Skip to content

init #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
FortiShield wants to merge 16 commits into
base: FortiShield-patch-1
Choose a base branch
from
Open

init #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
093995a
chore: update package
nivedin Jul 10, 2024
555174e
chore: update contributing guidelines
nivedin Jul 10, 2024
0af313a
chore: decode full url
nivedin Jul 10, 2024
cebda7f
feat: add ci pipeline to publish to npm on release
AndrewBastin Jul 10, 2024
8497b5b
chore: fix test and update editorconfig
nivedin Jul 10, 2024
4fea716
chore: fix markdown lint
nivedin Jul 10, 2024
2cbee85
fix: broken ci
AndrewBastin Jul 10, 2024
1acfcca
fix: correct broken package + bump to 3.0.6
AndrewBastin Jul 10, 2024
40575c4
chore: bump version
nivedin Feb 4, 2025
2676dac
feat: secret env variable case handle
nivedin Jul 9, 2025
74b9a70
fix : invalid query string when duplicate query param keys are provid…
SharadSaha Jul 9, 2025
742bd59
chore: bump version
nivedin Jul 9, 2025
63d27b9
chore: minor update
nivedin Jul 9, 2025
32de056
chore: bump version
nivedin Jul 10, 2025
09f17af
chore: bump version
nivedin Jul 10, 2025
7acb63c
chore: bump version
nivedin Jul 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .editorconfig
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ indent_style = space
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true
trim_trailing_whitespace = false
insert_final_newline = false

[targets/**/fixtures/*]
insert_final_newline = false
Expand Down
28 changes: 28 additions & 0 deletions .github/workflows/hopp-publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
name: Publish Package to NPM

on:
release:
types: [published]

jobs:
publish:
name: Publish
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
Copy link

@coderabbitai coderabbitai bot Mar 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Update GitHub Actions checkout version.

The checkout action version is outdated. GitHub recommends using the latest versions of actions for better compatibility and security.

-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
uses: actions/checkout@v3
uses: actions/checkout@v4
🧰 Tools
🪛 actionlint (1.7.4)

13-13: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)


- name: Setup node
uses: actions/setup-node@v4
with:
node-version: 20
cache: 'npm'
registry-url: "https://registry.npmjs.org"
Comment on lines +18 to +20
Copy link

@coderabbitai coderabbitai bot Mar 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Verify Node.js compatibility with package requirements.

The workflow uses Node.js 20, but the package.json's engines field excludes Node.js 20. Ensure these are aligned to avoid build issues.

Either update the package.json engines field to include Node.js 20 (as mentioned in my previous comment) or update this workflow to use a supported Node.js version.

Below is a shell script you can run to inspect the Node.js version (the "engines" field) specified in your package.json file. This will help verify whether there’s a mismatch with the workflow’s usage of Node.js 20:

Action Required: Align Node.js Versions

  • The workflow file (.github/workflows/hopp-publish.yml, lines 18–20) sets node-version: 20.
  • According to the review comment, the package.json’s engines field does not include Node.js 20.
  • Please verify the output of the above script. Then either update package.json’s engines field to include Node.js 20 or adjust the workflow to use a Node.js version that is supported by your package.

🏁 Script executed:

#!/bin/bash
# Check if package.json exists and display its "engines" field.
if [ -f package.json ]; then
    echo "package.json found. Current Node.js engine specification:"
    jq '.engines' package.json || echo "Unable to parse the engines field."
else
    echo "package.json not found in the repository root."
fi

Length of output: 226

Action Required: Align Node.js Versions

The workflow at .github/workflows/hopp-publish.yml (lines 18–20) currently specifies node-version: 20, but your package.json’s engines field supports only Node.js versions ^14.19.1 || ^16.14.2 || ^18.0.0. This version mismatch could lead to build issues.

  • Option 1: Update the package.json engines field to include Node.js 20 if you intend to use it.
  • Option 2: Modify the workflow to use a Node.js version supported by your package.json.


- run: npm install
- run: npm run build

- name: Publish package
run: npm publish --access public
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_PUBLISH_ACCESS_TOKEN }}
0 CONTRIBUTING.md → CONTRIBUTING.MD
View file
Open in desktop
File renamed without changes.
9 changes: 0 additions & 9 deletions SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,6 @@

At HTTPSnippet, we take security issues very seriously. If you believe you have found a security vulnerability in our project, we encourage you to disclose it responsibly. Please report any potential security vulnerabilities to us by sending an email to [vulnerability@konghq.com](mailto:vulnerability@konghq.com).

## How to Report

1. **Do not publicly disclose the vulnerability**: Please do not create a GitHub issue or post the vulnerability on public forums. Instead, contact us directly at [vulnerability@konghq.com](mailto:vulnerability@konghq.com).
1. **Provide detailed information**: When reporting a vulnerability, please include as much information as possible to help us understand and reproduce the issue. This may include:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- Any relevant logs or screenshots

## What to Expect
Copy link

@sourcery-ai sourcery-ai bot Mar 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Consider adding back guidance on how to report vulnerabilities.

While the contact email is provided, the removed section "How to Report" contained valuable information about what details to include in a report. This could help users submit more effective reports. Perhaps a condensed version of the old section could be included.

Suggested change
## What to Expect
## How to Report
When reporting vulnerabilities, please include:
- A clear description of the issue and the steps required to reproduce it.
- Any relevant logs, screenshots, or sample code that illustrate the vulnerability.
- An assessment of the potential impact.
- Your contact information for follow-up questions.
You can reach our security team at [security@example.com](mailto:security@example.com).
## What to Expect


- **Acknowledgment**: We will acknowledge receipt of your vulnerability report within 48 hours.
Expand Down
Loading