0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-16 21:56:25 -05:00
Commit graph

519 commits

Author SHA1 Message Date
Snyk bot
e459881be5 fix: package.json to reduce vulnerabilities (#1577)
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
2019-11-16 13:21:23 +01:00
dependabot-preview[bot]
b7757f898b build(deps-dev): bump @types/async from 3.0.2 to 3.0.3 (#1561)
Bumps [@types/async](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/async) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/async)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 19:36:18 +01:00
dependabot-preview[bot]
a774d4e1c4 build(deps-dev): bump @types/jest from 24.0.18 to 24.0.22 (#1560)
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 24.0.18 to 24.0.22.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 19:35:50 +01:00
dependabot-preview[bot]
e801d01a0c build(deps): bump dayjs from 1.8.16 to 1.8.17 (#1562)
Bumps [dayjs](https://github.com/iamkun/dayjs) from 1.8.16 to 1.8.17.
- [Release notes](https://github.com/iamkun/dayjs/releases)
- [Changelog](https://github.com/iamkun/dayjs/blob/dev/CHANGELOG.md)
- [Commits](https://github.com/iamkun/dayjs/compare/v1.8.16...v1.8.17)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 19:35:24 +01:00
dependabot-preview[bot]
e982033013 build(deps-dev): bump verdaccio-auth-memory from 8.2.0 to 8.3.0 (#1559)
Bumps [verdaccio-auth-memory](https://github.com/verdaccio/monorepo/tree/HEAD/plugins/auth-memory) from 8.2.0 to 8.3.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/plugins/auth-memory/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.3.0/plugins/auth-memory)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 08:48:04 +01:00
dependabot-preview[bot]
c6e80b58a7 build(deps-dev): bump jest-junit from 8.0.0 to 9.0.0 (#1556)
Bumps [jest-junit](https://github.com/jest-community/jest-junit) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/jest-community/jest-junit/releases)
- [Commits](https://github.com/jest-community/jest-junit/compare/v8.0.0...v9.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 06:48:31 +01:00
dependabot-preview[bot]
241b0e51f7 build(deps): bump @verdaccio/commons-api from 8.2.0 to 8.3.0 (#1555)
Bumps [@verdaccio/commons-api](https://github.com/verdaccio/monorepo/tree/HEAD/core/commons-api) from 8.2.0 to 8.3.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/core/commons-api/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.3.0/core/commons-api)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-07 18:29:32 +01:00
Snyk bot
cd8228baed fix: package.json to reduce vulnerabilities (#1552)
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388
2019-11-07 07:24:25 +01:00
Juan Picado @jotadeveloper
0aba1c36d9
chore: update Typescript 3.7.1-rc (#1536)
* chore: update typescript@3.7.0-beta

* chore: update to typescript@3.7.1-rc
2019-10-26 13:03:25 +02:00
Juan Picado @jotadeveloper
c70be6ec82
chore: update typescript@3.7.0-beta (#1507) 2019-10-26 12:48:35 +02:00
Juan Picado @jotadeveloper
b6abc00da9
chore(release): 4.3.4 2019-10-23 20:52:12 +02:00
Juan Picado @jotadeveloper
2ac7770459
fix: security vulnerability at readme in dompurify dep (#1532)
Fix Cross-site Scripting (XSS) in @verdaccio/readme
2019-10-23 20:49:36 +02:00
Sergio Hg
1d1a6829db ci(circleci): store test results in junit format (#1497) 2019-10-05 16:29:49 +02:00
Juan Picado @jotadeveloper
b1b0c25212
chore(release): 4.3.3 2019-10-03 08:30:23 +02:00
Juan Picado @jotadeveloper
52130704ec
chore(release): 4.3.2 2019-10-02 21:19:05 +02:00
Juan Picado @jotadeveloper
147137c3ce
chore(release): 4.3.1 2019-10-01 22:37:24 +02:00
Juan Picado @jotadeveloper
c6314928ca
chore(release): 4.3.0 2019-09-30 23:06:33 +02:00
Sergio Hg
a1aefae0f4 chore(deps): update verdaccio-audit to fix express version (#1490) 2019-09-30 22:59:42 +02:00
Juan Picado @jotadeveloper
9d68816bde chore: update dependencies (#1485) 2019-09-30 20:54:10 +02:00
Snyk bot
b1cd0704b9 fix: package.json to reduce vulnerabilities (#1474)
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DOMPURIFY-468981
2019-09-27 04:45:28 +02:00
Juan Picado @jotadeveloper
b486a9df1a
chore: update dependencies (#1472) 2019-09-26 19:40:23 +02:00
Juan Picado @jotadeveloper
dbf20175dc
feat: npm token command support (#1427)
* feat: support for npm token

This is an effor of:

This commit intent to provide npm token support.

https: //github.com/verdaccio/verdaccio/issues/541
https: //github.com/verdaccio/verdaccio/pull/1271
https: //github.com/verdaccio/local-storage/pull/168
Co-Authored-By: Manuel Spigolon <behemoth89@gmail.com>
Co-Authored-By: Juan Gabriel Jiménez <juangabreil@gmail.com>

* chore: update secrets baselines

Co-Authored-By: Liran Tal <liran.tal@gmail.com>

* chore: update lock file

* chore: add logger mock methods

* chore: update @verdaccio/types

* refactor: unit test was flacky

adapt the pkg access to the new configuration setup

* refactor: add plugin methods validation

* test: add test for aesEncrypt

* chore: update local-storage dependency

* chore: add support for experimetns

token will be part of the experiment lists

* chore: increase timeout

* chore: increase timeout threshold

* chore: update nock

* chore: update dependencies

* chore: update eslint config

* chore: update dependencies

* test: add unit test for npm token

* chore: update readme
2019-09-07 15:46:50 -07:00
Juan Picado @jotadeveloper
d5303f407b
feat: browse web package version (#1457)
* feat: allow endpoint to query by version

* chore: update @verdaccio/ui-theme

* test: add unit test for sidebar endpoint by version
2019-09-05 12:12:10 -07:00
Juan Picado @jotadeveloper
06f659c331
chore: add homepage 2019-08-26 07:01:48 +02:00
Juan Picado @jotadeveloper
e7b75646de
chore(release): 4.2.2 2019-08-25 19:20:02 +02:00
Juan Picado @jotadeveloper
37530ac0fd
build: update dependencies (#1452)
* build: update dependencies

* chore: update dependencies

* chore: update dependencies

* chore: update dependencies

* chore: allow ts-ignore

we will remove this in the future, warn for now

* chore: eslint rules as warning

this is due the update, we will address this later
2019-08-25 10:16:43 -07:00
Juan Picado @jotadeveloper
423371423a
fix: update @verdaccio/ui-theme@0.2.3 (#1451)
https://github.com/verdaccio/ui/blob/master/CHANGELOG.md#023-2019-08-25

missing headers on search endpoint with token (#121) (ac58730)
refactoring version page / fix issue not found page #100 (#117) (97e8448)
remove ToReplaceByVerdaccio #108 (#122) (5a9bd60)
api: correctly handle responses with missing content-type header (2049022)
2019-08-25 09:41:04 -07:00
Liran Tal
9b0b0bfac3 build: Lint the lockfile for security policies (#1444)
* feat: lint lockfiles

* fix: update secrets baseline
2019-08-25 09:37:25 -07:00
Juan Picado @jotadeveloper
621ebfeb1a
chore(release): 4.2.1 2019-08-10 13:51:14 +02:00
Juan Picado @jotadeveloper
4fb20efe60
Merge pull request #1418 from jamesgeorge007/hotfix/remove-stub-definition
fix(chore): remove stub type definition for handlebars
2019-08-01 18:41:40 +02:00
Zoltan Kochan
849f5bccb4 fix(deps): add missing prod dependency
http-errors needs to be a prod dependency
as it is used in code.
2019-07-31 19:08:32 +03:00
jamesgeorge007
de8dc43161 fix: remove stub type definition for handlebars 2019-07-30 14:06:16 +05:30
Juan Picado @jotadeveloper
c1672f7e32
chore(release): 4.2.0 2019-07-29 20:27:48 +02:00
Juan Picado @jotadeveloper
9dd1c8f400
feat: update to @verdaccio/ui-theme@0.2.2
- fix: https://github.com/verdaccio/ui/issues/76
- fix: https://github.com/verdaccio/ui/issues/75
- fix: https://github.com/verdaccio/ui/pull/106
- feat: https://github.com/verdaccio/ui/pull/47

Co-Authored-By: Priscila Oliveira <priscilawebdev@gmail.com>
Co-Authored-By: Sergio Hg <sergiohgz@users.noreply.github.com>
Co-Authored-By: Griffith <griffithtp@users.noreply.github.com>
2019-07-29 20:12:00 +02:00
Juan Picado @jotadeveloper
d93e76b366
feat: add new prop to audit middleware
- context: https://github.com/verdaccio/verdaccio-audit/pull/12
- related https://github.com/verdaccio/verdaccio/issues/1293

Co-Authored-By: Danny Frencham <dfrencham@users.noreply.github.com>
2019-07-29 10:12:29 +02:00
Liran Tal
c9f1124fda
chore(deps): bump detect-secrets for enhanced dev workflow 2019-07-27 13:32:11 +03:00
Liran Tal
2b218ce0de
fix(security): add secrets baseline 2019-07-19 08:02:08 +03:00
Liran Tal
aa8f1d3318
fix: upgrade to 1.0.2 which solves the docker issue 2019-07-19 06:39:22 +03:00
Liran Tal
9ef6808d4e
feat: prevent secrets from leaking to source control 2019-07-19 06:39:20 +03:00
Juan Picado @jotadeveloper
12b60f6cb7
build: fix semver missing type on build with docker
it seems the @types/semver do not handle a legitimate method named 'compareLoose'
2019-07-16 18:27:58 +02:00
Juan Picado @jotadeveloper
66f4197236
feat: convert project to typescript (#1374)
* chore: test

* chore: add

* chore: more progress

* chore: progress in migration, fix prettier parser

* chore: reduce tsc errors

* chore: refactor storage utils types

* chore: refactor utils types

* chore: refactor local storage types

* chore: refactor config utils types

* chore: refactor tsc types

* refactor: apply eslint fix, tabs etc

* chore: fix lint errors

* test: update unit test conf to typescript setup

few test refactored to typescript

* chore: enable more unit test

migrate to typescript

* chore: migrate storage test to tsc

* chore: migrate up storage test to tsc

* refactor: enable plugin and auth test

* chore: migrate plugin loader test

* chore: update dependencies

* chore: migrate functional test to typescript

* chore: add codecove

* chore: update express

* chore: downgrade puppeteer

The latest version does not seems to work properly fine.

* chore: update dependencies
2019-07-16 08:40:01 +02:00
Juan Picado @jotadeveloper
274bb1a9b9
chore(release): 4.1.0 2019-07-08 09:47:28 +02:00
Juan Picado @jotadeveloper
44c1610791
chore: restore @verdaccio/ui-theme@0.1.11
due to https://github.com/verdaccio/ui/issues/89
2019-07-08 09:40:38 +02:00
Juan Picado @jotadeveloper
a0cf98546b
chore: update dependencies
regular maintenance
2019-07-08 09:23:07 +02:00
James George
eb6bf5168b feat(chore): Included provision to show up local environment information (#1365)
* feat: adds provision to show up environment information

Fixes #1364

* feat: include docker info

* fix: pin envinfo

* fix: lock file

* fix: docker config

* fix: minor refactor

handle async behaviour

* feat: add short version for info
2019-06-30 18:17:25 +02:00
Juan Picado @jotadeveloper
b38ef9608f
Merge remote-tracking branch 'origin/master' into 4.1.x 2019-06-20 23:21:10 +02:00
Juan Picado @jotadeveloper
1aa9b4d4a5
chore(release): 4.0.4 2019-06-20 22:41:26 +02:00
Juan Picado @jotadeveloper
d252e66588
Merge remote-tracking branch 'origin/master' into 4.1.x
# Conflicts:
#	test/unit/modules/cli/cli.spec.js
2019-06-20 15:10:26 +02:00
Juan Picado @jotadeveloper
1d6eb945c9
chore(release): 4.0.3 2019-06-14 06:43:32 +02:00
Juan Picado @jotadeveloper
0fa26293a8
Merge remote-tracking branch 'origin/master' into 4.1.x 2019-06-13 22:04:35 +02:00