@dwp/govuk-casa 8.6.0 → 8.7.0

package/dist/lib/configuration-ingestor.d.ts

@@ -91,9 +91,9 @@ export function validateSessionName(name?: string | undefined): string;
  * Validates and sanitises sessions secure flag.
  *
  * @access private
- * @param {boolean} [secure=false] Session secure flag.
+ * @param {boolean} [secure] Session secure flag.
  * @throws {ReferenceError} For missing value type.
- * @throws {TypeError} For invalid value.
+ * @throws {TypeError} For invalid or missing value.
  * @returns {string} Name.
  */
 export function validateSessionSecure(secure?: boolean | undefined): string;

package/dist/lib/configuration-ingestor.js

@@ -190,12 +190,15 @@ exports.validateSessionName = validateSessionName;
  * Validates and sanitises sessions secure flag.
  *
  * @access private
- * @param {boolean} [secure=false] Session secure flag.
+ * @param {boolean} [secure] Session secure flag.
  * @throws {ReferenceError} For missing value type.
- * @throws {TypeError} For invalid value.
+ * @throws {TypeError} For invalid or missing value.
  * @returns {string} Name.
  */
-function validateSessionSecure(secure = false) {
+function validateSessionSecure(secure) {
+    if (secure === undefined) {
+        throw new Error('Session secure flag must be explicitly defined (session.secure)');
+    }
     if (typeof secure !== 'boolean') {
         throw new TypeError('Session secure flag must be boolean (session.secure)');
     }

package/dist/lib/waypoint-url.d.ts

@@ -11,22 +11,22 @@
  * })
  * @memberof module:@dwp/govuk-casa
  * @param {object} obj Options
- * @param {string} obj.waypoint Waypoint
- * @param {string} obj.mountUrl Mount URL
- * @param {JourneyContext} obj.journeyContext JourneyContext
- * @param {boolean} obj.edit Turn edit mode on or off
- * @param {string} obj.editOrigin Edit mode original URL
- * @param {boolean} obj.skipTo Skip to this waypoint from the current one
- * @param {string} obj.routeName Plan route name; next | prev
+ * @param {string} [obj.waypoint=""] Waypoint
+ * @param {string} [obj.mountUrl="/"] Mount URL
+ * @param {JourneyContext} [obj.journeyContext] JourneyContext
+ * @param {boolean} [obj.edit=false] Turn edit mode on or off
+ * @param {string} [obj.editOrigin] Edit mode original URL
+ * @param {boolean} [obj.skipTo] Skip to this waypoint from the current one
+ * @param {string} [obj.routeName=next] Plan route name; next | prev
  * @returns {string} URL
  */
 export default function waypointUrl({ waypoint, mountUrl, journeyContext, edit, editOrigin, skipTo, routeName, }?: {
-    waypoint: string;
-    mountUrl: string;
-    journeyContext: JourneyContext;
-    edit: boolean;
-    editOrigin: string;
-    skipTo: boolean;
-    routeName: string;
+    waypoint?: string | undefined;
+    mountUrl?: string | undefined;
+    journeyContext?: import("./JourneyContext").default | undefined;
+    edit?: boolean | undefined;
+    editOrigin?: string | undefined;
+    skipTo?: boolean | undefined;
+    routeName?: string | undefined;
 }): string;
 export type JourneyContext = import('./index').JourneyContext;

package/dist/lib/waypoint-url.js

@@ -27,13 +27,13 @@ const sanitiseWaypoint = (w) => w.replace(/[^/a-z0-9_-]/ig, '').replace(/\/+/g,
  * })
  * @memberof module:@dwp/govuk-casa
  * @param {object} obj Options
- * @param {string} obj.waypoint Waypoint
- * @param {string} obj.mountUrl Mount URL
- * @param {JourneyContext} obj.journeyContext JourneyContext
- * @param {boolean} obj.edit Turn edit mode on or off
- * @param {string} obj.editOrigin Edit mode original URL
- * @param {boolean} obj.skipTo Skip to this waypoint from the current one
- * @param {string} obj.routeName Plan route name; next | prev
+ * @param {string} [obj.waypoint=""] Waypoint
+ * @param {string} [obj.mountUrl="/"] Mount URL
+ * @param {JourneyContext} [obj.journeyContext] JourneyContext
+ * @param {boolean} [obj.edit=false] Turn edit mode on or off
+ * @param {string} [obj.editOrigin] Edit mode original URL
+ * @param {boolean} [obj.skipTo] Skip to this waypoint from the current one
+ * @param {string} [obj.routeName=next] Plan route name; next | prev
  * @returns {string} URL
  */
 function waypointUrl({ waypoint = '', mountUrl = '/', journeyContext, edit = false, editOrigin, skipTo, routeName = 'next', } = Object.create(null)) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dwp/govuk-casa",
-  "version": "8.6.0",
+  "version": "8.7.0",
   "description": "A framework for building GOVUK Collect-And-Submit-Applications",
   "repository": {
     "type": "git",
@@ -19,15 +19,21 @@
     "views/**/*"
   ],
   "engines": {
-    "node": ">=14.17.2"
+    "node": "^14.0.0 || ^16.0.0 || ^18.0.0",
+    "npm": "^8.0.0"
   },
   "scripts": {
     "pipeline": "npm run coverage && npm run lint",
+    "coverage": "c8 npm test",
+    "test": "npm run test:unit && npm run test:e2e",
     "test:unit": "mocha './tests/**/*.test.js'",
     "test:e2e": "spiderplan --worker-init ./tests/e2e/worker-init.js --language en ./tests/e2e/personas/**/*.yaml",
-    "test": "npm run test:unit && npm run test:e2e",
+    "test:dast": "spiderplan --worker-init ./tests/e2e/worker-init.js --language en ./tests/e2e/personas/**/traversal.yaml --workers 1 --zap --zap-proxy 'http://localhost:8080/' --zap-target-hostname 'host.docker.internal'",
+    "test:dast:report": "curl -s --header 'X-ZAP-Api-Key: secret' http://localhost:8080/OTHER/core/other/htmlreport > gl-dast-report.html",
+    "test:dast:setup": "docker run --rm --name casa-dast -d -u zap -p 8080:8080 -i owasp/zap2docker-stable zap.sh -daemon -host 0.0.0.0 -port 8080 -config api.addrs.addr.name=\".*\" -config api.addrs.addr.regex=true -config api.key=secret; npm run test:dast:ready-check",
+    "test:dast:ready-check": "while [ \"$(curl -Is -o /dev/null -w %{response_code} http://localhost:8080/)\" -ne \"200\" ]; do sleep 1; echo 'Waiting for ZAP to start ...'; done",
+    "test:dast:teardown": "docker stop casa-dast",
     "lint": "eslint .",
-    "coverage": "c8 npm test",
     "build": "npm run build:prepare && npm run build:sources && npm run build:css-assets",
     "build:prepare": "rm -rf dist/* && mkdir -p dist/assets/js/ && mkdir -p dist/assets/css/",
     "build:sources": "tsc -p tsconfig-cjs.json && ./scripts/fixup.sh",
@@ -47,10 +53,10 @@
     "deepmerge": "4.2.2",
     "express": "4.18.2",
     "express-session": "1.17.3",
-    "govuk-frontend": "4.3.1",
+    "govuk-frontend": "4.4.0",
     "graphlib": "2.1.8",
     "helmet": "6.0.0",
-    "i18next": "22.0.4",
+    "i18next": "22.0.6",
     "i18next-http-middleware": "3.2.1",
     "js-yaml": "4.1.0",
     "lodash": "4.17.21",
@@ -64,35 +70,32 @@
     "@babel/core": "7.20.2",
     "@babel/eslint-parser": "7.19.1",
     "@babel/preset-env": "7.20.2",
-    "@ckeditor/jsdoc-plugins": "31.1.8",
-    "@commitlint/config-conventional": "17.2.0",
-    "@dwp/casa-spiderplan": "2.4.1",
-    "@dwp/casa-spiderplan-a11y-plugin": "0.1.4",
+    "@ckeditor/jsdoc-plugins": "31.1.9",
+    "@commitlint/config-conventional": "17.3.0",
+    "@dwp/casa-spiderplan": "2.5.1",
+    "@dwp/casa-spiderplan-a11y-plugin": "0.1.5",
     "@dwp/casa-spiderplan-zap-plugin": "0.1.1",
     "@dwp/eslint-config-base": "6.0.0",
     "@types/express": "4.17.14",
     "@types/node": "18.11.9",
     "@types/nunjucks": "3.2.1",
-    "babel-eslint": "10.1.0",
     "c8": "7.12.0",
-    "chai": "4.3.6",
+    "chai": "4.3.7",
     "cheerio": "1.0.0-rc.12",
-    "commitlint": "17.2.0",
-    "docdash": "1.2.0",
-    "eslint": "8.26.0",
+    "commitlint": "17.3.0",
+    "docdash": "2.0.0",
+    "eslint": "8.28.0",
     "eslint-plugin-no-unsafe-regex": "1.0.0",
     "eslint-plugin-security": "1.5.0",
     "eslint-plugin-sonarjs": "0.16.0",
     "fast-check": "3.3.0",
-    "husky": "8.0.1",
     "jsdoc": "4.0.0",
     "jsdoc-tsimport-plugin": "1.0.5",
     "mocha": "10.1.0",
-    "sass": "1.56.0",
-    "sinon": "14.0.1",
+    "sass": "1.56.1",
+    "sinon": "14.0.2",
     "sinon-chai": "3.7.0",
-    "standard-version": "9.5.0",
     "supertest": "6.3.1",
-    "typescript": "4.8.4"
+    "typescript": "4.9.3"
   }
 }