Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: App router migration for Next.js 13 #111

Merged
merged 19 commits into from
Jun 10, 2024
Merged

feat: App router migration for Next.js 13 #111

merged 19 commits into from
Jun 10, 2024

Conversation

dazedbear
Copy link
Owner

@dazedbear dazedbear commented Jun 10, 2024
edited
Loading

Goal

As a follow-up to #109, migrate all page routers to app routers.

Reference

@dazedbear
feat: migrate Homepage to app router
f3645b3
@dazedbear
feat: migrate /maintain to app router
d3cc297
@dazedbear
feat: migrate 404 page to app router
2351ef7
@dazedbear
feat: migrate /about to app router
995eaab
@dazedbear
feat: migrate error page to app router
7ffb86c
@dazedbear
style: rename files to align the naming convention
dfd2327
@dazedbear
feat: migrate notion article list page to app router
f071ed9
@dazedbear
feat: migrate notion article detail page to app router
4725d0e
@dazedbear
style: rename namespace to fit the new page types
44f57d8
@dazedbear
refactor: remove unused redux slices and page types
660e4cc
@dazedbear
feat: migrate /api/sitemap to app router
680a3df
@dazedbear
refactor: remove unused page routers
059ed68
@dazedbear
fix: use next.js notFound instead of throwing Error
44868b5
@dazedbear
fix: fix page metadata title
e43a26a
@dazedbear
fix: return 404 for external notion uuid
d94d11b
@dazedbear
chore: only log 1 dumpaccess once
c26461b
@dazedbear
test: fix broken meta tag e2e testing
1d34c14
@dazedbear
test: increase testing timeout
71d2c44
@codesandbox CodeSandbox
Copy link

codesandbox bot commented Jun 10, 2024

Review or Edit in CodeSandbox

Open the branch in Web EditorVS CodeInsiders

Open Preview

@vercel Vercel
Copy link

vercel bot commented Jun 10, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
dazedbear-github-io ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jun 10, 2024 8:40am

semgrep-app[bot]
semgrep-app bot reviewed Jun 10, 2024
View reviewed changes
src/app/custom-script.tsx
Comment on lines +58 to +71
__html: prependCheck(`
window.fbAsyncInit = function() {
FB.init({
xfbml : true,
version : 'v13.0'
});
};
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = 'https://connect.facebook.net/zh_TW/sdk/xfbml.customerchat.js';
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));`),
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.

View Dataflow Graph 
flowchart LR
    classDef invis fill:white, stroke: none
    classDef default fill:#e7f5ff, color:#1c7fd6, stroke: none

    subgraph File0["<b>src/app/custom-script.tsx</b>"]
        direction LR
        %% Source

        subgraph Source
            direction LR

            v0["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L14 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 14] inputScript</a>"]
        end
        %% Intermediate

        subgraph Traces0[Traces]
            direction TB

            v2["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L14 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 14] inputScript</a>"]

            v3["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L58 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 58] prependCheck</a>"]
        end
            v2 --> v3
        %% Sink

        subgraph Sink
            direction LR

            v1["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L58 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 58] prependCheck(`<br>                window.fbAsyncInit = function() {<br>                  FB.init({<br>                    xfbml            : true,<br>                    version          : &apos;v13.0&apos;<br>                  });<br>                };<br>                (function(d, s, id) {<br>                  var js, fjs = d.getElementsByTagName(s)[0];<br>                  if (d.getElementById(id)) return;<br>                  js = d.createElement(s); js.id = id;<br>                  js.src = &apos;https://connect.facebook.net/zh_TW/sdk/xfbml.customerchat.js&apos;;<br>                  fjs.parentNode.insertBefore(js, fjs);<br>                }(document, &apos;script&apos;, &apos;facebook-jssdk&apos;));`)</a>"]
        end
    end
    %% Class Assignment
    Source:::invis
    Sink:::invis

    Traces0:::invis
    File0:::invis

    %% Connections

    Source --> Traces0
    Traces0 --> Sink
Loading
Ignore this finding from react-dangerouslysetinnerhtml.

semgrep-app[bot]
semgrep-app bot reviewed Jun 10, 2024
View reviewed changes
src/app/custom-script.tsx
Comment on lines +46 to +51
__html: prependCheck(`
(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
})(window,document,'script','dataLayer','${trackingSettings?.googleTagManager?.id}');`),
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.

View Dataflow Graph 
flowchart LR
    classDef invis fill:white, stroke: none
    classDef default fill:#e7f5ff, color:#1c7fd6, stroke: none

    subgraph File0["<b>src/app/custom-script.tsx</b>"]
        direction LR
        %% Source

        subgraph Source
            direction LR

            v0["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L14 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 14] inputScript</a>"]
        end
        %% Intermediate

        subgraph Traces0[Traces]
            direction TB

            v2["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L14 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 14] inputScript</a>"]

            v3["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L46 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 46] prependCheck</a>"]
        end
            v2 --> v3
        %% Sink

        subgraph Sink
            direction LR

            v1["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L46 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 46] prependCheck(`<br>              (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({&apos;gtm.start&apos;:<br>              new Date().getTime(),event:&apos;gtm.js&apos;});var f=d.getElementsByTagName(s)[0],<br>              j=d.createElement(s),dl=l!=&apos;dataLayer&apos;?&apos;&l=&apos;+l:&apos;&apos;;j.async=true;j.src=<br>              &apos;https://www.googletagmanager.com/gtm.js?id=&apos;+i+dl;f.parentNode.insertBefore(j,f);<br>              })(window,document,&apos;script&apos;,&apos;dataLayer&apos;,&apos;${trackingSettings?.googleTagManager?.id}&apos;);`)</a>"]
        end
    end
    %% Class Assignment
    Source:::invis
    Sink:::invis

    Traces0:::invis
    File0:::invis

    %% Connections

    Source --> Traces0
    Traces0 --> Sink
Loading
Ignore this finding from react-dangerouslysetinnerhtml.

semgrep-app[bot]
semgrep-app bot reviewed Jun 10, 2024
View reviewed changes
src/app/custom-script.tsx
Comment on lines +35 to +39
__html: prependCheck(`(function(c,l,a,r,i,t,y){
c[a]=c[a]||function(){(c[a].q=c[a].q||[]).push(arguments)};
t=l.createElement(r);t.async=1;t.src="https://www.clarity.ms/tag/"+i;
y=l.getElementsByTagName(r)[0];y.parentNode.insertBefore(t,y);
})(window, document, "clarity", "script", "${trackingSettings?.microsoftClarity?.id}");`),
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.

View Dataflow Graph 
flowchart LR
    classDef invis fill:white, stroke: none
    classDef default fill:#e7f5ff, color:#1c7fd6, stroke: none

    subgraph File0["<b>src/app/custom-script.tsx</b>"]
        direction LR
        %% Source

        subgraph Source
            direction LR

            v0["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L14 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 14] inputScript</a>"]
        end
        %% Intermediate

        subgraph Traces0[Traces]
            direction TB

            v2["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L14 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 14] inputScript</a>"]

            v3["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L35 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 35] prependCheck</a>"]
        end
            v2 --> v3
        %% Sink

        subgraph Sink
            direction LR

            v1["<a href=https://github.com/dazedbear/dazedbear.github.io/blob/71d2c44469963b3ff30d70931ef4aa48462c7922/src/app/custom-script.tsx#L35 target=_blank style='text-decoration:none; color:#1c7fd6'>[Line: 35] prependCheck(`(function(c,l,a,r,i,t,y){<br>            c[a]=c[a]||function(){(c[a].q=c[a].q||[]).push(arguments)};<br>            t=l.createElement(r);t.async=1;t.src=&quot;https://www.clarity.ms/tag/&quot;+i;<br>            y=l.getElementsByTagName(r)[0];y.parentNode.insertBefore(t,y);<br>        })(window, document, &quot;clarity&quot;, &quot;script&quot;, &quot;${trackingSettings?.microsoftClarity?.id}&quot;);`)</a>"]
        end
    end
    %% Class Assignment
    Source:::invis
    Sink:::invis

    Traces0:::invis
    File0:::invis

    %% Connections

    Source --> Traces0
    Traces0 --> Sink
Loading
Ignore this finding from react-dangerouslysetinnerhtml.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 10, 2024
View reviewed changes
src/app/custom-script.tsx
Comment on lines +35 to +39
__html: prependCheck(`(function(c,l,a,r,i,t,y){
c[a]=c[a]||function(){(c[a].q=c[a].q||[]).push(arguments)};
t=l.createElement(r);t.async=1;t.src="https://www.clarity.ms/tag/"+i;
y=l.getElementsByTagName(r)[0];y.parentNode.insertBefore(t,y);
})(window, document, "clarity", "script", "${trackingSettings?.microsoftClarity?.id}");`),

Check warning

Code scanning / Semgrep PRO

Semgrep Finding: typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml Warning

Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.
src/app/custom-script.tsx
Comment on lines +46 to +51
__html: prependCheck(`
(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
})(window,document,'script','dataLayer','${trackingSettings?.googleTagManager?.id}');`),

Check warning

Code scanning / Semgrep PRO

Semgrep Finding: typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml Warning

Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.
src/app/custom-script.tsx
Comment on lines +58 to +71
__html: prependCheck(`
window.fbAsyncInit = function() {
FB.init({
xfbml : true,
version : 'v13.0'
});
};
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = 'https://connect.facebook.net/zh_TW/sdk/xfbml.customerchat.js';
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));`),

Check warning

Code scanning / Semgrep PRO

Semgrep Finding: typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml Warning

Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.
@dazedbear dazedbear changed the title Next 13 app feat: App router migration for Next.js 13 Jun 10, 2024
@dazedbear dazedbear marked this pull request as ready for review June 10, 2024 08:48
@dazedbear dazedbear merged commit be80d32 into main Jun 10, 2024
12 checks passed
github-actions bot pushed a commit that referenced this pull request Jun 10, 2024
@semantic-release-bot
chore(release): 4.36.0 [skip ci]
bfa4d0f 
## [4.36.0](v4.35.0...v4.36.0) (2024-06-10)

### Features

* App router migration for Next.js 13 ([#111](#111)) ([be80d32](be80d32))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@semgrep-app semgrep-app[bot] semgrep-app[bot] left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dazedbear