github.com/verdaccio
1
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-11-08 23:25:51 +01:00
Code Releases Wiki Activity
3,698 Commits 16 Branches 2,132 Tags 794 MiB
8efc6feab2
Commit Graph

683 Commits

Author SHA1 Message Date
Juan Picado @jotadeveloper
4cf61d6e8c
chore: upgrade dependencies (#1773) 
* chore: update dependencies

* chore: rollback @types/express
 2020-04-09 11:09:30 +02:00
Juan Picado @jotadeveloper
8c135db633
Merge branch 'master' into snyk-upgrade-d77655948f2b0aa52ea586cedd63fada 2020-04-09 00:33:38 +02:00
Juan Picado @jotadeveloper
4a812620cf
feat: add dark mode on and chinese translation for web (#1765) 
* feat: add dark mode on ui

* chore: update description

* chore: update @verdaccio/ui-theme@1.5.0

* chore: add spaces
 2020-04-08 23:24:57 +02:00
snyk-bot
b2d00e4330 fix: upgrade dayjs from 1.8.21 to 1.8.22 
Snyk has created this PR to upgrade dayjs from 1.8.21 to 1.8.22.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
 2020-03-31 01:11:38 +00:00
Snyk bot
ebae410c81
fix: upgrade dayjs from 1.8.20 to 1.8.21 (#1759) 
Snyk has created this PR to upgrade dayjs from 1.8.20 to 1.8.21.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
 2020-03-20 22:37:53 +01:00
Snyk bot
3ec8d13578
fix: upgrade async from 3.1.1 to 3.2.0 (#1756) 
Snyk has created this PR to upgrade async from 3.1.1 to 3.2.0.

See this package in NPM:
https://www.npmjs.com/package/async

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
 2020-03-18 17:09:47 +01:00
Juan Picado @jotadeveloper
3e2715fcf7
chore(release): 4.5.1 2020-03-14 08:31:02 +01:00
Juan Picado @jotadeveloper
17c3324e93
fix: update docs to support minimum node v10 (#1753) 
At v4.5.0 we shipped some security releases, one of them is JSDOM https://github.com/jsdom/jsdom/releases/tag/16.0.0 and only supports Node.js v10

Node v8 is out of maintenance so we don't consider this a breaking change.
 2020-03-14 08:28:40 +01:00
Juan Picado @jotadeveloper
5c8b267ee0
chore(release): 4.5.0 2020-03-14 07:36:04 +01:00
Juan Picado @jotadeveloper
c493b316b1
feat: i18n on web (#1750) 
* feat: add i18n to web

* chore: enable es features
 2020-03-14 07:16:47 +01:00
Snyk bot
981efa5571
fix: upgrade mkdirp from 1.0.0 to 1.0.3 (#1747) 
Snyk has created this PR to upgrade mkdirp from 1.0.0 to 1.0.3.

See this package in NPM:
https://www.npmjs.com/package/mkdirp

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
 2020-03-12 23:33:32 +01:00
Juan Picado @jotadeveloper
1e664bdfa5
fix: update dependencies security warnings (#1748) 2020-03-12 07:18:12 +01:00
Snyk bot
3c49777868
fix: package.json & yarn.lock to reduce vulnerabilities (#1746) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
 2020-03-11 22:37:40 +01:00
Juan Picado @jotadeveloper
92135265cd
fix: update @verdaccio/readme@9.3.2 (#1745) 
* fix: update @verdaccio/readme@9.3.2

* chore: update github action
 2020-03-11 22:27:58 +01:00
Juan Picado @jotadeveloper
64e2543d59
fix: upgrade semver from 7.1.2 to 7.1.3 (#1735) 
Snyk has created this PR to upgrade semver from 7.1.2 to 7.1.3.

See this package in NPM:
https://www.npmjs.com/package/semver

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
 2020-03-05 06:47:33 +01:00
Juan Picado @jotadeveloper
6849ef9697
fix: upgrade dayjs from 1.8.19 to 1.8.20 (#1721) 
Snyk has created this PR to upgrade dayjs from 1.8.19 to 1.8.20.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
 2020-03-04 20:39:45 +01:00
Juan Picado @jotadeveloper
11fed6d3c3
fix: upgrade handlebars from 4.7.2 to 4.7.3 (#1726) 
Snyk has created this PR to upgrade handlebars from 4.7.2 to 4.7.3.

See this package in NPM:
https://www.npmjs.com/package/handlebars

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
 2020-03-04 20:38:20 +01:00
Juan Picado @jotadeveloper
0d7123b7bb
chore(release): 4.4.4 2020-02-26 22:39:54 +01:00
Snyk bot
c3e931efa1
fix: upgrade semver from 7.1.1 to 7.1.2 (#1719) 
Snyk has created this PR to upgrade semver from 7.1.1 to 7.1.2.

See this package in NPM:
https://www.npmjs.com/package/semver

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
 2020-02-25 20:41:36 +01:00
Snyk bot
1f3f8cd72c
fix: upgrade @verdaccio/local-storage from 9.0.0 to 9.3.0 (#1717) 
Snyk has created this PR to upgrade @verdaccio/local-storage from 9.0.0 to 9.3.0.

See this package in NPM:
https://www.npmjs.com/package/@verdaccio/local-storage

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
 2020-02-23 10:49:28 +01:00
dependabot[bot]
14565169cb
build(deps-dev): bump codecov from 3.6.1 to 3.6.5 (#1712) 
Bumps [codecov](https://github.com/codecov/codecov-node) from 3.6.1 to 3.6.5.
- [Release notes](https://github.com/codecov/codecov-node/releases)
- [Commits](https://github.com/codecov/codecov-node/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-02-19 19:18:17 +01:00
Juan Picado @jotadeveloper
d1eb3583aa
chore(release): 4.4.3 2020-02-19 08:39:48 +01:00
Juan Picado @jotadeveloper
d94f838cd9
fix: update @verdaccio/ui-theme@0.3.13 (#1710) 2020-02-19 08:38:53 +01:00
Snyk bot
a32e431813
fix: upgrade async from 3.1.0 to 3.1.1 (#1708) 
Snyk has created this PR to upgrade async from 3.1.0 to 3.1.1.

See this package in NPM:
https://www.npmjs.com/package/async

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
 2020-02-16 09:48:07 +01:00
Snyk bot
8c2e58b6af
fix: upgrade handlebars from 4.5.3 to 4.7.2 (#1699) 
Snyk has created this PR to upgrade handlebars from 4.5.3 to 4.7.2.

See this package in NPM:
https://www.npmjs.com/package/handlebars

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
 2020-02-14 07:06:22 +01:00
Snyk bot
5320b13473
fix: upgrade dayjs from 1.8.17 to 1.8.19 (#1700) 
Snyk has created this PR to upgrade dayjs from 1.8.17 to 1.8.19.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
 2020-02-14 01:58:18 +01:00
Snyk bot
17ddf3e626
fix: upgrade lockfile-lint from 2.0.1 to 2.2.0 (#1698) 
Snyk has created this PR to upgrade lockfile-lint from 2.0.1 to 2.2.0.

See this package in NPM:
https://www.npmjs.com/package/lockfile-lint

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
 2020-02-13 22:09:09 +01:00
dependabot-preview[bot]
e350ca4917
build(deps-dev): bump rimraf from 3.0.0 to 3.0.1 (#1691) 
Bumps [rimraf](https://github.com/isaacs/rimraf) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/isaacs/rimraf/releases)
- [Changelog](https://github.com/isaacs/rimraf/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/rimraf/compare/v3.0.0...v3.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-02-02 08:36:26 +01:00
dependabot-preview[bot]
3be99cc758 build(deps-dev): bump typescript from 3.7.1-rc to 3.7.5 (#1679) 
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.7.1-rc to 3.7.5.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits/v3.7.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
 2020-01-20 21:32:23 +01:00
dependabot-preview[bot]
c10bfcb04e build(deps-dev): bump nock from 11.7.0 to 11.7.2 (#1678) 
Bumps [nock](https://github.com/nock/nock) from 11.7.0 to 11.7.2.
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v11.7.0...v11.7.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-20 07:21:43 +01:00
Juan Picado @jotadeveloper
f8956f5932
chore(release): 4.4.2 2020-01-11 08:50:32 +01:00
Juan Picado @jotadeveloper
aac6709ac2
fix(deps): bump @verdaccio/ui-theme from 0.3.11 to 0.3.12 (#1657) (#1665) 
fixes: https://github.com/verdaccio/verdaccio/issues/1648
Co-Authored-By: Daniel Ruf <danielruf@users.noreply.github.com>

Co-authored-by: Daniel Ruf <827205+DanielRuf@users.noreply.github.com>
 2020-01-09 06:56:36 +01:00
dependabot-preview[bot]
9db91ee0e1 build(deps-dev): bump @octokit/rest from 16.28.9 to 16.36.0 (#1651) 
Bumps [@octokit/rest](https://github.com/octokit/rest.js) from 16.28.9 to 16.36.0.
- [Release notes](https://github.com/octokit/rest.js/releases)
- [Commits](https://github.com/octokit/rest.js/compare/v16.28.9...v16.36.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-09 06:16:50 +01:00
Juan Picado @jotadeveloper
7b67bea4b8
fix(deps): bump @verdaccio/local-storage from 8.5.0 to 9.0.0 
fix: converting circular structure to json (#1663)

Fixed at https://github.com/verdaccio/monorepo/pull/312

Fixes #1639

Co-Authored-By: Daniel Ruf <danielruf@users.noreply.github.com>

Co-authored-by: Daniel Ruf <827205+DanielRuf@users.noreply.github.com>
 2020-01-08 20:41:33 +01:00
dependabot-preview[bot]
6fb5bfca62 build(deps-dev): bump @verdaccio/types from 8.5.2 to 9.0.0 (#1650) 
Bumps [@verdaccio/types](https://github.com/verdaccio/monorepo/tree/HEAD/core/types) from 8.5.2 to 9.0.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/core/types/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v9.0.0/core/types)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-08 19:34:19 +01:00
dependabot-preview[bot]
431081908a build(deps-dev): bump @types/jest from 24.0.24 to 24.0.25 (#1649) 
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 24.0.24 to 24.0.25.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-01-08 19:33:48 +01:00
Juan Picado @jotadeveloper
32aabca641
chore(release): 4.4.1 2020-01-04 00:02:10 +01:00
Juan Picado @jotadeveloper
fbc87fc26e
fix: warning due ui dependecy (#1638) 2019-12-30 23:11:26 +01:00
Juan Picado @jotadeveloper
c30412b6db refactor: update monorepo deps and types (#1631) 2019-12-25 14:46:14 +01:00
Juan Picado @jotadeveloper
7fe943f7bc build: update dependencies (#1630) 
* chore: update dependencies

* chore: update secrets
 2019-12-23 09:29:27 +01:00
Juan Picado @jotadeveloper
0027566308
Merge branch 'master' into e2e-pkg-poc 2019-12-15 17:37:14 +01:00
Juan Picado @jotadeveloper
4ee8f4f356
chore(release): 4.4.0 2019-12-15 17:24:14 +01:00
Juan Picado @jotadeveloper
e1685d205b
chore: consume previous registry installed 2019-12-15 12:07:29 +01:00
Juan Picado @jotadeveloper
3bf2196388
chore: reorganize setup files 2019-12-15 08:52:55 +01:00
Juan Picado @jotadeveloper
73f021c603
chore: add ci conf for e2e pkg 2019-12-14 22:58:17 +01:00
Juan Picado @jotadeveloper
03d1244e51
chore: publish current build on local registry 2019-12-14 22:52:26 +01:00
Juan Picado @jotadeveloper
1b4a5dc31b
feat: update @verdaccio/ui-theme@0.3.9 (#1623) 
* feat: update @verdaccio/ui-theme

- new login screen

* test: update e2e

we need to keep in sync with ui repo, but this will be removed soon

* chore: restore yarn lock

* chore: update lock file
 2019-12-14 15:52:57 +01:00
dependabot-preview[bot]
0ff9bb774a build(deps): bump marked from 0.7.0 to 0.8.0 (#1614) 
Bumps [marked](https://github.com/markedjs/marked) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/markedjs/marked/releases)
- [Commits](https://github.com/markedjs/marked/compare/v0.7.0...v0.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-14 08:25:31 +01:00
dependabot-preview[bot]
52c6a8aa9f build(deps): bump envinfo from 7.4.0 to 7.5.0 (#1616) 
Bumps [envinfo](https://github.com/tabrindle/envinfo) from 7.4.0 to 7.5.0.
- [Release notes](https://github.com/tabrindle/envinfo/releases)
- [Commits](https://github.com/tabrindle/envinfo/compare/7.4.0...7.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-14 08:24:13 +01:00
dependabot-preview[bot]
8d9a7b32da build(deps-dev): bump @typescript-eslint/eslint-plugin (#1619) 
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 2.10.0 to 2.11.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v2.11.0/packages/eslint-plugin)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-14 08:23:38 +01:00
Juan Picado @jotadeveloper
a7172dc9af
chore: add funding 2019-12-11 23:41:25 +01:00
dependabot-preview[bot]
19281f86f9 build(deps-dev): bump codecov from 3.5.0 to 3.6.1 (#1571) 
Bumps [codecov](https://github.com/codecov/codecov-node) from 3.5.0 to 3.6.1.
- [Release notes](https://github.com/codecov/codecov-node/releases)
- [Commits](https://github.com/codecov/codecov-node/commits/v3.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-06 18:47:56 +01:00
dependabot-preview[bot]
12aab7e553 build(deps-dev): bump nock from 11.3.3 to 11.7.0 (#1572) 
Bumps [nock](https://github.com/nock/nock) from 11.3.3 to 11.7.0.
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v11.3.3...v11.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-06 18:47:28 +01:00
dependabot-preview[bot]
f6a9325d8e build(deps-dev): bump @types/http-errors from 1.6.2 to 1.6.3 (#1588) 
Bumps [@types/http-errors](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/http-errors) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/http-errors)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-06 18:46:33 +01:00
dependabot-preview[bot]
6d12ddf4b3 build(deps): bump @verdaccio/readme from 8.2.0 to 8.4.2 (#1601) 
Bumps [@verdaccio/readme](https://github.com/verdaccio/monorepo/tree/HEAD/core/readme) from 8.2.0 to 8.4.2.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/core/readme/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.4.2/core/readme)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-06 18:45:58 +01:00
dependabot-preview[bot]
a160790036 build(deps): bump @verdaccio/local-storage from 8.2.0 to 8.4.2 (#1602) 
Bumps [@verdaccio/local-storage](https://github.com/verdaccio/monorepo/tree/HEAD/plugins/local-storage) from 8.2.0 to 8.4.2.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/plugins/local-storage/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.4.2/plugins/local-storage)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-06 18:31:55 +01:00
dependabot-preview[bot]
31c067ec6e build(deps-dev): bump @typescript-eslint/eslint-plugin (#1607) 
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 2.1.0 to 2.10.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v2.10.0/packages/eslint-plugin)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-12-06 18:30:46 +01:00
Juan Picado @jotadeveloper
dd754d1298
chore(release): 4.3.5 2019-11-21 17:26:14 +01:00
Snyk bot
2f3ba93c87 fix: package.json to reduce vulnerabilities (#1583) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534988
 2019-11-21 16:45:15 +01:00
dependabot-preview[bot]
399421e609 build(deps-dev): bump @types/semver from 6.0.2 to 6.2.0 (#1574) 
Bumps [@types/semver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/semver) from 6.0.2 to 6.2.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/semver)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-17 11:55:48 +01:00
dependabot-preview[bot]
c416febbb6 build(deps-dev): bump @types/lodash from 4.14.141 to 4.14.148 (#1579) 
Bumps [@types/lodash](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash) from 4.14.141 to 4.14.148.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/lodash)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-17 07:03:01 +01:00
dependabot-preview[bot]
0106811061 build(deps-dev): bump cross-env from 5.2.1 to 6.0.3 (#1570) 
Bumps [cross-env](https://github.com/kentcdodds/cross-env) from 5.2.1 to 6.0.3.
- [Release notes](https://github.com/kentcdodds/cross-env/releases)
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/cross-env/compare/v5.2.1...v6.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-17 07:02:33 +01:00
dependabot-preview[bot]
f7c7d167b1 build(deps-dev): bump detect-secrets from 1.0.4 to 1.0.5 (#1575) 
Bumps [detect-secrets](https://github.com/lirantal/detect-secrets) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/lirantal/detect-secrets/releases)
- [Commits](https://github.com/lirantal/detect-secrets/compare/v1.0.4...v1.0.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-16 13:26:32 +01:00
dependabot-preview[bot]
4e5b6e8d3f build(deps-dev): bump @types/jest from 24.0.22 to 24.0.23 (#1576) 
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 24.0.22 to 24.0.23.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-16 13:22:30 +01:00
Snyk bot
e459881be5 fix: package.json to reduce vulnerabilities (#1577) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
 2019-11-16 13:21:23 +01:00
dependabot-preview[bot]
b7757f898b build(deps-dev): bump @types/async from 3.0.2 to 3.0.3 (#1561) 
Bumps [@types/async](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/async) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/async)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-08 19:36:18 +01:00
dependabot-preview[bot]
a774d4e1c4 build(deps-dev): bump @types/jest from 24.0.18 to 24.0.22 (#1560) 
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 24.0.18 to 24.0.22.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-08 19:35:50 +01:00
dependabot-preview[bot]
e801d01a0c build(deps): bump dayjs from 1.8.16 to 1.8.17 (#1562) 
Bumps [dayjs](https://github.com/iamkun/dayjs) from 1.8.16 to 1.8.17.
- [Release notes](https://github.com/iamkun/dayjs/releases)
- [Changelog](https://github.com/iamkun/dayjs/blob/dev/CHANGELOG.md)
- [Commits](https://github.com/iamkun/dayjs/compare/v1.8.16...v1.8.17)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-08 19:35:24 +01:00
dependabot-preview[bot]
e982033013 build(deps-dev): bump verdaccio-auth-memory from 8.2.0 to 8.3.0 (#1559) 
Bumps [verdaccio-auth-memory](https://github.com/verdaccio/monorepo/tree/HEAD/plugins/auth-memory) from 8.2.0 to 8.3.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/plugins/auth-memory/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.3.0/plugins/auth-memory)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-08 08:48:04 +01:00
dependabot-preview[bot]
c6e80b58a7 build(deps-dev): bump jest-junit from 8.0.0 to 9.0.0 (#1556) 
Bumps [jest-junit](https://github.com/jest-community/jest-junit) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/jest-community/jest-junit/releases)
- [Commits](https://github.com/jest-community/jest-junit/compare/v8.0.0...v9.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-08 06:48:31 +01:00
dependabot-preview[bot]
241b0e51f7 build(deps): bump @verdaccio/commons-api from 8.2.0 to 8.3.0 (#1555) 
Bumps [@verdaccio/commons-api](https://github.com/verdaccio/monorepo/tree/HEAD/core/commons-api) from 8.2.0 to 8.3.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/master/core/commons-api/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v8.3.0/core/commons-api)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2019-11-07 18:29:32 +01:00
Snyk bot
cd8228baed fix: package.json to reduce vulnerabilities (#1552) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388
 2019-11-07 07:24:25 +01:00
Juan Picado @jotadeveloper
0aba1c36d9
chore: update Typescript 3.7.1-rc (#1536) 
* chore: update typescript@3.7.0-beta

* chore: update to typescript@3.7.1-rc
 2019-10-26 13:03:25 +02:00
Juan Picado @jotadeveloper
c70be6ec82
chore: update typescript@3.7.0-beta (#1507) 2019-10-26 12:48:35 +02:00
Juan Picado @jotadeveloper
b6abc00da9
chore(release): 4.3.4 2019-10-23 20:52:12 +02:00
Juan Picado @jotadeveloper
2ac7770459
fix: security vulnerability at readme in dompurify dep (#1532) 
Fix Cross-site Scripting (XSS) in @verdaccio/readme
 2019-10-23 20:49:36 +02:00
Sergio Hg
1d1a6829db ci(circleci): store test results in junit format (#1497) 2019-10-05 16:29:49 +02:00
Juan Picado @jotadeveloper
b1b0c25212
chore(release): 4.3.3 2019-10-03 08:30:23 +02:00
Juan Picado @jotadeveloper
52130704ec
chore(release): 4.3.2 2019-10-02 21:19:05 +02:00
Juan Picado @jotadeveloper
147137c3ce
chore(release): 4.3.1 2019-10-01 22:37:24 +02:00
Juan Picado @jotadeveloper
c6314928ca
chore(release): 4.3.0 2019-09-30 23:06:33 +02:00
Sergio Hg
a1aefae0f4 chore(deps): update verdaccio-audit to fix express version (#1490) 2019-09-30 22:59:42 +02:00
Juan Picado @jotadeveloper
9d68816bde chore: update dependencies (#1485) 2019-09-30 20:54:10 +02:00
Snyk bot
b1cd0704b9 fix: package.json to reduce vulnerabilities (#1474) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DOMPURIFY-468981
 2019-09-27 04:45:28 +02:00
Juan Picado @jotadeveloper
b486a9df1a
chore: update dependencies (#1472) 2019-09-26 19:40:23 +02:00
Juan Picado @jotadeveloper
dbf20175dc
feat: npm token command support (#1427) 
* feat: support for npm token

This is an effor of:

This commit intent to provide npm token support.

https: //github.com/verdaccio/verdaccio/issues/541
https: //github.com/verdaccio/verdaccio/pull/1271
https: //github.com/verdaccio/local-storage/pull/168
Co-Authored-By: Manuel Spigolon <behemoth89@gmail.com>
Co-Authored-By: Juan Gabriel Jiménez <juangabreil@gmail.com>

* chore: update secrets baselines

Co-Authored-By: Liran Tal <liran.tal@gmail.com>

* chore: update lock file

* chore: add logger mock methods

* chore: update @verdaccio/types

* refactor: unit test was flacky

adapt the pkg access to the new configuration setup

* refactor: add plugin methods validation

* test: add test for aesEncrypt

* chore: update local-storage dependency

* chore: add support for experimetns

token will be part of the experiment lists

* chore: increase timeout

* chore: increase timeout threshold

* chore: update nock

* chore: update dependencies

* chore: update eslint config

* chore: update dependencies

* test: add unit test for npm token

* chore: update readme
 2019-09-07 15:46:50 -07:00
Juan Picado @jotadeveloper
d5303f407b
feat: browse web package version (#1457) 
* feat: allow endpoint to query by version

* chore: update @verdaccio/ui-theme

* test: add unit test for sidebar endpoint by version
 2019-09-05 12:12:10 -07:00
Juan Picado @jotadeveloper
06f659c331
chore: add homepage 2019-08-26 07:01:48 +02:00
Juan Picado @jotadeveloper
e7b75646de
chore(release): 4.2.2 2019-08-25 19:20:02 +02:00
Juan Picado @jotadeveloper
37530ac0fd
build: update dependencies (#1452) 
* build: update dependencies

* chore: update dependencies

* chore: update dependencies

* chore: update dependencies

* chore: allow ts-ignore

we will remove this in the future, warn for now

* chore: eslint rules as warning

this is due the update, we will address this later
 2019-08-25 10:16:43 -07:00
Juan Picado @jotadeveloper
423371423a
fix: update @verdaccio/ui-theme@0.2.3 (#1451) 
https://github.com/verdaccio/ui/blob/master/CHANGELOG.md#023-2019-08-25

missing headers on search endpoint with token (#121) (ac58730)
refactoring version page / fix issue not found page #100 (#117) (97e8448)
remove ToReplaceByVerdaccio #108 (#122) (5a9bd60)
api: correctly handle responses with missing content-type header (2049022)
 2019-08-25 09:41:04 -07:00
Liran Tal
9b0b0bfac3 build: Lint the lockfile for security policies (#1444) 
* feat: lint lockfiles

* fix: update secrets baseline
 2019-08-25 09:37:25 -07:00
Juan Picado @jotadeveloper
621ebfeb1a
chore(release): 4.2.1 2019-08-10 13:51:14 +02:00
Juan Picado @jotadeveloper
4fb20efe60
Merge pull request #1418 from jamesgeorge007/hotfix/remove-stub-definition 
fix(chore): remove stub type definition for handlebars
 2019-08-01 18:41:40 +02:00
Zoltan Kochan
849f5bccb4 fix(deps): add missing prod dependency 
http-errors needs to be a prod dependency
as it is used in code.
 2019-07-31 19:08:32 +03:00
jamesgeorge007
de8dc43161 fix: remove stub type definition for handlebars 2019-07-30 14:06:16 +05:30
Juan Picado @jotadeveloper
c1672f7e32
chore(release): 4.2.0 2019-07-29 20:27:48 +02:00
Juan Picado @jotadeveloper
9dd1c8f400
feat: update to @verdaccio/ui-theme@0.2.2 
- fix: https://github.com/verdaccio/ui/issues/76
- fix: https://github.com/verdaccio/ui/issues/75
- fix: https://github.com/verdaccio/ui/pull/106
- feat: https://github.com/verdaccio/ui/pull/47

Co-Authored-By: Priscila Oliveira <priscilawebdev@gmail.com>
Co-Authored-By: Sergio Hg <sergiohgz@users.noreply.github.com>
Co-Authored-By: Griffith <griffithtp@users.noreply.github.com>
 2019-07-29 20:12:00 +02:00
Juan Picado @jotadeveloper
d93e76b366
feat: add new prop to audit middleware 
- context: https://github.com/verdaccio/verdaccio-audit/pull/12
- related https://github.com/verdaccio/verdaccio/issues/1293

Co-Authored-By: Danny Frencham <dfrencham@users.noreply.github.com>
 2019-07-29 10:12:29 +02:00
Liran Tal
c9f1124fda
chore(deps): bump detect-secrets for enhanced dev workflow 2019-07-27 13:32:11 +03:00
Liran Tal
2b218ce0de
fix(security): add secrets baseline 2019-07-19 08:02:08 +03:00
Liran Tal
aa8f1d3318
fix: upgrade to 1.0.2 which solves the docker issue 2019-07-19 06:39:22 +03:00
Liran Tal
9ef6808d4e
feat: prevent secrets from leaking to source control 2019-07-19 06:39:20 +03:00
Juan Picado @jotadeveloper
12b60f6cb7
build: fix semver missing type on build with docker 
it seems the @types/semver do not handle a legitimate method named 'compareLoose'
 2019-07-16 18:27:58 +02:00
Juan Picado @jotadeveloper
66f4197236
feat: convert project to typescript (#1374) 
* chore: test

* chore: add

* chore: more progress

* chore: progress in migration, fix prettier parser

* chore: reduce tsc errors

* chore: refactor storage utils types

* chore: refactor utils types

* chore: refactor local storage types

* chore: refactor config utils types

* chore: refactor tsc types

* refactor: apply eslint fix, tabs etc

* chore: fix lint errors

* test: update unit test conf to typescript setup

few test refactored to typescript

* chore: enable more unit test

migrate to typescript

* chore: migrate storage test to tsc

* chore: migrate up storage test to tsc

* refactor: enable plugin and auth test

* chore: migrate plugin loader test

* chore: update dependencies

* chore: migrate functional test to typescript

* chore: add codecove

* chore: update express

* chore: downgrade puppeteer

The latest version does not seems to work properly fine.

* chore: update dependencies
 2019-07-16 08:40:01 +02:00
Juan Picado @jotadeveloper
274bb1a9b9
chore(release): 4.1.0 2019-07-08 09:47:28 +02:00
Juan Picado @jotadeveloper
44c1610791
chore: restore @verdaccio/ui-theme@0.1.11 
due to https://github.com/verdaccio/ui/issues/89
 2019-07-08 09:40:38 +02:00
Juan Picado @jotadeveloper
a0cf98546b
chore: update dependencies 
regular maintenance
 2019-07-08 09:23:07 +02:00
James George
eb6bf5168b feat(chore): Included provision to show up local environment information (#1365) 
* feat: adds provision to show up environment information

Fixes #1364

* feat: include docker info

* fix: pin envinfo

* fix: lock file

* fix: docker config

* fix: minor refactor

handle async behaviour

* feat: add short version for info
 2019-06-30 18:17:25 +02:00
Juan Picado @jotadeveloper
b38ef9608f
Merge remote-tracking branch 'origin/master' into 4.1.x 2019-06-20 23:21:10 +02:00
Juan Picado @jotadeveloper
1aa9b4d4a5
chore(release): 4.0.4 2019-06-20 22:41:26 +02:00
Juan Picado @jotadeveloper
d252e66588
Merge remote-tracking branch 'origin/master' into 4.1.x 
# Conflicts:
#	test/unit/modules/cli/cli.spec.js
 2019-06-20 15:10:26 +02:00
Juan Picado @jotadeveloper
1d6eb945c9
chore(release): 4.0.3 2019-06-14 06:43:32 +02:00
Juan Picado @jotadeveloper
0fa26293a8
Merge remote-tracking branch 'origin/master' into 4.1.x 2019-06-13 22:04:35 +02:00
Will Smythe
eb7a8e3528 fix(api): return 503 to npm/yarn on uplink connection timeout (#1331) 
fix  #1328 and #720

Type: bug

The following has been addressed in the PR:

Instead of returning a 404 (Not Found) when npm, yarn, etc requests a package and the package cannot be acquired from an uplink due to a connection timeout, socket timeout, or connection reset problem, a 503 (service unavailable) is returned by Verdaccio instead. In limited testing of a few versions of npm and yarn, both of these clients correctly attempt to retry the request when a 503 is returned.

Added functional tests to verify the behavior (this adds a dev dependency on nock, which provides HTTP request mocking

Description:

This resolves issue #1328 and #720, and ensures npm/yarn install commands don't fail immediately when there is an intermittent network timeout problem with an uplink. Instead Verdaccio will appropriately respond to the client with a 503. A 404 response (current behavior) incorrectly tells the client that the package does not exist (which may or may not be true) and to not try again.
 2019-06-13 21:42:01 +02:00
Juan Picado @jotadeveloper
e77ffb4c31
chore(release): 4.0.2 2019-06-13 07:03:25 +02:00
Juan Picado @jotadeveloper
192fb77169
fix(ui): failed to load all packages after login 
more details https://github.com/verdaccio/ui/issues/72
 2019-06-13 06:49:40 +02:00
Juan Picado @jotadeveloper
e5816342a6
fix: update dependencies 
fix #1339 dayjs warning on yarn installation
 2019-06-13 06:42:39 +02:00
Juan Picado @jotadeveloper
d53c345bed
chore(release): 4.0.1 2019-05-28 22:25:42 +02:00
Ayush Sharma
2e71daacfd
chore(release): 4.0.0 2019-05-26 14:43:06 +02:00
Juan Picado @jotadeveloper
197095efe3
Merge branch 'master' into 4.1.x 2019-05-20 13:05:38 -07:00
Juan Picado @jotadeveloper
81ee0fa3f2
chore(release): 4.0.0-beta.10 2019-05-20 21:31:42 +02:00
Juan Picado @jotadeveloper
134a738a47
Merge branch 'master' into 4.1.x 2019-05-20 12:06:54 -07:00
Juan Picado @jotadeveloper
cc7bd999d3
chore(release): 4.0.0-beta.9 2019-05-20 20:59:30 +02:00
Juan Picado @jotadeveloper
26c5e2d670
Merge branch 'master' into 4.1.x 2019-05-17 08:04:13 -07:00
Juan Picado @jotadeveloper
7686417f29
feat: update readme v4 (#1312) 
* feat: update readme v4

* chore: update @verdaccio/ui-theme@0.1.9

* chore: update @verdaccio/ui-theme@0.1.10
 2019-05-17 08:03:58 -07:00
Marc Udoff
b9ffac5d1b feat: plugin support to filter packages 
Add a plugin that can filter all package metadata before being returned.
This enables blocking of packages from verdaccio.

IPluginStorageFilter are loaded like other plugins from the config.
Verdaccio will look for plugins in config.filters and pass this to
storage.init. This is the same design as other plugins and will be
dynamically found with the same rules. These plugins must impliment
a filter_metadata method, which is called serially (in the order
loaded from the config) for every metadata request. It gets a current
copy of a package metadata and may choose to modify it as required.
For example, this may be used to block a bad version of a package or
add a time delay from when new packages can be used from your
registry. Errors in a filter will cause a 404, similar to upLinkErrors
as it is not safe to recover gracefully from them. Note: When version
is removed, be careful about updating tags.

Fixes: #818
 2019-05-15 20:04:41 -04:00
Juan Picado @jotadeveloper
8e48eea511
fix: update @verdaccio/ui-theme:0.1.7 
https://github.com/verdaccio/ui/pull/54
 2019-05-11 09:30:10 +02:00
Juan Picado @jotadeveloper
b4bc6ff4e5
chore: fix #1292 add missing dependencies 
remove non required dependencies
 2019-05-09 23:41:16 +02:00
Juan Picado @jotadeveloper
daa7e897b6
chore(release): 4.0.0-beta.8 2019-05-07 20:59:05 +02:00
Juan Picado @jotadeveloper
144e95f4bf
chore(release): 4.0.0-beta.7 2019-05-07 20:49:16 +02:00
Juan Picado @jotadeveloper
96dd2d8306
chore(release): 4.0.0-beta.6 2019-05-07 07:43:52 +02:00
Juan Picado @jotadeveloper
86a7aa7a0c
chore: update @verdaccio/ui-theme@0.1.5 2019-05-04 16:39:01 +02:00
Juan Picado @jotadeveloper
9589d47ff7
chore(release): 4.0.0-beta.5 2019-04-30 23:48:04 +02:00
Juan Picado @jotadeveloper
5ee485e984
chore: update husky dependencies 2019-04-30 23:07:31 +02:00
Juan Picado @jotadeveloper
f48b23fbcf
fix: remove unused dependencies #1292 2019-04-30 22:49:09 +02:00
Juan Picado @jotadeveloper
f53f4c4536
chore(release): 4.0.0-beta.4 2019-04-29 08:49:03 +02:00
Daniel Ruf
ff71640e8a feat: replace chalk with kleur (#1289) @DanielRuf 
* chore: replace chalk with kleur

* build: add updated lockfile

* chore: add flow-typed stub for kleur 3.0.3

* chore: remove unnecessary whitespace

* test: update snapshot for update-banner.js

* chore: migrate logger.js from chalk to kleur

* chore: use import instead of require
 2019-04-29 08:44:29 +02:00
Juan Picado @jotadeveloper
b8f63295b8
Merge branch 'master' into chore/replace-date-fns-with-dayjs 2019-04-29 00:46:08 +02:00
Daniel Ruf
f637efdd68
chore: replace date-fns with dayjs 2019-04-28 21:45:35 +02:00
Daniel Ruf
3d5abd521b chore: add missing octokit/rest package for the trigger-release script (#1288) 2019-04-28 19:18:30 +02:00
Juan Picado @jotadeveloper
e6690aadbe
chore(release): 4.0.0-beta.3 2019-04-28 15:33:44 +02:00
Juan Picado @jotadeveloper
40679aae9a
fix(ui): version rendering issue 
update @verdaccio/ui-theme@0.1.2
 2019-04-28 15:32:48 +02:00
Juan Picado @jotadeveloper
117e45783e
chore: update dependencies 2019-04-28 00:01:10 +02:00
Juan Picado @jotadeveloper
a2d706244f
chore(release): 4.0.0-beta.2 2019-04-26 07:04:38 +02:00
Juan Picado @jotadeveloper
117cd4f151
chore: update @verdaccio/ui-theme@01.0 2019-04-26 07:03:53 +02:00
Juan Picado @jotadeveloper
313882ca69
chore(release): 4.0.0-beta.1 2019-04-16 19:12:08 +02:00
Juan Picado @jotadeveloper
372cd36497
chore(release): 4.0.0-beta.0 2019-04-15 21:23:41 +02:00
Juan Picado @jotadeveloper
d7e1a97a7c
chore: verdaccio-htpasswd@2.0.0 2019-04-15 20:33:30 +02:00
Snyk bot
fbe9409f86 fix: package.json to reduce vulnerabilities (#1276) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-174183
 2019-04-15 07:25:29 +02:00