Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-30 22:34:10 -05:00
Code Issues Activity
3353 commits 17 branches 2231 tags 786 MiB
Commit graph

515 commits

Author SHA1 Message Date
dependabot-preview[bot]
e982033013 build(deps-dev): bump verdaccio-auth-memory from 8.2.0 to 8.3.0 (#1559) 
Bumps [verdaccio-auth-memory](https://github.com/verdaccio/monorepo/tree/HEAD/plugins/auth-memory) from 8.2.0 to 8.3.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/plugins/auth-memory/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.3.0/plugins/auth-memory)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-08 08:48:04 +01:00
dependabot-preview[bot]
c6e80b58a7 build(deps-dev): bump jest-junit from 8.0.0 to 9.0.0 (#1556) 
Bumps [jest-junit](https://github.com/jest-community/jest-junit) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/jest-community/jest-junit/releases)
- [Commits](https://github.com/jest-community/jest-junit/compare/v8.0.0...v9.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-08 06:48:31 +01:00
dependabot-preview[bot]
241b0e51f7 build(deps): bump @verdaccio/commons-api from 8.2.0 to 8.3.0 (#1555) 
Bumps [@verdaccio/commons-api](https://github.com/verdaccio/monorepo/tree/HEAD/core/commons-api) from 8.2.0 to 8.3.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/core/commons-api/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.3.0/core/commons-api)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-07 18:29:32 +01:00
Snyk bot
cd8228baed fix: package.json to reduce vulnerabilities (#1552) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388
 2019-11-07 07:24:25 +01:00
Juan Picado @jotadeveloper
0aba1c36d9
chore: update Typescript 3.7.1-rc (#1536) 
* chore: update typescript@3.7.0-beta

* chore: update to typescript@3.7.1-rc
 2019-10-26 13:03:25 +02:00
Juan Picado @jotadeveloper
c70be6ec82
chore: update typescript@3.7.0-beta (#1507) 2019-10-26 12:48:35 +02:00
Juan Picado @jotadeveloper
b6abc00da9
chore(release): 4.3.4 2019-10-23 20:52:12 +02:00
Juan Picado @jotadeveloper
2ac7770459
fix: security vulnerability at readme in dompurify dep (#1532) 
Fix Cross-site Scripting (XSS) in @verdaccio/readme
 2019-10-23 20:49:36 +02:00
Sergio Hg
1d1a6829db ci(circleci): store test results in junit format (#1497) 2019-10-05 16:29:49 +02:00
Juan Picado @jotadeveloper
b1b0c25212
chore(release): 4.3.3 2019-10-03 08:30:23 +02:00
Juan Picado @jotadeveloper
52130704ec
chore(release): 4.3.2 2019-10-02 21:19:05 +02:00
Juan Picado @jotadeveloper
147137c3ce
chore(release): 4.3.1 2019-10-01 22:37:24 +02:00
Juan Picado @jotadeveloper
c6314928ca
chore(release): 4.3.0 2019-09-30 23:06:33 +02:00
Sergio Hg
a1aefae0f4 chore(deps): update verdaccio-audit to fix express version (#1490) 2019-09-30 22:59:42 +02:00
Juan Picado @jotadeveloper
9d68816bde chore: update dependencies (#1485) 2019-09-30 20:54:10 +02:00
Snyk bot
b1cd0704b9 fix: package.json to reduce vulnerabilities (#1474) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DOMPURIFY-468981
 2019-09-27 04:45:28 +02:00
Juan Picado @jotadeveloper
b486a9df1a
chore: update dependencies (#1472) 2019-09-26 19:40:23 +02:00
Juan Picado @jotadeveloper
dbf20175dc
feat: npm token command support (#1427) 
* feat: support for npm token

This is an effor of:

This commit intent to provide npm token support.

https: //github.com/verdaccio/verdaccio/issues/541
https: //github.com/verdaccio/verdaccio/pull/1271
https: //github.com/verdaccio/local-storage/pull/168
Co-Authored-By: Manuel Spigolon <behemoth89@gmail.com>
Co-Authored-By: Juan Gabriel Jiménez <juangabreil@gmail.com>

* chore: update secrets baselines

Co-Authored-By: Liran Tal <liran.tal@gmail.com>

* chore: update lock file

* chore: add logger mock methods

* chore: update @verdaccio/types

* refactor: unit test was flacky

adapt the pkg access to the new configuration setup

* refactor: add plugin methods validation

* test: add test for aesEncrypt

* chore: update local-storage dependency

* chore: add support for experimetns

token will be part of the experiment lists

* chore: increase timeout

* chore: increase timeout threshold

* chore: update nock

* chore: update dependencies

* chore: update eslint config

* chore: update dependencies

* test: add unit test for npm token

* chore: update readme
 2019-09-07 15:46:50 -07:00
Juan Picado @jotadeveloper
d5303f407b
feat: browse web package version (#1457) 
* feat: allow endpoint to query by version

* chore: update @verdaccio/ui-theme

* test: add unit test for sidebar endpoint by version
 2019-09-05 12:12:10 -07:00
Juan Picado @jotadeveloper
06f659c331
chore: add homepage 2019-08-26 07:01:48 +02:00
Juan Picado @jotadeveloper
e7b75646de
chore(release): 4.2.2 2019-08-25 19:20:02 +02:00
Juan Picado @jotadeveloper
37530ac0fd
build: update dependencies (#1452) 
* build: update dependencies

* chore: update dependencies

* chore: update dependencies

* chore: update dependencies

* chore: allow ts-ignore

we will remove this in the future, warn for now

* chore: eslint rules as warning

this is due the update, we will address this later
 2019-08-25 10:16:43 -07:00
Juan Picado @jotadeveloper
423371423a
fix: update @verdaccio/ui-theme@0.2.3 (#1451) 
https://github.com/verdaccio/ui/blob/master/CHANGELOG.md#023-2019-08-25

missing headers on search endpoint with token (#121) (ac58730)
refactoring version page / fix issue not found page #100 (#117) (97e8448)
remove ToReplaceByVerdaccio #108 (#122) (5a9bd60)
api: correctly handle responses with missing content-type header (2049022)
 2019-08-25 09:41:04 -07:00
Liran Tal
9b0b0bfac3 build: Lint the lockfile for security policies (#1444) 
* feat: lint lockfiles

* fix: update secrets baseline
 2019-08-25 09:37:25 -07:00
Juan Picado @jotadeveloper
621ebfeb1a
chore(release): 4.2.1 2019-08-10 13:51:14 +02:00
Juan Picado @jotadeveloper
4fb20efe60
Merge pull request #1418 from jamesgeorge007/hotfix/remove-stub-definition 
fix(chore): remove stub type definition for handlebars
 2019-08-01 18:41:40 +02:00
Zoltan Kochan
849f5bccb4 fix(deps): add missing prod dependency 
http-errors needs to be a prod dependency
as it is used in code.
 2019-07-31 19:08:32 +03:00
jamesgeorge007
de8dc43161 fix: remove stub type definition for handlebars 2019-07-30 14:06:16 +05:30
Juan Picado @jotadeveloper
c1672f7e32
chore(release): 4.2.0 2019-07-29 20:27:48 +02:00
Juan Picado @jotadeveloper
9dd1c8f400
feat: update to @verdaccio/ui-theme@0.2.2 
- fix: https://github.com/verdaccio/ui/issues/76
- fix: https://github.com/verdaccio/ui/issues/75
- fix: https://github.com/verdaccio/ui/pull/106
- feat: https://github.com/verdaccio/ui/pull/47

Co-Authored-By: Priscila Oliveira <priscilawebdev@gmail.com>
Co-Authored-By: Sergio Hg <sergiohgz@users.noreply.github.com>
Co-Authored-By: Griffith <griffithtp@users.noreply.github.com>
 2019-07-29 20:12:00 +02:00
Juan Picado @jotadeveloper
d93e76b366
feat: add new prop to audit middleware 
- context: https://github.com/verdaccio/verdaccio-audit/pull/12
- related https://github.com/verdaccio/verdaccio/issues/1293

Co-Authored-By: Danny Frencham <dfrencham@users.noreply.github.com>
 2019-07-29 10:12:29 +02:00
Liran Tal
c9f1124fda
chore(deps): bump detect-secrets for enhanced dev workflow 2019-07-27 13:32:11 +03:00
Liran Tal
2b218ce0de
fix(security): add secrets baseline 2019-07-19 08:02:08 +03:00
Liran Tal
aa8f1d3318
fix: upgrade to 1.0.2 which solves the docker issue 2019-07-19 06:39:22 +03:00
Liran Tal
9ef6808d4e
feat: prevent secrets from leaking to source control 2019-07-19 06:39:20 +03:00
Juan Picado @jotadeveloper
12b60f6cb7
build: fix semver missing type on build with docker 
it seems the @types/semver do not handle a legitimate method named 'compareLoose'
 2019-07-16 18:27:58 +02:00
Juan Picado @jotadeveloper
66f4197236
feat: convert project to typescript (#1374) 
* chore: test

* chore: add

* chore: more progress

* chore: progress in migration, fix prettier parser

* chore: reduce tsc errors

* chore: refactor storage utils types

* chore: refactor utils types

* chore: refactor local storage types

* chore: refactor config utils types

* chore: refactor tsc types

* refactor: apply eslint fix, tabs etc

* chore: fix lint errors

* test: update unit test conf to typescript setup

few test refactored to typescript

* chore: enable more unit test

migrate to typescript

* chore: migrate storage test to tsc

* chore: migrate up storage test to tsc

* refactor: enable plugin and auth test

* chore: migrate plugin loader test

* chore: update dependencies

* chore: migrate functional test to typescript

* chore: add codecove

* chore: update express

* chore: downgrade puppeteer

The latest version does not seems to work properly fine.

* chore: update dependencies
 2019-07-16 08:40:01 +02:00
Juan Picado @jotadeveloper
274bb1a9b9
chore(release): 4.1.0 2019-07-08 09:47:28 +02:00
Juan Picado @jotadeveloper
44c1610791
chore: restore @verdaccio/ui-theme@0.1.11 
due to https://github.com/verdaccio/ui/issues/89
 2019-07-08 09:40:38 +02:00
Juan Picado @jotadeveloper
a0cf98546b
chore: update dependencies 
regular maintenance
 2019-07-08 09:23:07 +02:00
James George
eb6bf5168b feat(chore): Included provision to show up local environment information (#1365) 
* feat: adds provision to show up environment information

Fixes #1364

* feat: include docker info

* fix: pin envinfo

* fix: lock file

* fix: docker config

* fix: minor refactor

handle async behaviour

* feat: add short version for info
 2019-06-30 18:17:25 +02:00
Juan Picado @jotadeveloper
b38ef9608f
Merge remote-tracking branch 'origin/master' into 4.1.x 2019-06-20 23:21:10 +02:00
Juan Picado @jotadeveloper
1aa9b4d4a5
chore(release): 4.0.4 2019-06-20 22:41:26 +02:00
Juan Picado @jotadeveloper
d252e66588
Merge remote-tracking branch 'origin/master' into 4.1.x 
# Conflicts:
#	test/unit/modules/cli/cli.spec.js
 2019-06-20 15:10:26 +02:00
Juan Picado @jotadeveloper
1d6eb945c9
chore(release): 4.0.3 2019-06-14 06:43:32 +02:00
Juan Picado @jotadeveloper
0fa26293a8
Merge remote-tracking branch 'origin/master' into 4.1.x 2019-06-13 22:04:35 +02:00
Will Smythe
eb7a8e3528 fix(api): return 503 to npm/yarn on uplink connection timeout (#1331) 
fix  #1328 and #720

Type: bug

The following has been addressed in the PR:

Instead of returning a 404 (Not Found) when npm, yarn, etc requests a package and the package cannot be acquired from an uplink due to a connection timeout, socket timeout, or connection reset problem, a 503 (service unavailable) is returned by Verdaccio instead. In limited testing of a few versions of npm and yarn, both of these clients correctly attempt to retry the request when a 503 is returned.

Added functional tests to verify the behavior (this adds a dev dependency on nock, which provides HTTP request mocking

Description:

This resolves issue #1328 and #720, and ensures npm/yarn install commands don't fail immediately when there is an intermittent network timeout problem with an uplink. Instead Verdaccio will appropriately respond to the client with a 503. A 404 response (current behavior) incorrectly tells the client that the package does not exist (which may or may not be true) and to not try again.
 2019-06-13 21:42:01 +02:00
Juan Picado @jotadeveloper
e77ffb4c31
chore(release): 4.0.2 2019-06-13 07:03:25 +02:00
Juan Picado @jotadeveloper
192fb77169
fix(ui): failed to load all packages after login 
more details https://github.com/verdaccio/ui/issues/72
 2019-06-13 06:49:40 +02:00
Juan Picado @jotadeveloper
e5816342a6
fix: update dependencies 
fix #1339 dayjs warning on yarn installation
 2019-06-13 06:42:39 +02:00