Merge pull request #508 from zoff-music/refactor/audit-fixes

Fixed some audit-issues, and started using prettify
2025-10-29 09:50:24 +00:00 · 2019-07-25 16:48:06 +02:00
parent 9d6a07dbec 1594bafb60
commit d65fa07ce1
11 changed files with 12153 additions and 8559 deletions
--- a/gulpfile.js
+++ b/gulpfile.js
@@ -1,120 +1,198 @@
-var gulp    = require('gulp'),
-	gutil   = require('gulp-util'),
-	uglify  = require('gulp-uglify'),
-    //sourcemaps = require('gulp-sourcemaps'),
-    gutil = require('gulp-util'),
-	concat  = require('gulp-concat'),
-    cssnano = require('gulp-cssnano');
+var gulp = require("gulp"),
+  gutil = require("gulp-util"),
+  uglify = require("gulp-uglify"),
+  //sourcemaps = require('gulp-sourcemaps'),
+  gutil = require("gulp-util"),
+  concat = require("gulp-concat"),
+  cleanCSS = require("gulp-clean-css");

-gulp.task('css', function() {
-    return gulp.src('server/public/assets/css/style.css')
-        .pipe(cssnano({
-            preset: ['default', {
-                discardComments: {
-                    removeAll: true,
-                },
-            }]
-        }))
-        .pipe(gulp.dest('server/public/assets/dist'));
+gulp.task("css", function() {
+  return gulp
+    .src("server/public/assets/css/style.css")
+    .pipe(cleanCSS({ compatibility: "ie8" }))
+    .pipe(gulp.dest("server/public/assets/dist"));
 });

-gulp.task('css-embed', function() {
-    return gulp.src('server/public/assets/css/embed.css')
-        .pipe(cssnano({
-            preset: ['default', {
-                discardComments: {
-                    removeAll: true,
-                },
-            }]
-        }))
-        .pipe(gulp.dest('server/public/assets/dist'));
+gulp.task("css-embed", function() {
+  return gulp
+    .src("server/public/assets/css/embed.css")
+    .pipe(cleanCSS({ compatibility: "ie8" }))
+    .pipe(gulp.dest("server/public/assets/dist"));
 });

-gulp.task('js', function () {
-    return gulp.src(['server/VERSION.js', 'server/config/api_key.js', 'server/public/assets/js/*.js', '!server/public/assets/js/embed*', '!server/public/assets/js/token*', '!server/public/assets/js/remotecontroller.js', '!server/public/assets/js/callback.js'])
-    //.pipe(sourcemaps.init())
-    .pipe(concat('main.min.js'))
-        .pipe(uglify({
-        	mangle: true,
-            compress: true,
-        	enclose: true,
-        }))
-        .on('error', function (err) { gutil.log(gutil.colors.red('[Error]'), err.toString()); })
-        //.pipe(sourcemaps.write('maps'))
-        .pipe(gulp.dest('server/public/assets/dist'));
+gulp.task("js", function() {
+  return (
+    gulp
+      .src([
+        "server/VERSION.js",
+        "server/config/api_key.js",
+        "server/public/assets/js/*.js",
+        "!server/public/assets/js/embed*",
+        "!server/public/assets/js/token*",
+        "!server/public/assets/js/remotecontroller.js",
+        "!server/public/assets/js/callback.js"
+      ])
+      //.pipe(sourcemaps.init())
+      .pipe(concat("main.min.js"))
+      .pipe(
+        uglify({
+          mangle: true,
+          compress: true,
+          enclose: true
+        })
+      )
+      .on("error", function(err) {
+        gutil.log(gutil.colors.red("[Error]"), err.toString());
+      })
+      //.pipe(sourcemaps.write('maps'))
+      .pipe(gulp.dest("server/public/assets/dist"))
+  );
 });

-gulp.task('embed', function () {
-    return gulp.src(['server/VERSION.js', 'server/config/api_key.js', 'server/public/assets/js/player.js', 'server/public/assets/js/functions.js', 'server/public/assets/js/helpers.js', 'server/public/assets/js/playercontrols.js', 'server/public/assets/js/list.js', 'server/public/assets/js/embed.js', '!server/public/assets/js/frontpage*', '!server/public/assets/js/remotecontroller.js', 'server/public/assets/js/hostcontroller.js'])
-    //.pipe(sourcemaps.init())
-    .pipe(concat('embed.min.js'))
-        .pipe(uglify({
-            mangle: true,
-            compress: true,
-            enclose: true
-        }))
-        .on('error', function (err) { gutil.log(gutil.colors.red('[Error]'), err.toString()); })
-        //.pipe(sourcemaps.write('maps'))
-        .pipe(gulp.dest('server/public/assets/dist'));
+gulp.task("embed", function() {
+  return (
+    gulp
+      .src([
+        "server/VERSION.js",
+        "server/config/api_key.js",
+        "server/public/assets/js/player.js",
+        "server/public/assets/js/functions.js",
+        "server/public/assets/js/helpers.js",
+        "server/public/assets/js/playercontrols.js",
+        "server/public/assets/js/list.js",
+        "server/public/assets/js/embed.js",
+        "!server/public/assets/js/frontpage*",
+        "!server/public/assets/js/remotecontroller.js",
+        "server/public/assets/js/hostcontroller.js"
+      ])
+      //.pipe(sourcemaps.init())
+      .pipe(concat("embed.min.js"))
+      .pipe(
+        uglify({
+          mangle: true,
+          compress: true,
+          enclose: true
+        })
+      )
+      .on("error", function(err) {
+        gutil.log(gutil.colors.red("[Error]"), err.toString());
+      })
+      //.pipe(sourcemaps.write('maps'))
+      .pipe(gulp.dest("server/public/assets/dist"))
+  );
 });

-gulp.task('token', function() {
-    return gulp.src(['server/public/assets/js/token*', 'server/public/assets/js/helpers.js'])
-    //.pipe(sourcemaps.init())
-    .pipe(concat('token.min.js'))
-        .pipe(uglify({
-            mangle: true,
-            compress: true,
-            enclose: true
-        }))
-        .on('error', function (err) { gutil.log(gutil.colors.red('[Error]'), err.toString()); })
+gulp.task("token", function() {
+  return (
+    gulp
+      .src([
+        "server/public/assets/js/token*",
+        "server/public/assets/js/helpers.js"
+      ])
+      //.pipe(sourcemaps.init())
+      .pipe(concat("token.min.js"))
+      .pipe(
+        uglify({
+          mangle: true,
+          compress: true,
+          enclose: true
+        })
+      )
+      .on("error", function(err) {
+        gutil.log(gutil.colors.red("[Error]"), err.toString());
+      })

-        //.pipe(sourcemaps.write('maps'))
-        .pipe(gulp.dest('server/public/assets/dist'));
-})
-
-gulp.task('callback', function () {
-    return gulp.src(['server/VERSION.js', 'server/config/api_key.js', 'server/public/assets/js/callback.js'])
-    //.pipe(sourcemaps.init())
-    .pipe(concat('callback.min.js'))
-        .pipe(uglify({
-            mangle: true,
-            compress: true,
-            enclose: true
-        }))
-        .on('error', function (err) { gutil.log(gutil.colors.red('[Error]'), err.toString()); })
-
-        //.pipe(sourcemaps.write('maps'))
-        .pipe(gulp.dest('server/public/assets/dist'));
+      //.pipe(sourcemaps.write('maps'))
+      .pipe(gulp.dest("server/public/assets/dist"))
+  );
 });

-gulp.task('build', done => {
-    gulp.series('css', 'css-embed', 'js', 'embed', 'remotecontroller', 'callback', 'token')();
-    done();
+gulp.task("callback", function() {
+  return (
+    gulp
+      .src([
+        "server/VERSION.js",
+        "server/config/api_key.js",
+        "server/public/assets/js/callback.js"
+      ])
+      //.pipe(sourcemaps.init())
+      .pipe(concat("callback.min.js"))
+      .pipe(
+        uglify({
+          mangle: true,
+          compress: true,
+          enclose: true
+        })
+      )
+      .on("error", function(err) {
+        gutil.log(gutil.colors.red("[Error]"), err.toString());
+      })
+
+      //.pipe(sourcemaps.write('maps'))
+      .pipe(gulp.dest("server/public/assets/dist"))
+  );
 });

-gulp.task('remotecontroller', function () {
-    return gulp.src(['server/VERSION.js', 'server/config/api_key.js', 'server/public/assets/js/remotecontroller.js', 'server/public/assets/js/helpers.js'])
-    ////.pipe(sourcemaps.init())
-    .pipe(concat('remote.min.js'))
-        .pipe(uglify({
-            mangle: true,
-            compress: true,
-            enclose: true
-        }))
-        .on('error', function (err) { gutil.log(gutil.colors.red('[Error]'), err.toString()); })
-
-        //.pipe(sourcemaps.write('maps'))
-        .pipe(gulp.dest('server/public/assets/dist'));
+gulp.task("build", done => {
+  gulp.series(
+    "css",
+    "css-embed",
+    "js",
+    "embed",
+    "remotecontroller",
+    "callback",
+    "token"
+  )();
+  done();
 });

-gulp.task('default', function(){
-    gulp.watch(['server/VERSION.js', 'server/public/assets/js/*.js'], ['js']);
-    gulp.watch(['server/public/assets/css/*.css'], ['css']);
-    gulp.watch(['server/public/assets/css/*.css'], ['css-embed']);
-    gulp.watch(['server/public/assets/js/token*.js', 'server/public/assets/js/helpers.js'], ['token']);
-    gulp.watch(['server/VERSION.js', 'server/public/assets/js/*.js'], ['embed']);
-    gulp.watch(['server/VERSION.js', 'server/public/assets/js/callback.js', 'server/public/assets/js/helpers.js'], ['callback']);
-    //gulp.watch('server/public/assets/js/*.js', ['nochan']);
-    gulp.watch(['server/VERSION.js', 'server/public/assets/js/remotecontroller.js'], ['remotecontroller']);
+gulp.task("remotecontroller", function() {
+  return (
+    gulp
+      .src([
+        "server/VERSION.js",
+        "server/config/api_key.js",
+        "server/public/assets/js/remotecontroller.js",
+        "server/public/assets/js/helpers.js"
+      ])
+      ////.pipe(sourcemaps.init())
+      .pipe(concat("remote.min.js"))
+      .pipe(
+        uglify({
+          mangle: true,
+          compress: true,
+          enclose: true
+        })
+      )
+      .on("error", function(err) {
+        gutil.log(gutil.colors.red("[Error]"), err.toString());
+      })
+
+      //.pipe(sourcemaps.write('maps'))
+      .pipe(gulp.dest("server/public/assets/dist"))
+  );
+});
+
+gulp.task("default", function() {
+  gulp.watch(["server/VERSION.js", "server/public/assets/js/*.js"], ["js"]);
+  gulp.watch(["server/public/assets/css/*.css"], ["css"]);
+  gulp.watch(["server/public/assets/css/*.css"], ["css-embed"]);
+  gulp.watch(
+    ["server/public/assets/js/token*.js", "server/public/assets/js/helpers.js"],
+    ["token"]
+  );
+  gulp.watch(["server/VERSION.js", "server/public/assets/js/*.js"], ["embed"]);
+  gulp.watch(
+    [
+      "server/VERSION.js",
+      "server/public/assets/js/callback.js",
+      "server/public/assets/js/helpers.js"
+    ],
+    ["callback"]
+  );
+  //gulp.watch('server/public/assets/js/*.js', ['nochan']);
+  gulp.watch(
+    ["server/VERSION.js", "server/public/assets/js/remotecontroller.js"],
+    ["remotecontroller"]
+  );
 });
--- a/package-lock.json
+++ b/package-lock.json
@@ -750,6 +750,14 @@
        }
      }
    },
+    "clean-css": {
+      "version": "4.2.1",
+      "resolved": "https://registry.npmjs.org/clean-css/-/clean-css-4.2.1.tgz",
+      "integrity": "sha512-4ZxI6dy4lrY6FHzfiy1aEOXgu4LIsW2MhwG0VBKdcoGoH/XLFgaHSdLTGr4O8Be6A8r3MOphEiI8Gc1n0ecf3g==",
+      "requires": {
+        "source-map": "~0.6.0"
+      }
+    },
    "cliui": {
      "version": "3.2.0",
      "resolved": "https://registry.npmjs.org/cliui/-/cliui-3.2.0.tgz",
@@ -2899,6 +2907,45 @@
        }
      }
    },
+    "gulp-clean-css": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/gulp-clean-css/-/gulp-clean-css-4.2.0.tgz",
+      "integrity": "sha512-r4zQsSOAK2UYUL/ipkAVCTRg/2CLZ2A+oPVORopBximRksJ6qy3EX1KGrIWT4ZrHxz3Hlobb1yyJtqiut7DNjA==",
+      "requires": {
+        "clean-css": "4.2.1",
+        "plugin-error": "1.0.1",
+        "through2": "3.0.1",
+        "vinyl-sourcemaps-apply": "0.2.1"
+      },
+      "dependencies": {
+        "readable-stream": {
+          "version": "3.4.0",
+          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.4.0.tgz",
+          "integrity": "sha512-jItXPLmrSR8jmTRmRWJXCnGJsfy85mB3Wd/uINMXA65yrnFo0cPClFIUWzo2najVNSl+mx7/4W8ttlLWJe99pQ==",
+          "requires": {
+            "inherits": "^2.0.3",
+            "string_decoder": "^1.1.1",
+            "util-deprecate": "^1.0.1"
+          }
+        },
+        "string_decoder": {
+          "version": "1.2.0",
+          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.2.0.tgz",
+          "integrity": "sha512-6YqyX6ZWEYguAxgZzHGL7SsCeGx3V2TtOTqZz1xSTSWnqsbWwbptafNyvf/ACquZUXV3DANr5BDIwNYe1mN42w==",
+          "requires": {
+            "safe-buffer": "~5.1.0"
+          }
+        },
+        "through2": {
+          "version": "3.0.1",
+          "resolved": "https://registry.npmjs.org/through2/-/through2-3.0.1.tgz",
+          "integrity": "sha512-M96dvTalPT3YbYLaKaCuwu+j06D/8Jfib0o/PxbVt6Amhv3dUAtW6rTV1jPgJSBG83I/e04Y6xkVdVhSRhi0ww==",
+          "requires": {
+            "readable-stream": "2 || 3"
+          }
+        }
+      }
+    },
    "gulp-concat": {
      "version": "2.6.1",
      "resolved": "https://registry.npmjs.org/gulp-concat/-/gulp-concat-2.6.1.tgz",
@@ -3850,6 +3897,11 @@
        "strip-bom": "^2.0.0"
      }
    },
+    "lodash": {
+      "version": "4.17.15",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz",
+      "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A=="
+    },
    "lodash._basecopy": {
      "version": "3.0.1",
      "resolved": "https://registry.npmjs.org/lodash._basecopy/-/lodash._basecopy-3.0.1.tgz",
@@ -4150,9 +4202,9 @@
      "integrity": "sha1-3j+YVD2/lggr5IrRoMfNqDYwHc8="
    },
    "mixin-deep": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.1.tgz",
-      "integrity": "sha512-8ZItLHeEgaqEvd5lYBXfm4EZSFCX29Jb9K+lAHhDKzReKBQKj3R+7NOF6tjqYi9t4oI8VUfaWITJQm86wnXGNQ==",
+      "version": "1.3.2",
+      "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz",
+      "integrity": "sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==",
      "dev": true,
      "requires": {
        "for-in": "^1.0.2",
@@ -4324,11 +4376,6 @@
          "resolved": "https://registry.npmjs.org/bson/-/bson-1.1.1.tgz",
          "integrity": "sha512-jCGVYLoYMHDkOsbwJZBCqwMHyH4c+wzgI9hG7Z6SZJRXWr+x58pdIbm2i9a/jFGCkRJqRUr8eoI7lDWa0hTkxg=="
        },
-        "lodash": {
-          "version": "4.17.11",
-          "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz",
-          "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg=="
-        },
        "mongodb": {
          "version": "3.1.13",
          "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.1.13.tgz",
@@ -5835,9 +5882,9 @@
      "dev": true
    },
    "set-value": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.0.tgz",
-      "integrity": "sha512-hw0yxk9GT/Hr5yJEYnHNKYXkIA8mVJgd9ditYZCe16ZczcaELYYcfvaXesNACk2O8O0nTiPQcQhGUQj8JLzeeg==",
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.1.tgz",
+      "integrity": "sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw==",
      "dev": true,
      "requires": {
        "extend-shallow": "^2.0.1",
@@ -6647,38 +6694,15 @@
      "dev": true
    },
    "union-value": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.0.tgz",
-      "integrity": "sha1-XHHDTLW61dzr4+oM0IIHulqhrqQ=",
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.1.tgz",
+      "integrity": "sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg==",
      "dev": true,
      "requires": {
        "arr-union": "^3.1.0",
        "get-value": "^2.0.6",
        "is-extendable": "^0.1.1",
-        "set-value": "^0.4.3"
-      },
-      "dependencies": {
-        "extend-shallow": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz",
-          "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=",
-          "dev": true,
-          "requires": {
-            "is-extendable": "^0.1.0"
-          }
-        },
-        "set-value": {
-          "version": "0.4.3",
-          "resolved": "https://registry.npmjs.org/set-value/-/set-value-0.4.3.tgz",
-          "integrity": "sha1-fbCPnT0i3H945Trzw79GZuzfzPE=",
-          "dev": true,
-          "requires": {
-            "extend-shallow": "^2.0.1",
-            "is-extendable": "^0.1.1",
-            "is-plain-object": "^2.0.1",
-            "to-object-path": "^0.3.0"
-          }
-        }
+        "set-value": "^2.0.1"
      }
    },
    "uniq": {
--- a/package.json
+++ b/package.json
@@ -41,6 +41,7 @@
    "express-recaptcha": "^3.0.1",
    "express-session": "^1.15.6",
    "feature-policy": "^0.2.0",
+    "gulp-clean-css": "^4.2.0",
    "gulp-sourcemaps": "^2.6.5",
    "gulp-uglify-es": "^1.0.4",
    "helmet": "^3.16.0",
--- a/server/handlers/io.js
+++ b/server/handlers/io.js
--- a/server/handlers/list.js
+++ b/server/handlers/list.js
--- a/server/public/assets/js/channel.js
+++ b/server/public/assets/js/channel.js
--- a/server/public/assets/js/frontpage.js
+++ b/server/public/assets/js/frontpage.js
--- a/server/public/assets/js/functions.js
+++ b/server/public/assets/js/functions.js
--- a/server/public/assets/js/list.js
+++ b/server/public/assets/js/list.js
--- a/server/public/assets/js/listeners.js
+++ b/server/public/assets/js/listeners.js
--- a/server/routing/client/api.js
+++ b/server/routing/client/api.js