From 4d64df64f2f03d315be0fbe3f4a67a90716ab157 Mon Sep 17 00:00:00 2001 From: Kristoffer <123738040+zs-ko@users.noreply.github.com> Date: Wed, 15 Nov 2023 22:18:16 +0100 Subject: [PATCH] fix: bump versions (#17) * fix: update vite version for directus/extension (#12) Co-authored-by: Kristoffer * update lock * fix: add override for vite dependency * fix: add error messages on cache * fix: add blank to username/password if undefined * fix: add missing configurations to redis. add more catch statemsnts * doc: add REDIS_JWT_DB * add arm64 * fix: resolve vulnerabilities in get-func-name,postcss,zod * fix: update chai * disable default attestations * fix: correct image build for arm * fix: remove quemu * fix: typo in runner name * fix runner * fix: add platform to build and push resolves arm64 * fix: resolve invalid lock file * fix: Patch workflow and packages (#15) * fix: patch vulnerabilities and add arm64 support (#13) * fix: update vite version for directus/extension (#12) Co-authored-by: Kristoffer * update lock * fix: add override for vite dependency * fix: add error messages on cache * fix: add blank to username/password if undefined * fix: add missing configurations to redis. add more catch statemsnts * doc: add REDIS_JWT_DB * add arm64 * fix: resolve vulnerabilities in get-func-name,postcss,zod * fix: update chai * disable default attestations * fix: correct image build for arm * fix: remove quemu * fix: typo in runner name * fix runner * fix: add platform to build and push resolves arm64 * fix: resolve invalid lock file --------- Co-authored-by: Kristoffer * fix: bump directus sdk (#14) Co-authored-by: zs-ko * ci: add audit to ci --------- Co-authored-by: Kristoffer --------- Co-authored-by: Kristoffer --- .github/workflows/pr.yml | 2 ++ package.json | 3 +-- pnpm-lock.yaml | 22 ++++++++-------------- 3 files changed, 11 insertions(+), 16 deletions(-) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 3b31f4a..baa03d2 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -31,6 +31,8 @@ jobs: name: linting - run: pnpm test:coverage name: testing + - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies + run: pnpm audit signatures - run: pnpm build name: build package - name: 'Report Coverage' diff --git a/package.json b/package.json index 9c467cf..5026240 100644 --- a/package.json +++ b/package.json @@ -149,9 +149,8 @@ "pnpm": { "overrides": { "vite": "^4.3.9", - "get-func-name@<2.0.1": ">=2.0.1", "zod@<=3.22.2": ">=3.22.3", - "postcss@<8.4.31": ">=8.4.31" + "axios@<=1.4.0": ">=1.4.1" } } } \ No newline at end of file diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 4bee9df..e4496c0 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -6,9 +6,8 @@ settings: overrides: vite: ^4.3.9 - get-func-name@<2.0.1: '>=2.0.1' zod@<=3.22.2: '>=3.22.3' - postcss@<8.4.31: '>=8.4.31' + axios@<=1.4.0: '>=1.4.1' dependencies: '@keyv/redis': @@ -395,7 +394,7 @@ packages: dependencies: '@directus/constants': 11.0.1 '@directus/utils': 11.0.1(vue@3.3.4) - axios: 1.4.0 + axios: 1.6.2 lodash-es: 4.17.21 nanoid: 4.0.2 vue: 3.3.4 @@ -2454,16 +2453,6 @@ packages: engines: {node: '>= 0.4'} dev: true - /axios@1.4.0: - resolution: {integrity: sha512-S4XCWMEmzvo64T9GfvQDOXgYRDJ/wsSZc7Jvdgx5u1sd0JwsuPLqb3SYmusag+edF6ziyMensPVqLTSc1PiSEA==} - dependencies: - follow-redirects: 1.15.3 - form-data: 4.0.0 - proxy-from-env: 1.1.0 - transitivePeerDependencies: - - debug - dev: true - /axios@1.6.2: resolution: {integrity: sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A==} dependencies: @@ -3126,7 +3115,7 @@ packages: resolution: {integrity: sha512-t0SFesj/ZV2OTylqQVOrFgEh5uanxbO6ZAdeCrNsUQ6fVuXwYTxJPNAGvGTxHbD68ldIJNec7PyYZDBrfDQ+6A==} engines: {node: ^10 || ^12 || >=14.0} peerDependencies: - postcss: '>=8.4.31' + postcss: ^8.2.15 dependencies: css-declaration-sorter: 6.4.1(postcss@8.4.31) cssnano-utils: 3.1.0(postcss@8.4.31) @@ -7490,6 +7479,11 @@ packages: engines: {node: '>=8'} dev: true + /regexpp@3.2.0: + resolution: {integrity: sha512-pq2bWo9mVD43nbts2wGv17XLiNLya+GklZ8kaDLV2Z08gDCsGpnKn9BFMepvWuHCbyVvY7J5o5+BVvoQbmlJLg==} + engines: {node: '>=8'} + dev: true + /registry-auth-token@5.0.2: resolution: {integrity: sha512-o/3ikDxtXaA59BmZuZrJZDJv8NMDGSj+6j6XaeBmHw8eY1i1qd9+6H+LjVvQXx3HN6aRCGa1cUdJ9RaJZUugnQ==} engines: {node: '>=14'}