Security News
Opengrep Emerges as Open Source Alternative Amid Semgrep Licensing Controversy
Opengrep forks Semgrep to preserve open source SAST in response to controversial licensing changes.
By Sarah Gooding - Jan 28, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
dsc-header-footer
Advanced tools
dsc-header-footer
This repository holds the sources to provide the DSC Header/Footer, as well as the Helmet for consumption on 3rd party sites.
- 1.1.0
- alpha
- latest
- npm
dsc-header-footer-helmet
This repository holds the sources to provide the DSC Header/Footer, as well as the Helmet for consumption on 3rd party sites.
Build process
We use Rollup for providing a bundled version of Header/Footer and respective the Helmet. To provide these builds two scripts are defined in package.json.
yarn build:headerfooter
yarn build:helmet
Both commands can also be executed in an chained way using yarn build.
On build the relevant components for header/footer/helmet will be extracted out of the @salesforcedevs/dx-components package and then bundled as single JavaScript components.
The output for Header/Footer will be stored in /public/header-footer, and the output for the Helmet in /public/helmet.
For sites that use a REST based set up (Component Library and Metadata Coverage Report) relevant configuration files will be created under public/config.
QA
The helmet is consumed by apps like www.heroku.com, which has a staging app at www-staging.heroku.com (has basic auth: leave user empty, password is "ronin"). Those apps have a HELMET_HOST config var that can be pointed to your review app, making www-staging fetch the helmet from your PR:
heroku config-set HELMET_HOST=https://your-review-app-name.herokuapp.com -a www-staging
Remember to roll back www-staging after the QA process:
heroku rollback -a www-staging
Server setup
- Assets are currently served from the
https://developer.salesforce.com/shared-componentsURL (e.g:https://developer.salesforce.com/shared-components/helmet/import.js). - The developer.salesforce.com domain is served via Fastly, with the
shared-componentsproxying to a Heroku app (e.g: Fastly fetcheshttps://developer.salesforce.com/shared-components/helmet/import.jsfromhttps://dsc-header-server-p.herokuapp.com/helmet/import.js) - The Heroku app uses the static Heroku buildpack. The configuration is stored in the
static.jsonfile that sets HTTP headers for caching and CORS.
Example markup
The folder scripts/src/templates contains two example HTML files that showcase how to integrate the JavaScript files, and the custom elements.
FAQs
This repository holds the sources to provide the DSC Header/Footer, as well as the Helmet for consumption on 3rd party sites.
The npm package dsc-header-footer receives a total of 5 weekly downloads. As such, dsc-header-footer popularity was classified as not popular.
We found that dsc-header-footer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 20 Feb 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
By Sarah Gooding - Jan 24, 2025
Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
By Sarah Gooding - Jan 24, 2025