From 1d24666b1468da9315d0a9f80cd953c2973747b8 Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Thu, 4 Jun 2026 11:54:41 +0100 Subject: [PATCH 01/16] check cve suppression and list issue --- .husky/pre-push | 3 +++ bin/prepush.sh | 45 +++++++++++++++++++++++++++++++++++++++++ package.json | 1 + src/app.config.ts | 2 ++ yarn-audit-known-issues | 1 + 5 files changed, 52 insertions(+) create mode 100755 .husky/pre-push create mode 100755 bin/prepush.sh diff --git a/.husky/pre-push b/.husky/pre-push new file mode 100755 index 0000000000..9f10a8004a --- /dev/null +++ b/.husky/pre-push @@ -0,0 +1,3 @@ +#!/bin/sh + +yarn prepush diff --git a/bin/prepush.sh b/bin/prepush.sh new file mode 100755 index 0000000000..ff195ed78c --- /dev/null +++ b/bin/prepush.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +yarn test:audit & pid1=$! +yarn lint & pid2=$! + +wait $pid1; status1=$? +wait $pid2; status2=$? + +failed="" +if [ $status1 -ne 0 ]; then + failed="$failed test:audit" +fi +if [ $status2 -ne 0 ]; then + failed="$failed lint" +fi + +yarn npm audit --recursive --environment production --json > yarn-audit-known-issues +cve_suppress_status=$? + +if [ "$cve_suppress_status" -ne 0 ] && [ ! -s yarn-audit-known-issues ]; then + printf "=============================================================\n" >&2 + printf "Unable to refresh yarn-audit-known-issues\n" >&2 + printf "=============================================================\n" >&2 + exit "$cve_suppress_status" +fi + +if ! git diff --quiet -- yarn-audit-known-issues; then + printf "=============================================================\n" >&2 + printf "yarn-audit-known-issues was refreshed with the latest CVE audit output.\n" >&2 + printf "Commit yarn-audit-known-issues and push again.\n" >&2 + printf "=============================================================\n" >&2 + exit 1 +fi + +if [ -n "$failed" ]; then + printf "=============================================================\n" >&2 + printf "The following commands failed:$failed\n" >&2 + if [ $status1 -ne 0 ]; then + printf "\n" >&2 + printf "There are unsuppressed vulnerabilities, update yarn-audit-known-issues and commit it.\n" >&2 + printf "\n" >&2 + fi + printf "=============================================================\n" >&2 + exit 1 +fi diff --git a/package.json b/package.json index 38447a3b4c..2f5d276d42 100644 --- a/package.json +++ b/package.json @@ -40,6 +40,7 @@ "test": "ng test ccd-case-ui-toolkit-lib --code-coverage", "test:watch": "ng test ccd-case-ui-toolkit-lib --code-coverage --watch=true", "test:audit": "./bin/run-yarn-audit.sh -f yarn-audit-known-issues", + "prepush": "bash ./bin/prepush.sh", "tslint": "tslint", "docs:json": "compodoc -p ./tsconfig.json -e json -d .", "storybook": "yarn docs:json && start-storybook -p 6006", diff --git a/src/app.config.ts b/src/app.config.ts index 503db80593..cab229a9ce 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -9,6 +9,8 @@ export interface AccessManagementBasicViewMockModel { accessProcess?: string; } +const toolkitPrepushLintFailure = "lint-test"; + export interface AccessManagementRequestReviewMockModel { active?: boolean; details?: { diff --git a/yarn-audit-known-issues b/yarn-audit-known-issues index 631305a6ac..028790b9c3 100644 --- a/yarn-audit-known-issues +++ b/yarn-audit-known-issues @@ -1,3 +1,4 @@ +{"test":"intentional CVE suppression mismatch"} {"value":"@nicky-lenaers/ngx-scroll-to","children":{"ID":"@nicky-lenaers/ngx-scroll-to (deprecation)","Issue":"Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.","Severity":"moderate","Vulnerable Versions":"14.0.0","Tree Versions":["14.0.0"],"Dependents":["@hmcts/ccd-case-ui-toolkit@workspace:."]}} {"value":"@tootallnate/once","children":{"ID":1119438,"Issue":"@tootallnate/once vulnerable to Incorrect Control Flow Scoping","URL":"https://github.com/advisories/GHSA-vpq2-c234-7xj6","Severity":"low","Vulnerable Versions":"<2.0.1","Tree Versions":["2.0.0"],"Dependents":["http-proxy-agent@npm:5.0.0"]}} {"value":"abab","children":{"ID":"abab (deprecation)","Issue":"Use your platform's native atob() and btoa() methods instead","Severity":"moderate","Vulnerable Versions":"2.0.6","Tree Versions":["2.0.6"],"Dependents":["jsdom@virtual:ce56289c4b7a2e9003d709997e253c1c80dcaee4c6fbe440cbe9ba5de5db8af3a7b7ad41bbdec5a5e3d40dc9c3c54bef92dd6885ff84cd436d636d5a1b380a61#npm:20.0.3"]}} From d5d4456be6fb5faa282807d81e7693af065ce906 Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Thu, 4 Jun 2026 12:01:09 +0100 Subject: [PATCH 02/16] test --- src/app.config.ts | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/app.config.ts b/src/app.config.ts index cab229a9ce..942e775a01 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -8,9 +8,6 @@ export interface AccessManagementBasicViewMockModel { }; accessProcess?: string; } - -const toolkitPrepushLintFailure = "lint-test"; - export interface AccessManagementRequestReviewMockModel { active?: boolean; details?: { From b2364d1143e8945ab74f47837aff34da0df1d1be Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Thu, 4 Jun 2026 12:01:50 +0100 Subject: [PATCH 03/16] test --- yarn-audit-known-issues | 1 - 1 file changed, 1 deletion(-) diff --git a/yarn-audit-known-issues b/yarn-audit-known-issues index 028790b9c3..631305a6ac 100644 --- a/yarn-audit-known-issues +++ b/yarn-audit-known-issues @@ -1,4 +1,3 @@ -{"test":"intentional CVE suppression mismatch"} {"value":"@nicky-lenaers/ngx-scroll-to","children":{"ID":"@nicky-lenaers/ngx-scroll-to (deprecation)","Issue":"Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.","Severity":"moderate","Vulnerable Versions":"14.0.0","Tree Versions":["14.0.0"],"Dependents":["@hmcts/ccd-case-ui-toolkit@workspace:."]}} {"value":"@tootallnate/once","children":{"ID":1119438,"Issue":"@tootallnate/once vulnerable to Incorrect Control Flow Scoping","URL":"https://github.com/advisories/GHSA-vpq2-c234-7xj6","Severity":"low","Vulnerable Versions":"<2.0.1","Tree Versions":["2.0.0"],"Dependents":["http-proxy-agent@npm:5.0.0"]}} {"value":"abab","children":{"ID":"abab (deprecation)","Issue":"Use your platform's native atob() and btoa() methods instead","Severity":"moderate","Vulnerable Versions":"2.0.6","Tree Versions":["2.0.6"],"Dependents":["jsdom@virtual:ce56289c4b7a2e9003d709997e253c1c80dcaee4c6fbe440cbe9ba5de5db8af3a7b7ad41bbdec5a5e3d40dc9c3c54bef92dd6885ff84cd436d636d5a1b380a61#npm:20.0.3"]}} From 719ee8a835442c541ba1374ebf6cf856cce4239b Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Thu, 4 Jun 2026 12:03:00 +0100 Subject: [PATCH 04/16] revert --- src/app.config.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/src/app.config.ts b/src/app.config.ts index 942e775a01..503db80593 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -8,6 +8,7 @@ export interface AccessManagementBasicViewMockModel { }; accessProcess?: string; } + export interface AccessManagementRequestReviewMockModel { active?: boolean; details?: { From c470a45ba275292cc9a2b4a4a5b2b71ba584a4bc Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Thu, 4 Jun 2026 12:03:44 +0100 Subject: [PATCH 05/16] test --- src/app.config.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/app.config.ts b/src/app.config.ts index 503db80593..cab229a9ce 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -9,6 +9,8 @@ export interface AccessManagementBasicViewMockModel { accessProcess?: string; } +const toolkitPrepushLintFailure = "lint-test"; + export interface AccessManagementRequestReviewMockModel { active?: boolean; details?: { From 344e13ade3d942500fca8c31d1796cb1a7a91494 Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Thu, 4 Jun 2026 12:16:41 +0100 Subject: [PATCH 06/16] update --- bin/prepush.sh | 36 +++++++++++++++++------------------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/bin/prepush.sh b/bin/prepush.sh index ff195ed78c..ecaa58c38a 100755 --- a/bin/prepush.sh +++ b/bin/prepush.sh @@ -1,19 +1,19 @@ #!/bin/bash -yarn test:audit & pid1=$! -yarn lint & pid2=$! +yarn lint +lint_status=$? -wait $pid1; status1=$? -wait $pid2; status2=$? - -failed="" -if [ $status1 -ne 0 ]; then - failed="$failed test:audit" -fi -if [ $status2 -ne 0 ]; then - failed="$failed lint" +if [ "$lint_status" -ne 0 ]; then + printf "=============================================================\n" >&2 + printf "The following command failed: lint\n" >&2 + printf "Fix the lint errors shown above, then push again.\n" >&2 + printf "=============================================================\n" >&2 + exit "$lint_status" fi +yarn test:audit +audit_status=$? + yarn npm audit --recursive --environment production --json > yarn-audit-known-issues cve_suppress_status=$? @@ -32,14 +32,12 @@ if ! git diff --quiet -- yarn-audit-known-issues; then exit 1 fi -if [ -n "$failed" ]; then - printf "=============================================================\n" >&2 - printf "The following commands failed:$failed\n" >&2 - if [ $status1 -ne 0 ]; then - printf "\n" >&2 - printf "There are unsuppressed vulnerabilities, update yarn-audit-known-issues and commit it.\n" >&2 - printf "\n" >&2 - fi +if [ "$audit_status" -ne 0 ]; then + printf "=============================================================\n" >&2 + printf "The following command failed: test:audit\n" >&2 + printf "\n" >&2 + printf "There are unsuppressed vulnerabilities, update yarn-audit-known-issues and commit it.\n" >&2 + printf "\n" >&2 printf "=============================================================\n" >&2 exit 1 fi From 57c79f30bfe73b194a561bd5e8304a57ffdf933b Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Thu, 4 Jun 2026 12:17:13 +0100 Subject: [PATCH 07/16] revert --- src/app.config.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/app.config.ts b/src/app.config.ts index cab229a9ce..503db80593 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -9,8 +9,6 @@ export interface AccessManagementBasicViewMockModel { accessProcess?: string; } -const toolkitPrepushLintFailure = "lint-test"; - export interface AccessManagementRequestReviewMockModel { active?: boolean; details?: { From ce67b6c886493ab39337a755a156e7e3673f8c1f Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Thu, 4 Jun 2026 12:18:09 +0100 Subject: [PATCH 08/16] test --- src/app.config.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/app.config.ts b/src/app.config.ts index 503db80593..cab229a9ce 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -9,6 +9,8 @@ export interface AccessManagementBasicViewMockModel { accessProcess?: string; } +const toolkitPrepushLintFailure = "lint-test"; + export interface AccessManagementRequestReviewMockModel { active?: boolean; details?: { From e9945a1e2b2884e8bd80be9395a9c4523999d964 Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Thu, 4 Jun 2026 12:44:42 +0100 Subject: [PATCH 09/16] revert --- src/app.config.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/app.config.ts b/src/app.config.ts index cab229a9ce..503db80593 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -9,8 +9,6 @@ export interface AccessManagementBasicViewMockModel { accessProcess?: string; } -const toolkitPrepushLintFailure = "lint-test"; - export interface AccessManagementRequestReviewMockModel { active?: boolean; details?: { From b1607a4becb6b8de8b11083d1e5f5574590010c2 Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Mon, 8 Jun 2026 11:05:11 +0100 Subject: [PATCH 10/16] test --- src/app.config.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/app.config.ts b/src/app.config.ts index 503db80593..4c9348566b 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -1,3 +1,5 @@ +const intentionalLintError = 'unused on purpose'; + export interface AccessManagementBasicViewMockModel { active?: boolean; basicFields?: { From f3049dd560a8225fba005cb35c032596aca4f25e Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Mon, 8 Jun 2026 11:21:16 +0100 Subject: [PATCH 11/16] lint error --- src/app.config.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/app.config.ts b/src/app.config.ts index 4c9348566b..503db80593 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -1,5 +1,3 @@ -const intentionalLintError = 'unused on purpose'; - export interface AccessManagementBasicViewMockModel { active?: boolean; basicFields?: { From e7af158a72d3a00d4a9e5190cd3d23ee1edf5ba9 Mon Sep 17 00:00:00 2001 From: Balaji Sridharan Date: Mon, 8 Jun 2026 14:32:04 +0100 Subject: [PATCH 12/16] dummy push --- src/app.config.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/src/app.config.ts b/src/app.config.ts index 503db80593..52130278f0 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -1,3 +1,4 @@ +let intentionalLintError = 'unused on purpose'; export interface AccessManagementBasicViewMockModel { active?: boolean; basicFields?: { From 94f5b00c8a32b5f522ff8d353d423743fe75bb5f Mon Sep 17 00:00:00 2001 From: Balaji Sridharan Date: Mon, 8 Jun 2026 14:33:48 +0100 Subject: [PATCH 13/16] dummy commit --- package.json | 1 + src/app.config.ts | 2 +- yarn.lock | 10 ++++++++++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 2f5d276d42..f6bd092dc9 100644 --- a/package.json +++ b/package.json @@ -133,6 +133,7 @@ "gulp": "^4.0.2", "gulp-inline-ng2-template": "^5.0.1", "gulp-sass": "^5.1.0", + "husky": "^9.1.7", "istanbul-instrumenter-loader": "^3.0.1", "jasmine-core": "~5.1.0", "jasmine-spec-reporter": "~7.0.0", diff --git a/src/app.config.ts b/src/app.config.ts index 52130278f0..ac8da2d1a1 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -1,4 +1,4 @@ -let intentionalLintError = 'unused on purpose'; +let intentionalLintError = 'unused on purposeee'; export interface AccessManagementBasicViewMockModel { active?: boolean; basicFields?: { diff --git a/yarn.lock b/yarn.lock index dcefd6d975..5f098456e3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3456,6 +3456,7 @@ __metadata: gulp: "npm:^4.0.2" gulp-inline-ng2-template: "npm:^5.0.1" gulp-sass: "npm:^5.1.0" + husky: "npm:^9.1.7" istanbul-instrumenter-loader: "npm:^3.0.1" jasmine-core: "npm:~5.1.0" jasmine-spec-reporter: "npm:~7.0.0" @@ -17022,6 +17023,15 @@ __metadata: languageName: node linkType: hard +"husky@npm:^9.1.7": + version: 9.1.7 + resolution: "husky@npm:9.1.7" + bin: + husky: bin.js + checksum: 10/c2412753f15695db369634ba70f50f5c0b7e5cb13b673d0826c411ec1bd9ddef08c1dad89ea154f57da2521d2605bd64308af748749b27d08c5f563bcd89975f + languageName: node + linkType: hard + "hyperdyperid@npm:^1.2.0": version: 1.2.0 resolution: "hyperdyperid@npm:1.2.0" From 9fd2b8185c9b11f62ac0da90e354207bb22e5c07 Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Mon, 8 Jun 2026 14:25:16 +0100 Subject: [PATCH 14/16] test --- src/app.config.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/src/app.config.ts b/src/app.config.ts index ac8da2d1a1..503db80593 100644 --- a/src/app.config.ts +++ b/src/app.config.ts @@ -1,4 +1,3 @@ -let intentionalLintError = 'unused on purposeee'; export interface AccessManagementBasicViewMockModel { active?: boolean; basicFields?: { From 54ca373ec734d050189d64faad11e6f64eaae055 Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Mon, 8 Jun 2026 15:48:17 +0100 Subject: [PATCH 15/16] updated error message --- bin/prepush.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/prepush.sh b/bin/prepush.sh index ecaa58c38a..b0f72ebbf1 100755 --- a/bin/prepush.sh +++ b/bin/prepush.sh @@ -6,7 +6,7 @@ lint_status=$? if [ "$lint_status" -ne 0 ]; then printf "=============================================================\n" >&2 printf "The following command failed: lint\n" >&2 - printf "Fix the lint errors shown above, then push again.\n" >&2 + printf "Fix the lint errors, then push again.\n" >&2 printf "=============================================================\n" >&2 exit "$lint_status" fi From 006e70dcfa9d348ad1991a665f729e0a4e84d409 Mon Sep 17 00:00:00 2001 From: RiteshHMCTS Date: Mon, 8 Jun 2026 16:06:54 +0100 Subject: [PATCH 16/16] error message update --- bin/prepush.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/prepush.sh b/bin/prepush.sh index b0f72ebbf1..7308a4fa3f 100755 --- a/bin/prepush.sh +++ b/bin/prepush.sh @@ -5,8 +5,8 @@ lint_status=$? if [ "$lint_status" -ne 0 ]; then printf "=============================================================\n" >&2 - printf "The following command failed: lint\n" >&2 - printf "Fix the lint errors, then push again.\n" >&2 + printf "The following command failed: yarn lint\n" >&2 + printf "run yarn lint command to find the lint errors and fix them, then push again.\n" >&2 printf "=============================================================\n" >&2 exit "$lint_status" fi