Fix: Resolve Content Security Policy issue in vue-i18n

The web page stopped loading due to a Content Security Policy violation
error caused by the use of the "new Function" construct in vue-i18n
ver

Fix: Resolve Content Security Policy issue in vue-i18n

The web page stopped loading due to a Content Security Policy violation
error caused by the use of the "new Function" construct in vue-i18n
version 9.13.1. Upgrading to vue-i18n version 10.0.5 resolves this issue

Change-Id: I57fa72a4ee8edc282a122e42358a77e254c7943f
Signed-off-by: Glukhov Mikhail <mikl@greenfil.ru>

show more ...

Removed TFTP code update option

- Removed TFTP server firmware update ability in the UI.

Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Signed-off-by: Surya Venkatesan <suryav@ami.com>
Change-Id:

Removed TFTP code update option

- Removed TFTP server firmware update ability in the UI.

Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Signed-off-by: Surya Venkatesan <suryav@ami.com>
Change-Id: Icbeddc7a3faa262f12e85268206ae70850f37905

show more ...

i18n, vue-router and vuex upgrade

1. Configuration of i18n legacy as false.
2. Translation function t is called using the useI18n.
3. Used the i18n.global.t() function from i18n instead of this.$t()

i18n, vue-router and vuex upgrade

1. Configuration of i18n legacy as false.
2. Translation function t is called using the useI18n.
3. Used the i18n.global.t() function from i18n instead of this.$t()
4. Event bus error that occurred during logout.
5. Implemented vue-router 4.4.0 and vuex upgrade to 4.1.0

Change-Id: I9464d82c76dcc1445ce271983ea3ab9d7b03d265
Signed-off-by: Surya Venkatesan <suryav@ami.com>

show more ...

Upgrade vue3 and all dependencies

Start the process of porting everything to Vue 3. I have most things
working. npm run-scripts build works, npm install works. prettier
passes. Styles load, logi

Upgrade vue3 and all dependencies

Start the process of porting everything to Vue 3. I have most things
working. npm run-scripts build works, npm install works. prettier
passes. Styles load, login works, webui loads.

This was primarily done using the linked documents below. It makes the
following design decisions:
1. Vue is put in compat 2 mode, which allows most of the components to
work as-is.
2. Bootstrap v4 is used along with bootstrap-vue to keep our components
working.
3. Minor changes are made to load the latest versions of vue-router,
vuex, and vue-i18n.

I suspect this patchset is good enough to start with, and we can clean
up the broken things one patchset at a time. The things that need to
happen are:

1. Get remaining features working again. This primiarily is vue-i18n
for mixins, and non vue components. This likely needs to be done by
not pulling in i18n into the non vue components, then using the .Vue
files to do the internationalization in the component context, NOT in
the mixin context. Alternatively, we could drop MixIns alltogether.
2. Get custom styles working again. Previously, we used some path
hackery in vue.config.js to optionally pre-load styles. This stops
working now that we're required to @import our modules. Likely we
need some rearangement of the paths such that custom styles are a
complete replacement (possibly importing the original) rather than
additive with overrides. That's a guess, but I don't really see
anyone else doing customization the way we've defined it here.
3. Bootstrap 5 no longer requires ANY custom vue modules, as it has
dropped the jquery dependency. We won't be able to pull in bootstrap
5 all at once, so pull in bootstrap 5 under an alias, like
"bootstrap5" that we can optionally import 5 or 4.
4. One at a time, start porting components over to Vue3 syntax and
bootstrap 5. This will be the bulk of the manual work and review.

The only thing I think left is getting unit tests passing, which I
commented out the pre-commit hook to make this PR.

Tested: Code builds. Needs better testing.

[1] https://router.vuejs.org/guide/migration/
[2] https://vue-i18n.intlify.dev/guide/migration/vue3
[3] https://vuelidate-next.netlify.app/migration_guide.html#package-name-and-imports

Change-Id: I5bb3187b9efbf2e4ff63e57994bc528756e2a981
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Implement response caching

Bmcweb supports the If-None-Match and etag headers on responses. While
for static files, we can do a direct set, for responses, there's no way
to cache values.

Add cachi

Implement response caching

Bmcweb supports the If-None-Match and etag headers on responses. While
for static files, we can do a direct set, for responses, there's no way
to cache values.

Add caching support by adding what seems to be a well supported axios
package. Note the intent is that the cache expires immediately, such
that the bmc will always be polled for results, and return 304 when not
modified. Additionally, we currently cache these values in the session
context, such that they can be reused on refresh.

Tested: webui loads properly. Upon navigating to a logs page, and back,
the network console shows the bmc returning nearly all redfish responses
with 304, not modified.

Change-Id: I2e8067a88a0352226db9f987d1508ab5bf266b92
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Inline SVG

Having the SVG files loaded as a separate package significantly
increases the load time of the UI, as it forces the images to be
downloaded AFTER the page has loaded.

This commit adds th

Inline SVG

Having the SVG files loaded as a separate package significantly
increases the load time of the UI, as it forces the images to be
downloaded AFTER the page has loaded.

This commit adds the vue-svg-inline-loader, and appropriate config such
that the styles can be inlined, and a second trip to the BMC is not
required to load the login screen. This improves the "time to glass" of
the webui quite a bit.

Tested: Webui loads. Network tab shows svg files are not loaded. Webui
login page looks correct.
First load of the webui renders 500ms faster (1.9s vs 1.4s)

Change-Id: Iebcd9ab5df6edad0a1a5c53c028eccd2fda8f63c
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Upgraded Axios version

Current Axios version was 0.21.4, this version has a CSRF vulnerability.
https://github.com/axios/axios/issues/6022.

v1.6.0 has fixed this problem, upgrade Axios to that vers

Upgraded Axios version

Current Axios version was 0.21.4, this version has a CSRF vulnerability.
https://github.com/axios/axios/issues/6022.

v1.6.0 has fixed this problem, upgrade Axios to that version.
Reference: https://github.com/axios/axios/pull/6028

The package-lock.json was generated by pointing bitbake at my local repo
and building the image. devtool modify -n webui-vue <local repo>

This uses the npm version in yocto 10.4.0.

Tested: Loaded this on a p10bmc and GUI looked good.

Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Change-Id: Ifb0d64c7d4d15d2396ee6d83d609ab8522d9e247
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Upgrade eslint

Being on an old version of eslint is causing conflicts in our builds,
but because we pull in the @vue/cli-plugin-eslint plugin, we can't
upgrade. @vue is non trial to update, because

Upgrade eslint

Being on an old version of eslint is causing conflicts in our builds,
but because we pull in the @vue/cli-plugin-eslint plugin, we can't
upgrade. @vue is non trial to update, because webui-vue is on vue 4.X,
while the latest is 5.X.

This commit upgrades eslint to the latest version, and at the same time
disables @vue/cli-plugin-eslint. Not having a cli plugin doesn't seem
like it would be any amount of impact, as devs can just run eslint
manually.

At the same time, to fix a minor issue, update all of @vue to the latest
minor revision 4.5.12->4.5.19

Change-Id: I3ca9c7bbee5bdf9046d86e25e7130808b9caaa2b
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

prettier: re-format

Prettier is enabled in openbmc-build-scripts on Markdown, JSON, and YAML
files to have consistent formatting for these file types. Re-run the
formatter on the whole repository.

prettier: re-format

Prettier is enabled in openbmc-build-scripts on Markdown, JSON, and YAML
files to have consistent formatting for these file types. Re-run the
formatter on the whole repository.

Change-Id: I2804ee3ab5ff6bcbf986b028db2fafec8e616779
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Update axios to 0.21.4

Update axios to the latest to include the fix for this CVE:
https://nvd.nist.gov/vuln/detail/CVE-2021-3749

Tested:
Built and logged into the web UI successfully.

Signed-off-

Update axios to 0.21.4

Update axios to the latest to include the fix for this CVE:
https://nvd.nist.gov/vuln/detail/CVE-2021-3749

Tested:
Built and logged into the web UI successfully.

Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
Change-Id: I40e858ac244179bf90e3314726e67db35e8ebef3

show more ...

Update all minor and patch releases

Updated NPM packages with minor and patch releases only.

Tested the UI locally and by building copying to the BMC and running in
an overlay and did not observe b

Update all minor and patch releases

Updated NPM packages with minor and patch releases only.

Tested the UI locally and by building copying to the BMC and running in
an overlay and did not observe breaking changes.

Major releases are not updated in this commit as they require
additional testing and code updates to address breaking changes and will
be updated separately once those updates are stable.


Signed-off-by: Dixsie Wolmers <dixsie@ibm.com>
Change-Id: I73c952a75a1148c5852a18d73b9065083fd8e94c

show more ...

Update linting and code formatting node packages

- Updated eslint, eslint-plugin-prettier, eslint-plugin-vue, lint-staged and prettier packages.

Signed-off-by: Suren Neware <sneware9@in.ibm.com>
Ch

Update linting and code formatting node packages

- Updated eslint, eslint-plugin-prettier, eslint-plugin-vue, lint-staged and prettier packages.

Signed-off-by: Suren Neware <sneware9@in.ibm.com>
Change-Id: Iaf80c39a90506a820957c5531054ea96d4a3f458

show more ...

Update vue cli node modules

- Updated babel, eslint, router, unit-jest, vuex plugins to the latest
release.
- Updated latest release is 4.5.10

Signed-off-by: Suren Neware <sneware9@in.ibm.com>
Ch

Update vue cli node modules

- Updated babel, eslint, router, unit-jest, vuex plugins to the latest
release.
- Updated latest release is 4.5.10

Signed-off-by: Suren Neware <sneware9@in.ibm.com>
Change-Id: Ie9c69bab10542ae9242f2a190dec1b3919a67ede

show more ...

Run test script as part of the pre-commit hook

Now that we have added more unit testing, it will be beneficial to
run the unit test script prior to check in. Eventually, we will want
this to be part

Run test script as part of the pre-commit hook

Now that we have added more unit testing, it will be beneficial to
run the unit test script prior to check in. Eventually, we will want
this to be part of the CI build process since Git pre-hooks can be
avoided.

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: I59aad81a470176d2f6a5afeb130661c642f4d259

show more ...

Update axios to remove vulnerabilities

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: I145192b4fc6f72c8ed4742c4d3c019c35da0ce6f

Add unit testing documentation

- Add unit testing section and page

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: I693b0576a5815aa7181c5ce068334509b99c7fc7

Update failing unit tests

- Add babel plugin to handle Jest import of SVG. Without plugin the
test fails with a require.context() is undefined
- Update snapshot tests that have changed
- Removed glo

Update failing unit tests

- Add babel plugin to handle Jest import of SVG. Without plugin the
test fails with a require.context() is undefined
- Update snapshot tests that have changed
- Removed globals from .eslintrc.js that were needed prior to
migrating from Mocha and Chai to Jest

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: Ibd01d2e629b5ecb47d072e277e4e9b5ae5c5f001

show more ...

Update linting packages to use latest

- 99% of changes were small syntax changes that were changed by the
lint command. There were a couple of small manual changes to meet the
property order pattern

Update linting packages to use latest

- 99% of changes were small syntax changes that were changed by the
lint command. There were a couple of small manual changes to meet the
property order patterns established as part of the vue:recommended
guidelines.

There are rules that were set from errors to warnings and new stories
are being opened to address those issues.

Testing:
- Successfully ran npm run serve
- Successfully ran npm run lint
- Verified functionality works as expected, e.g. success and failure use cases
- Resolved any JavaScript errors thrown to the console

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: Ie082f31c73ccbe8a60afa8f88a9ef6dbf33d9fd2

show more ...

Update compression-webpack-plugin

- Update to latest major release, 6.0.3
- Resolve one of two existing npm security vulnerabilities

This plugin is only used for production builds to delete any ass

Update compression-webpack-plugin

- Update to latest major release, 6.0.3
- Resolve one of two existing npm security vulnerabilities

This plugin is only used for production builds to delete any assets
created by the plugin. This will remove any of the non-compressed files
from the dist folder.

Testing:
- Ran build and deployed to a BMC
- Verified all views functional and spot tested functionality
- Successfully added and deleted a user
- Successfully changed date and time settings and date and time display
- Successfully power cycled the system

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: I86b06f30928fc33d189e24281c516ad39628b764

show more ...

Resolve npm vulnerabilities

Ran npm outdated to determine what packages had updates and updated
all packages with a patch or minor release. This will resolve all but
two errors. The remaining errors

Resolve npm vulnerabilities

Ran npm outdated to determine what packages had updates and updated
all packages with a patch or minor release. This will resolve all but
two errors. The remaining errors are in modules used for the
development process only. To see these two vulnerabilities run the
npm audit command.

- Update vue-i18n-loader to use new library as the previous has been
migrated

Testing:
- Ran application locally and tested every page
- Ran documentation and tested locally
- Ran build script and tested on the BMC
- Ran the docs build without any errors

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: I7603588bd732167749a403b9f6279a0ad50ccc12

show more ...

Resolve Content-Security-Policy error

In Firefox there was an no unsafe eval error which was caused when
users had the vue dev tools extenstion installed and enabled. The other
issue was the loading

Resolve Content-Security-Policy error

In Firefox there was an no unsafe eval error which was caused when
users had the vue dev tools extenstion installed and enabled. The other
issue was the loading of a resrouce at inline (style-src) which was
caused by the SVG icons coming from the Carbon icons vue library.

- Updated the Carbon icons to the latest version to resolve
the CSP issue.
- Remove chainwebpack option only used for prefecth as this is not
needed. Originally this was an issue when using code splitting.
Changing how we import views for routes and creating a single bundle
removes the need for this option.
- Update how fill color is applied to StatusIcon component. The Carbon
icons update results in adding the fill property to the svg container
does not cascade resulting in all icons rendering as their default
fill color.

GitHub Issue: https://github.com/openbmc/webui-vue/issues/32

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: I4846f80c993c129d5e88fceda13d53fab51d7c8a

show more ...

Update vuepress to fix hot reloading

- Version 1.5 had an issue with hot reloading that was resolved in
version 1.5.1
- Update vue and vue-template-compiler to vue@2.6.12 to resolve
vuepress depende

Update vuepress to fix hot reloading

- Version 1.5 had an issue with hot reloading that was resolved in
version 1.5.1
- Update vue and vue-template-compiler to vue@2.6.12 to resolve
vuepress dependencies

Testing:
- Ran docs locally (npm run docs:serve) and verified all pages
- Ran app locally (npm run serve) and spot tested several pages

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: Iec3494e00756040d9ce2f9ae6d1475f37dba0032

show more ...

Update Vuex package to v3.5.1

New hasModule method was added in v3.2.0. This new feature is needed
with env specific work being done for the two image firmware update
work.

Signed-off-by: Yoshie Mu

Update Vuex package to v3.5.1

New hasModule method was added in v3.2.0. This new feature is needed
with env specific work being done for the two image firmware update
work.

Signed-off-by: Yoshie Muranaka <yoshiemuranaka@gmail.com>
Change-Id: Ia2a9168f76eb36a586913bd6371533eea0981b1c

show more ...

Remove unused npm package

- We are not using the chai npm package. It was not removed after
moving to Jest

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: I13bb8296bfa06a40e855e

Remove unused npm package

- We are not using the chai npm package. It was not removed after
moving to Jest

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: I13bb8296bfa06a40e855ec3ae43625b668e92cf0

show more ...

Relace node-sass with dart-sass

Vue recommends using dart-sass as it implements updates before
node-sass. This should also resolve a dependency that node-sass has on
Python that is causing issues wi

Relace node-sass with dart-sass

Vue recommends using dart-sass as it implements updates before
node-sass. This should also resolve a dependency that node-sass has on
Python that is causing issues with the build process.

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: I71bf86f6f6ea15b866183bc0c00fabc72021238f

show more ...