chore(deps): updated aws-sdk
chore(deps): remove raven and update @sentry/*
chore(deps): updated mysql deps
chore(deps): updated eslint-plugin-fxa
chore(deps): updated bluebird
chore(deps): updated request
chore(deps): use jest 24.9.0 (same as react-scripts)
chore(deps): update convict
chore(deps): update morgan
chore(deps): update eslint-plugin-jest
chore(deps): update babel-eslint
chore(deps): removed nodemon
chore(deps): update @types/convict
chore(deps): set @types/jest to match jest version
chore(deps): set @babel/core to ^7.9.0
chore(deps): set @babel/preset-env to 7.9.0
chore(deps): update hapi
why, after all these years?
because there's a few annoying cases where the loopback
makes dev harder. When you try to test a flow from a not
local machine, like a tv, mobile device, or a saucelabs
proxy session. With localhost it's easy enough to forward
but loopback not so much
enough is enough
This patch displays all the available geo info from a user's session
token meta data in Support Panel. A new route is added to auth server
to support this feature.
This patch removes the support panel's dependency on SubHub by fetching
a FxA user's subscriptions from the auth server instead. The requests
are authenticated by a shared secret between the support panel and the
auth server.
Because:
* My JS skills were a bit more newbie when I wrote some of this the
first time leading to some copypasta.
* Optional chaining in Typescript 3.7 is slick.
* esModuleInterop has cleaner imports and is recommended.
* We are removing the use of Bluebird everywhere.
This commit:
* Removes some copypasta for more standard JS idioms.
* Updates all the dependencies as well as TypeScript -> 3.7.
* Refactors imports to use esModuleInterop.
* Drops the Bluebird dependency.
Hapi's route security configurations by default set 'DENY' for
X-Frame-Options. The 'frame-ancestors' CSP directive obsoletes the
X-Frame-Options header.
Note that the module/Hapi plugin used to generate the CSP header also
produces default values for other directives; those are _not_ configured
in this patch.
Fixes#2142
Danny Coates
Barry Chen
Ben Bangert
Phil Booth