Merge pull request #172 from contentstack/staging

DX | 28-04-2025 | Release

Author: cs-raj

.github/workflows/policy-scan.yml

@@ -43,4 +43,4 @@ jobs:
           if [ "$license_file_found" = false ]; then
               echo "No license file found. Please add a license file to the repository."
               exit 1
-          fi
+          fi

.gitignore

@@ -12,4 +12,5 @@ tap-html.html
 coverage
 .env
 .dccache
-dist/*
+dist/*
+*.log

.husky/pre-commit

@@ -0,0 +1,69 @@
+#!/usr/bin/env sh
+# Pre-commit hook to run Snyk and Talisman scans, completing both before deciding to commit
+
+# Function to check if a command exists
+command_exists() {
+  command -v "$1" >/dev/null 2>&1
+}
+
+# Check if Snyk is installed
+if ! command_exists snyk; then
+  echo "Error: Snyk is not installed. Please install it and try again."
+  exit 1
+fi
+
+# Check if Talisman is installed
+if ! command_exists talisman; then
+  echo "Error: Talisman is not installed. Please install it and try again."
+  exit 1
+fi
+
+# Allow bypassing the hook with an environment variable
+if [ "$SKIP_HOOK" = "1" ]; then
+  echo "Skipping Snyk and Talisman scans (SKIP_HOOK=1)."
+  exit 0
+fi
+
+# Initialize variables to track scan results
+snyk_failed=false
+talisman_failed=false
+
+# Run Snyk vulnerability scan
+echo "Running Snyk vulnerability scan..."
+snyk test --all-projects > snyk_output.log 2>&1
+snyk_exit_code=$?
+
+if [ $snyk_exit_code -eq 0 ]; then
+  echo "Snyk scan passed: No vulnerabilities found."
+elif [ $snyk_exit_code -eq 1 ]; then
+  echo "Snyk found vulnerabilities. See snyk_output.log for details."
+  snyk_failed=true
+else
+  echo "Snyk scan failed with error (exit code $snyk_exit_code). See snyk_output.log for details."
+  snyk_failed=true
+fi
+
+# Run Talisman secret scan (continues even if Snyk failed)
+echo "Running Talisman secret scan..."
+talisman --githook pre-commit > talisman_output.log 2>&1
+talisman_exit_code=$?
+
+if [ $talisman_exit_code -eq 0 ]; then
+  echo "Talisman scan passed: No secrets found."
+else
+  echo "Talisman scan failed (exit code $talisman_exit_code). See talisman_output.log for details."
+  talisman_failed=true
+fi
+
+# Evaluate results after both scans
+if [ "$snyk_failed" = true ] || [ "$talisman_failed" = true ]; then
+  echo "Commit aborted due to issues found in one or both scans."
+  [ "$snyk_failed" = true ] && echo "- Snyk issues: Check snyk_output.log"
+  [ "$talisman_failed" = true ] && echo "- Talisman issues: Check talisman_output.log"
+  exit 1
+fi
+
+# If both scans pass, allow the commit
+echo "All scans passed. Proceeding with commit.cd ."
+rm -f snyk_output.log talisman_output.log
+exit 0

.talismanrc

@@ -1,12 +1,14 @@
 fileignoreconfig:
-- filename: package-lock.json
-  checksum: ffe61fb2806dc761b2f8e560b3d27aa58ae2fe2bdf5a48f68d80ee0fb74ffdb6
-- filename: src/lib/types.ts
-  checksum: 1eb6d6ec971934d65017dae2f82d6d6ef1cd0e6bfd50f43a9b46f30182307230
-- filename: test/unit/image-transform.spec.ts
-  checksum: 7beabdd07bd35d620668fcd97e1a303b9cbc40170bf3008a376d75ce0895de2a
-- filename: test/utils/mocks.ts
-  checksum: a1cb4b1890a584f1facd30f2a0974c97a66f91417022be79d00516338e244227
-- filename: src/lib/query.ts
-  checksum: c4529069bc974d15c104303c5ae573c9341185a869c612ab07f0ee7f42e8b149
+  - filename: src/lib/types.ts
+    checksum: 1eb6d6ec971934d65017dae2f82d6d6ef1cd0e6bfd50f43a9b46f30182307230
+  - filename: test/unit/image-transform.spec.ts
+    checksum: 7beabdd07bd35d620668fcd97e1a303b9cbc40170bf3008a376d75ce0895de2a
+  - filename: test/utils/mocks.ts
+    checksum: a1cb4b1890a584f1facd30f2a0974c97a66f91417022be79d00516338e244227
+  - filename: src/lib/query.ts
+    checksum: c4529069bc974d15c104303c5ae573c9341185a869c612ab07f0ee7f42e8b149
+  - filename: package-lock.json
+    checksum: 785542a3fd3925cf6d6067b78580a93519e2fd4f552b0edf747aace573f4a372
+  - filename: .husky/pre-commit
+    checksum: 5baabd7d2c391648163f9371f0e5e9484f8fb90fa2284cfc378732ec3192c193
 version: ""

jest.config.ts

@@ -1,49 +1,54 @@
 /* eslint-disable */
 export default {
-  testEnvironment: 'jsdom',
   displayName: 'contentstack-delivery',
   preset: './jest.preset.js',
   transform: {
-    '^.+\\.[tj]s$': ['ts-jest', {
-      tsconfig: '<rootDir>/tsconfig.spec.json',
-    }],
+    "^.+\\.[tj]s$": [
+      "ts-jest",
+      {
+        tsconfig: "<rootDir>/tsconfig.spec.json",
+      },
+    ],
   },
-  moduleFileExtensions: ['ts', 'js', 'html'],
+  moduleFileExtensions: ["ts", "js", "html"],
   collectCoverage: true,
-  coverageDirectory: './reports/contentstack-delivery/coverage/',
-   collectCoverageFrom: [
-    "src/**",
-    "!src/index.ts"
-  ],
+  coverageDirectory: "./reports/contentstack-delivery/coverage/",
+  collectCoverageFrom: ["src/**", "!src/index.ts"],
   coverageThreshold: {
     // global: {
     //   branches: 95,
-    //   functions: 95,
-    //   lines: 95,
-    //   statements: 95
     // }
   },
   reporters: [
-    'default',
+    "default",
+    [
+      "jest-html-reporter",
+      {
+        pageTitle: "API Test Report",
+        outputPath: "reports/sanity.html",
+        includeFailureMsg: true,
+        includeConsoleLog: true,
+      },
+    ],
     [
-      'jest-html-reporters',
+      "jest-html-reporters",
       {
-        publicPath: './reports/contentstack-delivery/html',
-        filename: 'index.html',
+        publicPath: "./reports/contentstack-delivery/html",
+        filename: "index.html",
         expand: true,
       },
     ],
     [
-      'jest-junit',
+      "jest-junit",
       {
-        outputDirectory: 'reports/contentstack-delivery/junit',
-        outputName: 'jest-junit.xml',
-        ancestorSeparator: ' › ',
-        uniqueOutputName: 'false',
-        suiteNameTemplate: '{filepath}',
-        classNameTemplate: '{classname}',
-        titleTemplate: '{title}',
+        outputDirectory: "reports/contentstack-delivery/junit",
+        outputName: "jest-junit.xml",
+        ancestorSeparator: " › ",
+        uniqueOutputName: "false",
+        suiteNameTemplate: "{filepath}",
+        classNameTemplate: "{classname}",
+        titleTemplate: "{title}",
       },
     ],
   ],
-};
+};