Some security vulnerabilities were showing up with npm audit
. This version updates Foal's dependencies to get rid of them.
@foal/acceptance-tests
@foal/aws-s3
@aws-sdk/[email protected]
@aws-sdk/[email protected]
@foal/core
@foal/examples
@foal/redis
Published by LoicPoullain 2 months ago
foal connect react
and support build output dir (PR: #1274)GoogleProvider
types (PR: #1277)index.html
of new applications to avoid polluting the traffic analytics of foalts.org (PR: #1278)@foal/aws-s3
@aws-sdk/[email protected]
@aws-sdk/[email protected]
@foal/cli
@foal/core
@foal/graphql
[email protected]
[email protected]
(peer dependency)@foal/mongodb
This release updates Foal's sub-dependencies, including the express
library, which presents a moderate vulnerability in versions prior to 4.19.2.
@foal/aws-s3
@aws-sdk/[email protected]
@aws-sdk/[email protected]
@foal/core
@foal/swagger
Thanks to Lucho for reporting this vulnerability in the first place!
Published by LoicPoullain 6 months ago
#1250
@foal/aws-s3
@aws-sdk/[email protected]
@aws-sdk/[email protected]
@foal/cli
@foal/core
@foal/jwks-rsa
@foal/social
@foal/socket.io
@foal/swagger
Published by LoicPoullain 12 months ago
cacheControl
option to static middleware (issue: #1221) (PR: #1241 )Published by LoicPoullain almost 1 year ago
@foal/cli
@foal/swagger
@paoloevan
Published by LoicPoullain about 1 year ago
#1223
npx foal upgrade
.typeorm
to v0.3.17, graphql
to v16, type-graphql
to v2, class-validator
to v0.14, mongodb
to v5 and @socket.io/redis-adapter
to v8.MongoDBStore
, there is no need anymore to maintain two versions of mongodb
. You can use version 5 of mongodb
dependency.@foal/socket.io
with redis, install socket.io-adapter
.better-sqlite
driver has been dropped. Use the sqlite3
driver instead. In DB configuration, use type: 'sqlite'
instead of type: 'better-sqlite3'
.@types/node
to v18.11.9.import { ObjectID } from 'typeorm';
to import { ObjectId } from 'typeorm';
@foal/aws-s3
@aws-sdk/[email protected]
@aws-sdk/[email protected]
@foal/cli
@foal/graphiql
@foal/graphql
[email protected]
graphql@^16.8
(peer dependency)@foal/jwks-rsa
@foal/mongodb
@foal/redis
@foal/socket.io
@foal/swagger
@foal/typeorm
[email protected]
(peer dependency)[email protected]
(dev dependency / driver)[email protected]
(dev dependency / driver)@foal/typestack
[email protected]
(peer dependency)Published by LoicPoullain about 1 year ago
The jsonwebtoken
dependency has been upgraded to v9 to address security issues.
Note that RSA key size now must be 2048 bits or greater. Make sure to check the size of your RSA key before upgrading to this version.
@foal/cli
@foal/core
@foal/graphql
@foal/jwt
@foal/social
max-age
attribute of the Strict-Transport-Security
header to "industry standard" (issue: #1146) (PR: #1155)@typescript-eslint/no-non-null-assertion
in generated projects (PR: #1178).env
files (issue: #1182) (PR: #1185)foal upgrade
command (issue: #1158) (PR: #1186, #1193)https://github.com/FoalTS/foal/pull/1162
@foal/aws-s3
@aws-sdk/[email protected]
@aws-sdk/[email protected]
@foal/cli
@foal/core
@foal/jwks-rsa
@foal/mongodb
@foal/socket.io
@foal/swagger
graphql
, etc). Specify which minimum version of TypeORM is required. Upgrade the peer dependencies.
escape
and escapeProp
. Modern frontend frameworks (React, Angular, Vue, etc) take care of this.
Context
class to mainly improve type safety.
undefined
values in configuration (issue: #1071)
foal generate rest-api
command.@foal/aws-s3
aws-sdk
-> @aws-sdk/[email protected]
and @aws-sdk/[email protected]
@foal/cli
@foal/core
@foal/graphql
[email protected]
peerDependencies: graphql@^15.8.0
@foal/jwks-rsa
@foal/jwt
@foal/mongodb
@foal/redis
@foal/socket.io
@foal/storage
@foal/swagger
@foal/typeorm
peerDependencies: typeorm@^0.3.10
@foal/typestack
peerDependencies: [email protected]
peerDependencies: [email protected]
getCsrfTokenFromRequest
util (PR: #1138)jwt
and sessions
into jwt|sessions/core
and jwt|sessions/http
(PR: #1137)getCsrfTokenFromCookie
and shouldVerifyCsrfToken
utils (PR: #1140)jwt/
and sessions/
(PR: #1141)@foal/cli
included as dev dependency in new projects generated by createapp
(issue: #1097) (PR: #1109)http
module in new projects (PR: #1118)concurrently
issue on some OS (issues: #1115, #1022) (PR: #1123)fs.getProjectDependencies
and fs.getProjectDevDependencies
(PR: #1111)common/
internal directory (PR: #1122)@scho-to
graphql
and recent versions of type-graphql
(issue: #1066) (PR: #1068)@foal/core
@foal/mongodb
@foal/socket.io
@LeonardoSalvucci
Published by LoicPoullain over 2 years ago