[MOB-7613][MOB-7390] Fix iframe height setter and update vulnerable dependencies (#303)

* [MOB-7613] Remove extra height from iframe + refactor (#302)

* [MOB-7613] Unset iframe body margin if one is not explicitly already set

* [MOB-7613] Detect img tags alongside image url paths

* [MOB-7613] Set iframe height on iframe load

* [MOB-7613] Add jwt generator url to .env.example

* [MOB-7613] Cleaup utils

* [MOB-7613] Move caching methods to separate file

* [MOB-7613] Update usages of cache

* [MOB-7613] Clean up comments in cache.ts

* [MOB-7613] Remove added return

* [MOB-7613] Clean up iframe width/height setter

* [MOB-7613] Add comment for consume variable

* [MOB-7613] Add env convenience variable for react sample app

* [MOB-7613] Suppress console.warn lint warnings

* [MOB-7613] Clean up types and remove template literals

* [MOB-7613] Fix tests

* [MOB-7613] Fix tests

* [MOB-7613] Put localhost url as fallback for jwt generator

* [MOB-7390]: update deps (#246)

* Bump postcss from 8.3.11 to 8.4.31

Bumps [postcss](https://github.com/postcss/postcss) from 8.3.11 to 8.4.31.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.3.11...8.4.31)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump word-wrap from 1.2.3 to 1.2.4

Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump semver from 5.7.1 to 5.7.2

Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](npm/node-semver@v5.7.1...v5.7.2)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump tough-cookie from 4.0.0 to 4.1.3

Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.0.0 to 4.1.3.
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v4.0.0...v4.1.3)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump webpack from 5.74.0 to 5.76.0

Bumps [webpack](https://github.com/webpack/webpack) from 5.74.0 to 5.76.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v5.74.0...v5.76.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump json5 from 1.0.1 to 1.0.2 in /example

Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump json5 from 1.0.1 to 1.0.2 in /react-example

Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump express from 4.17.1 to 4.18.2 in /react-example

Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.17.1...4.18.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump express from 4.17.1 to 4.18.2

Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.17.1...4.18.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump express from 4.17.1 to 4.18.2 in /example

Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.17.1...4.18.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump loader-utils from 1.4.0 to 1.4.2 in /react-example

Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.0 to 1.4.2.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md)
- [Commits](webpack/loader-utils@v1.4.0...v1.4.2)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump loader-utils from 1.4.0 to 1.4.2 in /example

Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.0 to 1.4.2.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md)
- [Commits](webpack/loader-utils@v1.4.0...v1.4.2)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* [MOB-7175]: add new filter method that leaves in JSON only messages (#238)

* add new filter method that leaves in JSON only messages

* Mentioning filterOnlyReadAndNeverTriggerMessages

---------

Co-authored-by: mitch prewitt <[email protected]>
Co-authored-by: Brad Umbaugh <[email protected]>

* ver bump (#240)

Co-authored-by: mitch prewitt <[email protected]>

* Bump word-wrap from 1.2.3 to 1.2.4 in /react-example

Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump word-wrap from 1.2.3 to 1.2.4 in /example

Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump semver from 6.3.0 to 6.3.1 in /react-example

Bumps [semver](https://github.com/npm/node-semver) from 6.3.0 to 6.3.1.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md)
- [Commits](npm/node-semver@v6.3.0...v6.3.1)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump semver from 6.3.0 to 6.3.1 in /example

Bumps [semver](https://github.com/npm/node-semver) from 6.3.0 to 6.3.1.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md)
- [Commits](npm/node-semver@v6.3.0...v6.3.1)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump tough-cookie from 4.0.0 to 4.1.3 in /example

Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.0.0 to 4.1.3.
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v4.0.0...v4.1.3)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump webpack from 5.63.0 to 5.76.0 in /react-example

Bumps [webpack](https://github.com/webpack/webpack) from 5.63.0 to 5.76.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v5.63.0...v5.76.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump webpack from 5.63.0 to 5.76.0 in /example

Bumps [webpack](https://github.com/webpack/webpack) from 5.63.0 to 5.76.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v5.63.0...v5.76.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>

* not sure where these commits came from

* oops

* update vulnerabilities

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mitch prewitt <[email protected]>
Co-authored-by: Brad Umbaugh <[email protected]>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Mitch Prewitt <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mitch prewitt <[email protected]>
Co-authored-by: Brad Umbaugh <[email protected]>

Author: 4 people

.env.example

@@ -2,10 +2,11 @@
 # called .env and add these values to it and change them appropriately.
 # Remember to uncomment the variables!
 
-# Only set BASE_URL if developing locally, as it will take precedence over the production api urls
+# Only set BASE_URL if developing locally, as it will take precedence over the production api urls.
 # BASE_URL="https://api.iterable.com/api"
 
+# Set this to false to prevent messages from being consumed to fetch the same message(s) when testing changes locally.
 # ENABLE_INAPP_CONSUME=false
 
-# toggle this to true if you would need to hit our EU APIs
+# Toggle this to true if you would need to hit our EU APIs.
 # IS_EU_ITERABLE_SERVICE=false

example/package.json

@@ -50,7 +50,7 @@
     "prettier": "^2.2.1",
     "ts-jest": "^27.0.7",
     "typescript": "^4.6.4",
-    "webpack": "^5.63.0",
+    "webpack": "^5.76.0",
     "webpack-cli": "^4.9.1",
     "webpack-dev-server": "^4.7.3"
   },

example/yarn.lock

@@ -69,8 +69,8 @@
     "@typescript-eslint/eslint-plugin": "^5.38.1",
     "@typescript-eslint/parser": "^5.38.1",
     "@webpack-cli/serve": "^1.6.0",
+    "babel-plugin-module-resolver": "^5.0.0",
     "axios-mock-adapter": "^1.22.0",
-    "babel-plugin-module-resolver": "^3.2.0",
     "concurrently": "^6.3.0",
     "dotenv": "^10.0.0",
     "eslint": "^7.14.0",
@@ -103,4 +103,4 @@
       "eslint"
     ]
   }
-}
+}

package.json

@@ -1,5 +1,10 @@
 # To make requests from this example app make sure you first create an .env file
 # and add the API key and JWT Secret to it like so (and uncomment the keys):
-
 # API_KEY=1234
-# JWT_SECRET=1234
+# JWT_SECRET=1234
+
+# You can set the URL for the JWT generator here if needed
+# JWT_GENERATOR=http://localhost:5000/generate
+
+# Convenience variable to automatically set the login email during testing.
+# [email protected]

react-example/.env.example

@@ -58,7 +58,7 @@
     "prettier": "^2.2.1",
     "ts-jest": "^27.0.7",
     "typescript": "^4.6.4",
-    "webpack": "^5.63.0",
+    "webpack": "^5.76.0",
     "webpack-cli": "^4.9.1",
     "webpack-dev-server": "^4.7.3"
   },

react-example/package.json

@@ -33,7 +33,7 @@ interface Props {
 }
 
 export const LoginForm: FC<Props> = ({ setEmail, logout, refreshJwt }) => {
-  const [email, updateEmail] = useState<string>('');
+  const [email, updateEmail] = useState<string>(process.env.LOGIN_EMAIL || '');
 
   const [isEditingUser, setEditingUser] = useState<boolean>(false);
 

react-example/src/components/LoginForm.tsx

@@ -43,7 +43,7 @@ const HomeLink = styled(Link)`
     ({ email }) => {
       return axios
         .post(
-          'http://localhost:5000/generate',
+          process.env.JWT_GENERATOR || 'http://localhost:5000/generate',
           {
             exp_minutes: 2,
             email,

react-example/src/index.tsx

@@ -3,7 +3,7 @@ import styled from 'styled-components';
 import _Button from 'src/components/Button';
 import { EndpointWrapper, Heading, Response } from './Components.styled';
 import { useUser } from 'src/context/Users';
-import { getInAppMessages } from '@iterable/web-sdk';
+import { DisplayOptions, getInAppMessages } from '@iterable/web-sdk';
 
 const Button = styled(_Button)`
   width: 100%;
@@ -35,7 +35,7 @@ const { request, pauseMessageStream, resumeMessageStream } = getInAppMessages(
     closeButton: {},
     displayInterval: 1000
   },
-  { display: 'immediate' }
+  { display: DisplayOptions.Immediate }
 );
 
 export const InApp: FC<{}> = () => {
@@ -57,7 +57,7 @@ export const InApp: FC<{}> = () => {
 
     return getInAppMessages(
       { count: 20, packageName: 'my-website' },
-      { display: 'deferred' }
+      { display: DisplayOptions.Deferred }
     )
       .request()
       .then((response) => {