0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-23 22:27:34 -05:00
verdaccio/packages/plugins/audit/CHANGELOG.md
2021-12-15 19:02:26 +01:00

11 KiB

Change Log

11.0.0-6-next.8

Minor Changes

  • 24b9be02: refactor: improve docker image build with strict dependencies and prod build

11.0.0-6-next.7

Major Changes

  • 794af76c: Remove Node 12 support

    • We need move to the new undici and does not support Node.js 12

11.0.0-6-next.6

Major Changes

  • 459b6fa7: refactor: search v1 endpoint and local-database

    • refactor search api v1 endpoint, improve performance
    • remove usage of async dependency https://github.com/verdaccio/verdaccio/issues/1225
    • refactor method storage class
    • create new module core to reduce the ammount of modules with utilities
    • use undici instead node-fetch
    • use fastify instead express for functional test

    Breaking changes

    • plugin storage API changes
    • remove old search endpoint (return 404)
    • filter local private packages at plugin level

    The storage api changes for methods get, add, remove as promise base. The search methods also changes and recieves a query object that contains all query params from the client.

    export interface IPluginStorage<T> extends IPlugin {
      add(name: string): Promise<void>;
      remove(name: string): Promise<void>;
      get(): Promise<any>;
      init(): Promise<void>;
      getSecret(): Promise<string>;
      setSecret(secret: string): Promise<any>;
      getPackageStorage(packageInfo: string): IPackageStorage;
      search(query: searchUtils.SearchQuery): Promise<searchUtils.SearchItem[]>;
      saveToken(token: Token): Promise<any>;
      deleteToken(user: string, tokenKey: string): Promise<any>;
      readTokens(filter: TokenFilter): Promise<Token[]>;
    }
    

11.0.0-6-next.5

Patch Changes

  • f96b147e: fix: several issues which caused the audit to fail (#2335)

10.0.0-alpha.4

Major Changes

  • f8a50baa: feat: standalone registry with no dependencies

    Usage

    To install a server with no dependencies

    npm install -g @verdaccio/standalone
    

    with no internet required

    npm install -g ./tarball.tar.gz
    

    Bundles htpasswd and audit plugins.

    Breaking Change

    It does not allow anymore the auth and middleware property at config file empty, it will fallback to those plugins by default.

10.0.0-alpha.3

Patch Changes

  • fecbb9be: chore: add release step to private regisry on merge changeset pr

10.0.0-alpha.2

Minor Changes

  • 54c58d1e: feat: add server rate limit protection to all request

    To modify custom values, use the server settings property.

    server:
    
    ## https://www.npmjs.com/package/express-rate-limit#configuration-options
    
    rateLimit:
    windowMs: 1000
    max: 10000
    

    The values are intended to be high, if you want to improve security of your server consider using different values.

10.0.0-alpha.1

Major Changes

  • d87fa026: feat!: experiments config renamed to flags

    • The experiments configuration is renamed to flags. The functionality is exactly the same.
    flags: token: false;
    search: false;
    
    • The self_path property from the config file is being removed in favor of config_file full path.
    • Refactor config module, better types and utilities

All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.

9.7.3 (2020-07-30)

Bug Fixes

  • update marked / request security vulnerability (#378) (4188e08)

9.7.2 (2020-07-20)

Note: Version bump only for package verdaccio-audit

9.7.1 (2020-07-10)

Note: Version bump only for package verdaccio-audit

9.7.0 (2020-06-24)

Note: Version bump only for package verdaccio-audit

9.6.1 (2020-06-07)

Note: Version bump only for package verdaccio-audit

9.5.0 (2020-05-02)

Note: Version bump only for package verdaccio-audit

9.4.0 (2020-03-21)

Note: Version bump only for package verdaccio-audit

9.3.2 (2020-03-08)

Note: Version bump only for package verdaccio-audit

9.3.1 (2020-02-23)

Note: Version bump only for package verdaccio-audit

9.3.0 (2020-01-29)

Note: Version bump only for package verdaccio-audit

9.0.0 (2020-01-07)

Note: Version bump only for package verdaccio-audit

8.5.2 (2019-12-25)

Note: Version bump only for package verdaccio-audit

8.5.1 (2019-12-24)

Note: Version bump only for package verdaccio-audit

8.5.0 (2019-12-22)

Note: Version bump only for package verdaccio-audit

8.4.2 (2019-11-23)

Note: Version bump only for package verdaccio-audit

8.4.1 (2019-11-22)

Note: Version bump only for package verdaccio-audit

8.4.0 (2019-11-22)

Note: Version bump only for package verdaccio-audit

8.3.0 (2019-10-27)

Note: Version bump only for package verdaccio-audit

8.2.0 (2019-10-23)

Note: Version bump only for package verdaccio-audit

8.2.0-next.0 (2019-10-08)

Bug Fixes

8.1.4 (2019-09-30)

Note: Version bump only for package verdaccio-audit

8.1.3 (2019-09-30)

Note: Version bump only for package verdaccio-audit

8.1.2 (2019-09-29)

Note: Version bump only for package verdaccio-audit

8.1.1 (2019-09-26)

Note: Version bump only for package verdaccio-audit

8.1.0 (2019-09-07)

Note: Version bump only for package verdaccio-audit

8.0.1-next.1 (2019-08-29)

Note: Version bump only for package verdaccio-audit

8.0.1-next.0 (2019-08-29)

Note: Version bump only for package verdaccio-audit

8.0.0 (2019-08-22)

Note: Version bump only for package verdaccio-audit

8.0.0-next.4 (2019-08-18)

Note: Version bump only for package verdaccio-audit

8.0.0-next.2 (2019-08-03)

Note: Version bump only for package verdaccio-audit

8.0.0-next.1 (2019-08-01)

Note: Version bump only for package verdaccio-audit

8.0.0-next.0 (2019-08-01)

Bug Fixes

  • on error returns 500 by default (86bf628)
  • package.json to reduce vulnerabilities (457a791)

Features

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

1.2.1 (2019-07-29)

Bug Fixes

  • audit module doesn't support strict_ssl flag (f7d3f86)

Build System

1.2.0 (2019-04-06)

Bug Fixes

Features

1.1.0 (2019-01-09)

Features

  • pipe request and response bodies to save memory (#8) (0af7363)

1.0.1 (2019-01-09)

Bug Fixes

  • package.json to reduce vulnerabilities (bdf35df)

1.0.0 (2018-10-18)

Features

  • handle 'application/json, application/octet-stream' content types (cf38a38)

0.2.0 (2018-06-15)

Features

  • support audit via HTTPS proxy (5328bc3)