Merge branch 'develop' of github.com:Budibase/budibase into fix/add-automation-step

.github/workflows/deploy-cloud.yaml

@@ -12,31 +12,22 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      # - name: Fail if not a tag
+      - name: Fail if not a tag
-      #   run: |
-      #     if [[ $GITHUB_REF != refs/tags/* ]]; then
-      #       echo "Workflow Dispatch can only be run on tags"
-      #       exit 1
-      #     fi
-
-      - uses: actions/checkout@v2
-        # with:
-        #   fetch-depth: 0
-
-      # - name: Fail if tag is not in master
-      #   run: |
-      #     if ! git merge-base --is-ancestor ${{ github.sha }} origin/master; then
-      #       echo "Tag is not in master. This pipeline can only execute tags that are present on the master branch"
-      #       exit 1
-      #     fi
-
-      - name: Pull values.yaml from budibase-infra
         run: |
-          curl -H "Authorization: token ${{ secrets.GH_ACCESS_TOKEN }}" \
+          if [[ $GITHUB_REF != refs/tags/* ]]; then
-          -H 'Accept: application/vnd.github.v3.raw' \
+            echo "Workflow Dispatch can only be run on tags"
-          -o values.production.yaml \
+            exit 1
-          -L https://api.github.com/repos/budibase/budibase-infra/contents/kubernetes/values.yaml
+          fi
-          wc -l values.production.yaml
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Fail if tag is not in master
+        run: |
+          if ! git merge-base --is-ancestor ${{ github.sha }} origin/master; then
+            echo "Tag is not in master. This pipeline can only execute tags that are present on the master branch"
+            exit 1
+          fi
 
       - name: Get the latest budibase release version
         id: version
@@ -48,29 +39,10 @@ jobs:
           fi
           echo "RELEASE_VERSION=$release_version" >> $GITHUB_ENV
 
-      - name: Configure AWS Credentials
+      - uses: passeidireto/trigger-external-workflow-action@main
-        uses: aws-actions/configure-aws-credentials@v1
+        env:
+          PAYLOAD_VERSION: ${{ env.RELEASE_VERSION }}
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          repository: budibase/budibase-deploys
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          event: budicloud-prod-deploy
-          aws-region: eu-west-1
+          github_pat: ${{ secrets.GH_ACCESS_TOKEN }}
-
-      - name: Deploy to EKS
-        uses: craftech-io/eks-helm-deploy-action@v1
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS__KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: eu-west-1
-          cluster-name: budibase-eks-production
-          config-files: values.production.yaml
-          chart-path: charts/budibase
-          namespace: budibase
-          values: globals.appVersion=v${{ env.RELEASE_VERSION }},services.couchdb.url=${{ secrets.PRODUCTION_COUCHDB_URL }},services.couchdb.password=${{ secrets.PRODUCTION_COUCHDB_PASSWORD }}
-          name: budibase-prod
-
-      - name: Discord Webhook Action
-        uses: tsickert/discord-webhook@v4.0.0
-        with:
-          webhook-url: ${{ secrets.PROD_DEPLOY_WEBHOOK_URL }}
-          content: "Production Deployment Complete: ${{ env.RELEASE_VERSION }} deployed to Budibase Cloud."
-          embed-title: ${{ env.RELEASE_VERSION }}

.github/workflows/deploy-preprod.yml

@@ -25,50 +25,17 @@ jobs:
             exit 1
           fi
 
-
       - name: Get the latest budibase release version
         id: version
         run: |
           release_version=$(cat lerna.json | jq -r '.version')
           echo "RELEASE_VERSION=$release_version" >> $GITHUB_ENV
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v1
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: eu-west-1
 
-      - name: Pull values.yaml from budibase-infra
+      - uses: passeidireto/trigger-external-workflow-action@main
-        run: |
-          curl -H "Authorization: token ${{ secrets.GH_ACCESS_TOKEN }}" \
-          -H 'Accept: application/vnd.github.v3.raw' \
-          -o values.preprod.yaml \
-          -L https://api.github.com/repos/budibase/budibase-infra/contents/kubernetes/budibase-preprod/values.yaml
-          wc -l values.preprod.yaml
-      - name: Deploy to Preprod Environment
-        uses: budibase/helm@v1.8.0
-        with:
-          release: budibase-preprod
-          namespace: budibase
-          chart: charts/budibase
-          token: ${{ github.token }}
-          helm: helm3
-          values: |
-            globals: 
-              appVersion: v${{ env.RELEASE_VERSION }}
-            ingress:
-              enabled: true
-              nginx: true
-          value-files: >-
-            [
-              "values.preprod.yaml"
-            ]
         env:
-          KUBECONFIG_FILE: '${{ secrets.PREPROD_KUBECONFIG }}'
+          PAYLOAD_VERSION: ${{ env.RELEASE_VERSION }}
-
-      - name: Discord Webhook Action
-        uses: tsickert/discord-webhook@v4.0.0
         with:
-          webhook-url: ${{ secrets.PROD_DEPLOY_WEBHOOK_URL }}
+          repository: budibase/budibase-deploys
-          content: "Preprod Deployment Complete: ${{ env.RELEASE_VERSION }} deployed to Budibase Pre-prod."
+          event: budicloud-preprod-deploy
-          embed-title: ${{ env.RELEASE_VERSION }}
+          github_pat: ${{ secrets.GH_ACCESS_TOKEN }}
+

lerna.json

@@ -1,5 +1,5 @@
 {
-  "version": "2.7.7-alpha.5",
+  "version": "2.7.25-alpha.5",
   "npmClient": "yarn",
   "packages": [
     "packages/backend-core",

package.json

@@ -2,13 +2,13 @@
   "name": "root",
   "private": true,
   "devDependencies": {
-    "@esbuild-plugins/node-resolve": "^0.2.2",
     "@esbuild-plugins/tsconfig-paths": "^0.1.2",
     "@nx/js": "16.2.1",
     "@rollup/plugin-json": "^4.0.2",
     "@typescript-eslint/parser": "5.45.0",
     "babel-eslint": "^10.0.3",
     "esbuild": "^0.17.18",
+    "esbuild-node-externals": "^1.7.0",
     "eslint": "^7.28.0",
     "eslint-plugin-cypress": "^2.11.3",
     "eslint-plugin-svelte3": "^3.2.0",
@@ -50,7 +50,7 @@
     "kill-all": "yarn run kill-builder && yarn run kill-server",
     "dev": "yarn run kill-all && lerna run --stream --parallel dev:builder --stream",
     "dev:noserver": "yarn run kill-builder && lerna run --stream dev:stack:up && lerna run --stream --parallel dev:builder --ignore @budibase/backend-core --ignore @budibase/server --ignore @budibase/worker",
-    "dev:server": "yarn run kill-server && lerna run --stream --parallel dev:builder --scope @budibase/worker --scope @budibase/server",
+    "dev:server": "yarn run kill-server && yarn build --projects=@budibase/client && lerna run --stream --parallel dev:builder --scope @budibase/worker --scope @budibase/server",
     "dev:built": "yarn run kill-all && cd packages/server && yarn dev:stack:up && cd ../../ && lerna run --stream --parallel dev:built",
     "dev:docker": "yarn build:docker:pre && docker-compose -f hosting/docker-compose.build.yaml -f hosting/docker-compose.dev.yaml --env-file hosting/.env up --build --scale proxy-service=0",
     "test": "lerna run --stream test --stream",

packages/backend-core/jest.config.ts

@@ -31,4 +31,6 @@ const config: Config.InitialOptions = {
   coverageReporters: ["lcov", "json", "clover"],
 }
 
+process.env.DISABLE_PINO_LOGGER = "1"
+
 export default config

packages/backend-core/package.json

@@ -27,7 +27,7 @@
     "@techpass/passport-openidconnect": "0.3.2",
     "aws-cloudfront-sign": "2.2.0",
     "aws-sdk": "2.1030.0",
-    "bcrypt": "5.0.1",
+    "bcrypt": "5.1.0",
     "bcryptjs": "2.4.3",
     "bull": "4.10.1",
     "correlation-id": "4.0.0",

packages/backend-core/src/db/lucene.ts

@@ -343,6 +343,9 @@ export class QueryBuilder<T> {
     }
 
     const oneOf = (key: string, value: any) => {
+      if (!value) {
+        return `*:*`
+      }
       if (!Array.isArray(value)) {
         if (typeof value === "string") {
           value = value.split(",")

packages/backend-core/src/db/tests/lucene.spec.ts

@@ -114,6 +114,25 @@ describe("lucene", () => {
       expect(resp.rows.length).toBe(2)
     })
 
+    it("should return all rows when doing a one of search against falsey value", async () => {
+      const builder = new QueryBuilder(dbName, INDEX_NAME)
+      builder.addOneOf("property", null)
+      let resp = await builder.run()
+      expect(resp.rows.length).toBe(3)
+
+      builder.addOneOf("property", undefined)
+      resp = await builder.run()
+      expect(resp.rows.length).toBe(3)
+
+      builder.addOneOf("property", "")
+      resp = await builder.run()
+      expect(resp.rows.length).toBe(3)
+
+      builder.addOneOf("property", [])
+      resp = await builder.run()
+      expect(resp.rows.length).toBe(0)
+    })
+
     it("should be able to perform a contains search", async () => {
       const builder = new QueryBuilder(dbName, INDEX_NAME)
       builder.addContains("property", ["word"])

packages/backend-core/src/security/encryption.ts

@@ -1,12 +1,17 @@
 import crypto from "crypto"
+import fs from "fs"
+import zlib from "zlib"
 import env from "../environment"
+import { join } from "path"
 
 const ALGO = "aes-256-ctr"
 const SEPARATOR = "-"
 const ITERATIONS = 10000
-const RANDOM_BYTES = 16
 const STRETCH_LENGTH = 32
 
+const SALT_LENGTH = 16
+const IV_LENGTH = 16
+
 export enum SecretOption {
   API = "api",
   ENCRYPTION = "encryption",
@@ -31,15 +36,15 @@ export function getSecret(secretOption: SecretOption): string {
   return secret
 }
 
-function stretchString(string: string, salt: Buffer) {
+function stretchString(secret: string, salt: Buffer) {
-  return crypto.pbkdf2Sync(string, salt, ITERATIONS, STRETCH_LENGTH, "sha512")
+  return crypto.pbkdf2Sync(secret, salt, ITERATIONS, STRETCH_LENGTH, "sha512")
 }
 
 export function encrypt(
   input: string,
   secretOption: SecretOption = SecretOption.API
 ) {
-  const salt = crypto.randomBytes(RANDOM_BYTES)
+  const salt = crypto.randomBytes(SALT_LENGTH)
   const stretched = stretchString(getSecret(secretOption), salt)
   const cipher = crypto.createCipheriv(ALGO, stretched, salt)
   const base = cipher.update(input)
@@ -60,3 +65,115 @@ export function decrypt(
   const final = decipher.final()
   return Buffer.concat([base, final]).toString()
 }
+
+export async function encryptFile(
+  { dir, filename }: { dir: string; filename: string },
+  secret: string
+) {
+  const outputFileName = `${filename}.enc`
+
+  const filePath = join(dir, filename)
+  const inputFile = fs.createReadStream(filePath)
+  const outputFile = fs.createWriteStream(join(dir, outputFileName))
+
+  const salt = crypto.randomBytes(SALT_LENGTH)
+  const iv = crypto.randomBytes(IV_LENGTH)
+  const stretched = stretchString(secret, salt)
+  const cipher = crypto.createCipheriv(ALGO, stretched, iv)
+
+  outputFile.write(salt)
+  outputFile.write(iv)
+
+  inputFile.pipe(zlib.createGzip()).pipe(cipher).pipe(outputFile)
+
+  return new Promise<{ filename: string; dir: string }>(r => {
+    outputFile.on("finish", () => {
+      r({
+        filename: outputFileName,
+        dir,
+      })
+    })
+  })
+}
+
+async function getSaltAndIV(path: string) {
+  const fileStream = fs.createReadStream(path)
+
+  const salt = await readBytes(fileStream, SALT_LENGTH)
+  const iv = await readBytes(fileStream, IV_LENGTH)
+  fileStream.close()
+  return { salt, iv }
+}
+
+export async function decryptFile(
+  inputPath: string,
+  outputPath: string,
+  secret: string
+) {
+  const { salt, iv } = await getSaltAndIV(inputPath)
+  const inputFile = fs.createReadStream(inputPath, {
+    start: SALT_LENGTH + IV_LENGTH,
+  })
+
+  const outputFile = fs.createWriteStream(outputPath)
+
+  const stretched = stretchString(secret, salt)
+  const decipher = crypto.createDecipheriv(ALGO, stretched, iv)
+
+  const unzip = zlib.createGunzip()
+
+  inputFile.pipe(decipher).pipe(unzip).pipe(outputFile)
+
+  return new Promise<void>((res, rej) => {
+    outputFile.on("finish", () => {
+      outputFile.close()
+      res()
+    })
+
+    inputFile.on("error", e => {
+      outputFile.close()
+      rej(e)
+    })
+
+    decipher.on("error", e => {
+      outputFile.close()
+      rej(e)
+    })
+
+    unzip.on("error", e => {
+      outputFile.close()
+      rej(e)
+    })
+
+    outputFile.on("error", e => {
+      outputFile.close()
+      rej(e)
+    })
+  })
+}
+
+function readBytes(stream: fs.ReadStream, length: number) {
+  return new Promise<Buffer>((resolve, reject) => {
+    let bytesRead = 0
+    const data: Buffer[] = []
+
+    stream.on("readable", () => {
+      let chunk
+
+      while ((chunk = stream.read(length - bytesRead)) !== null) {
+        data.push(chunk)
+        bytesRead += chunk.length
+      }
+
+      resolve(Buffer.concat(data))
+    })
+
+    stream.on("end", () => {
+      reject(new Error("Insufficient data in the stream."))
+    })
+
+    stream.on("error", error => {
+      reject(error)
+    })
+  })
+}

packages/backend-core/src/security/roles.ts

@@ -140,9 +140,13 @@ export function lowerBuiltinRoleID(roleId1?: string, roleId2?: string): string {
  * Gets the role object, this is mainly useful for two purposes, to check if the level exists and
  * to check if the role inherits any others.
  * @param {string|null} roleId The level ID to lookup.
+ * @param {object|null} opts options for the function, like whether to halt errors, instead return public.
  * @returns {Promise<Role|object|null>} The role object, which may contain an "inherits" property.
  */
-export async function getRole(roleId?: string): Promise<RoleDoc | undefined> {
+export async function getRole(
+  roleId?: string,
+  opts?: { defaultPublic?: boolean }
+): Promise<RoleDoc | undefined> {
   if (!roleId) {
     return undefined
   }
@@ -161,6 +165,9 @@ export async function getRole(roleId?: string): Promise<RoleDoc | undefined> {
     // finalise the ID
     role._id = getExternalRoleID(role._id)
   } catch (err) {
+    if (!isBuiltin(roleId) && opts?.defaultPublic) {
+      return cloneDeep(BUILTIN_ROLES.PUBLIC)
+    }
     // only throw an error if there is no role at all
     if (Object.keys(role).length === 0) {
       throw err

packages/bbui/src/Modal/Modal.svelte

@@ -8,6 +8,7 @@
 
   export let fixed = false
   export let inline = false
+  export let disableCancel = false
 
   const dispatch = createEventDispatcher()
   let visible = fixed || inline
@@ -38,7 +39,7 @@
   }
 
   export function cancel() {
-    if (!visible) {
+    if (!visible || disableCancel) {
       return
     }
     dispatch("cancel")

packages/bbui/src/Table/Table.svelte

@@ -204,6 +204,12 @@
     })
     return columns
       .sort((a, b) => {
+        if (a.divider) {
+          return a
+        }
+        if (b.divider) {
+          return b
+        }
         const orderA = a.order || Number.MAX_SAFE_INTEGER
         const orderB = b.order || Number.MAX_SAFE_INTEGER
         const nameA = getDisplayName(a)

packages/builder/index.html

@@ -5,9 +5,10 @@
 	<meta charset='utf8'>
 	<meta name='viewport' content='width=device-width'>
 	<title>Budibase</title>
-	<link rel="preconnect" href="https://fonts.gstatic.com" />
+	<link href="/builder/fonts/source-sans-pro/400.css" rel="stylesheet" />
-	<link href="https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap"
+	<link href="/builder/fonts/source-sans-pro/600.css" rel="stylesheet" />
-		rel="stylesheet" />
+	<link href="/builder/fonts/source-sans-pro/700.css" rel="stylesheet" />
+	<link href="/builder/fonts/remixicon.css" rel="stylesheet" />
 </head>
 
 <body id="app">

packages/builder/package.json

@@ -70,6 +70,7 @@
     "@codemirror/state": "^6.2.0",
     "@codemirror/theme-one-dark": "^6.1.2",
     "@codemirror/view": "^6.11.2",
+    "@fontsource/source-sans-pro": "^5.0.3",
     "@fortawesome/fontawesome-svg-core": "^6.2.1",
     "@fortawesome/free-brands-svg-icons": "^6.2.1",
     "@fortawesome/free-solid-svg-icons": "^6.2.1",
@@ -122,6 +123,7 @@
     "tsconfig-paths": "4.0.0",
     "typescript": "4.7.3",
     "vite": "^3.0.8",
+    "vite-plugin-static-copy": "^0.16.0",
     "vitest": "^0.29.2"
   },
   "nx": {

packages/builder/src/builderStore/store/frontend.js

@@ -74,6 +74,7 @@ const INITIAL_FRONTEND_STATE = {
   propertyFocus: null,
   builderSidePanel: false,
   hasLock: true,
+  showPreview: false,
 
   // URL params
   selectedScreenId: null,

packages/builder/src/components/automation/AutomationBuilder/FlowChart/ActionModal.svelte

@@ -12,7 +12,7 @@
   import { automationStore, selectedAutomation } from "builderStore"
   import { admin, licensing } from "stores/portal"
   import { externalActions } from "./ExternalActions"
-  import { TriggerStepID } from "constants/backend/automations"
+  import { TriggerStepID, ActionStepID } from "constants/backend/automations"
   import { checkForCollectStep } from "builderStore/utils"
 
   export let blockIdx
@@ -149,7 +149,7 @@
           <div class="item-body">
             <Icon name={action.icon} />
             <Body size="XS">{action.name}</Body>
-            {#if isDisabled && !syncAutomationsEnabled}
+            {#if isDisabled && !syncAutomationsEnabled && action.stepId === ActionStepID.COLLECT}
               <div class="tag-color">
                 <Tags>
                   <Tag icon="LockClosed">Business</Tag>

packages/builder/src/components/backend/DataTable/formula.js

@@ -76,6 +76,10 @@ export function getBindings({
       // will be replaced by the main array binding
       readableBinding: label,
       runtimeBinding: binding,
+      display: {
+        name: label,
+        type: field.name === FIELDS.LINK.name ? "Array" : field.name,
+      },
     })
   }
   return bindings

packages/builder/src/components/backend/DatasourceNavigator/modals/DatasourceConfigModal.svelte

@@ -57,6 +57,12 @@
   }
 
   async function saveDatasource() {
+    if (integration.features?.[DatasourceFeature.CONNECTION_CHECKING]) {
+      const valid = await validateConfig()
+      if (!valid) {
+        return false
+      }
+    }
     try {
       if (!datasource.name) {
         datasource.name = name

packages/builder/src/components/commandPalette/CommandPalette.svelte

@@ -69,7 +69,7 @@
       name: "App",
       description: "",
       icon: "Play",
-      action: () => window.open(`/${$store.appId}`),
+      action: () => store.update(state => ({ ...state, showPreview: true })),
     },
     {
       type: "Preview",

packages/builder/src/components/common/bindings/BindingPanel.svelte

@@ -19,7 +19,7 @@
     readableToRuntimeBinding,
     runtimeToReadableBinding,
   } from "builderStore/dataBinding"
-  import { store } from "builderStore"
+
   import { convertToJS } from "@budibase/string-templates"
   import { admin } from "stores/portal"
   import CodeEditor from "../CodeEditor/CodeEditor.svelte"
@@ -339,16 +339,18 @@
           </Tab>
         {/if}
         <div class="drawer-actions">
+          {#if drawerActions?.hide}
             <Button
               secondary
               quiet
               on:click={() => {
-              store.actions.settings.propertyFocus(null)
                 drawerActions.hide()
               }}
             >
               Cancel
             </Button>
+          {/if}
+          {#if bindingDrawerActions?.save}
             <Button
               cta
               disabled={!valid}
@@ -358,6 +360,7 @@
             >
               Save
             </Button>
+          {/if}
         </div>
       </Tabs>
     </div>

packages/builder/src/components/common/bindings/BindingPicker.svelte

@@ -36,7 +36,7 @@
     .map(([name, categoryBindings]) => ({
       name,
       bindings: categoryBindings?.filter(binding => {
-        return binding.readableBinding.match(searchRgx)
+        return !search || binding.readableBinding.match(searchRgx)
       }),
     }))
     .filter(category => {
@@ -46,7 +46,11 @@
       )
     })
   $: filteredHelpers = helpers?.filter(helper => {
-    return helper.label.match(searchRgx) || helper.description.match(searchRgx)
+    return (
+      !search ||
+      helper.label.match(searchRgx) ||
+      helper.description.match(searchRgx)
+    )
   })
 
   const getHelperExample = (helper, js) => {
@@ -124,9 +128,6 @@
       <span
         class="search-input-icon"
         on:click={() => {
-          if (!search) {
-            return
-          }
           search = null
         }}
         class:searching={search}

packages/builder/src/components/common/bindings/DrawerBindableCombobox.svelte

@@ -76,7 +76,7 @@
   {/if}
 </div>
 
-<Drawer bind:this={bindingDrawer} {title}>
+<Drawer bind:this={bindingDrawer} {title} headless>
   <svelte:fragment slot="description">
     Add the objects on the left to enrich your text.
   </svelte:fragment>

packages/builder/src/components/common/bindings/DrawerBindableInput.svelte

@@ -5,8 +5,6 @@
     runtimeToReadableBinding,
   } from "builderStore/dataBinding"
 
-  import { store } from "builderStore"
-
   import ClientBindingPanel from "components/common/bindings/ClientBindingPanel.svelte"
   import { createEventDispatcher, setContext } from "svelte"
   import { isJSBinding } from "@budibase/string-templates"
@@ -36,7 +34,6 @@
 
   const saveBinding = () => {
     onChange(tempValue)
-    store.actions.settings.propertyFocus(null)
     onBlur()
     bindingDrawer.hide()
   }
@@ -70,7 +67,6 @@
     <div
       class="icon"
       on:click={() => {
-        store.actions.settings.propertyFocus(key)
         bindingDrawer.show()
       }}
     >

packages/builder/src/components/deploy/AppActions.svelte

@@ -62,7 +62,10 @@
   }
 
   const previewApp = () => {
-    window.open(`/${application}`)
+    store.update(state => ({
+      ...state,
+      showPreview: true,
+    }))
   }
 
   const viewApp = () => {

packages/builder/src/components/design/settings/controls/PropertyControl.svelte

@@ -73,10 +73,6 @@
     if (highlighted) {
       store.actions.settings.highlight(null)
     }
-    // To fix focus 'affect' when property is target of a drawer other actions in the builder.
-    if (propertyFocus) {
-      store.actions.settings.propertyFocus(null)
-    }
   })
 </script>
 

packages/builder/src/components/integration/QueryEditor.svelte

@@ -186,7 +186,6 @@
   }
 
   div :global(.CodeMirror) {
-    width: var(--code-mirror-width) !important;
     height: var(--code-mirror-height) !important;
     border-radius: var(--border-radius-s);
     font-family: var(--font-mono);

packages/builder/src/components/start/CreateAppModal.svelte

@@ -11,6 +11,7 @@
   import TemplateCard from "components/common/TemplateCard.svelte"
   import createFromScratchScreen from "builderStore/store/screenTemplates/createFromScratchScreen"
   import { Roles } from "constants/backend"
+  import { lowercase } from "helpers"
 
   export let template
 
@@ -19,6 +20,7 @@
 
   const values = writable({ name: "", url: null })
   const validation = createValidationStore()
+  const encryptionValidation = createValidationStore()
 
   $: {
     const { url } = $values
@@ -27,8 +29,11 @@
       ...$values,
       url: url?.[0] === "/" ? url.substring(1, url.length) : url,
     })
+    encryptionValidation.check({ ...$values })
   }
 
+  $: encryptedFile = $values.file?.name?.endsWith(".enc.tar.gz")
+
   onMount(async () => {
     const lastChar = $auth.user?.firstName
       ? $auth.user?.firstName[$auth.user?.firstName.length - 1]
@@ -87,6 +92,9 @@
     appValidation.name(validation, { apps: applications })
     appValidation.url(validation, { apps: applications })
     appValidation.file(validation, { template })
+
+    encryptionValidation.addValidatorType("encryptionPassword", "text", true)
+
     // init validation
     const { url } = $values
     validation.check({
@@ -110,6 +118,9 @@
         data.append("templateName", template.name)
         data.append("templateKey", template.key)
         data.append("templateFile", $values.file)
+        if ($values.encryptionPassword?.trim()) {
+          data.append("encryptionPassword", $values.encryptionPassword.trim())
+        }
       }
 
       // Create App
@@ -143,18 +154,57 @@
       $goto(`/builder/app/${createdApp.instance._id}`)
     } catch (error) {
       creating = false
-      console.error(error)
+      throw error
+    }
+  }
+
+  const Step = { CONFIG: "config", SET_PASSWORD: "set_password" }
+  let currentStep = Step.CONFIG
+  $: stepConfig = {
+    [Step.CONFIG]: {
+      title: "Create your app",
+      confirmText: template?.fromFile ? "Import app" : "Create app",
+      onConfirm: async () => {
+        if (encryptedFile) {
+          currentStep = Step.SET_PASSWORD
+          return false
+        } else {
+          try {
+            await createNewApp()
+          } catch (error) {
             notifications.error("Error creating app")
           }
         }
+      },
+      isValid: $validation.valid,
+    },
+    [Step.SET_PASSWORD]: {
+      title: "Provide the export password",
+      confirmText: "Import app",
+      onConfirm: async () => {
+        try {
+          await createNewApp()
+        } catch (e) {
+          let message = "Error creating app"
+          if (e.message) {
+            message += `: ${lowercase(e.message)}`
+          }
+          notifications.error(message)
+          return false
+        }
+      },
+      isValid: $encryptionValidation.valid,
+    },
+  }
 </script>
 
 <ModalContent
-  title={"Create your app"}
+  title={stepConfig[currentStep].title}
-  confirmText={template?.fromFile ? "Import app" : "Create app"}
+  confirmText={stepConfig[currentStep].confirmText}
-  onConfirm={createNewApp}
+  onConfirm={stepConfig[currentStep].onConfirm}
-  disabled={!$validation.valid}
+  disabled={!stepConfig[currentStep].isValid}
 >
+  {#if currentStep === Step.CONFIG}
     {#if template && !template?.fromFile}
       <TemplateCard
         name={template.name}
@@ -204,6 +254,19 @@
         </div>
       {/if}
     </span>
+  {/if}
+  {#if currentStep === Step.SET_PASSWORD}
+    <Input
+      autofocus={true}
+      label="Imported file password"
+      type="password"
+      bind:value={$values.encryptionPassword}
+      disabled={creating}
+      on:blur={() => ($encryptionValidation.touched.encryptionPassword = true)}
+      error={$encryptionValidation.touched.encryptionPassword &&
+        $encryptionValidation.errors.encryptionPassword}
+    />
+  {/if}
 </ModalContent>
 
 <style>

packages/builder/src/components/start/ExportAppModal.svelte

@@ -1,27 +1,128 @@
 <script>
-  import { ModalContent, Toggle, Body, InlineAlert } from "@budibase/bbui"
+  import {
+    ModalContent,
+    Toggle,
+    Body,
+    InlineAlert,
+    Input,
+    notifications,
+  } from "@budibase/bbui"
+  import { createValidationStore } from "helpers/validation/yup"
 
   export let app
   export let published
-  let excludeRows = false
+  let includeInternalTablesRows = true
+  let encypt = true
 
-  $: title = published ? "Export published app" : "Export latest app"
+  let password = null
-  $: confirmText = published ? "Export published" : "Export latest"
+  const validation = createValidationStore()
+  validation.addValidatorType("password", "password", true)
+  $: validation.observe("password", password)
 
-  const exportApp = () => {
+  const Step = { CONFIG: "config", SET_PASSWORD: "set_password" }
+  let currentStep = Step.CONFIG
+
+  $: exportButtonText = published ? "Export published" : "Export latest"
+  $: stepConfig = {
+    [Step.CONFIG]: {
+      title: published ? "Export published app" : "Export latest app",
+      confirmText: encypt ? "Continue" : exportButtonText,
+      onConfirm: () => {
+        if (!encypt) {
+          exportApp()
+        } else {
+          currentStep = Step.SET_PASSWORD
+          return false
+        }
+      },
+      isValid: true,
+    },
+    [Step.SET_PASSWORD]: {
+      title: "Add password to encrypt your export",
+      confirmText: exportButtonText,
+      onConfirm: async () => {
+        await validation.check({ password })
+        if (!$validation.valid) {
+          return false
+        }
+        exportApp(password)
+      },
+      isValid: $validation.valid,
+    },
+  }
+
+  const exportApp = async () => {
     const id = published ? app.prodId : app.devId
-    const appName = encodeURIComponent(app.name)
+    const url = `/api/backups/export?appId=${id}`
-    window.location = `/api/backups/export?appId=${id}&appname=${appName}&excludeRows=${excludeRows}`
+    await downloadFile(url, {
+      excludeRows: !includeInternalTablesRows,
+      encryptPassword: password,
+    })
+  }
+
+  async function downloadFile(url, body) {
+    try {
+      const response = await fetch(url, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify(body),
+      })
+
+      if (response.ok) {
+        const contentDisposition = response.headers.get("Content-Disposition")
+
+        const matches = /filename[^;=\n]*=((['"]).*?\2|[^;\n]*)/.exec(
+          contentDisposition
+        )
+
+        const filename = matches[1].replace(/['"]/g, "")
+
+        const url = URL.createObjectURL(await response.blob())
+
+        const link = document.createElement("a")
+        link.href = url
+        link.download = filename
+        link.click()
+
+        URL.revokeObjectURL(url)
+      } else {
+        notifications.error("Error exporting the app.")
+      }
+    } catch (error) {
+      notifications.error(error.message || "Error downloading the exported app")
+    }
   }
 </script>
 
-<ModalContent {title} {confirmText} onConfirm={exportApp}>
+<ModalContent
+  title={stepConfig[currentStep].title}
+  confirmText={stepConfig[currentStep].confirmText}
+  onConfirm={stepConfig[currentStep].onConfirm}
+  disabled={!stepConfig[currentStep].isValid}
+>
+  {#if currentStep === Step.CONFIG}
+    <Body>
+      <Toggle
+        text="Export rows from internal tables"
+        bind:value={includeInternalTablesRows}
+      />
+      <Toggle text="Encrypt my export" bind:value={encypt} />
+    </Body>
+    {#if !encypt}
       <InlineAlert
         header="Do not share your budibase application exports publicly as they may contain sensitive information such as database credentials or secret keys."
       />
-  <Body
+    {/if}
-    >Apps can be exported with or without data that is within internal tables -
+  {/if}
-    select this below.</Body
+  {#if currentStep === Step.SET_PASSWORD}
-  >
+    <Input
-  <Toggle text="Exclude Rows" bind:value={excludeRows} />
+      type="password"
+      label="Password"
+      placeholder="Type here..."
+      bind:value={password}
+      error={$validation.errors.password}
+    />
+  {/if}
 </ModalContent>

packages/builder/src/helpers/validation/validation.js

@@ -6,7 +6,6 @@ export function createValidationStore(initialValue, ...validators) {
   let touched = false
 
   const value = writable(initialValue || "")
-  const error = derived(value, $v => validate($v, validators))
   const touchedStore = derived(value, () => {
     if (!touched) {
       touched = true
@@ -14,6 +13,10 @@ export function createValidationStore(initialValue, ...validators) {
     }
     return touched
   })
+  const error = derived(
+    [value, touchedStore],
+    ([$v, $t]) => $t && validate($v, validators)
+  )
 
   return [value, error, touchedStore]
 }

packages/builder/src/helpers/validation/yup/index.js

@@ -5,6 +5,7 @@ import { notifications } from "@budibase/bbui"
 
 export const createValidationStore = () => {
   const DEFAULT = {
+    values: {},
     errors: {},
     touched: {},
     valid: false,
@@ -33,6 +34,9 @@ export const createValidationStore = () => {
       case "email":
         propertyValidator = string().email().nullable()
         break
+      case "password":
+        propertyValidator = string().nullable()
+        break
       default:
         propertyValidator = string().nullable()
     }
@@ -41,9 +45,68 @@ export const createValidationStore = () => {
       propertyValidator = propertyValidator.required()
     }
 
+    // We want to do this after the possible required validation, to prioritise the required error
+    switch (type) {
+      case "password":
+        propertyValidator = propertyValidator.min(8)
+        break
+    }
+
     validator[propertyName] = propertyValidator
   }
 
+  const observe = async (propertyName, value) => {
+    const values = get(validation).values
+    let fieldIsValid
+    if (!Object.prototype.hasOwnProperty.call(values, propertyName)) {
+      // Initial setup
+      values[propertyName] = value
+      return
+    }
+
+    if (value === values[propertyName]) {
+      return
+    }
+
+    const obj = object().shape(validator)
+    try {
+      validation.update(store => {
+        store.errors[propertyName] = null
+        return store
+      })
+      await obj.validateAt(propertyName, { [propertyName]: value })
+      fieldIsValid = true
+    } catch (error) {
+      const [fieldError] = error.errors
+      if (fieldError) {
+        validation.update(store => {
+          store.errors[propertyName] = capitalise(fieldError)
+          store.valid = false
+          return store
+        })
+      }
+    }
+
+    if (fieldIsValid) {
+      // Validate the rest of the fields
+      try {
+        await obj.validate(
+          { ...values, [propertyName]: value },
+          { abortEarly: false }
+        )
+        validation.update(store => {
+          store.valid = true
+          return store
+        })
+      } catch {
+        validation.update(store => {
+          store.valid = false
+          return store
+        })
+      }
+    }
+  }
+
   const check = async values => {
     const obj = object().shape(validator)
     // clear the previous errors
@@ -87,5 +150,6 @@ export const createValidationStore = () => {
     check,
     addValidator,
     addValidatorType,
+    observe,
   }
 }

packages/builder/src/pages/builder/Branding.svelte

@@ -8,7 +8,7 @@
   $: platformTitle =
     !$auth.user && platformTitleText ? platformTitleText : "Budibase"
 
-  $: faviconUrl = $organisation.faviconUrl || "https://i.imgur.com/Xhdt1YP.png"
+  $: faviconUrl = $organisation.faviconUrl || "/builder/bblogo.png"
 
   onMount(async () => {
     await organisation.init()
@@ -27,6 +27,6 @@
     <link rel="icon" href={faviconUrl} />
   {:else}
     <!-- A default must be set or the browser defaults to favicon.ico behaviour -->
-    <link rel="icon" href={"https://i.imgur.com/Xhdt1YP.png"} />
+    <link rel="icon" href={"/builder/bblogo.png"} />
   {/if}
 </svelte:head>

packages/builder/src/pages/builder/app/[application]/_components/PreviewOverlay.svelte

@@ -0,0 +1,91 @@
+<script>
+  import { onMount } from "svelte"
+  import { fade, fly } from "svelte/transition"
+  import { store, selectedScreen } from "builderStore"
+  import { ProgressCircle } from "@budibase/bbui"
+
+  $: route = $selectedScreen?.routing.route || "/"
+  $: src = `/${$store.appId}#${route}`
+
+  const close = () => {
+    store.update(state => ({
+      ...state,
+      showPreview: false,
+    }))
+  }
+
+  onMount(() => {
+    window.closePreview = () => {
+      store.update(state => ({
+        ...state,
+        showPreview: false,
+      }))
+    }
+  })
+</script>
+
+<div
+  class="preview-overlay"
+  transition:fade={{ duration: 260 }}
+  on:click|self={close}
+>
+  <div
+    class="container spectrum {$store.theme}"
+    transition:fly={{ duration: 260, y: 130 }}
+  >
+    <div class="header placeholder" />
+    <div class="loading placeholder">
+      <ProgressCircle />
+    </div>
+    <iframe title="Budibase App Preview" {src} />
+  </div>
+</div>
+
+<style>
+  .preview-overlay {
+    top: 0;
+    right: 0;
+    left: 0;
+    bottom: 0;
+    z-index: 999;
+    position: absolute;
+    background: rgba(255, 255, 255, 0.1);
+    display: flex;
+    align-items: stretch;
+    padding: 48px;
+  }
+  .container {
+    flex: 1 1 auto;
+    background: var(--spectrum-global-color-gray-75);
+    border-radius: 4px;
+    display: flex;
+    flex-direction: column;
+    overflow: hidden;
+    position: relative;
+    box-shadow: 0 0 80px 0 rgba(0, 0, 0, 0.5);
+  }
+  iframe {
+    position: absolute;
+    height: 100%;
+    width: 100%;
+    border: none;
+    outline: none;
+    z-index: 1;
+  }
+  .header {
+    height: 60px;
+    width: 100%;
+    background: black;
+    top: 0;
+    position: absolute;
+  }
+  .loading {
+    position: absolute;
+    top: 50%;
+    left: 50%;
+    transform: translateY(-50%) translateX(-50%);
+  }
+  .placeholder {
+    z-index: 0;
+  }
+</style>

packages/builder/src/pages/builder/app/[application]/_layout.svelte

@@ -24,6 +24,7 @@
   import BuilderSidePanel from "./_components/BuilderSidePanel.svelte"
   import UserAvatars from "./_components/UserAvatars.svelte"
   import { TOUR_KEYS, TOURS } from "components/portal/onboarding/tours.js"
+  import PreviewOverlay from "./_components/PreviewOverlay.svelte"
 
   export let application
 
@@ -140,7 +141,7 @@
   <BuilderSidePanel />
 {/if}
 
-<div class="root">
+<div class="root" class:blur={$store.showPreview}>
   <div class="top-nav">
     {#if $store.initialised}
       <div class="topleftnav">
@@ -230,6 +231,10 @@
   {/await}
 </div>
 
+{#if $store.showPreview}
+  <PreviewOverlay />
+{/if}
+
 <svelte:window on:keydown={handleKeyDown} />
 <Modal bind:this={commandPaletteModal}>
   <CommandPalette />
@@ -248,6 +253,10 @@
     width: 100%;
     display: flex;
     flex-direction: column;
+    transition: filter 260ms ease-out;
+  }
+  .root.blur {
+    filter: blur(8px);
   }
 
   .top-nav {

packages/builder/src/pages/builder/app/[application]/data/datasource/[datasourceId]/index.svelte

@@ -22,6 +22,7 @@
   import ImportRestQueriesModal from "components/backend/DatasourceNavigator/modals/ImportRestQueriesModal.svelte"
   import { API } from "api"
   import { DatasourceFeature } from "@budibase/types"
+  import Spinner from "components/common/Spinner.svelte"
 
   const querySchema = {
     name: {},
@@ -33,6 +34,7 @@
   let isValid = true
   let integration, baseDatasource, datasource
   let queryList
+  let loading = false
 
   $: baseDatasource = $datasources.selected
   $: queryList = $queries.list.filter(
@@ -65,9 +67,11 @@
   }
 
   const saveDatasource = async () => {
-    if (integration.features[DatasourceFeature.CONNECTION_CHECKING]) {
+    loading = true
+    if (integration.features?.[DatasourceFeature.CONNECTION_CHECKING]) {
       const valid = await validateConfig()
       if (!valid) {
+        loading = false
         return false
       }
     }
@@ -82,6 +86,8 @@
       baseDatasource = cloneDeep(datasource)
     } catch (err) {
       notifications.error(`Error saving datasource: ${err}`)
+    } finally {
+      loading = false
     }
   }
 
@@ -119,8 +125,17 @@
       <Divider />
       <div class="config-header">
         <Heading size="S">Configuration</Heading>
-        <Button disabled={!changed || !isValid} cta on:click={saveDatasource}>
+        <Button
+          disabled={!changed || !isValid || loading}
+          cta
+          on:click={saveDatasource}
+        >
+          <div class="save-button-content">
+            {#if loading}
+              <Spinner size="10">Save</Spinner>
+            {/if}
             Save
+          </div>
         </Button>
       </div>
       <IntegrationConfigForm
@@ -216,4 +231,10 @@
     flex-direction: column;
     gap: var(--spacing-m);
   }
+
+  .save-button-content {
+    display: flex;
+    align-items: center;
+    gap: var(--spacing-s);
+  }
 </style>

packages/builder/src/pages/builder/portal/apps/onboarding/_components/ExampleApp.svelte

@@ -44,7 +44,7 @@
 <div tabindex="-1" class="exampleApp">
   <div class="page">
     <div class="header">
-      <img alt="Budibase Logo" src={"https://i.imgur.com/Xhdt1YP.png"} />
+      <img alt="Budibase Logo" src={"/builder/bblogo.png"} />
       <h1>{name}</h1>
     </div>
     <div class="nav">Home</div>

packages/builder/src/pages/builder/portal/users/users/index.svelte

@@ -373,7 +373,7 @@
   <OnboardingTypeModal {chooseCreationType} />
 </Modal>
 
-<Modal bind:this={passwordModal}>
+<Modal bind:this={passwordModal} disableCancel={true}>
   <PasswordModal
     createUsersResponse={bulkSaveResponse}
     userData={userData.users}

packages/builder/vite.config.js

@@ -1,6 +1,7 @@
 import { svelte } from "@sveltejs/vite-plugin-svelte"
 import replace from "@rollup/plugin-replace"
 import { defineConfig, loadEnv } from "vite"
+import { viteStaticCopy } from "vite-plugin-static-copy"
 import path from "path"
 
 const ignoredWarnings = [
@@ -11,9 +12,31 @@ const ignoredWarnings = [
   "a11y-click-events-have-key-events",
 ]
 
+const copyFonts = dest =>
+  viteStaticCopy({
+    targets: [
+      {
+        src: "../../node_modules/@fontsource/source-sans-pro",
+        dest,
+      },
+      {
+        src: "../../node_modules/remixicon/fonts/*",
+        dest,
+      },
+    ],
+  })
+
 export default defineConfig(({ mode }) => {
   const isProduction = mode === "production"
   const env = loadEnv(mode, process.cwd())
+
+  // Plugins to only run in dev
+  const devOnlyPlugins = [
+    // Copy fonts to an additional path so that svelte's automatic
+    // prefixing of the base URL path can still resolve assets
+    copyFonts("builder/fonts"),
+  ]
+
   return {
     test: {
       setupFiles: ["./vitest.setup.js"],
@@ -59,6 +82,8 @@ export default defineConfig(({ mode }) => {
         ),
         "process.env.SENTRY_DSN": JSON.stringify(process.env.SENTRY_DSN),
       }),
+      copyFonts("fonts"),
+      ...(isProduction ? [] : devOnlyPlugins),
     ],
     optimizeDeps: {
       exclude: ["@roxi/routify"],

packages/cli/package.json

@@ -49,7 +49,7 @@
     "pouchdb": "7.3.0",
     "pouchdb-replication-stream": "1.2.9",
     "randomstring": "1.1.5",
-    "tar": "6.1.11",
+    "tar": "6.1.15",
     "yaml": "^2.1.1"
   },
   "devDependencies": {

packages/client/src/api/api.js

@@ -1,7 +1,6 @@
 import { createAPIClient } from "@budibase/frontend-core"
-import { notificationStore } from "../stores/notification.js"
 import { authStore } from "../stores/auth.js"
-import { devToolsStore } from "../stores/devTools.js"
+import { notificationStore, devToolsEnabled, devToolsStore } from "../stores/"
 import { get } from "svelte/store"
 
 export const API = createAPIClient({
@@ -25,9 +24,10 @@ export const API = createAPIClient({
     }
 
     // Add role header
-    const devToolsState = get(devToolsStore)
+    const $devToolsStore = get(devToolsStore)
-    if (devToolsState.enabled && devToolsState.role) {
+    const $devToolsEnabled = get(devToolsEnabled)
-      headers["x-budibase-role"] = devToolsState.role
+    if ($devToolsEnabled && $devToolsStore.role) {
+      headers["x-budibase-role"] = $devToolsStore.role
     }
   },
 

packages/client/src/components/ClientApp.svelte

@@ -17,6 +17,7 @@
     appStore,
     devToolsStore,
     environmentStore,
+    devToolsEnabled,
   } from "stores"
   import NotificationDisplay from "components/overlay/NotificationDisplay.svelte"
   import ConfirmationDisplay from "components/overlay/ConfirmationDisplay.svelte"
@@ -47,10 +48,7 @@
   let permissionError = false
 
   // Determine if we should show devtools or not
-  $: showDevTools =
+  $: showDevTools = $devToolsEnabled && !$routeStore.queryParams?.peek
-    !$builderStore.inBuilder &&
-    $devToolsStore.enabled &&
-    !$routeStore.queryParams?.peek
 
   // Handle no matching route
   $: {
@@ -107,6 +105,7 @@
     lang="en"
     dir="ltr"
     class="spectrum spectrum--medium {$themeStore.baseTheme} {$themeStore.theme}"
+    class:builder={$builderStore.inBuilder}
   >
     <DeviceBindingsProvider>
       <UserBindingsProvider>
@@ -223,12 +222,14 @@
     overflow: hidden;
     height: 100%;
     width: 100%;
-    background: transparent;
     display: flex;
     flex-direction: row;
     justify-content: center;
     align-items: center;
   }
+  #spectrum-root.builder {
+    background: transparent;
+  }
 
   #clip-root {
     max-width: 100%;

packages/client/src/components/app/Layout.svelte

@@ -180,10 +180,7 @@
               {/if}
               <div class="logo">
                 {#if !hideLogo}
-                  <img
+                  <img src={logoUrl || "/builder/bblogo.png"} alt={title} />
-                    src={logoUrl || "https://i.imgur.com/Xhdt1YP.png"}
-                    alt={title}
-                  />
                 {/if}
                 {#if !hideTitle && title}
                   <Heading size="S">{title}</Heading>

packages/client/src/components/app/deprecated/Navigation.svelte

@@ -18,7 +18,7 @@
         <img
           class="logo"
           alt="logo"
-          src={logoUrl || "https://i.imgur.com/Xhdt1YP.png"}
+          src={logoUrl || "/builder/bblogo.png"}
           height="48"
         />
       </a>

packages/client/src/components/devtools/DevToolsHeader.svelte

@@ -1,5 +1,5 @@
 <script>
-  import { Heading, Button, Select } from "@budibase/bbui"
+  import { Heading, Select, ActionButton } from "@budibase/bbui"
   import { devToolsStore } from "../../stores"
   import { getContext } from "svelte"
 
@@ -30,7 +30,7 @@
 </script>
 
 <div class="dev-preview-header" class:mobile={$context.device.mobile}>
-  <Heading size="XS">Budibase App Preview</Heading>
+  <Heading size="XS">Preview</Heading>
   <Select
     quiet
     options={previewOptions}
@@ -40,36 +40,57 @@
     on:change={e => devToolsStore.actions.changeRole(e.detail)}
   />
   {#if !$context.device.mobile}
-    <Button
+    <ActionButton
       quiet
-      overBackground
       icon="Code"
       on:click={() => devToolsStore.actions.setVisible(!$devToolsStore.visible)}
     >
       {$devToolsStore.visible ? "Close" : "Open"} DevTools
-    </Button>
+    </ActionButton>
   {/if}
+  <ActionButton
+    quiet
+    icon="Close"
+    on:click={() => window.parent.closePreview?.()}
+  >
+    Close preview
+  </ActionButton>
 </div>
 
 <style>
   .dev-preview-header {
-    flex: 0 0 50px;
+    flex: 0 0 60px;
-    height: 50px;
     display: grid;
     align-items: center;
-    background-color: var(--spectrum-global-color-blue-400);
+    background-color: black;
     padding: 0 var(--spacing-xl);
-    grid-template-columns: 1fr auto auto;
+    grid-template-columns: 1fr auto auto auto;
     grid-gap: var(--spacing-xl);
   }
   .dev-preview-header.mobile {
-    flex: 0 0 50px;
+    grid-template-columns: 1fr auto auto;
-    grid-template-columns: 1fr auto;
   }
   .dev-preview-header :global(.spectrum-Heading),
   .dev-preview-header :global(.spectrum-Picker-menuIcon),
-  .dev-preview-header :global(.spectrum-Picker-label) {
+  .dev-preview-header :global(.spectrum-Icon),
-    color: white !important;
+  .dev-preview-header :global(.spectrum-Picker-label),
+  .dev-preview-header :global(.spectrum-ActionButton) {
+    font-weight: 600;
+    color: white;
+  }
+  .dev-preview-header :global(.spectrum-Picker) {
+    padding-left: 8px;
+    padding-right: 8px;
+    transition: background 130ms ease-out;
+    border-radius: 4px;
+  }
+  .dev-preview-header :global(.spectrum-ActionButton:hover),
+  .dev-preview-header :global(.spectrum-Picker:hover),
+  .dev-preview-header :global(.spectrum-Picker.is-open) {
+    background: rgba(255, 255, 255, 0.1);
+  }
+  .dev-preview-header :global(.spectrum-ActionButton:active) {
+    background: rgba(255, 255, 255, 0.2);
   }
   @media print {
     .dev-preview-header {

packages/client/src/index.js

@@ -2,7 +2,6 @@ import ClientApp from "./components/ClientApp.svelte"
 import {
   builderStore,
   appStore,
-  devToolsStore,
   blockStore,
   componentStore,
   environmentStore,
@@ -51,11 +50,6 @@ const loadBudibase = async () => {
     await environmentStore.actions.fetchEnvironment()
   }
 
-  // Enable dev tools or not. We need to be using a dev app and not inside
-  // the builder preview to enable them.
-  const enableDevTools = !get(builderStore).inBuilder && get(appStore).isDevApp
-  devToolsStore.actions.setEnabled(enableDevTools)
-
   // Register handler for runtime events from the builder
   window.handleBuilderRuntimeEvent = (type, data) => {
     if (!window["##BUDIBASE_IN_BUILDER##"]) {

packages/client/src/licensing/utils.js

@@ -1,18 +1,30 @@
 import { authStore } from "../stores/auth.js"
+import { appStore } from "../stores/app.js"
 import { get } from "svelte/store"
 import { Constants } from "@budibase/frontend-core"
 
-const getLicense = () => {
+const getUserLicense = () => {
   const user = get(authStore)
   if (user) {
     return user.license
   }
 }
 
+const getAppLicenseType = () => {
+  const appDef = get(appStore)
+  if (appDef?.licenseType) {
+    return appDef.licenseType
+  }
+}
+
 export const isFreePlan = () => {
-  const license = getLicense()
+  let licenseType = getAppLicenseType()
-  if (license) {
+  if (!licenseType) {
-    return license.plan.type === Constants.PlanType.FREE
+    const license = getUserLicense()
+    licenseType = license?.plan?.type
+  }
+  if (licenseType) {
+    return licenseType === Constants.PlanType.FREE
   } else {
     // safety net - no license means free plan
     return true

packages/client/src/stores/derived/currentRole.js

@@ -2,13 +2,14 @@ import { derived } from "svelte/store"
 import { Constants } from "@budibase/frontend-core"
 import { devToolsStore } from "../devTools.js"
 import { authStore } from "../auth.js"
+import { devToolsEnabled } from "./devToolsEnabled.js"
 
 // Derive the current role of the logged-in user
 export const currentRole = derived(
-  [devToolsStore, authStore],
+  [devToolsEnabled, devToolsStore, authStore],
-  ([$devToolsStore, $authStore]) => {
+  ([$devToolsEnabled, $devToolsStore, $authStore]) => {
     return (
-      ($devToolsStore.enabled && $devToolsStore.role) ||
+      ($devToolsEnabled && $devToolsStore.role) ||
       $authStore?.roleId ||
       Constants.Roles.PUBLIC
     )

packages/client/src/stores/derived/devToolsEnabled.js

@@ -0,0 +1,10 @@
+import { derived } from "svelte/store"
+import { appStore } from "../app.js"
+import { builderStore } from "../builder.js"
+
+export const devToolsEnabled = derived(
+  [appStore, builderStore],
+  ([$appStore, $builderStore]) => {
+    return !$builderStore.inBuilder && $appStore.isDevApp
+  }
+)

packages/client/src/stores/derived/index.js

@@ -3,3 +3,4 @@
 // separately we can keep our actual stores lean and performant.
 export { currentRole } from "./currentRole.js"
 export { dndComponentPath } from "./dndComponentPath.js"
+export { devToolsEnabled } from "./devToolsEnabled.js"

packages/client/src/stores/devTools.js

@@ -4,7 +4,6 @@ import { authStore } from "./auth"
 import { API } from "../api"
 
 const initialState = {
-  enabled: false,
   visible: false,
   allowSelection: false,
   role: null,
@@ -13,13 +12,6 @@ const initialState = {
 const createDevToolStore = () => {
   const store = createLocalStorageStore("bb-devtools", initialState)
 
-  const setEnabled = enabled => {
-    store.update(state => ({
-      ...state,
-      enabled,
-    }))
-  }
-
   const setVisible = visible => {
     store.update(state => ({
       ...state,
@@ -46,7 +38,7 @@ const createDevToolStore = () => {
 
   return {
     subscribe: store.subscribe,
-    actions: { setEnabled, setVisible, setAllowSelection, changeRole },
+    actions: { setVisible, setAllowSelection, changeRole },
   }
 }
 

packages/frontend-core/src/components/grid/layout/NewRow.svelte

@@ -148,9 +148,9 @@
     class:floating={offset > 0}
     style="--offset:{offset}px; --sticky-width:{width}px;"
   >
-    <div class="underlay sticky" transition:fade={{ duration: 130 }} />
+    <div class="underlay sticky" transition:fade|local={{ duration: 130 }} />
-    <div class="underlay" transition:fade={{ duration: 130 }} />
+    <div class="underlay" transition:fade|local={{ duration: 130 }} />
-    <div class="sticky-column" transition:fade={{ duration: 130 }}>
+    <div class="sticky-column" transition:fade|local={{ duration: 130 }}>
       <GutterCell on:expand={addViaModal} rowHovered>
         <Icon name="Add" color="var(--spectrum-global-color-gray-500)" />
         {#if isAdding}
@@ -179,7 +179,7 @@
         </DataCell>
       {/if}
     </div>
-    <div class="normal-columns" transition:fade={{ duration: 130 }}>
+    <div class="normal-columns" transition:fade|local={{ duration: 130 }}>
       <GridScrollWrapper scrollHorizontally wheelInteractive>
         <div class="row">
           {#each $renderedColumns as column, columnIdx}
@@ -209,7 +209,7 @@
         </div>
       </GridScrollWrapper>
     </div>
-    <div class="buttons" transition:fade={{ duration: 130 }}>
+    <div class="buttons" transition:fade|local={{ duration: 130 }}>
       <Button size="M" cta on:click={addRow} disabled={isAdding}>
         <div class="button-with-keys">
           Save

packages/pro

@@ -1 +1 @@
-Subproject commit 01fbc8670021c5a275c2a1a36ee18b984eeafad5
+Subproject commit f4b8449aac9bd265214396afbdce7ff984a2ae34

packages/server/nodemon.json

@@ -6,5 +6,5 @@
     "src/**/*.spec.js",
     "../backend-core/dist/**/*"
   ],
-  "exec": "node ./scripts/build.js && node ./dist/index.js"
+  "exec": "yarn build && node ./dist/index.js"
 }

packages/server/package.json

@@ -63,6 +63,7 @@
     "airtable": "0.10.1",
     "arangojs": "7.2.0",
     "aws-sdk": "2.1030.0",
+    "bcrypt": "5.1.0",
     "bcryptjs": "2.4.3",
     "bull": "4.10.1",
     "chmodr": "1.2.0",
@@ -117,7 +118,7 @@
     "socket.io": "4.6.1",
     "svelte": "3.49.0",
     "swagger-parser": "10.0.3",
-    "tar": "6.1.11",
+    "tar": "6.1.15",
     "to-json-schema": "0.2.5",
     "uuid": "3.3.2",
     "validate.js": "0.13.1",
@@ -150,7 +151,7 @@
     "@types/redis": "4.0.11",
     "@types/server-destroy": "1.0.1",
     "@types/supertest": "2.0.12",
-    "@types/tar": "6.1.3",
+    "@types/tar": "6.1.5",
     "@typescript-eslint/parser": "5.45.0",
     "apidoc": "0.50.4",
     "babel-jest": "29.5.0",

packages/server/src/api/controllers/application.ts

@@ -1,53 +1,54 @@
 import env from "../../environment"
 import {
+  createAllSearchIndex,
   createLinkView,
   createRoutingView,
-  createAllSearchIndex,
 } from "../../db/views/staticViews"
-import { createApp, deleteApp } from "../../utilities/fileSystem"
 import {
+  backupClientLibrary,
+  createApp,
+  deleteApp,
+  revertClientLibrary,
+  updateClientLibrary,
+} from "../../utilities/fileSystem"
+import {
+  AppStatus,
+  DocumentType,
   generateAppID,
+  generateDevAppID,
   getLayoutParams,
   getScreenParams,
-  generateDevAppID,
-  DocumentType,
-  AppStatus,
 } from "../../db/utils"
 import {
-  db as dbCore,
-  roles,
   cache,
-  tenancy,
   context,
+  db as dbCore,
+  env as envCore,
+  ErrorCode,
   events,
   migrations,
   objectStore,
-  ErrorCode,
+  roles,
-  env as envCore,
+  tenancy,
 } from "@budibase/backend-core"
 import { USERS_TABLE_SCHEMA } from "../../constants"
 import {
-  DEFAULT_BB_DATASOURCE_ID,
   buildDefaultDocs,
+  DEFAULT_BB_DATASOURCE_ID,
 } from "../../db/defaultData/datasource_bb_default"
 import { removeAppFromUserRoles } from "../../utilities/workerRequests"
-import { stringToReadStream, isQsTrue } from "../../utilities"
+import { stringToReadStream } from "../../utilities"
-import { getLocksById, doesUserHaveLock } from "../../utilities/redis"
+import { doesUserHaveLock, getLocksById } from "../../utilities/redis"
-import {
-  updateClientLibrary,
-  backupClientLibrary,
-  revertClientLibrary,
-} from "../../utilities/fileSystem"
 import { cleanupAutomations } from "../../automations/utils"
 import { checkAppMetadata } from "../../automations/logging"
 import { getUniqueRows } from "../../utilities/usageQuota/rows"
-import { quotas, groups } from "@budibase/pro"
+import { groups, licensing, quotas } from "@budibase/pro"
 import {
   App,
   Layout,
-  Screen,
   MigrationType,
-  Database,
+  PlanType,
+  Screen,
   UserCtx,
 } from "@budibase/types"
 import { BASE_LAYOUT_PROP_IDS } from "../../constants/layouts"
@@ -114,7 +115,18 @@ function checkAppName(
   }
 }
 
-async function createInstance(appId: string, template: any) {
+interface AppTemplate {
+  templateString: string
+  useTemplate: string
+  file?: {
+    type: string
+    path: string
+    password?: string
+  }
+  key?: string
+}
+
+async function createInstance(appId: string, template: AppTemplate) {
   const db = context.getAppDB()
   await db.put({
     _id: "_design/database",
@@ -207,6 +219,7 @@ export async function fetchAppPackage(ctx: UserCtx) {
   let application = await db.get(DocumentType.APP_METADATA)
   const layouts = await getLayouts()
   let screens = await getScreens()
+  const license = await licensing.cache.getCachedLicense()
 
   // Enrich plugin URLs
   application.usedPlugins = objectStore.enrichPluginURLs(
@@ -227,6 +240,7 @@ export async function fetchAppPackage(ctx: UserCtx) {
 
   ctx.body = {
     application: { ...application, upgradableVersion: envCore.VERSION },
+    licenseType: license?.plan.type || PlanType.FREE,
     screens,
     layouts,
     clientLibPath,
@@ -237,19 +251,24 @@ export async function fetchAppPackage(ctx: UserCtx) {
 async function performAppCreate(ctx: UserCtx) {
   const apps = (await dbCore.getAllApps({ dev: true })) as App[]
   const name = ctx.request.body.name,
-    possibleUrl = ctx.request.body.url
+    possibleUrl = ctx.request.body.url,
+    encryptionPassword = ctx.request.body.encryptionPassword
+
   checkAppName(ctx, apps, name)
   const url = sdk.applications.getAppUrl({ name, url: possibleUrl })
   checkAppUrl(ctx, apps, url)
 
   const { useTemplate, templateKey, templateString } = ctx.request.body
-  const instanceConfig: any = {
+  const instanceConfig: AppTemplate = {
     useTemplate,
     key: templateKey,
     templateString,
   }
   if (ctx.request.files && ctx.request.files.templateFile) {
-    instanceConfig.file = ctx.request.files.templateFile
+    instanceConfig.file = {
+      ...(ctx.request.files.templateFile as any),
+      password: encryptionPassword,
+    }
   }
   const tenantId = tenancy.isMultiTenant() ? tenancy.getTenantId() : null
   const appId = generateDevAppID(generateAppID(tenantId))

packages/server/src/api/controllers/backup.ts

@@ -1,17 +1,31 @@
 import sdk from "../../sdk"
-import { events, context } from "@budibase/backend-core"
+import { events, context, db } from "@budibase/backend-core"
 import { DocumentType } from "../../db/utils"
-import { isQsTrue } from "../../utilities"
+import { Ctx } from "@budibase/types"
+
+interface ExportAppDumpRequest {
+  excludeRows: boolean
+  encryptPassword?: string
+}
+
+export async function exportAppDump(ctx: Ctx<ExportAppDumpRequest>) {
+  const { appId } = ctx.query as any
+  const { excludeRows, encryptPassword } = ctx.request.body
+
+  const [app] = await db.getAppsByIDs([appId])
+  const appName = app.name
 
-export async function exportAppDump(ctx: any) {
-  let { appId, excludeRows } = ctx.query
   // remove the 120 second limit for the request
   ctx.req.setTimeout(0)
-  const appName = decodeURI(ctx.query.appname)
+
-  excludeRows = isQsTrue(excludeRows)
+  const extension = encryptPassword ? "enc.tar.gz" : "tar.gz"
-  const backupIdentifier = `${appName}-export-${new Date().getTime()}.tar.gz`
+  const backupIdentifier = `${appName}-export-${new Date().getTime()}.${extension}`
   ctx.attachment(backupIdentifier)
-  ctx.body = await sdk.backups.streamExportApp(appId, excludeRows)
+  ctx.body = await sdk.backups.streamExportApp({
+    appId,
+    excludeRows,
+    encryptPassword,
+  })
 
   await context.doInAppContext(appId, async () => {
     const appDb = context.getAppDB()

packages/server/src/api/controllers/role.ts

@@ -4,7 +4,7 @@ import {
   getUserMetadataParams,
   InternalTables,
 } from "../../db/utils"
-import { BBContext, Database } from "@budibase/types"
+import { UserCtx, Database } from "@budibase/types"
 
 const UpdateRolesOptions = {
   CREATED: "created",
@@ -38,15 +38,15 @@ async function updateRolesOnUserTable(
   }
 }
 
-export async function fetch(ctx: BBContext) {
+export async function fetch(ctx: UserCtx) {
   ctx.body = await roles.getAllRoles()
 }
 
-export async function find(ctx: BBContext) {
+export async function find(ctx: UserCtx) {
   ctx.body = await roles.getRole(ctx.params.roleId)
 }
 
-export async function save(ctx: BBContext) {
+export async function save(ctx: UserCtx) {
   const db = context.getAppDB()
   let { _id, name, inherits, permissionId } = ctx.request.body
   let isCreate = false
@@ -72,7 +72,7 @@ export async function save(ctx: BBContext) {
   ctx.message = `Role '${role.name}' created successfully.`
 }
 
-export async function destroy(ctx: BBContext) {
+export async function destroy(ctx: UserCtx) {
   const db = context.getAppDB()
   const roleId = ctx.params.roleId
   const role = await db.get(roleId)

packages/server/src/api/controllers/routing.ts

@@ -1,6 +1,6 @@
 import { getRoutingInfo } from "../../utilities/routing"
 import { roles } from "@budibase/backend-core"
-import { BBContext } from "@budibase/types"
+import { UserCtx } from "@budibase/types"
 
 const URL_SEPARATOR = "/"
 
@@ -56,11 +56,11 @@ async function getRoutingStructure() {
   return { routes: routing.json }
 }
 
-export async function fetch(ctx: BBContext) {
+export async function fetch(ctx: UserCtx) {
   ctx.body = await getRoutingStructure()
 }
 
-export async function clientFetch(ctx: BBContext) {
+export async function clientFetch(ctx: UserCtx) {
   const routing = await getRoutingStructure()
   let roleId = ctx.user?.role?._id
   const roleIds = (await roles.getUserRoleHierarchy(roleId, {

packages/server/src/api/controllers/row/ExternalRequest.ts

@@ -19,6 +19,7 @@ import {
   breakRowIdField,
   convertRowId,
   generateRowIdField,
+  getPrimaryDisplay,
   isRowId,
   isSQL,
 } from "../../../integrations/utils"
@@ -391,7 +392,10 @@ export class ExternalRequest {
           }
         }
         relatedRow = processFormulas(linkedTable, relatedRow)
-        const relatedDisplay = display ? relatedRow[display] : undefined
+        let relatedDisplay
+        if (display) {
+          relatedDisplay = getPrimaryDisplay(relatedRow[display])
+        }
         row[relationship.column][key] = {
           primaryDisplay: relatedDisplay || "Invalid display column",
           _id: relatedRow._id,

packages/server/src/api/controllers/row/external.ts

@@ -237,9 +237,15 @@ export async function exportRows(ctx: UserCtx) {
     ctx.request.body = {
       query: {
         oneOf: {
-          _id: ctx.request.body.rows.map(
+          _id: ctx.request.body.rows.map((row: string) => {
-            (row: string) => JSON.parse(decodeURI(row))[0]
+            const ids = JSON.parse(
-          ),
+              decodeURI(row).replace(/'/g, `"`).replace(/%2C/g, ",")
+            )
+            if (ids.length > 1) {
+              ctx.throw(400, "Export data does not support composite keys.")
+            }
+            return ids[0]
+          }),
         },
       },
     }

packages/server/src/api/controllers/static/templates/BudibaseApp.svelte

@@ -40,19 +40,14 @@
   {#if favicon !== ""}
     <link rel="icon" type="image/png" href={favicon} />
   {:else}
-    <link rel="icon" type="image/png" href="https://i.imgur.com/Xhdt1YP.png" />
+    <link rel="icon" type="image/png" href="/builder/bblogo.png" />
   {/if}
 
-  <link rel="stylesheet" href="https://rsms.me/inter/inter.css" />
+  <link href="/builder/fonts/source-sans-pro/400.css" rel="stylesheet" />
-  <link rel="preconnect" href="https://fonts.gstatic.com" />
+  <link href="/builder/fonts/source-sans-pro/600.css" rel="stylesheet" />
-  <link
+  <link href="/builder/fonts/source-sans-pro/700.css" rel="stylesheet" />
-    href="https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap"
+  <link href="/builder/fonts/remixicon.css" rel="stylesheet" />
-    rel="stylesheet"
+
-  />
-  <link
-    href="https://cdn.jsdelivr.net/npm/remixicon@2.5.0/fonts/remixicon.css"
-    rel="stylesheet"
-  />
   <style>
     html,
     body {

packages/server/src/api/controllers/static/templates/preview.hbs

@@ -1,16 +1,10 @@
 <html lang="en">
 <head>
   <title>Budibase Builder Preview</title>
-  <link rel="stylesheet" href="https://rsms.me/inter/inter.css" />
+	<link href="/builder/fonts/source-sans-pro/400.css" rel="stylesheet" />
-  <link rel="preconnect" href="https://fonts.gstatic.com" />
+	<link href="/builder/fonts/source-sans-pro/600.css" rel="stylesheet" />
-  <link
+	<link href="/builder/fonts/source-sans-pro/700.css" rel="stylesheet" />
-    href="https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap"
+	<link href="/builder/fonts/remixicon.css" rel="stylesheet" />
-    rel="stylesheet"
-  />
-  <link
-    href="https://cdn.jsdelivr.net/npm/remixicon@2.5.0/fonts/remixicon.css"
-    rel="stylesheet"
-  />
   <style>
     html, body {
       padding: 0;

packages/server/src/api/controllers/tests/row.spec.ts

@@ -0,0 +1,120 @@
+import { exportRows } from "../row/external"
+import sdk from "../../../sdk"
+import { ExternalRequest } from "../row/ExternalRequest"
+
+// @ts-ignore
+sdk.datasources = {
+  get: jest.fn(),
+}
+
+jest.mock("../row/ExternalRequest")
+jest.mock("../view/exporters", () => ({
+  csv: jest.fn(),
+  Format: {
+    CSV: "csv",
+  },
+}))
+jest.mock("../../../utilities/fileSystem")
+
+function getUserCtx() {
+  return {
+    params: {
+      tableId: "datasource__tablename",
+    },
+    query: {
+      format: "csv",
+    },
+    request: {
+      body: {},
+    },
+    throw: jest.fn(() => {
+      throw "Err"
+    }),
+    attachment: jest.fn(),
+  }
+}
+
+describe("external row controller", () => {
+  describe("exportRows", () => {
+    beforeAll(() => {
+      //@ts-ignore
+      jest.spyOn(ExternalRequest.prototype, "run").mockImplementation(() => [])
+    })
+
+    afterEach(() => {
+      jest.clearAllMocks()
+    })
+
+    it("should throw a 400 if no datasource entities are present", async () => {
+      let userCtx = getUserCtx()
+      try {
+        //@ts-ignore
+        await exportRows(userCtx)
+      } catch (e) {
+        expect(userCtx.throw).toHaveBeenCalledWith(
+          400,
+          "Datasource has not been configured for plus API."
+        )
+      }
+    })
+
+    it("should handle single quotes from a row ID", async () => {
+      //@ts-ignore
+      sdk.datasources.get.mockImplementation(() => ({
+        entities: {
+          tablename: {
+            schema: {},
+          },
+        },
+      }))
+      let userCtx = getUserCtx()
+      userCtx.request.body = {
+        rows: ["['d001']"],
+      }
+
+      //@ts-ignore
+      await exportRows(userCtx)
+
+      expect(userCtx.request.body).toEqual({
+        query: {
+          oneOf: {
+            _id: ["d001"],
+          },
+        },
+      })
+    })
+
+    it("should throw a 400 if any composite keys are present", async () => {
+      let userCtx = getUserCtx()
+      userCtx.request.body = {
+        rows: ["[123]", "['d001'%2C'10111']"],
+      }
+      try {
+        //@ts-ignore
+        await exportRows(userCtx)
+      } catch (e) {
+        expect(userCtx.throw).toHaveBeenCalledWith(
+          400,
+          "Export data does not support composite keys."
+        )
+      }
+    })
+
+    it("should throw a 400 if no table name was found", async () => {
+      let userCtx = getUserCtx()
+      userCtx.params.tableId = "datasource__"
+      userCtx.request.body = {
+        rows: ["[123]"],
+      }
+      try {
+        //@ts-ignore
+        await exportRows(userCtx)
+      } catch (e) {
+        expect(userCtx.throw).toHaveBeenCalledWith(
+          400,
+          "Could not find table name."
+        )
+      }
+    })
+  })
+})

packages/server/src/api/routes/backup.ts

@@ -5,7 +5,7 @@ import { permissions } from "@budibase/backend-core"
 
 const router: Router = new Router()
 
-router.get(
+router.post(
   "/api/backups/export",
   authorized(permissions.BUILDER),
   controller.exportAppDump

packages/server/src/api/routes/tests/backup.spec.ts

@@ -1,7 +1,9 @@
+import tk from "timekeeper"
 import * as setup from "./utilities"
 import { events } from "@budibase/backend-core"
 import sdk from "../../../sdk"
 import { checkBuilderEndpoint } from "./utilities/TestFunctions"
+import { mocks } from "@budibase/backend-core/tests"
 
 describe("/backups", () => {
   let request = setup.getRequest()
@@ -16,7 +18,7 @@ describe("/backups", () => {
   describe("exportAppDump", () => {
     it("should be able to export app", async () => {
       const res = await request
-        .get(`/api/backups/export?appId=${config.getAppId()}&appname=test`)
+        .post(`/api/backups/export?appId=${config.getAppId()}`)
         .set(config.defaultHeaders())
         .expect(200)
       expect(res.headers["content-type"]).toEqual("application/gzip")
@@ -26,10 +28,24 @@ describe("/backups", () => {
     it("should apply authorization to endpoint", async () => {
       await checkBuilderEndpoint({
         config,
-        method: "GET",
+        method: "POST",
         url: `/api/backups/export?appId=${config.getAppId()}`,
       })
     })
+
+    it("should infer the app name from the app", async () => {
+      tk.freeze(mocks.date.MOCK_DATE)
+
+      const res = await request
+        .post(`/api/backups/export?appId=${config.getAppId()}`)
+        .set(config.defaultHeaders())
+
+      expect(res.headers["content-disposition"]).toEqual(
+        `attachment; filename="${
+          config.getApp()!.name
+        }-export-${mocks.date.MOCK_DATE.getTime()}.tar.gz"`
+      )
+    })
   })
 
   describe("calculateBackupStats", () => {

packages/server/src/app.ts

@@ -15,7 +15,6 @@ import * as api from "./api"
 import * as automations from "./automations"
 import { Thread } from "./threads"
 import * as redis from "./utilities/redis"
-import { initialise as initialiseWebsockets } from "./websockets"
 import { events, logging, middleware, timers } from "@budibase/backend-core"
 import { startup } from "./startup"
 const Sentry = require("@sentry/node")

packages/server/src/integrations/mongodb.ts

@@ -489,7 +489,11 @@ class MongoIntegration implements IntegrationBase {
 
       switch (query.extra.actionType) {
         case "find": {
+          if (json) {
             return await collection.find(json).toArray()
+          } else {
+            return await collection.find().toArray()
+          }
         }
         case "findOne": {
           return await collection.findOne(json)

packages/server/src/integrations/mysql.ts

@@ -91,7 +91,7 @@ const SCHEMA: Integration = {
   },
 }
 
-function bindingTypeCoerce(bindings: any[]) {
+export function bindingTypeCoerce(bindings: any[]) {
   for (let i = 0; i < bindings.length; i++) {
     const binding = bindings[i]
     if (typeof binding !== "string") {
@@ -109,7 +109,12 @@ function bindingTypeCoerce(bindings: any[]) {
       dayjs(binding).isValid() &&
       !binding.includes(",")
     ) {
-      bindings[i] = dayjs(binding).toDate()
+      let value: any
+      value = new Date(binding)
+      if (isNaN(value)) {
+        value = binding
+      }
+      bindings[i] = value
     }
   }
   return bindings

packages/server/src/integrations/postgres.ts

@@ -20,7 +20,7 @@ import Sql from "./base/sql"
 import { PostgresColumn } from "./base/types"
 import { escapeDangerousCharacters } from "../utilities"
 
-import { Client, types } from "pg"
+import { Client, ClientConfig, types } from "pg"
 
 // Return "date" and "timestamp" types as plain strings.
 // This lets us reference the original stored timezone.
@@ -42,6 +42,8 @@ interface PostgresConfig {
   schema: string
   ssl?: boolean
   ca?: string
+  clientKey?: string
+  clientCert?: string
   rejectUnauthorized?: boolean
 }
 
@@ -98,6 +100,19 @@ const SCHEMA: Integration = {
       required: false,
     },
     ca: {
+      display: "Server CA",
+      type: DatasourceFieldType.LONGFORM,
+      default: false,
+      required: false,
+    },
+    clientKey: {
+      display: "Client key",
+      type: DatasourceFieldType.LONGFORM,
+      default: false,
+      required: false,
+    },
+    clientCert: {
+      display: "Client cert",
       type: DatasourceFieldType.LONGFORM,
       default: false,
       required: false,
@@ -144,12 +159,14 @@ class PostgresIntegration extends Sql implements DatasourcePlus {
     super(SqlClient.POSTGRES)
     this.config = config
 
-    let newConfig = {
+    let newConfig: ClientConfig = {
       ...this.config,
       ssl: this.config.ssl
         ? {
             rejectUnauthorized: this.config.rejectUnauthorized,
             ca: this.config.ca,
+            key: this.config.clientKey,
+            cert: this.config.clientCert,
           }
         : undefined,
     }

packages/server/src/integrations/tests/mysql.spec.ts

@@ -1,4 +1,4 @@
-import { default as MySQLIntegration } from "../mysql"
+import { default as MySQLIntegration, bindingTypeCoerce } from "../mysql"
 jest.mock("mysql2")
 
 class TestConfiguration {
@@ -131,3 +131,21 @@ describe("MySQL Integration", () => {
     })
   })
 })
+
+describe("bindingTypeCoercion", () => {
+  it("shouldn't coerce something that looks like a date", () => {
+    const response = bindingTypeCoerce(["202205-1500"])
+    expect(response[0]).toBe("202205-1500")
+  })
+
+  it("should coerce an actual date", () => {
+    const date = new Date("2023-06-13T14:24:22.620Z")
+    const response = bindingTypeCoerce(["2023-06-13T14:24:22.620Z"])
+    expect(response[0]).toEqual(date)
+  })
+
+  it("should coerce numbers", () => {
+    const response = bindingTypeCoerce(["0"])
+    expect(response[0]).toEqual(0)
+  })
+})

packages/server/src/integrations/utils.ts

@@ -328,3 +328,27 @@ export function finaliseExternalTables(
     .reduce((r, [k, v]) => ({ ...r, [k]: v }), {})
   return { tables: finalTables, errors }
 }
+
+/**
+ * Checks if the provided input is an object, but specifically not a date type object.
+ * Used during coercion of types and relationship handling, dates are considered valid
+ * and can be used as a display field, but objects and arrays cannot.
+ * @param testValue an unknown type which this function will attempt to extract
+ * a valid primary display string from.
+ */
+export function getPrimaryDisplay(testValue: unknown): string | undefined {
+  if (testValue instanceof Date) {
+    return testValue.toISOString()
+  }
+  if (
+    Array.isArray(testValue) &&
+    testValue[0] &&
+    typeof testValue[0] !== "object"
+  ) {
+    return testValue.join(", ")
+  }
+  if (typeof testValue === "object") {
+    return undefined
+  }
+  return testValue as string
+}

packages/server/src/middleware/currentapp.ts

@@ -103,7 +103,7 @@ export default async (ctx: UserCtx, next: any) => {
         userId,
         globalId,
         roleId,
-        role: await roles.getRole(roleId),
+        role: await roles.getRole(roleId, { defaultPublic: true }),
       }
     }
 

packages/server/src/sdk/app/backups/exports.ts

@@ -1,4 +1,4 @@
-import { db as dbCore, objectStore } from "@budibase/backend-core"
+import { db as dbCore, encryption, objectStore } from "@budibase/backend-core"
 import { budibaseTempDir } from "../../../utilities/budibaseDir"
 import { streamFile, createTempFolder } from "../../../utilities/fileSystem"
 import { ObjectStoreBuckets } from "../../../constants"
@@ -18,7 +18,8 @@ import { join } from "path"
 import env from "../../../environment"
 
 const uuid = require("uuid/v4")
-const tar = require("tar")
+import tar from "tar"
+
 const MemoryStream = require("memorystream")
 
 interface DBDumpOpts {
@@ -30,16 +31,18 @@ interface ExportOpts extends DBDumpOpts {
   tar?: boolean
   excludeRows?: boolean
   excludeLogs?: boolean
+  encryptPassword?: string
 }
 
 function tarFilesToTmp(tmpDir: string, files: string[]) {
-  const exportFile = join(budibaseTempDir(), `${uuid()}.tar.gz`)
+  const fileName = `${uuid()}.tar.gz`
+  const exportFile = join(budibaseTempDir(), fileName)
   tar.create(
     {
       sync: true,
       gzip: true,
       file: exportFile,
-      recursive: true,
+      noDirRecurse: false,
       cwd: tmpDir,
     },
     files
@@ -124,6 +127,7 @@ export async function exportApp(appId: string, config?: ExportOpts) {
       )
     }
   }
+
   const downloadedPath = join(tmpPath, appPath)
   if (fs.existsSync(downloadedPath)) {
     const allFiles = fs.readdirSync(downloadedPath)
@@ -141,12 +145,27 @@ export async function exportApp(appId: string, config?: ExportOpts) {
     filter: defineFilter(config?.excludeRows, config?.excludeLogs),
     exportPath: dbPath,
   })
+
+  if (config?.encryptPassword) {
+    for (let file of fs.readdirSync(tmpPath)) {
+      const path = join(tmpPath, file)
+
+      await encryption.encryptFile(
+        { dir: tmpPath, filename: file },
+        config.encryptPassword
+      )
+
+      fs.rmSync(path)
+    }
+  }
+
   // if tar requested, return where the tarball is
   if (config?.tar) {
     // now the tmpPath contains both the DB export and attachments, tar this
     const tarPath = tarFilesToTmp(tmpPath, fs.readdirSync(tmpPath))
     // cleanup the tmp export files as tarball returned
     fs.rmSync(tmpPath, { recursive: true, force: true })
+
     return tarPath
   }
   // tar not requested, turn the directory where export is
@@ -161,11 +180,20 @@ export async function exportApp(appId: string, config?: ExportOpts) {
  * @param {boolean} excludeRows Flag to state whether the export should include data.
  * @returns {*} a readable stream of the backup which is written in real time
  */
-export async function streamExportApp(appId: string, excludeRows: boolean) {
+export async function streamExportApp({
+  appId,
+  excludeRows,
+  encryptPassword,
+}: {
+  appId: string
+  excludeRows: boolean
+  encryptPassword?: string
+}) {
   const tmpPath = await exportApp(appId, {
     excludeRows,
     excludeLogs: true,
     tar: true,
+    encryptPassword,
   })
   return streamFile(tmpPath)
 }

packages/server/src/sdk/app/backups/imports.ts

@@ -1,4 +1,4 @@
-import { db as dbCore, objectStore } from "@budibase/backend-core"
+import { db as dbCore, encryption, objectStore } from "@budibase/backend-core"
 import { Database, Row } from "@budibase/types"
 import { getAutomationParams, TABLE_ROW_PREFIX } from "../../../db/utils"
 import { budibaseTempDir } from "../../../utilities/budibaseDir"
@@ -20,6 +20,7 @@ type TemplateType = {
   file?: {
     type: string
     path: string
+    password?: string
   }
   key?: string
 }
@@ -123,6 +124,22 @@ export function untarFile(file: { path: string }) {
   return tmpPath
 }
 
+async function decryptFiles(path: string, password: string) {
+  try {
+    for (let file of fs.readdirSync(path)) {
+      const inputPath = join(path, file)
+      const outputPath = inputPath.replace(/\.enc$/, "")
+      await encryption.decryptFile(inputPath, outputPath, password)
+      fs.rmSync(inputPath)
+    }
+  } catch (err: any) {
+    if (err.message === "incorrect header check") {
+      throw new Error("File cannot be imported")
+    }
+    throw err
+  }
+}
+
 export function getGlobalDBFile(tmpPath: string) {
   return fs.readFileSync(join(tmpPath, GLOBAL_DB_EXPORT_FILE), "utf8")
 }
@@ -143,6 +160,9 @@ export async function importApp(
     template.file && fs.lstatSync(template.file.path).isDirectory()
   if (template.file && (isTar || isDirectory)) {
     const tmpPath = isTar ? untarFile(template.file) : template.file.path
+    if (isTar && template.file.password) {
+      await decryptFiles(tmpPath, template.file.password)
+    }
     const contents = fs.readdirSync(tmpPath)
     // have to handle object import
     if (contents.length) {

packages/server/src/sdk/app/datasources/datasources.ts

@@ -135,7 +135,7 @@ export function mergeConfigs(update: Datasource, old: Datasource) {
   // specific to REST datasources, fix the auth configs again if required
   if (hasAuthConfigs(update)) {
     const configs = update.config.authConfigs as RestAuthConfig[]
-    const oldConfigs = old.config?.authConfigs as RestAuthConfig[]
+    const oldConfigs = (old.config?.authConfigs as RestAuthConfig[]) || []
     for (let config of configs) {
       if (config.type !== RestAuthType.BASIC) {
         continue

packages/worker/package.json

@@ -47,6 +47,7 @@
     "@techpass/passport-openidconnect": "0.3.2",
     "@types/global-agent": "2.1.1",
     "aws-sdk": "2.1030.0",
+    "bcrypt": "5.1.0",
     "bcryptjs": "2.4.3",
     "dd-trace": "3.13.2",
     "dotenv": "8.6.0",

packages/worker/src/api/controllers/global/users.ts

@@ -38,7 +38,7 @@ const MAX_USERS_UPLOAD_LIMIT = 1000
 
 export const save = async (ctx: UserCtx<User, SaveUserResponse>) => {
   try {
-    const currentUserId = ctx.user._id
+    const currentUserId = ctx.user?._id
     const requestUser = ctx.request.body
 
     const user = await userSdk.save(requestUser, { currentUserId })

qa-core/package.json

@@ -10,7 +10,8 @@
   },
   "scripts": {
     "setup": "yarn && node scripts/createEnv.js",
-    "test": "jest --runInBand --json --outputFile=testResults.json",
+    "user": "yarn && node scripts/createEnv.js && node scripts/createUser.js",
+    "test": "jest --runInBand --json --outputFile=testResults.json --forceExit",
     "test:watch": "yarn run test --watch",
     "test:debug": "DEBUG=1 yarn run test",
     "test:notify": "node scripts/testResultsWebhook",

qa-core/scripts/createUser.js

@@ -0,0 +1,49 @@
+const dotenv = require("dotenv")
+const { join } = require("path")
+const fs = require("fs")
+const fetch = require("node-fetch")
+
+function getVarFromDotEnv(path, varName) {
+  const parsed = dotenv.parse(fs.readFileSync(path))
+  return parsed[varName]
+}
+
+async function createUser() {
+  const serverPath = join(__dirname, "..", "..", "packages", "server", ".env")
+  const qaCorePath = join(__dirname, "..", ".env")
+  const apiKey = getVarFromDotEnv(serverPath, "INTERNAL_API_KEY")
+  const username = getVarFromDotEnv(qaCorePath, "BB_ADMIN_USER_EMAIL")
+  const password = getVarFromDotEnv(qaCorePath, "BB_ADMIN_USER_PASSWORD")
+  const url = getVarFromDotEnv(qaCorePath, "BUDIBASE_URL")
+  const resp = await fetch(`${url}/api/public/v1/users`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "x-budibase-api-key": apiKey,
+    },
+    body: JSON.stringify({
+      email: username,
+      password,
+      builder: {
+        global: true,
+      },
+      admin: {
+        global: true,
+      },
+      roles: {},
+    }),
+  })
+  if (resp.status !== 200) {
+    throw new Error(await resp.text())
+  } else {
+    return await resp.json()
+  }
+}
+
+createUser()
+  .then(() => {
+    console.log("User created - ready to use")
+  })
+  .catch(err => {
+    console.error("Failed to create user - ", err)
+  })

qa-core/src/account-api/api/AccountInternalAPIClient.ts

@@ -67,11 +67,12 @@ export default class AccountInternalAPIClient {
       }
       const message = `${method} ${url} - ${response.status}`
 
+      const isDebug = process.env.LOG_LEVEL === "debug"
       if (response.status > 499) {
         console.error(message, data)
       } else if (response.status >= 400) {
         console.warn(message, data)
-      } else {
+      } else if (isDebug) {
         console.debug(message, data)
       }
 

qa-core/src/internal-api/api/BudibaseInternalAPIClient.ts

@@ -58,11 +58,12 @@ class BudibaseInternalAPIClient {
       }
       const message = `${method} ${url} - ${response.status}`
 
+      const isDebug = process.env.LOG_LEVEL === "debug"
       if (response.status > 499) {
         console.error(message, data)
       } else if (response.status >= 400) {
         console.warn(message, data)
-      } else {
+      } else if (isDebug) {
         console.debug(message, data)
       }
 

qa-core/src/internal-api/tests/dataSources/mongoDB.integration.spec.ts

@@ -2,7 +2,7 @@ import TestConfiguration from "../../config/TestConfiguration"
 import * as fixtures from "../../fixtures"
 import { Query } from "@budibase/types"
 
-describe("Internal API - Data Sources: MongoDB", () => {
+xdescribe("Internal API - Data Sources: MongoDB", () => {
   const config = new TestConfiguration()
 
   beforeAll(async () => {

qa-core/src/jest/globalSetup.ts

@@ -1,3 +1,4 @@
+process.env.DISABLE_PINO_LOGGER = "1"
 import { DEFAULT_TENANT_ID, logging } from "@budibase/backend-core"
 import { AccountInternalAPI } from "../account-api"
 import * as fixtures from "../internal-api/fixtures"

qa-core/src/public-api/api/BudibasePublicAPIClient.ts

@@ -57,11 +57,12 @@ class BudibasePublicAPIClient {
       }
       const message = `${method} ${url} - ${response.status}`
 
+      const isDebug = process.env.LOG_LEVEL === "debug"
       if (response.status > 499) {
         console.error(message, data)
       } else if (response.status >= 400) {
         console.warn(message, data)
-      } else {
+      } else if (isDebug) {
         console.debug(message, data)
       }
 

scripts/build.js

@@ -8,10 +8,10 @@ const path = require("path")
 
 const { build } = require("esbuild")
 
-const { default: NodeResolve } = require("@esbuild-plugins/node-resolve")
 const {
   default: TsconfigPathsPlugin,
 } = require("@esbuild-plugins/tsconfig-paths")
+const { nodeExternalsPlugin } = require("esbuild-node-externals")
 
 var argv = require("minimist")(process.argv.slice(2))
 
@@ -25,32 +25,28 @@ function runBuild(entry, outfile) {
     minify: !isDev,
     sourcemap: isDev,
     tsconfig,
-    plugins: [
+    plugins: [TsconfigPathsPlugin({ tsconfig }), nodeExternalsPlugin()],
-      TsconfigPathsPlugin({ tsconfig }),
-      NodeResolve({
-        extensions: [".ts", ".js"],
-        onResolved: resolved => {
-          if (resolved.includes("node_modules") && !resolved.includes("/@budibase/pro/")) {
-            return {
-              external: true,
-            }
-          }
-          return resolved
-        },
-      }),
-    ],
     target: "node14",
     preserveSymlinks: true,
     loader: {
       ".svelte": "copy",
     },
+    metafile: true,
+    external: [
+      "deasync",
+      "mock-aws-s3",
+      "nock",
+      "pino",
+      "koa-pino-logger",
+      "bull",
+    ],
   }
 
   build({
     ...sharedConfig,
     platform: "node",
     outfile,
-  }).then(() => {
+  }).then(result => {
     glob(`${process.cwd()}/src/**/*.hbs`, {}, (err, files) => {
       for (const file of files) {
         fs.copyFileSync(file, `${process.cwd()}/dist/${path.basename(file)}`)
@@ -61,6 +57,11 @@ function runBuild(entry, outfile) {
         `Build successfully in ${(Date.now() - start) / 1000} seconds`
       )
     })
+
+    fs.writeFileSync(
+      `dist/${path.basename(outfile)}.meta.json`,
+      JSON.stringify(result.metafile)
+    )
   })
 }
 

yarn.lock

@@ -2115,16 +2115,6 @@
     pump "^3.0.0"
     secure-json-parse "^2.1.0"
 
-"@esbuild-plugins/node-resolve@^0.2.2":
-  version "0.2.2"
-  resolved "https://registry.yarnpkg.com/@esbuild-plugins/node-resolve/-/node-resolve-0.2.2.tgz#4f1b8d265a1b6e8b2438a03770239277687f0c17"
-  integrity sha512-+t5FdX3ATQlb53UFDBRb4nqjYBz492bIrnVWvpQHpzZlu9BQL5HasMZhqc409ygUwOWCXZhrWr6NyZ6T6Y+cxw==
-  dependencies:
-    "@types/resolve" "^1.17.1"
-    debug "^4.3.1"
-    escape-string-regexp "^4.0.0"
-    resolve "^1.19.0"
-
 "@esbuild-plugins/tsconfig-paths@^0.1.2":
   version "0.1.2"
   resolved "https://registry.yarnpkg.com/@esbuild-plugins/tsconfig-paths/-/tsconfig-paths-0.1.2.tgz#1955de0a124ecf4364717a2fadbfbea876955232"
@@ -2489,6 +2479,11 @@
     minimatch "^3.0.4"
     strip-json-comments "^3.1.1"
 
+"@fontsource/source-sans-pro@^5.0.3":
+  version "5.0.3"
+  resolved "https://registry.yarnpkg.com/@fontsource/source-sans-pro/-/source-sans-pro-5.0.3.tgz#7d6e84a8169ba12fa5e6ce70757aa2ca7e74d855"
+  integrity sha512-mQnjuif/37VxwRloHZ+wQdoozd2VPWutbFSt1AuSkk7nFXIBQxHJLw80rgCF/osL0t7N/3Gx1V7UJuOX2zxzhQ==
+
 "@fortawesome/fontawesome-common-types@6.3.0":
   version "6.3.0"
   resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-common-types/-/fontawesome-common-types-6.3.0.tgz#51f734e64511dbc3674cd347044d02f4dd26e86b"
@@ -3646,7 +3641,7 @@
   dependencies:
     "@lezer/common" "^1.0.0"
 
-"@mapbox/node-pre-gyp@^1.0.0":
+"@mapbox/node-pre-gyp@^1.0.10":
   version "1.0.10"
   resolved "https://registry.yarnpkg.com/@mapbox/node-pre-gyp/-/node-pre-gyp-1.0.10.tgz#8e6735ccebbb1581e5a7e652244cadc8a844d03c"
   integrity sha512-4ySo4CjzStuprMwk35H5pPbkymjv1SF3jGLj6rAHp/xT/RF7TL7bd9CTm1xDY49K2qF7jmR/g7k+SkLETP6opA==
@@ -6120,11 +6115,6 @@
   dependencies:
     "@types/node" "*"
 
-"@types/resolve@^1.17.1":
-  version "1.20.2"
-  resolved "https://registry.yarnpkg.com/@types/resolve/-/resolve-1.20.2.tgz#97d26e00cd4a0423b4af620abecf3e6f442b7975"
-  integrity sha512-60BCwRFOZCQhDncwQdxxeOEEkbc5dIMccYLwbxsS4TUNeVECQ/pBJ0j09mrHOl/JJvpRPGwO9SvE4nR2Nb/a4Q==
-
 "@types/responselike@^1.0.0":
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/@types/responselike/-/responselike-1.0.0.tgz#251f4fe7d154d2bad125abe1b429b23afd262e29"
@@ -6197,13 +6187,13 @@
   dependencies:
     "@types/node" "*"
 
-"@types/tar@6.1.3":
+"@types/tar@6.1.5":
-  version "6.1.3"
+  version "6.1.5"
-  resolved "https://registry.yarnpkg.com/@types/tar/-/tar-6.1.3.tgz#46a2ce7617950c4852dfd7e9cd41aa8161b9d750"
+  resolved "https://registry.yarnpkg.com/@types/tar/-/tar-6.1.5.tgz#90ccb3b6a35430e7427410d50eed564e85feaaff"
-  integrity sha512-YzDOr5kdAeqS8dcO6NTTHTMJ44MUCBDoLEIyPtwEn7PssKqUYL49R1iCVJPeiPzPlKi6DbH33eZkpeJ27e4vHg==
+  integrity sha512-qm2I/RlZij5RofuY7vohTpYNaYcrSQlN2MyjucQc7ZweDwaEWkdN/EeNh6e9zjK6uEm6PwjdMXkcj05BxZdX1Q==
   dependencies:
     "@types/node" "*"
-    minipass "^3.3.5"
+    minipass "^4.0.0"
 
 "@types/tern@*":
   version "0.23.4"
@@ -7671,13 +7661,13 @@ bcrypt-pbkdf@^1.0.0, bcrypt-pbkdf@^1.0.2:
   dependencies:
     tweetnacl "^0.14.3"
 
-bcrypt@5.0.1:
+bcrypt@5.1.0:
-  version "5.0.1"
+  version "5.1.0"
-  resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-5.0.1.tgz#f1a2c20f208e2ccdceea4433df0c8b2c54ecdf71"
+  resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-5.1.0.tgz#bbb27665dbc400480a524d8991ac7434e8529e17"
-  integrity sha512-9BTgmrhZM2t1bNuDtrtIMVSmmxZBrJ71n8Wg+YgdjHuIWYF7SjjmCPZFB+/5i/o/PIeRpwVJR3P+NrpIItUjqw==
+  integrity sha512-RHBS7HI5N5tEnGTmtR/pppX0mmDSBpQ4aCBsj7CEQfYXDcO74A8sIBYcJMuCsis2E81zDxeENYhv66oZwLiA+Q==
   dependencies:
-    "@mapbox/node-pre-gyp" "^1.0.0"
+    "@mapbox/node-pre-gyp" "^1.0.10"
-    node-addon-api "^3.1.0"
+    node-addon-api "^5.0.0"
 
 bcryptjs@2.4.3:
   version "2.4.3"
@@ -8406,7 +8396,7 @@ chmodr@1.2.0:
   resolved "https://registry.yarnpkg.com/chmodr/-/chmodr-1.2.0.tgz#720e96caa09b7f1cdbb01529b7d0ab6bc5e118b9"
   integrity sha512-Y5uI7Iq/Az6HgJEL6pdw7THVd7jbVOTPwsmcPOBjQL8e3N+pz872kzK5QxYGEy21iRys+iHWV0UZQXDFJo1hyA==
 
-chokidar@3.5.3, chokidar@^3.0.0, chokidar@^3.5.1, chokidar@^3.5.2:
+chokidar@3.5.3, chokidar@^3.0.0, chokidar@^3.5.1, chokidar@^3.5.2, chokidar@^3.5.3:
   version "3.5.3"
   resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.5.3.tgz#1cf37c8707b932bd1af1ae22c0432e2acd1903bd"
   integrity sha512-Dr3sfKRP6oTcjf2JmUmFJfeVMvXBdegxB0iVQ5eb2V10uFJUCAS8OByZdVAyVb8xXNz3GjjTgj9kLWsZTqE6kw==
@@ -10998,6 +10988,14 @@ esbuild-netbsd-64@0.15.18:
   resolved "https://registry.yarnpkg.com/esbuild-netbsd-64/-/esbuild-netbsd-64-0.15.18.tgz#ae75682f60d08560b1fe9482bfe0173e5110b998"
   integrity sha512-98ukeCdvdX7wr1vUYQzKo4kQ0N2p27H7I11maINv73fVEXt2kyh4K4m9f35U1K43Xc2QGXlzAw0K9yoU7JUjOg==
 
+esbuild-node-externals@^1.7.0:
+  version "1.7.0"
+  resolved "https://registry.yarnpkg.com/esbuild-node-externals/-/esbuild-node-externals-1.7.0.tgz#f6d755c577aec1ffa8548b0a648f13df27551805"
+  integrity sha512-nfY3hxtO2anCTZ87LgfzCTfBuyG6de+NyiCNMF1mgrBufS0NgoYlBwF77HHuOInsJLxsAJf0BfLeV6ekZ3hRuA==
+  dependencies:
+    find-up "^5.0.0"
+    tslib "^2.4.1"
+
 esbuild-openbsd-64@0.15.18:
   version "0.15.18"
   resolved "https://registry.yarnpkg.com/esbuild-openbsd-64/-/esbuild-openbsd-64-0.15.18.tgz#79591a90aa3b03e4863f93beec0d2bab2853d0a8"
@@ -11850,7 +11848,7 @@ fast-glob@3.2.7:
     merge2 "^1.3.0"
     micromatch "^4.0.4"
 
-fast-glob@^3.0.3:
+fast-glob@^3.0.3, fast-glob@^3.2.11:
   version "3.2.12"
   resolved "https://registry.yarnpkg.com/fast-glob/-/fast-glob-3.2.12.tgz#7f39ec99c2e6ab030337142da9e0c18f37afae80"
   integrity sha512-DVj4CQIYYow0BlaelwK1pHl5n5cRSJfM60UA0zK891sVInoPri2Ekj7+e1CT3/3qxXenpI+nBBmQAcJPJgaj4w==
@@ -18034,7 +18032,7 @@ minipass-sized@^1.0.3:
   dependencies:
     minipass "^3.0.0"
 
-minipass@^3.0.0, minipass@^3.1.1, minipass@^3.1.6, minipass@^3.3.5:
+minipass@^3.0.0, minipass@^3.1.1, minipass@^3.1.6:
   version "3.3.6"
   resolved "https://registry.yarnpkg.com/minipass/-/minipass-3.3.6.tgz#7bba384db3a1520d18c9c0e5251c3444e95dd94a"
   integrity sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==
@@ -18453,11 +18451,16 @@ node-abort-controller@^3.0.1:
   resolved "https://registry.yarnpkg.com/node-abort-controller/-/node-abort-controller-3.1.1.tgz#a94377e964a9a37ac3976d848cb5c765833b8548"
   integrity sha512-AGK2yQKIjRuqnc6VkX2Xj5d+QW8xZ87pa1UK6yA6ouUyuxfHuMP6umE5QK7UmTeOAymo+Zx1Fxiuw9rVx8taHQ==
 
-node-addon-api@^3.1.0, node-addon-api@^3.2.1:
+node-addon-api@^3.2.1:
   version "3.2.1"
   resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-3.2.1.tgz#81325e0a2117789c0128dab65e7e38f07ceba161"
   integrity sha512-mmcei9JghVNDYydghQmeDX8KoAm0FAiYyIcUt/N4nhyAipB17pllZQDOJD2fotxABnt4Mdz+dKTO7eftLg4d0A==
 
+node-addon-api@^5.0.0:
+  version "5.1.0"
+  resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-5.1.0.tgz#49da1ca055e109a23d537e9de43c09cca21eb762"
+  integrity sha512-eh0GgfEkpnoWDq+VY8OyvYhFEzBk6jIYbRKdIlyTiAXIVJ8PyBaKb0rp7oDtoddbdoHWhq8wwr+XZ81F1rpNdA==
+
 node-duration@^1.0.4:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/node-duration/-/node-duration-1.0.4.tgz#3e94ecc0e473691c89c4560074503362071cecac"
@@ -24160,6 +24163,18 @@ tar@6.1.11:
     mkdirp "^1.0.3"
     yallist "^4.0.0"
 
+tar@6.1.15:
+  version "6.1.15"
+  resolved "https://registry.yarnpkg.com/tar/-/tar-6.1.15.tgz#c9738b0b98845a3b344d334b8fa3041aaba53a69"
+  integrity sha512-/zKt9UyngnxIT/EAGYuxaMYgOIJiP81ab9ZfkILq4oNLPFX50qyYmu7jRj9qeXoxmJHjGlbH0+cm2uy1WCs10A==
+  dependencies:
+    chownr "^2.0.0"
+    fs-minipass "^2.0.0"
+    minipass "^5.0.0"
+    minizlib "^2.1.1"
+    mkdirp "^1.0.3"
+    yallist "^4.0.0"
+
 tar@^6.1.11, tar@^6.1.2:
   version "6.1.13"
   resolved "https://registry.yarnpkg.com/tar/-/tar-6.1.13.tgz#46e22529000f612180601a6fe0680e7da508847b"
@@ -24744,6 +24759,11 @@ tslib@^2.0.1, tslib@^2.1.0, tslib@^2.2.0, tslib@^2.3.0, tslib@^2.4.0:
   resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.5.0.tgz#42bfed86f5787aeb41d031866c8f402429e0fddf"
   integrity sha512-336iVw3rtn2BUK7ORdIAHTyxHGRIHVReokCR3XjbckJMK7ms8FysBfhLR8IXnAgy7T0PTPNBWKiH514FOW/WSg==
 
+tslib@^2.4.1:
+  version "2.5.3"
+  resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.5.3.tgz#24944ba2d990940e6e982c4bea147aba80209913"
+  integrity sha512-mSxlJJwl3BMEQCUNnxXBU9jP4JBktcEGhURcPR6VQVlnP0FdDEsIaz0C35dXNGLyRfrATNofF0F5p2KPxQgB+w==
+
 tsscmp@1.0.6:
   version "1.0.6"
   resolved "https://registry.yarnpkg.com/tsscmp/-/tsscmp-1.0.6.tgz#85b99583ac3589ec4bfef825b5000aa911d605eb"
@@ -25411,6 +25431,16 @@ vite-node@0.29.8:
     picocolors "^1.0.0"
     vite "^3.0.0 || ^4.0.0"
 
+vite-plugin-static-copy@^0.16.0:
+  version "0.16.0"
+  resolved "https://registry.yarnpkg.com/vite-plugin-static-copy/-/vite-plugin-static-copy-0.16.0.tgz#2f65227037f17fc99c0782fd0b344e962935e69e"
+  integrity sha512-dMVEg5Z2SwYRgQnHZaeokvSKB4p/TOTf65JU4sP3U6ccSBsukqdtDOjpmT+xzTFHAA8WJjcS31RMLjUdWQCBzw==
+  dependencies:
+    chokidar "^3.5.3"
+    fast-glob "^3.2.11"
+    fs-extra "^11.1.0"
+    picocolors "^1.0.0"
+
 "vite@^3.0.0 || ^4.0.0":
   version "4.2.2"
   resolved "https://registry.yarnpkg.com/vite/-/vite-4.2.2.tgz#014c30e5163844f6e96d7fe18fbb702236516dc6"