Merge pull request #480 from AlexJSully/main

Lighthouse performance checks

.codeclimate.yml

@@ -53,3 +53,6 @@ exclude_patterns:
     - '**/build/'
     - '.env'
     - '**/.vscode/'
+    - '**/.git'
+    - '**/.github'
+    - '**/cypress'

.github/ISSUE_TEMPLATE/bug_report.md

@@ -17,6 +17,9 @@ Steps to reproduce the behavior:
 **Expected behavior**
 A clear and concise description of what you expected to happen.
 
+**Actual behavior**
+A clear and concise description of what actually happens.
+
 **Screenshots**
 If applicable, add screenshots to help explain your problem.
 
@@ -33,5 +36,11 @@ If applicable, add screenshots to help explain your problem.
 -   Browser [e.g. stock browser, safari]
 -   Version [e.g. 22]
 
+**Workaround**
+If applicable, any known workaround that can be used until the bug is fixed.
+
+**Severity**
+How severe is the bug? Is it a minor inconvenience, or does it make the application unusable?
+
 **Additional context**
 Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -12,5 +12,11 @@ A clear and concise description of what you want to happen.
 **Describe alternatives you've considered**
 A clear and concise description of any alternative solutions or features you've considered.
 
+**Benefits**
+Describe the positive impacts (e.g., improved efficiency, accessibility, etc.) that implementing this feature would have.
+
+**Possible Drawbacks**
+Describe any potential negative impacts (e.g., increased complexity, potential for bugs, etc.) that implementing this feature might have.
+
 **Additional context**
 Add any other context or screenshots about the feature request here.

.github/ISSUE_TEMPLATE/security_report.md

@@ -33,5 +33,11 @@ If applicable, add screenshots to help explain your problem.
 -   Browser [e.g. stock browser, safari]
 -   Version [e.g. 22]
 
+**Potential Fix**
+If you know of a way to fix this vulnerability, please describe it here.
+
+**Severity**
+How severe is the vulnerability? Does it allow an attacker to access sensitive data, or does it potentially lead to a denial of service?
+
 **Additional context**
 Add any other context about the problem here.

.github/workflows/code-qa.yml

@@ -0,0 +1,43 @@
+name: Node.js CI
+
+on:
+    push:
+        branches: [main]
+    pull_request:
+        branches: [main]
+
+jobs:
+    build:
+        runs-on: ubuntu-latest
+
+        strategy:
+            matrix:
+                node-version: [20.x]
+                # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
+
+        steps:
+            - name: Checkout repository
+              uses: actions/checkout@v4
+            - name: Use Node.js ${{ matrix.node-version }}
+              uses: actions/setup-node@v2
+              with:
+                  node-version: ${{ matrix.node-version }}
+            - name: Cache Node.js modules
+              uses: actions/cache@v3
+              with:
+                  path: ~/.npm
+                  key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+                  restore-keys: |
+                      ${{ runner.os }}-node-
+            - name: Check installs
+              run: npm ci
+            - name: Quality check - prettier
+              run: npm run prettier:check
+            - name: Quality check - eslint
+              run: npm run eslint:check
+            - name: Quality check - lint
+              run: npm run lint
+            - name: Quality check - cypress
+              run: npm run e2e:headless
+            - name: Build check
+              run: npm run build

.github/workflows/codeql-analysis.yml

@@ -13,56 +13,73 @@ name: 'CodeQL'
 
 on:
     push:
-        branches: [main]
+        branches: ['main']
     pull_request:
-        # The branches below must be a subset of the branches above
-        branches: [main]
+        branches: ['main']
 
 jobs:
     analyze:
         name: Analyze
-        runs-on: ubuntu-latest
+        # Runner size impacts CodeQL analysis time. To learn more, please see:
+        #   - https://gh.io/recommended-hardware-resources-for-running-codeql
+        #   - https://gh.io/supported-runners-and-hardware-resources
+        #   - https://gh.io/using-larger-runners
+        # Consider using larger runners for possible analysis time improvements.
+        runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+        timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
         permissions:
+            # required for all workflows
+            security-events: write
+
+            # only required for workflows in private repositories
             actions: read
             contents: read
-            security-events: write
 
         strategy:
             fail-fast: false
             matrix:
-                language: ['javascript']
-                # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-                # Learn more about CodeQL language support at https://git.io/codeql-language-support
+                language: ['javascript-typescript']
+                # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ]
+                # Use only 'java-kotlin' to analyze code written in Java, Kotlin or both
+                # Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+                # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
 
         steps:
             - name: Checkout repository
-              uses: actions/checkout@v2
+              uses: actions/checkout@v4
 
             # Initializes the CodeQL tools for scanning.
             - name: Initialize CodeQL
-              uses: github/codeql-action/init@v2
+              uses: github/codeql-action/init@v3
               with:
                   languages: ${{ matrix.language }}
                   # If you wish to specify custom queries, you can do so here or in a config file.
                   # By default, queries listed here will override any specified in a config file.
                   # Prefix the list here with "+" to use these queries and those in the config file.
-                  # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
-            # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+                  # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+                  # queries: security-extended,security-and-quality
+
+            # This workflow runs CodeQL analysis on the codebase to find security vulnerabilities.
+            # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+            # queries: security-extended,security-and-quality
+
+            # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
             # If this step fails, then you should remove it and run the build manually (see below)
             - name: Autobuild
-              uses: github/codeql-action/autobuild@v2
+              uses: github/codeql-action/autobuild@v3
 
             # ℹ️ Command-line programs to run using the OS shell.
-            # 📚 https://git.io/JvXDl
+            # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
 
-            # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-            #    and modify them (or add more) to build your code if your project
-            #    uses a compiled language
+            #   If the Autobuild fails above, remove it and uncomment the following three lines.
+            #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
 
-            #- run: |
-            #   make bootstrap
-            #   make release
+            # - run: |
+            #     echo "Run, Build Application using script"
+            #     ./location_of_script_within_repo/buildscript.sh
 
             - name: Perform CodeQL Analysis
-              uses: github/codeql-action/analyze@v2
+              uses: github/codeql-action/analyze@v3
+              with:
+                  category: '/language:${{matrix.language}}'

.gitignore

@@ -91,7 +91,7 @@ worker-*.js
 .deploy/settings-staging.json
 .deploy/settings.json
 
-# Sentry
+# Sentry Config File
 .sentryclirc
 
 # Flask
@@ -195,4 +195,4 @@ dist/**/*.js.map
 .firebase/
 
 # nx cache
-.nx/cache
+.nx/cache

CODE_OF_CONDUCT.md

@@ -60,7 +60,7 @@ representative at an online or offline event.
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported to the community leaders responsible for enforcement at
-alexander.j.sullivan@hotmail.com.
+<alexjsully.connect@outlook.com>.
 All complaints will be reviewed and investigated promptly and fairly.
 
 All community leaders are obligated to respect the privacy and security of the
@@ -116,13 +116,13 @@ the community.
 
 This Code of Conduct is adapted from the [Contributor Covenant][homepage],
 version 2.0, available at
-https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+<https://www.contributor-covenant.org/version/2/0/code_of_conduct.html>.
 
 Community Impact Guidelines were inspired by [Mozilla's code of conduct
 enforcement ladder](https://github.com/mozilla/diversity).
 
 [homepage]: https://www.contributor-covenant.org
 
 For answers to common questions about this code of conduct, see the FAQ at
-https://www.contributor-covenant.org/faq. Translations are available at
-https://www.contributor-covenant.org/translations.
+<https://www.contributor-covenant.org/faq>. Translations are available at
+<https://www.contributor-covenant.org/translations>.

cypress.config.ts

@@ -0,0 +1,14 @@
+import { defineConfig } from 'cypress';
+
+export default defineConfig({
+	e2e: {
+		// Include shadow DOM elements in command results
+		includeShadowDom: true,
+		// Allow certain Content Security Policies
+		experimentalCspAllowList: true,
+		// Run all specs together
+		experimentalRunAllSpecs: true,
+		// Enable experimental Cypress Studio feature
+		experimentalStudio: true,
+	},
+});

cypress/e2e/landing.cy.ts

@@ -0,0 +1,14 @@
+// This test suite is for the landing page
+describe('Landing Page', () => {
+	// This hook runs before each test in the suite
+	beforeEach(() => {
+		// Visit the landing page
+		cy.visit('http://localhost:3000');
+	});
+
+	// This test checks that the page renders correctly
+	it('should render page', () => {
+		// Check that the profile picture exists on the page
+		cy.get('[data-testid="profile_pic"]').should('exist');
+	});
+});

cypress/e2e/studio.cy.ts

@@ -0,0 +1 @@
+describe('cypress studio', () => {});

cypress/fixtures/example.json

@@ -0,0 +1,5 @@
+{
+	"name": "Using fixtures to represent data",
+	"email": "[email protected]",
+	"body": "Fixtures are a great way to mock data for responses to routes"
+}

cypress/support/commands.ts

@@ -0,0 +1,37 @@
+/// <reference types="cypress" />
+// ***********************************************
+// This example commands.ts shows you how to
+// create various custom commands and overwrite
+// existing commands.
+//
+// For more comprehensive examples of custom
+// commands please read more here:
+// https://on.cypress.io/custom-commands
+// ***********************************************
+//
+//
+// -- This is a parent command --
+// Cypress.Commands.add('login', (email, password) => { ... })
+//
+//
+// -- This is a child command --
+// Cypress.Commands.add('drag', { prevSubject: 'element'}, (subject, options) => { ... })
+//
+//
+// -- This is a dual command --
+// Cypress.Commands.add('dismiss', { prevSubject: 'optional'}, (subject, options) => { ... })
+//
+//
+// -- This will overwrite an existing command --
+// Cypress.Commands.overwrite('visit', (originalFn, url, options) => { ... })
+//
+// declare global {
+//   namespace Cypress {
+//     interface Chainable {
+//       login(email: string, password: string): Chainable<void>
+//       drag(subject: string, options?: Partial<TypeOptions>): Chainable<Element>
+//       dismiss(subject: string, options?: Partial<TypeOptions>): Chainable<Element>
+//       visit(originalFn: CommandOriginalFn, url: string, options: Partial<VisitOptions>): Chainable<Element>
+//     }
+//   }
+// }

cypress/support/e2e.ts

@@ -0,0 +1,19 @@
+// ***********************************************************
+// This example support/e2e.ts is processed and
+// loaded automatically before your test files.
+//
+// This is a great place to put global configuration and
+// behavior that modifies Cypress.
+//
+// You can change the location of this file or turn off
+// automatically serving support files with the
+// 'supportFile' configuration option.
+//
+// You can read more here:
+// https://on.cypress.io/configuration
+// ***********************************************************
+// Import commands.js using ES2015 syntax:
+import './commands';
+
+// Alternatively you can use CommonJS syntax:
+// require('./commands')

next.config.js

@@ -46,7 +46,7 @@ const nextConfig = withPWA({
 					},
 					{
 						key: 'Permissions-Policy',
-						value: 'fullscreen=*, picture-in-picture=*, xr-spatial-tracking=*, gamepad=*, hid=*, idle-detection=*, window-placement=*',
+						value: 'fullscreen=*, picture-in-picture=*, xr-spatial-tracking=*, gamepad=*, hid=*, idle-detection=*, window-management=*',
 					},
 				],
 			},