Added missing security features to API, Upgraded remark preset

niftylettuce · niftylettuce · commit 062230f5033f · 2017-10-01T02:03:51.000-04:00
diff --git a/package.json b/package.json
@@ -57,7 +57,7 @@
     "nyc": "^11.2.1",
     "prettier": "^1.7.0",
     "remark-cli": "^4.0.0",
-    "remark-preset-github": "^0.0.6",
+    "remark-preset-github": "^0.0.7",
     "supertest": "^3.0.0",
     "xo": "^0.19.0"
   },
diff --git a/template/api.js b/template/api.js
@@ -18,6 +18,10 @@ const Logger = require('@ladjs/logger');
 const Graceful = require('@ladjs/graceful');
 const Mongoose = require('@ladjs/mongoose');
 const ip = require('ip');
+const conditional = require('koa-conditional-get');
+const cors = require('kcors');
+const etag = require('koa-etag');
+const helmet = require('koa-helmet');
 
 const helpers = require('./helpers');
 const config = require('./config');
@@ -79,6 +83,21 @@ app.use(
   })
 );
 
+// conditional-get
+app.use(conditional());
+
+// etag
+app.use(etag());
+
+// cors
+app.use(cors(config.cors));
+
+// TODO: add `cors-gate`
+// <https://github.com/mixmaxhq/cors-gate/issues/6>
+
+// security
+app.use(helmet());
+
 // remove trailing slashes
 app.use(removeTrailingSlashes());
 
diff --git a/yarn.lock b/yarn.lock
@@ -5140,9 +5140,9 @@ remark-parse@^4.0.0:
     vfile-location "^2.0.0"
     xtend "^4.0.1"
 
-remark-preset-github@^0.0.6:
-  version "0.0.6"
-  resolved "https://registry.yarnpkg.com/remark-preset-github/-/remark-preset-github-0.0.6.tgz#48dc9574f2ae59a94ccaee1a63a8f4f0826b0275"
+remark-preset-github@^0.0.7:
+  version "0.0.7"
+  resolved "https://registry.yarnpkg.com/remark-preset-github/-/remark-preset-github-0.0.7.tgz#4611fdf5451c2b142a7e2d9eadfb22b8acc3bade"
   dependencies:
     remark-comment-config "^5.0.0"
     remark-contributors "^3.1.0"
@@ -5191,7 +5191,7 @@ remark-preset-github@^0.0.6:
     remark-toc "^4.0.0"
     remark-validate-links "^7.0.0"
     retext-english "^3.0.0"
-    retext-preset-github "^0.0.3"
+    retext-preset-github "^0.0.4"
     unified "^6.0.0"
 
 remark-preset-lint-recommended@^3.0.1:
@@ -5434,9 +5434,9 @@ retext-indefinite-article@^1.1.0:
     unist-util-is "^2.0.0"
     unist-util-visit "^1.1.0"
 
-retext-preset-github@^0.0.3:
-  version "0.0.3"
-  resolved "https://registry.yarnpkg.com/retext-preset-github/-/retext-preset-github-0.0.3.tgz#75c88efe6bad81a6c1246253f98c76f15e6d1e3f"
+retext-preset-github@^0.0.4:
+  version "0.0.4"
+  resolved "https://registry.yarnpkg.com/retext-preset-github/-/retext-preset-github-0.0.4.tgz#9883f2f347dea3d1280885dddf50b530ee60dac5"
   dependencies:
     retext-contractions "^2.1.0"
     retext-diacritics "^1.2.0"
