Граф коммитов

71 Коммитов

Автор SHA1 Сообщение Дата
Vincent 4f35647b3f Change Firefox Accounts to Mozilla Accounts
Hidden behind the "FxaRebrand" flag so we can roll it out across
different products at the same time.
2023-10-13 16:53:40 +02:00
Raphael Okafor Jr 812566b50a
Merge branch 'main' into MNTOR-2069-README 2023-09-19 07:03:20 -04:00
Robert Helmer a5fe8c87ca
MNTOR-2022/re-land glean.js (#3413)
* Revert "MNTOR-2022 - Revert glean js temporarily (#3379)"

This reverts commit 80f6aa841a.

* add requirements.txt so we can use Heroku Python buildback

* install Python in Dockerfile and override with Glean 2.0.2 options
2023-09-14 18:41:36 -07:00
Robert Helmer d07b8659b9
MNTOR-2120 - re enable breach alerts with pubsub (#3380)
MNTOR-2120 - split HIBP into receiving API and processor using GCP PubSub

* add instructions for using pubsub emulator
* export knex objects so connection pools can be torn down
* move projectId, topicName, and subscriptionName to env vars
2023-09-08 17:02:53 -07:00
Robert Helmer 80f6aa841a
MNTOR-2022 - Revert glean js temporarily (#3379)
* Revert "MNTOR-2022 - Include python for Heroku and CircleCI builders"

This reverts commit cbc3b680d9.

* Revert "MNTOR-2022: Integrate Glean.js & hook up generic events (#3303)"

This reverts commit 021e440d02.
2023-09-07 17:39:59 -07:00
Bruno Rosa 021e440d02
MNTOR-2022: Integrate Glean.js & hook up generic events (#3303)
* Integrate Glean.js & record generic events

changelog
- add Glean.js `v2.0.1`
- add "incoming.telemetry.mozilla.org" to CSP
- `metrics.yaml` file for all Glean metrics
- `useGlean` custom hook for initializing telemetry
- generic page load event for home screen
- generic click event on "sign in" button
- new folders to ignore in git

* Update metrics.yaml

changelog
- add comment link to glean book
- remove unnecessary config for events

* Conditional-ize Glean debug settings

* Remove button click event

* Update Glean debug conditional

* Record URL path on page load

* metrics.yaml updates

* useGlean updates

changelog
- add the "uploadEnabled" check
- change Glean ID to "monitor.frontend"
- update metrics to use new naming

* Add build-glean command to "build" script

* Update debugging code

* Update circleci config

* README updates for build-glean step

* New node_with_python executor

* Config updates

* prettierignore Glean generated files

---------

Co-authored-by: Robert Helmer <rhelmer@mozilla.com>
2023-09-07 14:09:16 -07:00
Raphael Okafor Jr 7b104ed86f
Merge branch 'main' into MNTOR-2069-README 2023-09-07 08:41:30 -04:00
Robert Helmer 451bfec25b
remove code coverage badge (#3352) 2023-09-06 12:55:36 -07:00
mozrokafor 468e666136 PR feedback, adding link to general readme, syntax updates 2023-08-29 11:03:54 -04:00
Florian Zia 6ee1ee7aa5
chore: Add note regarding create-location-data to README 2023-07-11 10:25:28 +02:00
Vincent b56993359e
Merge Next.js into `main` (#3116)
* Initialise Next.js app using create-next-app

Command run: npx create-next-app@latest

* Also tell VSCode to format TS and TSX files

* WIP: Sign in with next-auth

* Add Fluent

Unfortunately, since the ReactLocalization object contains
functions, it can't be shared between client and server (because
functions can't be serialized), so in effect every page that uses
localisation has to be a client component.

But at least we can set the correct `lang` attribute on <html> on
the server, so there's that :)

* Copy-paste public breach scan into Next.js

* Halfway migrate public breach list

Did not do: breach icons and getLocale() (for list and date
formatting).

* Enable SSR for localised strings

This allows our pages to be Server Components now.

* Download breach logos in Next.js server

* Tell search engines not to index non-prod envs

* Port existing security headers from Helmet to Next

* Add a 404 page

* Relax CSP in local development

* Set up Next-Auth for server components

It still doesn't work at the moment because the correct redirect
URL hasn't yet been set up on FxA.

* Apply Prettier to Next.js files on commit

* Enable Sass

* feat: Port existing landing page

* fix: Set hibp footer as html

* Wire up Next.js to FxA using iron-session

* feat: Port main layout for authenticated pages

* chore: Get session in layout

* Set up Prettier for VSCode users

* fix: Provide fxa user menu with data

* chore: Format Create Next App template

* Make Next-Auth work with FxA

To test, add the following two variables to your .env:

  NEXTAUTH_URL=http://localhost:6060
  NEXTAUTH_SECRET=<generate using `openssl rand -base64 32`>

You can then add <SignInButton/> to e.g. the landing page to kick
off authentication.

* Port breach-detail page to Next.js

* Add pending translations

* Access session data in React components

* Use Prettier as the formatter in VSCode

* Port Nebula & Protocol tokens into tokens file

* merge: Resolve conflicts

* fix: Move hr into li element

* feat: Handle authenticated users

* chore: Add todo note

* chore: Don’t use default exports for SignInButton and UserMenu

* chore: Move site navigation to client-side component

* Make mozlog work with Next.js

Unfortunately, this required patching the `intel` package. That
said, since that package hasn't been updated in six years, this
should be relatively safe.

The problem is that `intel` was trying to dynamically determine
which modules to load based on which files were present in its
directory. However, since Next.js moves (and presumably bundles)
Node modules into the `.next` folder, it was unable to find the
modules that `mozlog` was expecting to use.

The patch fixes this by simply explicitly importing those four
modules.

* Add back a couple of authentication logs

* add woff files and metropolis css file

* add right font path

* format scss file to include camelcase

* chore: Move components into (nextjs_migration) and remove redundant layout file

* chore: Remove redirect landing page -> dashboard

* chore: Redirect to dashboard upon signin

* add title and body copy variables

* use token variables in landing scss file instead of old variables from variables.css

* feat: Add basic dashboard page elements

* chore: Add circle chart web component

* chore: Add custom select web component

* breaches get and put calls

* cleanup

* get rid of debug logs

* Add sentry to nextJS branch (#3075)

MNTOR-1641 - enable Sentry for NextJS, for front- and back-end code

* chore: Render user breaches

* feat: Port breach resolution api

* fix: Check breach resolution filter by default

* chore: Add redirect /user/dashboard -> /user/breaches

* feat: Add breach page types

* chore: Remove breach resolution API call headers

* fix: Rename changed API response data key

* add template button component

* remove assets

* add button styling

* chore: Trigger auto signIn for pages that require authentication

* chore: Update breach types

* chore: Repurpose HIBP BreachDataTypes

* chore: Don’t capitalize first letter of chart label

* chore: Remove duplicate font size

* chore: Rename BreachResolutionApiBody -> BreachResolutionRequest

* Add a redirect from /security-tips for Next.js

This was already present in the Express-based website.

* Add the app shell for the React-based website

* chore: Re-enable gtag

* use old font code and add status pill component

* remove unnecessary package additions and style status pills

* lint

* test exposurecard data func

* MNTOR-1765 - set title, favicon, and meta tag correctly for nextjs app (#3082)

* Port unsubscribe-monthly page to Next.js

* add toggle to exposurecard accordion

* add icons to exposure type

* Ease transition from `getMessage`

This adds a `getStringLookup` API to ease the transition from old
Fluent functions (which depend on the user's locale being stored in
AsyncLocalStorage). It will behave the same as the old getMessage()
when called as-is, but when passed an instance of ReactLocalization
(which we have access to in Next.js routes), it will retrieve the
localised string from that.

* Add preliminary Subscriber table type definition

* Process new user sign-in

This does a couple of things:
- It updates the code that sends the breach check email on
  first sign-in to pass an instance of ReactLocalization.
- It splits session data and JWT properties to separate data
  provided to use by FxA from data we store in our own database.
- It checks if the user that signs in is already known in our
  database, and if not, it adds them. It does so using mostly the
  same code as in /src/controllers/auth.js's `confirmed` function.

* dockerflow endpoints

* remove introduction.mdx for now, refine button states

* apply some changes

* Move new components out of migration dir

* Delete .bash_profile

* Delete storybook.log

* Delete main.js

* Delete preview.js

* remove use of inter for now

* feat: add email api

* feat: remove email api

* verify email

* update comms options

* light refactoring

* take shared function out to util

* send verification email

* add another property to EmailRow

* add some types

* rename route

* fix review comment

* Fix MNTOR-1634: Stub /settings page (auth)

* Remove commented code, add CSS, match HTML markup from previous iterations

* Remove/comment out logic dependent on session info

* Wire up settings page and new APIs

* Work around radio button unchecking on page load

* Adding a catch all 404

Not ideal but the best solution at the moment

Co-authored-by: Vincent <Vinnl@users.noreply.github.com>

* version route

* remove log

* Port admin pages to Next.js

The Notification email doesn't work yet, because it's not clear yet
how to trigger the Cloud Function.

* Add Storybook build output folder to gitignore

* Set up Netlify

* Group Storybook ignores together

* add node env

Co-authored-by: Vincent <Vinnl@users.noreply.github.com>

* fix test

* fix npm test

* fix css lint

* fix lint js

* exclude sentry.*

* Set up the actual linting we'll use

* Prettier-ignore appropriate files, format the rest

* Fix/ignore ESLint and TypeScript errors

* Make tests work with getStringLookup

* Remove now-unused dependencies and build scripts

* Update CI scripts for Next.js

* Add missing Next.js dependencies to the lockfile

These were added when running `next build`.

* Tag Next.js migration TODOs

* Make "add email" dialog work on dashboard

* Load client-side scripts as modules

This is the same the old website did, and avoids e.g. different
`init` functions overriding each other.

* Fix loading of FxA avatar

* Use <BreachLogo> component

* Allow Next.js's inline scripts/styles in prod

For `style-src`, the current website already enables
'unsafe-inline'. For script-src, it looks like we currently cannot
avoid that: https://github.com/vercel/next.js/discussions/51039

* Debug Playwright (#3118)

---------

Co-authored-by: Florian Zia <zia.florian@gmail.com>
Co-authored-by: Kaitlyn <kandres@mozilla.com>
Co-authored-by: Joey Zhou <jozhou@mozilla.com>
Co-authored-by: Robert Helmer <rhelmer@mozilla.com>
Co-authored-by: maxxcrawford <maxx.crawford@gmail.com>
2023-06-12 13:35:35 -07:00
Robert Helmer 0bb98e8778
Mntor 1539/separate data ingestion (#3034)
MNTOR-1539 - create Google Cloud Function version of /hibp/notify API endpoint
2023-05-18 15:17:23 -07:00
Vincent 39ec0871d4 Add note on running Redis locally 2023-05-10 15:38:40 +01:00
Kaitlyn 0ce5c8fa5d rephrase 2023-05-02 16:35:14 -04:00
Kaitlyn 7efe054233 Add Postgress.app option on the readme 2023-05-02 16:32:26 -04:00
Amri Toufali 0205a44a53
Update ReadMe: legacy cleanup 2023-04-28 14:49:54 -07:00
Vincent 49d2079002 Use Volta to align toolchains 2023-02-13 11:30:19 +01:00
Robert Helmer 415886680c
add shared VSCode settings (#2777) 2023-02-10 12:40:43 -08:00
Joey Zhou b33539485e update packagejson installer for fluent 2022-11-22 08:37:08 -08:00
John Whitlock acfa175564
Add coverage badge 2022-10-18 17:29:57 -05:00
John Whitlock f3c34bbf59
Skip coveralls in 'npm test' if not configured 2022-10-18 17:29:56 -05:00
Amri Toufali 4651ba3dbd
Merge pull request #2674 from mozilla/MNTOR-792/main-template
Mntor 792/main template
2022-10-18 14:19:06 -07:00
Amri Toufali cc7293ac43
update README to discuss `git-blame-ignore-revs` 2022-10-10 13:14:00 -07:00
Amri Toufali d3d6d6f47b
add workspace to switch between v1/v2 2022-10-10 12:45:47 -07:00
Joey Zhou 3e667f4c29 chore: docs and minor updates 2022-09-21 09:37:13 -07:00
Amri Toufali be14d60a41
update README to remove integration info 2022-06-22 20:00:29 -07:00
Amri Toufali fd6f1a9a45
update README for "Code style" 2022-06-21 11:08:31 -07:00
Amri Toufali 32868f03e2
update Stylelint config 2022-06-15 22:39:57 -07:00
Amri Toufali 703d05496c
add architecture diagram to readme 2022-04-21 20:37:53 -07:00
Amri Toufali 60c8a5de61 update README.md - localization sync via merge 2021-12-17 13:54:02 -08:00
Amri Toufali 602391aa9c
merge `main` into `localization` (#2390)
* Sync Localization to Main (#2383)

* IP location banner for VPN education/promotion (#2284)
* Update localizations

Co-authored-by: Pontoon <pontoon@mozilla.com>
Co-authored-by: Winfox <openlib@email.it>
Co-authored-by: Christian Eduardo Noriega <cafiovafo@gmail.com>
Co-authored-by: Balázs Meskó <meskobalazs@mailbox.org>
Co-authored-by: Іhor Hordiichuk <igor_ck@outlook.com>
Co-authored-by: ravmn <ravmn@ravmn.cl>
Co-authored-by: Andreas Pettersson <az@kth.se>
Co-authored-by: Melo46 <melo@carmu.com>
Co-authored-by: Pin-guang Chen <petercpg@mail.moztw.org>
Co-authored-by: Alexander Slovesnik <unghost@mozilla-russia.org>
Co-authored-by: Michael Köhler <michael.koehler1@gmx.de>
Co-authored-by: Ian Neal <iann_bugzilla@blueyonder.co.uk>
Co-authored-by: 你我皆凡人 <yuanbingyan@mail.ee>
Co-authored-by: Vlado Valaštiak <valastiak@mozilla.sk>
Co-authored-by: Mark Heijl <markh@babelzilla.org>
Co-authored-by: Théo Chevalier <theo.chevalier11@gmail.com>
Co-authored-by: Yaya.Cout <yaya.cout@free.fr>
Co-authored-by: Abelardo Ayala Rodríguez <abe_aya@hotmail.com>
Co-authored-by: Fjoerfoks <fryskefirefox@gmail.com>
Co-authored-by: Roberto Alvarado <ralv888@gmail.com>
Co-authored-by: Marcelo Ghelman <marcelo.ghelman@gmail.com>

* Update localization process (#2382)

* update readme

* Add IDC Games breach logo (#2387)

Co-authored-by: Pontoon <pontoon@mozilla.com>
Co-authored-by: Winfox <openlib@email.it>
Co-authored-by: Christian Eduardo Noriega <cafiovafo@gmail.com>
Co-authored-by: Balázs Meskó <meskobalazs@mailbox.org>
Co-authored-by: Іhor Hordiichuk <igor_ck@outlook.com>
Co-authored-by: ravmn <ravmn@ravmn.cl>
Co-authored-by: Andreas Pettersson <az@kth.se>
Co-authored-by: Melo46 <melo@carmu.com>
Co-authored-by: Pin-guang Chen <petercpg@mail.moztw.org>
Co-authored-by: Alexander Slovesnik <unghost@mozilla-russia.org>
Co-authored-by: Michael Köhler <michael.koehler1@gmx.de>
Co-authored-by: Ian Neal <iann_bugzilla@blueyonder.co.uk>
Co-authored-by: 你我皆凡人 <yuanbingyan@mail.ee>
Co-authored-by: Vlado Valaštiak <valastiak@mozilla.sk>
Co-authored-by: Mark Heijl <markh@babelzilla.org>
Co-authored-by: Théo Chevalier <theo.chevalier11@gmail.com>
Co-authored-by: Yaya.Cout <yaya.cout@free.fr>
Co-authored-by: Abelardo Ayala Rodríguez <abe_aya@hotmail.com>
Co-authored-by: Fjoerfoks <fryskefirefox@gmail.com>
Co-authored-by: Roberto Alvarado <ralv888@gmail.com>
Co-authored-by: Marcelo Ghelman <marcelo.ghelman@gmail.com>
Co-authored-by: Maxx Crawford <maxx.crawford@gmail.com>
2021-12-02 13:58:06 -08:00
Amri Toufali 1ceeb42721
IP location banner for VPN education/promotion (#2284)
* add banner expand functionality

* refactor home content to nest in top-level `main`

* optimize homepage style for vpn banner

* optimize breach page style for vpn banner

* optimize "security tips" page style for vpn banner

* optimize about page style for vpn banner

* move header shadow to avoid vpn banner conflict

* add 2nd panel main content

* add en locale strings

* add "protected" version of banner with associated strings

* handle ip address not found in MaxMind DB

* add Heroku Buildpack vars for MaxMind db

* update .env-dist vars for MaxMind GeoLite2

* handle MaxMind db read error

* refactor client-side mullvad API and async geodata

* default to "not protected" for cache/fetch error

* use full country name

* add abort controller for Mullvad req

* cache location lookup with redis session

* allow optional env vars

* update readme

* add analytics/attribution

* add localization to MaxMind location data

* add blocked locales to env var

* refactor ip-location to open db once every 3 days

* Fix broken visual integration tests
2021-11-19 12:06:30 -08:00
Amri Toufali fbf3ceecc9
add better Heroku compatibility (#2352)
* use Node/NPM semver range

* use procfile for Heroku auto-deploys

* add Heroku default for empty SERVER_URL

* update README
2021-10-20 11:56:09 -07:00
Amri Toufali 3d24595060
Migrate Travis to CircleCI (#2310)
* add lints to circleci

* delete travis config

* add circleci orbs

* update images

* update dockerfile to allow dev build

* refactor unit-tests using machine host instead of docker

* set postgres user pass to enable docker connection

* remove .env-dist quotes in values (broken syntax)

* fix broken coveralls test

* update readme

* use `npm ci` instead of redundant `npm install`

* switch integration test network mode to `host`

* specify .env path for integration test

* update lockfile

* remove docker login and obsolete jobs
2021-10-15 11:58:00 -07:00
Amri Toufali 4d06a46e6e update readme for integration tests 2021-10-01 10:35:00 -07:00
Amri Toufali c04e8fe673
update Security Tips integration test baseline img (#2295)
* update Security Tips integration test baseline img

* update README for integration tests

Co-authored-by: luke crouch <luke.crouch@gmail.com>

* Update README.md
2021-09-30 09:49:00 -07:00
Amri Toufali b9cdb3726b
Update README.md
Co-authored-by: luke crouch <luke.crouch@gmail.com>
2021-09-15 10:57:21 -07:00
Amri Toufali b1b18a7771
Update README.md
Co-authored-by: luke crouch <luke.crouch@gmail.com>
2021-09-15 10:57:14 -07:00
Amri Toufali deb86592dc
Update README.md
Co-authored-by: luke crouch <luke.crouch@gmail.com>
2021-09-15 10:57:08 -07:00
Amri Toufali 16dbf89d3a
Update README.md
Co-authored-by: luke crouch <luke.crouch@gmail.com>
2021-09-15 10:57:00 -07:00
Amri Toufali 689c076230
Update README.md
Co-authored-by: luke crouch <luke.crouch@gmail.com>
2021-09-15 10:56:50 -07:00
Amri Toufali 17f1d3bf22 update README for email triggering instructions
- remove outdated instructions
- add clearer instructions including Mailinator steps
2021-09-14 11:33:26 -07:00
luke crouch cd18758862
Merge pull request #2211 from mozilla/2210-ui-tool-updates
Fix #2210 - Update UI Tooling
2021-07-22 14:49:34 -05:00
Maxx Crawford 333a4a3d16 Fix link path to code standards doc 2021-07-21 14:41:29 -05:00
Maxx Crawford 59c11a5730 Added coding standard docs 2021-07-14 13:29:46 -05:00
Luke Crouch 9586fc61cc fix #2212: responseType:json for got 10.x calls 2021-07-14 12:42:11 -05:00
Luke Crouch 0ab3a5f87c add curl command for breach alert email to README 2021-06-02 12:48:08 -05:00
Luke Crouch 78daf3b67b update .env-dist and README to use FXA stage 2021-02-23 15:56:29 -06:00
Luke Crouch 09fedc8820 add npmrc to strictly enforce node engine before install 2020-11-05 15:53:26 -06:00
Arun Kumar Mohan 7d7ebab857 Update README to include information on creating a test database 2019-07-11 09:04:31 -05:00