strong-error-handler 3.5.0 → 4.0.1

package/.github/ISSUE_TEMPLATE.md

@@ -2,9 +2,6 @@
 Questions:
   https://groups.google.com/forum/#!forum/loopbackjs
   https://gitter.im/strongloop/loopback
-Immediate support:
-  https://strongloop.com/api-connect-faqs/
-  https://strongloop.com/node-js/subscription-plans/
 -->
 
 # Description/Steps to reproduce

package/.github/codeql/codeql-config.yml

@@ -0,0 +1,2 @@
+paths-ignore:
+  - '**/test/**'

package/.github/workflows/codeql-analysis.yml

@@ -0,0 +1,28 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
+  schedule:
+    - cron: '0 13 * * 6'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: 'javascript'
+        config-file: ./.github/codeql/codeql-config.yml
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2

package/.github/workflows/continuous-integration.yml

@@ -0,0 +1,74 @@
+name: Continuous Integration
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
+  schedule:
+    - cron: '0 2 * * 1' # At 02:00 on Monday
+
+env:
+  NODE_OPTIONS: --max-old-space-size=4096
+
+jobs:
+  test:
+    name: Test
+    timeout-minutes: 15
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+        node-version: [10, 12, 14, 16]
+        include:
+          - os: macos-latest
+            node-version: 14 # LTS
+      fail-fast: false
+    runs-on: ${{ matrix.os }}
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node-version }}
+      - name: Bootstrap project
+        run: |
+          npm ci --ignore-scripts
+      - uses: Yuri6037/Action-FakeTTY@v1.1
+      - name: Run tests
+        run: faketty npm test --ignore-scripts
+
+  code-lint:
+    name: Code Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Use Node.js 14
+        uses: actions/setup-node@v3
+        with:
+          node-version: 14
+      - name: Bootstrap project
+        run: |
+          npm ci --ignore-scripts
+      - name: Verify code linting
+        run: npm run lint
+
+  commit-lint:
+    name: Commit Lint
+    runs-on: ubuntu-latest
+    if: ${{ github.event.pull_request }}
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Use Node.js 14
+        uses: actions/setup-node@v3
+        with:
+          node-version: 14
+      - name: Bootstrap project
+        run: |
+          npm ci --ignore-scripts
+      - name: Verify commit linting
+        run: npx commitlint --from origin/master --to HEAD --verbose

package/CHANGES.md

@@ -1,3 +1,101 @@
+2022-11-07, Version 4.0.1
+=========================
+
+ * chore: update dependency mocha to v10 (renovate[bot])
+
+ * chore: update dependency chai to ^4.3.7 (renovate[bot])
+
+ * chore: lock file maintenance (renovate[bot])
+
+ * chore: update dependency eslint to ^8.27.0 (renovate[bot])
+
+ * chore: update dependency eslint to v8 (renovate[bot])
+
+ * chore: update dependency @commitlint/config-conventional to ^17.2.0 (renovate[bot])
+
+ * chore: update dependency supertest to ^6.3.1 (renovate[bot])
+
+ * chore: update dependency express to ^4.18.2 (renovate[bot])
+
+ * chore: update dependency supertest to ^6.3.0 (renovate[bot])
+
+ * chore: update dependency @types/express to ^4.17.14 (renovate[bot])
+
+ * chore: update dependency @commitlint/config-conventional to v17 (renovate[bot])
+
+ * chore: update dependency http-status to ^1.5.3 (renovate[bot])
+
+ * chore: update dependency supertest to ^6.2.4 (renovate[bot])
+
+ * chore: lock file maintenance (Renovate Bot)
+
+ * chore: update dependency ejs to ^3.1.8 (Renovate Bot)
+
+ * chore: update dependency http-status to ^1.5.2 (Renovate Bot)
+
+ * chore: update dependency supertest to ^6.2.3 (Renovate Bot)
+
+ * chore: update dependency @commitlint/config-conventional to ^16.2.4 (Renovate Bot)
+
+ * chore: update github/codeql-action action to v2 (Renovate Bot)
+
+ * chore: update dependency express to ^4.18.1 (Renovate Bot)
+
+ * chore: update dependency ejs to ^3.1.7 (Renovate Bot)
+
+ * chore: update dependency http-status to ^1.5.1 (Renovate Bot)
+
+ * chore: update dependency @commitlint/config-conventional to v16 (Renovate Bot)
+
+ * chore: update actions/setup-node action to v3 (Renovate Bot)
+
+ * chore: update actions/checkout action to v3 (Renovate Bot)
+
+ * chore: update dependency supertest to ^6.2.2 (Renovate Bot)
+
+ * chore: update dependency mocha to ^9.2.2 (Renovate Bot)
+
+ * chore: update dependency fast-safe-stringify to ^2.1.1 (Renovate Bot)
+
+ * chore: update dependency eslint to ^7.32.0 (Renovate Bot)
+
+ * chore: update dependency js2xmlparser to ^4.0.2 (Renovate Bot)
+
+ * chore: update dependency ejs to ^3.1.6 (Renovate Bot)
+
+ * chore: update dependency strong-globalize to ^6.0.5 (Renovate Bot)
+
+ * chore: update dependency http-status to ^1.5.0 (Renovate Bot)
+
+ * chore: update dependency express to ^4.17.3 (Renovate Bot)
+
+ * chore: update dependency debug to ^4.3.4 (Renovate Bot)
+
+ * chore: update dependency accepts to ^1.3.8 (Renovate Bot)
+
+ * chore: update dependency chai to ^4.3.6 (Renovate Bot)
+
+ * ci: add renovate config (Rifa Achrinza)
+
+ * docs: add SECURITY.md (Diana Lau)
+
+ * docs: update coc (Diana Lau)
+
+ * docs: add code of conduct (Diana Lau)
+
+ * feat: update CI pipeline (Rifa Achrinza)
+
+ * chore: move repo to loopbackio org (Diana Lau)
+
+
+2020-10-13, Version 4.0.0
+=========================
+
+ * docs: update LTS versions in README (Miroslav Bajtoš)
+
+ * [SEMVER-MAJOR] Reword log messages for clarity (Miroslav Bajtoš)
+
+
 2020-06-23, Version 3.5.0
 =========================
 

package/CODE_OF_CONDUCT.md

@@ -0,0 +1,178 @@
+# Code of Conduct
+
+LoopBack, as member project of the OpenJS Foundation, use
+[Contributor Covenant v2.0](https://contributor-covenant.org/version/2/0/code_of_conduct)
+as their code of conduct. The full text is included
+[below](#contributor-covenant-code-of-conduct-v2.0) in English, and translations
+are available from the Contributor Covenant organisation:
+
+- [contributor-covenant.org/translations](https://www.contributor-covenant.org/translations)
+- [github.com/ContributorCovenant](https://github.com/ContributorCovenant/contributor_covenant/tree/release/content/version/2/0)
+
+Refer to the sections on reporting and escalation in this document for the
+specific emails that can be used to report and escalate issues.
+
+## Reporting
+
+### Project Spaces
+
+For reporting issues in spaces related to LoopBack, please use the email
+`tsc@loopback.io`. The LoopBack Technical Steering Committee (TSC) handles CoC issues related to the spaces that it
+maintains. The project TSC commits to:
+
+- maintain the confidentiality with regard to the reporter of an incident
+- to participate in the path for escalation as outlined in the section on
+  Escalation when required.
+
+### Foundation Spaces
+
+For reporting issues in spaces managed by the OpenJS Foundation, for example,
+repositories within the OpenJS organization, use the email
+`report@lists.openjsf.org`. The Cross Project Council (CPC) is responsible for
+managing these reports and commits to:
+
+- maintain the confidentiality with regard to the reporter of an incident
+- to participate in the path for escalation as outlined in the section on
+  Escalation when required.
+
+## Escalation
+
+The OpenJS Foundation maintains a Code of Conduct Panel (CoCP). This is a
+foundation-wide team established to manage escalation when a reporter believes
+that a report to a member project or the CPC has not been properly handled. In
+order to escalate to the CoCP send an email to
+`coc-escalation@lists.openjsf.org`.
+
+For more information, refer to the full
+[Code of Conduct governance document](https://github.com/openjs-foundation/cross-project-council/blob/HEAD/CODE_OF_CONDUCT.md).
+
+---
+
+## Contributor Covenant Code of Conduct v2.0
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+- Demonstrating empathy and kindness toward other people
+- Being respectful of differing opinions, viewpoints, and experiences
+- Giving and gracefully accepting constructive feedback
+- Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+- Focusing on what is best not just for us as individuals, but for the overall
+  community
+
+Examples of unacceptable behavior include:
+
+- The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
+- Trolling, insulting or derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or email address,
+  without their explicit permission
+- Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+[tsc@loopback.io](mailto:tsc@loopback.io). All complaints will be reviewed and
+investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of
+actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior, harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at
+https://www.contributor-covenant.org/translations.

package/CONTRIBUTING.md

@@ -0,0 +1,35 @@
+### Contributing ###
+
+Thank you for your interest in `strong-error-handler`, an open source project
+as part of LoopBack.
+
+Contributing to `strong-error-handler` is easy. In a few simple steps:
+
+  * Ensure that your effort is aligned with the project's roadmap by
+    talking to the maintainers, especially if you are going to spend a
+    lot of time on it.
+
+  * Make something better or fix a bug.
+
+  * Adhere to code style outlined in the [Google C++ Style Guide][] and
+    [Google Javascript Style Guide][].
+
+  * Sign the [Developer Certificate of Origin](#developer-certificate-of-origin)
+
+  * Submit a pull request through Github.
+
+
+### Developer Certificate of Origin
+
+This project uses [DCO](https://developercertificate.org/). Be sure to sign off
+your commits using the `-s` flag or adding `Signed-off-By: Name<Email>` in the
+commit message.
+
+**Example**
+
+```
+git commit -s -m "feat: my commit message"
+```
+
+[Google C++ Style Guide]: https://google.github.io/styleguide/cppguide.html
+[Google Javascript Style Guide]: https://google.github.io/styleguide/javascriptguide.xml

package/README.md

@@ -14,11 +14,15 @@ In debug mode, `strong-error-handler` returns full error stack traces and intern
 
 ## Supported versions
 
-| Current | Long Term Support | Maintenance |
-| :-----: | :---------------: | :---------: |
-|   4.x   |        3.x        |     2.x     |
+This module adopts the [Module Long Term Support (LTS)](http://github.com/CloudNativeJS/ModuleLTS) policy, with the following End Of Life (EOL) dates:
 
-Learn more about our LTS plan in [docs](http://loopback.io/doc/en/contrib/Long-term-support.html).
+| Version    | Status          | Published | EOL                  |
+| ---------- | --------------- | --------- | -------------------- |
+| 4.x        | Current         | Oct 2020  | Apr 2023 _(minimum)_ |
+| 3.x        | Active LTS      | Jun 2018  | Dec 2022             |
+| 2.x        | End-of-life     | Mar 2017  | Oct 2020             |
+
+Learn more about our LTS plan in the [LoopBack documentation](http://loopback.io/doc/en/contrib/Long-term-support.html).
 
 ## Installation
 

package/SECURITY.md

@@ -0,0 +1,19 @@
+# Security Policy
+
+## Security advisories
+
+Security advisories can be found on the
+[LoopBack website](https://loopback.io/doc/en/sec/index.html).
+
+## Reporting a vulnerability
+
+If you think you have discovered a new security issue with any LoopBack package,
+**please do not report it on GitHub**. Instead, send an email to
+[security@loopback.io](mailto:security@loopback.io) with the following details:
+
+- Full description of the vulnerability.
+- Steps to reproduce the issue.
+- Possible solutions.
+
+If you are sending us any logs as part of the report, then make sure to redact
+any sensitive data from them.

package/commitlint.config.js

@@ -0,0 +1,20 @@
+// Copyright IBM Corp. 2017,2018. All Rights Reserved.
+// Node module: loopback-next
+// This file is licensed under the MIT License.
+// License text available at https://opensource.org/licenses/MIT
+'use strict';
+
+const isCI = process.env.CI;
+module.exports = {
+  extends: [
+    '@commitlint/config-conventional',
+  ],
+  rules: {
+    'header-max-length': [2, 'always', 100],
+    'body-leading-blank': [2, 'always'],
+    'footer-leading-blank': [0, 'always'],
+    // Only enforce the rule if CI flag is not set. This is useful for release
+    // commits to skip DCO
+    'signed-off-by': [isCI ? 0 : 2, 'always', 'Signed-off-by:'],
+  },
+};

package/lib/logger.js

@@ -10,12 +10,12 @@ const g = require('strong-globalize')();
 
 module.exports = function logToConsole(req, err) {
   if (!Array.isArray(err)) {
-    g.error('Unhandled error for request %s %s: %s',
+    g.error('Request %s %s failed: %s',
       req.method, req.url, err.stack || err);
     return;
   }
 
-  const errMsg = g.f('Unhandled array of errors for request %s %s\n',
+  const errMsg = g.f('Request %s %s failed with multiple errors:\n',
     req.method, req.url);
   const errors = err.map(formatError).join('\n');
   console.error(errMsg, errors);

package/package.json

@@ -2,13 +2,13 @@
   "name": "strong-error-handler",
   "description": "Error handler for use in development and production environments.",
   "license": "MIT",
-  "version": "3.5.0",
+  "version": "4.0.1",
   "engines": {
     "node": ">=10"
   },
   "repository": {
     "type": "git",
-    "url": "https://github.com/strongloop/strong-error-handler.git"
+    "url": "https://github.com/loopbackio/strong-error-handler.git"
   },
   "main": "lib/handler.js",
   "scripts": {
@@ -17,30 +17,26 @@
     "posttest": "npm run lint"
   },
   "dependencies": {
-    "@types/express": "^4.16.0",
-    "accepts": "^1.3.3",
-    "debug": "^4.1.1",
-    "ejs": "^3.1.3",
-    "fast-safe-stringify": "^2.0.6",
-    "http-status": "^1.1.2",
-    "js2xmlparser": "^4.0.0",
-    "strong-globalize": "^6.0.1"
+    "accepts": "^1.3.8",
+    "debug": "^4.3.4",
+    "ejs": "^3.1.8",
+    "fast-safe-stringify": "^2.1.1",
+    "http-status": "^1.5.3",
+    "js2xmlparser": "^4.0.2",
+    "strong-globalize": "^6.0.5"
   },
   "devDependencies": {
-    "chai": "^4.1.2",
-    "eslint": "^7.0.0",
+    "@commitlint/config-conventional": "^17.2.0",
+    "@types/express": "^4.17.14",
+    "chai": "^4.3.7",
+    "eslint": "^8.27.0",
     "eslint-config-loopback": "^13.1.0",
-    "express": "^4.16.3",
-    "mocha": "^7.1.2",
-    "supertest": "^4.0.2"
+    "express": "^4.18.2",
+    "mocha": "^10.1.0",
+    "supertest": "^6.3.1"
   },
   "browser": {
     "strong-error-handler": false
   },
-  "ci": {
-    "downstreamIgnoreList": [
-      "dashboard-controller"
-    ]
-  },
   "author": "IBM Corp."
 }

package/renovate.json

@@ -0,0 +1,5 @@
+{
+  "extends": [
+    "github>loopbackio/cicd//shared-configs/renovate/base"
+  ]
+}