botframework-webchat-core 4.14.1 → 4.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.eslintrc.yml +4 -198
- package/.prettierrc.yml +1 -1
- package/lib/actions/setNotification.js +1 -1
- package/lib/createStore.d.ts.map +1 -1
- package/lib/createStore.js +5 -5
- package/lib/index.d.ts +2 -1
- package/lib/index.d.ts.map +1 -1
- package/lib/index.js +10 -2
- package/lib/reducers/notifications.js +21 -14
- package/lib/sagas/connectionStatusToNotificationSaga.js +1 -1
- package/lib/sagas/queueIncomingActivitySaga.js +1 -1
- package/lib/sagas/sendMessageBackToPostActivitySaga.js +1 -1
- package/lib/sagas/sendTypingIndicatorOnSetSendBoxSaga.js +1 -1
- package/lib/sagas/speakActivityAndStartDictateOnIncomingActivityFromOthersSaga.js +1 -1
- package/lib/sagas/startSpeakActivityOnPostActivitySaga.js +1 -1
- package/lib/sagas/stopSpeakingActivityOnInputSaga.js +1 -1
- package/lib/sagas/submitSendBoxSaga.js +1 -1
- package/lib/selectors/combineSelectors.js +7 -2
- package/lib/types/external/DirectLineActivity.d.ts +1 -1
- package/lib/types/external/DirectLineActivity.d.ts.map +1 -1
- package/lib/types/external/DirectLineAnimationCard.d.ts.map +1 -1
- package/lib/types/external/DirectLineAttachment.d.ts.map +1 -1
- package/lib/types/external/DirectLineAudioCard.d.ts.map +1 -1
- package/lib/types/external/DirectLineHeroCard.d.ts.map +1 -1
- package/lib/types/external/DirectLineJSBotConnection.d.ts.map +1 -1
- package/lib/types/external/DirectLineOAuthCard.d.ts.map +1 -1
- package/lib/types/external/DirectLineReceiptCard.d.ts.map +1 -1
- package/lib/types/external/DirectLineSignInCard.d.ts.map +1 -1
- package/lib/types/external/DirectLineSuggestedAction.d.ts.map +1 -1
- package/lib/types/external/DirectLineThumbnailCard.d.ts.map +1 -1
- package/lib/types/external/DirectLineVideoCard.d.ts.map +1 -1
- package/lib/utils/deleteKey.js +2 -3
- package/lib/utils/isForbiddenPropertyName.d.ts +2 -0
- package/lib/utils/isForbiddenPropertyName.d.ts.map +1 -0
- package/lib/utils/isForbiddenPropertyName.js +21 -0
- package/lib/utils/mime-wrapper.js +2 -4
- package/lib/utils/uniqueID.js +1 -1
- package/package.json +6 -13
- package/src/__tests__/detectSlowConnectionSaga.spec.js +1 -1
- package/src/__tests__/observeOnce.spec.js +3 -3
- package/src/actions/setNotification.js +8 -2
- package/src/createStore.ts +4 -4
- package/src/index.ts +2 -0
- package/src/reducers/notifications.js +22 -16
- package/src/sagas/connectionStatusToNotificationSaga.js +1 -1
- package/src/sagas/queueIncomingActivitySaga.js +40 -39
- package/src/sagas/sendMessageBackToPostActivitySaga.js +0 -1
- package/src/sagas/sendTypingIndicatorOnSetSendBoxSaga.js +1 -1
- package/src/sagas/speakActivityAndStartDictateOnIncomingActivityFromOthersSaga.js +1 -1
- package/src/sagas/startSpeakActivityOnPostActivitySaga.js +1 -1
- package/src/sagas/stopSpeakingActivityOnInputSaga.js +1 -1
- package/src/sagas/submitSendBoxSaga.js +1 -1
- package/src/selectors/combineSelectors.js +9 -1
- package/src/types/external/DirectLineActivity.ts +3 -2
- package/src/types/external/DirectLineAnimationCard.ts +0 -1
- package/src/types/external/DirectLineAttachment.ts +0 -1
- package/src/types/external/DirectLineAudioCard.ts +0 -1
- package/src/types/external/DirectLineHeroCard.ts +0 -1
- package/src/types/external/DirectLineJSBotConnection.ts +0 -1
- package/src/types/external/DirectLineOAuthCard.ts +0 -1
- package/src/types/external/DirectLineReceiptCard.ts +0 -1
- package/src/types/external/DirectLineSignInCard.ts +0 -1
- package/src/types/external/DirectLineSuggestedAction.ts +0 -1
- package/src/types/external/DirectLineThumbnailCard.ts +0 -1
- package/src/types/external/DirectLineVideoCard.ts +0 -1
- package/src/utils/dateToLocaleISOString.chatham.spec.js +1 -0
- package/src/utils/dateToLocaleISOString.japan.spec.js +1 -0
- package/src/utils/dateToLocaleISOString.pacific.spec.js +1 -0
- package/src/utils/dateToLocaleISOString.utc.spec.js +2 -0
- package/src/utils/deleteKey.js +1 -3
- package/src/utils/isForbiddenPropertyName.spec.js +6 -0
- package/src/utils/isForbiddenPropertyName.ts +33 -0
- package/src/utils/mime-wrapper.js +1 -2
- package/src/utils/uniqueID.js +1 -6
- package/.eslintignore +0 -9
|
@@ -1,8 +1,16 @@
|
|
|
1
|
+
import isForbiddenPropertyName from '../utils/isForbiddenPropertyName';
|
|
2
|
+
|
|
1
3
|
export default function combineSelectors(selectors) {
|
|
2
4
|
if (Array.isArray(selectors)) {
|
|
3
5
|
return state => selectors.reduce((combinedState, selector) => [...combinedState, selector(state)], []);
|
|
4
6
|
}
|
|
5
7
|
|
|
6
8
|
return state =>
|
|
7
|
-
Object.keys(selectors).reduce(
|
|
9
|
+
Object.keys(selectors).reduce(
|
|
10
|
+
(combinedState, key) =>
|
|
11
|
+
// Mitigated through denylisting.
|
|
12
|
+
// eslint-disable-next-line security/detect-object-injection
|
|
13
|
+
isForbiddenPropertyName(key) ? combinedState : { ...combinedState, [key]: selectors[key](state) },
|
|
14
|
+
{}
|
|
15
|
+
);
|
|
8
16
|
}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
// TODO: [P1] #3953 We should fully type it out.
|
|
2
2
|
|
|
3
|
-
//
|
|
4
|
-
|
|
3
|
+
// Until we fully typed out DirectLineActivity, we need to use "any" here.
|
|
4
|
+
// We only know the DirectLineActivity must be a map, and not other primitive types.
|
|
5
|
+
type DirectLineActivity = Exclude<any, [] | boolean | Function | number | string>;
|
|
5
6
|
|
|
6
7
|
export default DirectLineActivity;
|
|
@@ -6,6 +6,7 @@
|
|
|
6
6
|
import dateToLocaleISOString from './dateToLocaleISOString';
|
|
7
7
|
|
|
8
8
|
test('formatting a time in Chatham Islands timezone', () => {
|
|
9
|
+
// eslint-disable-next-line no-magic-numbers
|
|
9
10
|
const date = new Date(Date.UTC(2000, 0, 1, 0, 12, 34, 567));
|
|
10
11
|
const actual = dateToLocaleISOString(date);
|
|
11
12
|
|
|
@@ -6,6 +6,7 @@
|
|
|
6
6
|
import dateToLocaleISOString from './dateToLocaleISOString';
|
|
7
7
|
|
|
8
8
|
test('formatting a time in Japan timezone', () => {
|
|
9
|
+
// eslint-disable-next-line no-magic-numbers
|
|
9
10
|
const date = new Date(Date.UTC(2000, 0, 1, 0, 12, 34, 567));
|
|
10
11
|
const actual = dateToLocaleISOString(date);
|
|
11
12
|
|
|
@@ -6,6 +6,7 @@
|
|
|
6
6
|
import dateToLocaleISOString from './dateToLocaleISOString';
|
|
7
7
|
|
|
8
8
|
test('formatting a time in Pacific Standard Time timezone', () => {
|
|
9
|
+
// eslint-disable-next-line no-magic-numbers
|
|
9
10
|
const date = new Date(Date.UTC(2000, 0, 1, 0, 12, 34, 567));
|
|
10
11
|
const actual = dateToLocaleISOString(date);
|
|
11
12
|
|
|
@@ -6,6 +6,7 @@
|
|
|
6
6
|
import dateToLocaleISOString from './dateToLocaleISOString';
|
|
7
7
|
|
|
8
8
|
test('formatting a time in UTC timezone', () => {
|
|
9
|
+
// eslint-disable-next-line no-magic-numbers
|
|
9
10
|
const date = new Date(Date.UTC(2000, 0, 1, 0, 12, 34, 567));
|
|
10
11
|
const actual = dateToLocaleISOString(date);
|
|
11
12
|
|
|
@@ -13,6 +14,7 @@ test('formatting a time in UTC timezone', () => {
|
|
|
13
14
|
});
|
|
14
15
|
|
|
15
16
|
test('formatting a time in UTC timezone with zero milliseconds', () => {
|
|
17
|
+
// eslint-disable-next-line no-magic-numbers
|
|
16
18
|
const date = new Date(Date.UTC(2000, 0, 1, 0, 12, 34, 0));
|
|
17
19
|
const actual = dateToLocaleISOString(date);
|
|
18
20
|
|
package/src/utils/deleteKey.js
CHANGED
|
@@ -1,11 +1,9 @@
|
|
|
1
|
-
/* eslint no-unused-vars: ["error", { "varsIgnorePattern": "^deleted$" }] */
|
|
2
|
-
|
|
3
1
|
export default function deleteKey(map, key) {
|
|
4
2
|
if (!map) {
|
|
5
3
|
return map;
|
|
6
4
|
}
|
|
7
5
|
|
|
8
|
-
const { [key]:
|
|
6
|
+
const { [key]: _deleted, ...nextMap } = map;
|
|
9
7
|
|
|
10
8
|
return nextMap;
|
|
11
9
|
}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import isForbiddenPropertyName from './isForbiddenPropertyName';
|
|
2
|
+
|
|
3
|
+
test('should forbid "__proto__"', () => expect(isForbiddenPropertyName('__proto__')).toBeTruthy());
|
|
4
|
+
test('should forbid "constructor"', () => expect(isForbiddenPropertyName('constructor')).toBeTruthy());
|
|
5
|
+
test('should forbid "prototype"', () => expect(isForbiddenPropertyName('prototype')).toBeTruthy());
|
|
6
|
+
test('should not forbid "abc"', () => expect(isForbiddenPropertyName('abc')).toBeFalsy());
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
let FORBIDDEN_PROPERTY_NAMES;
|
|
2
|
+
|
|
3
|
+
function getForbiddenPropertyNames(): string[] {
|
|
4
|
+
return (
|
|
5
|
+
FORBIDDEN_PROPERTY_NAMES ||
|
|
6
|
+
(FORBIDDEN_PROPERTY_NAMES = Object.freeze(
|
|
7
|
+
Array.from(
|
|
8
|
+
new Set([
|
|
9
|
+
// As-of writing, `Object.prototype` includes:
|
|
10
|
+
// __defineGetter__
|
|
11
|
+
// __defineSetter__
|
|
12
|
+
// __lookupGetter__
|
|
13
|
+
// __lookupSetter
|
|
14
|
+
// __proto__
|
|
15
|
+
// constructor
|
|
16
|
+
// hasOwnProperty
|
|
17
|
+
// isPrototypeOf
|
|
18
|
+
// propertyIsEnumerable
|
|
19
|
+
// toLocaleString
|
|
20
|
+
// toString
|
|
21
|
+
// valueOf
|
|
22
|
+
...Object.getOwnPropertyNames(Object.prototype),
|
|
23
|
+
|
|
24
|
+
'prototype'
|
|
25
|
+
])
|
|
26
|
+
)
|
|
27
|
+
))
|
|
28
|
+
);
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
export default function isForbiddenPropertyName(propertyName: string): boolean {
|
|
32
|
+
return getForbiddenPropertyNames().includes(propertyName);
|
|
33
|
+
}
|
package/src/utils/uniqueID.js
CHANGED