Merge pull request #12632 from Budibase/security/patches
Security/patches
This commit is contained in:
Martin McKeaveney
GitHub
commit
f089a0fdf5
12
package.json
12
package.json
|
|
@ -97,7 +97,17 @@
|
|||
"@budibase/backend-core": "0.0.0",
|
||||
"@budibase/shared-core": "0.0.0",
|
||||
"@budibase/string-templates": "0.0.0",
|
||||
"@budibase/types": "0.0.0"
|
||||
"@budibase/types": "0.0.0",
|
||||
"tough-cookie": "4.1.3",
|
||||
"node-fetch": "2.6.7",
|
||||
"semver": "7.5.3",
|
||||
"http-cache-semantics": "4.1.1",
|
||||
"msgpackr": "1.10.1",
|
||||
"axios": "1.6.3",
|
||||
"xml2js": "0.6.2",
|
||||
"unset-value": "2.0.1",
|
||||
"got": "13.0.0",
|
||||
"passport": "0.6.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=20.0.0 <21.0.0"
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
Subproject commit 52f51dcfb96d3fe58c8cc7a905e7d733f7cd84c2
|
||||
Subproject commit a0b13270c36dd188e2a953d026b4560a1208008e
|
||||
|
|
@ -25,7 +25,7 @@
|
|||
"@budibase/pouchdb-replication-stream": "1.2.10",
|
||||
"@budibase/shared-core": "0.0.0",
|
||||
"@budibase/types": "0.0.0",
|
||||
"@techpass/passport-openidconnect": "0.3.2",
|
||||
"@govtechsg/passport-openidconnect": "^1.0.2",
|
||||
"aws-cloudfront-sign": "3.0.2",
|
||||
"aws-sdk": "2.1030.0",
|
||||
"bcrypt": "5.1.0",
|
||||
|
|
@ -37,7 +37,7 @@
|
|||
"ioredis": "5.3.2",
|
||||
"joi": "17.6.0",
|
||||
"jsonwebtoken": "9.0.2",
|
||||
"koa-passport": "4.1.4",
|
||||
"koa-passport": "^6.0.0",
|
||||
"koa-pino-logger": "4.0.0",
|
||||
"lodash": "4.17.21",
|
||||
"node-fetch": "2.6.7",
|
||||
|
|
@ -52,7 +52,7 @@
|
|||
"redlock": "4.2.0",
|
||||
"rotating-file-stream": "3.1.0",
|
||||
"sanitize-s3-objectkey": "0.0.1",
|
||||
"semver": "7.3.7",
|
||||
"semver": "^7.5.4",
|
||||
"tar-fs": "2.1.1",
|
||||
"uuid": "^8.3.2"
|
||||
},
|
||||
|
|
|
|||
|
|
@ -41,6 +41,7 @@
|
|||
|
||||
let autoSchema = {}
|
||||
let rows = []
|
||||
let keys = {}
|
||||
|
||||
const parseQuery = query => {
|
||||
modified = false
|
||||
|
|
@ -137,8 +138,20 @@
|
|||
const handleScroll = e => {
|
||||
scrolling = e.target.scrollTop !== 0
|
||||
}
|
||||
|
||||
async function handleKeyDown(evt) {
|
||||
keys[evt.key] = true
|
||||
if ((keys["Meta"] || keys["Control"]) && keys["Enter"]) {
|
||||
await runQuery({ suppressErrors: false })
|
||||
}
|
||||
}
|
||||
|
||||
function handleKeyUp(evt) {
|
||||
delete keys[evt.key]
|
||||
}
|
||||
</script>
|
||||
|
||||
<svelte:window on:keydown={handleKeyDown} on:keyup={handleKeyUp} />
|
||||
<QueryViewerSavePromptModal
|
||||
checkIsModified={() => checkIsModified(newQuery)}
|
||||
attemptSave={() => runQuery({ suppressErrors: false }).then(saveQuery)}
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
Subproject commit 4f9616f163039a0eea81319d8e2288340a2ebc79
|
||||
Subproject commit 992486c10044a7495496b97bdf5f454d4020bfba
|
||||
|
|
@ -52,8 +52,8 @@
|
|||
"@budibase/shared-core": "0.0.0",
|
||||
"@budibase/string-templates": "0.0.0",
|
||||
"@budibase/types": "0.0.0",
|
||||
"@bull-board/api": "3.7.0",
|
||||
"@bull-board/koa": "3.9.4",
|
||||
"@bull-board/api": "5.10.2",
|
||||
"@bull-board/koa": "5.10.2",
|
||||
"@elastic/elasticsearch": "7.10.0",
|
||||
"@google-cloud/firestore": "6.8.0",
|
||||
"@koa/router": "8.0.8",
|
||||
|
|
@ -76,7 +76,7 @@
|
|||
"google-spreadsheet": "3.2.0",
|
||||
"ioredis": "5.3.2",
|
||||
"isolated-vm": "^4.7.2",
|
||||
"jimp": "0.16.1",
|
||||
"jimp": "0.22.10",
|
||||
"joi": "17.6.0",
|
||||
"js-yaml": "4.1.0",
|
||||
"jsonschema": "1.4.0",
|
||||
|
|
@ -89,7 +89,7 @@
|
|||
"koa2-ratelimit": "1.1.1",
|
||||
"lodash": "4.17.21",
|
||||
"memorystream": "0.3.1",
|
||||
"mongodb": "5.7",
|
||||
"mongodb": "^6.3.0",
|
||||
"mssql": "10.0.1",
|
||||
"mysql2": "3.5.2",
|
||||
"node-fetch": "2.6.7",
|
||||
|
|
@ -108,6 +108,8 @@
|
|||
"svelte": "^3.49.0",
|
||||
"tar": "6.1.15",
|
||||
"to-json-schema": "0.2.5",
|
||||
"undici": "^6.0.1",
|
||||
"undici-types": "^6.0.1",
|
||||
"uuid": "^8.3.2",
|
||||
"validate.js": "0.13.1",
|
||||
"worker-farm": "1.7.0",
|
||||
|
|
|
|||
|
|
@ -21,7 +21,6 @@ import environment from "../environment"
|
|||
interface MongoDBConfig {
|
||||
connectionString: string
|
||||
db: string
|
||||
tlsCertificateFile: string
|
||||
tlsCertificateKeyFile: string
|
||||
tlsCAFile: string
|
||||
}
|
||||
|
|
@ -320,16 +319,11 @@ const getSchema = () => {
|
|||
if (environment.SELF_HOSTED) {
|
||||
schema.datasource = {
|
||||
...schema.datasource,
|
||||
//@ts-ignore
|
||||
// @ts-ignore
|
||||
tls: {
|
||||
type: DatasourceFieldType.FIELD_GROUP,
|
||||
display: "Configure SSL",
|
||||
fields: {
|
||||
tlsCertificateFile: {
|
||||
type: DatasourceFieldType.STRING,
|
||||
required: false,
|
||||
display: "Certificate file path",
|
||||
},
|
||||
tlsCertificateKeyFile: {
|
||||
type: DatasourceFieldType.STRING,
|
||||
required: false,
|
||||
|
|
@ -356,7 +350,6 @@ class MongoIntegration implements IntegrationBase {
|
|||
constructor(config: MongoDBConfig) {
|
||||
this.config = config
|
||||
const options: MongoClientOptions = {
|
||||
tlsCertificateFile: config.tlsCertificateFile || undefined,
|
||||
tlsCertificateKeyFile: config.tlsCertificateKeyFile || undefined,
|
||||
tlsCAFile: config.tlsCAFile || undefined,
|
||||
}
|
||||
|
|
@ -645,7 +638,7 @@ class MongoIntegration implements IntegrationBase {
|
|||
let response = []
|
||||
if (query.extra?.actionType === "pipeline") {
|
||||
for await (const doc of collection.aggregate(
|
||||
query.steps.map(({ key, value }) => {
|
||||
query.steps.map(({key, value}) => {
|
||||
let temp: any = {}
|
||||
temp[key] = JSON.parse(value.value)
|
||||
return this.createObjectIds(temp)
|
||||
|
|
|
|||
|
|
@ -68,7 +68,9 @@
|
|||
"passport-local": "1.0.0",
|
||||
"pouchdb": "7.3.0",
|
||||
"pouchdb-all-dbs": "1.1.1",
|
||||
"server-destroy": "1.0.1"
|
||||
"server-destroy": "1.0.1",
|
||||
"undici": "^6.0.1",
|
||||
"undici-types": "^6.0.1"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@swc/core": "1.3.71",
|
||||
|
|
|
|||
Loading…
Reference in New Issue