npm - @directus/api - Versions diffs - 22.2.0 → 23.1.0 - Mend

@directus/api 22.2.0 → 23.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (101) hide show

package/dist/app.js +2 -0
package/dist/auth/drivers/ldap.js +14 -3
package/dist/auth/drivers/oauth2.js +13 -2
package/dist/auth/drivers/openid.js +13 -2
package/dist/cache.js +4 -4
package/dist/cli/commands/init/questions.d.ts +5 -5
package/dist/cli/commands/schema/apply.d.ts +1 -0
package/dist/cli/commands/schema/apply.js +20 -1
package/dist/cli/index.js +1 -0
package/dist/cli/utils/create-env/env-stub.liquid +1 -4
package/dist/controllers/activity.js +30 -27
package/dist/controllers/assets.js +1 -1
package/dist/controllers/comments.d.ts +2 -0
package/dist/controllers/comments.js +153 -0
package/dist/controllers/versions.js +10 -5
package/dist/database/index.js +3 -0
package/dist/database/migrations/20210518A-add-foreign-key-constraints.js +1 -1
package/dist/database/migrations/20240806A-permissions-policies.js +1 -1
package/dist/database/migrations/20240909A-separate-comments.d.ts +3 -0
package/dist/database/migrations/20240909A-separate-comments.js +65 -0
package/dist/database/migrations/20240909B-consolidate-content-versioning.d.ts +3 -0
package/dist/database/migrations/20240909B-consolidate-content-versioning.js +10 -0
package/dist/database/run-ast/lib/get-db-query.d.ts +12 -2
package/dist/database/run-ast/lib/get-db-query.js +2 -2
package/dist/database/run-ast/modules/fetch-permitted-ast-root-fields.d.ts +15 -0
package/dist/database/run-ast/modules/fetch-permitted-ast-root-fields.js +29 -0
package/dist/database/run-ast/run-ast.js +8 -1
package/dist/database/run-ast/utils/get-column-pre-processor.d.ts +1 -1
package/dist/database/run-ast/utils/get-column-pre-processor.js +10 -2
package/dist/extensions/lib/sandbox/generate-api-extensions-sandbox-entrypoint.d.ts +0 -3
package/dist/extensions/lib/sandbox/register/route.d.ts +1 -2
package/dist/logger/index.d.ts +2 -3
package/dist/logger/logs-stream.d.ts +0 -1
package/dist/mailer.js +0 -6
package/dist/middleware/authenticate.d.ts +1 -3
package/dist/middleware/error-handler.d.ts +0 -1
package/dist/middleware/validate-batch.d.ts +1 -4
package/dist/permissions/lib/fetch-permissions.d.ts +11 -1
package/dist/permissions/modules/process-ast/utils/get-info-for-path.d.ts +2 -2
package/dist/permissions/modules/validate-access/lib/validate-item-access.d.ts +2 -1
package/dist/permissions/modules/validate-access/lib/validate-item-access.js +18 -13
package/dist/permissions/modules/validate-access/validate-access.d.ts +1 -0
package/dist/permissions/modules/validate-access/validate-access.js +14 -1
package/dist/permissions/modules/validate-remaining-admin/validate-remaining-admin-users.d.ts +1 -2
package/dist/permissions/utils/fetch-dynamic-variable-context.js +14 -6
package/dist/permissions/utils/process-permissions.d.ts +11 -1
package/dist/permissions/utils/process-permissions.js +6 -4
package/dist/request/agent-with-ip-validation.d.ts +0 -1
package/dist/server.d.ts +0 -3
package/dist/services/activity.d.ts +1 -7
package/dist/services/activity.js +0 -103
package/dist/services/assets.d.ts +0 -1
package/dist/services/assets.js +5 -4
package/dist/services/collections.js +6 -4
package/dist/services/comments.d.ts +31 -0
package/dist/services/comments.js +374 -0
package/dist/services/fields.js +0 -6
package/dist/services/files/utils/get-metadata.d.ts +0 -1
package/dist/services/files/utils/parse-image-metadata.d.ts +0 -1
package/dist/services/files.d.ts +0 -1
package/dist/services/graphql/index.js +17 -16
package/dist/services/import-export.d.ts +0 -1
package/dist/services/index.d.ts +1 -0
package/dist/services/index.js +1 -0
package/dist/services/items.js +3 -1
package/dist/services/mail/index.d.ts +2 -1
package/dist/services/mail/index.js +4 -1
package/dist/services/payload.js +15 -14
package/dist/services/tus/data-store.d.ts +0 -1
package/dist/services/users.js +3 -2
package/dist/services/versions.js +59 -44
package/dist/types/graphql.d.ts +0 -1
package/dist/utils/apply-diff.js +5 -6
package/dist/utils/apply-query.d.ts +1 -1
package/dist/utils/compress.d.ts +0 -1
package/dist/utils/delete-from-require-cache.js +1 -1
package/dist/utils/fetch-user-count/fetch-user-count.d.ts +1 -2
package/dist/utils/generate-hash.js +2 -2
package/dist/utils/get-address.d.ts +0 -3
package/dist/utils/get-cache-headers.d.ts +0 -1
package/dist/utils/get-cache-key.d.ts +0 -1
package/dist/utils/get-column.d.ts +1 -1
package/dist/utils/get-graphql-query-and-variables.d.ts +0 -1
package/dist/utils/get-ip-from-req.d.ts +0 -1
package/dist/utils/get-service.js +3 -1
package/dist/utils/get-snapshot.js +1 -1
package/dist/utils/sanitize-query.js +1 -1
package/dist/utils/sanitize-schema.d.ts +1 -1
package/dist/utils/sanitize-schema.js +2 -0
package/dist/utils/should-skip-cache.d.ts +0 -1
package/dist/websocket/authenticate.js +1 -1
package/dist/websocket/controllers/base.d.ts +1 -10
package/dist/websocket/controllers/base.js +15 -21
package/dist/websocket/controllers/graphql.d.ts +0 -3
package/dist/websocket/controllers/index.d.ts +0 -3
package/dist/websocket/controllers/logs.d.ts +4 -5
package/dist/websocket/controllers/logs.js +7 -3
package/dist/websocket/controllers/rest.d.ts +0 -3
package/dist/websocket/controllers/rest.js +1 -1
package/dist/websocket/types.d.ts +0 -6
package/package.json +70 -71

package/dist/websocket/controllers/logs.d.ts CHANGED Viewed

@@ -1,18 +1,17 @@
-/// <reference types="node" resolution-mode="require"/>
-/// <reference types="node/http.js" />
-/// <reference types="pino-http" />
 import type { Server as httpServer } from 'http';
+import { AuthMode } from '../messages.js';
 import SocketController from './base.js';
+import type { Accountability } from '@directus/types';
 export declare class LogsController extends SocketController {
     constructor(httpServer: httpServer);
     getEnvironmentConfig(configPrefix: string): {
         endpoint: string;
         maxConnections: number;
         authentication: {
-            mode: "strict" | "public" | "handshake";
+            mode: AuthMode;
             timeout: number;
-            requireAdmin: boolean;
         };
     };
     private bindEvents;
+    protected checkUserRequirements(accountability: Accountability | null): void;
 }

package/dist/websocket/controllers/logs.js CHANGED Viewed

@@ -1,7 +1,7 @@
 import { useEnv } from '@directus/env';
 import emitter from '../../emitter.js';
 import { useLogger } from '../../logger/index.js';
-import { handleWebSocketError } from '../errors.js';
+import { handleWebSocketError, WebSocketError } from '../errors.js';
 import { AuthMode, WebSocketMessage } from '../messages.js';
 import SocketController from './base.js';
 const logger = useLogger();
@@ -21,11 +21,9 @@ export class LogsController extends SocketController {
         return {
             endpoint,
             maxConnections,
-            // require strict auth
             authentication: {
                 mode: 'strict',
                 timeout: 0,
-                requireAdmin: true,
             },
         };
     }
@@ -47,4 +45,10 @@ export class LogsController extends SocketController {
         });
         emitter.emitAction('websocket.connect', { client });
     }
+    checkUserRequirements(accountability) {
+        // enforce admin only access for the logs streaming websocket
+        if (!accountability?.admin) {
+            throw new WebSocketError('auth', 'AUTH_FAILED', 'Unauthorized access.');
+        }
+    }
 }

package/dist/websocket/controllers/rest.d.ts CHANGED Viewed

@@ -1,6 +1,3 @@
-/// <reference types="node" resolution-mode="require"/>
-/// <reference types="node/http.js" />
-/// <reference types="pino-http" />
 import type { Server as httpServer } from 'http';
 import { WebSocketMessage } from '../messages.js';
 import SocketController from './base.js';

package/dist/websocket/controllers/rest.js CHANGED Viewed

@@ -40,7 +40,7 @@ export class WebSocketController extends SocketController {
         try {
             message = parseJSON(data);
         }
-        catch (err) {
+        catch {
             throw new WebSocketError('server', 'INVALID_PAYLOAD', 'Unable to parse the incoming message.');
         }
         return message;

package/dist/websocket/types.d.ts CHANGED Viewed

@@ -1,8 +1,3 @@
-/// <reference types="node" resolution-mode="require"/>
-/// <reference types="node" resolution-mode="require"/>
-/// <reference types="node" resolution-mode="require"/>
-/// <reference types="node/http.js" />
-/// <reference types="pino-http" />
 import type { Accountability, Query } from '@directus/types';
 import type { IncomingMessage } from 'http';
 import type internal from 'stream';
@@ -21,7 +16,6 @@ export type UpgradeRequest = IncomingMessage & AuthenticationState;
 export type WebSocketAuthentication = {
     mode: AuthMode;
     timeout: number;
-    requireAdmin: boolean;
 };
 export type SubscriptionEvent = 'create' | 'update' | 'delete';
 export type Subscription = {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@directus/api",
-  "version": "22.2.0",
+  "version": "23.1.0",
   "description": "Directus is a real-time API and App dashboard for managing SQL database content",
   "keywords": [
     "directus",
@@ -59,30 +59,30 @@
   ],
   "dependencies": {
     "@authenio/samlify-node-xmllint": "2.0.0",
-    "@aws-sdk/client-ses": "3.637.0",
+    "@aws-sdk/client-ses": "3.668.0",
     "@godaddy/terminus": "4.12.1",
-    "@rollup/plugin-alias": "5.1.0",
-    "@rollup/plugin-node-resolve": "15.2.3",
+    "@rollup/plugin-alias": "5.1.1",
+    "@rollup/plugin-node-resolve": "15.3.0",
     "@rollup/plugin-virtual": "3.0.2",
-    "@tus/file-store": "1.3.3",
-    "@tus/server": "1.6.0",
-    "@tus/utils": "0.2.0",
+    "@tus/file-store": "1.5.0",
+    "@tus/server": "1.9.0",
+    "@tus/utils": "0.4.0",
     "@types/cookie": "0.6.0",
-    "argon2": "0.40.3",
-    "async": "3.2.5",
-    "axios": "1.7.3",
+    "argon2": "0.41.1",
+    "async": "3.2.6",
+    "axios": "1.7.7",
     "busboy": "1.6.0",
     "bytes": "3.1.2",
     "camelcase": "8.0.0",
     "chalk": "5.3.0",
     "chokidar": "3.6.0",
-    "commander": "12.0.0",
+    "commander": "12.1.0",
     "content-disposition": "0.5.4",
-    "cookie": "0.6.0",
-    "cookie-parser": "1.4.6",
+    "cookie": "0.7.2",
+    "cookie-parser": "1.4.7",
     "cors": "2.8.5",
     "cron-parser": "4.9.0",
-    "date-fns": "3.6.0",
+    "date-fns": "4.1.0",
     "deep-diff": "1.0.2",
     "destroy": "1.2.0",
     "dotenv": "16.4.5",
@@ -90,30 +90,30 @@
     "eventemitter2": "6.4.9",
     "execa": "8.0.1",
     "exif-reader": "2.0.1",
-    "express": "4.19.2",
+    "express": "4.20.0",
     "flat": "6.0.1",
     "fs-extra": "11.2.0",
     "glob-to-regexp": "0.4.1",
     "graphql": "16.9.0",
     "graphql-compose": "9.0.11",
     "graphql-ws": "5.16.0",
-    "helmet": "7.1.0",
+    "helmet": "8.0.0",
     "icc": "3.0.0",
-    "inquirer": "9.3.6",
+    "inquirer": "12.0.0",
     "ioredis": "5.4.1",
     "ip-matching": "2.1.2",
-    "isolated-vm": "4.7.2",
+    "isolated-vm": "5.0.1",
     "joi": "17.13.3",
     "js-yaml": "4.1.0",
     "js2xmlparser": "5.0.0",
     "json2csv": "5.0.7",
     "jsonwebtoken": "9.0.2",
-    "keyv": "4.5.4",
+    "keyv": "5.1.0",
     "knex": "3.1.0",
     "ldapjs": "2.3.3",
-    "liquidjs": "10.15.0",
+    "liquidjs": "10.17.0",
     "lodash-es": "4.17.21",
-    "marked": "12.0.2",
+    "marked": "14.1.2",
     "micromustache": "8.0.3",
     "mime-types": "2.1.35",
     "minimatch": "9.0.5",
@@ -122,56 +122,56 @@
     "nanoid": "5.0.7",
     "node-machine-id": "1.1.12",
     "node-schedule": "2.1.1",
-    "nodemailer": "6.9.14",
+    "nodemailer": "6.9.15",
     "object-hash": "3.0.0",
-    "openapi3-ts": "4.3.3",
-    "openid-client": "5.6.5",
-    "ora": "8.0.1",
+    "openapi3-ts": "4.4.0",
+    "openid-client": "5.7.0",
+    "ora": "8.1.0",
     "otplib": "12.0.1",
-    "p-limit": "5.0.0",
+    "p-limit": "6.1.0",
     "p-queue": "8.0.1",
     "papaparse": "5.4.1",
-    "pino": "9.2.0",
-    "pino-http": "9.0.0",
+    "pino": "9.4.0",
+    "pino-http": "10.3.0",
     "pino-http-print": "3.1.0",
-    "pino-pretty": "11.2.1",
+    "pino-pretty": "11.2.2",
     "qs": "6.13.0",
     "rate-limiter-flexible": "5.0.3",
     "rollup": "4.17.2",
     "samlify": "2.8.10",
-    "sanitize-html": "2.13.0",
+    "sanitize-html": "2.13.1",
     "sharp": "0.33.5",
     "snappy": "7.2.2",
     "stream-json": "1.8.0",
     "tar": "7.4.3",
-    "tsx": "4.17.0",
+    "tsx": "4.19.1",
     "wellknown": "0.5.0",
     "ws": "8.18.0",
     "zod": "3.23.8",
-    "zod-validation-error": "3.3.1",
+    "zod-validation-error": "3.4.0",
     "@directus/constants": "12.0.0",
-    "@directus/env": "3.1.0",
-    "@directus/app": "13.2.0",
-    "@directus/errors": "1.0.0",
-    "@directus/extensions": "2.0.1",
-    "@directus/extensions-registry": "2.0.1",
-    "@directus/memory": "2.0.1",
-    "@directus/extensions-sdk": "12.0.2",
+    "@directus/errors": "1.0.1",
+    "@directus/app": "13.3.0",
+    "@directus/env": "3.1.2",
+    "@directus/extensions-registry": "2.0.3",
+    "@directus/extensions-sdk": "12.1.1",
+    "@directus/extensions": "2.0.3",
     "@directus/format-title": "11.0.0",
-    "@directus/pressure": "2.0.0",
-    "@directus/schema": "12.1.0",
-    "@directus/storage": "11.0.0",
-    "@directus/specs": "11.0.1",
-    "@directus/storage-driver-azure": "11.0.0",
-    "@directus/storage-driver-cloudinary": "11.0.1",
-    "@directus/storage-driver-gcs": "11.0.0",
-    "@directus/storage-driver-local": "11.0.0",
-    "@directus/storage-driver-s3": "11.0.0",
-    "@directus/system-data": "2.0.0",
-    "@directus/storage-driver-supabase": "2.0.0",
-    "@directus/validation": "1.0.0",
-    "@directus/utils": "12.0.0",
-    "directus": "11.1.0"
+    "@directus/memory": "2.0.3",
+    "@directus/pressure": "2.0.2",
+    "@directus/specs": "11.1.0",
+    "@directus/schema": "12.1.1",
+    "@directus/storage": "11.0.1",
+    "@directus/storage-driver-azure": "11.0.2",
+    "@directus/storage-driver-cloudinary": "11.0.3",
+    "@directus/storage-driver-gcs": "11.0.2",
+    "@directus/storage-driver-local": "11.0.1",
+    "@directus/storage-driver-s3": "11.0.2",
+    "@directus/storage-driver-supabase": "2.0.2",
+    "@directus/system-data": "2.1.0",
+    "@directus/utils": "12.0.2",
+    "directus": "11.1.2",
+    "@directus/validation": "1.0.2"
   },
   "devDependencies": {
     "@ngneat/falso": "7.2.0",
@@ -185,47 +185,46 @@
     "@types/destroy": "1.0.3",
     "@types/encodeurl": "1.0.2",
     "@types/express": "4.17.21",
-    "@types/express-serve-static-core": "4.19.5",
+    "@types/express-serve-static-core": "4.19.6",
     "@types/fs-extra": "11.0.4",
     "@types/glob-to-regexp": "0.4.4",
     "@types/inquirer": "9.0.7",
     "@types/js-yaml": "4.0.9",
     "@types/json2csv": "5.0.7",
-    "@types/jsonwebtoken": "9.0.6",
+    "@types/jsonwebtoken": "9.0.7",
     "@types/ldapjs": "2.2.5",
     "@types/lodash-es": "4.17.12",
     "@types/mime-types": "2.1.4",
     "@types/ms": "0.7.34",
-    "@types/node": "18.19.45",
+    "@types/node": "18.19.55",
     "@types/node-schedule": "2.1.7",
-    "@types/nodemailer": "6.4.15",
+    "@types/nodemailer": "6.4.16",
     "@types/object-hash": "3.0.6",
     "@types/papaparse": "5.3.14",
-    "@types/qs": "6.9.15",
-    "@types/sanitize-html": "2.11.0",
+    "@types/qs": "6.9.16",
+    "@types/sanitize-html": "2.13.0",
     "@types/stream-json": "1.7.7",
     "@types/wellknown": "0.5.8",
     "@types/ws": "8.5.12",
-    "@vitest/coverage-v8": "1.5.3",
+    "@vitest/coverage-v8": "2.1.2",
     "copyfiles": "2.4.1",
-    "form-data": "4.0.0",
+    "form-data": "4.0.1",
     "get-port": "7.1.0",
-    "knex-mock-client": "2.0.1",
-    "typescript": "5.4.5",
-    "vitest": "1.5.3",
+    "knex-mock-client": "3.0.2",
+    "typescript": "5.6.3",
+    "vitest": "2.1.2",
     "@directus/random": "1.0.0",
-    "@directus/tsconfig": "2.0.0",
-    "@directus/types": "12.0.1"
+    "@directus/types": "12.2.0",
+    "@directus/tsconfig": "2.0.0"
   },
   "optionalDependencies": {
-    "@keyv/redis": "2.8.5",
-    "mysql2": "3.11.0",
+    "@keyv/redis": "3.0.1",
+    "mysql2": "3.11.3",
     "nodemailer-mailgun-transport": "2.1.5",
-    "nodemailer-sendgrid": "1.0.3",
     "oracledb": "6.6.0",
-    "pg": "8.12.0",
+    "pg": "8.13.0",
     "sqlite3": "5.1.7",
-    "tedious": "18.2.0"
+    "tedious": "18.6.1"
   },
   "engines": {
     "node": ">=18.17.0"