Bug/ex UI 3241 linked hearings issue#5155
Open
connorpgpmcelroy wants to merge 56 commits into
Open
Conversation
…com/hmcts/rpx-xui-webapp into bug/EXUI-3241-linked-hearings-issue
Error messages on their own without default messages can be security concern
Enable clear button when one hearing selected and fix console error with shouldSelected
Give error if trying to link one hearing
Add tests related to changes
Add more tests to encompass changes
* Add 2111 changes back to new PR * node-lib version update (#5028) * node-lib version update * fix broken pipeline * Bumping chart version/ fixing aliases * fix broken pipeline * Update Chart.yaml * package version update * node-lib version change * Update yarn.lock * Update yarn-audit-known-issues * node version update * Update yarn-audit-known-issues * yarn audit * yarn audit * yarn lock audit file update * cve update * Update yarn-audit-known-issues * cve fix * cve * Update yarn.lock * node lib version updated --------- Co-authored-by: hmcts-jenkins-j-to-z <61242337+hmcts-jenkins-j-to-z[bot]@users.noreply.github.com> Co-authored-by: kasi-subramaniam <60706745+kasi-subramaniam@users.noreply.github.com> Co-authored-by: Kasi Subramaniam <singlekasi@gmail.com> Co-authored-by: Balaji Sridharan <balaji.sridharan@hmcts.net> Co-authored-by: RiteshHMCTS <74713687+RiteshHMCTS@users.noreply.github.com> Co-authored-by: RiteshHMCTS <ritesh.dsouza@hmcts.net> --------- Co-authored-by: kasi-subramaniam <60706745+kasi-subramaniam@users.noreply.github.com> Co-authored-by: RiteshHMCTS <74713687+RiteshHMCTS@users.noreply.github.com> Co-authored-by: Olu <142989683+olusegz07@users.noreply.github.com> Co-authored-by: hmcts-jenkins-j-to-z <61242337+hmcts-jenkins-j-to-z[bot]@users.noreply.github.com> Co-authored-by: Kasi Subramaniam <singlekasi@gmail.com> Co-authored-by: Balaji Sridharan <balaji.sridharan@hmcts.net> Co-authored-by: RiteshHMCTS <ritesh.dsouza@hmcts.net>
Not actually relevant according to requirements
* allow all flags on hearings * fix tests * lint * cve --------- Co-authored-by: Shamrez <shamrez.darwish@hmcts.net> Co-authored-by: RiteshHMCTS <74713687+RiteshHMCTS@users.noreply.github.com>
* added myworkaccessguard and resued nav access checks into shared util file * added unit tests * linting fix * fix for shared state in unit tests * increasing unit test coverage for sonar issue * linting fix * tidied up code * renamed/moved MyWorkAccessGuard to NavigationAccessGuard to be also used for the search route * linting fix * also added navigationaccessguard to /search/results route --------- Co-authored-by: RiteshHMCTS <74713687+RiteshHMCTS@users.noreply.github.com>
* Removed unsafe eval from CSP * Remove reference to legacy AngularJS, replace AngularJS with vanilla JS * Updated known issues file * lint fix * Update the jenkinsfile to publish the smoke test report in any situation * Updated known issues * Update condition smoke tests are published * Update jenkins step command * Added unsafe eval back in to check if it fixes the GTM error * yarn lint and known issues file --------- Co-authored-by: danH-test <dan.hitchcock@hmcts.net> Co-authored-by: Josh-HMCTS <128602796+Josh-HMCTS@users.noreply.github.com> Co-authored-by: RiteshHMCTS <74713687+RiteshHMCTS@users.noreply.github.com>
* refactor: move safeJsonParse to json-utils The fix replaces unsafe JSON.parse calls with defensive parsing and null checks, preventing corrupted session storage values from crashing components and mitigating client‑side DoS and information disclosure risks. * refactor: use toolkit safeJsonParseFallback for storage parsing * feat: Add a non-standalone wrapper component that renders the toolkit session error page inside the webapp and route `/session-error` * fix: codebase format updated * Update yarn-audit-known-issues * fix: safeJsonParseFallback updated to safeJsonParse * Update task-assignment-container.component.spec.ts * fix: lint prettier * fix: sonar issues * toolkit version update * cve * toolkit update * code tidy * cve upadte * cve fix --------- Co-authored-by: ShamrezDarw <shamrez.Darwish@HMCTS.NET> Co-authored-by: RiteshHMCTS <74713687+RiteshHMCTS@users.noreply.github.com>
* fix: tighten code to only allows exact origin matches from CORS_ALLOWED_ORIGINS * fix: remove duplicate middleware registrations * fix:removed manual CORS headers to reduce redundancy. * Update cors.ts --------- Co-authored-by: Raihan Rahman <134499230+Raihan-R@users.noreply.github.com> Co-authored-by: RiteshHMCTS <74713687+RiteshHMCTS@users.noreply.github.com>
* cve fix * toolkit version updated * version updated * version updated
#4964) * added httpOnly and secure tags to cookieUserId and cookieToken cookies * lint fix --------- Co-authored-by: gregs-cgi <144363053+gregs-cgi@users.noreply.github.com> Co-authored-by: RiteshHMCTS <74713687+RiteshHMCTS@users.noreply.github.com>
* add permissions policy header * lint --------- Co-authored-by: ShamrezDarw <shamrez.Darwish@HMCTS.NET> Co-authored-by: RiteshHMCTS <74713687+RiteshHMCTS@users.noreply.github.com>
* Update version of OTP lib * fix unit test * yarn audit * yarn lock * CVE --------- Co-authored-by: kasi-subramaniam <60706745+kasi-subramaniam@users.noreply.github.com> Co-authored-by: Kasi Subramaniam <singlekasi@gmail.com> Co-authored-by: RiteshHMCTS <74713687+RiteshHMCTS@users.noreply.github.com>
connorpgpmcelroy
requested review from
RiteshHMCTS,
ShamrezDarw and
nathan-clark
and removed request for
a team
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Jira link
https://tools.hmcts.net/jira/browse/EXUI-3241
Change description
Fix of minor unhandled errors with improved general error handling and better error messages and clear button usage in all circumstances
Testing done
Confirmed that errors are now being handled when they were not previously and that clear button is shown even on manage hearing links
Security Vulnerability Assessment
CVE Suppression: Are there any CVEs present in the codebase (either newly introduced or pre-existing) that are being intentionally suppressed or ignored by this commit?