Expressed realms 165 update npm and megalinter (#177)

- Updated Vite, and Node Version - Updated typescript and node - Updated Vee-Validate - Updated Primevue to v4, now using new theming options Will theme based on devices color mode - Got custom backgrounds working, light theme looks much better Also fixed highlight color on ToC and fixed layout issue on the stat level tiles - Updated cypress and prime icons - Updated the last of the major packages Will need to come back and review all packages at some point - updated megalinter
Society-In-Shadow · Oct 25, 2024 · 1ed937f · 1ed937f
1 parent 21a1555
commit 1ed937f
Show file tree

Hide file tree

Showing 12 changed files with 2,297 additions and 390 deletions.
diff --git a/.github/workflows/DeployAPI.yml b/.github/workflows/DeployAPI.yml
@@ -79,4 +79,4 @@ jobs:
           imageToDeploy: ${{ vars.EXPRESSEDREALMSFRONTEND_REGISTRY_URL }}/noremacskich/expressedrealms-api:${{ github.sha }}
           containerAppName: ca-expressedrealms-api
           resourceGroup: RG_ExpressedRealms
-          environmentVariables: ASPNETCORE_ENVIRONMENT=secretref:aspnetcore-environment POSTMARK_API_KEY=secretref:postmark-api-key NO_REPLY_EMAIL=secretref:no-reply-email TEST_EMAIL_ADDRESS=secretref:test-email-address AZURE_POSTGRESSQL_CONNECTIONSTRING=secretref:azure-postgresql-connectionstring-6f940 FRONT_END_BASE_URL=secretref:front-end-base-url CLIENT_COOKIE_DOMAIN=secretref:client-cookie-domain AZURE_STORAGEBLOB_RESOURCEENDPOINT=secretref:azure-storageblob-resourceendpoint-08dee APPLICATION_INSIGHTS_CONNECTION_STRING=secretref:application-insights-connection-string
+          environmentVariables: ASPNETCORE_ENVIRONMENT=secretref:aspnetcore-environment POSTMARK_API_KEY=secretref:postmark-api-key NO_REPLY_EMAIL=secretref:no-reply-email TEST_EMAIL_ADDRESS=secretref:test-email-address AZURE_POSTGRESSQL_CONNECTIONSTRING=secretref:azure-postgresql-connectionstring-6f940 FRONT_END_BASE_URL=secretref:front-end-base-url CLIENT_COOKIE_DOMAIN=secretref:client-cookie-domain AZURE_STORAGEBLOB_RESOURCEENDPOINT=secretref:azure-storageblob-resourceendpoint-08dee APPLICATION_INSIGHTS_CONNECTION_STRING=secretref:application-insights-connection-string # yamllint disable-line rule:line-length
diff --git a/.github/workflows/megalinter.yml b/.github/workflows/megalinter.yml
@@ -1,5 +1,4 @@
 ---
-
 # MegaLinter GitHub Action configuration file
 # More info at https://megalinter.io
 name: MegaLinter
@@ -30,7 +29,7 @@ jobs:
     steps:
       # Git Checkout
       - name: Checkout Code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
           fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances
@@ -40,11 +39,14 @@ jobs:
         id: ml
         # You can override MegaLinter flavor used to have faster performances
         # More info at https://megalinter.io/flavors/
-        uses: oxsecurity/megalinter@v7
+        uses: oxsecurity/megalinter@v8
         env:
-          # Validates all source when push on main, else just the git diff with main. Override with true if you always want to lint all sources
-          VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
+          # All available variables are described in documentation
+          # https://megalinter.io/configuration/
+          VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} # Validates all source when push on main, else just the git diff with main. Override with true if you always want to lint all sources
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY
+          # DISABLE: COPYPASTE,SPELL # Uncomment to disable copy-paste and spell checks
 
       # Upload MegaLinter artifacts
       - name: Archive production artifacts
@@ -60,7 +62,7 @@ jobs:
       - name: Create Pull Request with applied fixes
         id: cpr
         if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix')
-        uses: peter-evans/create-pull-request@v5
+        uses: peter-evans/create-pull-request@v6
         with:
           token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
           commit-message: "[MegaLinter] Apply linters automatic fixes"

diff --git a/.mega-linter.yml b/.mega-linter.yml
@@ -28,6 +28,7 @@ DISABLE_LINTERS:
   - JAVASCRIPT_STANDARD
   - CSHARP_DOTNET_FORMAT # This isn't supporting .net 8 yet
   - REPOSITORY_DEVSKIM # There's a git ownership issue with this one : fatal: detected dubious ownership in repository at '/github/workspace/.git'
+  - REPOSITORY_TRIVY # Getting fatal download errors, and too many requests errors, so ignoring for now
 DISABLE_ERRORS_LINTERS:
   - PYTHON_BANDIT
   - PYTHON_PYRIGHT

diff --git a/.trivyignore b/.trivyignore
@@ -0,0 +1,5 @@
+# .trivyignore
+# This is to do with Quill, but upgrading it breaks the prime vue implementation, so ignoring for now
+# This specifically has something to do with image upload, which is disabled, and even if it wasn't would 
+# would be admin only
+CVE-2021-3163
diff --git a/client/Dockerfile b/client/Dockerfile
@@ -1,5 +1,5 @@
 # build stage
-FROM node:18 as build-stage
+FROM node:20 as build-stage
 
 # Ideally this should be set in the github action, but it's not picking up the value
 # so setting it to production here, and overriding it locally.  See #147

diff --git a/client/cypress/support/component.ts b/client/cypress/support/component.ts
@@ -20,9 +20,6 @@ import './commands'
 // require('./commands')
 
 import { mount } from 'cypress/vue'
-import 'primevue/resources/themes/lara-dark-green/theme.css'
-import 'primevue/resources/themes/lara-dark-green/fonts/Inter-italic.var.woff2'
-import 'primevue/resources/themes/lara-dark-green/fonts/Inter-roman.var.woff2'
 import "primeicons/primeicons.css";
 import "primeicons/fonts/primeicons.ttf"
 import "primeicons/fonts/primeicons.woff"
@@ -31,6 +28,7 @@ import "primeflex/primeflex.css"
 
 import 'bootstrap/scss/bootstrap-utilities.scss'
 import 'bootstrap/scss/bootstrap-grid.scss'
+import Lara from '@primevue/themes/lara';
 
 import PrimeVue from 'primevue/config';
 import { createMemoryHistory, createRouter } from 'vue-router';
@@ -69,7 +67,11 @@ Cypress.Commands.add('mount', (component, options = {}) => {
     /* Add any global plugins */
     options.global.plugins.push({
        install(app) {
-         app.use(PrimeVue, {ripple: true})
+         app.use(PrimeVue, {
+             theme: {
+                 preset: Lara
+             }
+         })
              .use(options.router);
            app.use(pinia);
            app.directive('ripple', Ripple);

diff --git a/client/index.html b/client/index.html
@@ -1,11 +1,19 @@
 <!DOCTYPE html>
 <html lang="en">
+
   <head lang="en">
     <meta name="keywords" content="larp"/>
     <meta name="description" content="Society in Shadows"/>
     <meta charset="UTF-8">
     <link rel="icon" href="/favicon.ico">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
+      <style>
+          :root {
+              font-family: 'Inter var', sans-serif;
+              --font-feature-settings: "cv02", "cv03", "cv04", "cv11";
+              background-color: var(--p-background);
+          }
+      </style>
     <title>Society in Shadows</title>
   </head>
   <body>