From a76f6b85a912135c6e5ddc22ba3d063dcccce296 Mon Sep 17 00:00:00 2001
From: Peter Bengtsson <peterbe@github.com>
Date: Wed, 8 May 2024 07:17:36 -0400
Subject: [PATCH 1/2] Port `abort.js` to TypeScript (#50498)

---
 src/frame/middleware/{abort.js => abort.ts} | 19 +++++++++++++++----
 src/frame/middleware/index.ts               |  2 +-
 src/types.ts                                | 13 +++++++++++++
 3 files changed, 29 insertions(+), 5 deletions(-)
 rename src/frame/middleware/{abort.js => abort.ts} (64%)
 create mode 100644 src/types.ts

diff --git a/src/frame/middleware/abort.js b/src/frame/middleware/abort.ts
similarity index 64%
rename from src/frame/middleware/abort.js
rename to src/frame/middleware/abort.ts
index 3e9ca925bfc9..f79e38ab08d2 100644
--- a/src/frame/middleware/abort.js
+++ b/src/frame/middleware/abort.ts
@@ -1,6 +1,19 @@
+import type { NextFunction, Response } from 'express'
+
 import statsd from '#src/observability/lib/statsd.js'
+import { ExtendedRequest } from '@/types'
+
+class AbortError extends Error {
+  statusCode: number
+  code: string
+  constructor(message: string, statusCode: number, code: string) {
+    super(message)
+    this.statusCode = statusCode
+    this.code = code
+  }
+}
 
-export default function abort(req, res, next) {
+export default function abort(req: ExtendedRequest, res: Response, next: NextFunction) {
   // If the client aborts the connection, send an error
   req.once('aborted', () => {
     // ignore aborts from next, usually has to do with webpack-hmr
@@ -21,9 +34,7 @@ export default function abort(req, res, next) {
     }
     statsd.increment('middleware.abort', 1, incrementTags)
 
-    const abortError = new Error('Client closed request')
-    abortError.statusCode = 499
-    abortError.code = 'ECONNRESET'
+    const abortError = new AbortError('Client closed request', 499, 'ECONNRESET')
 
     // Pass the error to the Express error handler
     return next(abortError)
diff --git a/src/frame/middleware/index.ts b/src/frame/middleware/index.ts
index 6249beb79d74..eebb046984da 100644
--- a/src/frame/middleware/index.ts
+++ b/src/frame/middleware/index.ts
@@ -5,7 +5,7 @@ import express from 'express'
 import type { NextFunction, Request, Response, Express } from 'express'
 
 import haltOnDroppedConnection from './halt-on-dropped-connection.js'
-import abort from './abort.js'
+import abort from './abort'
 import timeout from './timeout.js'
 import morgan from 'morgan'
 import datadog from '@/observability/middleware/connect-datadog.js'
diff --git a/src/types.ts b/src/types.ts
new file mode 100644
index 000000000000..2179cd3af717
--- /dev/null
+++ b/src/types.ts
@@ -0,0 +1,13 @@
+import type { Request } from 'express'
+
+// Throughout our codebase we "extend" the Request object by attaching
+// things to it. For example `req.context = { currentCategory: 'foo' }`.
+// This type aims to match all the custom things we do to requests
+// througout the codebase.
+export type ExtendedRequest = Request & {
+  pagePath?: string
+  context?: {
+    currentCategory?: string
+  }
+  // Add more properties here as needed
+}

From 654c13a62c776b10d428df3bd3e55c92c5f59417 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 8 May 2024 07:38:28 -0400
Subject: [PATCH 2/2] Bump helmet from 7.0.0 to 7.1.0 (#50504)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package-lock.json | 8 ++++----
 package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 8eba666fef5c..2dbaf8a4df71 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -44,7 +44,7 @@
         "hast-util-from-parse5": "^8.0.1",
         "hast-util-to-string": "^2.0.0",
         "hastscript": "^9.0.0",
-        "helmet": "^7.0.0",
+        "helmet": "^7.1.0",
         "highlight.js": "11.9.0",
         "highlightjs-curl": "^1.3.0",
         "hot-shots": "^10.0.0",
@@ -7899,9 +7899,9 @@
       }
     },
     "node_modules/helmet": {
-      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/helmet/-/helmet-7.0.0.tgz",
-      "integrity": "sha512-MsIgYmdBh460ZZ8cJC81q4XJknjG567wzEmv46WOBblDb6TUd3z8/GhgmsM9pn8g2B80tAJ4m5/d3Bi1KrSUBQ==",
+      "version": "7.1.0",
+      "resolved": "https://registry.npmjs.org/helmet/-/helmet-7.1.0.tgz",
+      "integrity": "sha512-g+HZqgfbpXdCkme/Cd/mZkV0aV3BZZZSugecH03kl38m/Kmdx8jKjBikpDj2cr+Iynv4KpYEviojNdTJActJAg==",
       "engines": {
         "node": ">=16.0.0"
       }
diff --git a/package.json b/package.json
index 1d9caf424c69..6734b13f34fc 100644
--- a/package.json
+++ b/package.json
@@ -230,7 +230,7 @@
     "hast-util-from-parse5": "^8.0.1",
     "hast-util-to-string": "^2.0.0",
     "hastscript": "^9.0.0",
-    "helmet": "^7.0.0",
+    "helmet": "^7.1.0",
     "highlight.js": "11.9.0",
     "highlightjs-curl": "^1.3.0",
     "hot-shots": "^10.0.0",