diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..c7a48e0 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,51 @@ +name: Release +on: + push: + branches: + - master +jobs: + build: + name: Build and upload + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3.5.3 + with: + fetch-depth: 0 + - name: Setup Node.js + uses: actions/setup-node@v3.7.0 + with: + node-version: "18.x" + - name: Install dependencies + run: npm install + - name: Upload dist + uses: actions/upload-artifact@v3.1.2 + with: + name: lib + path: lib + + release: + name: Download dist and release + runs-on: ubuntu-latest + needs: build + steps: + - name: Checkout + uses: actions/checkout@v3.5.3 + with: + fetch-depth: 0 + - name: Download dist + uses: actions/download-artifact@v3 + with: + name: lib + path: lib + - name: Display directories + run: ls -R lib + - name: Publish to npm + id: release-plugin + uses: JS-DevTools/npm-publish@v2.2.0 + with: + token: ${{ secrets.NPM_TOKEN }} + - name: Create GitHub release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: gh release create v${{ steps.release-plugin.outputs.version }} --title "Release ${{ steps.release-plugin.outputs.version }}" --generate-notes diff --git a/LICENSE.txt b/LICENSE similarity index 97% rename from LICENSE.txt rename to LICENSE index 2ac2233..8b6fa7c 100644 --- a/LICENSE.txt +++ b/LICENSE @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2018 Contentstack +Copyright (c) 2024 Contentstack Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..b33a46b --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,27 @@ +## Security + +Contentstack takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations. + +If you believe you have found a security vulnerability in any Contentstack-owned repository, please report it to us as described below. + +## Reporting Security Issues + +**Please do not report security vulnerabilities through public GitHub issues.** + +Send email to [security@contentstack.com](mailto:security@contentstack.com). + +You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. + +Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: + +- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) +- Full paths of source file(s) related to the manifestation of the issue +- The location of the affected source code (tag/branch/commit or direct URL) +- Any special configuration required to reproduce the issue +- Step-by-step instructions to reproduce the issue +- Proof-of-concept or exploit code (if possible) +- Impact of the issue, including how an attacker might exploit the issue + +This information will help us triage your report more quickly. + +[https://www.contentstack.com/trust/](https://www.contentstack.com/trust/) \ No newline at end of file diff --git a/lib/request.js b/lib/request.js index ca9eb6b..829e9dc 100644 --- a/lib/request.js +++ b/lib/request.js @@ -48,6 +48,10 @@ var makeCall = module.exports = function(req, cb, RETRY) { return cb(new Error('Max retry limit exceeded!')); } debug(`Requesting API\n${JSON.stringify(req, null, 2)}`); + //NOTE: Please delete the below three lines in case the code breaks :) + let tempObj = Object.create(null); + merge(tempObj,req); + req = tempObj; return request(req, function(err, response, body) { if (err) { return cb(err);