github/directus
1
1
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-04-25 03:00:53 -04:00
Code Issues Packages Projects Releases Wiki Activity
11,909 Commits 309 Branches 443 Tags
6a4413c7bd715eaff2dc80dfbc04601e751d79cf
Commit Graph

3037 Commits

Author SHA1 Message Date
dependabot[bot]
45e1d3e73b Bump graphql from 16.8.2 to 16.9.0 (#22870) 
Bumps [graphql](https://github.com/graphql/graphql-js) from 16.8.2 to 16.9.0.
- [Release notes](https://github.com/graphql/graphql-js/releases)
- [Commits](https://github.com/graphql/graphql-js/compare/v16.8.2...v16.9.0)

---
updated-dependencies:
- dependency-name: graphql
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-28 08:47:32 +02:00
dependabot[bot]
5f1838fd3a Bump pg from 8.11.5 to 8.12.0 (#22871) 
Bumps [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) from 8.11.5 to 8.12.0.
- [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md)
- [Commits](https://github.com/brianc/node-postgres/commits/pg@8.12.0/packages/pg)

---
updated-dependencies:
- dependency-name: pg
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-28 08:46:38 +02:00
Pascal Jufer
7ff5da6522 Account for share when updating stateful sessions (#22867) 
* Account for share when updating stateful sessions

* Add changeset
 2024-06-27 10:57:29 -04:00
Rijk van Zanten
8c8521cf26 Only set default filename disk if none is provided (#22848) 2024-06-27 16:51:05 +02:00
dependabot[bot]
27b06a0df2 Bump liquidjs from 10.13.1 to 10.14.0 (#22850) 
Bumps [liquidjs](https://github.com/harttle/liquidjs) from 10.13.1 to 10.14.0.
- [Release notes](https://github.com/harttle/liquidjs/releases)
- [Changelog](https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/harttle/liquidjs/compare/v10.13.1...v10.14.0)

---
updated-dependencies:
- dependency-name: liquidjs
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-26 09:24:44 +02:00
dependabot[bot]
1c29cec5eb Bump tar from 7.2.0 to 7.4.0 (#22837) 
Bumps [tar](https://github.com/isaacs/node-tar) from 7.2.0 to 7.4.0.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.2.0...v7.4.0)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-25 09:22:02 +02:00
dependabot[bot]
29b9a8f234 Bump @aws-sdk/client-ses from 3.568.0 to 3.600.0 (#22836) 
Bumps [@aws-sdk/client-ses](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ses) from 3.568.0 to 3.600.0.
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ses/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.600.0/clients/client-ses)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ses"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-25 09:18:26 +02:00
Brainslug
454cb534d6 Merge pull request from GHSA-jgf4-vwc3-r46v 
* naive fix for enumeration

* re-added explicit provider check

* Remove user suspended error as well

---------

Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
 2024-06-24 14:51:07 -04:00
dependabot[bot]
9594d04fe3 Bump ws from 8.17.0 to 8.17.1 (#22829) 
Bumps [ws](https://github.com/websockets/ws) from 8.17.0 to 8.17.1.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/8.17.0...8.17.1)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-24 12:27:40 +02:00
dependabot[bot]
436eb4023d Bump joi from 17.13.1 to 17.13.3 (#22809) 
Bumps [joi](https://github.com/hapijs/joi) from 17.13.1 to 17.13.3.
- [Commits](https://github.com/hapijs/joi/compare/v17.13.1...v17.13.3)

---
updated-dependencies:
- dependency-name: joi
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-21 05:55:22 +02:00
dependabot[bot]
41385db3e3 Bump nodemailer from 6.9.13 to 6.9.14 (#22803) 
Bumps [nodemailer](https://github.com/nodemailer/nodemailer) from 6.9.13 to 6.9.14.
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodemailer/nodemailer/compare/v6.9.13...v6.9.14)

---
updated-dependencies:
- dependency-name: nodemailer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-20 08:31:59 +02:00
dependabot[bot]
b901386027 Bump zod-validation-error from 3.2.0 to 3.3.0 (#22791) 
Bumps [zod-validation-error](https://github.com/causaly/zod-validation-error) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/causaly/zod-validation-error/releases)
- [Changelog](https://github.com/causaly/zod-validation-error/blob/main/CHANGELOG.md)
- [Commits](https://github.com/causaly/zod-validation-error/compare/v3.2.0...v3.3.0)

---
updated-dependencies:
- dependency-name: zod-validation-error
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-19 06:01:22 +02:00
dependabot[bot]
a125fc6fa3 Bump pino-pretty from 11.0.0 to 11.2.1 (#22778) 
Bumps [pino-pretty](https://github.com/pinojs/pino-pretty) from 11.0.0 to 11.2.1.
- [Release notes](https://github.com/pinojs/pino-pretty/releases)
- [Commits](https://github.com/pinojs/pino-pretty/compare/v11.0.0...v11.2.1)

---
updated-dependencies:
- dependency-name: pino-pretty
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-18 10:41:02 +02:00
dependabot[bot]
ff94cf4088 Bump pino from 9.1.0 to 9.2.0 (#22768) 
* Bump pino from 9.1.0 to 9.2.0

Bumps [pino](https://github.com/pinojs/pino) from 9.1.0 to 9.2.0.
- [Release notes](https://github.com/pinojs/pino/releases)
- [Commits](https://github.com/pinojs/pino/compare/v9.1.0...v9.2.0)

---
updated-dependencies:
- dependency-name: pino
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update peer dep version

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
 2024-06-17 09:16:59 +00:00
dependabot[bot]
78a124f5a4 Bump graphql from 16.8.1 to 16.8.2 (#22769) 
Bumps [graphql](https://github.com/graphql/graphql-js) from 16.8.1 to 16.8.2.
- [Release notes](https://github.com/graphql/graphql-js/releases)
- [Commits](https://github.com/graphql/graphql-js/compare/v16.8.1...v16.8.2)

---
updated-dependencies:
- dependency-name: graphql
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-17 09:44:13 +02:00
Hannes Küttner
97af4d1507 Fix primary key unique constraint error extraction for MySQL (#22434) 
* Fix primary key unique constraint error extraction for MySQL

* Add changeset

* Add changeset

* Add comment about MariaDB

* Drop 5.7 special case

---------

Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
 2024-06-14 15:42:31 -04:00
José Varela
40a7fd186e API / Graphql: Handle time type as Date scalar (#22726) 
* Handle `time` type as Date scalar

* Add changeset

---------

Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
 2024-06-14 15:06:52 -04:00
ian
07b14e4a4f Add total file size to the telemetry report (#22736) 
* Add total file sizes to telemetry report

* Add tests

* Add missed test

* Add changeset
 2024-06-14 14:59:09 -04:00
Pascal Jufer
09313b6a63 Ensure service integrity (#22738) 
Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
Co-authored-by: ian <licitdev@gmail.com>
 2024-06-14 16:41:45 +02:00
ian
9bde775527 Include admin users under the app access limit (#22760) 
* Include admin users under the app access limit

* Update test

* Add changeset

* Update docs

* Update polite-elephants-juggle.md

---------

Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
 2024-06-14 09:59:49 -04:00
José Varela
5f73ccd1f2 API / CORS: Use coalesce operator because of falsy values (#22721) 
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
 2024-06-14 05:27:13 +00:00
dependabot[bot]
15bfa570c7 Bump sharp from 0.33.3 to 0.33.4 (#22731) 
Bumps [sharp](https://github.com/lovell/sharp) from 0.33.3 to 0.33.4.
- [Release notes](https://github.com/lovell/sharp/releases)
- [Changelog](https://github.com/lovell/sharp/blob/main/docs/changelog.md)
- [Commits](https://github.com/lovell/sharp/compare/v0.33.3...v0.33.4)

---
updated-dependencies:
- dependency-name: sharp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-12 08:02:07 +02:00
dependabot[bot]
c934cdb0e9 Bump oracledb from 6.5.0 to 6.5.1 (#22717) 
Bumps [oracledb](https://github.com/oracle/node-oracledb) from 6.5.0 to 6.5.1.
- [Release notes](https://github.com/oracle/node-oracledb/releases)
- [Changelog](https://github.com/oracle/node-oracledb/blob/main/CHANGELOG.md)
- [Commits](https://github.com/oracle/node-oracledb/compare/v6.5.0...v6.5.1)

---
updated-dependencies:
- dependency-name: oracledb
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-11 09:40:53 +02:00
Brainslug
3fec817d7b Release 10.12.1 (#22712) 2024-06-10 17:16:51 +02:00
ian
d0b91756ad Skip user limits check if no limit is set (#22702) 
Co-authored-by: Hannes Küttner <4376726+hanneskuettner@users.noreply.github.com>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
 2024-06-10 07:56:34 +00:00
dependabot[bot]
b5c4c6dc7c Bump tsx from 4.9.3 to 4.12.0 (#22689) 
Bumps [tsx](https://github.com/privatenumber/tsx) from 4.9.3 to 4.12.0.
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](https://github.com/privatenumber/tsx/compare/v4.9.3...v4.12.0)

---
updated-dependencies:
- dependency-name: tsx
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-07 07:10:19 +02:00
dependabot[bot]
9e29d994d5 Bump inquirer from 9.2.22 to 9.2.23 (#22690) 
Bumps [inquirer](https://github.com/SBoudrias/Inquirer.js) from 9.2.22 to 9.2.23.
- [Release notes](https://github.com/SBoudrias/Inquirer.js/releases)
- [Commits](https://github.com/SBoudrias/Inquirer.js/compare/inquirer@9.2.22...inquirer@9.2.23)

---
updated-dependencies:
- dependency-name: inquirer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-07 06:56:46 +02:00
dependabot[bot]
8d853d6dbf Bump tar from 7.1.0 to 7.2.0 (#22679) 
Bumps [tar](https://github.com/isaacs/node-tar) from 7.1.0 to 7.2.0.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.1.0...v7.2.0)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-06 14:53:02 +02:00
dependabot[bot]
320804c757 Bump @types/express-serve-static-core from 4.19.0 to 4.19.3 (#22663) 
Bumps [@types/express-serve-static-core](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/express-serve-static-core) from 4.19.0 to 4.19.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/express-serve-static-core)

---
updated-dependencies:
- dependency-name: "@types/express-serve-static-core"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-05 08:58:42 +02:00
dependabot[bot]
8bf9805645 Bump argon2 from 0.40.1 to 0.40.3 (#22660) 
Bumps [argon2](https://github.com/ranisalt/node-argon2) from 0.40.1 to 0.40.3.
- [Release notes](https://github.com/ranisalt/node-argon2/releases)
- [Commits](https://github.com/ranisalt/node-argon2/commits)

---
updated-dependencies:
- dependency-name: argon2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-05 02:52:19 +02:00
Brainslug
e469b49583 release 10.12 (#22652) 2024-06-04 17:34:36 +02:00
Pascal Jufer
30e6a0aa4b Align response when updating inexistent role (#22641) 
* Align response when updating inexistent role

* Add changeset
 2024-06-04 17:21:53 +02:00
ian
f5dcd85082 Add user limits (#22479) 
* Limit users

* Add defaults

* Allow specifying of reason for limit exceeded error

* Update config options doc

* Make existing tests pass

* Update extensions limit error

* Update usage of regular expression

Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>

* Rename typo

Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>

* Rename files

Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>

* Use first() and remove redundant +=

* Fix incorrect api access count

* Rework to account for passing of unchanged access values

* Fix increased counts in updateMany

* Consistent error message

* Simplify unnecessary find

* Add tests

* Rename UserCount to AccessTypeCount

* renamed env var

* prettier

* Add changeset

* fix limit checking for batch and status updates

* test and prettier

* removed obsolete check

* updated error

* fixed error usage in extenions service

* Use randomUUID from '@directus/random'

* Fix payload check in updateMany

* implemented RolesService.updateBatch from its parent

* resolved unit test error

* updated type

* fixed existing role query

* Temporary activation of blackbox tests

* Move to separate fn, to make skippable for non-existent role

* Revert "Temporary activation of blackbox tests"

This reverts commit 4c4ac846d6.

* Revert "Move to separate fn, to make skippable for non-existent role"

This reverts commit 1d90a82e39.

* Add user limits - extension (#22642)

* adressing existing users issue

* migrated changes from pascal

* only check the role for active users

* only count active users

* updated incorrect if

* default to count zero

* Undid abstraction to separate function

* fixed updating through user counting error

* prettier

* simplified fallback query

* prettier

* Added try catch to be safee

* updated db mocking for tests

* removed extra check to satisfy implementation tests

---------

Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
Co-authored-by: Brainslug <tim@brainslug.nl>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
 2024-06-04 17:00:17 +02:00
Brainslug
543b345695 Merge pull request from GHSA-7hmh-pfrp-vcx4 
* Add gql parser limit

* Add changeset

* Format docs

---------

Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
 2024-06-04 15:46:50 +02:00
dependabot[bot]
426092d6d0 Bump pino from 9.0.0 to 9.1.0 (#22645) 
Bumps [pino](https://github.com/pinojs/pino) from 9.0.0 to 9.1.0.
- [Release notes](https://github.com/pinojs/pino/releases)
- [Commits](https://github.com/pinojs/pino/compare/v9.0.0...v9.1.0)

---
updated-dependencies:
- dependency-name: pino
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-04 09:51:04 +02:00
ian
47c438b4e3 Improve telemetry with deeper insights into system usage (#22337) 
* Filter by active users

* Allow simple where clause

* Update tests

* Add field counts

* Add database size

* Fix test

* Add changeset

* Remove comment

Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>

* Fix user counts for edge cases

* Update test

* Add db size unit and jsdoc

Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>

* Return null if database size undetermined

Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>

* Fix extensions bundle count

* Update tests

* Account for partially enabled bundles

* Update tests

* Remove inner await

* Account for bundle enabled with all nested extensions disabled

* Update test

* Prefix with users instead

* Fix invalid activeTotal value

Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>

* redo extension counting and fix test

* shorten get field count

* change to test the subtraction instead of implementation

* use new name for key

* Revert users naming convention change

Tricky to map fields from older versions into the updated field names

* Get extensions count from ExtensionManager

Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>

* Update extension count test

* Mock EMAIL_TEMPLATES_PATH

* Fix formatting

---------

Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
 2024-06-03 12:04:15 +02:00
dependabot[bot]
45ae215897 Bump liquidjs from 10.12.0 to 10.13.1 (#22623) 
Bumps [liquidjs](https://github.com/harttle/liquidjs) from 10.12.0 to 10.13.1.
- [Release notes](https://github.com/harttle/liquidjs/releases)
- [Changelog](https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/harttle/liquidjs/compare/v10.12.0...v10.13.1)

---
updated-dependencies:
- dependency-name: liquidjs
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-31 02:42:42 +02:00
dependabot[bot]
9e4fbe0c67 Bump openapi3-ts from 4.3.1 to 4.3.2 (#22610) 
Bumps [openapi3-ts](https://github.com/metadevpro/openapi3-ts) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/metadevpro/openapi3-ts/releases)
- [Changelog](https://github.com/metadevpro/openapi3-ts/blob/master/Changelog.md)
- [Commits](https://github.com/metadevpro/openapi3-ts/commits)

---
updated-dependencies:
- dependency-name: openapi3-ts
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-30 10:49:44 +02:00
Brainslug
b7794870f5 release update (#22594) 2024-05-28 17:01:27 +00:00
Daniel Biegler
78db52949c Add support for custom URLs for email verification (#22565) 
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
 2024-05-28 15:30:41 +00:00
Brainslug
45b0587611 GraphQL Schema Error Warnings (#22535) 2024-05-28 16:12:46 +02:00
ian
f073a5335e Fix logic to update parent bundles enabled status (#22587) 2024-05-28 15:26:38 +02:00
dependabot[bot]
2bcd7b0b0d Bump axios from 1.6.8 to 1.7.2 (#22580) 
Bumps [axios](https://github.com/axios/axios) from 1.6.8 to 1.7.2.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.6.8...v1.7.2)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-27 11:27:37 +02:00
dependabot[bot]
ef54f4b7d9 Bump inquirer from 9.2.20 to 9.2.22 (#22579) 
Bumps [inquirer](https://github.com/SBoudrias/Inquirer.js) from 9.2.20 to 9.2.22.
- [Release notes](https://github.com/SBoudrias/Inquirer.js/releases)
- [Commits](https://github.com/SBoudrias/Inquirer.js/compare/inquirer@9.2.20...inquirer@9.2.22)

---
updated-dependencies:
- dependency-name: inquirer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-27 11:03:19 +02:00
Zehir
7d2a1392f4 Fix #22572 Invalid query for random string (#22573) 
* Fix #22572 Invalid query for random string

* Add changeset

* Run prettier

* Fix unit tests warnings

* redo validation with Joi

* make validation on object level

documents itself and is cleaner to expand on

* Update changeset

* Allow integer only

* Require min value of 1

* Report as query error, ignore unknown queries

---------

Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
 2024-05-26 09:13:17 -04:00
dependabot[bot]
333f0173b7 Bump graphql-compose from 9.0.10 to 9.0.11 (#22547) 
Bumps [graphql-compose](https://github.com/graphql-compose/graphql-compose) from 9.0.10 to 9.0.11.
- [Release notes](https://github.com/graphql-compose/graphql-compose/releases)
- [Changelog](https://github.com/graphql-compose/graphql-compose/blob/master/CHANGELOG.md)
- [Commits](https://github.com/graphql-compose/graphql-compose/compare/v9.0.10...v9.0.11)

---
updated-dependencies:
- dependency-name: graphql-compose
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-23 10:14:55 +02:00
Brainslug
7b212f8f1e v10.11.1 (#22537) 2024-05-21 16:51:19 +00:00
Brainslug
9335664aa8 Session token "safety window" when refreshing (#22503) 
Co-authored-by: Hannes Küttner <4376726+hanneskuettner@users.noreply.github.com>
Co-authored-by: ian <licitdev@gmail.com>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
 2024-05-21 11:50:00 +00:00
Brainslug
8609b4a2db Fix database session duration (#22501) 2024-05-16 17:07:28 +02:00
Brainslug
9a6e23639b Prevent "invalid token" from being blocking (#22459) 
* Throw a consistent invalid credentials error and remove invalid session cookies on the response

* updated tests

* prettier

* Added tests for cookie clearing

* prettier

* Update api/src/middleware/authenticate.test.ts

Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>

* Update api/src/middleware/authenticate.test.ts

Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>

* Update api/src/middleware/authenticate.ts

Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>

---------

Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
 2024-05-14 14:01:40 +02:00