Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[meeting demo] Upgrade eslint and fix security alerts #117

Conversation

devalevenkatesh
Copy link
Contributor

Issue #:

  • Get react meeting demo security vulnerability alerts to 0.

Description of changes:

  1. Upgraded ES Lint version and fixed all warnings and errors for the added rules.
  2. Removed unused packages.
  3. Upgrades react-dev-utils to latest major version. This does not affect
    us as we use a plugin which does not have any breaking changes.
  4. Now npm run build will also lint the changes.

Testing

  1. How did you test these changes?
  • Ran locally and did sanity checks using 2 attendees.
  • Deployed the demo app serverlessly and again did the sanity checks.
  • Everything worked fine as expected with no console level errors.
  1. Can these changes be tested using one of the demo application? If yes, which demo application can be used to test it?

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

1. Upgraded ES Lint version and rules.
2. Removed unused packages.
3. Upgrades react-dev-utils to latest major version. This does not affect
us as we use a plugin which does not have any breaking changes.
4. Now npm run build will also lint the changes.
@devalevenkatesh devalevenkatesh requested a review from a team as a code owner December 28, 2021 03:07
@xuesichao
Copy link
Contributor

Shall we change single quote to double quote? Maybe we should still use singe quote rule to keep consistent.

@devalevenkatesh devalevenkatesh force-pushed the meeting-demo-security-alerts branch from 52859ef to b046739 Compare December 28, 2021 17:36
@devalevenkatesh devalevenkatesh force-pushed the meeting-demo-security-alerts branch from b046739 to 75d5ad9 Compare December 28, 2021 17:39
@devalevenkatesh
Copy link
Contributor Author

Shall we change single quote to double quote? Maybe we should still use singe quote rule to keep consistent.

I knew I would get this comment lol, sorry dint fixed in first and thanks for the review! I have fixed it.

"css-loader": "^6.2.0",
"eslint": "^5.16.0",
"eslint-config-airbnb": "^17.1.1",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any reason we don't want to use this?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I configured the eslint using command line where it asks for whether you want to use any preferred eslint configs like if to follow airbnb and so on. I checked the last deleted eslint config file and did not find any reference to airbnb rules hence removed it.

We were also not running lint so Instead of choosing the set solution, I used our own with basic set of rules. With this setup I fixed around (12 errors and 34 warnings). I think we can make them more stricter as we want later. Still should I try airbnb config?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no just want to check whether you think we should follow airbnb as it is quite popular. Anyway, we can always revisit this when we have a single centralize eslint config :)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let me do a quick check with airbnb setup and get back if I can fix all lets use it as a standard solution for now, if overwhelming errors and warning I will keep this setup for now 😅

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So, I got below errors with airbnb style guide:
✖ 447 problems (437 errors, 10 warnings)

We can re-visit this later 😅 .

Copy link
Contributor

@xuesichao xuesichao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We still have many any type in our code, instead of disable eslint for those lines, I would prefer to disable no-explicit-any rule in our config.

rules: {
    "@typescript-eslint/no-explicit-any": "off"
  },

Maybe we should also disable @typescript-eslint/no-empty-function rule.

apps/meeting/src/constants/index.ts Outdated Show resolved Hide resolved
apps/meeting/src/containers/EndMeetingControl/index.tsx Outdated Show resolved Hide resolved
apps/meeting/src/containers/MeetingRoster.tsx Outdated Show resolved Hide resolved
@ltrung
Copy link
Collaborator

ltrung commented Dec 28, 2021

We still have many any type in our code, instead of disable eslint for those lines, I would prefer to disable no-explicit-any rule in our config.

rules: {
    "@typescript-eslint/no-explicit-any": "off"
  },

Maybe we should also disable @typescript-eslint/no-empty-function rule.

We should enforce it and remove as we move along. Disable it entirely just open for more any type :)

@devalevenkatesh devalevenkatesh force-pushed the meeting-demo-security-alerts branch from 3de2acc to 4be4caf Compare December 28, 2021 19:32
@devalevenkatesh devalevenkatesh force-pushed the meeting-demo-security-alerts branch from cf41a80 to b771d4d Compare December 28, 2021 21:57
Copy link
Contributor

@xuesichao xuesichao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but you may want to get another approval.
Thanks for upgrading these. 👍

@devalevenkatesh devalevenkatesh merged commit dad3304 into aws-samples:meeting-dev Dec 28, 2021
LeviSklaroff added a commit that referenced this pull request Jan 7, 2022
* Update meeting app to inclue CPU utilization options for background blur

* Add onDeviceReplacement in meeting demo

* Prepare dev branch

* Conditionally show the background blur checkbox depending on if background blur is enabled

* Improve code style of api.ts file (#95)

* Remove tarball and do not change package.json (#98)

* Fix the display bug of zoom in/zoom out label (#99)

* Update react component library to latest released version (#101)

* Update webpack config to fix infinite reloading issue (#110)

* Update the uuid import statement (#111)

* Add /end API to dev server proxy (#114)

* Allow to enable simulcast and priority video policies (#113)

* [meeting demo] Upgrade eslint and fix security alerts (#117)

* [meeting demo] Upgrade eslint and fix security alerts

1. Upgraded ES Lint version and rules.
2. Removed unused packages.
3. Upgrades react-dev-utils to latest major version. This does not affect
us as we use a plugin which does not have any breaking changes.
4. Now npm run build will also lint the changes.

* Use single over double quotes

* Add rule for trailing commas

* Use trailing commas for multi-line only

* Fixed Web Audio not being enabled properly, disabled the ability to have web audio and disable audio video enabled at once because of a bug and reduntant logic

* Version bump for latest release (#121)

* Resolve meeting-dev to main conflicts (#123)

* Update main meeting (#102)

* Update meeting app to inclue CPU utilization options for background blur

* Add onDeviceReplacement in meeting demo

* Prepare dev branch

* Conditionally show the background blur checkbox depending on if background blur is enabled

* Improve code style of api.ts file (#95)

* Remove tarball and do not change package.json (#98)

* Update react component library to latest released version

Co-authored-by: David Collette <[email protected]>
Co-authored-by: chnjing <[email protected]>
Co-authored-by: Michael Hyun <[email protected]>
Co-authored-by: Sichao Xue (sichax) <[email protected]>

* Add contributing guidelines for apps/meeting demo (#105)

* Add contributing guidelines for apps/meeting demo

* Address comments

* [amplify-demo] Fix security alerts (#115)

* Fix security alerts for amplify demo

* NPM Update tmpl for fixing security vulnerability

* Address README comments

* Fix duplicate files in gitignore

* [real-time-collaboration] security alerts fix (#116)

* [real-time-chat-collaboration-demo] fix security alerts

* Fix eslint import/extensions error by removing "js" extension

* [moderated-chat-and-sentiment-analysis] security alert fix (#119)

Co-authored-by: Venkatesh Devale <[email protected]>
Co-authored-by: David Collette <[email protected]>
Co-authored-by: chnjing <[email protected]>
Co-authored-by: Michael Hyun <[email protected]>
Co-authored-by: Sichao Xue (sichax) <[email protected]>

Co-authored-by: David Collette <[email protected]>
Co-authored-by: chnjing <[email protected]>
Co-authored-by: Venkatesh Devale <[email protected]>
Co-authored-by: Michael Hyun <[email protected]>
Co-authored-by: Sichao Xue (sichax) <[email protected]>
Co-authored-by: Venkatesh Devale <[email protected]>
Co-authored-by: Daitarn <[email protected]>
Co-authored-by: Trung Le <[email protected]>
LeviSklaroff added a commit that referenced this pull request Jan 7, 2022
* Update meeting app to inclue CPU utilization options for background blur

* Add onDeviceReplacement in meeting demo

* Prepare dev branch

* Conditionally show the background blur checkbox depending on if background blur is enabled

* Improve code style of api.ts file (#95)

* Remove tarball and do not change package.json (#98)

* Fix the display bug of zoom in/zoom out label (#99)

* Update react component library to latest released version (#101)

* Update webpack config to fix infinite reloading issue (#110)

* Update the uuid import statement (#111)

* Add /end API to dev server proxy (#114)

* Allow to enable simulcast and priority video policies (#113)

* [meeting demo] Upgrade eslint and fix security alerts (#117)

* [meeting demo] Upgrade eslint and fix security alerts

1. Upgraded ES Lint version and rules.
2. Removed unused packages.
3. Upgrades react-dev-utils to latest major version. This does not affect
us as we use a plugin which does not have any breaking changes.
4. Now npm run build will also lint the changes.

* Use single over double quotes

* Add rule for trailing commas

* Use trailing commas for multi-line only

* Fixed Web Audio not being enabled properly, disabled the ability to have web audio and disable audio video enabled at once because of a bug and reduntant logic

* Version bump for latest release (#121)

* Resolve meeting-dev to main conflicts (#123)

* Update main meeting (#102)

* Update meeting app to inclue CPU utilization options for background blur

* Add onDeviceReplacement in meeting demo

* Prepare dev branch

* Conditionally show the background blur checkbox depending on if background blur is enabled

* Improve code style of api.ts file (#95)

* Remove tarball and do not change package.json (#98)

* Update react component library to latest released version

Co-authored-by: David Collette <[email protected]>
Co-authored-by: chnjing <[email protected]>
Co-authored-by: Michael Hyun <[email protected]>
Co-authored-by: Sichao Xue (sichax) <[email protected]>

* Add contributing guidelines for apps/meeting demo (#105)

* Add contributing guidelines for apps/meeting demo

* Address comments

* [amplify-demo] Fix security alerts (#115)

* Fix security alerts for amplify demo

* NPM Update tmpl for fixing security vulnerability

* Address README comments

* Fix duplicate files in gitignore

* [real-time-collaboration] security alerts fix (#116)

* [real-time-chat-collaboration-demo] fix security alerts

* Fix eslint import/extensions error by removing "js" extension

* [moderated-chat-and-sentiment-analysis] security alert fix (#119)

Co-authored-by: Venkatesh Devale <[email protected]>
Co-authored-by: David Collette <[email protected]>
Co-authored-by: chnjing <[email protected]>
Co-authored-by: Michael Hyun <[email protected]>
Co-authored-by: Sichao Xue (sichax) <[email protected]>

Co-authored-by: David Collette <[email protected]>
Co-authored-by: chnjing <[email protected]>
Co-authored-by: Venkatesh Devale <[email protected]>
Co-authored-by: Michael Hyun <[email protected]>
Co-authored-by: Sichao Xue (sichax) <[email protected]>
Co-authored-by: Venkatesh Devale <[email protected]>
Co-authored-by: Daitarn <[email protected]>
Co-authored-by: Trung Le <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants