Commit graph

434 commits

Author SHA1 Message Date
c8a07e58f8
server: update summaly
- updates got (CVE-2022-33987)
- now properly preview XHTML pages

Changelog: Security
2023-03-23 20:32:31 +01:00
f68c41dd41 meta: Update Yarn to 3.4.1 2023-02-27 13:00:22 -05:00
2da92eb075 lets do some wavesurfin' :3c 2023-02-19 11:44:18 +01:00
b8963a0119
update yarn.lock 2023-01-12 19:27:16 +01:00
b54e07caec
enhance typeorm-prefer-count lint rule 2023-01-03 02:41:53 +01:00
5b898c6c82
chore: update yarn files 2023-01-02 21:40:12 +01:00
ed9d4023d4 backend: add argon2 support
Passwords will be automatically re-hashed on sign-in.
All new password hashes will be argon2 by default.

This uses argon2id and is not configurable.
In the very unlikely case someone has more specific needs,
a fork is recommended.

ChangeLog: Added

Co-authored-by: Chloe Kudryavtsev <code@toast.bunkerlabs.net>
Reviewed-on: FoundKeyGang/FoundKey#308
2022-12-29 20:13:47 +00:00
e5a4c5d2d0
chore: update @typescript-eslint packages 2022-12-13 15:57:26 -05:00
6bba55c196
sw: add TypeScript type checking
This implements the upstream changes from
https://github.com/misskey-dev/misskey/pull/9314 but updated to our
version of ESLint.

Also updates TypeScript to 4.9.4 for all packages.
2022-12-13 15:42:08 -05:00
b8fb7a38cc server: improve Logger typing information and docs 2022-12-08 23:18:45 -05:00
873e21f090
chore: update eslint 2022-12-07 16:27:53 -05:00
0f3f42eb39
remove rndstr dependency
This dependency was unused in the client.

The use of it in the server can be replaced entirely by the
secureRndstr function, with some slight modifications.

That function could probably be refactored a bit more as well.
2022-12-07 18:08:09 +01:00
d3f1ad9a88 chore: remove unused packages 2022-12-06 23:18:27 +01:00
5733f127ca
backend: update re2 to 1.17.8
This should fix Node 19 compatibility.

Fixes: FoundKeyGang/FoundKey#238
2022-11-28 12:02:24 -05:00
a6e05226ab
client: update vue and eslint-plugin-vue 2022-11-26 19:07:57 -05:00
f817d45210
update eslint and typescript-eslint 2022-11-25 02:07:21 -05:00
b67799ad3f
BREAKING: Remove support for Node 16.x and upgrade to TypeScript 4.9
Now that Node 18 is the new LTS version of Node, it should be safe to
support ES2022 features. The install docs have already been updated to
recommend Node 18.x in 41a710854e.

This will break support on Node 16.x and earlier.

Also update TypeScript to 4.9 which contains various typechecking
improvements: https://devblogs.microsoft.com/typescript/announcing-typescript-4-9/

Ref: FoundKeyGang/FoundKey#238
Changelog: Changed
2022-11-25 02:07:21 -05:00
2b71328c6c
meta: Update to Yarn 3.3.0 2022-11-22 01:07:12 -05:00
71b3b5a60c backend: implement not forwarding block activities (#212)
Fixes FoundKeyGang/FoundKey#211

Commits pulled from https://github.com/misskey-dev/misskey/pull/7799

Changelog: Added
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Co-authored-by: Johann150 <johann.galle@protonmail.com>
Co-authored-by: Francis Dinh <normandy@biribiri.dev>
Reviewed-on: FoundKeyGang/FoundKey#212
2022-11-17 21:24:38 +00:00
7939d130aa backend: update sharp to 0.31.2
Changelog: Fixed
Fixes: FoundKeyGang/FoundKey#226
2022-11-08 01:16:55 -05:00
fb5f498641
Upgrade bull-board to unify misaligned types in its packages 2022-10-31 10:10:27 +01:00
02079593d5 client: Switch to upstream browser-image-resizer version
This should reduce package install times since the pre-built version
from npmjs is used instead of having to build from source.
2022-10-11 03:28:11 +00:00
d8a8306603 client: Sort emojis by query similarity in fuzzy picker (#156)
Co-authored-by: Chloe Kudryavtsev <code@toast.bunkerlabs.net>
Co-authored-by: Michcio <public+git@meekchopp.es>
Reviewed-on: FoundKeyGang/FoundKey#156
Changelog: Changed
Co-authored-by: Michcio <michcio@noreply.akkoma>
Co-committed-by: Michcio <michcio@noreply.akkoma>
2022-09-19 14:43:12 +00:00
cf24cd8809
client: remove @vue/compiler-sfc from package.json
Per the @vue/compiler-sfc description on npmjs.com[1]:
> Note: as of 3.2.13+, this package is included as a dependency of the
> main vue package and can be accessed as vue/compiler-sfc. This means
> you no longer need to explicitly install this package and ensure its
> version match that of vue's. Just use the main vue/compiler-sfc deep
> import instead.

[1]: https://www.npmjs.com/package/@vue/compiler-sfc
2022-09-14 23:39:57 -04:00
9a34e0b2b1
build: update typescript and related packages 2022-09-08 23:00:36 -04:00
3d789c8251
update vue to 3.2.39 2022-09-08 21:52:45 -04:00
0e49c726ec
backend: add @types/pg for pg type definitions 2022-09-07 14:19:03 -04:00
abef030a24 build: Move resolutions sections to workspace package.json
Yarn throws a warning on every `yarn install` that the resolutions
from respective packages' manifests are ignored.
2022-09-06 23:18:15 +02:00
5a9d4a3759
client: update dependencies
- Update Vue to 3.2.38
- Update Vite to 3.1.0
- Update cropperjs
2022-09-06 14:15:46 -04:00
5939c90b84
update eslint plugins 2022-09-06 11:19:34 -04:00
40683b0e10
update tsc-alias 2022-09-05 04:28:08 -04:00
d23b5faeda
foundkey-js: update tsd dependency 2022-09-05 03:20:53 -04:00
892ea5e2bf
upgrade eslint and typescript-related dependencies
Changelog: Changed
2022-09-05 03:15:16 -04:00
2669fc4380
pin dependencies 2022-08-29 20:36:01 -04:00
97b9a00105
security: update dependencies
- file-type: 17.1.2 -> 18.0.0
- got: 12.1.0 -> 12.3.1
- sharp: 0.29.3 -> 0.30.7
2022-08-29 20:33:40 -04:00
41414b4576
chore: remove s-age dependency
This isn't being used anymore since
4e41fa8767.
In any case, age calculation really doesn't need to involve a 3rd party
library.

Ref: FoundKeyGang/FoundKey#90
2022-08-28 11:35:18 -04:00
dd9dc497fb
fix some deps 2022-08-26 18:04:53 -04:00
bc0f0bf08f
add foundkey-js to each workspace package.json 2022-08-26 16:38:41 -04:00
6bb3f39c36
migrate to Yarn 3.2.3 2022-08-26 15:24:29 -04:00
622731d1bd
sw: switch to foundkey-js 2022-08-26 01:35:33 -04:00
e8699ff978
Update yarn lockfile 2022-08-26 00:10:58 -04:00
c1242cfde2
Fix build errors 2022-08-25 23:36:08 -04:00
syuilo
ffa86c1d76
update deps 2022-07-15 10:09:44 +02:00
syuilo
ec6b418a23 update deps 2022-06-10 15:06:42 +09:00
dependabot[bot]
02ec5b1dbe
chore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 (#8708)
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9)

---
updated-dependencies:
- dependency-name: hosted-git-info
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-21 16:45:42 +09:00
dependabot[bot]
992fd76067
chore(deps): bump copy-props from 2.0.4 to 2.0.5 (#8709)
Bumps [copy-props](https://github.com/gulpjs/copy-props) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/gulpjs/copy-props/releases)
- [Changelog](https://github.com/gulpjs/copy-props/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/copy-props/compare/2.0.4...2.0.5)

---
updated-dependencies:
- dependency-name: copy-props
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-19 18:40:13 +09:00
dependabot[bot]
6712650019
chore(deps): bump async from 3.2.1 to 3.2.3 (#8501)
Bumps [async](https://github.com/caolan/async) from 3.2.1 to 3.2.3.
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](https://github.com/caolan/async/compare/v3.2.1...v3.2.3)

---
updated-dependencies:
- dependency-name: async
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-19 18:39:13 +09:00
dependabot[bot]
d9ac9e6d98
chore(deps): bump path-parse from 1.0.6 to 1.0.7 (#8705)
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-19 11:49:54 +09:00
syuilo
fd4ec81bcb update deps 2022-04-11 22:48:04 +09:00
dependabot[bot]
67fc39b8db
chore(deps): bump axios from 0.21.1 to 0.21.4 (#8471)
Bumps [axios](https://github.com/axios/axios) from 0.21.1 to 0.21.4.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v0.21.1...v0.21.4)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-05 21:34:33 +09:00