GithubHelp home page GithubHelp logo

adyen / adyen-salesforce-headless-commerce-pwa Goto Github PK

View Code? Open in Web Editor NEW
4.0 5.0 1.0 4.2 MB

B2C Commerce Headless Integration Composable Storefront

License: MIT License

JavaScript 99.78% Shell 0.21% CSS 0.01%
adyen payment-gateway payment-integration payment-processing payments pwa

adyen-salesforce-headless-commerce-pwa's People

Contributors

amihajlovski avatar cenkiravul avatar elhanarinc avatar olga-adyen avatar renovate[bot] avatar rikterbeek avatar shanikantsingh avatar zaiddreakh avatar

Stargazers

avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

ayodejidev

adyen-salesforce-headless-commerce-pwa's Issues

[CRITICAL] Sensitive Adyen information is exposed to client side

Describe The Bug

Sensitive Adyen information is exposed to client side through application configurations.
Please note that all application configurations are exposed to the client side through SSR.

To Reproduce

Steps to reproduce the behavior:

  1. Start the adyen-retail-react-app
  2. Go to any page
  3. Open Console tab in the Developer Tools
  4. Print the Adyen configurations by window.__CONFIG__.app.sites[0].adyen

Expected Behavior

Sensitive information such as API keys, webhook accounts, webhook passwords, etc., must not be exposed to the client side.

Screenshots

adyen-configs

Additional Context

The issue has been occurring since version 1.0.0-beta.4, Adyen Installation step no. 6.

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

  • chore(deps): update dependency @testing-library/jest-dom to v6.4.2
  • chore(deps): update dependency @testing-library/react to v14.2.1
  • chore(deps): update dependency css-loader to v6.10.0
  • chore(deps): update dependency eslint to v8.57.0
  • chore(deps): update dependency eslint-plugin-react to v7.34.1
  • chore(deps): update dependency mini-css-extract-plugin to v2.8.1
  • chore(deps): update dependency webpack to v5.90.3
  • fix(deps): update dependency @adyen/api-library to v16.1.0
  • fix(deps): update dependency dotenv to v16.4.5
  • chore(deps): update actions/upload-artifact action to v4
  • chore(deps): update commitlint monorepo to v19 (major) (@commitlint/cli, @commitlint/config-conventional)
  • chore(deps): update dependency husky to v9
  • chore(deps): update github/codeql-action action to v3
  • ๐Ÿ” Create all rate-limited PRs at once ๐Ÿ”

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

github-actions
.github/workflows/codeql-analysis.yml
  • actions/checkout v4
  • github/codeql-action v2
  • github/codeql-action v2
  • github/codeql-action v2
.github/workflows/e2e.yml
  • actions/checkout v3
  • actions/setup-node v3
  • actions/upload-artifact v3
.github/workflows/npm-publish.yml
  • actions/checkout v4
  • actions/setup-node v4
.github/workflows/npm-unpublish.yml
  • actions/checkout v4
  • actions/setup-node v4
npm
package.json
  • @commitlint/cli ^18.2.0
  • @commitlint/config-conventional ^18.1.0
  • husky ^8.0.3
  • node ^16.0.0 || ^18.0.0
  • npm ^7.0.0 || ^8.0.0 || ^9.0.0
packages/adyen-retail-react-app/package.json
  • @salesforce/retail-react-app 2.0.0
  • css-loader ^6.8.1
  • dotenv ^16.3.1
  • style-loader ^3.3.3
  • node ^16.0.0 || ^18.0.0
  • npm ^7.0.0 || ^8.0.0 || ^9.0.0
packages/adyen-salesforce-pwa/package.json
  • @adyen/adyen-web ^5.51.0
  • @adyen/api-library ^16.0.1
  • @salesforce/retail-react-app 2.0.0
  • dotenv ^16.3.1
  • express-validator ^7.0.1
  • minimist ^1.2.8
  • node-fetch ^3.3.2
  • uuid ^9.0.1
  • @babel/core ^7.23.3
  • @babel/preset-env ^7.23.3
  • @babel/preset-react ^7.23.3
  • @testing-library/jest-dom ^6.2.0
  • @testing-library/react ^14.1.2
  • babel-jest ^29.7.0
  • babel-loader ^9.1.3
  • clean-webpack-plugin ^4.0.0
  • cross-spawn ^7.0.3
  • css-loader ^6.8.1
  • eslint ^8.54.0
  • eslint-plugin-react ^7.33.2
  • file-loader ^6.2.0
  • html-webpack-plugin ^5.5.3
  • jest ^29.7.0
  • jest-environment-jsdom ^29.7.0
  • jest-extended ^4.0.2
  • mini-css-extract-plugin ^2.7.6
  • style-loader ^3.3.3
  • url-loader ^4.1.1
  • webpack ^5.89.0
  • webpack-cli ^5.1.4
  • Check this box to trigger a request for Renovate to run again on this repository

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.