1
0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-11-13 03:35:52 +01:00
Commit Graph

3668 Commits

Author SHA1 Message Date
Juan Picado @jotadeveloper
fa72de2521
chore: pin dependencies 2020-04-30 07:46:48 +02:00
Juan Picado
87b5822646
chore: update security policy
3.x is no longer supported
2020-04-27 07:51:28 +02:00
Juan Picado @jotadeveloper
afb31b8baf
chore(release): 4.6.1 v4.6.1 2020-04-27 07:42:33 +02:00
Juan Picado
416d41fa08
fix: improve token validation (#1784)
* fix: check name of credentials

* chore: improve validation
2020-04-26 22:26:49 +02:00
Juan Picado @jotadeveloper
9602995636
chore: add is website vulnerable local registry check 2020-04-25 22:21:06 +02:00
Juan Picado @jotadeveloper
e9f99f46e2
chore: restore @octokit/rest 2020-04-24 22:15:11 +02:00
Juan Picado @jotadeveloper
db68680407
chore(release): 4.6.0 v4.6.0 2020-04-24 18:47:28 +02:00
Juan Picado
656ec55897
feat: update @verdaccio/ui-theme@1.5.0 (#1780) 2020-04-24 18:46:14 +02:00
Juan Picado @jotadeveloper
61faa33de1
feat: update docker node to 12.16.2 (#1776) 2020-04-13 11:18:21 +02:00
Juan Picado @jotadeveloper
1a9a12e918
fix: fatal exception and crash when log rotate signal event is called (#1774)
fix #1709
2020-04-10 17:36:29 +02:00
Juan Picado @jotadeveloper
4cf61d6e8c
chore: upgrade dependencies (#1773)
* chore: update dependencies

* chore: rollback @types/express
2020-04-09 11:09:30 +02:00
Juan Picado @jotadeveloper
262241466c
Merge pull request #1761 from verdaccio/snyk-upgrade-d77655948f2b0aa52ea586cedd63fada
[Snyk] Upgrade dayjs from 1.8.21 to 1.8.22
2020-04-09 01:07:43 +02:00
Juan Picado @jotadeveloper
8c135db633
Merge branch 'master' into snyk-upgrade-d77655948f2b0aa52ea586cedd63fada 2020-04-09 00:33:38 +02:00
Juan Picado @jotadeveloper
d68926050d
fix: incorrect primary_color crash the ui (#1771)
* fix: incorrect primary_color crash the ui

* chore: also supports 3 and 6 characters as valid hex
2020-04-09 00:33:03 +02:00
Juan Picado @jotadeveloper
4a812620cf
feat: add dark mode on and chinese translation for web (#1765)
* feat: add dark mode on ui

* chore: update description

* chore: update @verdaccio/ui-theme@1.5.0

* chore: add spaces
2020-04-08 23:24:57 +02:00
snyk-bot
b2d00e4330 fix: upgrade dayjs from 1.8.21 to 1.8.22
Snyk has created this PR to upgrade dayjs from 1.8.21 to 1.8.22.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-31 01:11:38 +00:00
Juan Picado @jotadeveloper
ef185fbeda
chore: update lock bot 2020-03-30 18:36:18 +02:00
Snyk bot
ebae410c81
fix: upgrade dayjs from 1.8.20 to 1.8.21 (#1759)
Snyk has created this PR to upgrade dayjs from 1.8.20 to 1.8.21.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-20 22:37:53 +01:00
Snyk bot
3ec8d13578
fix: upgrade async from 3.1.1 to 3.2.0 (#1756)
Snyk has created this PR to upgrade async from 3.1.1 to 3.2.0.

See this package in NPM:
https://www.npmjs.com/package/async

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-18 17:09:47 +01:00
Juan Picado @jotadeveloper
3e2715fcf7
chore(release): 4.5.1 v4.5.1 2020-03-14 08:31:02 +01:00
Juan Picado @jotadeveloper
17c3324e93
fix: update docs to support minimum node v10 (#1753)
At v4.5.0 we shipped some security releases, one of them is JSDOM https://github.com/jsdom/jsdom/releases/tag/16.0.0 and only supports Node.js v10

Node v8 is out of maintenance so we don't consider this a breaking change.
2020-03-14 08:28:40 +01:00
Juan Picado @jotadeveloper
5c8b267ee0
chore(release): 4.5.0 v4.5.0 2020-03-14 07:36:04 +01:00
Juan Picado @jotadeveloper
c493b316b1
feat: i18n on web (#1750)
* feat: add i18n to web

* chore: enable es features
2020-03-14 07:16:47 +01:00
Snyk bot
981efa5571
fix: upgrade mkdirp from 1.0.0 to 1.0.3 (#1747)
Snyk has created this PR to upgrade mkdirp from 1.0.0 to 1.0.3.

See this package in NPM:
https://www.npmjs.com/package/mkdirp

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-12 23:33:32 +01:00
Juan Picado @jotadeveloper
1e664bdfa5
fix: update dependencies security warnings (#1748) 2020-03-12 07:18:12 +01:00
Snyk bot
3c49777868
fix: package.json & yarn.lock to reduce vulnerabilities (#1746)
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
2020-03-11 22:37:40 +01:00
Juan Picado @jotadeveloper
92135265cd
fix: update @verdaccio/readme@9.3.2 (#1745)
* fix: update @verdaccio/readme@9.3.2

* chore: update github action
2020-03-11 22:27:58 +01:00
Juan Picado @jotadeveloper
1968fa82a2
fix: update acorn@7.1.1 (#1739)
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049
https://www.npmjs.com/advisories/1488
2020-03-07 22:14:50 +01:00
Joshua Jensch
9ac307adc5
feat: add support for new search endpoint(#1732)
https://github.com/verdaccio/verdaccio/issues/310

* Add an incomplete implementation of the v1/search api

* Use parseInt and || instead of ?? for processing numeric arguments

* Remove res.end, as we already use response.json

* Remove unused request parameters and add TODO comment

* Fix eslint errors

Co-authored-by: Joshua Jensch <j.jensch@hvs.de>
2020-03-06 08:19:06 +01:00
Juan Picado @jotadeveloper
0a83d94819
chore: update add new talks 2020-03-06 08:16:42 +01:00
Juan Picado @jotadeveloper
64e2543d59
fix: upgrade semver from 7.1.2 to 7.1.3 (#1735)
Snyk has created this PR to upgrade semver from 7.1.2 to 7.1.3.

See this package in NPM:
https://www.npmjs.com/package/semver

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-05 06:47:33 +01:00
Juan Picado @jotadeveloper
6849ef9697
fix: upgrade dayjs from 1.8.19 to 1.8.20 (#1721)
Snyk has created this PR to upgrade dayjs from 1.8.19 to 1.8.20.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-04 20:39:45 +01:00
Juan Picado @jotadeveloper
11fed6d3c3
fix: upgrade handlebars from 4.7.2 to 4.7.3 (#1726)
Snyk has created this PR to upgrade handlebars from 4.7.2 to 4.7.3.

See this package in NPM:
https://www.npmjs.com/package/handlebars

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-03-04 20:38:20 +01:00
Kevin Yockey
3aaa04829a
fix: adding Content-Type to response in GET /-/all (#1697) (#1728) 2020-03-03 21:16:53 +01:00
Patrick DeVivo
f85cbf3c6c
chore: add TODOs badge to the README (#1725)
Closes #1724
2020-02-27 23:14:04 +01:00
Juan Picado @jotadeveloper
0d7123b7bb
chore(release): 4.4.4 v4.4.4 2020-02-26 22:39:54 +01:00
Snyk bot
c3e931efa1
fix: upgrade semver from 7.1.1 to 7.1.2 (#1719)
Snyk has created this PR to upgrade semver from 7.1.1 to 7.1.2.

See this package in NPM:
https://www.npmjs.com/package/semver

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-02-25 20:41:36 +01:00
Viktor Oreshkin
70a93da1fc
fix: tarball urls for web/package (fix #1714) (#1716) 2020-02-25 20:24:42 +01:00
Snyk bot
1f3f8cd72c
fix: upgrade @verdaccio/local-storage from 9.0.0 to 9.3.0 (#1717)
Snyk has created this PR to upgrade @verdaccio/local-storage from 9.0.0 to 9.3.0.

See this package in NPM:
https://www.npmjs.com/package/@verdaccio/local-storage

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-02-23 10:49:28 +01:00
dependabot[bot]
14565169cb
build(deps-dev): bump codecov from 3.6.1 to 3.6.5 (#1712)
Bumps [codecov](https://github.com/codecov/codecov-node) from 3.6.1 to 3.6.5.
- [Release notes](https://github.com/codecov/codecov-node/releases)
- [Commits](https://github.com/codecov/codecov-node/commits)

Signed-off-by: dependabot[bot] <support@github.com>
2020-02-19 19:18:17 +01:00
Juan Picado @jotadeveloper
d1eb3583aa
chore(release): 4.4.3 v4.4.3 2020-02-19 08:39:48 +01:00
Juan Picado @jotadeveloper
d94f838cd9
fix: update @verdaccio/ui-theme@0.3.13 (#1710) 2020-02-19 08:38:53 +01:00
Snyk bot
a32e431813
fix: upgrade async from 3.1.0 to 3.1.1 (#1708)
Snyk has created this PR to upgrade async from 3.1.0 to 3.1.1.

See this package in NPM:
https://www.npmjs.com/package/async

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-02-16 09:48:07 +01:00
Snyk bot
8c2e58b6af
fix: upgrade handlebars from 4.5.3 to 4.7.2 (#1699)
Snyk has created this PR to upgrade handlebars from 4.5.3 to 4.7.2.

See this package in NPM:
https://www.npmjs.com/package/handlebars

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-02-14 07:06:22 +01:00
Snyk bot
5320b13473
fix: upgrade dayjs from 1.8.17 to 1.8.19 (#1700)
Snyk has created this PR to upgrade dayjs from 1.8.17 to 1.8.19.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-02-14 01:58:18 +01:00
Snyk bot
17ddf3e626
fix: upgrade lockfile-lint from 2.0.1 to 2.2.0 (#1698)
Snyk has created this PR to upgrade lockfile-lint from 2.0.1 to 2.2.0.

See this package in NPM:
https://www.npmjs.com/package/lockfile-lint

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-02-13 22:09:09 +01:00
dependabot-preview[bot]
e350ca4917
build(deps-dev): bump rimraf from 3.0.0 to 3.0.1 (#1691)
Bumps [rimraf](https://github.com/isaacs/rimraf) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/isaacs/rimraf/releases)
- [Changelog](https://github.com/isaacs/rimraf/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/rimraf/compare/v3.0.0...v3.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-02 08:36:26 +01:00
dependabot-preview[bot]
3be99cc758 build(deps-dev): bump typescript from 3.7.1-rc to 3.7.5 (#1679)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.7.1-rc to 3.7.5.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits/v3.7.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-01-20 21:32:23 +01:00
dependabot-preview[bot]
c10bfcb04e build(deps-dev): bump nock from 11.7.0 to 11.7.2 (#1678)
Bumps [nock](https://github.com/nock/nock) from 11.7.0 to 11.7.2.
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v11.7.0...v11.7.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-20 07:21:43 +01:00
Daniel Ruf
fd6c6497fa fix: use https to resolve mixed content errors (#1674)
Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-01-15 20:09:31 +01:00