那些遇到过的问题

小编P. *_*uhn的帖子

如何摆脱'hoek'漏洞

我最近将一个Angular CLI 5应用程序推送到GitHub,它指出了以下内容:

We found a potential security vulnerability in one of your dependencies.
A dependency defined in net-incident/package-lock.json has known security vulnerabilities and should be updated.
Dependencies defined in net-incident/package-lock.json 816
hapijs / hoek Known security vulnerability in 2.16.3
Run Code Online (Sandbox Code Playgroud)

我已经完成了'npm audit'的输出并执行了各种更新,包括以下内容(未提示):

npm install --save-dev request@2.86.0

'request'包中包含'hawk',其中包含'hoek'.当我查看node_modules中的'request'包时,版本已更改.但是来自'npm audit'的以下两个更新似乎没有做任何事情:

npm update fsevents --depth 4 npm update stringstream --depth 5

我留下以下内容:

[!] 33 vulnerabilities found [12201 packages audited]
    Severity: 5 Low | 24 Moderate | 4 High
    Run `npm audit` for more …
Run Code Online (Sandbox Code Playgroud)

github node.js npm angular

P. *_*uhn
lucky-day
24
推荐指数
1
解决办法
2335
查看次数

Jasmine Angular 9 测试失败,因为injectableDefOrInjectorDefFactory 处的“无法访问”堆栈跟踪

我在 4 下创建了一个 Angular 应用程序。我已经从一个版本迁移到另一个版本,目前是最新的版本 9。我正在审查我的测试。我有一个登录组件,我有 3 个工作测试,现在都失败了。它现在返回以下内容:

LoginComponent should be created ...
Failed: unreachable
Error: unreachable
    at injectableDefOrInjectorDefFactory (http://localhost:9876/_karma_webpack_/node_modules/@angular/core/__ivy_ngcc__/fesm2015/core.js:17302:1)
    at providerToFactory (http://localhost:9876/_karma_webpack_/node_modules/@angular/core/__ivy_ngcc__/fesm2015/core.js:17402:1)
    at providerToRecord (http://localhost:9876/_karma_webpack_/node_modules/@angular/core/__ivy_ngcc__/fesm2015/core.js:17349:1)
    at R3Injector.processProvider (http://localhost:9876/_karma_webpack_/node_modules/@angular/core/__ivy_ngcc__/fesm2015/core.js:17165:1)
    at http://localhost:9876/_karma_webpack_/node_modules/@angular/core/__ivy_ngcc__/fesm2015/core.js:17144:1
    at http://localhost:9876/_karma_webpack_/node_modules/@angular/core/__ivy_ngcc__/fesm2015/core.js:1400:1
    at Array.forEach (<anonymous>)
    at deepForEach (http://localhost:9876/_karma_webpack_/node_modules/@angular/core/__ivy_ngcc__/fesm2015/core.js:1400:1)
    at R3Injector.processInjectorType (http://localhost:9876/_karma_webpack_/node_modules/@angular/core/__ivy_ngcc__/fesm2015/core.js:17140:1)
    at http://localhost:9876/_karma_webpack_/node_modules/@angular/core/__ivy_ngcc__/fesm2015/core.js:16881:1
Run Code Online (Sandbox Code Playgroud)

Jasmine测试如下:

// File: login.component.spec.ts
import { async, ComponentFixture, TestBed, inject, fakeAsync, tick } from '@angular/core/testing';
import { FormsModule, ReactiveFormsModule, NgForm } from '@angular/forms';
import { BrowserAnimationsModule } from '@angular/platform-browser/animations';
import { of, throwError } from 'rxjs'; …
Run Code Online (Sandbox Code Playgroud)

jasmine angular angular-ivy

P. *_*uhn
lucky-day
21
推荐指数
2
解决办法
5170
查看次数

在Jasmine测试中AfterViewInit的生命周期钩子

我对生命周期钩子与Jasmine测试的关系感到困惑.LifeCycle Angular doc没有提及测试https://angular.io/guide/lifecycle-hooks.测试文档仅提及OnChange https://angular.io/guide/testing.我有一个示例组件如下:

import { Component, OnInit, AfterViewInit, OnDestroy, ElementRef } from '@angular/core';
...
@Component({
  selector: 'app-prod-category-detail',
  templateUrl: './prod-category-detail.component.html',
  styleUrls: ['./prod-category-detail.component.css']
})
//
export class ProdCategoryDetailComponent implements OnInit, AfterViewInit, OnDestroy {
    ...
    nav: HTMLSelectElement;
    //
    constructor(
        ...
        private _elementRef: ElementRef ) { }
    ...
    ngAfterViewInit() {
        console.log( 'ProdCategoryDetailComponent: ngAfterViewInit' );
        this.nav = this._elementRef.nativeElement.querySelector('#nav');
    }
    ...
}
Run Code Online (Sandbox Code Playgroud)

请注意,这是一个具有最新下载的Angular CLI应用程序.在Karma中,我没有看到控制台日志,因此从未设置导航.我目前在我的规范中调用它如下:

beforeEach(() => {
  fixture = TestBed.createComponent(ProdCategoryDetailComponent);
  sut = fixture.componentInstance;
  sut.ngAfterViewInit( );
  fixture.detectChanges( );
});
Run Code Online (Sandbox Code Playgroud)

这是处理这个问题的正确方法吗?

对于舒森而言,这是从前一段时间开始的,我有一段时间没有看过这个.希望它会有所帮助.注意,我使用的是Primeface …

jasmine typescript karma-jasmine angular

P. *_*uhn
2018 03-10
11
推荐指数
1
解决办法
7174
查看次数

Angular 从 14 更新到版本 15,现在 ng 测试得到“未找到规格”

我已将 Angular 14 应用程序更新为 Angular 15.1.4 应用程序。该应用程序是使用 Angular 4 创建的,并更新到每个后续版本。

\n

\'ngserve\' 构建并启动应用程序。由于启动服务和测试时出现一条消息,我最终删除了 .browserslistrc。运行“ng test”,我得到“未找到规格”,尽管我应该进行 100 次测试。测试在版本 14 中有效。测试浏览器中的消息是:

\n
Incomplete: No specs found, , randomized with seed 89005\n
Run Code Online (Sandbox Code Playgroud)\n

命令行上的消息是:

\n
> ng test\n\xe2\x88\x9a Browser application bundle generation complete.\n11 02 2023 14:29:13.412:WARN [karma]: No captured browser, open http://localhost:9876/\n11 02 2023 14:29:13.429:INFO [karma-server]: Karma v6.4.1 server started at http://localhost:9876/\n11 02 2023 14:29:13.430:INFO [launcher]: Launching browsers Chrome with concurrency unlimited\n11 02 2023 14:29:13.436:INFO [launcher]: Starting browser Chrome\n11 02 2023 14:29:18.071:INFO [Chrome …
Run Code Online (Sandbox Code Playgroud)

karma-jasmine angular

P. *_*uhn
lucky-day
7
推荐指数
1
解决办法
6129
查看次数

如何在 Jasmine 测试中与 ng-boostrap 模态交互

我正在使用带有 angular @ng-bootstrap 库https://ng-bootstrap.github.io/#/components/modal 的引导程序 4 。我写了一个简单的确认弹出模态消息,如下:

<div id='modalContainer' ngbModalContainer class="modal-content" aria-labelledby='ModalConfirmPopup'  aria-describedby='message'>
  <div class="modal-header">
    <h4 id='title' class="modal-title">Confirm</h4>
    <button id='dismissButton' type="button" class="close" aria-label="Close" (click)="activeModal.dismiss(false)">
      <span aria-hidden="true">&times;</span>
    </button>
  </div>
  <div class="modal-body">
    <p id='message'>{{ message }}</p>
  </div>
  <div class="modal-footer">
    <button id='okButton' type='button' class='btn btn-primary' (click)='activeModal.close(true)'>OK</button>
    <button id='cancelButton' type='button' class='btn btn-warning' (click)='activeModal.close(false)'>Cancel</button>
  </div>
</div>
Run Code Online (Sandbox Code Playgroud)

打字稿:

import { Component, Input } from '@angular/core';
import { NgbModal, NgbActiveModal } from '@ng-bootstrap/ng-bootstrap';
//
@Component({
  selector: 'app-confirm4',
  templateUrl: './confirm4.component.html'
})
export class Confirm4Component {
  // …
Run Code Online (Sandbox Code Playgroud)

jasmine typescript ng-bootstrap angular

P. *_*uhn
lucky-day
5
推荐指数
1
解决办法
4817
查看次数

令牌未通过 OpenIdDict/Connect 进行身份验证

我目前正在努力转换由 Angular 9 前端与 Asp.Net MVC/Web API/Identity 后端通信组成的现有应用程序。我正在将 .Net 转换为 .Net Core 2.2。后端同时使用cookie和JWT进行身份验证和授权。我正在转向 OpenId Dict/Identity 和 OpenId Connect。值得庆幸的是,我创建了一个独立的项目来测试解决方案,因为它已经过试用并且有很多错误。不幸的是,我对 OpenId Dict/Connect 缺乏了解。

\n\n

我需要帮助创建有效的不记名令牌。产生经过验证的用户的令牌。

\n\n

众所周知的值如下:

\n\n
{\n    "issuer": "https://localhost:44324/",\n    "token_endpoint": "https://localhost:44324/connect/token",\n    "end_session_endpoint": "https://localhost:44324/connect/logout",\n    "userinfo_endpoint": "https://localhost:44324/api/userinfo",\n    "jwks_uri": "https://localhost:44324/.well-known/jwks",\n    "grant_types_supported": [\n        "password"\n    ],\n    "scopes_supported": [\n        "openid",\n        "email",\n        "profile",\n        "roles"\n    ],\n    "claims_supported": [\n        "aud",\n        "exp",\n        "iat",\n        "iss",\n        "jti",\n        "sub"\n    ],\n    "id_token_signing_alg_values_supported": [\n        "RS256"\n    ],\n    "subject_types_supported": [\n        "public"\n    ],\n    "token_endpoint_auth_methods_supported": [\n        "client_secret_basic",\n        "client_secret_post"\n    ],\n    "claims_parameter_supported": false,\n    "request_parameter_supported": false,\n    "request_uri_parameter_supported": false\n}\n
Run Code Online (Sandbox Code Playgroud)\n\n

在 Postman 中,我通过传递以下内容生成令牌: …

c# openid x509certificate jwt asp.net-core

P. *_*uhn
lucky-day
5
推荐指数
0
解决办法
2019
查看次数

标签 统计

angular ×5

jasmine ×3

karma-jasmine ×2

typescript ×2

angular-ivy ×1

asp.net-core ×1

c# ×1

github ×1

jwt ×1

ng-bootstrap ×1

node.js ×1

npm ×1

openid ×1

x509certificate ×1