From 4a1f2ec8326534c5e764be830aa233962358c88a Mon Sep 17 00:00:00 2001
From: adityababumallisettiHO
<146218064+adityababumallisettiHO@users.noreply.github.com>
Date: Mon, 22 Apr 2024 15:55:31 +0100
Subject: [PATCH 1/2] HOFF-617: Update drone pipeline(#17)
* HOFF-617: Update drone pipeline
* Add Trivy, snyk and Sonar Scanner
* Add Cron Jobs for scanners
* Add vulnerabilities to SNYK Ignore list
---
.drone.yml | 148 ++++++++++++++++++++++++++++++++++++++-
.snyk | 75 ++++++++++++++++++++
Dockerfile | 1 -
package.json | 6 +-
sonar-project.properties | 6 ++
yarn.lock | 131 ++++++++++++++++++++++++++++++++--
6 files changed, 354 insertions(+), 13 deletions(-)
create mode 100644 .snyk
create mode 100644 sonar-project.properties
diff --git a/.drone.yml b/.drone.yml
index c59ec57..de5aa97 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -9,7 +9,7 @@ environment:
BRANCH_ENV: sas-lmr-branch
STG_ENV: sas-lmr-stg
UAT_ENV: sas-lmr-uat
- PRODUCTION_URL: www.home-office-forms-demo.homeoffice.gov.uk
+ PRODUCTION_URL: www.landlords-reporting.homeoffice.gov.uk
IMAGE_URL: quay.io/ukhomeofficedigital
IMAGE_REPO: lmr
GIT_REPO: UKHomeOffice/lmr
@@ -42,6 +42,12 @@ acceptance_tests: &acceptance_tests
pull: if-not-exists
image: mcr.microsoft.com/playwright:v1.12.3-focal
+sonar_scanner: &sonar_scanner
+ pull: if-not-exists
+ image: quay.io/ukhomeofficedigital/sonar-scanner-nodejs:latest
+ commands:
+ - sonar-scanner -Dproject.settings=./sonar-project.properties
+
steps:
- name: clone_repos
image: alpine/git
@@ -89,6 +95,14 @@ steps:
- master
event: push
+ - name: sonar_scanner_deploy
+ <<: *sonar_scanner
+ when:
+ branch:
+ include:
+ - master
+ event: push
+
- name: build_image
image: 340268328991.dkr.ecr.eu-west-2.amazonaws.com/acp/dind
environment:
@@ -118,12 +132,31 @@ steps:
branch: master
event: [push, pull_request]
+ # Trivy Security Scannner
+ - name: scan-image
+ pull: always
+ image: 340268328991.dkr.ecr.eu-west-2.amazonaws.com/acp/trivy/client:latest
+ resources:
+ limits:
+ cpu: 1000
+ memory: 1024Mi
+ environment:
+ IMAGE_NAME: lmr:${DRONE_COMMIT_SHA}
+ SEVERITY: MEDIUM,HIGH,CRITICAL
+ FAIL_ON_DETECTION: false
+ IGNORE_UNFIXED: true
+ ALLOW_CVE_LIST_FILE: hof-services-config/Landlords_Make_A_Report/trivy-cve-exceptions.txt
+ when:
+ event:
+ - pull_request
+ - push
+ - tag
+
# Deploy to pull request UAT environment
- name: deploy_to_branch
pull: if-not-exists
image: quay.io/ukhomeofficedigital/kd:v1.14.0
environment:
- # NOTIFY_STUB: stub
KUBE_SERVER:
from_secret: kube_server_dev
KUBE_TOKEN:
@@ -177,6 +210,33 @@ steps:
branch: master
event: pull_request
+ - name: sonar_scanner_branch
+ <<: *sonar_scanner
+ when:
+ branch:
+ include:
+ - master
+ - feature/*
+ event: pull_request
+
+ # Snyk security scans which run after branch deployment to prevent blocking of PR UAT tests.
+ - name: snyk_scan
+ pull: if-not-exists
+ image: node:lts
+ environment:
+ NOTIFY_STUB: true
+ SNYK_TOKEN:
+ from_secret: snyk_token
+ commands:
+ - yarn run test:snyk
+ when:
+ branch:
+ include:
+ - master
+ - feature/*
+ event: pull_request
+
+# Deploy to master UAT environment
- name: deploy_to_uat
pull: if-not-exists
image: quay.io/ukhomeofficedigital/kd:v1.14.0
@@ -209,6 +269,19 @@ steps:
branch: master
event: push
+ - name: clone_repos_prod
+ image: alpine/git
+ environment:
+ DRONE_GIT_USERNAME:
+ from_secret: drone_git_username
+ DRONE_GIT_TOKEN:
+ from_secret: drone_git_token
+ commands:
+ - git clone https://$${DRONE_GIT_USERNAME}:$${DRONE_GIT_TOKEN}@github.com/UKHomeOfficeForms/hof-services-config.git
+ when:
+ target: PROD
+ event: promote
+
# Tear down pull request UAT environment
- name: tear_down_branch
pull: if-not-exists
@@ -267,6 +340,58 @@ steps:
cron: tear_down_pr_envs
event: cron
+ # # CRON job steps that runs security scans using Snyk & Trivy
+ - name: cron_clone_repos
+ image: alpine/git
+ environment:
+ DRONE_GIT_USERNAME:
+ from_secret: drone_git_username
+ DRONE_GIT_TOKEN:
+ from_secret: drone_git_token
+ commands:
+ - git clone https://$${DRONE_GIT_USERNAME}:$${DRONE_GIT_TOKEN}@github.com/UKHomeOfficeForms/hof-services-config.git
+ when:
+ cron: security_scans
+ event: cron
+
+ - name: cron_build_image
+ image: 340268328991.dkr.ecr.eu-west-2.amazonaws.com/acp/dind
+ commands:
+ - docker build --no-cache -t $${IMAGE_REPO}:$${DRONE_COMMIT_SHA} .
+ volumes:
+ - name: dockersock
+ path: /var/run
+ when:
+ cron: security_scans
+ event: cron
+
+ - name: cron_snyk_scan
+ pull: if-not-exists
+ image: node:lts
+ environment:
+ SNYK_TOKEN:
+ from_secret: snyk_token
+ commands:
+ - yarn install --frozen-lockfile
+ - yarn run postinstall
+ - yarn run test:snyk
+ when:
+ cron: security_scans
+ event: cron
+
+ - name: cron_trivy_scan
+ image: 340268328991.dkr.ecr.eu-west-2.amazonaws.com/acp/trivy/client:latest
+ pull: always
+ environment:
+ IMAGE_NAME: lmr:${DRONE_COMMIT_SHA}
+ SEVERITY: MEDIUM,HIGH,CRITICAL
+ FAIL_ON_DETECTION: false
+ IGNORE_UNFIXED: true
+ ALLOW_CVE_LIST_FILE: hof-services-config/Landlords_Make_A_Report/trivy-cve-exceptions.txt
+ when:
+ cron: security_scans
+ event: cron
+
# Slack notification upon a CRON job fail
- name: cron_notify_slack_tear_down_pr_envs
pull: if-not-exists
@@ -276,7 +401,7 @@ steps:
failure: ignore
icon_url: http://readme.drone.io/0.5/logo_dark.svg
icon.url: http://readme.drone.io/0.5/logo_dark.svg
- template: "CRON Job {{build.deployTo}} of GRO has {{build.status}} - <{{build.link}}|#{{build.number}}> {{#success build.status}}\n :thumbsup: :thumbsup: :thumbsup:\n{{else}}\n :x: :x: :x:\n{{/success}} Author: {{build.author}}\n\nDuration: {{since job.started}}\n\nJob: <{{build.link}}|#{{build.number}}>\n\nCommit: {{build.commit}}\n"
+ template: "CRON Job {{build.deployTo}} of Landlords Make A Report form has {{build.status}} - <{{build.link}}|#{{build.number}}> {{#success build.status}}\n :thumbsup: :thumbsup: :thumbsup:\n{{else}}\n :x: :x: :x:\n{{/success}} Author: {{build.author}}\n\nDuration: {{since job.started}}\n\nJob: <{{build.link}}|#{{build.number}}>\n\nCommit: {{build.commit}}\n"
username: Drone
webhook:
from_secret: slack_webhook
@@ -285,6 +410,23 @@ steps:
event: cron
status: failure
+ - name: cron_notify_slack_security_scans
+ pull: if-not-exists
+ image: plugins/slack
+ settings:
+ channel: sas-build
+ failure: ignore
+ icon_url: http://readme.drone.io/0.5/logo_dark.svg
+ icon.url: http://readme.drone.io/0.5/logo_dark.svg
+ template: "CRON Job {{build.deployTo}} of Landlords Make A Report Form has {{build.status}} - <{{build.link}}|#{{build.number}}> {{#success build.status}}\n :thumbsup: :thumbsup: :thumbsup:\n{{else}}\n :x: :x: :x:\n{{/success}} Author: {{build.author}}\n\nDuration: {{since job.started}}\n\nJob: <{{build.link}}|#{{build.number}}>\n\nCommit: {{build.commit}}\n"
+ username: Drone
+ webhook:
+ from_secret: slack_webhook
+ when:
+ cron: security_scans
+ event: cron
+ status: failure
+
services:
- name: docker
image: 340268328991.dkr.ecr.eu-west-2.amazonaws.com/acp/dind
diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..77146f8
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,75 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.19.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+ SNYK-JS-REQUEST-3361831:
+ - '*':
+ reason: No upgrade or patch available
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-XML2JS-5414874:
+ - '*':
+ reason: No direct upgrade or patch available
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-DICER-2311764:
+ - '*':
+ reason: No upgrade or patch available
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-FILETYPE-2958042:
+ - '*':
+ reason: No upgrade or patch available
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-UNDERSCORE-1080984:
+ - '*':
+ reason: No upgrade or patch available
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-USERAGENT-174737:
+ - '*':
+ reason: No upgrade or patch available
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-AXIOS-6032459:
+ - '*':
+ reason: To be updated to a newer version in hof
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-AXIOS-6124857:
+ - '*':
+ reason: To be updated to a newer version in hof
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-AXIOS-6144788:
+ - '*':
+ reason: To be updated to a newer version in hof
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-FOLLOWREDIRECTS-6141137:
+ - '*':
+ reason: To be updated to a newer version in hof
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-INFLIGHT-6095116:
+ - '*':
+ reason: To be updated to a newer version in hof
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-NODEMAILER-6219989:
+ - '*':
+ reason: To be updated to a newer version in hof
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-TOUGHCOOKIE-5672873:
+ - '*':
+ reason: To be updated to a newer version in hof
+ expires: '2024-11-01T17:02:21.865Z'
+ SNYK-JS-MARKDOWNIT-6483324:
+ - hof > markdown-it:
+ reason: Need to update markdown-it in HOF to version 13.0.2.
+ expires: '2024-07-03T00:00:00.000Z'
+ SNYK-JS-FOLLOWREDIRECTS-6444610:
+ - hof > notifications-node-client > * :
+ reason: No upgrade or patch available
+ expires: '2024-06-21T00:00:00.000Z'
+ - notifications-node-client > axios > follow-redirects:
+ reason: Need to update follow-redirects in HOF to version 1.15.6.
+ expires: '2024-06-21T00:00:00.000Z'
+ SNYK-JS-EXPRESS-6474509:
+ - hof > *:
+ reason: Need to update follow-redirects in HOF to version 1.15.6.
+ expires: '2024-06-21T00:00:00.000Z'
+ - hof > reqres > express:
+ reason: Need to update follow-redirects in HOF to version 1.15.6.
+ expires: '2024-06-21T00:00:00.000Z'
+patch: {}
diff --git a/Dockerfile b/Dockerfile
index ee4f8cd..3e82d1d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,6 @@ FROM node:18-alpine@sha256:2322b1bb3917b313f2e9308395aa5c39d51b91cc92a5d4d5be6d0
USER root
-# Update packages as a result of Anchore security vulnerability checks
RUN apk update && \
apk add --upgrade gnutls binutils nodejs npm apk-tools libjpeg-turbo libcurl libx11 libxml2
diff --git a/package.json b/package.json
index 6dd60ea..2198797 100644
--- a/package.json
+++ b/package.json
@@ -16,6 +16,7 @@
"test:acceptance": "TAGS=\"${TAGS:=@feature}\" npm run test:cucumber",
"test:acceptance_browser": "ACCEPTANCE_WITH_BROWSER=true TAGS=\"${TAGS:=@feature}\" yarn run test:cucumber",
"test:cucumber": "cucumber-js -f @cucumber/pretty-formatter \"test/_features/**/*.feature\" --require test/_features/test.setup.js --require \"test/_features/step_definitions/**/*.js\" --tags $TAGS",
+ "test:snyk": "snyk config set api=SNYK_TOKEN && snyk test",
"build": "hof-build",
"postinstall": "yarn run build"
},
@@ -27,7 +28,7 @@
"jquery": "^3.6.0",
"lodash": "^4.17.21",
"moment": "^2.29.4",
- "notifications-node-client": "^7.0.0",
+ "notifications-node-client": "^8.0.0",
"typeahead-aria": "^1.0.4",
"uuidv4": "^6.2.13"
},
@@ -39,7 +40,8 @@
"eslint-config-hof": "^1.3.1",
"mocha": "^9.2.0",
"nyc": "^15.1.0",
- "playwright": "^1.2.3"
+ "playwright": "^1.2.3",
+ "snyk": "^1.1288.0"
},
"mocha": {
"require": "test/setup.js"
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000..e2598fd
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,6 @@
+sonar.projectKey=Landlords-Make-A-Report
+sonar.projectName=Landlords-Make-A-Report
+sonar.language=js
+sonar.sources=apps
+sonar.tests=test
+sonar.javascript.lcov.reportPaths=coverage/lcov.info
diff --git a/yarn.lock b/yarn.lock
index 9e2fcfd..eaf9d69 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -498,6 +498,45 @@
"@nodelib/fs.scandir" "2.1.5"
fastq "^1.6.0"
+"@sentry-internal/tracing@7.109.0":
+ version "7.109.0"
+ resolved "https://registry.yarnpkg.com/@sentry-internal/tracing/-/tracing-7.109.0.tgz#3effaa132c41a65378fa98146aea61228d528953"
+ integrity sha512-PzK/joC5tCuh2R/PRh+7dp+uuZl7pTsBIjPhVZHMTtb9+ls65WkdZJ1/uKXPouyz8NOo9Xok7aEvEo9seongyw==
+ dependencies:
+ "@sentry/core" "7.109.0"
+ "@sentry/types" "7.109.0"
+ "@sentry/utils" "7.109.0"
+
+"@sentry/core@7.109.0":
+ version "7.109.0"
+ resolved "https://registry.yarnpkg.com/@sentry/core/-/core-7.109.0.tgz#7a02f4af4a676950f6555f552a2a232d4458fcd5"
+ integrity sha512-xwD4U0IlvvlE/x/g/W1I8b4Cfb16SsCMmiEuBf6XxvAa3OfWBxKoqLifb3GyrbxMC4LbIIZCN/SvLlnGJPgszA==
+ dependencies:
+ "@sentry/types" "7.109.0"
+ "@sentry/utils" "7.109.0"
+
+"@sentry/node@^7.36.0":
+ version "7.109.0"
+ resolved "https://registry.yarnpkg.com/@sentry/node/-/node-7.109.0.tgz#dbf152212e42a9b1648ff758ec5bffcb6bb0fa49"
+ integrity sha512-tqMNAES4X/iBl1eZRCmc29p//0id01FBLEiesNo5nk6ECl6/SaGMFAEwu1gsn90h/Bjgr04slwFOS4cR45V2PQ==
+ dependencies:
+ "@sentry-internal/tracing" "7.109.0"
+ "@sentry/core" "7.109.0"
+ "@sentry/types" "7.109.0"
+ "@sentry/utils" "7.109.0"
+
+"@sentry/types@7.109.0":
+ version "7.109.0"
+ resolved "https://registry.yarnpkg.com/@sentry/types/-/types-7.109.0.tgz#d8778358114ed05be734661cc9e1e261f4494947"
+ integrity sha512-egCBnDv3YpVFoNzRLdP0soVrxVLCQ+rovREKJ1sw3rA2/MFH9WJ+DZZexsX89yeAFzy1IFsCp7/dEqudusml6g==
+
+"@sentry/utils@7.109.0":
+ version "7.109.0"
+ resolved "https://registry.yarnpkg.com/@sentry/utils/-/utils-7.109.0.tgz#7078e1400197abc1b0c436679bef980639500a86"
+ integrity sha512-3RjxMOLMBwZ5VSiH84+o/3NY2An4Zldjz0EbfEQNRY9yffRiCPJSQiCJID8EoylCFOh/PAhPimBhqbtWJxX6iw==
+ dependencies:
+ "@sentry/types" "7.109.0"
+
"@sinonjs/commons@^1", "@sinonjs/commons@^1.3.0", "@sinonjs/commons@^1.4.0", "@sinonjs/commons@^1.7.0":
version "1.8.6"
resolved "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz"
@@ -1042,6 +1081,11 @@ body-parser@^1.15.1:
type-is "~1.6.18"
unpipe "1.0.0"
+boolean@^3.0.1:
+ version "3.2.0"
+ resolved "https://registry.yarnpkg.com/boolean/-/boolean-3.2.0.tgz#9e5294af4e98314494cbb17979fa54ca159f116b"
+ integrity sha512-d0II/GO9uf9lfUHH2BQsjxzRJZBdsjgsBiW4BvhWk/3qoKwQFjIDVN19PfX8F2D/r9PCMTtLWjYVCFrpeYUzsw==
+
bowser@2.9.0:
version "2.9.0"
resolved "https://registry.npmjs.org/bowser/-/bowser-2.9.0.tgz"
@@ -1864,6 +1908,11 @@ destroy@1.2.0:
resolved "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz"
integrity sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==
+detect-node@^2.0.4:
+ version "2.1.0"
+ resolved "https://registry.yarnpkg.com/detect-node/-/detect-node-2.1.0.tgz#c9c70775a49c3d03bc2c06d9a73be550f978f8b1"
+ integrity sha512-T0NIuQpnTvFDATNuHN5roPwSBG83rFsuO+MXXH9/3N1eFbn4wcPjttvjMLEPWJ0RGUYgQE7cGgS3tNxbqCGM7g==
+
detective@^5.2.0:
version "5.2.1"
resolved "https://registry.npmjs.org/detective/-/detective-5.2.1.tgz"
@@ -2122,7 +2171,7 @@ es5-ext@^0.10.35, es5-ext@^0.10.50, es5-ext@~0.10.46:
es6-symbol "^3.1.3"
next-tick "^1.1.0"
-es6-error@^4.0.1:
+es6-error@^4.0.1, es6-error@^4.1.1:
version "4.1.1"
resolved "https://registry.npmjs.org/es6-error/-/es6-error-4.1.1.tgz"
integrity sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg==
@@ -2915,6 +2964,18 @@ glob@^7.1.0, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6, glob@^7.2.0:
once "^1.3.0"
path-is-absolute "^1.0.0"
+global-agent@^3.0.0:
+ version "3.0.0"
+ resolved "https://registry.yarnpkg.com/global-agent/-/global-agent-3.0.0.tgz#ae7cd31bd3583b93c5a16437a1afe27cc33a1ab6"
+ integrity sha512-PT6XReJ+D07JvGoxQMkT6qji/jVNfX/h364XHZOWeRzy64sSFr+xJ5OX7LI3b4MPQzdL4H8Y8M0xzPpsVMwA8Q==
+ dependencies:
+ boolean "^3.0.1"
+ es6-error "^4.1.1"
+ matcher "^3.0.0"
+ roarr "^2.15.3"
+ semver "^7.3.2"
+ serialize-error "^7.0.1"
+
globals@^11.1.0:
version "11.12.0"
resolved "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz"
@@ -2927,7 +2988,7 @@ globals@^13.19.0, globals@^13.6.0, globals@^13.9.0:
dependencies:
type-fest "^0.20.2"
-globalthis@^1.0.3:
+globalthis@^1.0.1, globalthis@^1.0.3:
version "1.0.3"
resolved "https://registry.npmjs.org/globalthis/-/globalthis-1.0.3.tgz"
integrity sha512-sFdI5LyBiNTHjRd7cGPWapiHWMOXKyuBNX/cWJ3NfzrZQVa8GI/8cofCl74AOVqq9W5kNmguTIzJ/1s2gyI9wA==
@@ -3736,7 +3797,7 @@ json-stable-stringify-without-jsonify@^1.0.1:
resolved "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz"
integrity sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==
-json-stringify-safe@~5.0.1:
+json-stringify-safe@^5.0.1, json-stringify-safe@~5.0.1:
version "5.0.1"
resolved "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz"
integrity sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==
@@ -4012,6 +4073,13 @@ markdown-it@^12.3.2:
mdurl "^1.0.1"
uc.micro "^1.0.5"
+matcher@^3.0.0:
+ version "3.0.0"
+ resolved "https://registry.yarnpkg.com/matcher/-/matcher-3.0.0.tgz#bd9060f4c5b70aa8041ccc6f80368760994f30ca"
+ integrity sha512-OkeDaAZ/bQCxeFAozM55PKcKU0yJMPGifLwV4Qgjitu+5MoAfSQN4lsLJeXZ1b8w0x+/Emda6MZgXS1jvsapng==
+ dependencies:
+ escape-string-regexp "^4.0.0"
+
md5.js@^1.3.4:
version "1.3.5"
resolved "https://registry.npmjs.org/md5.js/-/md5.js-1.3.5.tgz"
@@ -4338,10 +4406,10 @@ notifications-node-client@^6.0.0:
axios "^0.25.0"
jsonwebtoken "^9.0.0"
-notifications-node-client@^7.0.0:
- version "7.0.6"
- resolved "https://registry.npmjs.org/notifications-node-client/-/notifications-node-client-7.0.6.tgz"
- integrity sha512-qo6eZMGdyaQnj/bkOnPb/d0a0sHIjiBzXlmICLPXYSD4pB3LYa537OhuZGuaFcSnkrM4NzbQhbQHAYX1NnbQgw==
+notifications-node-client@^8.0.0:
+ version "8.0.0"
+ resolved "https://registry.yarnpkg.com/notifications-node-client/-/notifications-node-client-8.0.0.tgz#474dd69c60a91a41f629be145bb6d361ccee63b6"
+ integrity sha512-65BxorFYVFOpJ9c2lud/4Ju+Bfn3L/vkih+FuzMhBw1wcOPjwgu4doVH6xO91fHYiAi/0uIx0Mc+NorXeANMHw==
dependencies:
axios "^1.6.1"
jsonwebtoken "^9.0.0"
@@ -5060,6 +5128,18 @@ rndm@1.2.0:
resolved "https://registry.npmjs.org/rndm/-/rndm-1.2.0.tgz"
integrity sha512-fJhQQI5tLrQvYIYFpOnFinzv9dwmR7hRnUz1XqP3OJ1jIweTNOd6aTO4jwQSgcBSFUB+/KHJxuGneime+FdzOw==
+roarr@^2.15.3:
+ version "2.15.4"
+ resolved "https://registry.yarnpkg.com/roarr/-/roarr-2.15.4.tgz#f5fe795b7b838ccfe35dc608e0282b9eba2e7afd"
+ integrity sha512-CHhPh+UNHD2GTXNYhPWLnU8ONHdI+5DI+4EYIAOaiD63rHeYlZvyh8P+in5999TTSFgUYuKUAjzRI4mdh/p+2A==
+ dependencies:
+ boolean "^3.0.1"
+ detect-node "^2.0.4"
+ globalthis "^1.0.1"
+ json-stringify-safe "^5.0.1"
+ semver-compare "^1.0.0"
+ sprintf-js "^1.1.2"
+
run-parallel@^1.1.9:
version "1.2.0"
resolved "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz"
@@ -5130,6 +5210,11 @@ seed-random@~2.2.0:
resolved "https://registry.npmjs.org/seed-random/-/seed-random-2.2.0.tgz"
integrity sha512-34EQV6AAHQGhoc0tn/96a9Fsi6v2xdqe/dMUwljGRaFOzR3EgRmECvD0O8vi8X+/uQ50LGHfkNu/Eue5TPKZkQ==
+semver-compare@^1.0.0:
+ version "1.0.0"
+ resolved "https://registry.yarnpkg.com/semver-compare/-/semver-compare-1.0.0.tgz#0dee216a1c941ab37e9efb1788f6afc5ff5537fc"
+ integrity sha512-YM3/ITh2MJ5MtzaM429anh+x2jiLVjqILF4m4oyQB18W7Ggea7BfqdH/wGMK7dDiMghv/6WG7znWMwUDzJiXow==
+
semver@^6.0.0, semver@^6.1.0, semver@^6.3.0, semver@^6.3.1:
version "6.3.1"
resolved "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz"
@@ -5142,6 +5227,13 @@ semver@^7.2.1, semver@^7.3.7, semver@^7.5.3, semver@^7.5.4:
dependencies:
lru-cache "^6.0.0"
+semver@^7.3.2:
+ version "7.6.0"
+ resolved "https://registry.yarnpkg.com/semver/-/semver-7.6.0.tgz#1a46a4db4bffcccd97b743b5005c8325f23d4e2d"
+ integrity sha512-EnwXhrlwXMk9gKu5/flx5sv/an57AkRplG3hTK68W7FRDN+k+OWBj65M7719OkA82XLBxrcX0KSHj+X5COhOVg==
+ dependencies:
+ lru-cache "^6.0.0"
+
send@0.18.0:
version "0.18.0"
resolved "https://registry.npmjs.org/send/-/send-0.18.0.tgz"
@@ -5161,6 +5253,13 @@ send@0.18.0:
range-parser "~1.2.1"
statuses "2.0.1"
+serialize-error@^7.0.1:
+ version "7.0.1"
+ resolved "https://registry.yarnpkg.com/serialize-error/-/serialize-error-7.0.1.tgz#f1360b0447f61ffb483ec4157c737fab7d778e18"
+ integrity sha512-8I8TjW5KMOKsZQTvoxjuSIa7foAwPWGOts+6o7sgjz41/qMD9VQHEDxi6PBvK2l0MXUmqZyNpUK+T2tQaaElvw==
+ dependencies:
+ type-fest "^0.13.1"
+
serialize-javascript@6.0.0:
version "6.0.0"
resolved "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.0.tgz"
@@ -5301,6 +5400,14 @@ smtp-connection@2.12.0:
httpntlm "1.6.1"
nodemailer-shared "1.1.0"
+snyk@^1.1288.0:
+ version "1.1288.0"
+ resolved "https://registry.yarnpkg.com/snyk/-/snyk-1.1288.0.tgz#0c8ac0db9ef83fc6a8c52ebb2ee9b073e1f863c2"
+ integrity sha512-IsfjXWVffhuB/UIefM7iqCGVBiLnULv08ax4YBTO/SF/RzIlm8Q92+I2sSwEva8f7kHYNE85Cjn9fg+LlmKUCQ==
+ dependencies:
+ "@sentry/node" "^7.36.0"
+ global-agent "^3.0.0"
+
"source-map-js@>=0.6.2 <2.0.0":
version "1.0.2"
resolved "https://registry.npmjs.org/source-map-js/-/source-map-js-1.0.2.tgz"
@@ -5341,6 +5448,11 @@ spawn-wrap@^2.0.0:
signal-exit "^3.0.2"
which "^2.0.1"
+sprintf-js@^1.1.2:
+ version "1.1.3"
+ resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.1.3.tgz#4914b903a2f8b685d17fdf78a70e917e872e444a"
+ integrity sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==
+
sprintf-js@~1.0.2:
version "1.0.3"
resolved "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz"
@@ -5728,6 +5840,11 @@ type-detect@4.0.8, type-detect@^4.0.0, type-detect@^4.0.8:
resolved "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz"
integrity sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==
+type-fest@^0.13.1:
+ version "0.13.1"
+ resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.13.1.tgz#0172cb5bce80b0bd542ea348db50c7e21834d934"
+ integrity sha512-34R7HTnG0XIJcBSn5XhDd7nNFPRcXYRZrBB2O2jdKqYODldSzBAqzsWoZYYvduky73toYS/ESqxPvkDf/F0XMg==
+
type-fest@^0.20.2:
version "0.20.2"
resolved "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz"
From 7933fdff04644b8500bb3b3086af9dd31bb45151 Mon Sep 17 00:00:00 2001
From: RobertMcCann <79094247+RobertMcCann@users.noreply.github.com>
Date: Mon, 22 Apr 2024 17:10:22 +0100
Subject: [PATCH 2/2] TLF-29-add date accessibility testing was completed (#28)
* add the date accessibility testing was completed to the accessibility statement page
---
apps/lmr/translations/src/en/pages.json | 4 +++-
apps/lmr/views/accessibility.html | 4 ++--
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/apps/lmr/translations/src/en/pages.json b/apps/lmr/translations/src/en/pages.json
index 9c37c52..41ae984 100644
--- a/apps/lmr/translations/src/en/pages.json
+++ b/apps/lmr/translations/src/en/pages.json
@@ -84,6 +84,8 @@
}
},
"accessibility": {
- "header": "Accessibility statement"
+ "header": "Accessibility statement",
+ "preparation-p1": "This statement was prepared on 19 April 2024. It was last reviewed on 19 April 2024.",
+ "preparation-p2": "This website was last tested on 18 March 2024. The test was carried out internally by the Home Office."
}
}
diff --git a/apps/lmr/views/accessibility.html b/apps/lmr/views/accessibility.html
index 1ee011f..fb38341 100644
--- a/apps/lmr/views/accessibility.html
+++ b/apps/lmr/views/accessibility.html
@@ -46,8 +46,8 @@ {{#t}}accessibility.disproportionate-burden-header{{
{{#t}}accessibility.outside-scope-header{{/t}}
{{#t}}accessibility.outside-scope-p1{{/t}}
{{#t}}accessibility.preparation-header{{/t}}
- {{#t}}accessibility.preparation-p1{{/t}}
- {{#t}}accessibility.preparation-p2{{/t}}
+ {{#t}}pages.accessibility.preparation-p1{{/t}}
+ {{#t}}pages.accessibility.preparation-p2{{/t}}
{{#t}}accessibility.preparation-p3{{/t}}
{{/page-content}}
{{/partials-page}}