Giter Club home page Giter Club logo

react-next-starter's Introduction

react-next-starter

Github Workflow Renovate

Next.js starter with TS, MaterialUI, Redux, Storybook, Cypress and many more usable developer tools included

Features

Getting started

yarn create next-app -e https://github.com/KASTINpl/react-next-starter APP_NAME
cd APP_NAME
yarn dev

All commands

yarn dev

Runs development server on localhost:3000.

yarn build

Build application for production use.

yarn start

Start built application. You need to run build first.

yarn test

Run all tests.

yarn test:unit

Run all unit tests with jest.

yarn test:unit:coverage

Run all unit tests with jest and generate coverage reports. This will fail if constraints coverageThreshold in jest.config.js are violated.

yarn test:unit:update

Run all unit tests with jest and update all outdated snapshots.

yarn test:unit:watch

Run all unit tests with jest using developer mode - watching all the changes.

yarn test:e2e

Run all integration tests with headless cypress.

yarn test:e2e:ui

Run all integration tests with cypress UI.

yarn test

Run test:unit and test:e2e in parallel

yarn lint:types

Run ESlint check

yarn lint:format

Run Prettier check

yarn lint

Run lint:types and lint:format in parallel

yarn storybook

Run Storybook server.

yarn build-storybook

Build Storybook documentation for production use.

yarn plop component NewComponent

Create a new component see ./plop-templates/component

Useful links, articles and manuals

react-next-starter's People

Contributors

kastinpl avatar mend-bolt-for-github[bot] avatar renovate-bot avatar renovate[bot] avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

krzysztof-kabala

react-next-starter's Issues

CVE-2020-7753 (High) detected in trim-0.0.1.tgz

CVE-2020-7753 - High Severity Vulnerability

Vulnerable Library - trim-0.0.1.tgz

Trim string whitespace

Library home page: https://registry.npmjs.org/trim/-/trim-0.0.1.tgz

Path to dependency file: react-next-starter/package.json

Path to vulnerable library: react-next-starter/node_modules/trim/package.json

Dependency Hierarchy:

  • addon-essentials-6.1.11.tgz (Root Library)
    • addon-docs-6.1.11.tgz
      • mdx-1.6.22.tgz
        • remark-parse-8.0.3.tgz
          • trim-0.0.1.tgz (Vulnerable Library)

Found in HEAD commit: 6d0ef4238c2633c9a2e7a67907d767db96ec9e7d

Found in base branch: main

Vulnerability Details

All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().

Publish Date: 2020-10-27

URL: CVE-2020-7753

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with WhiteSource here

CVE-2019-11358 (Medium) detected in jquery-1.11.3.js

CVE-2019-11358 - Medium Severity Vulnerability

Vulnerable Library - jquery-1.11.3.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.js

Path to dependency file: react-next-starter/node_modules/es6-shim/test/index.html

Path to vulnerable library: react-next-starter/node_modules/es6-shim/test/index.html

Dependency Hierarchy:

  • jquery-1.11.3.js (Vulnerable Library)

Found in HEAD commit: 6d0ef4238c2633c9a2e7a67907d767db96ec9e7d

Found in base branch: main

Vulnerability Details

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

Publish Date: 2019-04-20

URL: CVE-2019-11358

CVSS 3 Score Details (6.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358

Release Date: 2019-04-20

Fix Resolution: 3.4.0

Step up your Open Source Security Game with WhiteSource here

CVE-2015-9251 (Medium) detected in jquery-1.9.0.min.js, jquery-1.11.3.js

CVE-2015-9251 - Medium Severity Vulnerability

Vulnerable Libraries - jquery-1.9.0.min.js, jquery-1.11.3.js

jquery-1.9.0.min.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js

Path to dependency file: react-next-starter/node_modules/es6-shim/test-sham/index.html

Path to vulnerable library: react-next-starter/node_modules/es6-shim/test-sham/index.html

Dependency Hierarchy:

  • jquery-1.9.0.min.js (Vulnerable Library)
jquery-1.11.3.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.js

Path to dependency file: react-next-starter/node_modules/es6-shim/test/index.html

Path to vulnerable library: react-next-starter/node_modules/es6-shim/test/index.html

Dependency Hierarchy:

  • jquery-1.11.3.js (Vulnerable Library)

Found in HEAD commit: 6d0ef4238c2633c9a2e7a67907d767db96ec9e7d

Found in base branch: main

Vulnerability Details

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

Publish Date: 2018-01-18

URL: CVE-2015-9251

CVSS 3 Score Details (6.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251

Release Date: 2018-01-18

Fix Resolution: jQuery - v3.0.0

Step up your Open Source Security Game with WhiteSource here

CVE-2020-11022 (Medium) detected in jquery-1.9.0.min.js, jquery-1.11.3.js

CVE-2020-11022 - Medium Severity Vulnerability

Vulnerable Libraries - jquery-1.9.0.min.js, jquery-1.11.3.js

jquery-1.9.0.min.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js

Path to dependency file: react-next-starter/node_modules/es6-shim/test-sham/index.html

Path to vulnerable library: react-next-starter/node_modules/es6-shim/test-sham/index.html

Dependency Hierarchy:

  • jquery-1.9.0.min.js (Vulnerable Library)
jquery-1.11.3.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.js

Path to dependency file: react-next-starter/node_modules/es6-shim/test/index.html

Path to vulnerable library: react-next-starter/node_modules/es6-shim/test/index.html

Dependency Hierarchy:

  • jquery-1.11.3.js (Vulnerable Library)

Found in HEAD commit: 6d0ef4238c2633c9a2e7a67907d767db96ec9e7d

Found in base branch: main

Vulnerability Details

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Publish Date: 2020-04-29

URL: CVE-2020-11022

CVSS 3 Score Details (6.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/

Release Date: 2020-04-29

Fix Resolution: jQuery - 3.5.0

Step up your Open Source Security Game with WhiteSource here

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

  • Replace dependency npm-run-all with npm-run-all2 5.0.0
  • Update dependency @fontsource/roboto to v5.0.13
  • Update dependency @types/jest to v29.5.12
  • Update dependency @types/node to v18.19.33
  • Update dependency @types/react-redux to v7.1.33
  • Update dependency babel-plugin-module-resolver to v5.0.2
  • Update dependency eslint-plugin-import to v2.29.1
  • Update emotion monorepo (@emotion/react, @emotion/styled)
  • Update testing-library monorepo (@testing-library/dom, @testing-library/jest-dom, @testing-library/react, @testing-library/user-event)
  • Update dependency clsx to v2.1.1
  • Update dependency eslint to v8.57.0
  • Update dependency eslint-plugin-prettier to v5.1.3
  • Update dependency eslint-plugin-react to v7.34.1
  • Update dependency eslint-plugin-storybook to ^0.8.0
  • Update dependency prettier to v3.2.5
  • Update dependency typescript to v5.4.5
  • Update material-ui monorepo to v5.15.18 (@mui/icons-material, @mui/material)
  • Update react monorepo (@types/react, @types/react-dom, eslint-plugin-react-hooks, react, react-dom)
  • Update typescript-eslint monorepo to v6.21.0 (@typescript-eslint/eslint-plugin, @typescript-eslint/parser)
  • Update dependency eslint to v9
  • Update dependency husky to v9
  • Update storybook monorepo to v8 (major) (@storybook/addon-actions, @storybook/addon-essentials, @storybook/addon-links, @storybook/addon-mdx-gfm, @storybook/nextjs, @storybook/react, storybook)
  • Update testing-library monorepo (major) (@testing-library/dom, @testing-library/react)
  • Update typescript-eslint monorepo to v7 (major) (@typescript-eslint/eslint-plugin, @typescript-eslint/parser)
  • 🔐 Create all rate-limited PRs at once 🔐

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

github-actions
.github/workflows/main.yml
  • actions/checkout v3
  • actions/setup-node v3
  • c-hive/gha-yarn-cache v2
npm
package.json
  • @emotion/cache 11.11.0
  • @emotion/react 11.11.1
  • @emotion/server 11.11.0
  • @emotion/styled 11.11.0
  • @fontsource/roboto 5.0.8
  • @mui/icons-material 5.14.19
  • @mui/material 5.14.19
  • @reduxjs/toolkit 1.9.7
  • clsx 2.0.0
  • next 13.5.6
  • react 18.2.0
  • react-dom 18.2.0
  • react-redux 8.1.3
  • redux-devtools 3.7.0
  • @storybook/addon-actions 7.6.19
  • @storybook/addon-essentials 7.6.19
  • @storybook/addon-links 7.6.19
  • @storybook/addon-mdx-gfm 7.6.19
  • @storybook/nextjs 7.6.19
  • @storybook/react 7.6.19
  • @testing-library/dom 9.3.3
  • @testing-library/jest-dom 6.1.5
  • @testing-library/react 14.1.2
  • @testing-library/react-hooks 8.0.1
  • @testing-library/user-event 14.5.1
  • @types/jest 29.5.10
  • @types/node 18.19.2
  • @types/react 18.2.41
  • @types/react-dom 18.2.17
  • @types/react-redux 7.1.31
  • @typescript-eslint/eslint-plugin 6.13.1
  • @typescript-eslint/parser 6.13.1
  • babel-jest 29.7.0
  • babel-plugin-module-resolver 5.0.0
  • cypress 12.17.4
  • eslint 8.55.0
  • eslint-config-airbnb 19.0.4
  • eslint-config-next 13.5.6
  • eslint-config-prettier 9.1.0
  • eslint-plugin-import 2.29.0
  • eslint-plugin-jsx-a11y 6.8.0
  • eslint-plugin-node 11.1.0
  • eslint-plugin-prettier 5.0.1
  • eslint-plugin-react 7.33.2
  • eslint-plugin-react-hooks 4.6.0
  • eslint-plugin-storybook ^0.6.11
  • husky 8.0.3
  • jest 29.7.0
  • jest-environment-jsdom 29.7.0
  • lint-staged 14.0.1
  • npm-run-all 4.1.5
  • plop 3.1.2
  • prettier 3.1.0
  • storybook 7.6.19
  • tsconfig-paths-webpack-plugin 4.1.0
  • typescript 5.3.2
  • Check this box to trigger a request for Renovate to run again on this repository

CVE-2020-11023 (Medium) detected in jquery-1.9.0.min.js, jquery-1.11.3.js

CVE-2020-11023 - Medium Severity Vulnerability

Vulnerable Libraries - jquery-1.9.0.min.js, jquery-1.11.3.js

jquery-1.9.0.min.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js

Path to dependency file: react-next-starter/node_modules/es6-shim/test-sham/index.html

Path to vulnerable library: react-next-starter/node_modules/es6-shim/test-sham/index.html

Dependency Hierarchy:

  • jquery-1.9.0.min.js (Vulnerable Library)
jquery-1.11.3.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.js

Path to dependency file: react-next-starter/node_modules/es6-shim/test/index.html

Path to vulnerable library: react-next-starter/node_modules/es6-shim/test/index.html

Dependency Hierarchy:

  • jquery-1.11.3.js (Vulnerable Library)

Found in HEAD commit: 6d0ef4238c2633c9a2e7a67907d767db96ec9e7d

Found in base branch: main

Vulnerability Details

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Publish Date: 2020-04-29

URL: CVE-2020-11023

CVSS 3 Score Details (6.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023

Release Date: 2020-04-29

Fix Resolution: jquery - 3.5.0

Step up your Open Source Security Game with WhiteSource here

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.