Cleanup/removing unneeded files #4341
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
GitHub CI log: ``` [linux/arm/v6 base 6/8] RUN yarn workspaces focus --all --production 204.6 ➤ YN0007: │ bcrypt@npm:5.1.0 must be built because it never has been before or the last one failed 204.6 ➤ YN0007: │ better-sqlite3@npm:8.2.0 must be built because it never has been before or the last one failed ... [linux/arm/v7 base 6/8] RUN yarn workspaces focus --all --production 203.8 ➤ YN0007: │ bcrypt@npm:5.1.0 must be built because it never has been before or the last one failed 203.8 ➤ YN0007: │ better-sqlite3@npm:8.2.0 must be built because it never has been before or the last one failed ``` It seems that both armv6 and armv7 have the same issues with `bcrypt` and `better-sqlite3` not being built. These packages are required to build from source, luckily QEMU use armv7l for compiling. Tested and working on RPi Zero W. --------- Co-authored-by: Jed Fox <[email protected]>
Seems like we already added `tsc` to build the project, but we use the wrong babel preset (Flow) instead of the specific TS one. This is only used in testing to make Jest work (from what I can tell).
CodeQL keeps yelling at us about this… I’m not sure if the filter is smart enough to use this rate limit middleware to remove the warnings, but at least we will be setting a reasonable bound on attempts to crack the server password.
Co-authored-by: Matiss Janis Aboltins <[email protected]>
…192) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…(#190) Helps with actualbudget#919 by adding the `all` field wit both pending and booked transactions to the output of `getTransactionsWithBalance()` and, by extension, the `/nordigen/transactions` endpoint. I could alter the `getTransactions()` to return the `all` field as well but I figured that keeping it such that it returns the output from Nordigen API 1:1 might be better so I left it as is. If you don't agree, let me know and I'll update this.
Co-authored-by: Henrik Maaland <[email protected]>
A small fix: returning JSON response instead of plain-text. The frontend always expects a JSON response. So a tiny fix here..
Previously, the latest artifact list was requested unauthenticated using `ADD "https://api.github.com/..." /tmp/artifacts.json`. While this works locally, on GitHub’s servers it seems that the per-IP rate limit was exceeded. There isn’t a way to get Docker to pass the `Authorization` header that I know of, so this work has been moved to an external shell script that pulls down the relevant data.
Web: actualbudget#1087 Server: actualbudget/actual-server#207 Docs: actualbudget/docs#179 --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Remove the bulk in favour of links to our core docs. --------- Co-authored-by: Jed Fox <[email protected]>
Replaced contributing link <!-- Thank you for submitting a pull request! Make sure to follow the instructions to write release notes for your PR — it should only take a minute or two: https://github.com/actualbudget/docs#writing-good-release-notes -->
This allows running a health check from inside the container. Usage: `npm run health-check`. That may not work inside of Alpine containers, so you can do `node src/scripts/health-check.js` directly instead. Fixes actualbudget#213.
Using the new CRDT package instead of API.
- web: actualbudget#1280 - server: actualbudget/actual-server#222 - docs: actualbudget/docs#223 --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
1. upgrade `nordigen-node` to 1.2.6 (which uses the new gocardless domain) 2. allow accessing `nordigen` functionality via `/gocardless` to unblock using the new API path in actual-web
* Add GoCardless integration for COMMERZBANK_COBADEFF * Add optional iban property to creditorAccount * Use fallback for normalizeAccount and calculateStartingBalance * Update src/app-gocardless/banks/commerzbank_cobadeff.js --------- Co-authored-by: Koen van Staveren <[email protected]>
…dget#551) * use validForMax supplied by GoCardless * remove overrides in bank handlers * note * update types
* add support for ABANCA_CORP_CAGLPTPL payee name * Create Release Notes file * Lint institutionIds array Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
…actualbudget#547) * Add "Caixa Geral De Depositos" Portugal to banks with limited history * Create Release Notes file * Update to alphabetical order
* Add support for LHV_LHVBEE22 * Add upcoming-release-notes/542.md * Don't set bookingDate unless booked * Add a basic spec file * Add test case for invalid date and date validation to handle it * Remove accessValidForDays
* Add health check to docker compose * Added release note for PR * Readded the mistakenly-deleted array to the release note author
actualbudget#553) * remove non-booked transactions from import * Add release notes * minor fix to please the linter * Add coderabbit suggestions * add test file * fix test * add coderabbit fixes to test file * fix mock console * Correct consoleSpy to make linter happy * Add mock cleanup
* 🔖 (25.2.0) * Remove used release notes * Pull in newly built npm package --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* dynamically load GoCardless handlers * note
…epo (actualbudget#560) * Update README.md * Create 560.md * Update README.md Co-authored-by: Julian Dominguez-Schatz <[email protected]> --------- Co-authored-by: Julian Dominguez-Schatz <[email protected]>
* fix esm error on windows * release notes * renaming release note
…t for different folder structure
✅ Deploy Preview for actualbudget ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Bundle Stats — desktop-clientHey there, this message comes from a GitHub action that helps you and reviewers to understand how these changes affect the size of this project's bundle. As this PR is updated, I'll keep you updated on how the bundle size is impacted. Total
Changeset
View detailed bundle breakdownAdded No assets were added Removed No assets were removed Bigger
Smaller No assets were smaller Unchanged
|
Bundle Stats — loot-coreHey there, this message comes from a GitHub action that helps you and reviewers to understand how these changes affect the size of this project's bundle. As this PR is updated, I'll keep you updated on how the bundle size is impacted. Total
Changeset
View detailed bundle breakdownAdded No assets were added Removed No assets were removed Bigger No assets were bigger Smaller No assets were smaller Unchanged
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| let username = null; | ||
| let password = null; | ||
| let baseUrl = null; | ||
| if (!accessKey || !accessKey.match(/^.*\/\/.*:.*@.*$/)) { |
Check failure
Code scanning / CodeQL
Polynomial regular expression used on uncontrolled data High
Comment on lines
+293
to
+297
| const req = https.request(new URL(token), options, (res) => { | ||
| res.on('data', (d) => { | ||
| resolve(d.toString()); | ||
| }); | ||
| }); |
Check failure
Code scanning / CodeQL
Server-side request forgery Critical
Comment on lines
+361
to
+386
| const req = https.request( | ||
| new URL(`${sfin.baseUrl}/accounts${queryString}`), | ||
| options, | ||
| (res) => { | ||
| let data = ''; | ||
| res.on('data', (d) => { | ||
| data += d; | ||
| }); | ||
| res.on('end', () => { | ||
| if (res.statusCode === 403) { | ||
| reject(new Error('Forbidden')); | ||
| } else { | ||
| try { | ||
| const results = JSON.parse(data); | ||
| results.sferrors = results.errors; | ||
| results.hasError = false; | ||
| results.errors = {}; | ||
| resolve(results); | ||
| } catch (e) { | ||
| console.log(`Error parsing JSON response: ${data}`); | ||
| reject(e); | ||
| } | ||
| } | ||
| }); | ||
| }, | ||
| ); |
Check failure
Code scanning / CodeQL
Server-side request forgery Critical
| syncVersion: syncFormatVersion, | ||
| name: name, | ||
| encryptMeta: encryptMeta, | ||
| owner: |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
| res.status(400).send('Single file ID is required'); | ||
| return; | ||
| } | ||
|
|
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.