Commit Graph

3747 Commits

Author SHA1 Message Date
mike12345567 f5b11ce7f0 Merge branch 'security-updates' of github.com:Budibase/budibase into security-updates 2024-11-20 11:56:28 +00:00
mike12345567 9b2d1744d5 Merge branch 'master' of github.com:Budibase/budibase into security-updates 2024-11-20 11:49:02 +00:00
Martin McKeaveney d0ad87d504 revert curlconverter 2024-11-20 11:40:53 +00:00
Martin McKeaveney 79c515e57d types 2024-11-19 19:02:22 +00:00
Martin McKeaveney 5093e1a84b more pins 2024-11-19 18:28:19 +00:00
Martin McKeaveney 98795501c4 update mssql and aws sdk deps 2024-11-19 18:23:50 +00:00
mike12345567 5a0916ca2a Switching it to be a step as part of monorepo check types. 2024-11-19 18:08:34 +00:00
mike12345567 c789f174ab Adding node to each script run for CI. 2024-11-19 17:25:51 +00:00
mike12345567 87a6006b4e Adding all dependencies that were missing and adding to build script. 2024-11-19 17:17:31 +00:00
Martin McKeaveney 30d311f784 pin deps 2024-11-19 17:06:44 +00:00
Martin McKeaveney c563bb64b5 remove snowflake-promise lib, update curlconverter to use dynamic import 2024-11-19 14:54:06 +00:00
Martin McKeaveney 2de841407d pin deps 2024-11-18 16:39:05 +00:00
Martin McKeaveney e8d7ed2635 bump pouch in server 2024-11-18 16:09:59 +00:00
Martin McKeaveney 324597b2a4 dependency upgrades for security scanners 2024-11-10 16:28:43 +00:00
Martin McKeaveney 95a08514b4 merge 2024-09-20 17:39:19 +01:00
Sam Rose aecd4f9e4d
Fetch schema tests. 2024-09-19 16:48:50 +01:00
Martin McKeaveney 224be10b6c support for overriding models 2024-09-17 16:08:59 +01:00
Martin McKeaveney 01a1379335 pin airtable dependency 2024-09-12 17:43:13 +01:00
Martin McKeaveney 57cf542101 updating JS dependencies to get rid of vulns 2024-09-12 17:32:42 +01:00
mike12345567 904f0dc9fd Adding jest-extended to allow use of oneOf expect, fixing for updated fetching. 2024-08-09 13:36:22 +01:00
mike12345567 48ddc059af Bumping google-spreadsheet version to latest version with fix added by Dean. 2024-08-05 16:38:21 +01:00
mike12345567 5e1dbd974b Adding a polyfill bundle for Buffer which can be used in the isolated-vm. 2024-07-23 19:02:39 +01:00
Martin McKeaveney c0260b85ff remove all conditional oracle installs 2024-07-22 15:59:40 +01:00
Adria Navarro c4dacfbd71 Undo mssql update (as it breaks some types) 2024-07-04 11:43:54 +02:00
Adria Navarro 8da83dac58 Merge branch 'master' into chore/fix-npm-vulnerabilities 2024-07-04 11:08:51 +02:00
Adria Navarro 9d2385b777 Update jimp 2024-07-04 10:56:55 +02:00
Adria Navarro 8a5925a924 Update mssql 2024-07-04 10:55:39 +02:00
mike12345567 f34d731bcc Update MongoDB to 6.7.0 2024-07-03 14:04:47 +01:00
Michael Drury 5ca9caaa69
Revert "Update MongoDB." 2024-07-03 13:48:56 +01:00
Sam Rose 2e33680e6b
Update MongoDB. 2024-07-03 09:19:19 +01:00
Adria Navarro c1520c6bf6 Fix socket.io vulnerability 2024-07-02 15:26:44 +02:00
Adria Navarro e19c9bd66a Remove protobufjs critical vulnerability 2024-07-02 15:21:11 +02:00
Peter Clement cf11009e24
Update OpenAI dependency to fix 400 errors (#14033)
* Update OpenAI dependency to fix 400 errors

* add some optional chaining for safety

* add caret

* fix tests
2024-06-27 12:17:48 +01:00
mike12345567 ebf8f54bb7 Upgrading to Typescript 5.5.2 2024-06-24 16:41:28 +01:00
dependabot[bot] 7ef46092d0
Bump socket.io from 4.6.1 to 4.6.2 in /packages/server
Bumps [socket.io](https://github.com/socketio/socket.io) from 4.6.1 to 4.6.2.
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io/compare/4.6.1...4.6.2)

---
updated-dependencies:
- dependency-name: socket.io
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-19 17:52:38 +00:00
dependabot[bot] c8c0dfb84d
Bump tar from 6.1.15 to 6.2.1 in /packages/server
Bumps [tar](https://github.com/isaacs/node-tar) from 6.1.15 to 6.2.1.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v6.1.15...v6.2.1)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-17 09:23:30 +00:00
mike12345567 155de99b68 Streaming to disk before passing onto S3. 2024-06-03 11:46:20 +01:00
dependabot[bot] 25a4e1d999
Bump mysql2 from 3.9.7 to 3.9.8 in /packages/server
Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 3.9.7 to 3.9.8.
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](https://github.com/sidorares/node-mysql2/compare/v3.9.7...v3.9.8)

---
updated-dependencies:
- dependency-name: mysql2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-30 19:53:00 +00:00
Adria Navarro 39ad85127b Use @budibase/google-spreadsheet 2024-05-17 12:11:26 +02:00
Adria Navarro d2e72889d6 Update 2024-05-14 09:39:55 +02:00
Adria Navarro f8c0a3b5c0 Remove types 2024-05-13 15:15:48 +02:00
Adria Navarro 9414c34c21 Update types 2024-05-13 15:15:48 +02:00
Adria Navarro 2e636475cf Update packages 2024-05-13 15:15:48 +02:00
Adria Navarro cbda40ac12 Remove unused packages 2024-05-01 11:07:00 +01:00
dependabot[bot] c8446fa5a6
Bump mysql2 from 3.5.2 to 3.9.7 in /packages/server
Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 3.5.2 to 3.9.7.
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](https://github.com/sidorares/node-mysql2/compare/v3.5.2...v3.9.7)

---
updated-dependencies:
- dependency-name: mysql2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-04-23 22:12:24 +00:00
Peter Clement a4c0328c53
REST file handling and SMTP automation block attachments (#13403)
* handle files in rest connector

* fetch presigned url and return

* further updates to handle files in rest connector

* remove unused important and fix extension bug

* wrong expiry param

* tests

* add const for temp bucket

* handle ttl on bucket

* more bucket ttl work

* split out fileresponse and xmlresponse into utils

* lint

* remove log

* fix tests

* some pr comments

* update function naming and lint

* adding back needed response for frontend

* use fsp

* handle different content-disposition and potential path traversal

* add test container for s3 / minio

* add test case for filename* and ascii filenames

* move tests into separate describe

* remove log

* up timeout

* switch to minio image instead of localstack

* use minio image instead of s3 for testing

* stream file upload instead

* use streamUpload and update signatures

* update bucketcreate return

* throw real error

* tidy up

* pro

* pro ref fix?

* pro fix

* pro fix?

* move minio test provider to backend-core

* update email builder to allow attachments

* testing for sending files via smtp

* use backend-core minio test container in server

* handle different types of url

* fix minio test provider

* test with container host

* lint

* try different hostname?

* Revert "try different hostname?"

This reverts commit cfefdb8ded.

* fix issue with fetching of signed url with test minio

* update autoamtion attachments to take filename and url

* fix tests

* pro ref

* fix parsing of url object

* pr comments and linting

* pro ref

* fix pro again

* fix pro

* account-portal

* fix null issue

* fix ref

* ref

* When sending a file attachment in email fetch it directly from our object store

* add more checks to ensure we're working with a signed url

* update test to account for direct object store read

* formatting

* fix time issues within test

* update bucket and path extraction to regex

* use const in regex

* pro

* Updating TTL handling in upload functions (#13539)

* Updating TTL handling in upload functions

* describe ttl type

* account for ttl creation in existing buckets and update types

* fix tests

* pro

* pro
2024-04-22 15:30:57 +00:00
mike12345567 68c5e657dd Updating @types/archiver to be more specific. 2024-04-15 13:46:31 +01:00
Adria Navarro 52a95308bd Pin version 2024-04-10 15:18:01 +02:00
Adria Navarro 465fde2460 Merge branch 'master' into BUDI-8082/download-files-using-a-button-action 2024-04-10 14:31:37 +02:00
Adria Navarro ac5d578349 Zip file 2024-04-04 21:28:06 +02:00