@directus/api 23.0.0 → 23.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (72) hide show
  1. package/dist/app.js +2 -0
  2. package/dist/controllers/activity.js +30 -27
  3. package/dist/controllers/assets.js +1 -1
  4. package/dist/controllers/comments.d.ts +2 -0
  5. package/dist/controllers/comments.js +153 -0
  6. package/dist/controllers/permissions.js +1 -1
  7. package/dist/controllers/users.js +4 -8
  8. package/dist/controllers/versions.js +10 -5
  9. package/dist/database/helpers/schema/dialects/cockroachdb.d.ts +1 -1
  10. package/dist/database/helpers/schema/dialects/cockroachdb.js +2 -2
  11. package/dist/database/helpers/schema/dialects/mssql.d.ts +1 -1
  12. package/dist/database/helpers/schema/dialects/mssql.js +1 -1
  13. package/dist/database/helpers/schema/dialects/mysql.d.ts +1 -1
  14. package/dist/database/helpers/schema/dialects/mysql.js +2 -2
  15. package/dist/database/helpers/schema/dialects/oracle.d.ts +1 -1
  16. package/dist/database/helpers/schema/dialects/oracle.js +1 -1
  17. package/dist/database/helpers/schema/dialects/postgres.d.ts +1 -1
  18. package/dist/database/helpers/schema/dialects/postgres.js +3 -3
  19. package/dist/database/helpers/schema/types.d.ts +1 -1
  20. package/dist/database/helpers/schema/types.js +1 -1
  21. package/dist/database/index.js +3 -0
  22. package/dist/database/migrations/20240806A-permissions-policies.d.ts +0 -3
  23. package/dist/database/migrations/20240806A-permissions-policies.js +8 -94
  24. package/dist/database/migrations/20240909A-separate-comments.d.ts +3 -0
  25. package/dist/database/migrations/20240909A-separate-comments.js +65 -0
  26. package/dist/database/migrations/20240909B-consolidate-content-versioning.d.ts +3 -0
  27. package/dist/database/migrations/20240909B-consolidate-content-versioning.js +10 -0
  28. package/dist/database/run-ast/lib/get-db-query.d.ts +12 -2
  29. package/dist/database/run-ast/lib/get-db-query.js +3 -3
  30. package/dist/database/run-ast/modules/fetch-permitted-ast-root-fields.d.ts +15 -0
  31. package/dist/database/run-ast/modules/fetch-permitted-ast-root-fields.js +29 -0
  32. package/dist/database/run-ast/run-ast.js +8 -1
  33. package/dist/database/run-ast/utils/apply-case-when.js +1 -1
  34. package/dist/database/run-ast/utils/get-column-pre-processor.d.ts +1 -1
  35. package/dist/database/run-ast/utils/get-column-pre-processor.js +10 -2
  36. package/dist/permissions/lib/fetch-permissions.d.ts +1 -1
  37. package/dist/permissions/lib/fetch-permissions.js +4 -1
  38. package/dist/permissions/modules/validate-access/lib/validate-item-access.d.ts +2 -1
  39. package/dist/permissions/modules/validate-access/lib/validate-item-access.js +18 -13
  40. package/dist/permissions/modules/validate-access/validate-access.d.ts +1 -0
  41. package/dist/permissions/modules/validate-access/validate-access.js +14 -1
  42. package/dist/permissions/utils/fetch-share-info.d.ts +12 -0
  43. package/dist/permissions/utils/fetch-share-info.js +9 -0
  44. package/dist/permissions/utils/get-permissions-for-share.d.ts +4 -0
  45. package/dist/permissions/utils/get-permissions-for-share.js +182 -0
  46. package/dist/permissions/utils/merge-permissions.d.ts +9 -0
  47. package/dist/permissions/utils/merge-permissions.js +118 -0
  48. package/dist/services/activity.d.ts +1 -7
  49. package/dist/services/activity.js +0 -103
  50. package/dist/services/assets.js +5 -4
  51. package/dist/services/authentication.js +1 -10
  52. package/dist/services/collections.js +6 -4
  53. package/dist/services/comments.d.ts +31 -0
  54. package/dist/services/comments.js +378 -0
  55. package/dist/services/graphql/index.js +17 -16
  56. package/dist/services/index.d.ts +1 -0
  57. package/dist/services/index.js +1 -0
  58. package/dist/services/items.js +3 -1
  59. package/dist/services/mail/index.d.ts +2 -1
  60. package/dist/services/mail/index.js +4 -1
  61. package/dist/services/payload.js +15 -14
  62. package/dist/services/shares.d.ts +2 -0
  63. package/dist/services/shares.js +11 -9
  64. package/dist/services/users.js +1 -0
  65. package/dist/services/versions.js +59 -44
  66. package/dist/types/auth.d.ts +0 -7
  67. package/dist/utils/apply-diff.js +5 -6
  68. package/dist/utils/get-accountability-for-token.js +0 -2
  69. package/dist/utils/get-service.js +3 -1
  70. package/dist/utils/sanitize-schema.d.ts +1 -1
  71. package/dist/utils/sanitize-schema.js +2 -0
  72. package/package.json +52 -52
package/dist/services/shares.js CHANGED
@@ -2,6 +2,7 @@ import { useEnv } from '@directus/env';
2
2
  import { ForbiddenError, InvalidCredentialsError } from '@directus/errors';
3
3
  import argon2 from 'argon2';
4
4
  import jwt from 'jsonwebtoken';
5
+ import { nanoid } from 'nanoid';
5
6
  import { useLogger } from '../logger/index.js';
6
7
  import { validateAccess } from '../permissions/modules/validate-access/validate-access.js';
7
8
  import { getMilliseconds } from '../utils/get-milliseconds.js';
@@ -12,6 +13,7 @@ import { userName } from '../utils/user-name.js';
12
13
  import { ItemsService } from './items.js';
13
14
  import { MailService } from './mail/index.js';
14
15
  import { UsersService } from './users.js';
16
+ import { clearCache as clearPermissionsCache } from '../permissions/cache.js';
15
17
  const env = useEnv();
16
18
  const logger = useLogger();
17
19
  export class SharesService extends ItemsService {
@@ -32,14 +34,18 @@ export class SharesService extends ItemsService {
32
34
  }
33
35
  return super.createOne(data, opts);
34
36
  }
37
+ async updateMany(keys, data, opts) {
38
+ await clearPermissionsCache();
39
+ return super.updateMany(keys, data, opts);
40
+ }
41
+ async deleteMany(keys, opts) {
42
+ await clearPermissionsCache();
43
+ return super.deleteMany(keys, opts);
44
+ }
35
45
  async login(payload, options) {
36
- const { nanoid } = await import('nanoid');
37
46
  const record = await this.knex
38
47
  .select({
39
48
  share_id: 'id',
40
- share_role: 'role',
41
- share_item: 'item',
42
- share_collection: 'collection',
43
49
  share_start: 'date_start',
44
50
  share_end: 'date_end',
45
51
  share_times_used: 'times_used',
@@ -70,12 +76,8 @@ export class SharesService extends ItemsService {
70
76
  const tokenPayload = {
71
77
  app_access: false,
72
78
  admin_access: false,
73
- role: record.share_role,
79
+ role: null,
74
80
  share: record.share_id,
75
- share_scope: {
76
- item: record.share_item,
77
- collection: record.share_collection,
78
- },
79
81
  };
80
82
  const refreshToken = nanoid(64);
81
83
  const refreshTokenExpiration = new Date(Date.now() + getMilliseconds(env['REFRESH_TOKEN_TTL'], 0));
package/dist/services/users.js CHANGED
@@ -260,6 +260,7 @@ export class UsersService extends ItemsService {
260
260
  }
261
261
  }
262
262
  // Manual constraint, see https://github.com/directus/directus/pull/19912
263
+ await this.knex('directus_comments').update({ user_updated: null }).whereIn('user_updated', keys);
263
264
  await this.knex('directus_notifications').update({ sender: null }).whereIn('sender', keys);
264
265
  await this.knex('directus_versions').update({ user_updated: null }).whereIn('user_updated', keys);
265
266
  await super.deleteMany(keys, opts);
package/dist/services/versions.js CHANGED
@@ -1,10 +1,9 @@
1
1
  import { Action } from '@directus/constants';
2
- import { InvalidPayloadError, UnprocessableContentError } from '@directus/errors';
2
+ import { ForbiddenError, InvalidPayloadError, UnprocessableContentError } from '@directus/errors';
3
3
  import Joi from 'joi';
4
4
  import { assign, pick } from 'lodash-es';
5
5
  import objectHash from 'object-hash';
6
6
  import { getCache } from '../cache.js';
7
- import getDatabase from '../database/index.js';
8
7
  import emitter from '../emitter.js';
9
8
  import { validateAccess } from '../permissions/modules/validate-access/validate-access.js';
10
9
  import { shouldClearCache } from '../utils/should-clear-cache.js';
@@ -17,19 +16,36 @@ export class VersionsService extends ItemsService {
17
16
  super('directus_versions', options);
18
17
  }
19
18
  async validateCreateData(data) {
20
- if (!data['key'])
21
- throw new InvalidPayloadError({ reason: `"key" is required` });
19
+ const versionCreateSchema = Joi.object({
20
+ key: Joi.string().required(),
21
+ name: Joi.string().allow(null),
22
+ collection: Joi.string().required(),
23
+ item: Joi.string().required(),
24
+ });
25
+ const { error } = versionCreateSchema.validate(data);
26
+ if (error)
27
+ throw new InvalidPayloadError({ reason: error.message });
22
28
  // Reserves the "main" version key for the version query parameter
23
29
  if (data['key'] === 'main')
24
30
  throw new InvalidPayloadError({ reason: `"main" is a reserved version key` });
25
- if (!data['collection']) {
26
- throw new InvalidPayloadError({ reason: `"collection" is required` });
31
+ if (this.accountability) {
32
+ try {
33
+ await validateAccess({
34
+ accountability: this.accountability,
35
+ action: 'read',
36
+ collection: data['collection'],
37
+ primaryKeys: [data['item']],
38
+ }, {
39
+ schema: this.schema,
40
+ knex: this.knex,
41
+ });
42
+ }
43
+ catch {
44
+ throw new ForbiddenError();
45
+ }
27
46
  }
28
- if (!data['item'])
29
- throw new InvalidPayloadError({ reason: `"item" is required` });
30
47
  const { CollectionsService } = await import('./collections.js');
31
48
  const collectionsService = new CollectionsService({
32
- accountability: null,
33
49
  knex: this.knex,
34
50
  schema: this.schema,
35
51
  });
@@ -39,7 +55,11 @@ export class VersionsService extends ItemsService {
39
55
  reason: `Content Versioning is not enabled for collection "${data['collection']}"`,
40
56
  });
41
57
  }
42
- const existingVersions = await super.readByQuery({
58
+ const sudoService = new VersionsService({
59
+ knex: this.knex,
60
+ schema: this.schema,
61
+ });
62
+ const existingVersions = await sudoService.readByQuery({
43
63
  aggregate: { count: ['*'] },
44
64
  filter: { key: { _eq: data['key'] }, collection: { _eq: data['collection'] }, item: { _eq: data['item'] } },
45
65
  });
@@ -48,32 +68,8 @@ export class VersionsService extends ItemsService {
48
68
  reason: `Version "${data['key']}" already exists for item "${data['item']}" in collection "${data['collection']}"`,
49
69
  });
50
70
  }
51
- // will throw an error if the accountability does not have permission to read the item
52
- if (this.accountability) {
53
- await validateAccess({
54
- accountability: this.accountability,
55
- action: 'read',
56
- collection: data['collection'],
57
- primaryKeys: [data['item']],
58
- }, {
59
- schema: this.schema,
60
- knex: this.knex,
61
- });
62
- }
63
71
  }
64
72
  async getMainItem(collection, item, query) {
65
- // will throw an error if the accountability does not have permission to read the item
66
- if (this.accountability) {
67
- await validateAccess({
68
- accountability: this.accountability,
69
- action: 'read',
70
- collection,
71
- primaryKeys: [item],
72
- }, {
73
- schema: this.schema,
74
- knex: this.knex,
75
- });
76
- }
77
73
  const itemsService = new ItemsService(collection, {
78
74
  knex: this.knex,
79
75
  accountability: this.accountability,
@@ -96,6 +92,7 @@ export class VersionsService extends ItemsService {
96
92
  });
97
93
  return result.map((revision) => revision['delta']);
98
94
  }
95
+ // TODO: Remove legacy need to return a version array in subsequent release
99
96
  async getVersionSaves(key, collection, item) {
100
97
  const filter = {
101
98
  key: { _eq: key },
@@ -107,6 +104,9 @@ export class VersionsService extends ItemsService {
107
104
  const versions = await this.readByQuery({ filter });
108
105
  if (!versions?.[0])
109
106
  return null;
107
+ if (versions[0]['delta']) {
108
+ return [versions[0]['delta']];
109
+ }
110
110
  const saves = await this.getVersionSavesById(versions[0]['id']);
111
111
  return saves;
112
112
  }
@@ -122,7 +122,6 @@ export class VersionsService extends ItemsService {
122
122
  }
123
123
  const keyCombos = new Set();
124
124
  for (const item of data) {
125
- await this.validateCreateData(item);
126
125
  const keyCombo = `${item['key']}-${item['collection']}-${item['item']}`;
127
126
  if (keyCombos.has(keyCombo)) {
128
127
  throw new UnprocessableContentError({
@@ -130,8 +129,6 @@ export class VersionsService extends ItemsService {
130
129
  });
131
130
  }
132
131
  keyCombos.add(keyCombo);
133
- const mainItem = await this.getMainItem(item['collection'], item['item']);
134
- item['hash'] = objectHash(mainItem);
135
132
  }
136
133
  return super.createMany(data, opts);
137
134
  }
@@ -139,7 +136,7 @@ export class VersionsService extends ItemsService {
139
136
  // Only allow updates on "key" and "name" fields
140
137
  const versionUpdateSchema = Joi.object({
141
138
  key: Joi.string(),
142
- name: Joi.string().allow(null).optional(),
139
+ name: Joi.string().allow(null),
143
140
  });
144
141
  const { error } = versionUpdateSchema.validate(data);
145
142
  if (error)
@@ -205,14 +202,25 @@ export class VersionsService extends ItemsService {
205
202
  data: revisionDelta,
206
203
  delta: revisionDelta,
207
204
  });
205
+ let existingDelta = version['delta'];
206
+ if (!existingDelta) {
207
+ const saves = await this.getVersionSavesById(key);
208
+ existingDelta = assign({}, ...saves);
209
+ }
210
+ const finalVersionDelta = assign({}, existingDelta, revisionDelta ? JSON.parse(revisionDelta) : null);
211
+ const sudoService = new ItemsService(this.collection, {
212
+ knex: this.knex,
213
+ schema: this.schema,
214
+ });
215
+ await sudoService.updateOne(key, { delta: finalVersionDelta });
208
216
  const { cache } = getCache();
209
217
  if (shouldClearCache(cache, undefined, collection)) {
210
218
  cache.clear();
211
219
  }
212
- return data;
220
+ return finalVersionDelta;
213
221
  }
214
222
  async promote(version, mainHash, fields) {
215
- const { id, collection, item } = (await this.readOne(version));
223
+ const { id, collection, item, delta } = (await this.readOne(version));
216
224
  // will throw an error if the accountability does not have permission to update the item
217
225
  if (this.accountability) {
218
226
  await validateAccess({
@@ -231,11 +239,18 @@ export class VersionsService extends ItemsService {
231
239
  reason: `Main item has changed since this version was last updated`,
232
240
  });
233
241
  }
234
- const saves = await this.getVersionSavesById(id);
235
- const versionResult = assign({}, ...saves);
242
+ let versionResult;
243
+ if (delta) {
244
+ versionResult = delta;
245
+ }
246
+ else {
247
+ const saves = await this.getVersionSavesById(id);
248
+ versionResult = assign({}, ...saves);
249
+ }
236
250
  const payloadToUpdate = fields ? pick(versionResult, fields) : versionResult;
237
251
  const itemsService = new ItemsService(collection, {
238
252
  accountability: this.accountability,
253
+ knex: this.knex,
239
254
  schema: this.schema,
240
255
  });
241
256
  const payloadAfterHooks = await emitter.emitFilter(['items.promote', `${collection}.items.promote`], payloadToUpdate, {
@@ -243,7 +258,7 @@ export class VersionsService extends ItemsService {
243
258
  item,
244
259
  version,
245
260
  }, {
246
- database: getDatabase(),
261
+ database: this.knex,
247
262
  schema: this.schema,
248
263
  accountability: this.accountability,
249
264
  });
@@ -254,7 +269,7 @@ export class VersionsService extends ItemsService {
254
269
  item: updatedItemKey,
255
270
  version,
256
271
  }, {
257
- database: getDatabase(),
272
+ database: this.knex,
258
273
  schema: this.schema,
259
274
  accountability: this.accountability,
260
275
  });
package/dist/types/auth.d.ts CHANGED
@@ -31,16 +31,9 @@ export type DirectusTokenPayload = {
31
31
  app_access: boolean | number;
32
32
  admin_access: boolean | number;
33
33
  share?: string;
34
- share_scope?: {
35
- collection: string;
36
- item: string;
37
- };
38
34
  };
39
35
  export type ShareData = {
40
36
  share_id: string;
41
- share_role: string;
42
- share_item: string;
43
- share_collection: string;
44
37
  share_start: Date;
45
38
  share_end: Date;
46
39
  share_times_used: number;
package/dist/utils/apply-diff.js CHANGED
@@ -26,7 +26,6 @@ export async function applyDiff(currentSnapshot, snapshotDiff, options) {
26
26
  await transaction(database, async (trx) => {
27
27
  const collectionsService = new CollectionsService({ knex: trx, schema });
28
28
  const getNestedCollectionsToCreate = (currentLevelCollection) => snapshotDiff.collections.filter(({ diff }) => diff[0].rhs?.meta?.group === currentLevelCollection);
29
- const getNestedCollectionsToDelete = (currentLevelCollection) => snapshotDiff.collections.filter(({ diff }) => diff[0].lhs?.meta?.group === currentLevelCollection);
30
29
  const createCollections = async (collections) => {
31
30
  for (const { collection, diff } of collections) {
32
31
  if (diff?.[0]?.kind === DiffKind.NEW && diff[0].rhs) {
@@ -82,7 +81,6 @@ export async function applyDiff(currentSnapshot, snapshotDiff, options) {
82
81
  // clean up deleted relations from existing schema
83
82
  schema.relations = schema.relations.filter((r) => r.related_collection !== collection && r.collection !== collection);
84
83
  }
85
- await deleteCollections(getNestedCollectionsToDelete(collection));
86
84
  try {
87
85
  await collectionsService.deleteOne(collection, mutationOptions);
88
86
  }
@@ -122,13 +120,14 @@ export async function applyDiff(currentSnapshot, snapshotDiff, options) {
122
120
  // Create top level collections (no group, or highest level in existing group) first,
123
121
  // then continue with nested collections recursively
124
122
  await createCollections(snapshotDiff.collections.filter(filterCollectionsForCreation));
125
- // delete top level collections (no group) first, then continue with nested collections recursively
126
- await deleteCollections(snapshotDiff.collections.filter(({ diff }) => {
123
+ const collectionsToDelete = snapshotDiff.collections.filter(({ diff }) => {
127
124
  if (diff.length === 0 || diff[0] === undefined)
128
125
  return false;
129
126
  const collectionDiff = diff[0];
130
- return collectionDiff.kind === DiffKind.DELETE && collectionDiff.lhs?.meta?.group === null;
131
- }));
127
+ return collectionDiff.kind === DiffKind.DELETE;
128
+ });
129
+ if (collectionsToDelete.length > 0)
130
+ await deleteCollections(collectionsToDelete);
132
131
  for (const { collection, diff } of snapshotDiff.collections) {
133
132
  if (diff?.[0]?.kind === DiffKind.EDIT || diff?.[0]?.kind === DiffKind.ARRAY) {
134
133
  const currentCollection = currentSnapshot.collections.find((field) => {
package/dist/utils/get-accountability-for-token.js CHANGED
@@ -21,8 +21,6 @@ export async function getAccountabilityForToken(token, accountability) {
21
21
  }
22
22
  if (payload.share)
23
23
  accountability.share = payload.share;
24
- if (payload.share_scope)
25
- accountability.share_scope = payload.share_scope;
26
24
  if (payload.id)
27
25
  accountability.user = payload.id;
28
26
  accountability.role = payload.role;
package/dist/utils/get-service.js CHANGED
@@ -1,5 +1,5 @@
1
1
  import { ForbiddenError } from '@directus/errors';
2
- import { AccessService, ActivityService, DashboardsService, FilesService, FlowsService, FoldersService, ItemsService, NotificationsService, OperationsService, PanelsService, PermissionsService, PoliciesService, PresetsService, RevisionsService, RolesService, SettingsService, SharesService, TranslationsService, UsersService, VersionsService, WebhooksService, } from '../services/index.js';
2
+ import { AccessService, ActivityService, CommentsService, DashboardsService, FilesService, FlowsService, FoldersService, ItemsService, NotificationsService, OperationsService, PanelsService, PermissionsService, PoliciesService, PresetsService, RevisionsService, RolesService, SettingsService, SharesService, TranslationsService, UsersService, VersionsService, WebhooksService, } from '../services/index.js';
3
3
  /**
4
4
  * Select the correct service for the given collection. This allows the individual services to run
5
5
  * their custom checks (f.e. it allows `UsersService` to prevent updating TFA secret from outside).
@@ -10,6 +10,8 @@ export function getService(collection, opts) {
10
10
  return new AccessService(opts);
11
11
  case 'directus_activity':
12
12
  return new ActivityService(opts);
13
+ case 'directus_comments':
14
+ return new CommentsService({ ...opts, serviceOrigin: 'comments' });
13
15
  case 'directus_dashboards':
14
16
  return new DashboardsService(opts);
15
17
  case 'directus_files':
package/dist/utils/sanitize-schema.d.ts CHANGED
@@ -16,7 +16,7 @@ export declare function sanitizeCollection(collection: Collection | undefined):
16
16
  * @returns sanitized field
17
17
  */
18
18
  export declare function sanitizeField(field: Field | undefined, sanitizeAllSchema?: boolean): Partial<Field> | undefined;
19
- export declare function sanitizeColumn(column: Column): Pick<Column, "table" | "name" | "numeric_precision" | "data_type" | "default_value" | "max_length" | "numeric_scale" | "is_nullable" | "is_unique" | "is_primary_key" | "is_generated" | "generation_expression" | "has_auto_increment" | "foreign_key_table" | "foreign_key_column">;
19
+ export declare function sanitizeColumn(column: Column): Pick<Column, "table" | "name" | "numeric_precision" | "data_type" | "default_value" | "max_length" | "numeric_scale" | "is_nullable" | "is_unique" | "is_indexed" | "is_primary_key" | "is_generated" | "generation_expression" | "has_auto_increment" | "foreign_key_table" | "foreign_key_column">;
20
20
  /**
21
21
  * Pick certain database vendor specific relation properties that should be compared when performing diff
22
22
  *
package/dist/utils/sanitize-schema.js CHANGED
@@ -34,6 +34,7 @@ export function sanitizeField(field, sanitizeAllSchema = false) {
34
34
  'schema.numeric_scale',
35
35
  'schema.is_nullable',
36
36
  'schema.is_unique',
37
+ 'schema.is_indexed',
37
38
  'schema.is_primary_key',
38
39
  'schema.is_generated',
39
40
  'schema.generation_expression',
@@ -54,6 +55,7 @@ export function sanitizeColumn(column) {
54
55
  'numeric_scale',
55
56
  'is_nullable',
56
57
  'is_unique',
58
+ 'is_indexed',
57
59
  'is_primary_key',
58
60
  'is_generated',
59
61
  'generation_expression',
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@directus/api",
3
- "version": "23.0.0",
3
+ "version": "23.1.1",
4
4
  "description": "Directus is a real-time API and App dashboard for managing SQL database content",
5
5
  "keywords": [
6
6
  "directus",
@@ -59,27 +59,27 @@
59
59
  ],
60
60
  "dependencies": {
61
61
  "@authenio/samlify-node-xmllint": "2.0.0",
62
- "@aws-sdk/client-ses": "3.637.0",
62
+ "@aws-sdk/client-ses": "3.668.0",
63
63
  "@godaddy/terminus": "4.12.1",
64
- "@rollup/plugin-alias": "5.1.0",
65
- "@rollup/plugin-node-resolve": "15.2.3",
64
+ "@rollup/plugin-alias": "5.1.1",
65
+ "@rollup/plugin-node-resolve": "15.3.0",
66
66
  "@rollup/plugin-virtual": "3.0.2",
67
- "@tus/file-store": "1.3.3",
68
- "@tus/server": "1.6.0",
69
- "@tus/utils": "0.2.0",
67
+ "@tus/file-store": "1.5.0",
68
+ "@tus/server": "1.9.0",
69
+ "@tus/utils": "0.4.0",
70
70
  "@types/cookie": "0.6.0",
71
71
  "argon2": "0.41.1",
72
- "async": "3.2.5",
72
+ "async": "3.2.6",
73
73
  "axios": "1.7.7",
74
74
  "busboy": "1.6.0",
75
75
  "bytes": "3.1.2",
76
76
  "camelcase": "8.0.0",
77
77
  "chalk": "5.3.0",
78
78
  "chokidar": "3.6.0",
79
- "commander": "12.0.0",
79
+ "commander": "12.1.0",
80
80
  "content-disposition": "0.5.4",
81
- "cookie": "0.6.0",
82
- "cookie-parser": "1.4.6",
81
+ "cookie": "0.7.2",
82
+ "cookie-parser": "1.4.7",
83
83
  "cors": "2.8.5",
84
84
  "cron-parser": "4.9.0",
85
85
  "date-fns": "4.1.0",
@@ -90,16 +90,16 @@
90
90
  "eventemitter2": "6.4.9",
91
91
  "execa": "8.0.1",
92
92
  "exif-reader": "2.0.1",
93
- "express": "4.19.2",
93
+ "express": "4.20.0",
94
94
  "flat": "6.0.1",
95
95
  "fs-extra": "11.2.0",
96
96
  "glob-to-regexp": "0.4.1",
97
97
  "graphql": "16.9.0",
98
98
  "graphql-compose": "9.0.11",
99
99
  "graphql-ws": "5.16.0",
100
- "helmet": "7.1.0",
100
+ "helmet": "8.0.0",
101
101
  "icc": "3.0.0",
102
- "inquirer": "9.3.6",
102
+ "inquirer": "12.0.0",
103
103
  "ioredis": "5.4.1",
104
104
  "ip-matching": "2.1.2",
105
105
  "isolated-vm": "5.0.1",
@@ -111,7 +111,7 @@
111
111
  "keyv": "5.1.0",
112
112
  "knex": "3.1.0",
113
113
  "ldapjs": "2.3.3",
114
- "liquidjs": "10.15.0",
114
+ "liquidjs": "10.17.0",
115
115
  "lodash-es": "4.17.21",
116
116
  "marked": "14.1.2",
117
117
  "micromustache": "8.0.3",
@@ -122,11 +122,11 @@
122
122
  "nanoid": "5.0.7",
123
123
  "node-machine-id": "1.1.12",
124
124
  "node-schedule": "2.1.1",
125
- "nodemailer": "6.9.14",
125
+ "nodemailer": "6.9.15",
126
126
  "object-hash": "3.0.0",
127
127
  "openapi3-ts": "4.4.0",
128
- "openid-client": "5.6.5",
129
- "ora": "8.0.1",
128
+ "openid-client": "5.7.0",
129
+ "ora": "8.1.0",
130
130
  "otplib": "12.0.1",
131
131
  "p-limit": "6.1.0",
132
132
  "p-queue": "8.0.1",
@@ -139,39 +139,39 @@
139
139
  "rate-limiter-flexible": "5.0.3",
140
140
  "rollup": "4.17.2",
141
141
  "samlify": "2.8.10",
142
- "sanitize-html": "2.13.0",
142
+ "sanitize-html": "2.13.1",
143
143
  "sharp": "0.33.5",
144
144
  "snappy": "7.2.2",
145
145
  "stream-json": "1.8.0",
146
146
  "tar": "7.4.3",
147
- "tsx": "4.17.0",
147
+ "tsx": "4.19.1",
148
148
  "wellknown": "0.5.0",
149
149
  "ws": "8.18.0",
150
150
  "zod": "3.23.8",
151
151
  "zod-validation-error": "3.4.0",
152
- "@directus/app": "13.2.1",
153
- "@directus/env": "3.1.1",
154
- "@directus/errors": "1.0.0",
155
- "@directus/extensions": "2.0.2",
156
- "@directus/extensions-sdk": "12.1.0",
157
- "@directus/extensions-registry": "2.0.2",
152
+ "@directus/app": "13.3.1",
153
+ "@directus/constants": "12.0.0",
154
+ "@directus/env": "3.1.3",
155
+ "@directus/errors": "1.0.1",
156
+ "@directus/extensions": "2.0.4",
157
+ "@directus/extensions-registry": "2.0.4",
158
+ "@directus/extensions-sdk": "12.1.2",
158
159
  "@directus/format-title": "11.0.0",
159
- "@directus/memory": "2.0.2",
160
+ "@directus/pressure": "2.0.3",
161
+ "@directus/memory": "2.0.4",
160
162
  "@directus/schema": "12.1.1",
161
- "@directus/storage": "11.0.0",
162
- "@directus/pressure": "2.0.1",
163
- "@directus/storage-driver-azure": "11.0.1",
164
- "@directus/specs": "11.0.1",
165
- "@directus/constants": "12.0.0",
166
- "@directus/storage-driver-gcs": "11.0.1",
167
- "@directus/storage-driver-local": "11.0.0",
168
- "@directus/storage-driver-cloudinary": "11.0.2",
169
- "@directus/storage-driver-s3": "11.0.1",
170
- "@directus/storage-driver-supabase": "2.0.1",
171
- "@directus/system-data": "2.0.0",
172
- "@directus/validation": "1.0.1",
173
- "directus": "11.1.1",
174
- "@directus/utils": "12.0.1"
163
+ "@directus/specs": "11.1.0",
164
+ "@directus/storage-driver-azure": "11.1.0",
165
+ "@directus/storage-driver-cloudinary": "11.1.0",
166
+ "@directus/storage": "11.0.1",
167
+ "@directus/storage-driver-gcs": "11.1.0",
168
+ "@directus/storage-driver-local": "11.0.1",
169
+ "@directus/storage-driver-s3": "11.0.3",
170
+ "@directus/storage-driver-supabase": "2.1.0",
171
+ "@directus/utils": "12.0.3",
172
+ "@directus/system-data": "2.1.1",
173
+ "@directus/validation": "1.0.3",
174
+ "directus": "11.2.0"
175
175
  },
176
176
  "devDependencies": {
177
177
  "@ngneat/falso": "7.2.0",
@@ -185,44 +185,44 @@
185
185
  "@types/destroy": "1.0.3",
186
186
  "@types/encodeurl": "1.0.2",
187
187
  "@types/express": "4.17.21",
188
- "@types/express-serve-static-core": "4.19.5",
188
+ "@types/express-serve-static-core": "4.19.6",
189
189
  "@types/fs-extra": "11.0.4",
190
190
  "@types/glob-to-regexp": "0.4.4",
191
191
  "@types/inquirer": "9.0.7",
192
192
  "@types/js-yaml": "4.0.9",
193
193
  "@types/json2csv": "5.0.7",
194
- "@types/jsonwebtoken": "9.0.6",
194
+ "@types/jsonwebtoken": "9.0.7",
195
195
  "@types/ldapjs": "2.2.5",
196
196
  "@types/lodash-es": "4.17.12",
197
197
  "@types/mime-types": "2.1.4",
198
198
  "@types/ms": "0.7.34",
199
- "@types/node": "18.19.50",
199
+ "@types/node": "18.19.55",
200
200
  "@types/node-schedule": "2.1.7",
201
- "@types/nodemailer": "6.4.15",
201
+ "@types/nodemailer": "6.4.16",
202
202
  "@types/object-hash": "3.0.6",
203
203
  "@types/papaparse": "5.3.14",
204
- "@types/qs": "6.9.15",
204
+ "@types/qs": "6.9.16",
205
205
  "@types/sanitize-html": "2.13.0",
206
206
  "@types/stream-json": "1.7.7",
207
207
  "@types/wellknown": "0.5.8",
208
208
  "@types/ws": "8.5.12",
209
209
  "@vitest/coverage-v8": "2.1.2",
210
210
  "copyfiles": "2.4.1",
211
- "form-data": "4.0.0",
211
+ "form-data": "4.0.1",
212
212
  "get-port": "7.1.0",
213
213
  "knex-mock-client": "3.0.2",
214
- "typescript": "5.6.2",
214
+ "typescript": "5.6.3",
215
215
  "vitest": "2.1.2",
216
216
  "@directus/random": "1.0.0",
217
- "@directus/types": "12.1.0",
218
- "@directus/tsconfig": "2.0.0"
217
+ "@directus/tsconfig": "2.0.0",
218
+ "@directus/types": "12.2.1"
219
219
  },
220
220
  "optionalDependencies": {
221
221
  "@keyv/redis": "3.0.1",
222
- "mysql2": "3.11.2",
222
+ "mysql2": "3.11.3",
223
223
  "nodemailer-mailgun-transport": "2.1.5",
224
224
  "oracledb": "6.6.0",
225
- "pg": "8.12.0",
225
+ "pg": "8.13.0",
226
226
  "sqlite3": "5.1.7",
227
227
  "tedious": "18.6.1"
228
228
  },