allcontributors[bot]
fec41d9b20
docs: add toolsofraj as a contributor ( #1837 )
...
* docs: update CONTRIBUTORS.md [skip ci]
* docs: update .all-contributorsrc [skip ci]
Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2020-06-13 08:51:35 +02:00
Juan Picado @jotadeveloper
7694221175
Merge branch 'master' of github.com:verdaccio/verdaccio
2020-06-13 08:46:40 +02:00
Juan Picado @jotadeveloper
c7023b9bba
chore: update contributors
2020-06-13 08:45:20 +02:00
toolsofraj
aee69a9453
fix: updated nodejs version to fix vulnerability in 12.x https://nodejs.org/en/blog/vulnerability/june-2020-security-releases/ ( #1836 )
...
Co-authored-by: Raj Sharma <raj@screenmeet.com>
2020-06-13 08:21:41 +02:00
Juan Picado @jotadeveloper
b01469ff73
chore: add contributors
2020-06-13 08:15:33 +02:00
Daniel Ruf
1352246d80
chore: test code scanning ( #1833 )
...
Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-06-07 18:29:52 +02:00
Juan Picado
e8e94182a4
chore: new issues report seetings ( #1834 )
2020-06-07 17:23:44 +02:00
dependabot-preview[bot]
530018895c
build(deps): bump mime from 2.4.4 to 2.4.6 ( #1831 )
...
Bumps [mime](https://github.com/broofa/mime ) from 2.4.4 to 2.4.6.
- [Release notes](https://github.com/broofa/mime/releases )
- [Changelog](https://github.com/broofa/mime/blob/master/CHANGELOG.md )
- [Commits](https://github.com/broofa/mime/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-06 07:43:44 +02:00
Juan Picado
56b677a35a
feat: restore Node 8 support ( #1832 )
...
This restore a support I removed in Verdaccio 4.5.0
This means nothing if you were not using Node v8, this support should be removed in a major release.
2020-06-03 22:35:31 +02:00
dependabot-preview[bot]
6b1553c257
build(deps-dev): bump codecov from 3.6.5 to 3.7.0 ( #1829 )
...
Bumps [codecov](https://github.com/codecov/codecov-node ) from 3.6.5 to 3.7.0.
- [Release notes](https://github.com/codecov/codecov-node/releases )
- [Commits](https://github.com/codecov/codecov-node/compare/v3.6.5...v3.7.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-03 07:10:29 +02:00
Snyk bot
6e66cc6433
chore: [Snyk] Upgrade verdaccio-audit from 9.4.0 to 9.5.0 ( #1821 )
...
* fix: upgrade verdaccio-audit from 9.4.0 to 9.5.0
Snyk has created this PR to upgrade verdaccio-audit from 9.4.0 to 9.5.0.
See this package in NPM:
https://www.npmjs.com/package/verdaccio-audit
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
* fix: upgrade verdaccio-audit from 9.4.0 to 9.5.0
Snyk has created this PR to upgrade verdaccio-audit from 9.4.0 to 9.5.0.
See this package in NPM:
https://www.npmjs.com/package/verdaccio-audit
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-05-24 12:03:44 +02:00
Snyk bot
1e2159a345
fix: [Snyk] upgrade @verdaccio/streams from 9.4.0 to 9.5.0 ( #1819 )
...
* fix: upgrade @verdaccio/streams from 9.4.0 to 9.5.0
Snyk has created this PR to upgrade @verdaccio/streams from 9.4.0 to 9.5.0.
See this package in NPM:
https://www.npmjs.com/package/@verdaccio/streams
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
* fix: upgrade @verdaccio/streams from 9.4.0 to 9.5.0
Snyk has created this PR to upgrade @verdaccio/streams from 9.4.0 to 9.5.0.
See this package in NPM:
https://www.npmjs.com/package/@verdaccio/streams
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-05-24 07:59:48 +02:00
Juan Picado
2d16675a66
chore: add browserstack oss sponsor on readme
2020-05-21 09:09:42 +02:00
dependabot-preview[bot]
f44adf096a
build(deps-dev): bump standard-version from 7.1.0 to 8.0.0 ( #1804 )
...
Bumps [standard-version](https://github.com/conventional-changelog/standard-version ) from 7.1.0 to 8.0.0.
- [Release notes](https://github.com/conventional-changelog/standard-version/releases )
- [Changelog](https://github.com/conventional-changelog/standard-version/blob/master/CHANGELOG.md )
- [Commits](https://github.com/conventional-changelog/standard-version/compare/v7.1.0...v8.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-12 22:02:03 +02:00
dependabot-preview[bot]
21216b42fa
build(deps): bump semver from 7.2.1 to 7.3.2 ( #1802 )
...
Bumps [semver](https://github.com/npm/node-semver ) from 7.2.1 to 7.3.2.
- [Release notes](https://github.com/npm/node-semver/releases )
- [Changelog](https://github.com/npm/node-semver/blob/master/CHANGELOG.md )
- [Commits](https://github.com/npm/node-semver/compare/v7.2.1...v7.3.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-12 21:06:43 +02:00
Juan Picado
882704f981
chore: add openjs world talk
2020-05-09 20:16:35 +02:00
dependabot-preview[bot]
2e693f15ce
build(deps-dev): bump @verdaccio/types from 9.3.0 to 9.5.0 ( #1805 )
...
Bumps [@verdaccio/types](https://github.com/verdaccio/monorepo/tree/HEAD/core/types ) from 9.3.0 to 9.5.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases )
- [Changelog](https://github.com/verdaccio/monorepo/blob/9.x/core/types/CHANGELOG.md )
- [Commits](https://github.com/verdaccio/monorepo/commits/v9.5.0/core/types )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-09 07:50:24 +02:00
dependabot-preview[bot]
1fa75e8215
build(deps): [security] bump acorn from 6.4.0 to 6.4.1 ( #1800 )
...
Bumps [acorn](https://github.com/acornjs/acorn ) from 6.4.0 to 6.4.1. **This update includes security fixes.**
- [Release notes](https://github.com/acornjs/acorn/releases )
- [Commits](https://github.com/acornjs/acorn/compare/6.4.0...6.4.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-07 17:16:11 +02:00
Snyk bot
50f6c71a37
fix: upgrade mkdirp from 1.0.3 to 1.0.4 ( #1782 )
...
* fix: upgrade mkdirp from 1.0.3 to 1.0.4
Snyk has created this PR to upgrade mkdirp from 1.0.3 to 1.0.4.
See this package in NPM:
https://www.npmjs.com/package/mkdirp
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
* fix: upgrade mkdirp from 1.0.3 to 1.0.4
Snyk has created this PR to upgrade mkdirp from 1.0.3 to 1.0.4.
See this package in NPM:
https://www.npmjs.com/package/mkdirp
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-05-01 12:42:58 +02:00
Juan Picado @jotadeveloper
07f1232f65
chore(release): 4.6.2
2020-05-01 11:15:10 +02:00
Juan Picado
c2e0e1e0bf
fix: avoid access to sidebar without login ( #1794 )
2020-05-01 11:09:44 +02:00
Juan Picado
f9e7f8671b
fix: update core dependencies ( #1790 )
...
- @verdaccio/ui-theme@1.7.1 add language switch and fix bug translations powered by @priscilawebdev
- verdaccio-htpasswd@9.4.1 generate non-constant legacy 2 byte salt by @michaellotz-iart
- update dayjs and envinfo
2020-04-30 20:39:46 +02:00
Juan Picado @jotadeveloper
fa72de2521
chore: pin dependencies
2020-04-30 07:46:48 +02:00
Juan Picado
87b5822646
chore: update security policy
...
3.x is no longer supported
2020-04-27 07:51:28 +02:00
Juan Picado @jotadeveloper
afb31b8baf
chore(release): 4.6.1
2020-04-27 07:42:33 +02:00
Juan Picado
416d41fa08
fix: improve token validation ( #1784 )
...
* fix: check name of credentials
* chore: improve validation
2020-04-26 22:26:49 +02:00
Juan Picado @jotadeveloper
9602995636
chore: add is website vulnerable local registry check
2020-04-25 22:21:06 +02:00
Juan Picado @jotadeveloper
e9f99f46e2
chore: restore @octokit/rest
2020-04-24 22:15:11 +02:00
Juan Picado @jotadeveloper
db68680407
chore(release): 4.6.0
2020-04-24 18:47:28 +02:00
Juan Picado
656ec55897
feat: update @verdaccio/ui-theme@1.5.0 ( #1780 )
2020-04-24 18:46:14 +02:00
Juan Picado @jotadeveloper
61faa33de1
feat: update docker node to 12.16.2 ( #1776 )
2020-04-13 11:18:21 +02:00
Juan Picado @jotadeveloper
1a9a12e918
fix: fatal exception and crash when log rotate signal event is called ( #1774 )
...
fix #1709
2020-04-10 17:36:29 +02:00
Juan Picado @jotadeveloper
4cf61d6e8c
chore: upgrade dependencies ( #1773 )
...
* chore: update dependencies
* chore: rollback @types/express
2020-04-09 11:09:30 +02:00
Juan Picado @jotadeveloper
262241466c
Merge pull request #1761 from verdaccio/snyk-upgrade-d77655948f2b0aa52ea586cedd63fada
...
[Snyk] Upgrade dayjs from 1.8.21 to 1.8.22
2020-04-09 01:07:43 +02:00
Juan Picado @jotadeveloper
8c135db633
Merge branch 'master' into snyk-upgrade-d77655948f2b0aa52ea586cedd63fada
2020-04-09 00:33:38 +02:00
Juan Picado @jotadeveloper
d68926050d
fix: incorrect primary_color crash the ui ( #1771 )
...
* fix: incorrect primary_color crash the ui
* chore: also supports 3 and 6 characters as valid hex
2020-04-09 00:33:03 +02:00
Juan Picado @jotadeveloper
4a812620cf
feat: add dark mode on and chinese translation for web ( #1765 )
...
* feat: add dark mode on ui
* chore: update description
* chore: update @verdaccio/ui-theme@1.5.0
* chore: add spaces
2020-04-08 23:24:57 +02:00
snyk-bot
b2d00e4330
fix: upgrade dayjs from 1.8.21 to 1.8.22
...
Snyk has created this PR to upgrade dayjs from 1.8.21 to 1.8.22.
See this package in NPM:
https://www.npmjs.com/package/dayjs
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-31 01:11:38 +00:00
Juan Picado @jotadeveloper
ef185fbeda
chore: update lock bot
2020-03-30 18:36:18 +02:00
Snyk bot
ebae410c81
fix: upgrade dayjs from 1.8.20 to 1.8.21 ( #1759 )
...
Snyk has created this PR to upgrade dayjs from 1.8.20 to 1.8.21.
See this package in NPM:
https://www.npmjs.com/package/dayjs
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-20 22:37:53 +01:00
Snyk bot
3ec8d13578
fix: upgrade async from 3.1.1 to 3.2.0 ( #1756 )
...
Snyk has created this PR to upgrade async from 3.1.1 to 3.2.0.
See this package in NPM:
https://www.npmjs.com/package/async
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-18 17:09:47 +01:00
Juan Picado @jotadeveloper
3e2715fcf7
chore(release): 4.5.1
2020-03-14 08:31:02 +01:00
Juan Picado @jotadeveloper
17c3324e93
fix: update docs to support minimum node v10 ( #1753 )
...
At v4.5.0 we shipped some security releases, one of them is JSDOM https://github.com/jsdom/jsdom/releases/tag/16.0.0 and only supports Node.js v10
Node v8 is out of maintenance so we don't consider this a breaking change.
2020-03-14 08:28:40 +01:00
Juan Picado @jotadeveloper
5c8b267ee0
chore(release): 4.5.0
2020-03-14 07:36:04 +01:00
Juan Picado @jotadeveloper
c493b316b1
feat: i18n on web ( #1750 )
...
* feat: add i18n to web
* chore: enable es features
2020-03-14 07:16:47 +01:00
Snyk bot
981efa5571
fix: upgrade mkdirp from 1.0.0 to 1.0.3 ( #1747 )
...
Snyk has created this PR to upgrade mkdirp from 1.0.0 to 1.0.3.
See this package in NPM:
https://www.npmjs.com/package/mkdirp
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-12 23:33:32 +01:00
Juan Picado @jotadeveloper
1e664bdfa5
fix: update dependencies security warnings ( #1748 )
2020-03-12 07:18:12 +01:00
Snyk bot
3c49777868
fix: package.json & yarn.lock to reduce vulnerabilities ( #1746 )
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
2020-03-11 22:37:40 +01:00
Juan Picado @jotadeveloper
92135265cd
fix: update @verdaccio/readme@9.3.2 ( #1745 )
...
* fix: update @verdaccio/readme@9.3.2
* chore: update github action
2020-03-11 22:27:58 +01:00
Juan Picado @jotadeveloper
1968fa82a2
fix: update acorn@7.1.1 ( #1739 )
...
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049
https://www.npmjs.com/advisories/1488
2020-03-07 22:14:50 +01:00