Add linting, formatting and pre-commit (#53)

* Add dev-dependancies * Security update npm packages * Force audit fix * Add linting, formatting and precommit * Format files
2025-09-15 09:53:28 +01:00 · 2024-04-29 13:21:31 +01:00
parent 80813d48e3
commit 8449b30401
18 changed files with 4064 additions and 2039 deletions
--- a/app.js
+++ b/app.js
@@ -4,7 +4,7 @@ var path = require('path');
 var cookieParser = require('cookie-parser');
 var mLogger = require('morgan');
 var logger = require('./config/winston');
-const helmet = require("helmet");
+const helmet = require('helmet');

 var indexRouter = require('./routes/index');
 var aboutRouter = require('./routes/about');
@@ -12,7 +12,8 @@ var contactRouter = require('./routes/contact');

 var app = express();

-if (process.env.IS_DOCKER != 'true') app.set('trust proxy', 'loopback,uniquelocal');
+if (process.env.IS_DOCKER != 'true')
+  app.set('trust proxy', 'loopback,uniquelocal');
 app.disable('x-powered-by');

 // view engine setup
@@ -20,26 +21,43 @@ app.set('views', path.join(__dirname, 'views'));
 app.set('view engine', 'pug');

 if (process.env.NODE_ENV === 'production') {
-    app.use(mLogger("common", { "stream": logger.stream }));
+  app.use(mLogger('common', { stream: logger.stream }));
 } else {
-    app.use(mLogger('dev'));
+  app.use(mLogger('dev'));
 }

 app.use(helmet());
 app.use(
-    helmet.contentSecurityPolicy({
-      directives: {
-        defaultSrc: ["'self'"],
-        scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'", "https://hcaptcha.com", "https://*.hcaptcha.com", "https://cdn.ravenjs.com/"],
-        imgSrc: ["'self'", "https://blog.pastel.codes", "https://static.ghost.org", "https://secure.gravatar.com"],
-        styleSrc: ["'self'", "'unsafe-inline'", "https://hcaptcha.com", "https://*.hcaptcha.com"],
-        fontSrc: ["'self'", "data:"],
-        frameSrc: ["https://hcaptcha.com", "https://*.hcaptcha.com"],
-        objectSrc: ["'none'"],
-        upgradeInsecureRequests: [],
-      },
-    })
-  );
+  helmet.contentSecurityPolicy({
+    directives: {
+      defaultSrc: ["'self'"],
+      scriptSrc: [
+        "'self'",
+        "'unsafe-inline'",
+        "'unsafe-eval'",
+        'https://hcaptcha.com',
+        'https://*.hcaptcha.com',
+        'https://cdn.ravenjs.com/',
+      ],
+      imgSrc: [
+        "'self'",
+        'https://blog.pastel.codes',
+        'https://static.ghost.org',
+        'https://secure.gravatar.com',
+      ],
+      styleSrc: [
+        "'self'",
+        "'unsafe-inline'",
+        'https://hcaptcha.com',
+        'https://*.hcaptcha.com',
+      ],
+      fontSrc: ["'self'", 'data:'],
+      frameSrc: ['https://hcaptcha.com', 'https://*.hcaptcha.com'],
+      objectSrc: ["'none'"],
+      upgradeInsecureRequests: [],
+    },
+  })
+);

 app.use(express.json());
 app.use(express.urlencoded({ extended: false }));
@@ -51,19 +69,19 @@ app.use('/about', aboutRouter);
 app.use('/contact', contactRouter);

 // catch 404 and forward to error handler
-app.use(function(req, res, next) {
-    next(createError(404));
+app.use(function (req, res, next) {
+  next(createError(404));
 });

 // error handler
-app.use(function(err, req, res, next) {
-    // set locals, only providing error in development
-    res.locals.message = err.message;
-    res.locals.error = req.app.get('env') === 'development' ? err : {};
+app.use(function (err, req, res, _next) {
+  // set locals, only providing error in development
+  res.locals.message = err.message;
+  res.locals.error = req.app.get('env') === 'development' ? err : {};

-    // render the error page
-    res.status(err.status || 500);
-    res.render('error', { title: 'Error', description: "Error" });
+  // render the error page
+  res.status(err.status || 500);
+  res.render('error', { title: 'Error', description: 'Error' });
 });

 module.exports = app;