Juan Picado @jotadeveloper
dd754d1298
chore(release): 4.3.5
2019-11-21 17:26:14 +01:00
Snyk bot
2f3ba93c87
fix: package.json to reduce vulnerabilities ( #1583 )
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534988
2019-11-21 16:45:15 +01:00
dependabot-preview[bot]
399421e609
build(deps-dev): bump @types/semver from 6.0.2 to 6.2.0 ( #1574 )
...
Bumps [@types/semver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/semver ) from 6.0.2 to 6.2.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/semver )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-17 11:55:48 +01:00
dependabot-preview[bot]
c416febbb6
build(deps-dev): bump @types/lodash from 4.14.141 to 4.14.148 ( #1579 )
...
Bumps [@types/lodash](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash ) from 4.14.141 to 4.14.148.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/lodash )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-17 07:03:01 +01:00
dependabot-preview[bot]
0106811061
build(deps-dev): bump cross-env from 5.2.1 to 6.0.3 ( #1570 )
...
Bumps [cross-env](https://github.com/kentcdodds/cross-env ) from 5.2.1 to 6.0.3.
- [Release notes](https://github.com/kentcdodds/cross-env/releases )
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kentcdodds/cross-env/compare/v5.2.1...v6.0.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-17 07:02:33 +01:00
dependabot-preview[bot]
f7c7d167b1
build(deps-dev): bump detect-secrets from 1.0.4 to 1.0.5 ( #1575 )
...
Bumps [detect-secrets](https://github.com/lirantal/detect-secrets ) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/lirantal/detect-secrets/releases )
- [Commits](https://github.com/lirantal/detect-secrets/compare/v1.0.4...v1.0.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-16 13:26:32 +01:00
dependabot-preview[bot]
4e5b6e8d3f
build(deps-dev): bump @types/jest from 24.0.22 to 24.0.23 ( #1576 )
...
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest ) from 24.0.22 to 24.0.23.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-16 13:22:30 +01:00
Snyk bot
e459881be5
fix: package.json to reduce vulnerabilities ( #1577 )
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
2019-11-16 13:21:23 +01:00
dependabot-preview[bot]
b7757f898b
build(deps-dev): bump @types/async from 3.0.2 to 3.0.3 ( #1561 )
...
Bumps [@types/async](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/async ) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/async )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 19:36:18 +01:00
dependabot-preview[bot]
a774d4e1c4
build(deps-dev): bump @types/jest from 24.0.18 to 24.0.22 ( #1560 )
...
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest ) from 24.0.18 to 24.0.22.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 19:35:50 +01:00
dependabot-preview[bot]
e801d01a0c
build(deps): bump dayjs from 1.8.16 to 1.8.17 ( #1562 )
...
Bumps [dayjs](https://github.com/iamkun/dayjs ) from 1.8.16 to 1.8.17.
- [Release notes](https://github.com/iamkun/dayjs/releases )
- [Changelog](https://github.com/iamkun/dayjs/blob/dev/CHANGELOG.md )
- [Commits](https://github.com/iamkun/dayjs/compare/v1.8.16...v1.8.17 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 19:35:24 +01:00
dependabot-preview[bot]
e982033013
build(deps-dev): bump verdaccio-auth-memory from 8.2.0 to 8.3.0 ( #1559 )
...
Bumps [verdaccio-auth-memory](https://github.com/verdaccio/monorepo/tree/HEAD/plugins/auth-memory ) from 8.2.0 to 8.3.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases )
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/plugins/auth-memory/CHANGELOG.md )
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.3.0/plugins/auth-memory )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 08:48:04 +01:00
dependabot-preview[bot]
c6e80b58a7
build(deps-dev): bump jest-junit from 8.0.0 to 9.0.0 ( #1556 )
...
Bumps [jest-junit](https://github.com/jest-community/jest-junit ) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/jest-community/jest-junit/releases )
- [Commits](https://github.com/jest-community/jest-junit/compare/v8.0.0...v9.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 06:48:31 +01:00
dependabot-preview[bot]
241b0e51f7
build(deps): bump @verdaccio/commons-api from 8.2.0 to 8.3.0 ( #1555 )
...
Bumps [@verdaccio/commons-api](https://github.com/verdaccio/monorepo/tree/HEAD/core/commons-api ) from 8.2.0 to 8.3.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases )
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/core/commons-api/CHANGELOG.md )
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.3.0/core/commons-api )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-07 18:29:32 +01:00
Snyk bot
cd8228baed
fix: package.json to reduce vulnerabilities ( #1552 )
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388
2019-11-07 07:24:25 +01:00
Juan Picado @jotadeveloper
0aba1c36d9
chore: update Typescript 3.7.1-rc ( #1536 )
...
* chore: update typescript@3.7.0-beta
* chore: update to typescript@3.7.1-rc
2019-10-26 13:03:25 +02:00
Juan Picado @jotadeveloper
c70be6ec82
chore: update typescript@3.7.0-beta ( #1507 )
2019-10-26 12:48:35 +02:00
Juan Picado @jotadeveloper
b6abc00da9
chore(release): 4.3.4
2019-10-23 20:52:12 +02:00
Juan Picado @jotadeveloper
2ac7770459
fix: security vulnerability at readme in dompurify dep ( #1532 )
...
Fix Cross-site Scripting (XSS) in @verdaccio/readme
2019-10-23 20:49:36 +02:00
Sergio Hg
1d1a6829db
ci(circleci): store test results in junit format ( #1497 )
2019-10-05 16:29:49 +02:00
Juan Picado @jotadeveloper
b1b0c25212
chore(release): 4.3.3
2019-10-03 08:30:23 +02:00
Juan Picado @jotadeveloper
52130704ec
chore(release): 4.3.2
2019-10-02 21:19:05 +02:00
Juan Picado @jotadeveloper
147137c3ce
chore(release): 4.3.1
2019-10-01 22:37:24 +02:00
Juan Picado @jotadeveloper
c6314928ca
chore(release): 4.3.0
2019-09-30 23:06:33 +02:00
Sergio Hg
a1aefae0f4
chore(deps): update verdaccio-audit to fix express version ( #1490 )
2019-09-30 22:59:42 +02:00
Juan Picado @jotadeveloper
9d68816bde
chore: update dependencies ( #1485 )
2019-09-30 20:54:10 +02:00
Snyk bot
b1cd0704b9
fix: package.json to reduce vulnerabilities ( #1474 )
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DOMPURIFY-468981
2019-09-27 04:45:28 +02:00
Juan Picado @jotadeveloper
b486a9df1a
chore: update dependencies ( #1472 )
2019-09-26 19:40:23 +02:00
Juan Picado @jotadeveloper
dbf20175dc
feat: npm token command support ( #1427 )
...
* feat: support for npm token
This is an effor of:
This commit intent to provide npm token support.
https: //github.com/verdaccio/verdaccio/issues/541
https: //github.com/verdaccio/verdaccio/pull/1271
https: //github.com/verdaccio/local-storage/pull/168
Co-Authored-By: Manuel Spigolon <behemoth89@gmail.com>
Co-Authored-By: Juan Gabriel Jiménez <juangabreil@gmail.com>
* chore: update secrets baselines
Co-Authored-By: Liran Tal <liran.tal@gmail.com>
* chore: update lock file
* chore: add logger mock methods
* chore: update @verdaccio/types
* refactor: unit test was flacky
adapt the pkg access to the new configuration setup
* refactor: add plugin methods validation
* test: add test for aesEncrypt
* chore: update local-storage dependency
* chore: add support for experimetns
token will be part of the experiment lists
* chore: increase timeout
* chore: increase timeout threshold
* chore: update nock
* chore: update dependencies
* chore: update eslint config
* chore: update dependencies
* test: add unit test for npm token
* chore: update readme
2019-09-07 15:46:50 -07:00
Juan Picado @jotadeveloper
d5303f407b
feat: browse web package version ( #1457 )
...
* feat: allow endpoint to query by version
* chore: update @verdaccio/ui-theme
* test: add unit test for sidebar endpoint by version
2019-09-05 12:12:10 -07:00
Juan Picado @jotadeveloper
06f659c331
chore: add homepage
2019-08-26 07:01:48 +02:00
Juan Picado @jotadeveloper
e7b75646de
chore(release): 4.2.2
2019-08-25 19:20:02 +02:00
Juan Picado @jotadeveloper
37530ac0fd
build: update dependencies ( #1452 )
...
* build: update dependencies
* chore: update dependencies
* chore: update dependencies
* chore: update dependencies
* chore: allow ts-ignore
we will remove this in the future, warn for now
* chore: eslint rules as warning
this is due the update, we will address this later
2019-08-25 10:16:43 -07:00
Juan Picado @jotadeveloper
423371423a
fix: update @verdaccio/ui-theme@0.2.3 ( #1451 )
...
https://github.com/verdaccio/ui/blob/master/CHANGELOG.md#023-2019-08-25
missing headers on search endpoint with token (#121 ) (ac58730)
refactoring version page / fix issue not found page #100 (#117 ) (97e8448)
remove ToReplaceByVerdaccio #108 (#122 ) (5a9bd60)
api: correctly handle responses with missing content-type header (2049022)
2019-08-25 09:41:04 -07:00
Liran Tal
9b0b0bfac3
build: Lint the lockfile for security policies ( #1444 )
...
* feat: lint lockfiles
* fix: update secrets baseline
2019-08-25 09:37:25 -07:00
Juan Picado @jotadeveloper
621ebfeb1a
chore(release): 4.2.1
2019-08-10 13:51:14 +02:00
Juan Picado @jotadeveloper
4fb20efe60
Merge pull request #1418 from jamesgeorge007/hotfix/remove-stub-definition
...
fix(chore): remove stub type definition for handlebars
2019-08-01 18:41:40 +02:00
Zoltan Kochan
849f5bccb4
fix(deps): add missing prod dependency
...
http-errors needs to be a prod dependency
as it is used in code.
2019-07-31 19:08:32 +03:00
jamesgeorge007
de8dc43161
fix: remove stub type definition for handlebars
2019-07-30 14:06:16 +05:30
Juan Picado @jotadeveloper
c1672f7e32
chore(release): 4.2.0
2019-07-29 20:27:48 +02:00
Juan Picado @jotadeveloper
9dd1c8f400
feat: update to @verdaccio/ui-theme@0.2.2
...
- fix: https://github.com/verdaccio/ui/issues/76
- fix: https://github.com/verdaccio/ui/issues/75
- fix: https://github.com/verdaccio/ui/pull/106
- feat: https://github.com/verdaccio/ui/pull/47
Co-Authored-By: Priscila Oliveira <priscilawebdev@gmail.com>
Co-Authored-By: Sergio Hg <sergiohgz@users.noreply.github.com>
Co-Authored-By: Griffith <griffithtp@users.noreply.github.com>
2019-07-29 20:12:00 +02:00
Juan Picado @jotadeveloper
d93e76b366
feat: add new prop to audit middleware
...
- context: https://github.com/verdaccio/verdaccio-audit/pull/12
- related https://github.com/verdaccio/verdaccio/issues/1293
Co-Authored-By: Danny Frencham <dfrencham@users.noreply.github.com>
2019-07-29 10:12:29 +02:00
Liran Tal
c9f1124fda
chore(deps): bump detect-secrets for enhanced dev workflow
2019-07-27 13:32:11 +03:00
Liran Tal
2b218ce0de
fix(security): add secrets baseline
2019-07-19 08:02:08 +03:00
Liran Tal
aa8f1d3318
fix: upgrade to 1.0.2 which solves the docker issue
2019-07-19 06:39:22 +03:00
Liran Tal
9ef6808d4e
feat: prevent secrets from leaking to source control
2019-07-19 06:39:20 +03:00
Juan Picado @jotadeveloper
12b60f6cb7
build: fix semver missing type on build with docker
...
it seems the @types/semver do not handle a legitimate method named 'compareLoose'
2019-07-16 18:27:58 +02:00
Juan Picado @jotadeveloper
66f4197236
feat: convert project to typescript ( #1374 )
...
* chore: test
* chore: add
* chore: more progress
* chore: progress in migration, fix prettier parser
* chore: reduce tsc errors
* chore: refactor storage utils types
* chore: refactor utils types
* chore: refactor local storage types
* chore: refactor config utils types
* chore: refactor tsc types
* refactor: apply eslint fix, tabs etc
* chore: fix lint errors
* test: update unit test conf to typescript setup
few test refactored to typescript
* chore: enable more unit test
migrate to typescript
* chore: migrate storage test to tsc
* chore: migrate up storage test to tsc
* refactor: enable plugin and auth test
* chore: migrate plugin loader test
* chore: update dependencies
* chore: migrate functional test to typescript
* chore: add codecove
* chore: update express
* chore: downgrade puppeteer
The latest version does not seems to work properly fine.
* chore: update dependencies
2019-07-16 08:40:01 +02:00
Juan Picado @jotadeveloper
274bb1a9b9
chore(release): 4.1.0
2019-07-08 09:47:28 +02:00
Juan Picado @jotadeveloper
44c1610791
chore: restore @verdaccio/ui-theme@0.1.11
...
due to https://github.com/verdaccio/ui/issues/89
2019-07-08 09:40:38 +02:00