Merge branch 'staging' into fix/merge-conflicts

Author: harshithad0703

.github/workflows/issues-jira.yml

@@ -0,0 +1,31 @@
+name: Create Jira Ticket for Github Issue
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  issue-jira:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Login to Jira
+        uses: atlassian/gajira-login@master
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+      - name: Create Jira Issue
+        id: create_jira
+        uses: atlassian/gajira-create@master
+        with:
+          project: ${{ secrets.JIRA_PROJECT }}
+          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+          summary: Github | Issue | ${{ github.event.repository.name }} | ${{ github.event.issue.title }}
+          description: |
+            *GitHub Issue:* ${{ github.event.issue.html_url }}
+            
+            *Description:*
+            ${{ github.event.issue.body }}
+          fields: "${{ secrets.ISSUES_JIRA_FIELDS }}"

.github/workflows/jira.yml

@@ -0,0 +1,46 @@
+name: Checks the security policy and configurations
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-policy:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for SECURITY.md policy file
+        run: |
+          if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
+  security-license:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for License file
+        run: |
+          expected_license_files=("LICENSE" "LICENSE.txt" "LICENSE.md" "License.txt")
+          license_file_found=false
+          current_year=$(date +"%Y")
+
+          for license_file in "${expected_license_files[@]}"; do
+              if  [ -f "$license_file" ]; then
+                 license_file_found=true
+                 # check the license file for the current year, if not exists, exit with error
+                  if  ! grep -q "$current_year" "$license_file"; then
+                      echo "License file $license_file does not contain the current year."
+                      exit 2
+                  fi
+                  break
+              fi        
+          done
+
+          if [ "$license_file_found" = false ]; then
+              echo "No license file found. Please add a license file to the repository."
+              exit 1
+          fi

.github/workflows/policy-scan.yml

@@ -0,0 +1,29 @@
+name: Secrets Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-secrets:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: '2'
+          ref: '${{ github.event.pull_request.head.ref }}'
+      - run: |
+          git reset --soft HEAD~1
+      - name: Install Talisman
+        run: |
+          # Download Talisman
+          wget https://github.com/thoughtworks/talisman/releases/download/v1.37.0/talisman_linux_amd64 -O talisman
+
+          # Checksum verification
+          checksum=$(sha256sum ./talisman | awk '{print $1}')
+          if [ "$checksum" != "8e0ae8bb7b160bf10c4fa1448beb04a32a35e63505b3dddff74a092bccaaa7e4" ]; then exit 1; fi  
+
+          # Make it executable
+          chmod +x talisman
+      - name: Run talisman
+        run: |
+          # Run Talisman with the pre-commit hook
+          ./talisman --githook pre-commit

.github/workflows/sast-scan.yml

@@ -1,9 +1,12 @@
 threshold: medium
 fileignoreconfig:
+- filename: .github/workflows/secrets-scan.yml
+  ignore_detectors:
+    - filecontent
 - filename: test/unit/mock/execution-mock.js
   checksum: 89d239d37c9d8d0cdb6ac61553a7d2e2d9115a10207f7c0b387c3565c9cb6564
 - filename: package-lock.json
-  checksum: 0f9b6180aa8b66fdd055ef99f74f269febb07e90bbd64badf1039a4d375850b6
+  checksum: bc3cbd474a69321d97be9557ef74a056b7fab4111869d496b0d0403c1c84b971
 - filename: docdash-template/fixtures/documents/probe.js
   checksum: e841ecf889d0e82367c53c48ee0b3be8bd68d7babf4777a87ced769f29686ac4
 - filename: docdash-template/.travis.yml

.github/workflows/secrets-scan.yml

@@ -1,7 +1,9 @@
 # Changelog
+## [v1.2.8](https://github.com/contentstack/contentstack-marketplace-sdk/tree/v1.2.6) (2024-05-26)
+ - Fix: Added params support to getInstalledApps method for enhanced flexibility
 
-## [v1.3.0](https://github.com/contentstack/contentstack-marketplace-sdk/tree/v1.2.6) (2024-04-28)
- - Enh: Added params support to getInstalledApps method for enhanced flexibility
+## [v1.2.7](https://github.com/contentstack/contentstack-marketplace-sdk/tree/v1.2.6) (2024-05-15)
+ - Fixed base URL path logic in contentstackClient to handle when region and host not provided
 
 ## [v1.2.6](https://github.com/contentstack/contentstack-marketplace-sdk/tree/v1.2.6) (2024-03-03)
  - Update sanity tests

.talismanrc

@@ -31,6 +31,10 @@ export default function contentstackClient ({ http }) {
 
   if (region && region !== Region.NA) {
     baseUrlPath = `https://${region}-api.contentstack.com:443/v3/user-session`
+  } else if (!region && http?.defaults?.host) {
+    baseUrlPath = `https://${http.defaults.host}:443/v3/user-session`
+  } else {
+    baseUrlPath = `https://api.contentstack.io:443/v3/user-session`
   }
 
   function login (requestBody, params = {}) {

CHANGELOG.md

@@ -1,6 +1,6 @@
 {
   "name": "@contentstack/marketplace-sdk",
-  "version": "1.3.0",
+  "version": "1.2.8",
   "description": "The Contentstack Marketplace SDK is used to manage the content of your Contentstack marketplace apps",
   "main": "./dist/node/contentstack-marketplace.js",
   "browser": "./dist/web/contentstack-marketplace.js",

lib/contentstackClient.js

@@ -25,8 +25,16 @@ console.log(`Failed Tests: ${failedTests}`)
 console.log(`Pending Tests: ${pendingTests}`)
 console.log(`Total Duration: ${durationInMinutes}m ${durationInSeconds.toFixed(2)}s`)
 
+const host = process.env.DEFAULTHOST || ''
+let region = 'NA'
+
+const match = host.match(/^([^-]+(?:-[^-]+)*)-api/)
+if (match && match[1]) {
+  region = match[1].toUpperCase()
+}
+
 const slackMessage = `
-*JavaScript Marketplace SDK Report*
+*JavaScript Marketplace SDK Report - ${region}*
 • Total Suites: *${totalSuites}*
 • Total Tests: *${totalTests}*
 • Passed Tests: *${passedTests}*

package-lock.json

@@ -4,11 +4,31 @@ import { expect } from 'chai'
 import { describe, it, beforeEach } from 'mocha'
 import MockAdapter from 'axios-mock-adapter'
 import Region from '../../lib/core/region'
-var host = 'http://localhost/'
+var host = 'localhost'
+
+describe('Region Test ', () => {
+  it('Contentstack Client login success with region NA', done => {
+  var mock = new MockAdapter(axios)
+  axios.defaults.region = Region.NA
+  mock.onPost('https://api.contentstack.io:443/v3/user-session').reply(200, {
+    user: {
+      authtoken: 'Test Auth'
+    }
+  })
+
+  ContentstackClient({ http: axios })
+    .login()
+    .then((response) => {
+      expect(response.user.authtoken).to.be.equal('Test Auth')
+      done()
+    })
+    .catch(done)
+  })
+})
 
 describe('Contentstack Client', () => {
   beforeEach(function () {
-    host = 'http://localhost/'
+    host = 'localhost'
     axios.defaults.host = host
     axios.defaults.adapter = 'http'
   })
@@ -21,7 +41,7 @@ describe('Contentstack Client', () => {
 
   it('Contentstack Client login success', done => {
     var mock = new MockAdapter(axios)
-    mock.onPost('/user-session').reply(200, {
+    mock.onPost('https://localhost:443/v3/user-session').reply(200, {
       user: {
         authtoken: 'Test Auth'
       }
@@ -37,7 +57,7 @@ describe('Contentstack Client', () => {
 
   it('Contentstack Client Logout with Authtoken', done => {
     var mock = new MockAdapter(axios)
-    mock.onDelete('/user-session').reply(200, {
+    mock.onDelete('https://localhost:443/v3/user-session').reply(200, {
       notice: 'You\'ve logged out successfully'
     })
     ContentstackClient({ http: axios })
@@ -51,7 +71,7 @@ describe('Contentstack Client', () => {
 
   it('Contentstack Client Logout', done => {
     var mock = new MockAdapter(axios)
-    mock.onDelete('/user-session').reply(200, {
+    mock.onDelete('https://localhost:443/v3/user-session').reply(200, {
       notice: 'You\'ve logged out successfully'
     })
     axios.defaults.headers = {
@@ -101,20 +121,57 @@ describe('Contentstack Client', () => {
     done()
   })
 
-  it('Contentstack Client login success with region', done => {
-    var mock = new MockAdapter(axios)
-    axios.defaults.region = Region.AZURE_NA
-    mock.onPost('https://azure-na-api.contentstack.com:443/v3/user-session').reply(200, {
-      user: {
-        authtoken: 'Test Auth'
-      }
+  it('Contentstack Client login success with region AZURE-NA', done => {
+  var mock = new MockAdapter(axios)
+  axios.defaults.region = Region.AZURE_NA
+  mock.onPost('https://azure-na-api.contentstack.com:443/v3/user-session').reply(200, {
+    user: {
+      authtoken: 'Test Auth'
+    }
+  })
+
+  ContentstackClient({ http: axios })
+    .login()
+    .then((response) => {
+      expect(response.user.authtoken).to.be.equal('Test Auth')
+      done()
     })
-    ContentstackClient({ http: axios })
-      .login()
-      .then((response) => {
-        expect(response.user.authtoken).to.be.equal('Test Auth')
-        done()
-      })
-      .catch(done)
+    .catch(done)
+  })
+
+  it('Contentstack Client login success with region AZURE-EU', done => {
+  var mock = new MockAdapter(axios)
+  axios.defaults.region = Region.AZURE_EU
+  mock.onPost('https://azure-eu-api.contentstack.com:443/v3/user-session').reply(200, {
+    user: {
+      authtoken: 'Test Auth'
+    }
+  })
+
+  ContentstackClient({ http: axios })
+    .login()
+    .then((response) => {
+      expect(response.user.authtoken).to.be.equal('Test Auth')
+      done()
+    })
+    .catch(done)
+  })
+
+  it('Contentstack Client login success with region GCP-NA', done => {
+  var mock = new MockAdapter(axios)
+  axios.defaults.region = Region.GCP_NA
+  mock.onPost('https://gcp-na-api.contentstack.com:443/v3/user-session').reply(200, {
+    user: {
+      authtoken: 'Test Auth'
+    }
+  })
+
+  ContentstackClient({ http: axios })
+    .login()
+    .then((response) => {
+      expect(response.user.authtoken).to.be.equal('Test Auth')
+      done()
+    })
+    .catch(done)
   })
 })

package.json

@@ -130,22 +130,15 @@ describe('Concurrency queue test', () => {
   })
 
   it('Refresh Token on 401 with 1000 concurrent request', done => {
-    var mock = new MockAdapter(axios)
-    mock.onPost('/user-session').reply(200, {
-      token
-    })
-    const axiosClient = client({
-      baseURL: `${host}:${port}`,
-      authorization: 'Bearer <token_value>',
+   const axiosClient = client({
+    baseURL: `${host}:${port}`,
+    authorization: 'Bearer <token_value>',
       logHandler: logHandlerStub,
       refreshToken: () => {
-        return new Promise((resolve, reject) => {
-          return contentstackClient({ http: axios }).login().then((res) => {
-            resolve({ authorization: res.token })
-          }).catch((error) => {
-            reject(error)
+        return Axios.post(`${host}:${port}/user-session`)
+          .then((res) => {
+            return { authorization: res.data.token }
           })
-        })
       }
     })
     Promise.all(sequence(1003).map(() => axiosClient.axiosInstance.get('/unauthorized')))