fix: bump versions (#17)

* fix: update vite version for directus/extension (#12) Co-authored-by: Kristoffer <zs-ko@users.noreply.github.com> * update lock * fix: add override for vite dependency * fix: add error messages on cache * fix: add blank to username/password if undefined * fix: add missing configurations to redis. add more catch statemsnts * doc: add REDIS_JWT_DB * add arm64 * fix: resolve vulnerabilities in get-func-name,postcss,zod * fix: update chai * disable default attestations * fix: correct image build for arm * fix: remove quemu * fix: typo in runner name * fix runner * fix: add platform to build and push resolves arm64 * fix: resolve invalid lock file * fix: Patch workflow and packages (#15) * fix: patch vulnerabilities and add arm64 support (#13) * fix: update vite version for directus/extension (#12) Co-authored-by: Kristoffer <zs-ko@users.noreply.github.com> * update lock * fix: add override for vite dependency * fix: add error messages on cache * fix: add blank to username/password if undefined * fix: add missing configurations to redis. add more catch statemsnts * doc: add REDIS_JWT_DB * add arm64 * fix: resolve vulnerabilities in get-func-name,postcss,zod * fix: update chai * disable default attestations * fix: correct image build for arm * fix: remove quemu * fix: typo in runner name * fix runner * fix: add platform to build and push resolves arm64 * fix: resolve invalid lock file --------- Co-authored-by: Kristoffer <zs-ko@users.noreply.github.com> * fix: bump directus sdk (#14) Co-authored-by: zs-ko <zs-ko@users.noreply.github.com> * ci: add audit to ci --------- Co-authored-by: Kristoffer <zs-ko@users.noreply.github.com> --------- Co-authored-by: Kristoffer <zs-ko@users.noreply.github.com>
2023-11-15 22:18:16 +01:00
parent 3a32ea0376
commit 4d64df64f2
3 changed files with 11 additions and 16 deletions
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -31,6 +31,8 @@ jobs:
        name: linting
      - run: pnpm test:coverage
        name: testing
+      - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
+        run: pnpm audit signatures
      - run: pnpm build
        name: build package
      - name: 'Report Coverage'
--- a/package.json
+++ b/package.json
@@ -149,9 +149,8 @@
 	"pnpm": {
 		"overrides": {
 			"vite": "^4.3.9",
-			"get-func-name@<2.0.1": ">=2.0.1",
 			"zod@<=3.22.2": ">=3.22.3",
-			"postcss@<8.4.31": ">=8.4.31"
+			"axios@<=1.4.0": ">=1.4.1"
 		}
 	}
 }
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -6,9 +6,8 @@ settings:

 overrides:
  vite: ^4.3.9
-  get-func-name@<2.0.1: '>=2.0.1'
  zod@<=3.22.2: '>=3.22.3'
-  postcss@<8.4.31: '>=8.4.31'
+  axios@<=1.4.0: '>=1.4.1'

 dependencies:
  '@keyv/redis':
@@ -395,7 +394,7 @@ packages:
    dependencies:
      '@directus/constants': 11.0.1
      '@directus/utils': 11.0.1(vue@3.3.4)
-      axios: 1.4.0
+      axios: 1.6.2
      lodash-es: 4.17.21
      nanoid: 4.0.2
      vue: 3.3.4
@@ -2454,16 +2453,6 @@ packages:
    engines: {node: '>= 0.4'}
    dev: true

-  /axios@1.4.0:
-    resolution: {integrity: sha512-S4XCWMEmzvo64T9GfvQDOXgYRDJ/wsSZc7Jvdgx5u1sd0JwsuPLqb3SYmusag+edF6ziyMensPVqLTSc1PiSEA==}
-    dependencies:
-      follow-redirects: 1.15.3
-      form-data: 4.0.0
-      proxy-from-env: 1.1.0
-    transitivePeerDependencies:
-      - debug
-    dev: true
-
  /axios@1.6.2:
    resolution: {integrity: sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A==}
    dependencies:
@@ -3126,7 +3115,7 @@ packages:
    resolution: {integrity: sha512-t0SFesj/ZV2OTylqQVOrFgEh5uanxbO6ZAdeCrNsUQ6fVuXwYTxJPNAGvGTxHbD68ldIJNec7PyYZDBrfDQ+6A==}
    engines: {node: ^10 || ^12 || >=14.0}
    peerDependencies:
-      postcss: '>=8.4.31'
+      postcss: ^8.2.15
    dependencies:
      css-declaration-sorter: 6.4.1(postcss@8.4.31)
      cssnano-utils: 3.1.0(postcss@8.4.31)
@@ -7490,6 +7479,11 @@ packages:
    engines: {node: '>=8'}
    dev: true

+  /regexpp@3.2.0:
+    resolution: {integrity: sha512-pq2bWo9mVD43nbts2wGv17XLiNLya+GklZ8kaDLV2Z08gDCsGpnKn9BFMepvWuHCbyVvY7J5o5+BVvoQbmlJLg==}
+    engines: {node: '>=8'}
+    dev: true
+
  /registry-auth-token@5.0.2:
    resolution: {integrity: sha512-o/3ikDxtXaA59BmZuZrJZDJv8NMDGSj+6j6XaeBmHw8eY1i1qd9+6H+LjVvQXx3HN6aRCGa1cUdJ9RaJZUugnQ==}
    engines: {node: '>=14'}