Enable ESLint rules for Node Security by holgerkoser · Pull Request #2029 · gardener/dashboard

holgerkoser · 2024-08-08T07:54:28Z

What this PR does / why we need it:
With this PR we enable ESLint rules for Node Security which replaces the checkmarx cecks.

Which issue(s) this PR fixes:
Fixes #2004

Special notes for your reviewer:

Release note:

ghost · 2024-09-03T13:37:27Z

@holgerkoser You need rebase this pull request with latest master branch. Please check.

petersutter

/lgtm, however the conflicts need to be resolved

grolu

/lgtm

# By Gardener Prow Robot (50) and others # Via GitHub * master: (62 commits) Update dependency codemirror to v5.65.18 (#2101) Update dependency vite to v5.4.6 [SECURITY] (#2096) Fix issues with hibernation schedule dialog (#2076) Hide SSH keypair rotation when SSH access disabled (#2077) remove unnecessary model-value binding (#2080) Fix vite warning (#2090) Update dependency vuetify to v3.7.2 (#2095) Update vueuse monorepo to v11.1.0 (#2094) Update dependency @vueuse/core to v11.1.0 (#2091) Update dependency chokidar to v4 (#2081) Update dependency @fontsource/roboto to v5.1.0 (#2078) Update dependency jose to v5.9.2 (#2087) Update dependency express to v4.20.0 [SECURITY] (#2084) Update dependency vue to v3.5.6 (#2089) Update Yarn to v4.5.0 (#2088) Update dependency vue to v3.5.5 (#2086) Update dependency vue-router to v4.4.5 (#2083) Update dependency express-static-gzip to v2.1.8 (#2082) Update dependency vue-router to v4.4.4 (#2075) Update dependency openid-client to v5.7.0 (#2069) ... # Conflicts: # .pnp.cjs # backend/package.json # frontend/package.json # frontend/src/components/ShootAddons/GManageAddons.vue # packages/kube-client/package.json # packages/kube-config/package.json # packages/logger/package.json # packages/monitor/package.json # packages/request/package.json # yarn.lock

holgerkoser added 2 commits August 8, 2024 09:50

enable eslint-plugin-security

9aeeff0

fix SAST warning in ticket cache

acc0f9d

holgerkoser requested review from grolu and petersutter as code owners August 8, 2024 07:54

holgerkoser marked this pull request as draft August 8, 2024 07:54

ghost added needs/review Needs review size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Aug 8, 2024

fixed SAST warnings in config

15641dd

gardener-robot-ci-2 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Aug 8, 2024

fixed all SAST warnings in backend

82caa5c

ghost added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. needs/second-opinion Needs second review by someone else and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Aug 8, 2024

gardener-robot-ci-1 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Aug 8, 2024

ghost removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Aug 8, 2024

holgerkoser added 2 commits August 9, 2024 17:26

enable eslint SAST rules for logger

b79a56b

fixed other SAST warnings

55ea278

ghost added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Aug 13, 2024

gardener-robot-ci-1 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Aug 13, 2024

petersutter mentioned this pull request Aug 15, 2024

Volume minimum size fixes / improvements #2030

Merged

fixed some more SAST warnings

78dcc8b

gardener-robot-ci-2 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Aug 15, 2024

backend self review

c12990a

gardener-robot-ci-2 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Aug 15, 2024

gardener-robot-ci-1 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Aug 15, 2024

holgerkoser marked this pull request as ready for review August 15, 2024 18:35

petersutter mentioned this pull request Aug 16, 2024

Collapse ShootList Columns #1991

Merged

petersutter reviewed Aug 19, 2024

View reviewed changes

Comment thread backend/lib/middleware.js Outdated

petersutter reviewed Aug 23, 2024

View reviewed changes

ghost added the needs/rebase Needs git rebase label Sep 3, 2024

PR feedback

d15c944

gardener-robot-ci-1 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Sep 18, 2024

petersutter approved these changes Sep 19, 2024

View reviewed changes

grolu approved these changes Sep 19, 2024

View reviewed changes

ghost added reviewed/lgtm Has approval for merging and removed needs/rebase Needs git rebase needs/review Needs review needs/second-opinion Needs second review by someone else labels Sep 19, 2024

gardener-robot-ci-1 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Sep 19, 2024

ghost added needs/second-opinion Needs second review by someone else and removed reviewed/lgtm Has approval for merging reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Sep 20, 2024

holgerkoser merged commit 250b586 into master Sep 20, 2024

ghost added the status/closed Issue is closed (either delivered or triaged) label Sep 20, 2024

holgerkoser deleted the enh/eslint-plugin-security branch September 20, 2024 12:41

petersutter mentioned this pull request Oct 9, 2024

[DRAFT] Add cloud providers via configuration #1553

Draft

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Enable ESLint rules for Node Security#2029

Enable ESLint rules for Node Security#2029
holgerkoser merged 10 commits into
masterfrom
enh/eslint-plugin-security

holgerkoser commented Aug 8, 2024 •

edited by petersutter

Loading

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

ghost commented Sep 3, 2024

Uh oh!

petersutter left a comment

Uh oh!

grolu left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

Conversation

holgerkoser commented Aug 8, 2024 • edited by petersutter Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

ghost commented Sep 3, 2024

Uh oh!

petersutter left a comment

Choose a reason for hiding this comment

Uh oh!

grolu left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

holgerkoser commented Aug 8, 2024 •

edited by petersutter

Loading