This commit provides a backward compatible mechanism to chain wrap
an individual component multiple times
`Chain` mode: allow chaining of plugins on a given component
`Legacy` mode: last plugin to wrap a given component will supercede others
* chore: Add unit test for wrapComponent wrapping
* doc: Add documentation about the new pluginsOptions configuration
* doc: Add a sidenote on plugin-api page
Co-authored-by: Tim Lai <timothy.lai@gmail.com>
* feat: add tryItOutEnabled configuration
allow users to set tryItOutEnabled: true to display
the "Try it out" section by default
tryItOutEnabled to take === "true" for the
query string value or === true if someone
implements query string type parsing in the query
* Add default configuration `preserveAuthorization`
* Add localStorage to auth plugin
* Add persistAuthorization unit tests
* Refactor persistAuthorization to use wrapped actions
* Upgrade unit tests to be compatible with jest
* Add persistAuthorization documentation
Co-authored-by: Tim Lai <timothy.lai@gmail.com>
* config(jest): updated setup
* config(jest): update testMatch to include jsx files
* config(jest): add transformIgnorePatterns
* config(jest): update ignore files that do not work in jest yet
* config: add test:unit-jest to test script
* fix(jest): lint with eslint-plugin-jest
* refactor(jest): move unit test directory
* refactor(mocha): restore mocha tests that fail in jest
* docs(jest): update helpful scripts with test:unit-jest
This commit changes markdown sanitization behaviour in following way:
class, style and data-* attributes are removed by default. These attributes
open possible vulnerability vectors to attackers.
The original behavior of sanitizer (before this commit) can be enabled by *useUnsafeMarkdown* configuration option.
Use this configuration option with caution and only in cases when you know
what you're doing.
* add `security-audit` script
* npm audit fix
* remove nyc
* nightwatch@1
this breaks the test suite, but it appears to have already regressed. leaving it for another day, TODO: open a backlog ticket
* add `security-audit` script
* disable mocha exclusivity
* update package-lock.json
* cypress@3.4.0
* `npm audit fix`
* @release-it/conventional-changelog@1.1.0
* release-it@12
* Add the withCredentials configuration key
It enables passing credentials in CORS requests. e.g. Cookies and
Authorization headers.
* Improve withCredentials documentation
* Add unit tests for the withCredentials config
* Update configuration.md
* Update configuration.md
* only set `withCredentials` Fetch flag if the config value is truthy
there are some workarounds in the wild today that involve setting `withCredentials` on `system.fn.fetch` directly.
this approach avoids mangling those existing workarounds!
* add more test cases
* Update configs-wrap-actions.js
* Update index.js
* add `onFound` callback to schemas
* add warning to method docs (for #4957)
* implement Docker OAuth2 init block support
* update docs
* add OAUTH_SCOPE_SEPARATOR
* drop OAuth env from Dockerfile and run script
* don't indent the first oauth block line
* drop unused `dedent` import
* touch up warning message
* add more test cases
* return an empty block if no OAuth content is generated
* fix broken doc line
