Merge branch 'master' into feature/forms

auth0 · Nov 11, 2024 · 238736a · 238736a
2 parents 02bdf7f + fcdfb01
commit 238736a
Show file tree

Hide file tree

Showing 1,169 changed files with 12,491 additions and 4,834 deletions.
diff --git a/.github/actions/rl-scanner/action.yml b/.github/actions/rl-scanner/action.yml
@@ -0,0 +1,71 @@
+name: 'Reversing Labs Scanner'
+description: 'Runs the Reversing Labs scanner on a specified artifact.'
+inputs:
+  artifact-path:
+    description: 'Path to the artifact to be scanned.'
+    required: true
+  version:
+    description: 'Version of the artifact.'
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: '3.10'
+
+    - name: Install Python dependencies
+      shell: bash
+      run: |
+        pip install boto3 requests
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        role-to-assume: ${{ env.PRODSEC_TOOLS_ARN }}
+        aws-region: us-east-1
+        mask-aws-account-id: true
+
+    - name: Install RL Wrapper
+      shell: bash
+      run: |
+        pip install rl-wrapper>=1.0.0 --index-url "https://${{ env.PRODSEC_TOOLS_USER }}:${{ env.PRODSEC_TOOLS_TOKEN }}@a0us.jfrog.io/artifactory/api/pypi/python-local/simple"
+
+    - name: Run RL Scanner
+      shell: bash
+      env:
+        RLSECURE_LICENSE: ${{ env.RLSECURE_LICENSE }}
+        RLSECURE_SITE_KEY: ${{ env.RLSECURE_SITE_KEY }}
+        SIGNAL_HANDLER_TOKEN: ${{ env.SIGNAL_HANDLER_TOKEN }}
+        PYTHONUNBUFFERED: 1
+      run: |
+        if [ ! -f "${{ inputs.artifact-path }}" ]; then
+          echo "Artifact not found: ${{ inputs.artifact-path }}"
+          exit 1
+        fi
+
+        rl-wrapper \
+          --artifact "${{ inputs.artifact-path }}" \
+          --name "${{ github.event.repository.name }}" \
+          --version "${{ inputs.version }}" \
+          --repository "${{ github.repository }}" \
+          --commit "${{ github.sha }}" \
+          --build-env "github_actions" \
+          --suppress_output
+
+        # Check the outcome of the scanner
+        if [ $? -ne 0 ]; then
+          echo "RL Scanner failed."
+          echo "scan-status=failed" >> $GITHUB_ENV
+          exit 1
+        else
+          echo "RL Scanner passed."
+          echo "scan-status=success" >> $GITHUB_ENV
+        fi
+
+outputs:
+  scan-status:
+    description: 'The outcome of the scan process.'
+    value: ${{ env.scan-status }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -15,8 +15,22 @@ permissions:
 ### TODO: Also remove `npm-release` workflow from this repo's .github/workflows folder once the repo is public.
 
 jobs:
+  rl-scanner:
+    uses: ./.github/workflows/rl-secure.yml
+    with:
+      node-version: 18 ## depends if build requires node else we can remove this.
+      artifact-name: 'node-auth0.tgz' ## Will change respective to Repository
+    secrets:
+      RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
+      RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
+      SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
+      PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
+      PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
+      PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
+
   release:
     uses: ./.github/workflows/npm-release.yml
+    needs: rl-scanner
     with:
       node-version: 18
       require-build: true

diff --git a/.github/workflows/rl-secure.yml b/.github/workflows/rl-secure.yml
@@ -0,0 +1,70 @@
+name: RL-Secure Workflow
+
+on:
+  workflow_call:
+    inputs:
+      node-version: ## depends if build requires node else we can remove this.
+        required: true
+        type: string
+      artifact-name:
+        required: true
+        type: string
+    secrets:
+      RLSECURE_LICENSE:
+        required: true
+      RLSECURE_SITE_KEY:
+        required: true
+      SIGNAL_HANDLER_TOKEN:
+        required: true
+      PRODSEC_TOOLS_USER:
+        required: true
+      PRODSEC_TOOLS_TOKEN:
+        required: true
+      PRODSEC_TOOLS_ARN:
+        required: true
+
+jobs:
+  rl-scanner:
+    name: Run Reversing Labs Scanner
+    if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/'))
+    runs-on: ubuntu-latest
+    outputs:
+      scan-status: ${{ steps.rl-scan-conclusion.outcome }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Install dependencies
+        shell: bash
+        run: npm ci --include=dev
+
+      - name: Build
+        shell: bash
+        run: npm run build
+
+      - name: Create tgz build artifact
+        run: |
+          tar -czvf ${{ inputs.artifact-name }} *
+
+      - id: get_version
+        uses: ./.github/actions/get-version
+
+      - name: Run RL Scanner
+        id: rl-scan-conclusion
+        uses: ./.github/actions/rl-scanner
+        with:
+          artifact-path: "$(pwd)/${{ inputs.artifact-name }}"
+          version: "${{ steps.get_version.outputs.version }}"
+        env:
+          RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
+          RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
+          SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
+          PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
+          PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
+          PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
+
+      - name: Output scan result
+        run: echo "scan-status=${{ steps.rl-scan-conclusion.outcome }}" >> $GITHUB_ENV
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -56,10 +56,3 @@ jobs:
       - name: Tests
         shell: bash
         run: npm run test:ci
-
-      - name: Upload coverage
-        if: matrix.node-version == '18.17'
-        uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # [email protected]
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-
diff --git a/.version b/.version
@@ -1 +1 @@
-v4.10.0
+v4.12.0
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,24 @@
 # Change Log
 
+## [v4.12.0](https://github.com/auth0/node-auth0/tree/v4.12.0) (2024-11-07)
+
+[Full Changelog](https://github.com/auth0/node-auth0/compare/v4.11.0...v4.12.0)
+
+**Fixed**
+
+- org cc/patch1 [\#1053](https://github.com/auth0/node-auth0/pull/1053) ([tusharpandey13](https://github.com/tusharpandey13))
+- parameter name change for Organizations for Client Credentials [\#1052](https://github.com/auth0/node-auth0/pull/1052) ([tusharpandey13](https://github.com/tusharpandey13))
+- Remove IGA trigger from e2e test [DXEX-4601] [\#1048](https://github.com/auth0/node-auth0/pull/1048) ([Widcket](https://github.com/Widcket))
+
+## [v4.11.0](https://github.com/auth0/node-auth0/tree/v4.11.0) (2024-11-05)
+
+[Full Changelog](https://github.com/auth0/node-auth0/compare/v4.10.0...v4.11.0)
+
+**Added**
+
+- Fixed missing endpoints for feature Organizations for Client Credentials changes [\#1046](https://github.com/auth0/node-auth0/pull/1046) ([tusharpandey13](https://github.com/tusharpandey13))
+- Creating RL workflow for node-auth0 repo [\#1044](https://github.com/auth0/node-auth0/pull/1044) ([arpit-jn](https://github.com/arpit-jn))
+
 ## [v4.10.0](https://github.com/auth0/node-auth0/tree/v4.10.0) (2024-09-10)
 
 [Full Changelog](https://github.com/auth0/node-auth0/compare/v4.9.0...v4.10.0)

diff --git a/docs/assets/search.js b/docs/assets/search.js