mozilla
/
blurts-server
зеркало из https://github.com/mozilla/blurts-server.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
8 456 коммитов 230 Ветки 480 Теги 139 MiB
Граф коммитов

230 Коммитов

Автор SHA1 Сообщение Дата
Amri Toufali a65ac31fce
remove obsolete knex-paginate 2022-10-03 16:44:13 -07:00
dependabot[bot] 1d564c49f8
Bump dotenv from 8.2.0 to 16.0.2 (from PR #2643) 
Bumps [dotenv](https://github.com/motdotla/dotenv) from 8.2.0 to 16.0.2.
- [Release notes](https://github.com/motdotla/dotenv/releases)
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](https://github.com/motdotla/dotenv/compare/v8.2.0...v16.0.2)
 2022-09-22 16:13:59 -05:00
dependabot[bot] cd11edfe25
Bump sns-validator from 0.3.4 to 0.3.5 (from PR #2642) 
Bumps [sns-validator](https://github.com/aws/aws-js-sns-message-validator) from 0.3.4 to 0.3.5.
- [Release notes](https://github.com/aws/aws-js-sns-message-validator/releases)
- [Commits](https://github.com/aws/aws-js-sns-message-validator/compare/0.3.4...v0.3.5)
 2022-09-22 16:13:58 -05:00
dependabot[bot] 2c3194c266
Bump nodemailer from 6.7.5 to 6.7.8 (from PR #2641) 
Bumps [nodemailer](https://github.com/nodemailer/nodemailer) from 6.7.5 to 6.7.8.
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodemailer/nodemailer/compare/v6.7.5...v6.7.8)
 2022-09-22 16:13:57 -05:00
dependabot[bot] 0e07957e1f
Bump connect-redis from 5.0.0 to 6.1.3 (from PR #2640) 
Bumps [connect-redis](https://github.com/visionmedia/connect-redis) from 5.0.0 to 6.1.3.
- [Release notes](https://github.com/visionmedia/connect-redis/releases)
- [Commits](https://github.com/visionmedia/connect-redis/compare/v5.0.0...v6.1.3)
 2022-09-22 16:13:56 -05:00
John Whitlock 14e086e617
Merge pull request #2649 from mozilla/dependabot/docker/node-16.17.0-alpine 
Bump node from 16.15-alpine to 16.17.0-alpine
 2022-09-22 16:03:13 -05:00
John Whitlock 2d925a1402
Update to node 16.17.x 2022-09-22 16:01:22 -05:00
dependabot[bot] 3140082c7b
Bump node-mocks-http from 1.9.0 to 1.11.0 
Bumps [node-mocks-http](https://github.com/howardabrams/node-mocks-http) from 1.9.0 to 1.11.0.
- [Release notes](https://github.com/howardabrams/node-mocks-http/releases)
- [Changelog](https://github.com/howardabrams/node-mocks-http/blob/master/HISTORY.md)
- [Commits](https://github.com/howardabrams/node-mocks-http/compare/v1.9.0...v1.11.0)

---
updated-dependencies:
- dependency-name: node-mocks-http
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-05 15:33:21 +00:00
John Whitlock 793d257d08
Merge pull request #2636 from mozilla/update-sentry-sdk 
Update @sentry/node from v5.27.2 to v7.12.0
 2022-09-04 20:48:44 -05:00
Amri Toufali 352c7b9e2f
Merge pull request #2637 from mozilla/MNTOR-854/move-monthly-cron-to-sre 
Mntor 854/move monthly cron to sre
 2022-09-02 09:46:54 -07:00
Amri Toufali 512fdfbeb6
remove node-cron 2022-09-01 15:22:26 -07:00
John Whitlock a863182f2b
Update @sentry/node from v5.27.2 to v7.12.0 
Some highlights, which do not affect our code:

* 6.0.0 - Start supporting Release Health
* 6.17.0 - Remove DSN class
* 6.18.0 - Deprecate frameContextLines
* 7.0.0 - Split @sentry/tracing into own package, distribute ES5, drop
  Node.js v6
 2022-09-01 16:36:11 -05:00
John Whitlock 8723fc9dfc
Merge pull request #2633 from mozilla/dependabot/npm_and_yarn/eslint-plugin-promise-6.0.1 
Bump eslint-plugin-promise from 6.0.0 to 6.0.1
 2022-09-01 14:34:41 -05:00
dependabot[bot] 6bbc3d50fc
Bump knex-paginate from 1.2.2 to 3.0.1 
Bumps [knex-paginate](https://github.com/felixmosh/knex-paginate) from 1.2.2 to 3.0.1.
- [Release notes](https://github.com/felixmosh/knex-paginate/releases)
- [Changelog](https://github.com/felixmosh/knex-paginate/blob/master/CHANGELOG.md)
- [Commits](https://github.com/felixmosh/knex-paginate/compare/v1.2.2...v3.0.1)

---
updated-dependencies:
- dependency-name: knex-paginate
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-01 13:08:30 -05:00
John Whitlock cad52d4e53
Merge pull request #2630 from mozilla/dependabot/npm_and_yarn/fluent-0.13.0 
Bump fluent from 0.12.0 to 0.13.0
 2022-09-01 12:18:36 -05:00
John Whitlock 86684b8aa7
Merge pull request #2632 from mozilla/dependabot/npm_and_yarn/coveralls-3.1.1 
Bump coveralls from 3.1.0 to 3.1.1
 2022-09-01 11:44:00 -05:00
dependabot[bot] 0292a95d08
Bump eslint-plugin-promise from 6.0.0 to 6.0.1 
Bumps [eslint-plugin-promise](https://github.com/xjamundx/eslint-plugin-promise) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/xjamundx/eslint-plugin-promise/releases)
- [Changelog](https://github.com/xjamundx/eslint-plugin-promise/blob/development/CHANGELOG.md)
- [Commits](https://github.com/xjamundx/eslint-plugin-promise/commits)

---
updated-dependencies:
- dependency-name: eslint-plugin-promise
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-31 16:27:39 +00:00
dependabot[bot] 7bf0f75802
Bump coveralls from 3.1.0 to 3.1.1 
Bumps [coveralls](https://github.com/nickmerwin/node-coveralls) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/nickmerwin/node-coveralls/releases)
- [Commits](https://github.com/nickmerwin/node-coveralls/compare/v3.1.0...3.1.1)

---
updated-dependencies:
- dependency-name: coveralls
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-31 16:27:30 +00:00
dependabot[bot] 2bcb624eec
Bump fluent from 0.12.0 to 0.13.0 
Bumps [fluent](https://github.com/projectfluent/fluent.js) from 0.12.0 to 0.13.0.
- [Release notes](https://github.com/projectfluent/fluent.js/releases)
- [Commits](https://github.com/projectfluent/fluent.js/compare/fluent@0.12.0...fluent@0.13.0)

---
updated-dependencies:
- dependency-name: fluent
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-31 16:27:09 +00:00
dependabot[bot] 69aed8fa9d
Bump client-oauth2 from 4.3.2 to 4.3.3 
Bumps [client-oauth2](https://github.com/mulesoft/js-client-oauth2) from 4.3.2 to 4.3.3.
- [Release notes](https://github.com/mulesoft/js-client-oauth2/releases)
- [Commits](https://github.com/mulesoft/js-client-oauth2/compare/v4.3.2...v4.3.3)

---
updated-dependencies:
- dependency-name: client-oauth2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-31 16:26:57 +00:00
John Whitlock 7d16a7f614
Update to nodemon 2.0.19 
Update nodemon from 2.0.4 to 2.0.19. Highlights:

* Updates dependencies
* Replaces `update-notifier` with `simple-update-notifier`, reducing the
  total dependencies.
* Drops node 8
* Fixes bugs on Windows
 2022-08-31 10:05:01 -05:00
Amri Toufali 9ba19ee9ca
update package-lock.json 2022-08-28 16:30:58 -07:00
Amri Toufali 481871b13f
Merge branch 'main' into MNTOR-697/monthly-email 2022-08-28 16:29:30 -07:00
dependabot[bot] 6799fb02b8
Bump got from 10.7.0 to 11.8.5 
Bumps [got](https://github.com/sindresorhus/got) from 10.7.0 to 11.8.5.
- [Release notes](https://github.com/sindresorhus/got/releases)
- [Commits](https://github.com/sindresorhus/got/compare/v10.7.0...v11.8.5)

---
updated-dependencies:
- dependency-name: got
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-26 19:47:19 +00:00
John Whitlock 9a1d5fb524
Update to nodemailer-express-handlebars 5.0.0 
5.0.0 updates to express-handlebars 6.0.2
 2022-08-25 14:19:31 -05:00
John Whitlock ee336297f3
Update to express-handlebars 6.0.6 
Mostly dependency updates. 6.x requires node 12.
 2022-08-25 14:17:05 -05:00
John Whitlock 5ea270b74c
Set node engine in package-lock.json 2022-08-25 14:16:17 -05:00
Amri Toufali 7961f820ae
add cron and breach stats lookup/update 2022-08-21 23:02:37 -07:00
Amri Toufali a5e8de5c3a
update package-lock 2022-06-21 22:32:36 -07:00
Amri Toufali 5fd33b2007
Merge branch 'main' into MNTOR-769/update-node-16 2022-06-21 22:29:32 -07:00
Amri Toufali bd21b4e84b
Merge branch 'main' into dependabot/npm_and_yarn/express-handlebars-5.3.1 2022-06-21 22:20:40 -07:00
Amri Toufali 80b0b9f69a
remove integration tests 2022-06-21 22:00:16 -07:00
Amri Toufali 32868f03e2
update Stylelint config 2022-06-15 22:39:57 -07:00
dependabot[bot] 1a68c383fa
Bump express-handlebars from 5.1.0 to 5.3.1 
Bumps [express-handlebars](https://github.com/express-handlebars/express-handlebars) from 5.1.0 to 5.3.1.
- [Release notes](https://github.com/express-handlebars/express-handlebars/releases)
- [Changelog](https://github.com/express-handlebars/express-handlebars/blob/master/CHANGELOG.md)
- [Commits](https://github.com/express-handlebars/express-handlebars/compare/v5.1.0...v5.3.1)

---
updated-dependencies:
- dependency-name: express-handlebars
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-09 22:31:20 +00:00
Amri Toufali f2545f8bee
remove unused packages and scripts 2022-06-01 21:59:55 -07:00
Amri Toufali c29bfe3bc7
remove deprecated audit pkg and update npm scripts 2022-05-31 20:46:33 -07:00
Amri Toufali 84ad05ba69
remove Gulp and other obsolete packages 2022-05-28 15:57:27 -07:00
Amri Toufali 9f6e02ed5c
remove protocol design system 2022-05-26 10:50:39 -07:00
Amri Toufali d89c83a3d3
add esbuild 2022-05-26 10:48:26 -07:00
Amri Toufali 7112d08b01
update ESLint 2022-05-10 16:17:52 -07:00
Amri Toufali f098319b15
fix minimist vulnerability 2022-04-19 13:38:30 -07:00
Amri Toufali 61ff846b24 resolve `node-fetch` alert 
- rewrite package-lock.json
 2022-01-27 11:59:15 -08:00
Amri Toufali 54fbd2af5e
resolve `shelljs` security alert (#2481) 2022-01-26 14:40:54 -08:00
Amri Toufali 1ceeb42721
IP location banner for VPN education/promotion (#2284) 
* add banner expand functionality

* refactor home content to nest in top-level `main`

* optimize homepage style for vpn banner

* optimize breach page style for vpn banner

* optimize "security tips" page style for vpn banner

* optimize about page style for vpn banner

* move header shadow to avoid vpn banner conflict

* add 2nd panel main content

* add en locale strings

* add "protected" version of banner with associated strings

* handle ip address not found in MaxMind DB

* add Heroku Buildpack vars for MaxMind db

* update .env-dist vars for MaxMind GeoLite2

* handle MaxMind db read error

* refactor client-side mullvad API and async geodata

* default to "not protected" for cache/fetch error

* use full country name

* add abort controller for Mullvad req

* cache location lookup with redis session

* allow optional env vars

* update readme

* add analytics/attribution

* add localization to MaxMind location data

* add blocked locales to env var

* refactor ip-location to open db once every 3 days

* Fix broken visual integration tests
 2021-11-19 12:06:30 -08:00
Amri Toufali 4734884615
Cleanup and security (#2316) 
* add npm version 6 to package.json "engines"

* remove unused dependencies

* update wdio-image-comparison-service

* update gulp-sass

* update nodemailer and associated .hbs package

* update jest

* update eslint

* update stylelint-config-standard
 2021-10-18 15:19:31 -07:00
Amri Toufali 3d24595060
Migrate Travis to CircleCI (#2310) 
* add lints to circleci

* delete travis config

* add circleci orbs

* update images

* update dockerfile to allow dev build

* refactor unit-tests using machine host instead of docker

* set postgres user pass to enable docker connection

* remove .env-dist quotes in values (broken syntax)

* fix broken coveralls test

* update readme

* use `npm ci` instead of redundant `npm install`

* switch integration test network mode to `host`

* specify .env path for integration test

* update lockfile

* remove docker login and obsolete jobs
 2021-10-15 11:58:00 -07:00
Maxx Crawford 2ac3958adc
Add scss source maps (#2294) 
* Add SCSS source maps for improved CSS debugging

* Revert dotenv removal

* Lint error fix
 2021-09-29 21:54:43 -05:00
Amri Toufali a700dc3e27 sync NPM and CircleCI versions of Node to 14.17 2021-08-31 13:35:37 -07:00
Amri Toufali 23d2f8596e
upgrade to Node 14 (#2244) 
* add quotes to docker-compose port range vars

* upgrade to Node 14

* update CircleCI config to use Node 14

* upgrade dockerfiles to node 14

* update travis config for Node 14

* update npm package-lock

* upgrade node-postgres to resolve Knex error
- https://github.com/knex/knex/issues/3836

* bump Node to 14.17.5 for latest security release
- https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/

* pin Node to latest in v14
 2021-08-13 13:41:31 -05:00
dependabot[bot] 24461304ad
Bump urijs from 1.19.6 to 1.19.7 
Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.6 to 1.19.7.
- [Release notes](https://github.com/medialize/URI.js/releases)
- [Changelog](https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md)
- [Commits](https://github.com/medialize/URI.js/compare/v1.19.6...v1.19.7)

---
updated-dependencies:
- dependency-name: urijs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-22 19:50:43 +00:00