#### Details
This PR enables the changelog script to output a .txt file with a list
of commits to validate instead of a .csv.
This can be triggered by adding a flag onto the end of the script for
the desired kind of file:
`node ./tools/get-change-log-for-release.js --from web@PREVIOUS_RELEASE
--to web@NEW_RELEASE --kind txt`
or
`yarn run change-log --from web@PREVIOUS_RELEASE --to web@NEW_RELEASE -k
txt`
Example Output:
This is the result for running `yarn run change-log -f web@2.43.0 -t
web@2.44.0 -k txt`
```
[tester]
dev: Chirag Sharma
pr: https://github.com/microsoft/accessibility-insights-web/pull/7378
group: fix
change: fix: adding code to format nextline character (\r\n) (#7378)
[tester]
dev: rohittarpara
pr: https://github.com/microsoft/accessibility-insights-web/pull/7377
group: fix
change: fix: <hx role="none"> is reported as heading. (#7377)
[tester]
dev: rohittarpara
pr: https://github.com/microsoft/accessibility-insights-web/pull/7374
group: chore
change: chore: update @fluentui/react from 8.96.1 to 8.118.1 (#7374)
[tester]
dev: rohittarpara
pr: https://github.com/microsoft/accessibility-insights-web/pull/7369
group: feat(axe-core 4.9.1)
change: feat(axe-core 4.9.1): Axe core version upgrade for Web (#7369)
[tester]
dev: Chirag Sharma
pr: https://github.com/microsoft/accessibility-insights-web/pull/7370
group: chore
change: chore : Update package version for accessibility insights report and accessibility insights ui (#7370)
```
The release driver would just need to paste this into OneNote, remove
any commits that are non-user-facing, and format like a list to add
bullets and the indents are already there!
##### Motivation
Our changelog script generates a csv of the commits to main between two
commits (usually the previous release and HEAD). During release
validation, our team filters down that CSV in excel and then pastes the
generated table into our validation template so we can check that those
commits have successfully made it into the new release. To make our
release validation process more accessible, we are moving away from
using tables in our validation templates.
##### Context
The text version of the changelog automatically excludes `dependabot`
and `chore(deps-dev)` commits, as it is more cumbersome to filter the
text list than the csv and these updates aren't included in validation
anyhow.
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [n/a] Addresses an existing issue: #0000
- [x] Ran `yarn fastpass`
- [n/a] Added/updated relevant unit test(s) (and ran `yarn test`)
- [n/a] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
#### Details
Migrated Pipeline Accessibility Insights Web SDT - CI to 1ES with the
help of migration tool.
Migrated Pipeline is tested successfully and checked the artifacts. It
looks good.
##### Motivation
Associated User Story : 2126528
migration of pipeline
https://dev.azure.com/accessibility-insights-private/Accessibility%20Insights%20(private)/_build/results?buildId=49447&view=results
##### Context
Raised Support post with 1ES team on how to use dynamic tsa.config in
source sdl stage. We will raise separate PR, if any better approach or
solution is provided.
<!-- Were there any alternative approaches you considered? What
tradeoffs did you consider? -->
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [na] Addresses an existing issue: #0000
- [x] Ran `yarn fastpass`
- [na] Added/updated relevant unit test(s) (and ran `yarn test`)
- [na] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [ ] (UI changes only) Added screenshots/GIFs to description above
- [ ] (UI changes only) Verified usability with NVDA/JAWS
#### Details
This PR adds a [jscodeshift](https://github.com/facebook/jscodeshift)
[codemod](https://github.com/facebookarchive/codemod) to the repo that
can be run using `yarn codemod` to migrate test files (set in the paths
variable in tools/codeshift.js) that use
[Enzyme](https://enzymejs.github.io/enzyme/) to use [React Testing
Library](https://testing-library.com/docs/react-testing-library/intro)
instead.
While this codemod will migrate the low hanging fruit in the tests, it
can't cover every scenario perfectly. Tests will need to be
incrementally migrated to cut down on PR size. This PR migrates tests in
the `src/tests/unit/tests/assessments/` directory to show an example of
what that incremental migration will look like.
Because our tests make heavy use of Enzyme's `shallow` rendering and
React Testing Library does a full mounted render into raw HTML, we
needed a solution to keep our snapshots scoped to the actual component
we are testing. To address this, this PR includes new mock helper
utilities:
* `mockReactComponents`: adds a `mockImplementation` for each React
Component in the array passed in that renders a React Element instead of
the full HTML of that component.
* `getMockComponentCall`: retrieves `SomeComponent.mock.calls[callNum]`
for SomeComponent and callNum passed in for a mocked React Component
* `getMockComponentClassPropsForCall`: replaces
`someReactComponent.props()` functionality for a mocked React Component
* `expectMockedComponentPropsToMatchSnapshots`: a convenience method to
assert that a mocked React Component's props match a snapshot
Note: I recommend reviewing this commit by commit in order to understand
the flow and changes best.
##### Motivation
migrating Enzyme to eventually upgrade React
##### Context
After all tests have been migrated and all mentions of Enzyme are gone,
the migration can continue:
* remove enzyme dependency
* upgrade React version
* upgrade React Testing Library version, which requires a newer version
of React
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [n/a] Addresses an existing issue: #0000
- [x] Ran `yarn fastpass`
- [x] Added/updated relevant unit test(s) (and ran `yarn test`)
- [x] Verified code coverage for the changes made. Check coverage report
at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
Bumps [prettier](https://github.com/prettier/prettier) from 3.1.0 to
3.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prettier/prettier/releases">prettier's
releases</a>.</em></p>
<blockquote>
<h2>3.1.1</h2>
<p>🔗 <a
href="https://github.com/prettier/prettier/blob/main/CHANGELOG.md#311">Changelog</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/prettier/prettier/blob/main/CHANGELOG.md">prettier's
changelog</a>.</em></p>
<blockquote>
<h1>3.1.1</h1>
<p><a
href="https://github.com/prettier/prettier/compare/3.1.0...3.1.1">diff</a></p>
<h4>Fix config file search (<a
href="https://redirect.github.com/prettier/prettier/pull/15363">#15363</a>
by <a href="https://github.com/fisker"><code>@fisker</code></a>)</h4>
<p>Previously, we start search for config files from the filePath as a
directory, if it happened to be a directory and contains config file, it
will be used by mistake.</p>
<pre lang="text"><code>├─ .prettierrc
└─ test.js (A directory)
└─ .prettierrc
</code></pre>
<pre lang="js"><code>// Prettier 3.1.0
await prettier.resolveConfigFile(new URL("./test.js",
import.meta.url));
// <CWD>/test.js/.prettierrc
<p>// Prettier 3.1.1
await prettier.resolveConfigFile(new URL("./test.js",
import.meta.url));
// <CWD>/.prettierrc
</code></pre></p>
<h4>Skip explicitly passed symbolic links with
<code>--no-error-on-unmatched-pattern</code> (<a
href="https://redirect.github.com/prettier/prettier/pull/15533">#15533</a>
by <a
href="https://github.com/sanmai-NL"><code>@sanmai-NL</code></a>)</h4>
<p>Since Prettier v3, we stopped following symbolic links, however in
some use cases, the symbolic link patterns can't be filtered out, and
there is no way to prevent Prettier from throwing errors.</p>
<p>In Prettier 3.1.1, you can use
<code>--no-error-on-unmatched-pattern</code> to simply skip symbolic
links.</p>
<h4>Consistently use tabs in ternaries when <code>useTabs</code> is
<code>true</code> (<a
href="https://redirect.github.com/prettier/prettier/pull/15662">#15662</a>
by <a href="https://github.com/auvred"><code>@auvred</code></a>)</h4>
<!-- raw HTML omitted -->
<pre lang="jsx"><code>// Input
aaaaaaaaaaaaaaa
? bbbbbbbbbbbbbbbbbb
: ccccccccccccccc
? ddddddddddddddd
: eeeeeeeeeeeeeee
? fffffffffffffff
: gggggggggggggggg;
<p>// Prettier 3.1.0
aaaaaaaaaaaaaaa
? bbbbbbbbbbbbbbbbbb
: ccccccccccccccc
? ddddddddddddddd
: eeeeeeeeeeeeeee
? fffffffffffffff
</tr></table>
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b86701dd1d"><code>b86701d</code></a>
Release 3.1.1</li>
<li><a
href="c97480c9a9"><code>c97480c</code></a>
Use <code>attributes</code> instead of deprecated
<code>assertions</code> (<a
href="https://redirect.github.com/prettier/prettier/issues/15758">#15758</a>)</li>
<li><a
href="0d1ffb3a91"><code>0d1ffb3</code></a>
Consistently use tabs in ternaries when <code>useTabs</code> is
<code>true</code> (<a
href="https://redirect.github.com/prettier/prettier/issues/15662">#15662</a>)</li>
<li><a
href="5f7aedc1cf"><code>5f7aedc</code></a>
fix example to fit the actual experimentalTernaries behaviour (<a
href="https://redirect.github.com/prettier/prettier/issues/15747">#15747</a>)</li>
<li><a
href="1e30f66f39"><code>1e30f66</code></a>
Remove claim, untrue since over 5 years ago, that cursorOffset is
incompatibl...</li>
<li><a
href="39e4e7bf40"><code>39e4e7b</code></a>
Add cursorOffset to Playground (<a
href="https://redirect.github.com/prettier/prettier/issues/15751">#15751</a>)</li>
<li><a
href="8e816ade2e"><code>8e816ad</code></a>
Allow skipping symlink patterns, to avoid raising a fault (<a
href="https://redirect.github.com/prettier/prettier/issues/15533">#15533</a>)</li>
<li><a
href="2ca5d757b7"><code>2ca5d75</code></a>
Fix expect call in dts test (<a
href="https://redirect.github.com/prettier/prettier/issues/15766">#15766</a>)</li>
<li><a
href="15c742844f"><code>15c7428</code></a>
chore(deps): update dependency flow-parser to v0.223.3 (<a
href="https://redirect.github.com/prettier/prettier/issues/15760">#15760</a>)</li>
<li><a
href="d3b3d4f5e3"><code>d3b3d4f</code></a>
chore(deps): update dependency hermes-parser to v0.18.0 (<a
href="https://redirect.github.com/prettier/prettier/issues/15761">#15761</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/prettier/prettier/compare/3.1.0...3.1.1">compare
view</a></li>
</ul>
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dave Tryon <45672944+DaveTryon@users.noreply.github.com>
#### Details
When porting #7046 to other repos, I noticed some style inconsistencies
that had crept into our PowerShell scripts. We already recommend the
PowerShell extension for vscode. This PR enables its automatic
formatting features for PowerShell scripts. I also ran the script
against `./tools/get-chrome-web-store-refresh-token.ps1` and
`./tools/clearly-defined/check-clearly-defined.ps1` to ensure consistent
formatting. The first script was already well formatted--the second
received some minor whitespace tweaks.
##### Motivation
Code consistency
##### Context
<!-- Are there any parts that you've intentionally left out-of-scope for
a later PR to handle? -->
<!-- Were there any alternative approaches you considered? What
tradeoffs did you consider? -->
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [n/a] Addresses an existing issue:
- [s] Ran `yarn fastpass`
- [n/a] Added/updated relevant unit test(s) (and ran `yarn test`)
- [n/a] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
#### Details
This PR introduces a minor performance improvement by running the
functions concurrently using `Promise.all`, which also enhances the
efficient utilization of hardware resources.
##### Motivation
This change addresses a performance enhancement to utilize concurrency
and improve resource utilization.
##### Context
N/A
#### Pull request checklist
- [n/a] Addresses an existing issue: N/A
- [x] Ran `yarn fastpass`
- [n/a] Added/updated relevant unit test(s) (and ran `yarn test`)
- [n.a] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
#### Details
We frequently get dependabot PR's for the `@types` namespace, which are
always devDependencies. To streamline maintenance, this PR automatically
excludes these packages from the ClearlyDefined check. It also updates
the validation script and removes the packages in the `@types` namespace
that we've collected so far.
It also includes 2 analyzer-suggested changes of moving `$null` from the
RHS to the LHS of the comparison to prevent accidentally setting the
value instead of comparing it.
##### Motivation
Streamline dependabot handling
##### Context
<!-- Are there any parts that you've intentionally left out-of-scope for
a later PR to handle? -->
<!-- Were there any alternative approaches you considered? What
tradeoffs did you consider? -->
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [n/a] Addresses an existing issue: #0000
- [x] Ran `yarn fastpass`
- [n/a] Added/updated relevant unit test(s) (and ran `yarn test`)
- [n/a] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
Bumps
[@types/uuid](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/uuid)
from 9.0.4 to 9.0.5.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/uuid">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/uuid&package-manager=npm_and_yarn&previous-version=9.0.4&new-version=9.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dave Tryon <45672944+DaveTryon@users.noreply.github.com>
#### Details
`check-clearly-defined.ps1` doesn't know about GitHub actions. Actions
are devDepenencies by definition, so they can all be excluded. This adds
a check to filter out dependabot branches that begin with
"dependabot/github_actions/", based on the branch name used in #6978.
The validation script is similarly updated.
Once this is reviewed and merged, the changes will be mirrored to the
versions in the `axe-windows` and `accessibility-insights-windows`
repos.
##### Motivation
Reduce friction from GitHub actions being updated.
##### Context
<!-- Are there any parts that you've intentionally left out-of-scope for
a later PR to handle? -->
<!-- Were there any alternative approaches you considered? What
tradeoffs did you consider? -->
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [n/a] Addresses an existing issue
- [x] Ran `yarn fastpass`
- [x] Added/updated relevant unit test(s) (and ran `yarn test`)
- [n/a] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.19.2 to 0.19.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/releases">esbuild's
releases</a>.</em></p>
<blockquote>
<h2>v0.19.3</h2>
<ul>
<li>
<p>Fix <code>list-style-type</code> with the <code>local-css</code>
loader (<a
href="https://redirect.github.com/evanw/esbuild/issues/3325">#3325</a>)</p>
<p>The <code>local-css</code> loader incorrectly treated all identifiers
provided to <code>list-style-type</code> as a custom local identifier.
That included identifiers such as <code>none</code> which have special
meaning in CSS, and which should not be treated as custom local
identifiers. This release fixes this bug:</p>
<pre lang="css"><code>/* Original code */
ul { list-style-type: none }
<p>/* Old output (with --loader=local-css) */
ul {
list-style-type: stdin_none;
}</p>
<p>/* New output (with --loader=local-css) */
ul {
list-style-type: none;
}
</code></pre></p>
<p>Note that this bug only affected code using the
<code>local-css</code> loader. It did not affect code using the
<code>css</code> loader.</p>
</li>
<li>
<p>Avoid inserting temporary variables before <code>use strict</code>
(<a
href="https://redirect.github.com/evanw/esbuild/issues/3322">#3322</a>)</p>
<p>This release fixes a bug where esbuild could incorrectly insert
automatically-generated temporary variables before <code>use
strict</code> directives:</p>
<pre lang="js"><code>// Original code
function foo() {
'use strict'
a.b?.c()
}
<p>// Old output (with --target=es6)
function foo() {
var _a;
"use strict";
(_a = a.b) == null ? void 0 : _a.c();
}</p>
<p>// New output (with --target=es6)
function foo() {
"use strict";
var _a;
(_a = a.b) == null ? void 0 : _a.c();
}
</code></pre></p>
</li>
<li>
<p>Adjust TypeScript <code>enum</code> output to better approximate
<code>tsc</code> (<a
href="https://redirect.github.com/evanw/esbuild/issues/3329">#3329</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/blob/main/CHANGELOG.md">esbuild's
changelog</a>.</em></p>
<blockquote>
<h2>0.19.3</h2>
<ul>
<li>
<p>Fix <code>list-style-type</code> with the <code>local-css</code>
loader (<a
href="https://redirect.github.com/evanw/esbuild/issues/3325">#3325</a>)</p>
<p>The <code>local-css</code> loader incorrectly treated all identifiers
provided to <code>list-style-type</code> as a custom local identifier.
That included identifiers such as <code>none</code> which have special
meaning in CSS, and which should not be treated as custom local
identifiers. This release fixes this bug:</p>
<pre lang="css"><code>/* Original code */
ul { list-style-type: none }
<p>/* Old output (with --loader=local-css) */
ul {
list-style-type: stdin_none;
}</p>
<p>/* New output (with --loader=local-css) */
ul {
list-style-type: none;
}
</code></pre></p>
<p>Note that this bug only affected code using the
<code>local-css</code> loader. It did not affect code using the
<code>css</code> loader.</p>
</li>
<li>
<p>Avoid inserting temporary variables before <code>use strict</code>
(<a
href="https://redirect.github.com/evanw/esbuild/issues/3322">#3322</a>)</p>
<p>This release fixes a bug where esbuild could incorrectly insert
automatically-generated temporary variables before <code>use
strict</code> directives:</p>
<pre lang="js"><code>// Original code
function foo() {
'use strict'
a.b?.c()
}
<p>// Old output (with --target=es6)
function foo() {
var _a;
"use strict";
(_a = a.b) == null ? void 0 : _a.c();
}</p>
<p>// New output (with --target=es6)
function foo() {
"use strict";
var _a;
(_a = a.b) == null ? void 0 : _a.c();
}
</code></pre></p>
</li>
<li>
<p>Adjust TypeScript <code>enum</code> output to better approximate
<code>tsc</code> (<a
href="https://redirect.github.com/evanw/esbuild/issues/3329">#3329</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="673ad10ff7"><code>673ad10</code></a>
publish 0.19.3 to npm</li>
<li><a
href="6402f110e3"><code>6402f11</code></a>
basic support for parsing import attributes</li>
<li><a
href="7ece556751"><code>7ece556</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3322">#3322</a>:
avoid temporaries before <code>"use strict"</code></li>
<li><a
href="900a90d533"><code>900a90d</code></a>
transform: banner/footer with local-css/global-css</li>
<li><a
href="bbd82b2a81"><code>bbd82b2</code></a>
run <code>make update-compat-table</code></li>
<li><a
href="f702f6b90b"><code>f702f6b</code></a>
remove an unused method</li>
<li><a
href="a111cc48ed"><code>a111cc4</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3318">#3318</a>:
ignore invalid commands for old builds</li>
<li><a
href="4c5db587c7"><code>4c5db58</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3329">#3329</a>:
treat more enum values as strings</li>
<li><a
href="5ecf535918"><code>5ecf535</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3377">#3377</a>:
improve resolution error due to <code>null</code></li>
<li><a
href="79ac17a7b6"><code>79ac17a</code></a>
resolver: adjust some error messages</li>
<li>Additional commits viewable in <a
href="https://github.com/evanw/esbuild/compare/v0.19.2...v0.19.3">compare
view</a></li>
</ul>
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dave Tryon <45672944+DaveTryon@users.noreply.github.com>
#### Details
We use playwright focal docker images for end-to-end tests. This image
is updated by dependabot. The corresponding playwright version that the
image uses will be checked by `ClearlyDefined` when it is updated in
`package.json` but the docker image itself is not included in
`ClearlyDefined` so we can exclude these updates from that check.
##### Motivation
fix the build for #6904 and future similar updates
##### Context
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [n/a] Addresses an existing issue: #0000
- [x] Ran `yarn fastpass`
- [n/a] Added/updated relevant unit test(s) (and ran `yarn test`)
- [x] Verified code coverage for the changes made. Check coverage report
at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#### Details
Note: This change is a port of
https://github.com/microsoft/accessibility-insights-windows/pull/1672#954 had 2 bugs about namespaces:
1. Dependabot adds a `/src` component to the branch name of NuGet
component. The script didn't take this into account and we ended up with
an incorrect url
2. Dependabot omits the `@` from branch names of npm components that
include a namespace. The script didn't take this into accoiunt and we
ended up with an incorrect url
The fix in both cases is the same--we add a function to adjust the raw
namespace that comes from parsing the branch name.
It also includes a batch script to aid in script validation. If we
encounter future branch names that go awry, we can just add additional
test cases and have protection against breakage.
##### Motivation
Tune the desired friction of dependabot PR's, keep the generated notices
file current
##### Output
Here is the output of the script:
```
C:>ValidateScript.bat
Skipped case: Non-dependabot branch
pwsh -f ./check-clearly-defined.ps1 -PipelineType local -BranchName fix-bug
Not a dependabot PR, skipping check
OK
Passing case: ADO PR build of dependabot branch
set SYSTEM_PULLREQUEST_SOURCEBRANCH=dependabot/nuget/src/Moq-4.18.4
pwsh -f ./check-clearly-defined.ps1 -PipelineType ado
Getting data from https://api.clearlydefined.io/definitions/nuget/nuget/-/Moq/4.18.4
ClearlyDefined has a definition for this package version.
OK
Passing case: ADO non-PR build of dependabot branch
set BUILD_SOURCEBRANCH=refs/heads/dependabot/nuget/src/Axe.Windows-2.1.3
pwsh -f ./check-clearly-defined.ps1 -PipelineType ado
Getting data from https://api.clearlydefined.io/definitions/nuget/nuget/-/Axe.Windows/2.1.3
ClearlyDefined has a definition for this package version.
OK
Passing case: action PR build of dependabot branch without namespace
set GITHUB_HEAD_REF=dependabot/npm_and_yarn/eslint-config-prettier-8.9.0
pwsh -f ./check-clearly-defined.ps1 -PipelineType action
Getting data from https://api.clearlydefined.io/definitions/npm/npmjs/-/eslint-config-prettier/8.9.0
ClearlyDefined has a definition for this package version.
OK
Passing case: action PR build of dependabot branch with namespace
set GITHUB_HEAD_REF=dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-6.3.0
pwsh -f ./check-clearly-defined.ps1 -PipelineType action
Getting data from https://api.clearlydefined.io/definitions/npm/npmjs/@typescript-eslint/eslint-plugin/6.3.0
ClearlyDefined has a definition for this package version.
OK
Failing case: Package that does not exist in ClearlyDefined
pwsh -f ./check-clearly-defined.ps1 -PipelineType local -BranchName dependabot/nuget/src/Axe.Windows-2.99.99
Getting data from https://api.clearlydefined.io/definitions/nuget/nuget/-/Axe.Windows/2.99.99
ClearlyDefined does not have a definition for this package version.
If this is a development component, you may safely ignore this warning.
If this is a production component, please do the following:
1. Request that ClearlyDefined harvest information for this package version
2. Wait for the harvest to complete -- check https://clearlydefined.io
3. Re-run the failed build
4. Once the PR build passes, merge the PR
5. If necessary, add this package to clearly-defined-exclusions.json and include it in your PR.
Merge the PR once the build passes.
OK
ALL TESTS ARE OK :)
```
##### Context
<!-- Are there any parts that you've intentionally left out-of-scope for
a later PR to handle? -->
<!-- Were there any alternative approaches you considered? What
tradeoffs did you consider? -->
The validation script could have been another PowerShell script if we
were concerned about allowing validation cross-platform, but this seems
like a sufficient option
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [n/a] Addresses an existing issue
- [x] Ran `yarn fastpass`
- [n/a] Added/updated relevant unit test(s) (and ran `yarn test`)
- [n/a] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
This commit excludes all `.ps1` files from format checking to reduce noise in `yarn fastpass`. It also fixes a small typo in the clearly defined script.
#### Details
This adds a script to check the script to detect gaps in ClearlyDefined.
It keys off the branch name to determine the following:
1. Is this a dependabot PR? (exit if no)
2. If so, what is the namespace, package, and package version?
3. Is this namespace + package in the curated exclusion list? (exit if
yes)
4. Does ClearlyDefined include an entry for this update? Succeed if yes,
fail if no)
This check is _not_ a blocking check, so it's possible to squash and
merge without it passing, which would be appropriate for a "deps-dev"
PR. The intent is to make the human aware of the potential impact and to
force a decision. Note that while this will catch PR's that update
versions of existing packages, it will _not_ catch PR's that add new
packages. That will be the responsibility of the task that creates
`NOTICE.html` and will live in a separate repo
##### Motivation
Progress toward #6636, which suggests changes to help ensure that our
`NOTICE.html` file remains correct. Once this change is merged, we
should be able to replace the manually managed `NOTICE.html` file with
the generated version
##### Sample output:
###### Non-Dependabot PR:
```
VERBOSE: Resolved Inputs: PipeLineType=action, BranchName=check-clearlydefined-for-dependabot
Not a dependabot PR, skipping check
```
###### Dependabot PR of a package that ClearlyDefined has already
harvested:
```
VERBOSE: Resolved Inputs: PipeLineType=action, BranchName=dependabot/npm_and_yarn/react-router-dom-6.14.1
Getting data from https://api.clearlydefined.io/definitions/npm/npmjs/-/react-router-dom/6.14.1
VERBOSE: GET with 0-byte payload
VERBOSE: received 6541-byte response of content type application/json
VERBOSE: Content encoding: utf-[8](https://github.com/microsoft/accessibility-insights-web/actions/runs/5755005810/job/15601503428?pr=6859#step:5:9)
ClearlyDefined has a definition for this package version.
```
###### Dependabot PR of a package that ClearlyDefined has not yet
harvested:
```
VERBOSE: Resolved Inputs: PipeLineType=action, BranchName=dependabot/npm_and_yarn/react-router-dom-6.14.10
Getting data from https://api.clearlydefined.io/definitions/npm/npmjs/-/react-router-dom/6.14.10
VERBOSE: GET with 0-byte payload
VERBOSE: received 4[8](https://github.com/microsoft/accessibility-insights-web/actions/runs/5755057600/job/15601673883?pr=6859#step:5:9)2-byte response of content type application/json
VERBOSE: Content encoding: utf-8
Error: ClearlyDefined does not have a definition for this package version.
If this is a development component, you may safely ignore this warning.
If this is a production component, please do the following:
1. Request that ClearlyDefined harvest information for this package version
2. Wait for the harvest to complete -- check at [https://clearlydefined.io](https://clearlydefined.io)
3. Re-run the failed build
4. Once the PR build passes, merge the PR
5. If necessary, add this package to clearly-defined-exclusions.json and include it in your PR.
Merge the PR once the build passes.
Error: Process completed with exit code 1.
```
##### Context
<!-- Are there any parts that you've intentionally left out-of-scope for
a later PR to handle? -->
<!-- Were there any alternative approaches you considered? What
tradeoffs did you consider? -->
The intent is to use this script across multiple repos, which is why it
includes support for action, ado, and local versions. In an ideal world
we would have this in a single location, but we're not ready to do that
just yet.
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [x] Addresses an existing issue: #6636
- [x] Ran `yarn fastpass`
- [n/a] Added/updated relevant unit test(s) (and ran `yarn test`)
- [n/a] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
#### Details
This PR rewrites the script we use to rotate our publishing refresh
tokens:
* It uses PowerShell since it's available by default on SAWs, as opposed
to Node/NPM/the request module requiring installation
* It fixes the issue that prevented it from working as of migration to
Desktop OAuth Client instead of the deprecated OOB type
* It improves the output behavior to avoid showing all the intermediate
tokens that the user doesn't normally need to see (you can see these by
running the script with the `-Debug` switch)
See our internal doc pages named "Chrome Web Store Publishing Flow" and
"Chrome WebStore secret rotation guide" for more usage details; these
have already been updated accordingly.
##### Motivation
Make it easier to do secrets rotation, bring script up to date with new
publishing setup.
##### Context
n/a
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [x] Addresses an existing issue: Part of feature 2061220
- [x] Ran `yarn fastpass`
- [n/a] Added/updated relevant unit test(s) (and ran `yarn test`)
- [n/a] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
#### Details
This PR updates our strictNullChecks config and tooling to include all
non-test `.ts` and `.tsx` files in the strict null checks set by
default, only excluding those files explicitly marked as having known
issues in `tsconfig.strictNullChecks.json`. This:
* Simplifies the `strictNullChecks` config file a lot (it reduces the
size by half and is now a flat list of files instead of a mix of files
and glob patterns)
* Saves a step of having to manually run `yarn null:autoadd` for most
changes, since new files are now implicitly added
* Removes the corresponding item from our PR checklist (I left the
automated PR check in place since it doesn't hurt anything and has a
self-descriptive error message if it does fail)
To implement this, I wrote a script to perform the conversion from an
include list to an exclude list. I included it for review in this PR,
but I don't expect it to need to be run again in the future. I verified
that `yarn null:progress` reports finding the same counts of checked and
eligible files before and after the change:
> ## Web strict-null progress
> **81%** complete (**1273**/1562 non-test files)
> *Contribute at
[#2869](https://github.com/microsoft/accessibility-insights-web/issues/2869).
Last update: Tue Dec 20 2022*
I ensured that the assorted helper scripts (`yarn null:find`, `yarn
null:autoadd`, `yarn null:check`) all still work as expected.
##### Motivation
#2869 and see above
##### Context
I considered renaming `autoadd` to something else now that it's arguably
"removing an exclusion" rather than "adding an inclusion", but I decided
to leave it as it; it's still "adding new files to the strict null
checked set" and it felt like more work/confusion than it was worth to
try to update all the issues/team working knowledge/etc about it.
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [x] Addresses an existing issue: #2869
- ~~[x] Ran `yarn null:autoadd`~~
- [x] Ran `yarn fastpass`
- [n/a] Added/updated relevant unit test(s) (and ran `yarn test`)
- [n/a] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
#### Details
Adding script used for getting a chrome refresh token to the tools dir.
This script is used in our secrets rotation process.
##### Motivation
Keep scripts related to this product in a central location
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [n/a] Addresses an existing issue: #0000
- [x] Ran `yarn null:autoadd`
- [x] Ran `yarn fastpass`
- [n/a] Added/updated relevant unit test(s) (and ran `yarn test`)
- [n/a] Verified code coverage for the changes made. Check coverage
report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
#### Details
Fixes mv3 bug with loading assessments. Repro steps:
1. Open mv3 canary/ dev assessment
2. Try to load assessment file
3. See nothing happens in details view, see following errors in console:
```
exception-telemetry-listener.ts:87 Error compiling schema, function code: const schema2 = scope.schema[2];const schema1 = scope.schema[1];return function validate1(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;const _errs1 = errors;if(!(((typeof data == "number") && (!(data % 1) && !isNaN(data))) && (isFinite(data)))){validate1.errors = [{instancePath,schemaPath:"#/definitions/nonNegativeInteger/type",keyword:"type",params:{type: "integer"},message:"must be integer"}];return false;}if(errors === _errs1){if((typeof data == "number") && (isFinite(data))){if(data < 0 || isNaN(data)){validate1.errors = [{instancePath,schemaPath:"#/definitions/nonNegativeInteger/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}}}validate1.errors = vErrors;return errors === 0;}
```
```
Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
```
##### Motivation
Feature work
##### Context
The root cause of this bug is that AJV, the library we use to validate the JSON input of assessment files, requires `unsafe-eval` in in the app's content security policy (see their docs: https://ajv.js.org/security.html#content-security-policy). This isn't a problem in mv2, we just add the appropriate line to the manifest: https://github.com/microsoft/accessibility-insights-web/blob/main/Gruntfile.js#L518. But with mv3, chrome no longer allows extensions to include `unsafe-eval` in their manifest CSP, so this is no longer an option. As a solution, this PR migrates us to use AJV's standalone validation code process instead: https://ajv.js.org/standalone.html.
A few changes were necessary to convert to the standalone process:
1. Add json generator package. This allows us to build the validator generation code separately from the rest of the codebase.
2. Add extra steps to mv3 build process to (A) build the validator generation code, (B) run the validation generator, and (C) place the generated validator in the expected file such that it can be accessed by the rest of the code.
3. Add extra logic to `load-assessment-data-validator.ts` to determine if the build generated validator is populated or if we should fallback on using the old, dynamically generated validator. We theoretically could convert all products to use the new, build generated validator and remove the old code, but I decided to only convert the mv3 extension to minimize changes to the other products that share this logic.
5. In the case that we use the build generated validator, also check that the assessments data matches the enabled feature flags. With the dynamically generated validator, we are able to check on the fly which feature flags are enabled/ disabled, and as a result, the schema that the validator checks against excludes any assessments that are behind disabled feature flags. We can't check which flags are disabled when we're generating the validator on build, so instead we include all assessments in the build generated validator schema and separately check in `LoadAssessmentDataValidator.uploadedDataIsValid` that none of the assessments in the uploaded data are behind disabled feature flags.
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a" in the checkbox -->
- [n/a] Addresses an existing issue: #0000
- [x] Ran `yarn null:autoadd`
- [x] Ran `yarn fastpass`
- [x] Added/updated relevant unit test(s) (and ran `yarn test`)
- [x] Verified code coverage for the changes made. Check coverage report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See `CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
#### Details
Fix 2 mv3 bugs uncovered by running e2e tests on the mv3 extension (added in https://github.com/microsoft/accessibility-insights-web/pull/5965). The 2 bugs are described below and addressed in the 2 commits separately.
##### Motivation
Feature work.
##### Context
Failing cross origins iframe tests:
- This bug can be repro'ed by running mv3 extension manually. Repro steps: (1) Open all-cross-origin-iframe.html test resource (2) Run fastpass (3) See details view seems to be scanning forever, errors in service worker:
```
error injecting /bundle/injected.css: Error: Cannot access contents of url "file:///C:/code/accessibility-insights-web/src/tests/end-to-end/test-resources/all-cross-origin-iframe.html". Extension manifest must request permission to access this host. Error: Cannot access contents of url "file:///C:/code/accessibility-insights-web/src/tests/end-to-end/test-resources/all-cross-origin-iframe.html". Extension manifest must request permission to access this host.
```
```
error injecting /bundle/injected.bundle.js: Error: Cannot access contents of url "file:///C:/code/accessibility-insights-web/src/tests/end-to-end/test-resources/all-cross-origin-iframe.html". Extension manifest must request permission to access this host. Error: Cannot access contents of url "file:///C:/code/accessibility-insights-web/src/tests/end-to-end/test-resources/all-cross-origin-iframe.html". Extension manifest must request permission to access this host.
```
- Another side effect of this bug is that the yellow banner asking the user to grant permission to access iframes is not appearing at all in the mv3 extension at the moment.
- The cause was the permissions we were setting in the mv3 manifest. For mv2, we always request the activeTab permission (https://github.com/microsoft/accessibility-insights-web/blob/main/src/manifest.json#L12) and conditionally gain `optional_permissions: ['*://*/*']` if a user grants access to iframes from the yellow banner. Prior to this change, we were not requesting `activeTab` permissions for mv3 and we were requiring host permissions instead of making them optional. This PR fixes those mv3 permissions such that they are now analogous to those in the mv2 extension.
- The differing permission formats in mv2 and mv3 also necessitated changes to how we handle editing the manifest in out e2e test logic, which ended up being the bulk of the changes in this PR.
Failing first time dialog tests:
- This is a test specific bug, it does not repro when running the mv3 extension manually.
- Tests were attempting to run a script that referenced `chrome.tabs` before the service worker was fully started up and while `chrome.tabs` was still undefined. Fix was to check to ensure `chrome.tabs` is defined before running script.
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a" in the checkbox -->
- [n/a] Addresses an existing issue: #0000
- [x] Ran `yarn null:autoadd`
- [x] Ran `yarn fastpass`
- [x] Added/updated relevant unit test(s) (and ran `yarn test`)
- [x] Verified code coverage for the changes made. Check coverage report at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See `CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
Turns on the no-floating-promises eslint rule for all directories except background/ and injected/, and fixes the errors that were caught.
This PR fixes 26 issues caught by this rule out of 48 in total. The issues fixed in this PR are fairly minor, and the remaining issues in background/ and injected/ are more complex and involve changes that propagate more to other files. Those issues will be addressed in future PRs.
* Chore: Add more files to eslint coverage
Previously, only the files under ./src were checked by eslint. Now, all our non-production code should be covered as well.
Fixed the few eslint errors and warnings that popped up.
* Make it so that eslint is run with individual .eslintrc.js files per project/package. This is so that each project can have its own eslint settings overrides if necessary.
Add lint:check:all to run lint:check on all code under the root and for each package under packages.