initial commit

Author: Rob DeRosa

.eslintignore

@@ -0,0 +1,3 @@
+dist/
+lib/
+node_modules/

.eslintrc.json

@@ -0,0 +1,54 @@
+{
+    "plugins": ["jest", "@typescript-eslint"],
+    "extends": ["plugin:github/recommended"],
+    "parser": "@typescript-eslint/parser",
+    "parserOptions": {
+      "ecmaVersion": 9,
+      "sourceType": "module",
+      "project": "./tsconfig.json"
+    },
+    "rules": {
+      "eslint-comments/no-use": "off",
+      "import/no-namespace": "off",
+      "no-unused-vars": "off",
+      "@typescript-eslint/no-unused-vars": "error",
+      "@typescript-eslint/explicit-member-accessibility": ["error", {"accessibility": "no-public"}],
+      "@typescript-eslint/no-require-imports": "error",
+      "@typescript-eslint/array-type": "error",
+      "@typescript-eslint/await-thenable": "error",
+      "@typescript-eslint/ban-ts-comment": "error",
+      "camelcase": "off",
+      "@typescript-eslint/consistent-type-assertions": "error",
+      "@typescript-eslint/explicit-function-return-type": ["error", {"allowExpressions": true}],
+      "@typescript-eslint/func-call-spacing": ["error", "never"],
+      "@typescript-eslint/no-array-constructor": "error",
+      "@typescript-eslint/no-empty-interface": "error",
+      "@typescript-eslint/no-explicit-any": "error",
+      "@typescript-eslint/no-extraneous-class": "error",
+      "@typescript-eslint/no-for-in-array": "error",
+      "@typescript-eslint/no-inferrable-types": "error",
+      "@typescript-eslint/no-misused-new": "error",
+      "@typescript-eslint/no-namespace": "error",
+      "@typescript-eslint/no-non-null-assertion": "warn",
+      "@typescript-eslint/no-unnecessary-qualifier": "error",
+      "@typescript-eslint/no-unnecessary-type-assertion": "error",
+      "@typescript-eslint/no-useless-constructor": "error",
+      "@typescript-eslint/no-var-requires": "error",
+      "@typescript-eslint/prefer-for-of": "warn",
+      "@typescript-eslint/prefer-function-type": "warn",
+      "@typescript-eslint/prefer-includes": "error",
+      "@typescript-eslint/prefer-string-starts-ends-with": "error",
+      "@typescript-eslint/promise-function-async": "error",
+      "@typescript-eslint/require-array-sort-compare": "error",
+      "@typescript-eslint/restrict-plus-operands": "error",
+      "semi": "off",
+      "@typescript-eslint/semi": ["error", "never"],
+      "@typescript-eslint/type-annotation-spacing": "error",
+      "@typescript-eslint/unbound-method": "error"
+    },
+    "env": {
+      "node": true,
+      "es6": true,
+      "jest/globals": true
+    }
+  }

.github/dependabot.yml

@@ -0,0 +1,9 @@
+version: 2
+updates:
+  # Enable version updates for npm
+  - package-ecosystem: 'npm'
+    # Look for `package.json` and `lock` files in the `root` directory
+    directory: '/'
+    # Check the npm registry for updates every day (weekdays)
+    schedule:
+      interval: 'daily'

.github/workflows/detect-pii.yml

@@ -0,0 +1,31 @@
+name: 'pii-detection'
+on:
+  issues:
+    types:
+      - opened
+      - edited
+  issue_comment:
+    types:
+      - created
+      - edited
+  pull_request:
+    types:
+      - opened
+      - edited
+  pull_request_review_comment:
+    types:
+      - created
+      - edited
+jobs:
+  detect-pii:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ./
+        name: "run PII detector"
+        with:
+          azure-cognitive-subscription-key: ${{ secrets.AZURE_COGNITIVE_SUBSCRIPTION_KEY }}
+          azure-cognitive-endpoint: ${{ secrets.AZURE_COGNITIVE_ENDPOINT }}
+          categories: "email|ip|phone number"
+          label-text: "PII DETECTED!!"
+          github-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/package_violation.js

@@ -0,0 +1,51 @@
+module.exports = async (gh) => {
+
+  let violations = gh.core.getInput("violations", {});
+
+  if (!violations || violations.length == 0) {
+    console.log("No violations detected.")
+    return;
+  }
+
+  let packages = JSON.parse(violations);
+  let bodyMessage = "## :package: Package Policy Violation\n\n" +
+    `Commit: ${gh.context.sha}\n\n` +
+    "The following referenced package(s) violate the package policy put in place by the administrator of this repository:\n";
+
+  packages.forEach((item) => {
+    bodyMessage += `\n- [ ] :x: ${item.name} - ${item.version}`;
+  });
+  bodyMessage += "\n\nPlease choose alternate packages that conform to the package policy and re-attempt."
+
+  if (gh.context.eventName == "push") {
+    let issue = await gh.github.issues.create({
+      owner: gh.context.repo.owner,
+      repo: gh.context.repo.repo,
+      title: "Package Violation Detected!!",
+      assignee: gh.context.payload.pusher.name,
+      body: bodyMessage,
+      labels: ["Package Violation"],
+    });
+
+    console.log(`Issue created - ${issue.data.number} - ${issue.data.html_url}`);
+  } else {
+
+    await gh.github.issues.addLabels({
+      labels: ["Package Violation"],
+      owner: gh.context.repo.owner,
+      repo: gh.context.repo.repo,
+      issue_number: gh.context.payload.pull_request.number
+    })
+
+    let issue = await gh.github.issues.createComment({
+      owner: gh.context.repo.owner,
+      repo: gh.context.repo.repo,
+      issue_number: gh.context.payload.pull_request.number,
+      body: bodyMessage
+    })
+
+    console.log(`Pull request labeled and commented - ${issue.data.number} - ${issue.data.html_url}`);
+  }
+
+  gh.core.setFailed("!!! PACKAGE POLICY VIOLATIONS DETECTED !!!");
+}

.github/workflows/pp-test.yml

@@ -0,0 +1,29 @@
+name: "Enforce Package Policy"
+on:
+  push:
+  pull_request:
+    types:
+      - opened
+      - edited
+jobs:
+  enforce-package-policy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: rob-derosa/package-policy@v1
+        name: "Check for package violations"
+        id: package-policy
+        with:
+          policy: allow
+          policy-url: "https://gist.githubusercontent.com/rob-derosa/965f4d51e5eb006a928cffe176998923/raw/1293e1273e66dfa8574ea3579261d95fc4670373/policy.json"
+          fail-if-violations: false
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: actions/github-script@v2
+        name: "Respond to package violations"
+        id: post-script
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          violations: ${{steps.package-policy.outputs.violations}}
+          script: |
+            const script = require(`${process.env.GITHUB_WORKSPACE}/.github/workflows/package_violation.js`)
+            await script({github, context, core})

.gitignore

@@ -0,0 +1,99 @@
+# Dependency directory
+node_modules
+
+# Rest pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+jspm_packages/
+
+# TypeScript v1 declaration files
+typings/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+.env.test
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+
+# next.js build output
+.next
+
+# nuxt.js build output
+.nuxt
+
+# vuepress build output
+.vuepress/dist
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# OS metadata
+.DS_Store
+Thumbs.db
+
+# Ignore built ts files
+__tests__/runner/*
+lib/**/*

.prettierignore

@@ -0,0 +1,3 @@
+dist/
+lib/
+node_modules/

.prettierrc.json

@@ -0,0 +1,10 @@
+{
+  "printWidth": 80,
+  "tabWidth": 2,
+  "useTabs": false,
+  "semi": false,
+  "singleQuote": true,
+  "trailingComma": "none",
+  "bracketSpacing": false,
+  "arrowParens": "avoid"
+}

.vscode/launch.json

@@ -0,0 +1,17 @@
+{
+    // Use IntelliSense to learn about possible attributes.
+    // Hover to view descriptions of existing attributes.
+    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "type": "node",
+            "request": "launch",
+            "name": "Launch Program",
+            "skipFiles": [
+                "<node_internals>/**"
+            ],
+            "program": "${workspaceFolder}/lib/main.js"
+        }
+    ]
+}