+			"error",
+			"single",
+			{ "avoidEscape": true, "allowTemplateLiterals": true }
+		],
+		"@typescript-eslint/quotes": [
+			"error",
+			"single",
+			{ "avoidEscape": true, "allowTemplateLiterals": true }
+		],
+		"@typescript-eslint/comma-dangle": ["off"],
+		"comma-dangle": ["off"],
+		"react/jsx-props-no-spreading": ["off"],
+		"react/function-component-definition": [
+			2,
+			{
+				"namedComponents": "arrow-function",
+				"unnamedComponents": "arrow-function"
+			}
+		],
+		"prefer-arrow/prefer-arrow-functions": [
+			2,
+			{
+				"disallowPrototype": true,
+				"singleReturnOnly": false,
+				"classPropertiesAllowed": false
+			}
+		],
+		"no-console": 2,
+		"no-only-tests/no-only-tests": 2,
+		"no-warning-comments": 2,
+		"import/no-unresolved": 2,
+		"import/named": 2,
+		"import/no-relative-packages": 2,
+		"import/no-cycle": 2,
+		"import/newline-after-import": 2,
+		"import/no-namespace": 2,
+		"import/no-duplicates": 2,
+		"import/first": 2,
+		"import/exports-last": 2,
+		"import/no-absolute-path": 2,
+		"import/no-dynamic-require": 2,
+		"import/no-self-import": 2,
+		"import/no-useless-path-segments": 2,
+		"react/require-default-props": [2, { "functions": "defaultArguments" }],
+		"import/no-extraneous-dependencies": [
+			2,
+			{
+				"devDependencies": [
+					"**/*.test.*",
+					"**/*.spec.*",
+					"**/testUtils/**",
+					"jest.config.ts",
+					"examples/**"
+				]
+			}
+		]
+	}
+}
diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml
@@ -0,0 +1,42 @@
+name: Setup
+description: Setup
+inputs:
+  node_version:
+    description: Node version to use
+    required: true
+  repo-token:
+    description: Repo token to use
+    required: true
+runs:
+  using: composite
+  steps:
+    - name: Setup Node.js 🔠
+      uses: actions/setup-node@v3
+      with:
+        node-version: ${{ inputs.node_version }}
+
+    - name: Cache node modules 💸
+      uses: actions/cache@v3
+      env:
+        cache-name: cache-node-modules
+      with:
+        # npm cache files are stored in `~/.npm` on Linux/macOS
+        path: ~/.npm
+        key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
+        restore-keys: |
+          ${{ runner.os }}-build-${{ env.cache-name }}-
+          ${{ runner.os }}-build-
+          ${{ runner.os }}-
+
+    - name: Install Dependencies 🪛
+      shell: bash
+      # Skip post-install scripts here, as a malicious
+      # script could steal NODE_AUTH_TOKEN.
+      run: npm ci --ignore-scripts
+      env:
+        CI: true
+        # `npm rebuild` will run all those post-install scripts for us.
+    - run: npm rebuild && npm run prepare --if-present
+      shell: bash
+      env:
+        CI: true
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,131 @@
+name: 🎛️ CI
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+env:
+  NODE_VERSION: 16.14
+
+jobs:
+  build:
+    name: 👷 Build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          registry-url: https://npm.pkg.github.com/
+      # Skip post-install scripts here, as a malicious
+      # script could steal NODE_AUTH_TOKEN.
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+        env:
+          CI: true
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+      # `npm rebuild` will run all those post-install scripts for us.
+      - run: npm rebuild && npm run prepare --if-present
+      - name: Building
+        run: yarn build
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+
+  lint:
+    name: 🪥 Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          registry-url: https://npm.pkg.github.com/
+      # Skip post-install scripts here, as a malicious
+      # script could steal NODE_AUTH_TOKEN.
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+        env:
+          CI: true
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+      # `npm rebuild` will run all those post-install scripts for us.
+      - run: npm rebuild && npm run prepare --if-present
+      - name: Linting
+        run: npm run lint
+      - name: Format check
+        run: npm run format-check
+
+  gitleaks:
+    name: 🔒 Run Git leaks
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+      # Skip post-install scripts here, as a malicious
+      # script could steal NODE_AUTH_TOKEN.
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+        env:
+          CI: true
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+      - name: Gitleaks
+        run: npm run leaks
+        shell: bash
+
+  testing:
+    name: 👔 Test
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          registry-url: https://npm.pkg.github.com/
+      # Skip post-install scripts here, as a malicious
+      # script could steal NODE_AUTH_TOKEN.
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+        env:
+          CI: true
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+      # `npm rebuild` will run all those post-install scripts for us.
+      - run: npm rebuild && npm run prepare --if-present
+      - name: Testing
+        run: npm run test
+      - name: Coverage check
+        uses: devmasx/coverage-check-action@v1.2.0
+        with:
+          type: lcov
+          min_coverage: 05.00
+          result_path: coverage/lcov.info
+          token: ${{ github.token }}
+
+  license-validation:
+    name: 🪪 License Validation
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          registry-url: https://npm.pkg.github.com/
+      # Skip post-install scripts here, as a malicious
+      # script could steal NODE_AUTH_TOKEN.
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+        env:
+          CI: true
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+      # `npm rebuild` will run all those post-install scripts for us.
+      - run: npm rebuild && npm run prepare --if-present
+      - name: License validation
+        shell: bash
+        run: ./thirdPartyLicenseCollector_linux_amd64 -npm-project .
diff --git a/.github/workflows/publish-next.yml b/.github/workflows/publish-next.yml
@@ -0,0 +1,51 @@
+name: 📢 Publish Next
+
+on:
+  push:
+    branches:
+      - main
+
+env:
+  NODE_VERSION: 16.14
+
+jobs:
+  publish:
+    name: 📢 Publish Next
+    permissions:
+      packages: write
+      contents: write
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token
+          fetch-depth: 0 # otherwise, you will failed to push refs to dest repo
+      - uses: actions/setup-node@v3
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          registry-url: https://registry.npmjs.org/
+      - name: Get Short SHA
+        run: echo "SHORT_SHA=`echo ${{ github.sha }} | cut -c1-8`" >> $GITHUB_ENV
+      - name: Get Next Version
+        run: |
+          current_date=$(date +'%Y%m%d')
+          echo "NEW_VERSION=0.0.0-next-${SHORT_SHA}-${current_date}" >> $GITHUB_ENV
+      - name: Use Next Version
+        run: |
+          git config --global user.email "info@descope.com"
+          git config --global user.name "Descope"
+          yarn version --new-version ${NEW_VERSION}
+          cat package.json
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+        env:
+          CI: true
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+      # `npm rebuild` will run all those post-install scripts for us.
+      - run: npm rebuild && npm run prepare --if-present
+      - name: Publish to NPM Package Registry
+        run: npm publish --access=public --tag next
+        env:
+          CI: true
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_REGISTRY }}
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -0,0 +1,39 @@
+name: 📢 publish
+
+on:
+  push:
+    tags:
+      - 'release/**'
+
+env:
+  NODE_VERSION: 16.14
+
+jobs:
+  publish:
+    name: 📢 Publish
+    permissions:
+      packages: write
+      contents: read
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          registry-url: https://registry.npmjs.org/
+      # Skip post-install scripts here, as a malicious
+      # script could steal NODE_AUTH_TOKEN.
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+        env:
+          CI: true
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+      # `npm rebuild` will run all those post-install scripts for us.
+      - run: npm rebuild && npm run prepare --if-present
+
+      - name: Publish to NPM Package Registry
+        run: npm publish --access=public
+        env:
+          CI: true
+          NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_REGISTRY }}