From 52f91a4c851d9b0e618ce0bb8c96863fba85065c Mon Sep 17 00:00:00 2001 From: Aravind Kumar Date: Mon, 8 Sep 2025 19:30:39 +0530 Subject: [PATCH 1/5] Delete secrets-scan.yml --- .github/workflows/secrets-scan.yml | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 .github/workflows/secrets-scan.yml diff --git a/.github/workflows/secrets-scan.yml b/.github/workflows/secrets-scan.yml deleted file mode 100644 index 049c02f4..00000000 --- a/.github/workflows/secrets-scan.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: Secrets Scan -on: - pull_request: - types: [opened, synchronize, reopened] -jobs: - security-secrets: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: '2' - ref: '${{ github.event.pull_request.head.ref }}' - - run: | - git reset --soft HEAD~1 - - name: Install Talisman - run: | - # Download Talisman - wget https://github.com/thoughtworks/talisman/releases/download/v1.37.0/talisman_linux_amd64 -O talisman - - # Checksum verification - checksum=$(sha256sum ./talisman | awk '{print $1}') - if [ "$checksum" != "8e0ae8bb7b160bf10c4fa1448beb04a32a35e63505b3dddff74a092bccaaa7e4" ]; then exit 1; fi - - # Make it executable - chmod +x talisman - - name: Run talisman - run: | - # Run Talisman with the pre-commit hook - ./talisman --githook pre-commit \ No newline at end of file From 1b89e20fab643f51abe0b5edd4dec357622fce92 Mon Sep 17 00:00:00 2001 From: Aravind Kumar Date: Mon, 8 Sep 2025 19:30:43 +0530 Subject: [PATCH 2/5] Updated codeowners --- CODEOWNERS | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 1be7e0dc..7f7f9356 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1 +1,11 @@ -* @contentstack/security-admin +* @contentstack/ghost-pr-reviewers + +.github/workflows/sca-scan.yml @contentstack/security-admin + +.github/workflows/codeql-anaylsis.yml @contentstack/security-admin + +**/.snyk @contentstack/security-admin + +.github/workflows/policy-scan.yml @contentstack/security-admin + +.github/workflows/issues-jira.yml @contentstack/security-admin From b78db513ce62e657c7ca9b4c343b6742a47e293e Mon Sep 17 00:00:00 2001 From: Mridul Sharma Date: Tue, 16 Sep 2025 11:20:21 +0530 Subject: [PATCH 3/5] fix: new tab ssr params issue fix --- .../eventManager/postMessageEvent.hooks.ts | 54 ++++++++++++------- 1 file changed, 36 insertions(+), 18 deletions(-) diff --git a/src/livePreview/eventManager/postMessageEvent.hooks.ts b/src/livePreview/eventManager/postMessageEvent.hooks.ts index a0e3b9f9..602f9293 100644 --- a/src/livePreview/eventManager/postMessageEvent.hooks.ts +++ b/src/livePreview/eventManager/postMessageEvent.hooks.ts @@ -50,7 +50,7 @@ export function useOnEntryUpdatePostMessageEvent(): void { LIVE_PREVIEW_POST_MESSAGE_EVENTS.ON_CHANGE, (event) => { try { - const { ssr, onChange } = Config.get(); + const { ssr, onChange, stackDetails } = Config.get(); const event_type = event.data._metadata?.event_type; setConfigFromParams({ live_preview: event.data.hash, @@ -59,41 +59,57 @@ export function useOnEntryUpdatePostMessageEvent(): void { // This section will run when there is a change in the entry and the website is CSR if (!ssr && !event_type) { onChange(); - } + } - if(isOpeningInNewTab()) { - if(!window) { + if (isOpeningInNewTab()) { + if (!window) { PublicLogger.error("window is not defined"); return; }; - - // This section will run when there is a change in the entry and the website is SSR - if(ssr && !event_type) { - if(window.location.href.includes("live_preview")) { + + if (ssr && !event_type) { + const url = new URL(window.location.href); + let live_preview = url.searchParams.get("live_preview"); + let content_type_uid = url.searchParams.get("content_type_uid"); + let entry_uid = url.searchParams.get("entry_uid"); + + if (live_preview && content_type_uid && entry_uid) { + // All required params are present, just reload window.location.reload(); } else { - const url = new URL(window.location.href); - url.searchParams.set("live_preview", event.data.hash); - url.searchParams.set("content_type_uid", Config.get().stackDetails.contentTypeUid || ""); - url.searchParams.set("entry_uid", Config.get().stackDetails.entryUid || ""); + live_preview = event.data.hash; + content_type_uid = event.data.content_type_uid || stackDetails.$contentTypeUid?.toString() || ""; + entry_uid = event.data.entry_uid || stackDetails.$entryUid?.toString() || ""; + // Set missing params and redirect + url.searchParams.set("live_preview", live_preview); + if (content_type_uid) { + url.searchParams.set( + "content_type_uid", + content_type_uid + ); + } + if (entry_uid) { + url.searchParams.set( + "entry_uid", + entry_uid + ); + } window.location.href = url.toString(); } } - + // This section will run when the hash changes and the website is SSR or CSR - if(event_type === OnChangeLivePreviewPostMessageEventTypes.HASH_CHANGE){ + if (event_type === OnChangeLivePreviewPostMessageEventTypes.HASH_CHANGE) { const newUrl = new URL(window.location.href); newUrl.searchParams.set("live_preview", event.data.hash); window.history.pushState({}, "", newUrl.toString()); } - + // This section will run when the URL of the page changes - if(event_type === OnChangeLivePreviewPostMessageEventTypes.URL_CHANGE && event.data.url){ + if (event_type === OnChangeLivePreviewPostMessageEventTypes.URL_CHANGE && event.data.url) { window.location.href = event.data.url; } } - - } catch (error) { PublicLogger.error("Error handling live preview update:", error); return; @@ -130,6 +146,8 @@ export function sendInitializeLivePreviewPostMessageEvent(): void { if (contentTypeUid && entryUid) { // TODO: we should not use this function. Instead we should have sideEffect run automatically when we set the config. + console.log("setConfigFromParams", contentTypeUid, entryUid); + // setConfigFromParams(`?content_type_uid=${contentTypeUid}&entry_uid=${entryUid}`); setConfigFromParams({ content_type_uid: contentTypeUid, entry_uid: entryUid, From f3c6abcffa822e224f6bd6a95bb6d7f99e12e3e0 Mon Sep 17 00:00:00 2001 From: Mridul Sharma Date: Tue, 16 Sep 2025 11:33:52 +0530 Subject: [PATCH 4/5] test: updated new tab test for ssr reload --- .../eventManager/__test__/postMessageEvent.hooks.test.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/livePreview/eventManager/__test__/postMessageEvent.hooks.test.ts b/src/livePreview/eventManager/__test__/postMessageEvent.hooks.test.ts index c7be3b50..18f9dd70 100644 --- a/src/livePreview/eventManager/__test__/postMessageEvent.hooks.test.ts +++ b/src/livePreview/eventManager/__test__/postMessageEvent.hooks.test.ts @@ -159,9 +159,9 @@ describe("postMessageEvent.hooks", () => { (Config.get as any).mockReturnValue(mockConfig); }); - it("should reload window when ssr is true and no event_type", () => { - // Set URL to include live_preview parameter so reload path is taken - mockWindow.location.href = "https://example.com?live_preview=old-hash"; + it("should reload window when ssr is true and no event_type and all params present", () => { + // Set URL to include all required params so reload path is taken + mockWindow.location.href = "https://example.com?live_preview=old-hash&content_type_uid=blog&entry_uid=entry-123"; const eventData: OnChangeLivePreviewPostMessageEventData = { hash: "test-hash", From e65d15c51445e58b46e8d37a2a375fe2cf2f739a Mon Sep 17 00:00:00 2001 From: Mridul Sharma Date: Tue, 16 Sep 2025 12:46:48 +0530 Subject: [PATCH 5/5] chore: removed unused console log --- src/livePreview/eventManager/postMessageEvent.hooks.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/livePreview/eventManager/postMessageEvent.hooks.ts b/src/livePreview/eventManager/postMessageEvent.hooks.ts index 602f9293..ac2bbd40 100644 --- a/src/livePreview/eventManager/postMessageEvent.hooks.ts +++ b/src/livePreview/eventManager/postMessageEvent.hooks.ts @@ -146,8 +146,6 @@ export function sendInitializeLivePreviewPostMessageEvent(): void { if (contentTypeUid && entryUid) { // TODO: we should not use this function. Instead we should have sideEffect run automatically when we set the config. - console.log("setConfigFromParams", contentTypeUid, entryUid); - // setConfigFromParams(`?content_type_uid=${contentTypeUid}&entry_uid=${entryUid}`); setConfigFromParams({ content_type_uid: contentTypeUid, entry_uid: entryUid,