Skip to content

Updates for Dependencies, other things #58

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 31 commits into
base: main
Choose a base branch
from
Open

Updates for Dependencies, other things #58

wants to merge 31 commits into from

Conversation

physik932
Copy link
Collaborator

@physik932 physik932 commented Dec 2, 2024
edited
Loading

Description

I tried uploading 3.1.0 to the marketplace and received a few errors and warnings. I wanted to get screenshots added along with updating dependencies to remove some warnings in the build process. This required some test updating too.

I ran this through and got a few more updates, dependencies, node version upgrade, etc. I am able to run it on a sandbox instance just fine. I am going to come back to the Zendesk upload piece later when I have a bit more time, but for now, this should keep things relatively up to date.

Fixes # (issue)

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

So far I've got the unit tests passing but will test with our internal Zendesk.

Test Configuration:

  • Browser Version:
  • Operating System:

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes

@physik932 physik932 added enhancement New feature or request work in progress When the feature is in progress labels Dec 2, 2024
@physik932 physik932 self-assigned this Dec 2, 2024
@ibcheckmarx
Copy link

ibcheckmarx commented Dec 2, 2024
edited
Loading

Logo
Checkmarx One – Scan Summary & Details684e0368-9327-4752-8e7b-c85e481dd87f

New Issues (1)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
MEDIUM CVE-2025-8262 Npm-yarn-1.22.22
detailsDescription: A vulnerability was found in yarnpkg Yarn versions 1.8.0 and after. It has been classified as problematic. Affected is the function "explodeHostedG...
Attack Vector: NETWORK
Attack Complexity: LOW

ID: KCjnudznctU2ye3aWZ2MLvxySulTsUOugEoOzW7aHK0%3D
Vulnerable Package
Fixed Issues (7)

Great job! The following issues were fixed in this Pull Request

Severity Issue Source File / Package
HIGH Cx89601373-08db Npm-debug-3.2.7
HIGH Cx89601373-08db Npm-debug-2.6.9
MEDIUM Cx14b19a02-387a Npm-body-parser-1.20.3
LOW Missing_CSP_Header /src/templates/iframe.html: 1
LOW Potential_Clickjacking_on_Legacy_Browsers /src/templates/iframe.html: 1
LOW Unsafe_Use_Of_Target_blank /src/templates/default.js: 10
LOW Unsafe_Use_Of_Target_blank /src/templates/error.js: 12

@physik932 physik932 removed the work in progress When the feature is in progress label Dec 4, 2024
@physik932
Copy link
Collaborator Author

Feedback from Zendesk for marketplace:

Blockers:

en.json: "name" "URL Builder" is already the name of an app in the Marketplace. Please choose something else. "URL Builder by Ibotta" would be ok.
en.json: "long_description" needs more detail. Typically a company boilerplate followed by what the integration does well. See instructions here and check out this blog article for best practices.
en.json: "installation_instructions" should be step by step on how to set this up and locate any settings that are required. See instructions here.
en.json: Markdown syntax is not quite right. Please be sure to use \n\n to denote line breaks and list items.
assets: Screenshots look blurry/stretched. As well, each image should be unique. Please retake.

@physik932 physik932 added work in progress When the feature is in progress and removed enhancement New feature or request labels Dec 12, 2024
physik932 and others added 3 commits August 7, 2025 15:22
@physik932
updating dependencies
f733161
@dependabot @physik932
Bump nanoid from 3.3.7 to 3.3.8
2bac55b 
Bumps [nanoid](https://github.com/ai/nanoid) from 3.3.7 to 3.3.8.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.3.7...3.3.8)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@physik932
remove lodash, other dependencies
f68134e
@physik932 physik932 changed the title Updates for Marketplace Upload Updates for Dependencies, other things Aug 12, 2025
@physik932 physik932 added enhancement New feature or request and removed work in progress When the feature is in progress labels Aug 13, 2025
onyxraven
onyxraven reviewed Aug 13, 2025
View reviewed changes
.github/CONTRIBUTING.md Outdated

### Bug Report Template

When creating a bug report, include:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this in the ISSUE_TEMPLATE? maybe could just be there.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good call, removed

.github/CONTRIBUTING.md Outdated
### Example PR Description
```markdown
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could be in the PULL_REQUEST_TEMPLATE

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good call, removed

src/javascripts/modules/context.js Outdated
@@ -1,27 +1,32 @@
/* eslint-disable camelcase */
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needed? looks like everything got camelcased?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The custom_field and user_fields are from the objects from Zendesk, thats what it kept flagging. Maybe I can do it at the function level instead for those.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah (wasn't in the diff, so didn't see those)

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got it resolved -- found a way to disable it specific for the fields

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@onyxraven onyxraven onyxraven approved these changes

+1 more reviewer

@John-CX-Guy John-CX-Guy John-CX-Guy approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@physik932 physik932

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@physik932 @ibcheckmarx @onyxraven @John-CX-Guy