refactor: @aptre/react-dropzone fork and esbuild

Signed-off-by: Christian Stewart <[email protected]>

.github/renovate.json

@@ -0,0 +1,18 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    ":semanticPrefixFixDepsChoreOthers",
+    ":ignoreModulesAndTests",
+    "group:all",
+    "workarounds:all"
+  ],
+  "branchConcurrentLimit": 0,
+  "ignorePaths": [
+    "hack"
+  ],
+  "packageRules": [{
+    "matchManagers": ["gomod"],
+    "matchDepTypes": ["replace"],
+    "enabled": false
+  }]
+}

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,69 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "aperture" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "aperture" ]
+  schedule:
+    - cron: '41 13 * * 6'
+
+permissions:
+  contents: read
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+      with:
+        egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
+
+    - name: Checkout repository
+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines. 
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    # - run: |
+    #   echo "Run, Build Application using script"
+    #   ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11

.github/workflows/dependency-review.yml

@@ -0,0 +1,25 @@
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        with:
+          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
+
+      - name: 'Checkout Repository'
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@01bc87099ba56df1e897b6874784491ea6309bc4 # v3.1.4

.github/workflows/tests.yml

@@ -0,0 +1,42 @@
+name: Tests
+
+on:
+  push:
+    branches: [ "aperture" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "aperture" ]
+
+# Builds images for target boards.
+permissions:
+  contents: read
+
+jobs:
+  integration:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node: [18.x, 21.x]
+    timeout-minutes: 10
+    steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        with:
+          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
+
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: Setup Node.JS ${{ matrix.node }}
+        uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
+        with:
+          node-version: ${{ matrix.node }}
+          cache: 'yarn'
+      - name: Yarn install
+        run: yarn install
+      # - name: Depcheck
+      #   run: yarn run deps
+      - name: Build Javascript
+        run: yarn run build
+      # - name: Test Js
+      #   run: yarn run test
+      # - name: Lint Javascript
+      #   run: yarn run lint

LICENSE

@@ -1,5 +1,6 @@
 The MIT License (MIT)
 
+Copyright (c) 2023 Aperture Robotics, LLC.
 Copyright (c) 2018 Param Aggarwal
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -19,4 +20,3 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
-

README.md

@@ -1,38 +1,21 @@
 # react-dropzone-esm
 
-`react-dropzone-esm` is a fork of [react-dropzone](https://github.com/react-dropzone/react-dropzone).
-The purpose of the fork is to provide a version of `react-dropzone` that is compatible with
-modern frameworks which use ES modules (Remix v2, newer versions of Next.js, Vite).
-
-The package provides esm and cjs bundles. It is compatible both with modern build tools
-like Remix v2 and with older tools like Webpack 4.
+`react-dropzone` is a fork of [react-dropzone](https://github.com/react-dropzone/react-dropzone).
 
 ## Installation
 
 With yarn:
 
 ```bash
-yarn add react-dropzone-esm
+yarn add @aptre/react-dropzone
 ```
 
 With npm:
 
 ```bash
-npm install react-dropzone-esm
+npm install @aptre/react-dropzone
 ```
 
-## Differences from react-dropzone
-
-- ESM and CJS bundles
-- Properly configured `package.json` exports
-- ESM bundle is shipped with `.mjs` extension
-- Unused files are removed from the published package (docs, logos, etc.)
-
-Note that it is not planned to fix any bugs or add new features to this package.
-The only purpose of this package is to provide a version of `react-dropzone` that
-is compatible with modern frameworks. Source code of `react-dropzone` library is not modified
-in any way.
-
 ## Documentation
 
-Documentation was removed from the forked package to simplify maintenance. [Please refer to the original package for documentation](https://react-dropzone.js.org/).
+[Please refer to the upstream package for documentation](https://react-dropzone.js.org/).

package.json

@@ -1,9 +1,8 @@
 {
-  "name": "react-dropzone-esm",
+  "name": "@aptre/react-dropzone",
   "description": "Simple HTML5 drag-drop zone with React.js",
-  "version": "15.0.1",
+  "version": "1.0.0",
   "types": "./types/react-dropzone.d.ts",
-  "main": "./dist/cjs/index.js",
   "module": "./dist/esm/index.mjs",
   "exports": {
     ".": {
@@ -19,11 +18,9 @@
   },
   "sideEffects": false,
   "scripts": {
-    "clean": "rm -rf ./dist",
-    "build": "npm run clean && rollup -c rollup.config.mjs",
-    "release:patch": "npm run build && npm version patch && yarn publish && git push",
-    "release:minor": "npm run build && npm version minor && yarn publish && git push",
-    "release:major": "npm run build && npm version major && yarn publish && git push"
+    "clean": "rimraf ./dist",
+    "build": "npm run clean && esbuild --bundle --external:react --external:react-dom --format=esm --target=es2022 --platform=browser --outfile=./dist/index.mjs ./src/index.jsx",
+    "build:min": "npm run build -- --minify"
   },
   "keywords": [
     "react-component",
@@ -34,13 +31,12 @@
   ],
   "repository": {
     "type": "git",
-    "url": "https://github.com/rtivital/react-dropzone-esm.git"
+    "url": "git+https://github.com/apertureerobotics/react-dropzone.git"
   },
   "bugs": {
-    "url": "https://github.com/rtivital/react-dropzone-esm/issues"
+    "url": "https://github.com/aperturerobotics/react-dropzone/issues"
   },
-  "homepage": "https://github.com/rtivital/react-dropzone-esm",
-  "author": "Vitaly Rtishchev <[email protected]>",
+  "homepage": "https://github.com/apertureerobotics/react-dropzone",
   "contributors": [
     "Andrey Okonetchnikov <[email protected]> (http://okonet.ru)",
     "Mike Olson <[email protected]>",
@@ -57,19 +53,13 @@
     "prop-types": "^15.8.1"
   },
   "devDependencies": {
-    "rollup": "^3.29.4",
-    "rollup-plugin-banner2": "^1.2.2",
-    "rollup-plugin-esbuild": "^6.0.2",
-    "rollup-plugin-node-externals": "^6.1.1",
-    "@rollup/plugin-commonjs": "^25.0.4",
-    "@rollup/plugin-node-resolve": "^15.2.1",
-    "@rollup/plugin-replace": "^5.0.2",
     "@types/react": "^18.2.24",
     "@types/react-dom": "^18.2.8",
-    "esbuild": "^0.19.4",
+    "esbuild": "^0.19.11",
     "prettier": "^3.0.3",
     "react": "^18.2.0",
     "react-dom": "^18.2.0",
+    "rimraf": "^5.0.5",
     "typescript": "^5.2.2"
   },
   "engines": {