1
0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-11-13 03:35:52 +01:00
Commit Graph

615 Commits

Author SHA1 Message Date
Snyk bot
e374a6248b
fix: package.json & yarn.lock to reduce vulnerabilities (#1876)
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
2020-07-16 08:05:26 +02:00
dependabot[bot]
7409344315
build(deps-dev): bump standard-version from 8.0.0 to 8.0.1 (#1874)
Bumps [standard-version](https://github.com/conventional-changelog/standard-version) from 8.0.0 to 8.0.1.
- [Release notes](https://github.com/conventional-changelog/standard-version/releases)
- [Changelog](https://github.com/conventional-changelog/standard-version/blob/master/CHANGELOG.md)
- [Commits](https://github.com/conventional-changelog/standard-version/compare/v8.0.0...v8.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-14 08:27:56 +02:00
dependabot[bot]
99e6b822b2
build(deps): bump @verdaccio/readme from 9.7.0 to 9.7.1 (#1873)
Bumps [@verdaccio/readme](https://github.com/verdaccio/monorepo/tree/HEAD/core/readme) from 9.7.0 to 9.7.1.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/9.x/core/readme/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v9.7.1/core/readme)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-11 13:09:29 +02:00
dependabot[bot]
3953b79d37
build(deps): bump @verdaccio/local-storage from 9.7.0 to 9.7.1 (#1871)
Bumps [@verdaccio/local-storage](https://github.com/verdaccio/monorepo/tree/HEAD/plugins/local-storage) from 9.7.0 to 9.7.1.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/9.x/plugins/local-storage/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v9.7.1/plugins/local-storage)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-11 10:20:54 +02:00
dependabot[bot]
3d0ba6a4d2
build(deps): bump @verdaccio/commons-api from 9.6.1 to 9.7.1 (#1870)
Bumps [@verdaccio/commons-api](https://github.com/verdaccio/monorepo/tree/HEAD/core/commons-api) from 9.6.1 to 9.7.1.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/9.x/core/commons-api/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v9.7.1/core/commons-api)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-11 10:02:06 +02:00
dependabot[bot]
0348bf6b5d
feat(deps): bump @verdaccio/ui-theme from 1.11.0 to 1.12.0 (#1872)
Bumps [@verdaccio/ui-theme](https://github.com/verdaccio/ui) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/verdaccio/ui/releases)
- [Changelog](https://github.com/verdaccio/ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/ui/compare/v1.11.0...v1.12.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-11 10:01:36 +02:00
Jian-Chen Chen (jesse)
912482a5ae
feat: ca certificate is optional for https configuration (#1853)
* setup https server

* typed handleHttps

* fix if condition

* generate certificate on the fly

* revert yarn.lock

Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-06-30 19:05:29 +02:00
Juan Picado @jotadeveloper
dd9b3cff55
chore(release): 4.7.2 2020-06-26 11:45:42 +02:00
Snyk bot
b559d75f70
fix: package.json & yarn.lock to reduce vulnerabilities (#1863)
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BUNYAN-573166

Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-06-26 08:04:59 +02:00
dependabot[bot]
15025dca5f
build(deps): bump @verdaccio/readme from 9.6.1 to 9.7.0 (#1857)
Bumps [@verdaccio/readme](https://github.com/verdaccio/monorepo/tree/HEAD/core/readme) from 9.6.1 to 9.7.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/9.x/core/readme/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v9.7.0/core/readme)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-25 08:06:42 +02:00
dependabot[bot]
a312111a59
build(deps-dev): bump @verdaccio/babel-preset from 8.5.0 to 9.6.1 (#1858)
Bumps [@verdaccio/babel-preset](https://github.com/verdaccio/monorepo/tree/HEAD/tools/babel-preset) from 8.5.0 to 9.6.1.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/9.x/tools/babel-preset/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v9.6.1/tools/babel-preset)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-24 18:10:59 +02:00
dependabot[bot]
14b06d5cf2
build(deps): bump @verdaccio/local-storage from 9.6.1 to 9.7.0 (#1861)
Bumps [@verdaccio/local-storage](https://github.com/verdaccio/monorepo/tree/HEAD/plugins/local-storage) from 9.6.1 to 9.7.0.
- [Release notes](https://github.com/verdaccio/monorepo/releases)
- [Changelog](https://github.com/verdaccio/monorepo/blob/9.x/plugins/local-storage/CHANGELOG.md)
- [Commits](https://github.com/verdaccio/monorepo/commits/v9.7.0/plugins/local-storage)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-06-24 18:09:35 +02:00
Juan Picado @jotadeveloper
092f62eec2
chore(release): 4.7.1 2020-06-22 13:54:15 +02:00
Juan Picado @jotadeveloper
c0afcadce4
chore(release): 4.7.0 2020-06-20 07:31:57 +02:00
Juan Picado
4d01831842
feat: update ui add new languages (#1849) 2020-06-20 07:24:58 +02:00
Juan Picado
03c7feb64d
feat: update verdaccio plugins and dependencies (#1838)
* chore: update dependencies

* chore: update dependencies

* chore: remove node v10 warning
2020-06-13 10:38:23 +02:00
Juan Picado @jotadeveloper
c7023b9bba
chore: update contributors 2020-06-13 08:45:20 +02:00
dependabot-preview[bot]
530018895c
build(deps): bump mime from 2.4.4 to 2.4.6 (#1831)
Bumps [mime](https://github.com/broofa/mime) from 2.4.4 to 2.4.6.
- [Release notes](https://github.com/broofa/mime/releases)
- [Changelog](https://github.com/broofa/mime/blob/master/CHANGELOG.md)
- [Commits](https://github.com/broofa/mime/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-06 07:43:44 +02:00
Juan Picado
56b677a35a
feat: restore Node 8 support (#1832)
This restore a support I removed in Verdaccio 4.5.0

This means nothing if you were not using Node v8, this support should be removed in a major release.
2020-06-03 22:35:31 +02:00
dependabot-preview[bot]
6b1553c257
build(deps-dev): bump codecov from 3.6.5 to 3.7.0 (#1829)
Bumps [codecov](https://github.com/codecov/codecov-node) from 3.6.5 to 3.7.0.
- [Release notes](https://github.com/codecov/codecov-node/releases)
- [Commits](https://github.com/codecov/codecov-node/compare/v3.6.5...v3.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-03 07:10:29 +02:00
Snyk bot
6e66cc6433
chore: [Snyk] Upgrade verdaccio-audit from 9.4.0 to 9.5.0 (#1821)
* fix: upgrade verdaccio-audit from 9.4.0 to 9.5.0

Snyk has created this PR to upgrade verdaccio-audit from 9.4.0 to 9.5.0.

See this package in NPM:
https://www.npmjs.com/package/verdaccio-audit

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

* fix: upgrade verdaccio-audit from 9.4.0 to 9.5.0

Snyk has created this PR to upgrade verdaccio-audit from 9.4.0 to 9.5.0.

See this package in NPM:
https://www.npmjs.com/package/verdaccio-audit

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-05-24 12:03:44 +02:00
Snyk bot
1e2159a345
fix: [Snyk] upgrade @verdaccio/streams from 9.4.0 to 9.5.0 (#1819)
* fix: upgrade @verdaccio/streams from 9.4.0 to 9.5.0

Snyk has created this PR to upgrade @verdaccio/streams from 9.4.0 to 9.5.0.

See this package in NPM:
https://www.npmjs.com/package/@verdaccio/streams

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

* fix: upgrade @verdaccio/streams from 9.4.0 to 9.5.0

Snyk has created this PR to upgrade @verdaccio/streams from 9.4.0 to 9.5.0.

See this package in NPM:
https://www.npmjs.com/package/@verdaccio/streams

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-05-24 07:59:48 +02:00
dependabot-preview[bot]
f44adf096a
build(deps-dev): bump standard-version from 7.1.0 to 8.0.0 (#1804)
Bumps [standard-version](https://github.com/conventional-changelog/standard-version) from 7.1.0 to 8.0.0.
- [Release notes](https://github.com/conventional-changelog/standard-version/releases)
- [Changelog](https://github.com/conventional-changelog/standard-version/blob/master/CHANGELOG.md)
- [Commits](https://github.com/conventional-changelog/standard-version/compare/v7.1.0...v8.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-12 22:02:03 +02:00
dependabot-preview[bot]
21216b42fa
build(deps): bump semver from 7.2.1 to 7.3.2 (#1802)
Bumps [semver](https://github.com/npm/node-semver) from 7.2.1 to 7.3.2.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/master/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v7.2.1...v7.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-12 21:06:43 +02:00
Snyk bot
50f6c71a37
fix: upgrade mkdirp from 1.0.3 to 1.0.4 (#1782)
* fix: upgrade mkdirp from 1.0.3 to 1.0.4

Snyk has created this PR to upgrade mkdirp from 1.0.3 to 1.0.4.

See this package in NPM:
https://www.npmjs.com/package/mkdirp

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

* fix: upgrade mkdirp from 1.0.3 to 1.0.4

Snyk has created this PR to upgrade mkdirp from 1.0.3 to 1.0.4.

See this package in NPM:
https://www.npmjs.com/package/mkdirp

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-05-01 12:42:58 +02:00
Juan Picado @jotadeveloper
07f1232f65
chore(release): 4.6.2 2020-05-01 11:15:10 +02:00
Juan Picado
f9e7f8671b
fix: update core dependencies (#1790)
- @verdaccio/ui-theme@1.7.1 add language switch and fix bug translations powered by @priscilawebdev
- verdaccio-htpasswd@9.4.1 generate non-constant legacy 2 byte salt by @michaellotz-iart
- update dayjs and envinfo
2020-04-30 20:39:46 +02:00
Juan Picado @jotadeveloper
fa72de2521
chore: pin dependencies 2020-04-30 07:46:48 +02:00
Juan Picado @jotadeveloper
afb31b8baf
chore(release): 4.6.1 2020-04-27 07:42:33 +02:00
Juan Picado @jotadeveloper
e9f99f46e2
chore: restore @octokit/rest 2020-04-24 22:15:11 +02:00
Juan Picado @jotadeveloper
db68680407
chore(release): 4.6.0 2020-04-24 18:47:28 +02:00
Juan Picado
656ec55897
feat: update @verdaccio/ui-theme@1.5.0 (#1780) 2020-04-24 18:46:14 +02:00
Juan Picado @jotadeveloper
4cf61d6e8c
chore: upgrade dependencies (#1773)
* chore: update dependencies

* chore: rollback @types/express
2020-04-09 11:09:30 +02:00
Juan Picado @jotadeveloper
8c135db633
Merge branch 'master' into snyk-upgrade-d77655948f2b0aa52ea586cedd63fada 2020-04-09 00:33:38 +02:00
Juan Picado @jotadeveloper
4a812620cf
feat: add dark mode on and chinese translation for web (#1765)
* feat: add dark mode on ui

* chore: update description

* chore: update @verdaccio/ui-theme@1.5.0

* chore: add spaces
2020-04-08 23:24:57 +02:00
snyk-bot
b2d00e4330 fix: upgrade dayjs from 1.8.21 to 1.8.22
Snyk has created this PR to upgrade dayjs from 1.8.21 to 1.8.22.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-31 01:11:38 +00:00
Snyk bot
ebae410c81
fix: upgrade dayjs from 1.8.20 to 1.8.21 (#1759)
Snyk has created this PR to upgrade dayjs from 1.8.20 to 1.8.21.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-20 22:37:53 +01:00
Snyk bot
3ec8d13578
fix: upgrade async from 3.1.1 to 3.2.0 (#1756)
Snyk has created this PR to upgrade async from 3.1.1 to 3.2.0.

See this package in NPM:
https://www.npmjs.com/package/async

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-18 17:09:47 +01:00
Juan Picado @jotadeveloper
3e2715fcf7
chore(release): 4.5.1 2020-03-14 08:31:02 +01:00
Juan Picado @jotadeveloper
17c3324e93
fix: update docs to support minimum node v10 (#1753)
At v4.5.0 we shipped some security releases, one of them is JSDOM https://github.com/jsdom/jsdom/releases/tag/16.0.0 and only supports Node.js v10

Node v8 is out of maintenance so we don't consider this a breaking change.
2020-03-14 08:28:40 +01:00
Juan Picado @jotadeveloper
5c8b267ee0
chore(release): 4.5.0 2020-03-14 07:36:04 +01:00
Juan Picado @jotadeveloper
c493b316b1
feat: i18n on web (#1750)
* feat: add i18n to web

* chore: enable es features
2020-03-14 07:16:47 +01:00
Snyk bot
981efa5571
fix: upgrade mkdirp from 1.0.0 to 1.0.3 (#1747)
Snyk has created this PR to upgrade mkdirp from 1.0.0 to 1.0.3.

See this package in NPM:
https://www.npmjs.com/package/mkdirp

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-12 23:33:32 +01:00
Juan Picado @jotadeveloper
1e664bdfa5
fix: update dependencies security warnings (#1748) 2020-03-12 07:18:12 +01:00
Snyk bot
3c49777868
fix: package.json & yarn.lock to reduce vulnerabilities (#1746)
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
2020-03-11 22:37:40 +01:00
Juan Picado @jotadeveloper
92135265cd
fix: update @verdaccio/readme@9.3.2 (#1745)
* fix: update @verdaccio/readme@9.3.2

* chore: update github action
2020-03-11 22:27:58 +01:00
Juan Picado @jotadeveloper
64e2543d59
fix: upgrade semver from 7.1.2 to 7.1.3 (#1735)
Snyk has created this PR to upgrade semver from 7.1.2 to 7.1.3.

See this package in NPM:
https://www.npmjs.com/package/semver

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-05 06:47:33 +01:00
Juan Picado @jotadeveloper
6849ef9697
fix: upgrade dayjs from 1.8.19 to 1.8.20 (#1721)
Snyk has created this PR to upgrade dayjs from 1.8.19 to 1.8.20.

See this package in NPM:
https://www.npmjs.com/package/dayjs

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr
2020-03-04 20:39:45 +01:00
Juan Picado @jotadeveloper
11fed6d3c3
fix: upgrade handlebars from 4.7.2 to 4.7.3 (#1726)
Snyk has created this PR to upgrade handlebars from 4.7.2 to 4.7.3.

See this package in NPM:
https://www.npmjs.com/package/handlebars

See this project in Snyk:
https://app.snyk.io/org/juanpicado/project/0c76bae8-cfcd-43f7-aff5-70f221855049?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Juan Picado @jotadeveloper <juanpicado19@gmail.com>
2020-03-04 20:38:20 +01:00
Juan Picado @jotadeveloper
0d7123b7bb
chore(release): 4.4.4 2020-02-26 22:39:54 +01:00