Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove unused release workflow #732

Closed
wants to merge 137 commits into from
Closed
Changes from 1 commit
Commits
Show all changes
137 commits
Select commit Hold shift + click to select a range
3c9d7a6
Version 4 with readme, package.json and travis.yml updates
HappyZombies Oct 8, 2021
ba02a31
Remove badges for now
HappyZombies Oct 8, 2021
aba6a3e
update npm install commands in readme
HappyZombies Oct 8, 2021
6da8984
Merge pull request #1 from node-oauth/feature.4.0.0
HappyZombies Oct 8, 2021
a0a6fdb
Ran npm init with scope, new properties added to package.json
HappyZombies Oct 8, 2021
83b3283
Merge pull request #3 from node-oauth/feature.new-org
HappyZombies Oct 8, 2021
b9aae53
Create SECURITY.md
jankapunkt Oct 10, 2021
17e2729
added test coverage using nyc
jankapunkt Oct 10, 2021
a88bb4d
Create tests.yml
jankapunkt Oct 10, 2021
917b4b9
uncomment line for coverage test until cov is added
jankapunkt Oct 10, 2021
dcd8a3d
ci change push branch dev to development
jankapunkt Oct 10, 2021
cf1ab06
Merge pull request #14 from node-oauth/add-ci
HappyZombies Oct 10, 2021
b7b8af6
Merge pull request #13 from node-oauth/test-coverage
HappyZombies Oct 10, 2021
4a9eb7b
docs: added contribution guide draft
jankapunkt Oct 10, 2021
534b5e7
Remove statuses, use http.STATUS_CODES
HappyZombies Oct 10, 2021
1722039
updated development guidelines
jankapunkt Oct 11, 2021
6a0c93c
contribution guidelines added guiding principles
jankapunkt Oct 11, 2021
c833a37
pull request template added
jankapunkt Oct 11, 2021
de41dc7
docs removed maintainers section from contribution guide
jankapunkt Oct 11, 2021
4d893e4
Merge pull request #26 from node-oauth/feature.http-status
HappyZombies Oct 11, 2021
e650264
removed jshint added eslint
jwerre Oct 11, 2021
9ebf817
merge with development branch
jwerre Oct 11, 2021
18d2404
removed should added chai
jwerre Oct 11, 2021
05b8944
removed some log statements
jwerre Oct 11, 2021
0cf3b11
removed 'no-prototype-builtins' from eslint
jwerre Oct 11, 2021
ca47721
docs: add commit message convention and coding rules
oklas Oct 12, 2021
b4e344d
tests validator is tested for all unicode ranges
jankapunkt Oct 12, 2021
f57f4c3
validator is add missing variable in is.uchar
jankapunkt Oct 12, 2021
615bd75
tests validator also test for multiple characters
jankapunkt Oct 12, 2021
c0e4ef1
eslint enable no-control-regex and disable only in validator
jankapunkt Oct 12, 2021
9775b39
tests validator is increase timeout
jankapunkt Oct 12, 2021
60bad87
docs: lightly softify commit convention requirements
oklas Oct 12, 2021
5a98700
refactor: update mocha to latest version #17
HappyZombies Oct 12, 2021
4003209
removed tab in token-model_test.js
jwerre Oct 12, 2021
a6c257f
Merge pull request #29 from node-oauth/chai
HappyZombies Oct 12, 2021
391fbef
added chai to is_test.js
jwerre Oct 12, 2021
2e4d14f
removed jshint
jwerre Oct 12, 2021
7a3a9b0
ci (dev-infra): removed travis-ci file #34
jankapunkt Oct 13, 2021
50caf40
ci (dev-infra): add matrix strategy to test multiple node versions
jankapunkt Oct 13, 2021
0bb1b23
Merge pull request #32 from oklas/contrib
HappyZombies Oct 13, 2021
df4dc62
Pulled from development
HappyZombies Oct 13, 2021
66d46be
Ran npm install, add mocharc.yml file
HappyZombies Oct 13, 2021
fe789aa
changed config file
HappyZombies Oct 13, 2021
81aac3a
Merge pull request #35 from node-oauth/feature-ci-multiple-targets
HappyZombies Oct 13, 2021
12f0a80
disallow the use of console
jwerre Oct 13, 2021
c0196f3
Merge pull request #30 from node-oauth/lint
HappyZombies Oct 13, 2021
79bcb7c
resolved package conflicts
jwerre Oct 13, 2021
8bb0dcc
Merge pull request #33 from node-oauth/feature.update-mocha
HappyZombies Oct 13, 2021
4985ca7
docs: correct types and available scripts and add info about removing…
jankapunkt Oct 13, 2021
fcec276
docs: add pull request template
jankapunkt Oct 13, 2021
3dc2f6d
Merge pull request #18 from node-oauth/contribution-guidelines
HappyZombies Oct 13, 2021
0d3f621
test: Update sinon to latest version #17
HappyZombies Oct 13, 2021
b1676fb
Merge pull request #39 from node-oauth/feature.sinon-update
HappyZombies Oct 13, 2021
f8c398f
build(packaging): update minimal supported node version to 12 #34
jankapunkt Oct 14, 2021
769878d
fix(security): use sha256 for token generation #38
jankapunkt Oct 14, 2021
26b3eb3
Merge pull request #41 from node-oauth/update-node-version
HappyZombies Oct 14, 2021
ff6a450
Merge pull request #43 from node-oauth/fix-sha1-to-sha256
HappyZombies Oct 14, 2021
8e05cb5
Remove lodash dependency (#37)
jorenvandeweyer Oct 14, 2021
156b34f
ci(dev-infra): add codeql semantic analysis #16 #36
jankapunkt Oct 15, 2021
be8121b
ci(dev-infra): make codeql scane on push and pr equal #16 #36
jankapunkt Oct 15, 2021
100e8ae
refactor:Fix typos and clean up package.json and package-lock.json
HappyZombies Oct 15, 2021
ffb28c3
Merge pull request #46 from node-oauth/feature.small-cleanup
HappyZombies Oct 15, 2021
d3b335f
ci: ignore test.yml workflow on release-* branches PRs #36
jankapunkt Oct 18, 2021
8c080ff
ci: add tests-release.yml workflow to test release-integrity
jankapunkt Oct 18, 2021
c6459b8
ci: add release.yml to release a new version to registries
jankapunkt Oct 18, 2021
cfa907d
Merge pull request #45 from node-oauth/feature-ci-static-semantic-ana…
HappyZombies Oct 19, 2021
f4fc33b
ci(tests): make coverage generate lcov.info file
jankapunkt Oct 26, 2021
02e0a4d
ci(tests): make coverage generate lcov.info file as well as html #36
jankapunkt Oct 26, 2021
ac7bb86
ci(tests): fix spelling in coverage test script #36
jankapunkt Oct 26, 2021
002e380
release: up semver and update changelog
HappyZombies Nov 4, 2021
ad45e44
Merge pull request #52 from node-oauth/release-4.1.0
jankapunkt Nov 5, 2021
485147f
Merge pull request #51 from node-oauth/release-4.1.0
HappyZombies Nov 10, 2021
0e8f864
Bump eslint from 8.0.0 to 8.2.0
dependabot[bot] Nov 10, 2021
55775b9
Bump sinon from 7.5.0 to 12.0.1
dependabot[bot] Nov 10, 2021
969ce6a
build(lint): update eslint rules to automatically fix es5 code #54
jankapunkt Nov 11, 2021
b67db9c
build(lint): auto-fix var to const/let via eslint #54
jankapunkt Nov 11, 2021
1f88d0e
build (core): move codebase to ES 6 #58
jankapunkt Nov 16, 2021
3302186
Merge pull request #56 from node-oauth/dependabot/npm_and_yarn/eslint…
HappyZombies Nov 16, 2021
2fd7b8f
Merge pull request #53 from node-oauth/dependabot/npm_and_yarn/sinon-…
HappyZombies Nov 16, 2021
e3aeff1
Add TS types
orgads Oct 10, 2021
8784aed
Merge pull request #6 from orgads/types
HappyZombies Nov 24, 2021
d991b14
Remove superfluous files from published package
orgads Oct 10, 2021
5f2b0bb
Merge pull request #7 from orgads/limit-files
HappyZombies Nov 25, 2021
eaa9d03
release: up semver and update changelog
HappyZombies Nov 27, 2021
2fa8a7f
release: add missing changelog
HappyZombies Nov 27, 2021
1b91ddc
Merge pull request #87 from node-oauth/release-4.1.1
HappyZombies Nov 28, 2021
4ca8032
fix(handlers): skip varcheck for state when allowEmptyState
jankapunkt Nov 29, 2021
52ee11d
Merge pull request #88 from node-oauth/release-4.1.1
HappyZombies Nov 29, 2021
b56afcd
fixes issue 89, point 18, original pr 646
Dec 5, 2021
3df52fd
supported custom validateRedirectUri
Dec 5, 2021
91f27f8
Supported state in case of denial
Dec 5, 2021
5824f79
feature(): Supported state in case of denialMerge pull request #99 fr…
jankapunkt Dec 10, 2021
aca48ce
fix(handlers): skip varcheck for state when allowEmptyState #89 #93
jankapunkt Dec 10, 2021
88ef515
added test for `validateRedirectUri`
jorenvandeweyer Dec 11, 2021
0a86e69
updated documentation
jorenvandeweyer Dec 11, 2021
98a9d19
better implementation of validateRedirectUri
jorenvandeweyer Dec 11, 2021
8719d83
Bearer regular expression matching in authenticate handler
Dec 12, 2021
ff9a5d2
fixed misssing return statement in doc (#98)
FStefanni Dec 13, 2021
292774e
build(deps-dev): bump eslint from 8.2.0 to 8.4.1 (#102)
dependabot[bot] Dec 13, 2021
4ff1f07
added @node-oauth/formats module, removed is.js tests
jwerre Dec 13, 2021
10fe55d
feature(core): extract is.js into standalone package @node-oauth/form…
jankapunkt Dec 14, 2021
10bca68
Bump sinon from 11.1.2 to 12.0.1 (#74)
dependabot[bot] Dec 18, 2021
643e091
build(deps-dev): bump eslint from 8.2.0 to 8.4.1 (#106)
dependabot[bot] Dec 18, 2021
92bea82
Integration test password grant (#100)
jorenvandeweyer Dec 19, 2021
3a1e433
added warning in docs, added extra tests that actually use parameters
jorenvandeweyer Dec 19, 2021
29e081b
Merge branch 'development' into issue_89_4_482
jorenvandeweyer Dec 19, 2021
9fab017
feature(authorize): allow custom implementations of validateRedirectU…
jankapunkt Dec 20, 2021
4921a1c
fix(handler): deny access when body.allowed is 'false' (#94)
jankapunkt Dec 20, 2021
d1ba63c
fix(request): set WWW-Authenticate header for invalid requests oauthj…
jankapunkt Jan 7, 2022
7174693
Merge branch 'development' into ci-release-package
jankapunkt Jan 13, 2022
13aacce
feature(ci): release workflow only runs on non-draft pull requests
jankapunkt Jan 13, 2022
edd8160
fix(ci): use actions v2 for setting up node
jankapunkt Jan 13, 2022
69a3043
fix(ci): use code-ql only on non-draft releases
jankapunkt Jan 13, 2022
36e13eb
fix(ci): fix audit job syntax error
jankapunkt Jan 13, 2022
4188547
fix(ci): fix publish jobs syntax error
jankapunkt Jan 13, 2022
ecb072e
fix(ci): fix publish jobs syntax error
jankapunkt Jan 13, 2022
510546b
fix(ci): fix check coverage
jankapunkt Jan 13, 2022
88a7bfe
fix(ci): run workflows also only on push for non-draft PR
jankapunkt Jan 13, 2022
d6ec7d8
fix(ci): fix tets.yml semantic error
jankapunkt Jan 13, 2022
e556def
fix(ci): release-workflow trigger on push to PR
jankapunkt Jan 13, 2022
465b786
fix(ci): add lcov reporter to test:coverage
jankapunkt Jan 13, 2022
b7867e7
fix(ci): use oauthjs/express-oauth-server for integration testing
jankapunkt Jan 13, 2022
3167a8e
fix(ci): fix path for integration test
jankapunkt Jan 13, 2022
c99001c
fix(ci): fix path for integration test
jankapunkt Jan 13, 2022
fd9ead8
fix(ci): fix path for integration test
jankapunkt Jan 13, 2022
aee6d92
fix(ci): fix path for integration test
jankapunkt Jan 13, 2022
916c613
fix(ci): fix path for integration test
jankapunkt Jan 13, 2022
a47e867
fix(ci): use node-oauth/express-oauth-server for integration test
jankapunkt Jan 13, 2022
8073105
fix(ci): fix path for integration test
jankapunkt Jan 13, 2022
06e6b4c
fix(ci): fix path for integration test
jankapunkt Jan 13, 2022
099d063
fix(ci): fix path for integration test
jankapunkt Jan 13, 2022
f4bfae8
fix(ci): exclude node 16 to get running
jankapunkt Jan 13, 2022
9c70236
build(ci): add --access-public flag to npm publish
jankapunkt Jan 18, 2022
c97d0e3
ci: disable release workflow until decision is made pro automated rel…
jankapunkt Feb 1, 2022
72538a3
fix(core): Bearer regular expression matching in authenticate handler…
jankapunkt Feb 1, 2022
f4caeb6
feature(ci): release workflow added #117
jankapunkt Mar 18, 2022
08d4cd3
refactor(ci): remove unused ci workflow
jankapunkt Mar 18, 2022
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
docs: added contribution guide draft
  • Loading branch information
jankapunkt committed Oct 10, 2021

Verified

This commit was signed with the committer’s verified signature.
jankapunkt Jan Küster
commit 4a9eb7b22674ab87513c6e92012bf22a268847d3
119 changes: 119 additions & 0 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
# Contributing to @node-oauth/oauth2-server

Thank you for your interest in this project and your aims to improving it.
This guide will give you the most important info on how to contribute properly
in order to get your pull requests accepted.

## Disclose security vulnerabilities

First things first:
This project has strong security implications and we appreciate every help to
improve security.

**However, please read our [security policy](./SECURITY.md), before taking
actions.**

## Development

If you want to fix bugs or add new features, please clone the source via

```bash
$ npm run test
```

### No PR without issue

Please make sure your commitment will be appreciated by first opening an issue
and discuss, whether this is a useful addition to the project.


### Run the tests

Please always make sure your code is passing linter and tests **before**
committing. By doing so you help to make reviews much easier and don't pollute
the history with commits, that are solely targeting lint fixes.

You can run the tests via

```bash
$ npm run test
```

or

```bash
$ npm run test:coverage
```

to see your coverage.

### Open a pull request (PR)

Once you have implemented your changes and tested them locally, please open
a [pull request](https://docs.github.com/en/github/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request).

Note: sometimes a pull request (PR) is also referred to as merge request (MR).

#### Fundamental PR requirements

There are a few basic requirements for your pull request to become accepted:

- Make sure to open your pull request to target the `development` branch and not
`master`
- Make sure you are working on a branch, other than `development`; usually you
can name the branch after the feature or fix you want to provide
- Resolve any merge conflicts (usually by keeping your branch updated with
`development`)
- Have a clear description on what the PR does, including any steps necessary
for testing, reviewing, reproduction etc.
- Link to the existing issue
- Added functions or changed functions need to get documented in compliance with
JSDoc
- Make sure all CI Tests are passing

Also make sure, to comply with the following list:

- Do not work on `development` directly
- Do not implement multiple features in one pull request (this includes bumping
versions of dependencies that are not related to the PR/issue)
- Do not bump the release version (unless you are a maintainer)
- Do not edit the Changelog as this will be done after your PR is merged
- Do not introduce tight dependencies to a certain package that has not been
approved during the discussion in the issue

#### Review process

Finally your PR needs to pass the review process:

- A certain amount of maintainers needs to review and accept your PR
- Please **expect change requests**! They will occur and are intended to improve
the overall code quality.
- If your changes have been updated please re-assign the reviewer who asked for
the changes
- Once all reviewers have approved your PR it will be merged by one of the
maintainers :tada:

## For maintainers

### When to release a new version?

- on fixed vulnerabilities
- on fixed dependency-vulnerabilites
- on new added features
- what else?

### When to decide between major, minor and path release?

- major = breaking
- minor = features and security fixes
- patch = general fixes and small improvements

### How to release a new version?

What's required to publish to npm, which branches are involved, what should not
be done etc.

## Become a maintainer

What is required to become a maintainer?

12 changes: 4 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
@@ -40,12 +40,8 @@ This module has been rewritten using a promise-based approach, introducing chang

Please refer to our [3.0 migration guide](https://oauth2-server.readthedocs.io/en/latest/misc/migrating-v2-to-v3.html) for more information.

## Contributing to this project

## Tests

To run the test suite, install dependencies, then run `npm test`:

```bash
npm install
npm test
```
Please read our [contribution guide](./CONTRIBUTING.md) before taking actions.
In any case, please open an issue before opening a pull request to find out,
whether your intend to contribute will actually have a chance to be merged.