Summary:
I found out that when I fixed the nginx caching issue a few weeks ago, the nginx config was deployed but not all hosts using it were restarted, so I manually restarted them and verified that all three pods are now using the "cache-control: -1" settings.
This is a bump to the plugin so we can detect any versions that are older than this, and refresh the page. I never shipped the [previous diff that tells the user to force refresh](https://www.internalfb.com/intern/diff/D21906069/) because I didn't fully understand what was going on, but now I do.
So I'll make a new one to refresh transparently without the user needing to know.
Reviewed By: nikoant
Differential Revision: D22159282
fbshipit-source-id: 0b7a9e21ea3ad04f99b84eedd585985c8aae232c
Summary:
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p>
<blockquote>
<h3>0.1.4 / 2020-06-02</h3>
<ul>
<li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by
Robert McLaughlin)</li>
<li>Change license from MIT to Apache 2.0</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="8efd0cd6e3"><code>8efd0cd</code></a> Bump version to 0.1.4</li>
<li><a href="3dad4ad44a"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li>
<li><a href="4a76c75efb"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li>
<li><a href="44a677a9c0"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li>
<li><a href="f6c50aba0c"><code>f6c50ab</code></a> Let npm reformat package.json</li>
<li><a href="2d211f3705"><code>2d211f3</code></a> Change markdown formatting of docs.</li>
<li><a href="0b620834cc"><code>0b62083</code></a> Update Travis target versions.</li>
<li><a href="729a465307"><code>729a465</code></a> Switch license to Apache 2.0.</li>
<li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li>
</ul>
</details>
<br />
[](https://help.github.com/articles/configuring-automated-security-fixes)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/flipper/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/1228
Reviewed By: mweststrate
Differential Revision: D21927370
Pulled By: nikoant
fbshipit-source-id: 6047bc0a5db1182c03742f459555f0df6bedbaac
Summary:
Upgrade docusaurus version. This one opens all external links in new tabs so you don't need to remember to do that yourself.
In static docs, all external links must do this, so this makes it no longer error prone.
Reviewed By: nikoant
Differential Revision: D21815718
fbshipit-source-id: c89a17daeb2bace3e14e0997e7442abc032aef89
Summary: Upgrade docusaurus plugin to fix a bug with the redirect links
Reviewed By: passy
Differential Revision: D21739692
fbshipit-source-id: cf6dfcb58aad58c88346efd3620c2747947f2542
Summary: 0.1.0 was using the wrong url. Upgrading to 0.1.1 which contains the right one.
Reviewed By: passy
Differential Revision: D21350730
fbshipit-source-id: 9ae7c42935c5d8f1db9a2bd72172a93f45771533
Summary: Adds a docusaurus plugin to direct fb employees to the internal documentation.
Reviewed By: nikoant
Differential Revision: D21348579
fbshipit-source-id: 5093d68a23ec6ba91c6ae94bf7cb0e58fcf3e7ef
Summary:
Implemented json schema for flipper plugin package.json and used it for validation in "flipper-pkg lint" command.
Nice thing about json schema is that it not only allows to validate json, but also can be referenced using "$schema" property in json so IDEs like VSCode can find it and use for code completion, validation and to show properties documentation. I'm going to deploy the schema as a part of documentation website so it can be referenced as https://fbflipper.com/schemas/plugin-package/v2.json.
Also the "$schema" field can be used instead of "specVersion" to determine the specification according to which the plugin is defined. E.g., if specification version 3 would be created, it will be described in schema https://fbflipper.com/schemas/plugin-package/v3.json, etc.
Reviewed By: passy
Differential Revision: D21228294
fbshipit-source-id: f21351e584ef936a7d6b314436448489691f83a6
Summary:
Docusaurus 2 is quite a lot more powerful than docu 1 it turns out.
This should convert the website fully.
* [done] Go through migration guide https://v2.docusaurus.io/docs/migrating-from-v1-to-v2
* [done] Convert landing page html
* [done] Convert all images to img tags
* [done] Convert all .md files to .mdx
* [done] Make sure ui-doc generation and including still works
* [done] Scan every page visually for sanity check
* [done] Make sure footer still works
* [done] Make sure search still works
* [done] Change all links/ to links/index
* [done] Change all links.md to links
* [done] Add some custom css to make the navbar look like the old one and darken the footer.
Reviewed By: passy
Differential Revision: D21158717
fbshipit-source-id: 5f45b711b1b6fd5ece4c5c15c55635c7ebbfb568
Summary:
Another day ending in y, another minimist vulnerability. Bumping
to `1.2.3`.
(Note: this ignores all push blocking failures!)
Reviewed By: cekkaewnumchai
Differential Revision: D20860264
fbshipit-source-id: 569abd7e521efef92cd0b31113e0325493645c2a
Summary:
Got an open security alert for this one.
(Note: this ignores all push blocking failures!)
Reviewed By: cekkaewnumchai
Differential Revision: D20840586
fbshipit-source-id: b57fda5a7c3244c7bf893082896ea8d1ee138493
Summary:
Solves another acorn/minimist sec vuln. Also removed pins which
don't seem to be necessary anymore based on `yarn.lock` output
which seems to just remove them.
Pull Request resolved: https://github.com/facebook/flipper/pull/930
Test Plan: Ran `yarn build` and it still looks fine.
Reviewed By: mweststrate
Differential Revision: D20669831
Pulled By: passy
fbshipit-source-id: 8d82678cfac6304273aaf752b885edac91e0a8eb
Summary:
Long-standing 'security' issue. Doesn't matter for a static
site generator with controlled input, of course, but
we're failing our OSS validation if we just dismiss it.
Reviewed By: cekkaewnumchai
Differential Revision: D18638722
fbshipit-source-id: d8636dee67826c4e453ac0f74cd3dfa8f77ba0dd
Summary:
Got a warning during `yarn start` that the caniuse database
was out of date so I updated it along with the rest.
allow-large-files
Reviewed By: jknoxville
Differential Revision: D17715099
fbshipit-source-id: 8ff705afbaa0f2be272f85e2996d8e32c1f6ab05
Summary:
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
<details>
<summary>Commits</summary>
- [`754f0c2`](754f0c20e1) 1.3.2
- [`90ee1fa`](90ee1fab37) ensure keys are valid when mixing in values
- See full diff in [compare view](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)
</details>
<details>
<summary>Maintainer changes</summary>
This version was pushed to npm by [doowb](https://www.npmjs.com/~doowb), a new releaser for mixin-deep since your current version.
</details>
<br />
[](https://help.github.com/articles/configuring-automated-security-fixes)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/flipper/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/529
Reviewed By: danielbuechele
Differential Revision: D17095288
Pulled By: passy
fbshipit-source-id: 6433300f18828c7e7c117e25821b69c6b6fb5def
Summary: Just a minor version change, no changes expected.
Reviewed By: jknoxville
Differential Revision: D15897958
fbshipit-source-id: b103772159177e47884eb88e47f7b4077f77be03
Summary:
All bumps are within range, so this shouldn't introduce any breaking
changes.
Pull Request resolved: https://github.com/facebook/flipper/pull/419
Reviewed By: danielbuechele
Differential Revision: D15120854
Pulled By: passy
fbshipit-source-id: dee4b52947cb548d13cd4bf625b29e3a643d8fc3
Summary:
Using `react-docgen` to automatically generate docs for our UI components.
React-docgen parses the files in `components/ui` and using comments and flowtypes to generate structured information about the UI components.
For higher-order-components `react-docgen` is not able to get the information. As we are using HOC often as part of emotion's styled-components, I added a custom parser for HOCs. Using babel/parser I am parsing the components and using their doc-comments to generate the structured description.
Then, the description generated by react-docgen and my custom parser is used to generate markdown which is added to the `ui-components.md` file of our docs.
Plus: Added some styling around the documentation of props, mostly table styles.
Reviewed By: jknoxville
Differential Revision: D12896110
fbshipit-source-id: 1337c924c06e10a5d3aa752579428fd2cc7b4743
