4d01831842
feat: update ui add new languages ( #1849 )
2020-06-20 07:24:58 +02:00
03c7feb64d
feat: update verdaccio plugins and dependencies ( #1838 )
...
* chore: update dependencies
* chore: update dependencies
* chore: remove node v10 warning
2020-06-13 10:38:23 +02:00
c7023b9bba
chore: update contributors
2020-06-13 08:45:20 +02:00
530018895c
build(deps): bump mime from 2.4.4 to 2.4.6 ( #1831 )
...
Bumps [mime](https://github.com/broofa/mime ) from 2.4.4 to 2.4.6.
- [Release notes](https://github.com/broofa/mime/releases )
- [Changelog](https://github.com/broofa/mime/blob/master/CHANGELOG.md )
- [Commits](https://github.com/broofa/mime/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-06 07:43:44 +02:00
56b677a35a
feat: restore Node 8 support ( #1832 )
...
This restore a support I removed in Verdaccio 4.5.0
This means nothing if you were not using Node v8, this support should be removed in a major release.
2020-06-03 22:35:31 +02:00
6b1553c257
build(deps-dev): bump codecov from 3.6.5 to 3.7.0 ( #1829 )
...
Bumps [codecov](https://github.com/codecov/codecov-node ) from 3.6.5 to 3.7.0.
- [Release notes](https://github.com/codecov/codecov-node/releases )
- [Commits](https://github.com/codecov/codecov-node/compare/v3.6.5...v3.7.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-03 07:10:29 +02:00
6e66cc6433
chore: [Snyk] Upgrade verdaccio-audit from 9.4.0 to 9.5.0 ( #1821 )
...
* fix: upgrade verdaccio-audit from 9.4.0 to 9.5.0
Snyk has created this PR to upgrade verdaccio-audit from 9.4.0 to 9.5.0.
See this package in NPM:
https://www.npmjs.com/package/verdaccio-audit
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
* fix: upgrade verdaccio-audit from 9.4.0 to 9.5.0
Snyk has created this PR to upgrade verdaccio-audit from 9.4.0 to 9.5.0.
See this package in NPM:
https://www.npmjs.com/package/verdaccio-audit
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-05-24 12:03:44 +02:00
1e2159a345
fix: [Snyk] upgrade @verdaccio/streams from 9.4.0 to 9.5.0 ( #1819 )
...
* fix: upgrade @verdaccio/streams from 9.4.0 to 9.5.0
Snyk has created this PR to upgrade @verdaccio/streams from 9.4.0 to 9.5.0.
See this package in NPM:
https://www.npmjs.com/package/@verdaccio/streams
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
* fix: upgrade @verdaccio/streams from 9.4.0 to 9.5.0
Snyk has created this PR to upgrade @verdaccio/streams from 9.4.0 to 9.5.0.
See this package in NPM:
https://www.npmjs.com/package/@verdaccio/streams
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-05-24 07:59:48 +02:00
f44adf096a
build(deps-dev): bump standard-version from 7.1.0 to 8.0.0 ( #1804 )
...
Bumps [standard-version](https://github.com/conventional-changelog/standard-version ) from 7.1.0 to 8.0.0.
- [Release notes](https://github.com/conventional-changelog/standard-version/releases )
- [Changelog](https://github.com/conventional-changelog/standard-version/blob/master/CHANGELOG.md )
- [Commits](https://github.com/conventional-changelog/standard-version/compare/v7.1.0...v8.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-12 22:02:03 +02:00
21216b42fa
build(deps): bump semver from 7.2.1 to 7.3.2 ( #1802 )
...
Bumps [semver](https://github.com/npm/node-semver ) from 7.2.1 to 7.3.2.
- [Release notes](https://github.com/npm/node-semver/releases )
- [Changelog](https://github.com/npm/node-semver/blob/master/CHANGELOG.md )
- [Commits](https://github.com/npm/node-semver/compare/v7.2.1...v7.3.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-12 21:06:43 +02:00
50f6c71a37
fix: upgrade mkdirp from 1.0.3 to 1.0.4 ( #1782 )
...
* fix: upgrade mkdirp from 1.0.3 to 1.0.4
Snyk has created this PR to upgrade mkdirp from 1.0.3 to 1.0.4.
See this package in NPM:
https://www.npmjs.com/package/mkdirp
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
* fix: upgrade mkdirp from 1.0.3 to 1.0.4
Snyk has created this PR to upgrade mkdirp from 1.0.3 to 1.0.4.
See this package in NPM:
https://www.npmjs.com/package/mkdirp
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-05-01 12:42:58 +02:00
07f1232f65
chore(release): 4.6.2
2020-05-01 11:15:10 +02:00
f9e7f8671b
fix: update core dependencies ( #1790 )
...
- @verdaccio/ui-theme@1.7.1 add language switch and fix bug translations powered by @priscilawebdev
- verdaccio-htpasswd@9.4.1 generate non-constant legacy 2 byte salt by @michaellotz-iart
- update dayjs and envinfo
2020-04-30 20:39:46 +02:00
fa72de2521
chore: pin dependencies
2020-04-30 07:46:48 +02:00
afb31b8baf
chore(release): 4.6.1
2020-04-27 07:42:33 +02:00
e9f99f46e2
chore: restore @octokit/rest
2020-04-24 22:15:11 +02:00
db68680407
chore(release): 4.6.0
2020-04-24 18:47:28 +02:00
656ec55897
feat: update @verdaccio/ui-theme@1.5.0 ( #1780 )
2020-04-24 18:46:14 +02:00
4cf61d6e8c
chore: upgrade dependencies ( #1773 )
...
* chore: update dependencies
* chore: rollback @types/express
2020-04-09 11:09:30 +02:00
8c135db633
Merge branch 'master' into snyk-upgrade-d77655948f2b0aa52ea586cedd63fada
2020-04-09 00:33:38 +02:00
4a812620cf
feat: add dark mode on and chinese translation for web ( #1765 )
...
* feat: add dark mode on ui
* chore: update description
* chore: update @verdaccio/ui-theme@1.5.0
* chore: add spaces
2020-04-08 23:24:57 +02:00
b2d00e4330
fix: upgrade dayjs from 1.8.21 to 1.8.22
...
Snyk has created this PR to upgrade dayjs from 1.8.21 to 1.8.22.
See this package in NPM:
https://www.npmjs.com/package/dayjs
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-31 01:11:38 +00:00
ebae410c81
fix: upgrade dayjs from 1.8.20 to 1.8.21 ( #1759 )
...
Snyk has created this PR to upgrade dayjs from 1.8.20 to 1.8.21.
See this package in NPM:
https://www.npmjs.com/package/dayjs
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-20 22:37:53 +01:00
3ec8d13578
fix: upgrade async from 3.1.1 to 3.2.0 ( #1756 )
...
Snyk has created this PR to upgrade async from 3.1.1 to 3.2.0.
See this package in NPM:
https://www.npmjs.com/package/async
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-18 17:09:47 +01:00
3e2715fcf7
chore(release): 4.5.1
2020-03-14 08:31:02 +01:00
17c3324e93
fix: update docs to support minimum node v10 ( #1753 )
...
At v4.5.0 we shipped some security releases, one of them is JSDOM https://github.com/jsdom/jsdom/releases/tag/16.0.0 and only supports Node.js v10
Node v8 is out of maintenance so we don't consider this a breaking change.
2020-03-14 08:28:40 +01:00
5c8b267ee0
chore(release): 4.5.0
2020-03-14 07:36:04 +01:00
c493b316b1
feat: i18n on web ( #1750 )
...
* feat: add i18n to web
* chore: enable es features
2020-03-14 07:16:47 +01:00
981efa5571
fix: upgrade mkdirp from 1.0.0 to 1.0.3 ( #1747 )
...
Snyk has created this PR to upgrade mkdirp from 1.0.0 to 1.0.3.
See this package in NPM:
https://www.npmjs.com/package/mkdirp
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-12 23:33:32 +01:00
1e664bdfa5
fix: update dependencies security warnings ( #1748 )
2020-03-12 07:18:12 +01:00
3c49777868
fix: package.json & yarn.lock to reduce vulnerabilities ( #1746 )
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
2020-03-11 22:37:40 +01:00
92135265cd
fix: update @verdaccio/readme@9.3.2 ( #1745 )
...
* fix: update @verdaccio/readme@9.3.2
* chore: update github action
2020-03-11 22:27:58 +01:00
64e2543d59
fix: upgrade semver from 7.1.2 to 7.1.3 ( #1735 )
...
Snyk has created this PR to upgrade semver from 7.1.2 to 7.1.3.
See this package in NPM:
https://www.npmjs.com/package/semver
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-05 06:47:33 +01:00
6849ef9697
fix: upgrade dayjs from 1.8.19 to 1.8.20 ( #1721 )
...
Snyk has created this PR to upgrade dayjs from 1.8.19 to 1.8.20.
See this package in NPM:
https://www.npmjs.com/package/dayjs
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-04 20:39:45 +01:00
11fed6d3c3
fix: upgrade handlebars from 4.7.2 to 4.7.3 ( #1726 )
...
Snyk has created this PR to upgrade handlebars from 4.7.2 to 4.7.3.
See this package in NPM:
https://www.npmjs.com/package/handlebars
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-03-04 20:38:20 +01:00
0d7123b7bb
chore(release): 4.4.4
2020-02-26 22:39:54 +01:00
c3e931efa1
fix: upgrade semver from 7.1.1 to 7.1.2 ( #1719 )
...
Snyk has created this PR to upgrade semver from 7.1.1 to 7.1.2.
See this package in NPM:
https://www.npmjs.com/package/semver
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-02-25 20:41:36 +01:00
1f3f8cd72c
fix: upgrade @verdaccio/local-storage from 9.0.0 to 9.3.0 ( #1717 )
...
Snyk has created this PR to upgrade @verdaccio/local-storage from 9.0.0 to 9.3.0.
See this package in NPM:
https://www.npmjs.com/package/@verdaccio/local-storage
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-02-23 10:49:28 +01:00
14565169cb
build(deps-dev): bump codecov from 3.6.1 to 3.6.5 ( #1712 )
...
Bumps [codecov](https://github.com/codecov/codecov-node ) from 3.6.1 to 3.6.5.
- [Release notes](https://github.com/codecov/codecov-node/releases )
- [Commits](https://github.com/codecov/codecov-node/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2020-02-19 19:18:17 +01:00
d1eb3583aa
chore(release): 4.4.3
2020-02-19 08:39:48 +01:00
d94f838cd9
fix: update @verdaccio/ui-theme@0.3.13 ( #1710 )
2020-02-19 08:38:53 +01:00
a32e431813
fix: upgrade async from 3.1.0 to 3.1.1 ( #1708 )
...
Snyk has created this PR to upgrade async from 3.1.0 to 3.1.1.
See this package in NPM:
https://www.npmjs.com/package/async
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-02-16 09:48:07 +01:00
8c2e58b6af
fix: upgrade handlebars from 4.5.3 to 4.7.2 ( #1699 )
...
Snyk has created this PR to upgrade handlebars from 4.5.3 to 4.7.2.
See this package in NPM:
https://www.npmjs.com/package/handlebars
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-02-14 07:06:22 +01:00
5320b13473
fix: upgrade dayjs from 1.8.17 to 1.8.19 ( #1700 )
...
Snyk has created this PR to upgrade dayjs from 1.8.17 to 1.8.19.
See this package in NPM:
https://www.npmjs.com/package/dayjs
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-02-14 01:58:18 +01:00
17ddf3e626
fix: upgrade lockfile-lint from 2.0.1 to 2.2.0 ( #1698 )
...
Snyk has created this PR to upgrade lockfile-lint from 2.0.1 to 2.2.0.
See this package in NPM:
https://www.npmjs.com/package/lockfile-lint
See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-02-13 22:09:09 +01:00
e350ca4917
build(deps-dev): bump rimraf from 3.0.0 to 3.0.1 ( #1691 )
...
Bumps [rimraf](https://github.com/isaacs/rimraf ) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/isaacs/rimraf/releases )
- [Changelog](https://github.com/isaacs/rimraf/blob/master/CHANGELOG.md )
- [Commits](https://github.com/isaacs/rimraf/compare/v3.0.0...v3.0.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-02 08:36:26 +01:00
3be99cc758
build(deps-dev): bump typescript from 3.7.1-rc to 3.7.5 ( #1679 )
...
Bumps [typescript](https://github.com/Microsoft/TypeScript ) from 3.7.1-rc to 3.7.5.
- [Release notes](https://github.com/Microsoft/TypeScript/releases )
- [Commits](https://github.com/Microsoft/TypeScript/commits/v3.7.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-01-20 21:32:23 +01:00
c10bfcb04e
build(deps-dev): bump nock from 11.7.0 to 11.7.2 ( #1678 )
...
Bumps [nock](https://github.com/nock/nock ) from 11.7.0 to 11.7.2.
- [Release notes](https://github.com/nock/nock/releases )
- [Changelog](https://github.com/nock/nock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nock/nock/compare/v11.7.0...v11.7.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-20 07:21:43 +01:00
f8956f5932
chore(release): 4.4.2
2020-01-11 08:50:32 +01:00
aac6709ac2
fix(deps): bump @verdaccio/ui-theme from 0.3.11 to 0.3.12 ( #1657 ) ( #1665 )
...
fixes: https://github.com/verdaccio/verdaccio/issues/1648
Co-Authored-By: Daniel Ruf <danielruf@users.noreply.github.com>
Co-authored-by: Daniel Ruf <827205+DanielRuf@users.noreply.github.com>
2020-01-09 06:56:36 +01:00
9db91ee0e1
build(deps-dev): bump @octokit/rest from 16.28.9 to 16.36.0 ( #1651 )
...
Bumps [@octokit/rest](https://github.com/octokit/rest.js ) from 16.28.9 to 16.36.0.
- [Release notes](https://github.com/octokit/rest.js/releases )
- [Commits](https://github.com/octokit/rest.js/compare/v16.28.9...v16.36.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-09 06:16:50 +01:00
7b67bea4b8
fix(deps): bump @verdaccio/local-storage from 8.5.0 to 9.0.0
...
fix: converting circular structure to json (#1663 )
Fixed at https://github.com/verdaccio/monorepo/pull/312
Fixes #1639
Co-Authored-By: Daniel Ruf <danielruf@users.noreply.github.com>
Co-authored-by: Daniel Ruf <827205+DanielRuf@users.noreply.github.com>
2020-01-08 20:41:33 +01:00
6fb5bfca62
build(deps-dev): bump @verdaccio/types from 8.5.2 to 9.0.0 ( #1650 )
...
Bumps [@verdaccio/types](https://github.com/verdaccio/monorepo/tree/HEAD/core/types ) from 8.5.2 to 9.0.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases )
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/core/types/CHANGELOG.md )
- [Commits](https://github.com/verdaccio/monorepo/commits/v9.0.0/core/types )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-08 19:34:19 +01:00
431081908a
build(deps-dev): bump @types/jest from 24.0.24 to 24.0.25 ( #1649 )
...
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest ) from 24.0.24 to 24.0.25.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-08 19:33:48 +01:00
32aabca641
chore(release): 4.4.1
2020-01-04 00:02:10 +01:00
fbc87fc26e
fix: warning due ui dependecy ( #1638 )
2019-12-30 23:11:26 +01:00
c30412b6db
refactor: update monorepo deps and types ( #1631 )
2019-12-25 14:46:14 +01:00
7fe943f7bc
build: update dependencies ( #1630 )
...
* chore: update dependencies
* chore: update secrets
2019-12-23 09:29:27 +01:00
0027566308
Merge branch 'master' into e2e-pkg-poc
2019-12-15 17:37:14 +01:00
4ee8f4f356
chore(release): 4.4.0
2019-12-15 17:24:14 +01:00
e1685d205b
chore: consume previous registry installed
2019-12-15 12:07:29 +01:00
3bf2196388
chore: reorganize setup files
2019-12-15 08:52:55 +01:00
73f021c603
chore: add ci conf for e2e pkg
2019-12-14 22:58:17 +01:00
03d1244e51
chore: publish current build on local registry
2019-12-14 22:52:26 +01:00
1b4a5dc31b
feat: update @verdaccio/ui-theme@0.3.9 ( #1623 )
...
* feat: update @verdaccio/ui-theme
- new login screen
* test: update e2e
we need to keep in sync with ui repo, but this will be removed soon
* chore: restore yarn lock
* chore: update lock file
2019-12-14 15:52:57 +01:00
0ff9bb774a
build(deps): bump marked from 0.7.0 to 0.8.0 ( #1614 )
...
Bumps [marked](https://github.com/markedjs/marked ) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/markedjs/marked/releases )
- [Commits](https://github.com/markedjs/marked/compare/v0.7.0...v0.8.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-14 08:25:31 +01:00
52c6a8aa9f
build(deps): bump envinfo from 7.4.0 to 7.5.0 ( #1616 )
...
Bumps [envinfo](https://github.com/tabrindle/envinfo ) from 7.4.0 to 7.5.0.
- [Release notes](https://github.com/tabrindle/envinfo/releases )
- [Commits](https://github.com/tabrindle/envinfo/compare/7.4.0...7.5.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-14 08:24:13 +01:00
8d9a7b32da
build(deps-dev): bump @typescript-eslint/eslint-plugin ( #1619 )
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 2.10.0 to 2.11.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v2.11.0/packages/eslint-plugin )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-14 08:23:38 +01:00
a7172dc9af
chore: add funding
2019-12-11 23:41:25 +01:00
19281f86f9
build(deps-dev): bump codecov from 3.5.0 to 3.6.1 ( #1571 )
...
Bumps [codecov](https://github.com/codecov/codecov-node ) from 3.5.0 to 3.6.1.
- [Release notes](https://github.com/codecov/codecov-node/releases )
- [Commits](https://github.com/codecov/codecov-node/commits/v3.6.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-06 18:47:56 +01:00
12aab7e553
build(deps-dev): bump nock from 11.3.3 to 11.7.0 ( #1572 )
...
Bumps [nock](https://github.com/nock/nock ) from 11.3.3 to 11.7.0.
- [Release notes](https://github.com/nock/nock/releases )
- [Changelog](https://github.com/nock/nock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nock/nock/compare/v11.3.3...v11.7.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-06 18:47:28 +01:00
f6a9325d8e
build(deps-dev): bump @types/http-errors from 1.6.2 to 1.6.3 ( #1588 )
...
Bumps [@types/http-errors](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/http-errors ) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/http-errors )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-06 18:46:33 +01:00
6d12ddf4b3
build(deps): bump @verdaccio/readme from 8.2.0 to 8.4.2 ( #1601 )
...
Bumps [@verdaccio/readme](https://github.com/verdaccio/monorepo/tree/HEAD/core/readme ) from 8.2.0 to 8.4.2.
- [Release notes](https://github.com/verdaccio/monorepo/releases )
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/core/readme/CHANGELOG.md )
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.4.2/core/readme )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-06 18:45:58 +01:00
a160790036
build(deps): bump @verdaccio/local-storage from 8.2.0 to 8.4.2 ( #1602 )
...
Bumps [@verdaccio/local-storage](https://github.com/verdaccio/monorepo/tree/HEAD/plugins/local-storage ) from 8.2.0 to 8.4.2.
- [Release notes](https://github.com/verdaccio/monorepo/releases )
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/plugins/local-storage/CHANGELOG.md )
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.4.2/plugins/local-storage )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-06 18:31:55 +01:00
31c067ec6e
build(deps-dev): bump @typescript-eslint/eslint-plugin ( #1607 )
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 2.1.0 to 2.10.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v2.10.0/packages/eslint-plugin )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-06 18:30:46 +01:00
dd754d1298
chore(release): 4.3.5
2019-11-21 17:26:14 +01:00
2f3ba93c87
fix: package.json to reduce vulnerabilities ( #1583 )
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534988
2019-11-21 16:45:15 +01:00
399421e609
build(deps-dev): bump @types/semver from 6.0.2 to 6.2.0 ( #1574 )
...
Bumps [@types/semver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/semver ) from 6.0.2 to 6.2.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/semver )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-17 11:55:48 +01:00
c416febbb6
build(deps-dev): bump @types/lodash from 4.14.141 to 4.14.148 ( #1579 )
...
Bumps [@types/lodash](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash ) from 4.14.141 to 4.14.148.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/lodash )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-17 07:03:01 +01:00
0106811061
build(deps-dev): bump cross-env from 5.2.1 to 6.0.3 ( #1570 )
...
Bumps [cross-env](https://github.com/kentcdodds/cross-env ) from 5.2.1 to 6.0.3.
- [Release notes](https://github.com/kentcdodds/cross-env/releases )
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kentcdodds/cross-env/compare/v5.2.1...v6.0.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-17 07:02:33 +01:00
f7c7d167b1
build(deps-dev): bump detect-secrets from 1.0.4 to 1.0.5 ( #1575 )
...
Bumps [detect-secrets](https://github.com/lirantal/detect-secrets ) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/lirantal/detect-secrets/releases )
- [Commits](https://github.com/lirantal/detect-secrets/compare/v1.0.4...v1.0.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-16 13:26:32 +01:00
4e5b6e8d3f
build(deps-dev): bump @types/jest from 24.0.22 to 24.0.23 ( #1576 )
...
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest ) from 24.0.22 to 24.0.23.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-16 13:22:30 +01:00
e459881be5
fix: package.json to reduce vulnerabilities ( #1577 )
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
2019-11-16 13:21:23 +01:00
b7757f898b
build(deps-dev): bump @types/async from 3.0.2 to 3.0.3 ( #1561 )
...
Bumps [@types/async](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/async ) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/async )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 19:36:18 +01:00
a774d4e1c4
build(deps-dev): bump @types/jest from 24.0.18 to 24.0.22 ( #1560 )
...
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest ) from 24.0.18 to 24.0.22.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 19:35:50 +01:00
e801d01a0c
build(deps): bump dayjs from 1.8.16 to 1.8.17 ( #1562 )
...
Bumps [dayjs](https://github.com/iamkun/dayjs ) from 1.8.16 to 1.8.17.
- [Release notes](https://github.com/iamkun/dayjs/releases )
- [Changelog](https://github.com/iamkun/dayjs/blob/dev/CHANGELOG.md )
- [Commits](https://github.com/iamkun/dayjs/compare/v1.8.16...v1.8.17 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 19:35:24 +01:00
e982033013
build(deps-dev): bump verdaccio-auth-memory from 8.2.0 to 8.3.0 ( #1559 )
...
Bumps [verdaccio-auth-memory](https://github.com/verdaccio/monorepo/tree/HEAD/plugins/auth-memory ) from 8.2.0 to 8.3.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases )
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/plugins/auth-memory/CHANGELOG.md )
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.3.0/plugins/auth-memory )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 08:48:04 +01:00
c6e80b58a7
build(deps-dev): bump jest-junit from 8.0.0 to 9.0.0 ( #1556 )
...
Bumps [jest-junit](https://github.com/jest-community/jest-junit ) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/jest-community/jest-junit/releases )
- [Commits](https://github.com/jest-community/jest-junit/compare/v8.0.0...v9.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-08 06:48:31 +01:00
241b0e51f7
build(deps): bump @verdaccio/commons-api from 8.2.0 to 8.3.0 ( #1555 )
...
Bumps [@verdaccio/commons-api](https://github.com/verdaccio/monorepo/tree/HEAD/core/commons-api ) from 8.2.0 to 8.3.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases )
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/core/commons-api/CHANGELOG.md )
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.3.0/core/commons-api )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-07 18:29:32 +01:00
cd8228baed
fix: package.json to reduce vulnerabilities ( #1552 )
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388
2019-11-07 07:24:25 +01:00
0aba1c36d9
chore: update Typescript 3.7.1-rc ( #1536 )
...
* chore: update typescript@3.7.0-beta
* chore: update to typescript@3.7.1-rc
2019-10-26 13:03:25 +02:00
c70be6ec82
chore: update typescript@3.7.0-beta ( #1507 )
2019-10-26 12:48:35 +02:00
b6abc00da9
chore(release): 4.3.4
2019-10-23 20:52:12 +02:00
2ac7770459
fix: security vulnerability at readme in dompurify dep ( #1532 )
...
Fix Cross-site Scripting (XSS) in @verdaccio/readme
2019-10-23 20:49:36 +02:00
1d1a6829db
ci(circleci): store test results in junit format ( #1497 )
2019-10-05 16:29:49 +02:00
b1b0c25212
chore(release): 4.3.3
2019-10-03 08:30:23 +02:00
52130704ec
chore(release): 4.3.2
2019-10-02 21:19:05 +02:00
147137c3ce
chore(release): 4.3.1
2019-10-01 22:37:24 +02:00
c6314928ca
chore(release): 4.3.0
2019-09-30 23:06:33 +02:00
a1aefae0f4
chore(deps): update verdaccio-audit to fix express version ( #1490 )
2019-09-30 22:59:42 +02:00
9d68816bde
chore: update dependencies ( #1485 )
2019-09-30 20:54:10 +02:00
b1cd0704b9
fix: package.json to reduce vulnerabilities ( #1474 )
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DOMPURIFY-468981
2019-09-27 04:45:28 +02:00
b486a9df1a
chore: update dependencies ( #1472 )
2019-09-26 19:40:23 +02:00
dbf20175dc
feat: npm token command support ( #1427 )
...
* feat: support for npm token
This is an effor of:
This commit intent to provide npm token support.
https: //github.com/verdaccio/verdaccio/issues/541
https: //github.com/verdaccio/verdaccio/pull/1271
https: //github.com/verdaccio/local-storage/pull/168
Co-Authored-By: Manuel Spigolon <behemoth89@gmail.com>
Co-Authored-By: Juan Gabriel Jiménez <juangabreil@gmail.com>
* chore: update secrets baselines
Co-Authored-By: Liran Tal <liran.tal@gmail.com>
* chore: update lock file
* chore: add logger mock methods
* chore: update @verdaccio/types
* refactor: unit test was flacky
adapt the pkg access to the new configuration setup
* refactor: add plugin methods validation
* test: add test for aesEncrypt
* chore: update local-storage dependency
* chore: add support for experimetns
token will be part of the experiment lists
* chore: increase timeout
* chore: increase timeout threshold
* chore: update nock
* chore: update dependencies
* chore: update eslint config
* chore: update dependencies
* test: add unit test for npm token
* chore: update readme
2019-09-07 15:46:50 -07:00
d5303f407b
feat: browse web package version ( #1457 )
...
* feat: allow endpoint to query by version
* chore: update @verdaccio/ui-theme
* test: add unit test for sidebar endpoint by version
2019-09-05 12:12:10 -07:00
06f659c331
chore: add homepage
2019-08-26 07:01:48 +02:00
e7b75646de
chore(release): 4.2.2
2019-08-25 19:20:02 +02:00
37530ac0fd
build: update dependencies ( #1452 )
...
* build: update dependencies
* chore: update dependencies
* chore: update dependencies
* chore: update dependencies
* chore: allow ts-ignore
we will remove this in the future, warn for now
* chore: eslint rules as warning
this is due the update, we will address this later
2019-08-25 10:16:43 -07:00
423371423a
fix: update @verdaccio/ui-theme@0.2.3 ( #1451 )
...
https://github.com/verdaccio/ui/blob/master/CHANGELOG.md#023-2019-08-25
missing headers on search endpoint with token (#121 ) (ac58730)
refactoring version page / fix issue not found page #100 (#117 ) (97e8448)
remove ToReplaceByVerdaccio #108 (#122 ) (5a9bd60)
api: correctly handle responses with missing content-type header (2049022)
2019-08-25 09:41:04 -07:00
9b0b0bfac3
build: Lint the lockfile for security policies ( #1444 )
...
* feat: lint lockfiles
* fix: update secrets baseline
2019-08-25 09:37:25 -07:00
621ebfeb1a
chore(release): 4.2.1
2019-08-10 13:51:14 +02:00
4fb20efe60
Merge pull request #1418 from jamesgeorge007/hotfix/remove-stub-definition
...
fix(chore): remove stub type definition for handlebars
2019-08-01 18:41:40 +02:00
849f5bccb4
fix(deps): add missing prod dependency
...
http-errors needs to be a prod dependency
as it is used in code.
2019-07-31 19:08:32 +03:00
de8dc43161
fix: remove stub type definition for handlebars
2019-07-30 14:06:16 +05:30
c1672f7e32
chore(release): 4.2.0
2019-07-29 20:27:48 +02:00
9dd1c8f400
feat: update to @verdaccio/ui-theme@0.2.2
...
- fix: https://github.com/verdaccio/ui/issues/76
- fix: https://github.com/verdaccio/ui/issues/75
- fix: https://github.com/verdaccio/ui/pull/106
- feat: https://github.com/verdaccio/ui/pull/47
Co-Authored-By: Priscila Oliveira <priscilawebdev@gmail.com>
Co-Authored-By: Sergio Hg <sergiohgz@users.noreply.github.com>
Co-Authored-By: Griffith <griffithtp@users.noreply.github.com>
2019-07-29 20:12:00 +02:00
d93e76b366
feat: add new prop to audit middleware
...
- context: https://github.com/verdaccio/verdaccio-audit/pull/12
- related https://github.com/verdaccio/verdaccio/issues/1293
Co-Authored-By: Danny Frencham <dfrencham@users.noreply.github.com>
2019-07-29 10:12:29 +02:00
c9f1124fda
chore(deps): bump detect-secrets for enhanced dev workflow
2019-07-27 13:32:11 +03:00
2b218ce0de
fix(security): add secrets baseline
2019-07-19 08:02:08 +03:00
aa8f1d3318
fix: upgrade to 1.0.2 which solves the docker issue
2019-07-19 06:39:22 +03:00
9ef6808d4e
feat: prevent secrets from leaking to source control
2019-07-19 06:39:20 +03:00
12b60f6cb7
build: fix semver missing type on build with docker
...
it seems the @types/semver do not handle a legitimate method named 'compareLoose'
2019-07-16 18:27:58 +02:00
66f4197236
feat: convert project to typescript ( #1374 )
...
* chore: test
* chore: add
* chore: more progress
* chore: progress in migration, fix prettier parser
* chore: reduce tsc errors
* chore: refactor storage utils types
* chore: refactor utils types
* chore: refactor local storage types
* chore: refactor config utils types
* chore: refactor tsc types
* refactor: apply eslint fix, tabs etc
* chore: fix lint errors
* test: update unit test conf to typescript setup
few test refactored to typescript
* chore: enable more unit test
migrate to typescript
* chore: migrate storage test to tsc
* chore: migrate up storage test to tsc
* refactor: enable plugin and auth test
* chore: migrate plugin loader test
* chore: update dependencies
* chore: migrate functional test to typescript
* chore: add codecove
* chore: update express
* chore: downgrade puppeteer
The latest version does not seems to work properly fine.
* chore: update dependencies
2019-07-16 08:40:01 +02:00
274bb1a9b9
chore(release): 4.1.0
2019-07-08 09:47:28 +02:00
44c1610791
chore: restore @verdaccio/ui-theme@0.1.11
...
due to https://github.com/verdaccio/ui/issues/89
2019-07-08 09:40:38 +02:00
a0cf98546b
chore: update dependencies
...
regular maintenance
2019-07-08 09:23:07 +02:00
eb6bf5168b
feat(chore): Included provision to show up local environment information ( #1365 )
...
* feat: adds provision to show up environment information
Fixes #1364
* feat: include docker info
* fix: pin envinfo
* fix: lock file
* fix: docker config
* fix: minor refactor
handle async behaviour
* feat: add short version for info
2019-06-30 18:17:25 +02:00
b38ef9608f
Merge remote-tracking branch 'origin/master' into 4.1.x
2019-06-20 23:21:10 +02:00
1aa9b4d4a5
chore(release): 4.0.4
2019-06-20 22:41:26 +02:00
d252e66588
Merge remote-tracking branch 'origin/master' into 4.1.x
...
# Conflicts:
# test/unit/modules/cli/cli.spec.js
2019-06-20 15:10:26 +02:00
1d6eb945c9
chore(release): 4.0.3
2019-06-14 06:43:32 +02:00
0fa26293a8
Merge remote-tracking branch 'origin/master' into 4.1.x
2019-06-13 22:04:35 +02:00
eb7a8e3528
fix(api): return 503 to npm/yarn on uplink connection timeout ( #1331 )
...
fix #1328 and #720
Type: bug
The following has been addressed in the PR:
Instead of returning a 404 (Not Found) when npm, yarn, etc requests a package and the package cannot be acquired from an uplink due to a connection timeout, socket timeout, or connection reset problem, a 503 (service unavailable) is returned by Verdaccio instead. In limited testing of a few versions of npm and yarn, both of these clients correctly attempt to retry the request when a 503 is returned.
Added functional tests to verify the behavior (this adds a dev dependency on nock, which provides HTTP request mocking
Description:
This resolves issue #1328 and #720 , and ensures npm/yarn install commands don't fail immediately when there is an intermittent network timeout problem with an uplink. Instead Verdaccio will appropriately respond to the client with a 503. A 404 response (current behavior) incorrectly tells the client that the package does not exist (which may or may not be true) and to not try again.
2019-06-13 21:42:01 +02:00
e77ffb4c31
chore(release): 4.0.2
2019-06-13 07:03:25 +02:00
192fb77169
fix(ui): failed to load all packages after login
...
more details https://github.com/verdaccio/ui/issues/72
2019-06-13 06:49:40 +02:00
e5816342a6
fix: update dependencies
...
fix #1339 dayjs warning on yarn installation
2019-06-13 06:42:39 +02:00
d53c345bed
chore(release): 4.0.1
2019-05-28 22:25:42 +02:00
2e71daacfd
chore(release): 4.0.0
2019-05-26 14:43:06 +02:00
197095efe3
Merge branch 'master' into 4.1.x
2019-05-20 13:05:38 -07:00
81ee0fa3f2
chore(release): 4.0.0-beta.10
2019-05-20 21:31:42 +02:00
134a738a47
Merge branch 'master' into 4.1.x
2019-05-20 12:06:54 -07:00
cc7bd999d3
chore(release): 4.0.0-beta.9
2019-05-20 20:59:30 +02:00
26c5e2d670
Merge branch 'master' into 4.1.x
2019-05-17 08:04:13 -07:00
7686417f29
feat: update readme v4 ( #1312 )
...
* feat: update readme v4
* chore: update @verdaccio/ui-theme@0.1.9
* chore: update @verdaccio/ui-theme@0.1.10
2019-05-17 08:03:58 -07:00
b9ffac5d1b
feat: plugin support to filter packages
...
Add a plugin that can filter all package metadata before being returned.
This enables blocking of packages from verdaccio.
IPluginStorageFilter are loaded like other plugins from the config.
Verdaccio will look for plugins in config.filters and pass this to
storage.init. This is the same design as other plugins and will be
dynamically found with the same rules. These plugins must impliment
a filter_metadata method, which is called serially (in the order
loaded from the config) for every metadata request. It gets a current
copy of a package metadata and may choose to modify it as required.
For example, this may be used to block a bad version of a package or
add a time delay from when new packages can be used from your
registry. Errors in a filter will cause a 404, similar to upLinkErrors
as it is not safe to recover gracefully from them. Note: When version
is removed, be careful about updating tags.
Fixes : #818
2019-05-15 20:04:41 -04:00
8e48eea511
fix: update @verdaccio/ui-theme:0.1.7
...
https://github.com/verdaccio/ui/pull/54
2019-05-11 09:30:10 +02:00
b4bc6ff4e5
chore: fix #1292 add missing dependencies
...
remove non required dependencies
2019-05-09 23:41:16 +02:00
daa7e897b6
chore(release): 4.0.0-beta.8
2019-05-07 20:59:05 +02:00
144e95f4bf
chore(release): 4.0.0-beta.7
2019-05-07 20:49:16 +02:00
96dd2d8306
chore(release): 4.0.0-beta.6
2019-05-07 07:43:52 +02:00
Juan Picado