mirror of
https://github.com/wassname/talk.git
synced 2026-07-12 07:30:27 +08:00
fix: package upgrade (#2777)
Upgraded some packages to latest. This should resolve #2774. Fixes were also applied after types upgrades that helped discover other errors.
This commit is contained in:
Generated
+1322
-593
File diff suppressed because it is too large
Load Diff
+29
-29
@@ -58,27 +58,27 @@
|
||||
"license": "Apache-2.0",
|
||||
"dependencies": {
|
||||
"@coralproject/bunyan-prettystream": "^0.1.4",
|
||||
"@fluent/bundle": "^0.14.0",
|
||||
"@fluent/bundle": "^0.14.1",
|
||||
"@fluent/dom": "^0.6.0",
|
||||
"@metascraper/helpers": "^5.7.21",
|
||||
"@types/prettier": "^1.19.0",
|
||||
"abort-controller": "^3.0.0",
|
||||
"akismet-api": "^4.2.0",
|
||||
"apollo-server-express": "^2.8.1",
|
||||
"akismet-api": "^5.0.0",
|
||||
"apollo-server-express": "^2.9.15",
|
||||
"archiver": "^3.0.3",
|
||||
"basic-auth": "^2.0.1",
|
||||
"bcryptjs": "^2.4.3",
|
||||
"bull": "^3.8.1",
|
||||
"bull": "^3.12.1",
|
||||
"bunyan": "^1.8.12",
|
||||
"cheerio": "^1.0.0-rc.2",
|
||||
"consolidate": "0.14.0",
|
||||
"content-security-policy-builder": "^2.0.0",
|
||||
"convict": "^4.3.1",
|
||||
"convict": "^5.2.0",
|
||||
"cookie": "^0.4.0",
|
||||
"cookie-parser": "^1.4.4",
|
||||
"cors": "^2.8.4",
|
||||
"cron": "^1.7.1",
|
||||
"csv-stringify": "^5.3.0",
|
||||
"cors": "^2.8.5",
|
||||
"cron": "^1.7.2",
|
||||
"csv-stringify": "^5.3.6",
|
||||
"dataloader": "^1.4.0",
|
||||
"dompurify": "^2.0.7",
|
||||
"dotenv": "^6.0.0",
|
||||
@@ -93,18 +93,18 @@
|
||||
"graphql-extensions": "^0.2.1",
|
||||
"graphql-fields": "^1.1.0",
|
||||
"graphql-playground-html": "^1.6.0",
|
||||
"graphql-redis-subscriptions": "^2.1.0",
|
||||
"graphql-redis-subscriptions": "^2.1.2",
|
||||
"graphql-subscriptions": "^1.1.0",
|
||||
"graphql-tools": "^3.0.5",
|
||||
"helmet": "^3.21.2",
|
||||
"html-minifier": "^3.5.21",
|
||||
"html-to-text": "^4.0.0",
|
||||
"ioredis": "^4.9.0",
|
||||
"joi": "^13.4.0",
|
||||
"jsdom": "^15.0.0",
|
||||
"jsonwebtoken": "^8.3.0",
|
||||
"juice": "^5.2.0",
|
||||
"jwks-rsa": "^1.3.0",
|
||||
"html-minifier": "^4.0.0",
|
||||
"html-to-text": "^5.1.1",
|
||||
"ioredis": "^4.14.1",
|
||||
"joi": "^14.3.1",
|
||||
"jsdom": "^15.2.1",
|
||||
"jsonwebtoken": "^8.5.1",
|
||||
"juice": "^6.0.0",
|
||||
"jwks-rsa": "^1.6.0",
|
||||
"keymaster": "^1.6.2",
|
||||
"linkifyjs": "^2.1.8",
|
||||
"lodash": "^4.17.15",
|
||||
@@ -118,12 +118,12 @@
|
||||
"mongodb-core": "^3.2.7",
|
||||
"ms": "^2.1.1",
|
||||
"node-fetch": "^2.6.0",
|
||||
"nodemailer": "^4.6.7",
|
||||
"nodemailer": "^6.4.2",
|
||||
"nunjucks": "^3.1.3",
|
||||
"on-finished": "^2.3.0",
|
||||
"passport": "^0.4.0",
|
||||
"passport-facebook": "^2.1.1",
|
||||
"passport-google-oauth2": "^0.1.6",
|
||||
"passport": "^0.4.1",
|
||||
"passport-facebook": "^3.0.0",
|
||||
"passport-google-oauth2": "^0.2.0",
|
||||
"passport-local": "^1.0.0",
|
||||
"passport-oauth2": "^1.4.0",
|
||||
"passport-strategy": "^1.0.0",
|
||||
@@ -158,7 +158,7 @@
|
||||
"@types/archiver": "^3.0.0",
|
||||
"@types/basic-auth": "^1.1.2",
|
||||
"@types/bcryptjs": "^2.4.1",
|
||||
"@types/bull": "^3.5.12",
|
||||
"@types/bull": "^3.10.6",
|
||||
"@types/bunyan": "^1.8.4",
|
||||
"@types/case-sensitive-paths-webpack-plugin": "^2.1.2",
|
||||
"@types/cheerio": "^0.22.8",
|
||||
@@ -170,10 +170,10 @@
|
||||
"@types/convict": "^4.2.0",
|
||||
"@types/cookie": "^0.3.3",
|
||||
"@types/cookie-parser": "^1.4.1",
|
||||
"@types/cors": "^2.8.4",
|
||||
"@types/cors": "^2.8.6",
|
||||
"@types/cron": "^1.7.1",
|
||||
"@types/cross-spawn": "^6.0.0",
|
||||
"@types/dompurify": "0.0.33",
|
||||
"@types/dompurify": "^2.0.1",
|
||||
"@types/dotenv": "^4.0.3",
|
||||
"@types/enzyme": "^3.1.15",
|
||||
"@types/enzyme-adapter-react-16": "^1.0.3",
|
||||
@@ -187,12 +187,12 @@
|
||||
"@types/html-minifier": "^3.5.2",
|
||||
"@types/html-to-text": "^1.4.31",
|
||||
"@types/html-webpack-plugin": "^3.2.0",
|
||||
"@types/ioredis": "^4.0.10",
|
||||
"@types/ioredis": "^4.14.3",
|
||||
"@types/jest": "^24.0.23",
|
||||
"@types/jest-axe": "^3.2.1",
|
||||
"@types/joi": "^13.0.8",
|
||||
"@types/joi": "^14.3.4",
|
||||
"@types/jsdom": "^12.2.3",
|
||||
"@types/jsonwebtoken": "^7.2.7",
|
||||
"@types/jsonwebtoken": "^8.3.5",
|
||||
"@types/linkifyjs": "^2.1.1",
|
||||
"@types/lodash": "^4.14.118",
|
||||
"@types/lru-cache": "^5.1.0",
|
||||
@@ -203,11 +203,11 @@
|
||||
"@types/ms": "^0.7.30",
|
||||
"@types/node": "^10.5.2",
|
||||
"@types/node-fetch": "^2.5.3",
|
||||
"@types/nodemailer": "^4.6.2",
|
||||
"@types/nodemailer": "^6.4.0",
|
||||
"@types/nunjucks": "^3.1.1",
|
||||
"@types/object-diff": "0.0.0",
|
||||
"@types/on-finished": "^2.3.1",
|
||||
"@types/passport": "^0.4.6",
|
||||
"@types/passport": "^1.0.2",
|
||||
"@types/passport-facebook": "^2.1.8",
|
||||
"@types/passport-local": "^1.0.33",
|
||||
"@types/passport-oauth2": "^1.4.5",
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
import { FluentBundle } from "@fluent/bundle/compat";
|
||||
import { ErrorRequestHandler } from "express";
|
||||
|
||||
import { CoralError, InternalError } from "coral-server/errors";
|
||||
import { I18n } from "coral-server/services/i18n";
|
||||
import { Request } from "coral-server/types/express";
|
||||
import { ErrorRequestHandler, Request } from "coral-server/types/express";
|
||||
|
||||
/**
|
||||
* wrapError ensures that the error being propagated is a CoralError.
|
||||
@@ -45,10 +44,10 @@ export const JSONErrorHandler = (bundles?: I18n): ErrorRequestHandler => (
|
||||
next
|
||||
) => {
|
||||
// Wrap the error if it needs to be wrapped.
|
||||
err = wrapError(err);
|
||||
const e = wrapError(err);
|
||||
|
||||
// Send the response via JSON.
|
||||
res.status(err.status).json(serializeError(err, req, bundles));
|
||||
res.status(e.status).json(serializeError(e, req, bundles));
|
||||
};
|
||||
|
||||
export const HTMLErrorHandler = (bundles?: I18n): ErrorRequestHandler => (
|
||||
@@ -58,8 +57,8 @@ export const HTMLErrorHandler = (bundles?: I18n): ErrorRequestHandler => (
|
||||
next
|
||||
) => {
|
||||
// Wrap the error if it needs to be wrapped.
|
||||
err = wrapError(err);
|
||||
const e = wrapError(err);
|
||||
|
||||
// Send the response via HTML.
|
||||
res.status(err.status).render("error", serializeError(err, req, bundles));
|
||||
res.status(e.status).render("error", serializeError(e, req, bundles));
|
||||
};
|
||||
|
||||
@@ -286,7 +286,9 @@ export const authenticate = (
|
||||
}
|
||||
|
||||
// Attach the user to the request.
|
||||
req.user = user;
|
||||
if (user) {
|
||||
req.user = user;
|
||||
}
|
||||
|
||||
return next();
|
||||
}
|
||||
|
||||
@@ -1,6 +1,11 @@
|
||||
import Joi from "joi";
|
||||
import jwt from "jsonwebtoken";
|
||||
import jwks, { JwksClient } from "jwks-rsa";
|
||||
import jwks, {
|
||||
CertSigningKey,
|
||||
JwksClient,
|
||||
RsaSigningKey,
|
||||
SigningKey,
|
||||
} from "jwks-rsa";
|
||||
import { isNil } from "lodash";
|
||||
import { Db } from "mongodb";
|
||||
import { Strategy as OAuth2Strategy, VerifyCallback } from "passport-oauth2";
|
||||
@@ -9,7 +14,6 @@ import { Strategy } from "passport-strategy";
|
||||
import { validate } from "coral-server/app/request/body";
|
||||
import { reconstructURL } from "coral-server/app/url";
|
||||
import { IntegrationDisabled, TokenInvalidError } from "coral-server/errors";
|
||||
import { GQLUSER_ROLE } from "coral-server/graph/tenant/schema/__generated__/types";
|
||||
import logger from "coral-server/logger";
|
||||
import { OIDCAuthIntegration } from "coral-server/models/settings";
|
||||
import { Tenant } from "coral-server/models/tenant";
|
||||
@@ -25,6 +29,8 @@ import { findOrCreate } from "coral-server/services/users";
|
||||
import { validateUsername } from "coral-server/services/users/helpers";
|
||||
import { Request } from "coral-server/types/express";
|
||||
|
||||
import { GQLUSER_ROLE } from "coral-server/graph/tenant/schema/__generated__/types";
|
||||
|
||||
export interface Params {
|
||||
id_token?: string;
|
||||
}
|
||||
@@ -82,6 +88,12 @@ export function isOIDCToken(token: OIDCIDToken | object): token is OIDCIDToken {
|
||||
return isNil(error);
|
||||
}
|
||||
|
||||
function isCertSigningKey(
|
||||
key: SigningKey | RsaSigningKey
|
||||
): key is CertSigningKey {
|
||||
return Boolean((key as CertSigningKey).publicKey);
|
||||
}
|
||||
|
||||
/**
|
||||
* keyFunc will provide the secret based on the given jwkw client.
|
||||
*
|
||||
@@ -104,9 +116,11 @@ const signingKeyFactory = (client: jwks.JwksClient): jwt.KeyFunction => (
|
||||
}
|
||||
|
||||
// Grab the signingKey out of the provided key.
|
||||
const signingKey = key.publicKey || key.rsaPublicKey;
|
||||
|
||||
callback(null, signingKey);
|
||||
if (isCertSigningKey(key)) {
|
||||
return callback(null, key.publicKey);
|
||||
} else {
|
||||
return callback(null, key.rsaPublicKey);
|
||||
}
|
||||
});
|
||||
};
|
||||
|
||||
|
||||
@@ -85,7 +85,7 @@ export function prefixSchemeIfRequired(secure: boolean, url: string) {
|
||||
return url;
|
||||
}
|
||||
|
||||
export function extractParentsURL(req: Request) {
|
||||
export function extractParentsURL(req: Pick<Request, "headers" | "query">) {
|
||||
// The only two places this could be is in the referer header or the parentUrl
|
||||
// query parameter (injected by pym.js). If both of these are empty, then we
|
||||
// can't find anything.
|
||||
@@ -116,7 +116,7 @@ export function extractParentsURL(req: Request) {
|
||||
*
|
||||
* @param req the request where we want to extract the parent's hostname from.
|
||||
*/
|
||||
export function extractParentsOrigin(req: Request) {
|
||||
export function extractParentsOrigin(req: Pick<Request, "headers" | "query">) {
|
||||
const url = extractParentsURL(req);
|
||||
if (!url) {
|
||||
return null;
|
||||
|
||||
@@ -70,7 +70,7 @@ export interface Comment extends TenantResource {
|
||||
/**
|
||||
* authorID stores the ID of the User that created this Comment.
|
||||
*/
|
||||
authorID: string;
|
||||
authorID: string | null;
|
||||
|
||||
/**
|
||||
* storyID stores the ID of the Story that this Comment was left on.
|
||||
@@ -319,7 +319,7 @@ export async function editComment(
|
||||
status: {
|
||||
$in: EDITABLE_STATUSES,
|
||||
},
|
||||
deletedAt: null,
|
||||
deletedAt: undefined,
|
||||
createdAt: {
|
||||
$gt: lastEditableCommentCreatedAt,
|
||||
},
|
||||
|
||||
@@ -154,14 +154,7 @@ export async function retrieveSharedModerationQueueQueuesCounts(
|
||||
const key = commentCountsModerationQueueQueuesKey(tenantID);
|
||||
const freshKey = freshenKey(key);
|
||||
|
||||
// Get the values, and the freshness key.
|
||||
const [[, queues], [, fresh]]: [
|
||||
[
|
||||
Error | undefined,
|
||||
Record<keyof CommentModerationCountsPerQueue, string> | null
|
||||
],
|
||||
[Error | undefined, string | null]
|
||||
] = await redis
|
||||
const [[, fresh], [, queues]] = await redis
|
||||
.pipeline()
|
||||
.hgetall(key)
|
||||
.get(freshKey)
|
||||
|
||||
@@ -223,7 +223,10 @@ export async function retrieveTenant(mongo: Db, id: string) {
|
||||
return collection(mongo).findOne({ id });
|
||||
}
|
||||
|
||||
export async function retrieveManyTenants(mongo: Db, ids: string[]) {
|
||||
export async function retrieveManyTenants(
|
||||
mongo: Db,
|
||||
ids: ReadonlyArray<string>
|
||||
) {
|
||||
const cursor = collection(mongo).find({
|
||||
id: {
|
||||
$in: ids,
|
||||
|
||||
@@ -13,7 +13,7 @@ async function processor(
|
||||
): Promise<Notification | null> {
|
||||
// Get the comment that was featured.
|
||||
const comment = await ctx.comments.load(input.commentID);
|
||||
if (!comment || !hasPublishedStatus(comment)) {
|
||||
if (!comment || (!hasPublishedStatus(comment) || !comment.authorID)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@ async function processor(
|
||||
|
||||
// Load the comment in question.
|
||||
const comment = await ctx.comments.load(input.commentID);
|
||||
if (!comment) {
|
||||
if (!comment || !comment.authorID) {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@ async function processor(
|
||||
input: CommentReplyCreatedInput
|
||||
): Promise<Notification | null> {
|
||||
const comment = await ctx.comments.load(input.commentID);
|
||||
if (!comment || !hasPublishedStatus(comment)) {
|
||||
if (!comment || !hasPublishedStatus(comment) || !comment.authorID) {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@@ -14,7 +14,7 @@ async function processor(
|
||||
input: CommentReplyCreatedInput
|
||||
): Promise<Notification | null> {
|
||||
const comment = await ctx.comments.load(input.commentID);
|
||||
if (!comment || !hasPublishedStatus(comment)) {
|
||||
if (!comment || !hasPublishedStatus(comment) || !comment.authorID) {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@@ -78,17 +78,17 @@ async function postCommentToSlack(
|
||||
hookURL: string
|
||||
) {
|
||||
const comment = await ctx.comments.load(commentID);
|
||||
if (comment === null) {
|
||||
return;
|
||||
}
|
||||
const story = await ctx.stories.load(comment.storyID);
|
||||
if (story === null) {
|
||||
if (comment === null || !comment.authorID) {
|
||||
return;
|
||||
}
|
||||
const author = await ctx.users.load(comment.authorID);
|
||||
if (author === null) {
|
||||
return;
|
||||
}
|
||||
const story = await ctx.stories.load(comment.storyID);
|
||||
if (story === null) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Get some properties about the event.
|
||||
const storyTitle = getStoryTitle(story);
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import { Collection, Db } from "mongodb";
|
||||
|
||||
import { ACTION_TYPE } from "coral-server/models/action/comment";
|
||||
import { Story } from "coral-server/models/story";
|
||||
import collections from "coral-server/services/mongodb/collections";
|
||||
|
||||
@@ -96,7 +97,7 @@ async function deleteUserActionCounts(
|
||||
await collections.commentActions(mongo).deleteMany({
|
||||
tenantID,
|
||||
userID,
|
||||
actionType: "REACTION",
|
||||
actionType: ACTION_TYPE.REACTION,
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user