From 17f2b95dbae6c85ae542b2c6846f398875fb8f81 Mon Sep 17 00:00:00 2001 From: Peter Bengtsson Date: Thu, 8 Jun 2023 11:41:23 -0400 Subject: [PATCH 1/3] Fix prettier in secret-scanning-pattern-table-updates.yml (#37676) --- .github/workflows/lint-code.yml | 2 -- .github/workflows/secret-scanning-pattern-table-updates.yml | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/lint-code.yml b/.github/workflows/lint-code.yml index 3c47bc85de..18209cb529 100644 --- a/.github/workflows/lint-code.yml +++ b/.github/workflows/lint-code.yml @@ -20,8 +20,6 @@ on: - 'package-lock.json' # In case one of the script definitions changed - 'package.json' - # Ultimately, for debugging this workflow itself - - .github/workflows/code-lint.yml permissions: contents: read diff --git a/.github/workflows/secret-scanning-pattern-table-updates.yml b/.github/workflows/secret-scanning-pattern-table-updates.yml index f19a85b03c..3597f0e91d 100644 --- a/.github/workflows/secret-scanning-pattern-table-updates.yml +++ b/.github/workflows/secret-scanning-pattern-table-updates.yml @@ -32,7 +32,7 @@ jobs: - You can only merge this PR if it's had a technical review (see who's approved it in the 'Reviewers' section in the top right corner). - To test that the changes appear on Staging, look at the preview of the 'Secret scanning patterns' file. You may need to use the product picker to look at the table for different GitHub products, and test the versioning. - If you don't feel comfortable reviewing this PR, please post a link to it in the #code-security-docs Slack channel so someone from the Dependencies & Secrets focus team can take a look. - + - For more information about this automation, and the reasons why we've decided to implement it, see [About automations for Dependencies & Secrets](https://github.com/github/docs-content/blob/main/focus-areas/code-security/about-automations-for-dependencies-and-secrets.md#secret-scanning-prs-adding-new-supported-patterns) in the `docs-content` repository. - Thank you :fishsticks: :sparkling_heart:" From 510eb08e18a2b673c8ae7cefecd473d4fa2902ae Mon Sep 17 00:00:00 2001 From: Peter Bengtsson Date: Thu, 8 Jun 2023 11:45:34 -0400 Subject: [PATCH 2/3] statsd log all 404 renderings (#37665) --- middleware/render-page.js | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/middleware/render-page.js b/middleware/render-page.js index fa752e4ea3..04177a3331 100644 --- a/middleware/render-page.js +++ b/middleware/render-page.js @@ -10,12 +10,15 @@ import { isConnectionDropped } from './halt-on-dropped-connection.js' import { nextApp, nextHandleRequest } from './next.js' import { defaultCacheControl } from './cache-control.js' +const STATSD_KEY_RENDER = 'middleware.render_page' +const STATSD_KEY_404 = 'middleware.render_404' + async function buildRenderedPage(req) { const { context } = req const { page } = context const path = req.pagePath || req.path - const pageRenderTimed = statsd.asyncTimer(page.render, 'middleware.render_page', [`path:${path}`]) + const pageRenderTimed = statsd.asyncTimer(page.render, STATSD_KEY_RENDER, [`path:${path}`]) return await pageRenderTimed(context) } @@ -51,6 +54,14 @@ export default async function renderPage(req, res) { `\nTried to redirect to ${context.redirectNotFound}, but that page was not found.\n` ) } + + statsd.increment(STATSD_KEY_404, 1, [ + `url:${req.url}`, + `ip:${req.ip}`, + `path:${req.path}`, + `referer:${req.headers.referer || ''}`, + ]) + return nextApp.render404(req, res) } From 59c58f3eb49f82ff596753d3ff1b44553e0d88b2 Mon Sep 17 00:00:00 2001 From: Peter Bengtsson Date: Thu, 8 Jun 2023 11:46:01 -0400 Subject: [PATCH 3/3] Serve /apple-touch-icon-120x120.png (#37667) --- middleware/favicons.js | 20 ++++++++++++++------ tests/rendering/favicons.js | 10 ++++++++-- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/middleware/favicons.js b/middleware/favicons.js index 851954dca2..1155f089c7 100644 --- a/middleware/favicons.js +++ b/middleware/favicons.js @@ -17,16 +17,24 @@ const MAP = { contentType: 'image/png', buffer: getBuffer('assets/images/site/apple-touch-icon.png'), }, - // It's the same image but it's fine. By default, when Safari tries to - // to figure out which apple touch icons are available it will - // try to load this by default. For example, if you in desktop Safari - // click share icon, it will load this to serve as a preview icon. - '/apple-touch-icon-precomposed.png': { + '/apple-touch-icon-120x120.png': { contentType: 'image/png', - buffer: getBuffer('assets/images/site/apple-touch-icon.png'), + buffer: getBuffer('assets/images/site/apple-touch-icon-120x120.png'), + }, + '/apple-touch-icon-152x152.png': { + contentType: 'image/png', + buffer: getBuffer('assets/images/site/apple-touch-icon-152x152.png'), }, } +// It's the same image but it's fine. By default, when Safari tries to +// to figure out which apple touch icons are available it will +// try to load this by default. For example, if you in desktop Safari +// click share icon, it will load this to serve as a preview icon. +MAP['/apple-touch-icon-precomposed.png'] = MAP['/apple-touch-icon.png'] +MAP['/apple-touch-icon-120x120-precomposed.png'] = MAP['/apple-touch-icon-120x120.png'] +MAP['/apple-touch-icon-152x152-precomposed.png'] = MAP['/apple-touch-icon-152x152.png'] + function getBuffer(filePath) { let buffer if (!fs.existsSync(filePath)) { diff --git a/tests/rendering/favicons.js b/tests/rendering/favicons.js index f5d896064f..6aad24093b 100644 --- a/tests/rendering/favicons.js +++ b/tests/rendering/favicons.js @@ -38,8 +38,14 @@ describe('favicon assets', () => { expect(res.headers['surrogate-key']).toBe(SURROGATE_ENUMS.MANUAL) }) - test('should also 200 OK on /apple-touch-icon-precomposed.png', async () => { - const res = await get('/apple-touch-icon-precomposed.png') + test.each([ + '/apple-touch-icon-precomposed.png', + '/apple-touch-icon-120x120-precomposed.png', + '/apple-touch-icon-120x120.png', + '/apple-touch-icon-152x152.png', + '/apple-touch-icon-152x152-precomposed.png', + ])('should also 200 OK on %s', async (path) => { + const res = await get(path) expect(res.statusCode).toBe(200) expect(res.headers['content-type']).toBe('image/png') })