cofacts

<https://github.com/cofacts/rumors-api/pull/275|#275 List api enhancements>

<https://github.com/cofacts/rumors-api/pull/275|#275 List api enhancements>

Review on #275 List api enhancements

Review on #275 List api enhancements

Review on #275 List api enhancements

Review on #275 List api enhancements

<https://github.com/cofacts/rumors-api/pull/275|#275 List api enhancements>

<https://github.com/cofacts/rumors-api/pull/275|#275 List api enhancements>

<https://github.com/cofacts/rumors-api/pull/276|#276 Install pino logger and add query logging plug-in>

• Add an additional env var `LOG_REQUESTS` that will output request info for each incoming request • When `LOG_REQUESTS` exists, it also shows incoming GraphQL request, variables, and resolved user info • No change if `LOG_REQUESTS` do not exist in env var

<https://github.com/cofacts/rumors-api/pull/276|#276 Install pino logger and add query logging plug-in>

This PR introduces optional request logging (toggled by env var) to make debugging GraphQL requests easier. • Add an additional env var `LOG_REQUESTS` that will output request info for each incoming request • Turning this flag on will introduce lots of logs, needs to be aware of disk size when it is turned on • When `LOG_REQUESTS` exists, it also shows incoming GraphQL request, variables, and resolved user info • No change if `LOG_REQUESTS` do not exist in env var

:white_check_mark: All checks have passed

<https://github.com/cofacts/rumors-api/pull/276#issuecomment-1086926539|Comment on #276 Install pino logger and add query logging plug-in>

<https://coveralls.io/builds/47949955|Coverage Status> Coverage decreased (-0.2%) to 87.012% when pulling *<https://github.com/cofacts/rumors-api/commit/1485102feacea321a8d1a10576af4d2a8dd5ab68|1485102> on log-requests* into *<https://github.com/cofacts/rumors-api/commit/a709020aa38b1e8987308968e4c8b558525dcd51|a709020> on master*.

<https://github.com/cofacts/rumors-api/pull/276#issuecomment-1086926539|Comment on #276 Install pino logger and add query logging plug-in>

<https://coveralls.io/builds/47949955|Coverage Status> Coverage decreased (-0.2%) to 87.012% when pulling *<https://github.com/cofacts/rumors-api/commit/1485102feacea321a8d1a10576af4d2a8dd5ab68|1485102> on log-requests* into *<https://github.com/cofacts/rumors-api/commit/a709020aa38b1e8987308968e4c8b558525dcd51|a709020> on master*.

Review on #276 Install pino logger and add query logging plug-in

Review on #276 Install pino logger and add query logging plug-in

Review on #276 Install pino logger and add query logging plug-in

Review on #276 Install pino logger and add query logging plug-in

Review on #276 Install pino logger and add query logging plug-in

Review on #276 Install pino logger and add query logging plug-in

<https://github.com/cofacts/rumors-line-bot/pull/301|#301 Fix "not identical" unit test by making test input and mock data more distinct>

Unit test on master branch is broken when we <https://github.com/cofacts/rumors-line-bot/pull/298|drop the similarity threshold to 0.8>. The broken test case is "groupMessage should handle input is not identical to article". The root cause is that the similarity between test input `我知道黑啤愛吃蠶寶寶哦！` and mockup `我不會說我知道黑啤愛吃蠶寶寶哦！` is higher than the new threshold 0.8. The test case is meant to be testing the behavior when test input is lower than the threshold. Therefore, this PR makes the test input more dissimilar with the mockup data, so that we can test the desired branch and thus fix the test. ``` const ss = require('string-similarity') ss.compareTwoStrings('我不會說我知道黑啤愛吃蠶寶寶哦！', '我知道黑啤愛吃蠶寶寶哦！') // 0.8461538461538461 ss.compareTwoStrings('我不會說我知道黑啤愛吃蠶寶寶哦！', '我知道黑啤愛吃兔寶寶哦！') // 0.6923076923076923 ```

:white_check_mark: All checks have passed

<https://github.com/cofacts/rumors-line-bot/pull/301|#301 Fix "not identical" unit test by making test input and mock data more distinct>

Unit test on master branch is broken when we <https://github.com/cofacts/rumors-line-bot/pull/298|drop the similarity threshold to 0.8>. The broken test case is "groupMessage should handle input is not identical to article". The root cause is that the similarity between test input `我知道黑啤愛吃蠶寶寶哦！` and mockup `我不會說我知道黑啤愛吃蠶寶寶哦！` is higher than the new threshold 0.8. The test case is meant to be testing the behavior when test input is lower than the threshold. Therefore, this PR makes the test input more dissimilar with the mockup data, so that we can test the desired branch and thus fix the test. ``` const ss = require('string-similarity') ss.compareTwoStrings('我不會說我知道黑啤愛吃蠶寶寶哦！', '我知道黑啤愛吃蠶寶寶哦！') // 0.8461538461538461 ss.compareTwoStrings('我不會說我知道黑啤愛吃蠶寶寶哦！', '我知道黑啤愛吃蛾哦！') // 0.5833333333333334 ```

<https://github.com/cofacts/rumors-line-bot/pull/300|#300 Reply request form for LIFF>

<https://github.com/cofacts/rumors-line-bot/pull/300|#300 Reply request form for LIFF>

Review on #300 Reply request form for LIFF

Review on #300 Reply request form for LIFF

<https://github.com/cofacts/rumors-line-bot/pull/301|#301 Fix "not identical" unit test by making test input and mock data more distinct>

<https://github.com/cofacts/rumors-line-bot/pull/301|#301 Fix "not identical" unit test by making test input and mock data more distinct>

<https://github.com/cofacts/takedowns/pull/58|#58 Create 0406-ads.md>

<https://github.com/cofacts/takedowns/pull/58|#58 Create 0406-ads.md>

Review on #58 Create 0406-ads.md

Review on #58 Create 0406-ads.md

Review on #58 Create 0406-ads.md

Review on #58 Create 0406-ads.md

HackMD

Cofacts 會議記錄 - HackMD

# Cofacts 會議記錄 ## 2022 - [20220406 會議記錄](/gyIJXbTqRnySbfeaPJcJew) - [20220330 會議記錄](/OdOwYeKjQsSy

<https://github.com/cofacts/takedowns/pull/58|#58 Create 0406-ads.md>

<https://github.com/cofacts/takedowns/pull/58|#58 Create 0406-ads.md>

<https://github.com/cofacts/rumors-fb-bot/pull/34|#34 Bump moment from 2.22.2 to 2.29.2>

Bumps <https://github.com/moment/moment|moment> from 2.22.2 to 2.29.2. Changelog _Sourced from <https://github.com/moment/moment/blob/develop/CHANGELOG.md|moment's changelog>._ &gt; *2.29.2 <https://gist.github.com/ichernev/1904b564f6679d9aac1ae08ce13bc45c|See full changelog>* &gt; &gt; • Release Apr 3 2022 &gt; &gt; Address <https://github.com/advisories/GHSA-8hfj-j24r-96c4|GHSA-8hfj-j24r-96c4> &gt; &gt; *2.29.1 <https://gist.github.com/marwahaha/cc478ba01a1292ab4bd4e861d164d99b|See full changelog>* &gt; &gt; • Release Oct 6, 2020 &gt; &gt; Updated deprecation message, bugfix in hi locale &gt; &gt; *2.29.0 <https://gist.github.com/marwahaha/b0111718641a6461800066549957ec14|See full changelog>* &gt; &gt; • Release Sept 22, 2020 &gt; &gt; New locales (es-mx, bn-bd). Minor bugfixes and locale improvements. More tests. Moment is in maintenance mode. Read more at this link: <https://momentjs.com/docs/#/-project-status/|https://momentjs.com/docs/#/-project-status/> &gt; &gt; *2.28.0 <https://gist.github.com/marwahaha/028fd6c2b2470b2804857cfd63c0e94f|See full changelog>* &gt; &gt; • Release Sept 13, 2020 &gt; &gt; Fix bug where .format() modifies original instance, and locale updates &gt; &gt; *2.27.0 <https://gist.github.com/marwahaha/5100c9c2f42019067b1f6cefc333daa7|See full changelog>* &gt; &gt; • Release June 18, 2020 &gt; &gt; Added Turkmen locale, other locale improvements, slight TypeScript fixes &gt; &gt; *2.26.0 <https://gist.github.com/marwahaha/0725c40740560854a849b096ea7b7590|See full changelog>* &gt; &gt; • Release May 19, 2020 &gt; &gt; TypeScript fixes and many locale improvements &gt; &gt; *2.25.3* &gt; &gt; • Release May 4, 2020 &gt; &gt; Remove package.json module property. It looks like webpack behaves differently for modules loaded via module vs jsnext:main. &gt; &gt; *2.25.2* &gt; &gt; • Release May 4, 2020 ... (truncated) Commits • <https://github.com/moment/moment/commit/75e2ac573e8cd62086a6bc6dc1b8d271e2804391|`75e2ac5`> Build 2.29.2 • <https://github.com/moment/moment/commit/5a2987758edc7d413d1248737d9d0d1b65a70450|`5a29877`> Bump version to 2.29.2 • <https://github.com/moment/moment/commit/4fd847b7a8c7065d88ba0a64b727660190dd45d7|`4fd847b`> Update changelog for 2.29.2 • <https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5|`4211bfc`> [bugfix] Avoid loading path-looking locales from fs • <https://github.com/moment/moment/commit/f2a813afcfd0dd6e63812ea74c46ecc627f6a6a6|`f2a813a`> [misc] Fix indentation (according to prettier) • <https://github.com/moment/moment/commit/7a10de889de64c2519f894a84a98030bec5022d9|`7a10de8`> [test] Avoid hours around DST • <https://github.com/moment/moment/commit/e96809208c9d1b1bbe22d605e76985770024de42|`e968092`> [locale] ar-ly: fix locale name (<https://github-redirect.dependabot.com/moment/moment/issues/5828|#5828>) • <https://github.com/moment/moment/commit/53d7ee6ad8c60c891571c7085db91831bbc095b4|`53d7ee6`> [misc] fix builds (<https://github-redirect.dependabot.com/moment/moment/issues/5836|#5836>) • <https://github.com/moment/moment/commit/52019f1dda47c3e598aaeaa4ac89d5a574641604|`52019f1`> [misc] Specify length of toArray return type (<https://github-redirect.dependabot.com/moment/moment/issues/5766|#5766>) • <https://github.com/moment/moment/commit/0dcaaa689d02dde824029b09ab6aa64ff351ee2e|`0dcaaa6`> [locale] tr: update translation of Monday and Saturday (<https://github-redirect.dependabot.com/moment/moment/issues/5756|#5756>) • Additional commits viewable in <https://github.com/moment/moment/compare/2.22.2...2.29.2|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-fb-bot/network/alerts|Security Alerts page>.

<https://github.com/cofacts/rumors-fb-bot/pull/34|#34 Bump moment from 2.22.2 to 2.29.2>

Bumps <https://github.com/moment/moment|moment> from 2.22.2 to 2.29.2. Changelog _Sourced from <https://github.com/moment/moment/blob/develop/CHANGELOG.md|moment's changelog>._ &gt; *2.29.2 <https://gist.github.com/ichernev/1904b564f6679d9aac1ae08ce13bc45c|See full changelog>* &gt; &gt; • Release Apr 3 2022 &gt; &gt; Address <https://github.com/advisories/GHSA-8hfj-j24r-96c4|GHSA-8hfj-j24r-96c4> &gt; &gt; *2.29.1 <https://gist.github.com/marwahaha/cc478ba01a1292ab4bd4e861d164d99b|See full changelog>* &gt; &gt; • Release Oct 6, 2020 &gt; &gt; Updated deprecation message, bugfix in hi locale &gt; &gt; *2.29.0 <https://gist.github.com/marwahaha/b0111718641a6461800066549957ec14|See full changelog>* &gt; &gt; • Release Sept 22, 2020 &gt; &gt; New locales (es-mx, bn-bd). Minor bugfixes and locale improvements. More tests. Moment is in maintenance mode. Read more at this link: <https://momentjs.com/docs/#/-project-status/|https://momentjs.com/docs/#/-project-status/> &gt; &gt; *2.28.0 <https://gist.github.com/marwahaha/028fd6c2b2470b2804857cfd63c0e94f|See full changelog>* &gt; &gt; • Release Sept 13, 2020 &gt; &gt; Fix bug where .format() modifies original instance, and locale updates &gt; &gt; *2.27.0 <https://gist.github.com/marwahaha/5100c9c2f42019067b1f6cefc333daa7|See full changelog>* &gt; &gt; • Release June 18, 2020 &gt; &gt; Added Turkmen locale, other locale improvements, slight TypeScript fixes &gt; &gt; *2.26.0 <https://gist.github.com/marwahaha/0725c40740560854a849b096ea7b7590|See full changelog>* &gt; &gt; • Release May 19, 2020 &gt; &gt; TypeScript fixes and many locale improvements &gt; &gt; *2.25.3* &gt; &gt; • Release May 4, 2020 &gt; &gt; Remove package.json module property. It looks like webpack behaves differently for modules loaded via module vs jsnext:main. &gt; &gt; *2.25.2* &gt; &gt; • Release May 4, 2020 ... (truncated) Commits • <https://github.com/moment/moment/commit/75e2ac573e8cd62086a6bc6dc1b8d271e2804391|`75e2ac5`> Build 2.29.2 • <https://github.com/moment/moment/commit/5a2987758edc7d413d1248737d9d0d1b65a70450|`5a29877`> Bump version to 2.29.2 • <https://github.com/moment/moment/commit/4fd847b7a8c7065d88ba0a64b727660190dd45d7|`4fd847b`> Update changelog for 2.29.2 • <https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5|`4211bfc`> [bugfix] Avoid loading path-looking locales from fs • <https://github.com/moment/moment/commit/f2a813afcfd0dd6e63812ea74c46ecc627f6a6a6|`f2a813a`> [misc] Fix indentation (according to prettier) • <https://github.com/moment/moment/commit/7a10de889de64c2519f894a84a98030bec5022d9|`7a10de8`> [test] Avoid hours around DST • <https://github.com/moment/moment/commit/e96809208c9d1b1bbe22d605e76985770024de42|`e968092`> [locale] ar-ly: fix locale name (<https://github-redirect.dependabot.com/moment/moment/issues/5828|#5828>) • <https://github.com/moment/moment/commit/53d7ee6ad8c60c891571c7085db91831bbc095b4|`53d7ee6`> [misc] fix builds (<https://github-redirect.dependabot.com/moment/moment/issues/5836|#5836>) • <https://github.com/moment/moment/commit/52019f1dda47c3e598aaeaa4ac89d5a574641604|`52019f1`> [misc] Specify length of toArray return type (<https://github-redirect.dependabot.com/moment/moment/issues/5766|#5766>) • <https://github.com/moment/moment/commit/0dcaaa689d02dde824029b09ab6aa64ff351ee2e|`0dcaaa6`> [locale] tr: update translation of Monday and Saturday (<https://github-redirect.dependabot.com/moment/moment/issues/5756|#5756>) • Additional commits viewable in <https://github.com/moment/moment/compare/2.22.2...2.29.2|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-fb-bot/network/alerts|Security Alerts page>.

<https://github.com/cofacts/rumors-api/pull/276|#276 Install pino logger and add query logging plug-in>

<https://github.com/cofacts/rumors-api/pull/276|#276 Install pino logger and add query logging plug-in>

<https://github.com/cofacts/rumors-line-bot/pull/300|#300 Reply request form for LIFF>

<https://github.com/cofacts/rumors-line-bot/pull/300|#300 Reply request form for LIFF>

<https://github.com/cofacts/rumors-site/issues/481|#481 Category label is not updated after adding one category>

After adding a category, currently there is no any visual feedback that tells the user that the category is added. Current workaround: refresh the whole page Expected: UI should show that the category is added immediately (or shortly after API response)

<https://github.com/cofacts/rumors-site/issues/481|#481 Category label is not updated after adding one category>

After adding a category, currently there is no any visual feedback that tells the user that the category is added. <https://user-images.githubusercontent.com/108608/162559676-022d4169-ba14-4525-a804-47b988fd6df0.gif|no-response> Current workaround: refresh the whole page Expected: UI should show that the category is added immediately (or shortly after API response)

<https://github.com/cofacts/rumors-line-bot/pull/302|#302 Revamp no reply flow>

<https://github.com/cofacts/rumors-line-bot/pull/302|#302 Revamp no reply flow>

<https://github.com/cofacts/rumors-line-bot/pull/302#discussion_r846597368|Comment on #302 Revamp no reply flow>

I do have a question here. It seems that for most event handlers, we no longer return a `state` anymore. We choose to detect what "state" the user should go to in `handleInput` instead. If this is the case, should we still mutate `state` here?

<https://github.com/cofacts/rumors-line-bot/pull/302#discussion_r846597368|Comment on #302 Revamp no reply flow>

I do have a question here. It seems that for most event handlers, we no longer return a `state` anymore. We choose to detect what "state" the user should go to in `handleInput` instead. If this is the case, should we still mutate `state` here?

<https://github.com/cofacts/rumors-line-bot/pull/302#discussion_r846603268|Comment on #302 Revamp no reply flow>

No. I return `state: CHOOSING_REPLY` at line 127 is because `isSkipUser: true`, which makes `handleInput` continue `choosingReply`. Maybe we can consider calling `choosingReply` directly or use a callback function at line 127 and remove `isSkipUser` do-while loop in `handleInput`. Note: there's another `isSkipUser: true` in `initState`.

<https://github.com/cofacts/rumors-line-bot/pull/302#discussion_r846603268|Comment on #302 Revamp no reply flow>

No. I return `state: CHOOSING_REPLY` at line 127 is because `isSkipUser: true`, which makes `handleInput` continue `choosingReply`. Maybe we can consider calling `choosingReply` directly or use a callback function at line 127 and remove `isSkipUser` do-while loop in `handleInput`. Note: there's another `isSkipUser: true` in `initState`.

Review on #302 Revamp no reply flow

Review on #302 Revamp no reply flow

YouTube

資訊戰異軍突起｜烏克蘭絕地反攻｜#沈伯洋 #矢板明夫 #汪浩｜@華視三國演議｜20220410

Review on #302 Revamp no reply flow

Review on #302 Revamp no reply flow

<https://github.com/cofacts/rumors-line-bot/pull/302#discussion_r847899926|Comment on #302 Revamp no reply flow>

Thanks! I will remove change regarding `state` returned here. I can try calling `choosingReply` in this handler to reduce the usage of `isSkipUser`. If there is any issue I can still keep using `isSkipUser`.

<https://github.com/cofacts/rumors-line-bot/pull/302#discussion_r847899926|Comment on #302 Revamp no reply flow>

Thanks! I will remove change regarding `state` returned here. This should remove the code change on test fixtures and thus makes code changes cleaner. I can also try calling `choosingReply` in this handler to reduce the usage of `isSkipUser`, so expect some new snapshot changes regarding this. If there is any issue (like more unexpected changes required), I can still keep using `isSkipUser`.

<https://github.com/cofacts/rumors-line-bot/pull/302|#302 Revamp no reply flow>

<https://github.com/cofacts/rumors-line-bot/pull/302|#302 Revamp no reply flow>

Review on #302 Revamp no reply flow

LGTM!

Review on #302 Revamp no reply flow

LGTM!

<https://github.com/cofacts/rumors-line-bot/pull/302|#302 Revamp no reply flow>

<https://github.com/cofacts/rumors-line-bot/pull/302|#302 Revamp no reply flow>

<https://github.com/cofacts/rumors-fb-bot/pull/35|#35 Bump urijs from 1.19.1 to 1.19.11>

Bumps <https://github.com/medialize/URI.js|urijs> from 1.19.1 to 1.19.11. Release notes _Sourced from <https://github.com/medialize/URI.js/releases|urijs's releases>._ &gt; *1.19.11 (April 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive slashes in scheme-relative URLs - disclosed by <https://github.com/zeyu2001|zeyu2001> via <https://huntr.dev/|https://huntr.dev/> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> remove `\r` (CR), `\n`, (LF) `\t` (TAB) - disclosed by <https://github.com/haxatron|haxatron> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.10 (March 5th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive colons in protocol delimiter - disclosed by <https://github.com/huydoppa|huydoppa> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.9 (March 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle leading whitespace - disclosed by <https://github.com/p0cas|p0cas> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.8 (February 15th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> treat scheme case-insenstivie when handling excessive slackes and backslashes - [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/412|#412>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/412|medialize/URI.js#412>) by <https://github.com/r0hanSH|r0hanSH> &gt; &gt; *1.19.7 (July 14th 2021)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseQuery|`URI.parseQuery()`> to prevent overwriting `__proto__` in parseQuery() - disclosed privately by <https://github.com/NewEraCracker|`@​NewEraCracker`> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to handle variable amounts of `\` and `/` in scheme delimiter as Node and Browsers do - disclosed privately by <https://github.com/ready-research|ready-research> via <https://huntr.dev/|https://huntr.dev/> &gt; • removed obsolete build tools &gt; • updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0) &gt; &gt; *1.19.6 (February 13th 2021)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to rewrite `\` in scheme delimiter to `/` as Node and Browsers do - disclosed privately by <https://twitter.com/ynizry|Yaniv Nizry> from the CxSCA AppSec team at Checkmarx &gt; &gt; *1.19.5 (December 30th 2020)* &gt; &gt; • dropping jquery.URI.js from minified bundle accidentally added since v1.19.3 - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/404|#404>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/404|medialize/URI.js#404>) &gt; &gt; *1.19.4 (December 23rd 2020)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseAuthority|`URI.parseAuthority()`> to rewrite `\` to `/` as Node and Browsers do - followed up to by <https://github.com/alesandroortiz|alesandroortiz> in [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/403|#403>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/403|medialize/URI.js#403>), relates to [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/233|#233>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/233|medialize/URI.js#233>) &gt; &gt; *1.19.3 (December 20th 2020)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseAuthority|`URI.parseAuthority()`> to rewrite `\` to `/` as Node and Browsers do - disclosed privately by <https://github.com/alesandroortiz|alesandroortiz>, relates to [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/233|#233>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/233|medialize/URI.js#233>) &gt; &gt; *1.19.2 (October 20th 2019)* &gt; &gt; • fixing <http://medialize.github.io/URI.js/docs.html#static-build|`URI.build()`> to properly handle relative paths when a scheme is given - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/387|#387>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/387|medialize/URI.js#387>) &gt; • fixing <http://medialize.github.io/URI.js/docs.html#static-buildQuery|`URI.buildQuery()`> to properly handle empty param name - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/243|#243>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/243|medialize/URI.js#243>), [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/383|#383>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/383|medialize/URI.js#383>) &gt; • support Composer [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/386|#386>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/386|medialize/URI.js#386>) Changelog _Sourced from <https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md|urijs's changelog>._ Commits • <https://github.com/medialize/URI.js/commit/b655c1b972111ade9f181b02374305942e68e30a|`b655c1b`> chore(build): bumping to version 1.19.11 • <https://github.com/medialize/URI.js/commit/b0c9796aa1a95a85f40924fb18b1e5da3dc8ffae|`b0c9796`> fix(parse): handle CR,LF,TAB • <https://github.com/medialize/URI.js/commit/88805fd3da03bd7a5e60947adb49d182011f1277|`88805fd`> fix(parse): handle excessive slashes in scheme-relative URLs • <https://github.com/medialize/URI.js/commit/926b2aa1099f177f82d0a998da4b43e69fe56ec8|`926b2aa`> chore(build): bumping to version 1.19.10 • <https://github.com/medialize/URI.js/commit/a8166fe02f3af6dc1b2b888dcbb807155aad9509|`a8166fe`> fix(parse): handle excessive colons in scheme delimiter • <https://github.com/medialize/URI.js/commit/01920b5cda87d5dd726eab43d6e7f3ce34a2fd52|`01920b5`> chore(build): bumping to version 1.19.9 • <https://github.com/medialize/URI.js/commit/86d10523a6f6e8dc4300d99d671335ee362ad316|`86d1052`> fix(parse): remove leading whitespace • <https://github.com/medialize/URI.js/commit/efae1e56bd80d78478ffb8bcb8a75ee2c0f1031b|`efae1e5`> chore(build): bumping to version 1.19.8 • <https://github.com/medialize/URI.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249f|`6ea641c`> fix(parse): case insensitive scheme - <https://github-redirect.dependabot.com/medialize/URI.js/issues/412|#412> • <https://github.com/medialize/URI.js/commit/19e54c78d5864aec43986e8f96be8d15998daa80|`19e54c7`> chore(build): bumping to version 1.19.7 • Additional commits viewable in <https://github.com/medialize/URI.js/compare/v1.19.1...v1.19.11|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you re…

<https://github.com/cofacts/rumors-fb-bot/pull/35|#35 Bump urijs from 1.19.1 to 1.19.11>

Bumps <https://github.com/medialize/URI.js|urijs> from 1.19.1 to 1.19.11. Release notes _Sourced from <https://github.com/medialize/URI.js/releases|urijs's releases>._ &gt; *1.19.11 (April 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive slashes in scheme-relative URLs - disclosed by <https://github.com/zeyu2001|zeyu2001> via <https://huntr.dev/|https://huntr.dev/> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> remove `\r` (CR), `\n`, (LF) `\t` (TAB) - disclosed by <https://github.com/haxatron|haxatron> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.10 (March 5th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive colons in protocol delimiter - disclosed by <https://github.com/huydoppa|huydoppa> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.9 (March 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle leading whitespace - disclosed by <https://github.com/p0cas|p0cas> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.8 (February 15th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> treat scheme case-insenstivie when handling excessive slackes and backslashes - [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/412|#412>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/412|medialize/URI.js#412>) by <https://github.com/r0hanSH|r0hanSH> &gt; &gt; *1.19.7 (July 14th 2021)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseQuery|`URI.parseQuery()`> to prevent overwriting `__proto__` in parseQuery() - disclosed privately by <https://github.com/NewEraCracker|`@​NewEraCracker`> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to handle variable amounts of `\` and `/` in scheme delimiter as Node and Browsers do - disclosed privately by <https://github.com/ready-research|ready-research> via <https://huntr.dev/|https://huntr.dev/> &gt; • removed obsolete build tools &gt; • updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0) &gt; &gt; *1.19.6 (February 13th 2021)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to rewrite `\` in scheme delimiter to `/` as Node and Browsers do - disclosed privately by <https://twitter.com/ynizry|Yaniv Nizry> from the CxSCA AppSec team at Checkmarx &gt; &gt; *1.19.5 (December 30th 2020)* &gt; &gt; • dropping jquery.URI.js from minified bundle accidentally added since v1.19.3 - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/404|#404>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/404|medialize/URI.js#404>) &gt; &gt; *1.19.4 (December 23rd 2020)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseAuthority|`URI.parseAuthority()`> to rewrite `\` to `/` as Node and Browsers do - followed up to by <https://github.com/alesandroortiz|alesandroortiz> in [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/403|#403>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/403|medialize/URI.js#403>), relates to [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/233|#233>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/233|medialize/URI.js#233>) &gt; &gt; *1.19.3 (December 20th 2020)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseAuthority|`URI.parseAuthority()`> to rewrite `\` to `/` as Node and Browsers do - disclosed privately by <https://github.com/alesandroortiz|alesandroortiz>, relates to [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/233|#233>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/233|medialize/URI.js#233>) &gt; &gt; *1.19.2 (October 20th 2019)* &gt; &gt; • fixing <http://medialize.github.io/URI.js/docs.html#static-build|`URI.build()`> to properly handle relative paths when a scheme is given - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/387|#387>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/387|medialize/URI.js#387>) &gt; • fixing <http://medialize.github.io/URI.js/docs.html#static-buildQuery|`URI.buildQuery()`> to properly handle empty param name - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/243|#243>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/243|medialize/URI.js#243>), [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/383|#383>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/383|medialize/URI.js#383>) &gt; • support Composer [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/386|#386>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/386|medialize/URI.js#386>) Changelog _Sourced from <https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md|urijs's changelog>._ Commits • <https://github.com/medialize/URI.js/commit/b655c1b972111ade9f181b02374305942e68e30a|`b655c1b`> chore(build): bumping to version 1.19.11 • <https://github.com/medialize/URI.js/commit/b0c9796aa1a95a85f40924fb18b1e5da3dc8ffae|`b0c9796`> fix(parse): handle CR,LF,TAB • <https://github.com/medialize/URI.js/commit/88805fd3da03bd7a5e60947adb49d182011f1277|`88805fd`> fix(parse): handle excessive slashes in scheme-relative URLs • <https://github.com/medialize/URI.js/commit/926b2aa1099f177f82d0a998da4b43e69fe56ec8|`926b2aa`> chore(build): bumping to version 1.19.10 • <https://github.com/medialize/URI.js/commit/a8166fe02f3af6dc1b2b888dcbb807155aad9509|`a8166fe`> fix(parse): handle excessive colons in scheme delimiter • <https://github.com/medialize/URI.js/commit/01920b5cda87d5dd726eab43d6e7f3ce34a2fd52|`01920b5`> chore(build): bumping to version 1.19.9 • <https://github.com/medialize/URI.js/commit/86d10523a6f6e8dc4300d99d671335ee362ad316|`86d1052`> fix(parse): remove leading whitespace • <https://github.com/medialize/URI.js/commit/efae1e56bd80d78478ffb8bcb8a75ee2c0f1031b|`efae1e5`> chore(build): bumping to version 1.19.8 • <https://github.com/medialize/URI.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249f|`6ea641c`> fix(parse): case insensitive scheme - <https://github-redirect.dependabot.com/medialize/URI.js/issues/412|#412> • <https://github.com/medialize/URI.js/commit/19e54c78d5864aec43986e8f96be8d15998daa80|`19e54c7`> chore(build): bumping to version 1.19.7 • Additional commits viewable in <https://github.com/medialize/URI.js/compare/v1.19.1...v1.19.11|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you re…

<https://github.com/cofacts/rumors-fb-bot/pull/33#issuecomment-1097306261|Comment on #33 Bump urijs from 1.19.1 to 1.19.10>

Superseded by <https://github.com/cofacts/rumors-fb-bot/pull/35|#35>.

<https://github.com/cofacts/rumors-fb-bot/pull/33#issuecomment-1097306261|Comment on #33 Bump urijs from 1.19.1 to 1.19.10>

Superseded by <https://github.com/cofacts/rumors-fb-bot/pull/35|#35>.

<https://github.com/cofacts/rumors-fb-bot/pull/33|#33 Bump urijs from 1.19.1 to 1.19.10>

<https://github.com/cofacts/rumors-fb-bot/pull/33|#33 Bump urijs from 1.19.1 to 1.19.10>

<https://github.com/cofacts/rumors-site/pull/482|#482 Bump urijs from 1.19.6 to 1.19.11>

Bumps <https://github.com/medialize/URI.js|urijs> from 1.19.6 to 1.19.11. Release notes _Sourced from <https://github.com/medialize/URI.js/releases|urijs's releases>._ &gt; *1.19.11 (April 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive slashes in scheme-relative URLs - disclosed by <https://github.com/zeyu2001|zeyu2001> via <https://huntr.dev/|https://huntr.dev/> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> remove `\r` (CR), `\n`, (LF) `\t` (TAB) - disclosed by <https://github.com/haxatron|haxatron> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.10 (March 5th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive colons in protocol delimiter - disclosed by <https://github.com/huydoppa|huydoppa> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.9 (March 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle leading whitespace - disclosed by <https://github.com/p0cas|p0cas> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.8 (February 15th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> treat scheme case-insenstivie when handling excessive slackes and backslashes - [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/412|#412>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/412|medialize/URI.js#412>) by <https://github.com/r0hanSH|r0hanSH> &gt; &gt; *1.19.7 (July 14th 2021)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseQuery|`URI.parseQuery()`> to prevent overwriting `__proto__` in parseQuery() - disclosed privately by <https://github.com/NewEraCracker|`@​NewEraCracker`> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to handle variable amounts of `\` and `/` in scheme delimiter as Node and Browsers do - disclosed privately by <https://github.com/ready-research|ready-research> via <https://huntr.dev/|https://huntr.dev/> &gt; • removed obsolete build tools &gt; • updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0) Changelog _Sourced from <https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md|urijs's changelog>._ &gt; *1.19.11 (April 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive slashes in scheme-relative URLs - disclosed by <https://github.com/zeyu2001|zeyu2001> via <https://huntr.dev/|https://huntr.dev/> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> remove `\r` (CR), `\n`, (LF) `\t` (TAB) - disclosed by <https://github.com/haxatron|haxatron> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.10 (March 5th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive colons in protocol delimiter - disclosed by <https://github.com/huydoppa|huydoppa> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.9 (March 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle leading whitespace - disclosed by <https://github.com/p0cas|p0cas> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.8 (February 15th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> treat scheme case-insenstivie when handling excessive slackes and backslashes - [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/412|#412>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/412|medialize/URI.js#412>) by <https://github.com/r0hanSH|r0hanSH> &gt; &gt; *1.19.7 (July 14th 2021)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseQuery|`URI.parseQuery()`> to prevent overwriting `__proto__` in parseQuery() - disclosed privately by <https://github.com/NewEraCracker|`@​NewEraCracker`> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to handle variable amounts of `\` and `/` in scheme delimiter as Node and Browsers do - disclosed privately by <https://github.com/ready-research|ready-research> via <https://huntr.dev/|https://huntr.dev/> &gt; • removed obsolete build tools &gt; • updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0) Commits • <https://github.com/medialize/URI.js/commit/b655c1b972111ade9f181b02374305942e68e30a|`b655c1b`> chore(build): bumping to version 1.19.11 • <https://github.com/medialize/URI.js/commit/b0c9796aa1a95a85f40924fb18b1e5da3dc8ffae|`b0c9796`> fix(parse): handle CR,LF,TAB • <https://github.com/medialize/URI.js/commit/88805fd3da03bd7a5e60947adb49d182011f1277|`88805fd`> fix(parse): handle excessive slashes in scheme-relative URLs • <https://github.com/medialize/URI.js/commit/926b2aa1099f177f82d0a998da4b43e69fe56ec8|`926b2aa`> chore(build): bumping to version 1.19.10 • <https://github.com/medialize/URI.js/commit/a8166fe02f3af6dc1b2b888dcbb807155aad9509|`a8166fe`> fix(parse): handle excessive colons in scheme delimiter • <https://github.com/medialize/URI.js/commit/01920b5cda87d5dd726eab43d6e7f3ce34a2fd52|`01920b5`> chore(build): bumping to version 1.19.9 • <https://github.com/medialize/URI.js/commit/86d10523a6f6e8dc4300d99d671335ee362ad316|`86d1052`> fix(parse): remove leading whitespace • <https://github.com/medialize/URI.js/commit/efae1e56bd80d78478ffb8bcb8a75ee2c0f1031b|`efae1e5`> chore(build): bumping to version 1.19.8 • <https://github.com/medialize/URI.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249f|`6ea641c`> fix(parse): case insensitive scheme - <https://github-redirect.dependabot.com/medialize/URI.js/issues/412|#412> • <https://github.com/medialize/URI.js/commit/19e54c78d5864aec43986e8f96be8d15998daa80|`19e54c7`> chore(build): bumping to version 1.19.7 • Additional commits viewable in <https://github.com/medialize/URI.js/compare/v1.19.6...v1.19.11|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current review…

:white_check_mark: All checks have passed

<https://github.com/cofacts/rumors-site/pull/482|#482 Bump urijs from 1.19.6 to 1.19.11>

Bumps <https://github.com/medialize/URI.js|urijs> from 1.19.6 to 1.19.11. Release notes _Sourced from <https://github.com/medialize/URI.js/releases|urijs's releases>._ &gt; *1.19.11 (April 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive slashes in scheme-relative URLs - disclosed by <https://github.com/zeyu2001|zeyu2001> via <https://huntr.dev/|https://huntr.dev/> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> remove `\r` (CR), `\n`, (LF) `\t` (TAB) - disclosed by <https://github.com/haxatron|haxatron> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.10 (March 5th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive colons in protocol delimiter - disclosed by <https://github.com/huydoppa|huydoppa> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.9 (March 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle leading whitespace - disclosed by <https://github.com/p0cas|p0cas> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.8 (February 15th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> treat scheme case-insenstivie when handling excessive slackes and backslashes - [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/412|#412>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/412|medialize/URI.js#412>) by <https://github.com/r0hanSH|r0hanSH> &gt; &gt; *1.19.7 (July 14th 2021)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseQuery|`URI.parseQuery()`> to prevent overwriting `__proto__` in parseQuery() - disclosed privately by <https://github.com/NewEraCracker|`@​NewEraCracker`> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to handle variable amounts of `\` and `/` in scheme delimiter as Node and Browsers do - disclosed privately by <https://github.com/ready-research|ready-research> via <https://huntr.dev/|https://huntr.dev/> &gt; • removed obsolete build tools &gt; • updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0) Changelog _Sourced from <https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md|urijs's changelog>._ &gt; *1.19.11 (April 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive slashes in scheme-relative URLs - disclosed by <https://github.com/zeyu2001|zeyu2001> via <https://huntr.dev/|https://huntr.dev/> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> remove `\r` (CR), `\n`, (LF) `\t` (TAB) - disclosed by <https://github.com/haxatron|haxatron> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.10 (March 5th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle excessive colons in protocol delimiter - disclosed by <https://github.com/huydoppa|huydoppa> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.9 (March 3rd 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> handle leading whitespace - disclosed by <https://github.com/p0cas|p0cas> via <https://huntr.dev/|https://huntr.dev/> &gt; &gt; *1.19.8 (February 15th 2022)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> treat scheme case-insenstivie when handling excessive slackes and backslashes - [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/412|#412>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/412|medialize/URI.js#412>) by <https://github.com/r0hanSH|r0hanSH> &gt; &gt; *1.19.7 (July 14th 2021)* &gt; &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseQuery|`URI.parseQuery()`> to prevent overwriting `__proto__` in parseQuery() - disclosed privately by <https://github.com/NewEraCracker|`@​NewEraCracker`> &gt; • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to handle variable amounts of `\` and `/` in scheme delimiter as Node and Browsers do - disclosed privately by <https://github.com/ready-research|ready-research> via <https://huntr.dev/|https://huntr.dev/> &gt; • removed obsolete build tools &gt; • updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0) Commits • <https://github.com/medialize/URI.js/commit/b655c1b972111ade9f181b02374305942e68e30a|`b655c1b`> chore(build): bumping to version 1.19.11 • <https://github.com/medialize/URI.js/commit/b0c9796aa1a95a85f40924fb18b1e5da3dc8ffae|`b0c9796`> fix(parse): handle CR,LF,TAB • <https://github.com/medialize/URI.js/commit/88805fd3da03bd7a5e60947adb49d182011f1277|`88805fd`> fix(parse): handle excessive slashes in scheme-relative URLs • <https://github.com/medialize/URI.js/commit/926b2aa1099f177f82d0a998da4b43e69fe56ec8|`926b2aa`> chore(build): bumping to version 1.19.10 • <https://github.com/medialize/URI.js/commit/a8166fe02f3af6dc1b2b888dcbb807155aad9509|`a8166fe`> fix(parse): handle excessive colons in scheme delimiter • <https://github.com/medialize/URI.js/commit/01920b5cda87d5dd726eab43d6e7f3ce34a2fd52|`01920b5`> chore(build): bumping to version 1.19.9 • <https://github.com/medialize/URI.js/commit/86d10523a6f6e8dc4300d99d671335ee362ad316|`86d1052`> fix(parse): remove leading whitespace • <https://github.com/medialize/URI.js/commit/efae1e56bd80d78478ffb8bcb8a75ee2c0f1031b|`efae1e5`> chore(build): bumping to version 1.19.8 • <https://github.com/medialize/URI.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249f|`6ea641c`> fix(parse): case insensitive scheme - <https://github-redirect.dependabot.com/medialize/URI.js/issues/412|#412> • <https://github.com/medialize/URI.js/commit/19e54c78d5864aec43986e8f96be8d15998daa80|`19e54c7`> chore(build): bumping to version 1.19.7 • Additional commits viewable in <https://github.com/medialize/URI.js/compare/v1.19.6...v1.19.11|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current review…

<https://github.com/cofacts/rumors-site/pull/480#issuecomment-1097358354|Comment on #480 Bump urijs from 1.19.6 to 1.19.10>

Superseded by <https://github.com/cofacts/rumors-site/pull/482|#482>.

<https://github.com/cofacts/rumors-site/pull/480#issuecomment-1097358354|Comment on #480 Bump urijs from 1.19.6 to 1.19.10>

Superseded by <https://github.com/cofacts/rumors-site/pull/482|#482>.

<https://github.com/cofacts/rumors-site/pull/480|#480 Bump urijs from 1.19.6 to 1.19.10>

<https://github.com/cofacts/rumors-site/pull/480|#480 Bump urijs from 1.19.6 to 1.19.10>

<https://github.com/cofacts/rumors-site/pull/482#issuecomment-1097361278|Comment on #482 Bump urijs from 1.19.6 to 1.19.11>

<https://coveralls.io/builds/48231192|Coverage Status> Coverage remained the same at 73.942% when pulling *<https://github.com/cofacts/rumors-site/commit/5d63be008c5fe4264c3291f8253857beb17c57c7|5d63be0> on dependabot/npm_and_yarn/urijs-1.19.11* into *<https://github.com/cofacts/rumors-site/commit/61c7e77da047d69bc2173c456ca0ca4a69be5d78|61c7e77> on master*.

<https://github.com/cofacts/rumors-site/pull/482#issuecomment-1097361278|Comment on #482 Bump urijs from 1.19.6 to 1.19.11>

<https://coveralls.io/builds/48231192|Coverage Status> Coverage remained the same at 73.942% when pulling *<https://github.com/cofacts/rumors-site/commit/5d63be008c5fe4264c3291f8253857beb17c57c7|5d63be0> on dependabot/npm_and_yarn/urijs-1.19.11* into *<https://github.com/cofacts/rumors-site/commit/61c7e77da047d69bc2173c456ca0ca4a69be5d78|61c7e77> on master*.

<https://github.com/cofacts/takedowns/pull/59|#59 Create 0413-ads.md>

<https://github.com/cofacts/takedowns/pull/59|#59 Create 0413-ads.md>

Review on #59 Create 0413-ads.md

Review on #59 Create 0413-ads.md

Review on #59 Create 0413-ads.md

Review on #59 Create 0413-ads.md

<https://github.com/cofacts/takedowns/pull/59|#59 Create 0413-ads.md>

<https://github.com/cofacts/takedowns/pull/59|#59 Create 0413-ads.md>

<https://github.com/cofacts/rumors-site/issues/483|#483 Display image on Cofacts website>

<https://github.com/cofacts/rumors-site/issues/483|#483 [Image-M1] Display image on Cofacts website>

Blocked by: <https://github.com/cofacts/design/issues/1|cofacts/design#1> • Display image in Cofacts detail &amp; article list • Allow users to reply to images

<https://github.com/cofacts/design/issues/1|#1 [Image-M1] Design: display image in Cofacts website / LIFF>

Figma mockup for image display under the following context • Cofacts website: Article list • Cofacts website: Article detail • ~Cofacts LINE bot: list of found articles~ • In Image-M1 and M2, only 1 article (with 100% matching hash) will be returned, so no need for listing at this stage • Cofacts LINE bot: LIFF viewed article • Cofacts LINE bot: LIFF article detail

<https://github.com/cofacts/design/issues/1|#1 Design: display image in Cofacts website / LIFF>

Figma mockup for image display under the following context • Cofacts website: Article list • Cofacts website: Article detail • Cofacts LINE bot: list of found articles • Cofacts LINE bot: LIFF viewed article • Cofacts LINE bot: LIFF article detail

<https://github.com/cofacts/rumors-api/issues/277|#277 [Image-M1] Wrap image management / dedup mechanism into library>

<https://github.com/cofacts/rumors-api/issues/277|#277 [Image-M1] Wrap image management / dedup mechanism into library>

Move file upload &amp; hash generation code from <https://github.com/cofacts/rumors-api/pull/273|#273> to a separate Node.JS repository with the following functionality: • setup GCP credential • upload image • search for near duplicate result given a query image • documentation

<https://github.com/cofacts/rumors-line-bot/issues/304|#304 [Image-M2] LINE bot can search for images>

• User can forward images to Cofacts LINE bot • LINE bot can return image result • User can choose found images • LINE bot can return fact-checking replies to images Blocked by: • <https://github.com/cofacts/design/issues/1|cofacts/design#1> • <https://github.com/cofacts/rumors-api/pull/273|cofacts/rumors-api#273>

<https://github.com/cofacts/rumors-line-bot/issues/304|#304 [Image-M2] LINE bot can search for images>

• User can forward images to Cofacts LINE bot • LINE bot can return image result • There should be only 1 image result because similarity search is not in place in this case • User can choose found images • LINE bot can return fact-checking replies to images Blocked by: • <https://github.com/cofacts/design/issues/1|cofacts/design#1> • <https://github.com/cofacts/rumors-api/pull/273|cofacts/rumors-api#273>

<https://github.com/cofacts/rumors-line-bot/issues/305|#305 [Image-M2] LINE bot server image proxy>

• An endpoint for rumors-api to fetch images from LINE messaging API • Forwards image request to LINE messaging API's <https://developers.line.biz/en/reference/messaging-api/#get-content|Get content> endpoint • It's a streaming proxy; no temp file is stored on rumors-line-bot server

<https://github.com/cofacts/rumors-line-bot/issues/305|#305 [Image-M2] LINE bot server image proxy>

• An endpoint for rumors-api to fetch images from LINE messaging API • Forwards image request to LINE messaging API's <https://developers.line.biz/en/reference/messaging-api/#get-content|Get content> endpoint • It's a streaming proxy; no temp file is stored on rumors-line-bot server

<https://github.com/cofacts/rumors-line-bot/issues/306|#306 [Image-M2] LINE bot can submit new images>

Similar to submitting new text rumors, LINE bot should ask for source (if the image is from LINE) and ask for user's consent to submit this image to public database.

<https://github.com/cofacts/rumors-line-bot/issues/306|#306 [Image-M2] LINE bot can submit new images>

Similar to submitting new text rumors, LINE bot should ask for source (if the image is from LINE) and ask for user's consent to submit this image to public database.

image.png

image.png

<https://github.com/cofacts/takedowns/pull/60|#60 Create 0417-ads.md>

<https://github.com/cofacts/takedowns/pull/60|#60 Create 0417-ads.md>

Review on #60 Create 0417-ads.md

Review on #60 Create 0417-ads.md

Review on #60 Create 0417-ads.md

Review on #60 Create 0417-ads.md

<https://github.com/cofacts/takedowns/pull/60|#60 Create 0417-ads.md>

<https://github.com/cofacts/takedowns/pull/60|#60 Create 0417-ads.md>

HackMD

Cofacts 會議記錄 - HackMD

# Cofacts 會議記錄 ## 2022 - [20220420 會議記錄](/pGl4iqVKRXed7opCK_txVw) - [20220413 會議記錄](/PxuoYf6ISYyF

<https://github.com/cofacts/rumors-api/pull/273#discussion_r854220064|Comment on #273 Multimedia support phase 0>

Updated in PR description

<https://github.com/cofacts/rumors-api/pull/273#discussion_r854220064|Comment on #273 Multimedia support phase 0>

Updated in PR description

<https://github.com/cofacts/takedowns/pull/61|#61 Create 0420-2nd-scam.md>

<https://github.com/cofacts/takedowns/pull/61|#61 Create 0420-2nd-scam.md>

<https://github.com/cofacts/rumors-line-bot/pull/307|#307 Revise English translation>

This PR is part of new article creation revamp. It contains wording change that is not directly related to new article submission flow, so that the size main PR (<https://github.com/cofacts/rumors-line-bot/pull/303|#303> ) can be more manageable. 1. Revise existing English wording. Kudos to mingyun0d0 for <https://g0v.hackmd.io/eo8NM1VGQ7qxaamBZXRPtA#7-No-replies---Thanks|reviewing the wording>! 2. Update "real person" suggestion to MyGoPen 真人查證 and remove inactive 蘭姆酒吐司

:white_check_mark: All checks have passed

<https://github.com/cofacts/rumors-line-bot/pull/307|#307 Revise English translation>

This PR is part of new article creation revamp. It contains wording change that is not directly related to new article submission flow, so that the size main PR (<https://github.com/cofacts/rumors-line-bot/pull/303|#303> ) can be more manageable. 1. Revise existing English wording. Kudos to mingyun0d0 for <https://g0v.hackmd.io/eo8NM1VGQ7qxaamBZXRPtA#7-No-replies---Thanks|reviewing the wording>! 2. Update "real person" suggestion to MyGoPen 真人查證 and remove inactive 蘭姆酒吐司 *English translation* <https://user-images.githubusercontent.com/108608/164287100-06ae0b2d-94bd-49af-a827-812a15b191f0.png|圖片> *No change to Mandarin* <https://user-images.githubusercontent.com/108608/164286473-72be66e7-ca15-4ad4-b1ff-d4d547d8f493.png|圖片> *Updated list of suggestions* <https://user-images.githubusercontent.com/108608/164286892-267fe4ee-2e74-4332-afc3-be0acb2e33da.png|圖片>

:white_check_mark: All checks have passed

<https://github.com/cofacts/rumors-line-bot/pull/307#issuecomment-1104200948|Comment on #307 Revise English translation>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/48425510|Build 2197192386>* • *1* of *1* *(100.0%)* changed or added relevant line in *1* file are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.351%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

<https://github.com/cofacts/rumors-line-bot/pull/307#issuecomment-1104200948|Comment on #307 Revise English translation>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/48425510|Build 2197192386>* • *1* of *1* *(100.0%)* changed or added relevant line in *1* file are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.351%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

Review on #307 Revise English translation

LGTM!

Review on #307 Revise English translation

LGTM!

Review on #61 Create 0420-2nd-scam.md

Review on #61 Create 0420-2nd-scam.md

Review on #61 Create 0420-2nd-scam.md

Review on #61 Create 0420-2nd-scam.md

<https://github.com/cofacts/takedowns/pull/61|#61 Create 0420-2nd-scam.md>

<https://github.com/cofacts/takedowns/pull/61|#61 Create 0420-2nd-scam.md>

<https://github.com/cofacts/rumors-line-bot/pull/308|#308 Remove additional flex alt text>

const `FLEX_MESSAGE_ALT_TEXT` in `handlers/util` asks the user to proceed action on their mobile phone, if their device does not support flex messages. At this point of time, all devices, including desktop, supports flex messages. The only chance the user can see the alt text is probably the short quote in the chatroom list, which only displays the first few letters. <https://user-images.githubusercontent.com/108608/164988840-6d84ead9-2296-4ea4-be4e-56cf367642a3.png|圖片> When implementing new submission flow, I removed `FLEX_MESSAGE_ALT_TEXT` and updates each of its occurrences. This is submitted as a separate PR (this PR) in order to make the main PR more focused.

:white_check_mark: All checks have passed

<https://github.com/cofacts/rumors-line-bot/pull/308|#308 Remove additional flex alt text>

const `FLEX_MESSAGE_ALT_TEXT` in `handlers/util` asks the user to proceed action on their mobile phone, if their device does not support flex messages. At this point of time, all devices, including desktop, supports flex messages. The only chance the user can see the alt text is probably the short quote in the chatroom list, which only displays the first few letters. <https://user-images.githubusercontent.com/108608/164988840-6d84ead9-2296-4ea4-be4e-56cf367642a3.png|圖片> When implementing new submission flow, I removed `FLEX_MESSAGE_ALT_TEXT` and updates each of its occurrences. This is submitted as a separate PR (this PR) in order to make the main PR more focused.

:white_check_mark: All checks have passed

<https://github.com/cofacts/rumors-line-bot/pull/308#issuecomment-1107884618|Comment on #308 Remove additional flex alt text>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/48517723|Build 2216308322>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage decreased (*-0.008%*) to *87.343%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

<https://github.com/cofacts/rumors-line-bot/pull/308#issuecomment-1107884618|Comment on #308 Remove additional flex alt text>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/48517723|Build 2216308322>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage decreased (*-0.008%*) to *87.343%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

<https://github.com/cofacts/takedowns/pull/62|#62 Create 0425-2nd-scam.md>

<https://github.com/cofacts/takedowns/pull/62|#62 Create 0425-2nd-scam.md>

Review on #62 Create 0425-2nd-scam.md

Review on #62 Create 0425-2nd-scam.md

Review on #62 Create 0425-2nd-scam.md

Review on #62 Create 0425-2nd-scam.md

<https://github.com/cofacts/takedowns/pull/62|#62 Create 0425-2nd-scam.md>

<https://github.com/cofacts/takedowns/pull/62|#62 Create 0425-2nd-scam.md>

Review on #308 Remove additional flex alt text

LGTM!

Review on #308 Remove additional flex alt text

LGTM!

<https://github.com/cofacts/rumors-line-bot/pull/307|#307 Revise English translation>

<https://github.com/cofacts/rumors-line-bot/pull/307|#307 Revise English translation>

<https://github.com/cofacts/rumors-line-bot/pull/308|#308 Remove additional flex alt text>

<https://github.com/cofacts/rumors-line-bot/pull/308|#308 Remove additional flex alt text>

<https://github.com/cofacts/rumors-line-bot/pull/303|#303 Revamp submission flow>

<https://github.com/cofacts/rumors-line-bot/pull/303|#303 Revamp submission flow>

<https://github.com/cofacts/rumors-line-bot/pull/309|#309 Removes unused code and add translation>

<https://github.com/cofacts/rumors-line-bot/pull/309|#309 Removes unused code and add translation>

Review on #309 Removes unused code and add translation

Review on #309 Removes unused code and add translation

Review on #303 Revamp submission flow

Review on #303 Revamp submission flow

Review on #273 Multimedia support phase 0

Review on #273 Multimedia support phase 0

<https://github.com/cofacts/rumors-api/pull/273|#273 Multimedia support phase 0>

<https://github.com/cofacts/rumors-api/pull/273|#273 Multimedia support phase 0>

<https://github.com/cofacts/rumors-api/pull/278|#278 Fix build by upgrade Node.JS>

When docker build the current master branch, docker image is broken because it is using `node:12-alpine`, whose `npm` is too old to properly load dependency from package-lock.json v2. This PR fixes the issue by • Updating Node.JS to v18 (with npm that can read v2 lockfile) • Update babel and remove unnecessary transform &amp; shims • Fix pm2 start script (align with rumors-line-bot) to fix pid issue • Use `@grpc/grpc-js` to avoid native extension (native extension is very likely not provided and gyp always fail......)

<https://github.com/cofacts/rumors-api/pull/278|#278 Fix build by upgrade Node.JS>

When docker build the current master branch, docker image is broken because it is using `node:12-alpine`, whose `npm` is too old to properly load dependency from package-lock.json v2. This PR fixes the issue by • Updating Node.JS to v18 (with npm that can read v2 lockfile) • Update babel and remove unnecessary transform &amp; shims • Fix pm2 start script (align with rumors-line-bot) to fix pid issue • Use `@grpc/grpc-js` to avoid native extension (native extension is very likely not provided and gyp always fail......)

:white_check_mark: All checks have passed

<https://github.com/cofacts/rumors-api/pull/278#issuecomment-1111804858|Comment on #278 Fix build by upgrade Node.JS>

<https://coveralls.io/builds/48650808|Coverage Status> Coverage remained the same at 87.533% when pulling *<https://github.com/cofacts/rumors-api/commit/e0510ecbc74c7737663340ca8231664149005454|e0510ec> on fix-build-by-upgrade* into *<https://github.com/cofacts/rumors-api/commit/7b88fbe8f74bdba46575b9e4247427545095205e|7b88fbe> on master*.

<https://github.com/cofacts/rumors-api/pull/278#issuecomment-1111804858|Comment on #278 Fix build by upgrade Node.JS>

<https://coveralls.io/builds/48650808|Coverage Status> Coverage remained the same at 87.533% when pulling *<https://github.com/cofacts/rumors-api/commit/e0510ecbc74c7737663340ca8231664149005454|e0510ec> on fix-build-by-upgrade* into *<https://github.com/cofacts/rumors-api/commit/7b88fbe8f74bdba46575b9e4247427545095205e|7b88fbe> on master*.

<https://github.com/cofacts/rumors-api/pull/273#issuecomment-1111858300|Comment on #273 Multimedia support phase 0>

Migration report on staging Update article schema (in `rumors-db`) ``` $ npm run reload -- articles &gt; rumors-db@1.0.2 reload &gt; babel-node db/reloadSchema.js "articles" Source: articles_v1_1_0 Target: articles_v1_2_0 Reindexed from articles_v1_1_0 to articles_v1_2_0 in 39 seconds. Setup articles_v1_2_0 -&gt; articles alias and remove articles_v1_1_0. ``` Fill in article type: call ``` curl -XPOST "{db_url}/articles_{vesrion}/_update_by_query" -H 'Content-Type: application/json' -d' { "script": { "source": "ctx._source[\"articleType\"]=\"TEXT\";", "lang": "painless" }, "query": { "bool": { "must_not": { "exists": { "field": "articleType" } } } } }' ``` took 53 second on 67k articles ``` {"took":53524,"timed_out":false,"total":67680,"updated":67680,"deleted":0,"batches":68,"version_conflicts":0,"noops":0,"retries":{"bulk":0,"search":0},"throttled_millis":0,"requests_per_second":-1.0,"throttled_until_millis":0,"failures":[]} ```

<https://github.com/cofacts/rumors-api/pull/273#issuecomment-1111858300|Comment on #273 Multimedia support phase 0>

Migration report on staging 1. Fill in article type: took 53 second on 67k articles ``` {"took":53524,"timed_out":false,"total":67680,"updated":67680,"deleted":0,"batches":68,"version_conflicts":0,"noops":0,"retries":{"bulk":0,"search":0},"throttled_millis":0,"requests_per_second":-1.0,"throttled_until_millis":0,"failures":[]} ```

<https://github.com/cofacts/rumors-api/pull/279|#279 Use buffer instead of cloned stream>

<https://github.com/cofacts/rumors-api/pull/279|#279 Use buffer instead of cloned stream>

<https://github.com/cofacts/rumors-site/pull/484|#484 Upgrade node and npm packages>

<https://github.com/cofacts/rumors-site/pull/484|#484 Upgrade node and npm packages>

Review on #279 Use buffer instead of cloned stream

LGTM! Thanks for the fix :pray:

Review on #279 Use buffer instead of cloned stream

LGTM! Thanks for fix :pray:

<https://github.com/cofacts/rumors-site/pull/484#discussion_r862317277|Comment on #484 Upgrade node and npm packages>

Does storybook forget to change `focusable="false"` to `focusable={false}` ?

<https://github.com/cofacts/rumors-site/pull/484#discussion_r862317277|Comment on #484 Upgrade node and npm packages>

Does storybook forget to change `focusable="false"` to `focusable={false}` ?

Review on #484 Upgrade node and npm packages

LGTM!

Review on #484 Upgrade node and npm packages

LGTM!

Review on #278 Fix build by upgrade Node.JS

LGTM!

Review on #278 Fix build by upgrade Node.JS

LGTM!