Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update helmet version to improve security and take on CSP patches #4572

Merged
merged 3 commits into from
Apr 9, 2021
Merged

update helmet version to improve security and take on CSP patches #4572

merged 3 commits into from
Apr 9, 2021

Conversation

awentzel
Copy link
Collaborator

@awentzel awentzel commented Apr 9, 2021
edited
Loading

Pull Request

📖 Description

This will upgrade Helmet which we use on Express Middleware for improved application security and also add a content security policy CSP for integration with key partners.

🎫 Issues

  • Upgrade security features
  • Upgrade includes CSP patches
  • Add CSP

👩‍💻 Reviewer Notes

📑 Test Plan

Tested on Creator staging site and in place at the moment.

✅ Checklist

General

  • I have included a change request file using $ yarn change
  • I have added tests for my changes.
  • I have tested my changes.
  • I have updated the project documentation to reflect my changes.
  • I have read the CONTRIBUTING documentation and followed the standards for this project.

Component-specific

⏭ Next Steps

@awentzel awentzel added this to the Release 2021-04 milestone Apr 9, 2021
@awentzel awentzel requested a review from chrisdholt as a code owner April 9, 2021 15:34
@awentzel awentzel self-assigned this Apr 9, 2021
@awentzel awentzel force-pushed the user/awentzel/update-csp branch from dfd7ae3 to f0a3409 Compare April 9, 2021 16:53
@awentzel awentzel requested a review from EisenbergEffect April 9, 2021 16:53
@codeclimate
Copy link

codeclimate bot commented Apr 9, 2021

Code Climate has analyzed commit efa9d45 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 80.4%.

View more on Code Climate.

@awentzel awentzel merged commit 8933c5b into master Apr 9, 2021
@awentzel awentzel deleted the user/awentzel/update-csp branch April 9, 2021 18:19
@awentzel awentzel mentioned this pull request Apr 10, 2021
Closed
12 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@EisenbergEffect EisenbergEffect EisenbergEffect approved these changes

@janechu janechu janechu approved these changes

@chrisdholt chrisdholt Awaiting requested review from chrisdholt

@nicholasrice nicholasrice Awaiting requested review from nicholasrice

Assignees

@awentzel awentzel

Labels
None yet
Projects
None yet
Milestone
Release 2021-04
Development

Successfully merging this pull request may close these issues.
3 participants
@awentzel @EisenbergEffect @janechu