* Add winPropAccessor to security.js, remove other replacers
* Add start of Cypress.resolveWindowReference
* Add regexes for dot and bracket access
* Some security_spec tests pass with new injection
* Add resolveWindowReference unit tests
* Old security_spec now passes with resolveWindowReference
* Inject stub resolveWindowReference so proxy still works outside of Cypress
* wip: rewrite HTML + JS with tokenizer
* Move to using esprima + hyntax to rewrite JS + HTML
* remove comment; oneLine makes the whole thing commented
* Fix tests, apple.com edge case
* wip: add getOrSet
* Revert "wip: add getOrSet"
This reverts commit a5c647c00f.
* release 3.5.0 [skip ci]
* use recast to replace window property accesses
* replace assignments to top properly
* fix yarn.lock
* bump deps
* update integration tests
* remove old security ts?
* fix integration spec
* always ignore js interception failure
* use globalThis instead of window
* add experimentalSourceRewriting flag
* restore regex-writer spec
* fix types
* update config_spec
* add source rewriting spec
* cleanup
* simplify rewriting logic, move rules into rewriter package
* create threaded rewriting tool for non-streaming use
* update @packages/rewriter to use threads for async
* use async rewriting where convenient
* add worker-shim.js
* add performance info to debug logs
* properly handle +=, -=, ...
* add proxy, rewriter to unit-tests stage
* cleanup
* use parse5 to rewrite HTML, strip SRI
* update tests
* reorganization, cleanup
* rewrite ALL parent, top identifiers except in a few cases
* handle many JS edge cases
* ensure parse5@5.1.1 is installed
* update yarn.lock
* update tests
* add debugging, add tests
* add attempted repro for .href issue
* implement source maps + extending inline source maps
* update opts passing in proxy layer
* fix sourcemap naming structure
* update tests to account for sourcemaps
* sourcemap tests
* remote source maps work
* comment
* update rewriter tests
* clean up TODOs in resolveWindowReference
* remove @types/nock
* clean up todos in deferred-source-map-cache
* fix rewriter build script
* fix concatStream import
* bump expectedresultcount
* clean up js-rules
* threading improvements, workaround for Electron segfault
* no visit_spec for now
* fix 6_visit_spec
* update MAX_WORKER_THREADS
* add repro for #3975
* cleanup
* cleanup
* make better use of namedTypes and builders
* get rid of the horrific closureDetectionTernary
ast-types keeps track of scope, so it is unneeded
* fix#3975, #3994
* add x-sourcemap, sourcemap header support
* snap-shot-it 7.9.3
* add deferred-source-map-cache-spec
* add tests
* Throw error in driver if AST rewriting fails
* Fix "location = 'relative-url'"
* fix max recursion depth
* slim down some fixtures
* fix window.location usage
* don't mess with `frames` at all
* no integration tests
* skip testing apple.com for now
* update wording: regex-based vs. ast-based
* skip real-world tests for now
* add some padding to process.exit workaround
* fix resolvers_spec
* fix html-spec
* cleanup
* Update packages/rewriter/lib/js-rules.ts
* Update packages/driver/src/cypress/resolvers.ts
* just import find by itself
* privatize typedefs for Cypress.state, remove .gitignore, remove dead code
Co-authored-by: Ben Kucera <14625260+Bkucera@users.noreply.github.com>
* 6480: Add feature-policy to problematic headers
* 6480: Create new middleware
* 6480: Fix code placement
* 6480: Add integration test
* 6480: Remove header when no directives left
* Detect if NODE_OPTIONS are present in binary; if not, respawn
* Always reset NODE_OPTIONS, even if no ORIGINAL_
Co-authored-by: Andrew Smith <andrew@andrew.codes>
* Exit with correct code # from stub process
* Clean up based on Brian's feedback
* how process.versions is null, i have no idea, but it is
* add repro for invalid header char
* Always pass NODE_OPTIONS with max-http-header-size (#5452)
* cli: set NODE_OPTIONS=--max-http-header-size=1024*1024 on spawn
* electron: remove redundant max-http-header-size
* server: add useCli option to make e2e tests go thru cli
* server: add test for XHR with body > 100kb via CLI
* clean up conditional
* cli: don't pass --max-http-header-size in dev w node < 11.10
* add original_node_options to restore o.g. user node_options
* force no color
* Revert "Use websockets to stub large XHR response bodies instead of hea… (#5525)"
This reverts commit 249db45363.
* fix yarn.lock
* update 4_xhr_spec snapshot
* make 6_visit_spec reproduce invalid header char error
* pass --http-parser=legacy
* still set headers if an ERR_INVALID_CHAR is raised
* add --http-parser=legacy in some more places
* update http_requests_spec
* readd spawn_spec
* improve debug logging
* remove unnecessary changes
* cleanup
* revert yarn.lock to develop
* use cp.spawn, not cp.fork
to work around the Electron patch: 39baf68790/patches/node/refactor_alter_child_process_fork_to_use_execute_script_with.patch
Co-authored-by: Andrew Smith <andrew@andrew.codes>
* Add warning when setting CYPRESS_ENV to non-production value
* Add warning and update error when setting CYPRESS_ENV in config to non-production value
* Update config test/to throw
* we want warning, not throw
* Rename env var to CYPRESS_INTERNAL_ENV + fix warning to actually warn when staging
* update cli snapshot to include new 'info' command
* yarn.lock
* removed the warning from config, is overboard on our own tests 😓
* cleanup from review
Co-authored-by: Gleb Bahmutov <gleb.bahmutov@gmail.com>
- add needed deps in `ui-components` package
- upgrade `@cypress/webpack-preprocessor`
- refactor some eslint code, remove unused eslint scripts
- rename `build-js` scripts to `build-prod` since they'll only need to run when building for prod / checking for tsc errors
* force websockets transport
* wip: ensure ws connections take place thru a known socket
* clean up yesterday's work
* remove dead code (request is undefined)
* update websocket tests
* add websocket tests
* update socket + server specs
* add token auth for file_server
* Fix cy.visit file_server
* restrict non-proxied URLs, serve error on runner URL non-proxied
* add e2e test for server splash page
* fix types
* use clientRoute, fix tests
* only run 6_non_proxied in electron
* use browser.path
* improve empty options type
* add ws assertions in e2e tests
* fix server_spec
* refactor socket whitelisting logic
* update server_spec
* respond to PR feedback
- added tests for non-clientRoute redirecting to clientRoute when not behind proxy
- cleaned up comments
- cleaned up logic in server.coffee
- moved error html to own file
- added unit test for socket whitelist + fixed removal bug
* enable using yarn
* enable lerna and yarn workspaces
No longer can reliably access node_modules via thei node_modules directory; yarn may optimize it via hoisting it up. This meant updating JS tasks that were copying files directly from node_modules directories. In these cases, pulled in a new package to resolve these correctly.
SCSS files remain impacted, but cannot easily import via JS. These paths have been modified, but it feels dangerous and incorrect to reach into a node_module to grab files like this.
Many prebuild steps were removed. I **think** the purpose of `check-deps-pre` is no longer needed, but need to confirm this.
* enabling test-unit script
removal of pretest-unit due to check-deps-pre
* removal of all `check-deps` and `check-deps-pre`
I do not think these are needed anymore
* remove npm run all
Replaced by `lerna run` and `lerna run --scope`
* use yarn in circle CI
appveyor to soon follow
* yarn in appveyor
* remove need for bin-upplaces using bin-up have a dev dependency on some package; mostly mocha. This mocha package will be optimized by yarn workspaces by hoisting it into the root; which is effectively what bin-up usage was mimicing.
* replace npm run with yarn in package files
* replace explict paths to internal packages with yarn bin
* remove unecessary link packages script and references
* properly require package for mocha
* removing yarn test in this package as it was just a proxy for test-*
* yarn test in root now reflects what is run in circle ci
* relax yarn version requirement for circle ci
* @packages/cli is really just cypress
also run test in parallel via `yarn test`; it runs test in all 10 packages
* ensure postinstall is called before prebuild
yarn does not call postinstall when nothing has installed; such is the case when everything has been cached
* vscode config uses yarn
* cannot rely on which node_modules dir a package is in
find the right node_module dir via `resolve-pkg`
* further relax yarn version for OSX build in circle ci
* resolve failing test
Regarding direct access to node_modules
* node version in mac build not sufficient
ignoring check of node/yarn versions when installing
* preinstall script does not exist
I **think** the reason to not install packages' modules (the reason for `--ignore-scripts` may be irrelevant with yarn workspaces managing the packages)
* upgrade mocha that was using --file
`--file` was introduce in >=5
* scope test runs to correct packages
* explictly close connections; otherwise script hangs after tests run
* refactor so npm and npx commads can be created
npx is used to utlize lerna for running across all packages sans cli
* properly resolve socket.io-client node_module
We cannot reach directly into node_modules to grab the socket.io-client file. Furthermore, running it locally will require resolving from a different cwd, the repo root, as opposed to the package's dist directory.
The existence of the file deterimes whether we are building the binary or running locally.
* remove unnecessary arg in vscode debug config
enable debugging in @packages/server to troubleshoot failing test
* another npm command found to be changed to yarn
* properly print colors to terminal
`lerna run` does not appear to print colors to the terminal properly. Changed to leverage `lerna exec`
See https://github.com/lerna/lerna/issues/1168
* add missing test scripts to packages that have partially have them
'test', 'test-unit', 'test-watch', and 'test-debug'
This makes running them from the root easier and enables debugging via IDE on more packages
* properly patch package in yarn workspaces
* another package needing to postinstall
* use existing script over explicit lerna exec
* patches must be copied to dist
* return to building on postinstall
* do not hoist driver's packagesThere are too many places we need driver's packages to not be hoisted when testing. We have *.html files in test with script tags srcing node_modules.
* wait-on is used in circle-ci and needs to be a root dep
No longer hoisted by `@packages/driver`. This previously worked only because it was hoisted. Adding it to root properly.
* update documentation based on new ergonomics
* launcher has unit tests that should be runnable via top level task
* more concise way to run build within cypress scope
* fix for unit test that never seemed to work
`getPathToExample` is really `getPathToExamples`
* bust cache based on yarn.lock changing
* define intra-dependencies among packages
Due to the way we build the binary, all are considered dev dependencies.
* address `jquery.scrollto` mismatched jquery version
Tell yarn to explicitly resolve `jquery@3.1.1` for any dependencies and sub-dependencies. The root issue is that `jquery.scrollto` package specifies jquery as a dependency instead of a peer dependency (which is correct). Its jquery version is set to the `>=1.8` which then resolves to 3.4.1. In doing so, it will patch its jquery instead of ours; meaning that `$.scrollTo` is not defined.
* add/remove deps from renovate
- bin-up is gone in favor of yarn workspaces and lerna from root
- check-deps is gone in favor of `yarn check --integrity`
- lerna added
* few misc yarn lock updates
* hope that this may speed up build binary
installing several of the same dep in >1 package will likely be sped up using yarn due to its machine-wide caching.
* yarn pack prefix version with a `v`
* auto-run `yarn install` when deps become out of date
When switching to a branch with a different set of required deps, running any of the main top level tasks (as seen in the `./CONTRIBUTING.md` guide) will check for deps changes via `yarn check --integrity` and run `yarn` in root if deps are out of sync.
* add clean top level task, remove prebuild
install => build => prebuild => check => install === no good
* address code review to undo formatting changes
* favor default imports over deconstructing imports
* favor @package resolution; pr feedback
* include a specific revision
for some reason, it cannot resolve the original SHA `29dafed297142d3b8a9d8a01842cbdf249a98b72`
using the next closes SHA
* properly cache yarn packagesfollowed guide: https://circleci.com/docs/2.0/yarn/
* lower barrier for contributors to get started
relax node version to be 12.0.0 or higher; will use node version found in `.node-version` in CI
* updates required after merging latest development
was getting type errors when building. recreating the `yarn.lock` file seemed to resolve the issue.
* hidden dep on a specific type version in server
made dep explicit and now it can build.
* update request to patched version
non-breaking changes to request was updated in server, but not everywhere else. It appears that transitive deps were using the 2.88.0 request version instead of the updated one for the server package.
* missing commit from previous commit/merge
* do not force a higher version of yarn than the default on circleci
* exclude e2e.js helper from stop-only command
* trying to bust node_modules cache.https://github.com/yarnpkg/yarn/issues/6412#issuecomment-537787740
* incorrect quotation tick placement
* fix: properly postinstall parse-domain
Do not explicitly script the shell invocation of a dependency's postinstall (parse-domain). The dependency's node_modules may not be where the package thinks they are and are not properly resolved.
It appears that postinstall will automatically be called when installing with yarn.
* run all CI stages
* fix win-appveyor-build.js
* Update CONTRIBUTING.md
Co-Authored-By: Zach Bloomquist <github@chary.us>
* Update CONTRIBUTING.md
Co-Authored-By: Zach Bloomquist <github@chary.us>
* Update CONTRIBUTING.md
Co-Authored-By: Zach Bloomquist <github@chary.us>
* Server package watching a specific test works correctly.
* PR feedback
* Correctly use yarn to pack (to get package size)
* correct size calculation
`yarn pack` does not output the file name like `npm pack` does. Correct this by explictly setting the filename.
* PR feedback
* PR feedback
* update readmes and testing commands from them
* do not include this in default build
* yarn is now installed by default
https://github.com/appveyor/ci/issues/1852
* do not include server in `yarn` auto build
* a few more npm references changed to yarn
* Revert "run all CI stages"
This reverts commit 9256aed99f.
* Update circle.yml
Co-Authored-By: Zach Bloomquist <github@chary.us>
Co-authored-by: Zach Bloomquist <github@chary.us>
* renames
* Refactor proxy into own package, implement middleware pattern
don't need these mocha opts anymore
fix test
no more zunder
READMEs
fix test
* pass request by reference
* fix cors path
* Move replace_stream to proxy, concat-stream util in network
* Pin dependency versions
* Revert addDefaultPort behavior
* Add READMEs for proxy, network
* Update README.md
* eslint --fix
* set to null not undefined
* use delete and bump node types
* import cors from package now
* parse-domain@2.3.4
* proxy package needs common-tags
* move pumpify dep
* load through where it's needed, remove unused passthru_stream
* remove unneeded getbuffer call
Co-authored-by: Gleb Bahmutov <gleb.bahmutov@gmail.com>
