From b3bb5a8c56d5951345dc976d8d08fe62487ee152 Mon Sep 17 00:00:00 2001 From: Alessia Peviani <32969540+alepev@users.noreply.github.com> Date: Wed, 5 Jul 2023 19:42:10 +0200 Subject: [PATCH 1/3] Add matomo tracking to genetics app (#4) --- apps/genetics/index.html | 3 +- .../public/matomo/get_logged_in_user.js | 24 +++++++++++ apps/genetics/public/matomo/init_matomo.js | 40 +++++++++++++++++++ 3 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 apps/genetics/public/matomo/get_logged_in_user.js create mode 100644 apps/genetics/public/matomo/init_matomo.js diff --git a/apps/genetics/index.html b/apps/genetics/index.html index 0e5539149..ef751f3be 100644 --- a/apps/genetics/index.html +++ b/apps/genetics/index.html @@ -23,7 +23,8 @@ <link rel="icon" type="image/png" href="/favicon.png" /> <link rel="shortcut icon" href="/favicon.png" /> <link rel="manifest" href="/manifest.json" /> - + <script src="/matomo/get_logged_in_user.js"></script> + <script src="/matomo/init_matomo.js"></script> <title>Open Targets Genetics</title> </head> <body> diff --git a/apps/genetics/public/matomo/get_logged_in_user.js b/apps/genetics/public/matomo/get_logged_in_user.js new file mode 100644 index 000000000..162e8e72e --- /dev/null +++ b/apps/genetics/public/matomo/get_logged_in_user.js @@ -0,0 +1,24 @@ +/** +Returns a promise of logged-in user id. +This function assumes response header contains 'user' entry. +*/ +function getLoggedInUser() { + return new Promise(function(resolve, reject) { + var request = new XMLHttpRequest(); + request.onreadystatechange = function() { + if (this.readyState === this.HEADERS_RECEIVED) { + var user = request.getResponseHeader('user'); + if (user != null) { + resolve(user); + } else { + reject(); + } + } + }; + request.onerror = function() { + reject(); + }; + request.open('HEAD', document.location, true); + request.send(null); + }); +} \ No newline at end of file diff --git a/apps/genetics/public/matomo/init_matomo.js b/apps/genetics/public/matomo/init_matomo.js new file mode 100644 index 000000000..fc4786055 --- /dev/null +++ b/apps/genetics/public/matomo/init_matomo.js @@ -0,0 +1,40 @@ +var _paq = window._paq || []; +/* tracker methods like "setCustomDimension" should be called before "trackPageView" */ + +(function() { + function registerUserVisit() { + getLoggedInUser() + .then(function(user) { + _paq.push(['setUserId', user]); + }) + .finally(function() { + _paq.push(['setCustomUrl', window.location.href]); + _paq.push(['setDocumentTitle', window.document.title]); + _paq.push(['trackPageView']); + _paq.push(['enableLinkTracking']); + }); + } + var pushState = history.pushState; + history.pushState = function() { + pushState.apply(history, arguments); + registerUserVisit(); + }; + registerUserVisit(); +})(); + +(function() { + var u = 'DISABLED'; + if (u === 'DISABLED') { + return + } + _paq.push(['setTrackerUrl', u + 'matomo.php']); + _paq.push(['setSiteId', '1']); + var d = document, + g = d.createElement('script'), + s = d.getElementsByTagName('script')[0]; + g.type = 'text/javascript'; + g.async = true; + g.defer = true; + g.src = u + 'matomo.js'; + s.parentNode.insertBefore(g, s); +})(); \ No newline at end of file From ba2527d9dde9ae48a05fa0b73d8f4d4a7d4a82f8 Mon Sep 17 00:00:00 2001 From: Fedde Schaeffer <fedde@thehyve.nl> Date: Wed, 18 Oct 2023 09:11:39 +0200 Subject: [PATCH 2/3] Update the OS of the base image for security A number of unresolved vulnerabilities exist in the buster/oldoldstable Debian release that's the base image of the previous tag. --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 47691c11d..f20d6920b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM node:16 as build +FROM node:16-bookworm as build # make sure app variable is set and valid ARG app="" RUN : "${app:?Missing --build-arg app}" @@ -12,7 +12,7 @@ RUN yarn --network-timeout 100000 RUN yarn build:$app RUN mv ./apps/$app/bundle-$app/ ./bundle/ -FROM node:16 +FROM node:16-bookworm RUN npm install --location=global serve COPY --from=build /tmp/app/bundle/ /var/www/app/ WORKDIR /var/www/app/ From 694831ac58d25f7790895861460b8fda73bf5ab0 Mon Sep 17 00:00:00 2001 From: snyk-bot <snyk-bot@snyk.io> Date: Wed, 6 Dec 2023 21:15:24 +0000 Subject: [PATCH 3/3] fix: packages/config/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 --- packages/config/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/config/package.json b/packages/config/package.json index cdcaeea47..2ca8d8636 100644 --- a/packages/config/package.json +++ b/packages/config/package.json @@ -7,7 +7,7 @@ "eslint-preset.js" ], "dependencies": { - "eslint-config-next": "^12.0.8", + "eslint-config-next": "^13.0.4", "eslint-config-prettier": "^8.3.0", "eslint-plugin-react": "7.28.0" }