npm - @saltcorn/server - Versions diffs - 1.1.1-rc.4 → 1.1.2-beta.0 - Mend

@saltcorn/server 1.1.1-rc.4 → 1.1.2-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,10 @@
 # Notable changes
-## 1.1.1 - In beta
+## 1.1.2 - In beta
+* Upgrade a large number of dependencies (express, typescript, oclif, pg, webpack, typescript). Node.js 18+ is require for this release.
+## 1.1.1 - Released 2 February 2025
 * Full-text search improvements:
     - An index for full-text search can now be created. When creating an index in

package/app.js CHANGED Viewed

@@ -139,9 +139,14 @@ const getApp = async (opts = {}) => {
         connectSrc: ["'self'", "data:"],
         scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'"],
         "script-src-attr": ["'self'", "'unsafe-inline'", "'unsafe-eval'"],
-        styleSrc: ["'self'", "https://fonts.googleapis.com", "https://fonts.gstatic.com", "'unsafe-inline'"],
+        styleSrc: [
+          "'self'",
+          "https://fonts.googleapis.com",
+          "https://fonts.gstatic.com",
+          "'unsafe-inline'",
+        ],
         imgSrc: ["'self'", "data:"],
-        fontSrc: ["'self'", "data:", "https://fonts.gstatic.com",],
+        fontSrc: ["'self'", "data:", "https://fonts.gstatic.com"],
         "form-action": ["'self'", "javascript:"],
       },
     },
@@ -155,7 +160,7 @@ const getApp = async (opts = {}) => {
     helmetOptions.contentSecurityPolicy = false;
   if (cross_domain_iframe) helmetOptions.xFrameOptions = false;
-  app.use(helmet(helmetOptions));
+  // app.use(helmet(helmetOptions));
   // TODO ch find a better solution
   if (getState().getConfig("cors_enabled", true)) app.use(cors());
@@ -260,7 +265,7 @@ const getApp = async (opts = {}) => {
     new CustomStrategy((req, done) => {
       loginAttempt();
       async function loginAttempt() {
-        const { remember, _csrf, dest, ...userobj } = req.body;
+        const { remember, _csrf, dest, ...userobj } = req.body || {};
         if (!is.objVals(is.str).check(userobj))
           return done(
             null,
@@ -455,7 +460,7 @@ Sitemap: ${base}sitemap.xml
   // file store ensure
   await File.ensure_file_store();
   // 404 handling
-  app.get("*", function (req, res) {
+  app.get("*any", function (req, res) {
     res.status(404).sendWrap(req.__("Not found"), h1(req.__("Page not found")));
   });

package/auth/admin.js CHANGED Viewed

@@ -465,7 +465,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await auth_settings_form(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_users_page({
         res,
@@ -523,7 +523,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await http_settings_form(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_users_page({
         res,
@@ -594,7 +594,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await permissions_settings_form(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_users_page({
         res,
@@ -794,7 +794,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await ssl_form(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_users_page({
         res,
@@ -998,15 +998,15 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     let form, sub2;
-    if (req.body.id) {
-      const user = await User.findOne({ id: req.body.id });
+    if ((req.body || {}).id) {
+      const user = await User.findOne({ id: (req.body || {}).id });
       form = await userForm(req, user);
       sub2 = user.email;
     } else {
       form = await userForm(req);
       sub2 = "New";
     }
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_users_page({
         res,

package/auth/roleadmin.js CHANGED Viewed

@@ -227,7 +227,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await roleForm(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_users_page({
         res,
@@ -265,7 +265,7 @@ router.post(
   error_catcher(async (req, res) => {
     const { id } = req.params;
     const layout_by_role = getState().getConfigCopy("layout_by_role");
-    layout_by_role[+id] = req.body.layout;
+    layout_by_role[+id] = (req.body || {}).layout;
     await getState().setConfig("layout_by_role", layout_by_role);
     req.flash("success", req.__(`Saved layout for role`));
@@ -286,7 +286,7 @@ router.post(
     const twofa_policy_by_role = getState().getConfigCopy(
       "twofa_policy_by_role"
     );
-    twofa_policy_by_role[+id] = req.body.policy;
+    twofa_policy_by_role[+id] = (req.body || {}).policy;
     await getState().setConfig("twofa_policy_by_role", twofa_policy_by_role);
     req.flash("success", req.__(`Saved 2FA policy for role`));

package/auth/routes.js CHANGED Viewed

@@ -432,9 +432,9 @@ router.post(
   "/reset",
   error_catcher(async (req, res) => {
     const result = await User.resetPasswordWithToken({
-      email: req.body.email,
-      reset_password_token: req.body.token,
-      password: req.body.password,
+      email: (req.body || {}).email,
+      reset_password_token: (req.body || {}).token,
+      password: (req.body || {}).password,
     });
     if (result.success) {
       req.flash(
@@ -457,7 +457,7 @@ router.post(
   "/forgot",
   error_catcher(async (req, res) => {
     if (getState().getConfig("allow_forgot")) {
-      const { email } = req.body;
+      const { email } = req.body || {};
       const u = await User.findOne({ email });
       const respond = () => {
         req.flash("success", req.__("Email with password reset link sent"));
@@ -614,7 +614,7 @@ router.post(
     const hasUsers = await User.nonEmpty();
     if (!hasUsers) {
       const form = loginForm(req, true);
-      form.validate(req.body);
+      form.validate(req.body || {});
       if (form.hasErrors) {
         form.action = "/auth/create_first_user";
@@ -784,7 +784,7 @@ router.post(
     const form = await getNewUserForm(new_user_form, req, !req.user.email);
     form.action = "/auth/signup_final_ext";
-    await form.asyncValidate(req.body);
+    await form.asyncValidate(req.body || {});
     if (form.hasErrors) {
       res.sendAuthWrap(new_user_form, form, getAuthLinks("signup", true));
       return;
@@ -846,7 +846,7 @@ router.post(
           });
         }
       }
-      await form.asyncValidate(req.body);
+      await form.asyncValidate(req.body || {});
       if (form.hasErrors) {
         res.sendAuthWrap(new_user_form, form, getAuthLinks("signup", true));
       } else if (form.values.email && !check_email_mask(form.values.email)) {
@@ -961,7 +961,7 @@ router.post(
           req,
           false
         );
-        await signup_form.asyncValidate(req.body);
+        await signup_form.asyncValidate(req.body || {});
         if (signup_form.hasErrors) {
           signup_form.action = "/auth/signup";
           res.sendAuthWrap(
@@ -1010,7 +1010,7 @@ router.post(
     }
     const form = await default_signup_form(req);
-    await form.asyncValidate(req.body);
+    await form.asyncValidate(req.body || {});
     if (form.hasErrors) {
       form.action = "/auth/signup";
@@ -1049,9 +1049,9 @@ router.post(
  */
 function handler(req, res) {
   console.log(
-    `Failed login attempt for: ${req.body.email} from ${req.ip} UA ${req.get(
-      "User-Agent"
-    )}`
+    `Failed login attempt for: ${(req.body || {}).email} from ${
+      req.ip
+    } UA ${req.get("User-Agent")}`
   );
   req.flash(
     "error",
@@ -1084,7 +1084,7 @@ const userLimiter = rateLimit({
   // TBD create config parameter
   windowMs: 5 * 60 * 1000, // 5 minutes
   max: 3, // limit each IP to 100 requests per windowMs
-  keyGenerator: (req) => userIdKey(req.body),
+  keyGenerator: (req) => userIdKey(req.body || {}),
   handler,
 });
@@ -1111,14 +1111,14 @@ router.post(
   }),
   error_catcher(async (req, res) => {
     ipLimiter.resetKey(req.ip);
-    userLimiter.resetKey(userIdKey(req.body));
+    userLimiter.resetKey(userIdKey(req.body || {}));
     if (req.user.pending_user) {
       res.redirect("/auth/twofa/login/totp");
       return;
     }
     let maxAge = null;
     if (req.session.cookie)
-      if (req.body.remember) {
+      if ((req.body || {}).remember) {
         const setDur = +getState().getConfig("cookie_duration_remember", 720);
         if (setDur) {
           maxAge = setDur * 60 * 60 * 1000;
@@ -1147,10 +1147,10 @@ router.post(
     if (getState().get2FApolicy(req.user) === "Mandatory") {
       res.redirect("/auth/twofa/setup/totp");
     } else if (
-      req.body.dest &&
-      is_relative_url(decodeURIComponent(req.body.dest))
+      (req.body || {}).dest &&
+      is_relative_url(decodeURIComponent((req.body || {}).dest))
     ) {
-      res.redirect(decodeURIComponent(req.body.dest));
+      res.redirect(decodeURIComponent((req.body || {}).dest));
     } else res.redirect("/");
   })
 );
@@ -1566,9 +1566,9 @@ router.post(
   loggedIn,
   error_catcher(async (req, res) => {
     const u = await User.findForSession({ id: req.user.id });
-    const newlang = available_languages[req.body.locale];
+    const newlang = available_languages[(req.body || {}).locale];
     if (newlang && u) {
-      await u.set_language(req.body.locale);
+      await u.set_language((req.body || {}).locale);
       req.login(u.session_object, function (err) {
         if (!err) {
           req.flash("success", req.__("Language changed to %s", newlang));
@@ -1656,7 +1656,7 @@ router.post(
   "/set-email",
   error_catcher(async (req, res) => {
     const form = setEmailForm(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors || !req.user || !req.user.id) {
       res.sendWrap(req.__("Set Email"), renderForm(form, req.csrfToken()));
       return;
@@ -1706,7 +1706,7 @@ router.post(
       );
       return;
     }
-    if (req.body.new_password && user.password) {
+    if ((req.body || {}).new_password && user.password) {
       const pwform = changPwForm(req);
       pwform.fields[0].validator = (oldpw) => {
@@ -1715,7 +1715,7 @@ router.post(
         else return req.__("Password does not match");
       };
-      pwform.validate(req.body);
+      pwform.validate(req.body || {});
       if (pwform.hasErrors) {
         res.sendWrap(
@@ -1738,7 +1738,7 @@ router.post(
             json() {},
             redirect() {},
           };
-          await view.runPost({ id: user.id }, req.body, {
+          await view.runPost({ id: user.id }, req.body || {}, {
             req,
             res: fakeRes,
             redirect: "/auth/settings",
@@ -1773,7 +1773,7 @@ router.all(
       return;
     }
     verifier.action = "/auth/verification-flow";
-    const wfres = await verifier.run(req.body || {}, req);
+    const wfres = await verifier.run(req.body || {} || {}, req);
     if (wfres.flash) req.flash(wfres.flash[0], wfres.flash[1]);
     if (wfres.renderForm) {
       res.sendWrap(
@@ -1860,7 +1860,7 @@ router.post(
     }
     const form = totpForm(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       req.flash("danger", req.__("Error processing form"));
       console.log("Error processing form");
@@ -1918,7 +1918,7 @@ router.post(
   error_catcher(async (req, res) => {
     const user = await User.findOne({ id: req.user.id });
     const form = totpForm(req, "/auth/twofa/disable/totp");
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       req.flash("danger", req.__("Error processing form"));
       res.redirect("/auth/twofa/disable/totp");

package/locales/pl.json CHANGED Viewed

@@ -1521,7 +1521,37 @@
   "OK": "OK",
   "Step settings": "Ustawienia kroku",
   "Action settings": "Ustawienia akcji",
+  "Keystore file is not applied for debug builds.": "Plik Keystore nie jest stosowany dla kompilacji debug.",
   "Workflow": "Przepływ pracy",
   "Previous runs": "Poprzednie uruchomienia",
-  "The workflow the user will be interacting with.": "Przepływ pracy, z którym użytkownik będzie wchodził w interakcję."
+  "The workflow the user will be interacting with.": "Przepływ pracy, z którym użytkownik będzie wchodził w interakcję.",
+  "Delete old workflow runs with status after days": "Usuń stare uruchomienia przepływu pracy ze statusem po określonej liczbie dni",
+	"Finished": "Zakończone",
+	"Error": "Błąd",
+	"Waiting": "Oczekujące",
+	"Running": "Uruchomione",
+	"Minimum role to access search page": "Minimalna rola do uzyskania dostępu do strony wyszukiwania",
+	"Edit tables": "Edytuj tabele",
+	"Minimum role to edit tables": "Minimalna rola do edycji tabel",
+	"Edit views": "Edytuj widoki",
+	"Minimum role to edit views": "Minimalna rola do edycji widoków",
+	"Edit pages": "Edytuj strony",
+	"Minimum role to edit pages": "Minimalna rola do edycji stron",
+	"Edit triggers": "Edytuj wyzwalacze",
+	"Minimum role to edit triggers": "Minimalna rola do edycji wyzwalaczy",
+	"Development permissions": "Uprawnienia deweloperskie",
+	"Inspect tables": "Inspekcja tabel",
+	"Minimum role to inspect (see, without editing) tables": "Minimalna rola do inspekcji (podglądu bez edycji) tabel",
+	"Home pages": "Strony główne",
+	"The home page is the page that is served when the user visits the home location (/). This can be set for each user role.": "Strona główna to strona, która jest wyświetlana, gdy użytkownik odwiedza stronę startową (/). Można ją ustawić dla każdej roli użytkownika.",
+	"Trigger %s deleted": "Wyzwalacz %s usunięty",
+	"Edit menu": "Edytuj menu",
+	"Minimum role to edit menu": "Minimalna rola do edycji menu",
+	"Full-text search index is not available as the table contains Key fields (%s) with the \"Include in full-text search\" option enabled. Disable this before creating a Full-text search index": "Indeks wyszukiwania pełnotekstowego jest niedostępny, ponieważ tabela zawiera pola kluczowe (%s) z włączoną opcją „Uwzględnij w wyszukiwaniu pełnotekstowym”. Wyłącz tę opcję przed utworzeniem indeksu wyszukiwania pełnotekstowego.",
+	"Share Extension Provisioning Profile": "Profil Provisioning Share Extension",
+	"Show results in": "Pokaż wyniki w",
+	"Show results from each table in this type of element": "Pokaż wyniki z każdej tabeli w tym typie elementu",
+	"Search syntax help": "Pomoc dotycząca składni wyszukiwania",
+	"Search syntax": "Składnia wyszukiwania",
+	"Maximum role": "Maksymalna rola"
 }

package/package.json CHANGED Viewed

@@ -1,72 +1,72 @@
 {
   "name": "@saltcorn/server",
-  "version": "1.1.1-rc.4",
+  "version": "1.1.2-beta.0",
   "description": "Server app for Saltcorn, open-source no-code platform",
   "homepage": "https://saltcorn.com",
   "main": "index.js",
   "license": "MIT",
   "dependencies": {
-    "@aws-sdk/client-s3": "^3.451.0",
-    "@saltcorn/base-plugin": "1.1.1-rc.4",
-    "@saltcorn/builder": "1.1.1-rc.4",
-    "@saltcorn/data": "1.1.1-rc.4",
-    "@saltcorn/admin-models": "1.1.1-rc.4",
-    "@saltcorn/filemanager": "1.1.1-rc.4",
-    "@saltcorn/markup": "1.1.1-rc.4",
-    "@saltcorn/plugins-loader": "1.1.1-rc.4",
-    "@saltcorn/sbadmin2": "1.1.1-rc.4",
+    "@aws-sdk/client-s3": "^3.735.0",
+    "@saltcorn/base-plugin": "1.1.2-beta.0",
+    "@saltcorn/builder": "1.1.2-beta.0",
+    "@saltcorn/data": "1.1.2-beta.0",
+    "@saltcorn/admin-models": "1.1.2-beta.0",
+    "@saltcorn/filemanager": "1.1.2-beta.0",
+    "@saltcorn/markup": "1.1.2-beta.0",
+    "@saltcorn/plugins-loader": "1.1.2-beta.0",
+    "@saltcorn/sbadmin2": "1.1.2-beta.0",
     "@socket.io/cluster-adapter": "^0.2.1",
     "@socket.io/sticky": "^1.0.1",
-    "adm-zip": "0.5.10",
+    "adm-zip": "0.5.16",
     "connect-flash": "^0.1.1",
-    "connect-pg-simple": "^6.1.0",
-    "content-disposition": "^0.5.3",
+    "connect-pg-simple": "^9.0.1",
+    "content-disposition": "^0.5.4",
     "contractis": "^0.1.0",
-    "cookie-parser": "^1.4.4",
-    "cookie-session": "^1.4.0",
+    "cookie-parser": "^1.4.7",
+    "cookie-session": "^2.1.0",
     "cors": "2.8.5",
     "csurf": "^1.11.0",
-    "csv-stringify": "^5.5.0",
-    "dockerode": "~4.0.2",
-    "express": "^4.17.1",
-    "express-fileupload": "^1.1.8",
+    "csv-stringify": "^6.5.2",
+    "dockerode": "~4.0.4",
+    "express": "^5.0.1",
+    "express-fileupload": "^1.5.1",
     "express-promise-router": "^3.0.3",
-    "express-rate-limit": "^5.1.3",
-    "express-session": "^1.17.1",
+    "express-rate-limit": "^7.5.0",
+    "express-session": "^1.18.1",
     "greenlock": "^4.0.4",
     "greenlock-express": "^4.0.3",
-    "helmet": "^7.1.0",
+    "helmet": "^8.0.0",
     "i18n": "^0.15.1",
-    "imapflow": "1.0.123",
-    "jsonwebtoken": "^9.0.0",
-    "markdown-it": "^13.0.2",
-    "moment": "^2.29.4",
+    "imapflow": "1.0.178",
+    "jsonwebtoken": "^9.0.2",
+    "markdown-it": "^14.1.0",
+    "moment": "^2.30.1",
     "multer": "1.4.5-lts.1",
     "multer-s3": "^3.0.1",
     "node-fetch": "2.6.9",
-    "node-watch": "^0.7.2",
+    "node-watch": "^0.7.4",
     "notp": "2.0.3",
     "npm-registry-fetch": "17.1.0",
-    "passport": "^0.6.0",
+    "passport": "^0.7.0",
     "passport-custom": "^1.1.1",
     "passport-http-bearer": "^1.0.1",
     "passport-jwt": "4.0.1",
     "passport-totp": "0.0.2",
-    "pg": "^8.2.1",
+    "pg": "^8.13.1",
     "pluralize": "^8.0.0",
     "qrcode": "1.5.1",
     "resize-with-sharp-or-jimp": "0.1.8",
-    "semver": "^7.6.0",
-    "socket.io": "4.6.0",
-    "systeminformation": "^5.21.7",
+    "semver": "^7.6.3",
+    "socket.io": "4.8.1",
+    "systeminformation": "^5.25.11",
     "thirty-two": "1.0.2",
-    "tmp-promise": "^3.0.2",
-    "ua-parser-js": "^1.0.37",
-    "underscore": "1.13.6",
-    "uuid": "^10.0.0"
+    "tmp-promise": "^3.0.3",
+    "ua-parser-js": "^2.0.0",
+    "underscore": "1.13.7",
+    "uuid": "^11.0.5"
   },
   "optionalDependencies": {
-    "connect-sqlite3": "^0.9.11",
+    "connect-sqlite3": "^0.9.15",
     "sd-notify": "^2.8.0"
   },
   "repository": "github:saltcorn/saltcorn",

package/public/saltcorn-common.js CHANGED Viewed

@@ -1120,7 +1120,11 @@ function initialize_page() {
       decodeURIComponent($(that).attr("data-explainers"))
     );
     var currentVal = explainers[$(that).val()];
-    $("#" + id).html(`<strong>${$(that).val()}</strong>: ${currentVal}`);
+    $("#" + id).html(
+      `<strong>${
+        $(that).find("option:selected").text() || $(that).val()
+      }</strong>: ${currentVal}`
+    );
     if (currentVal) $("#" + id).show();
     else $("#" + id).hide();
   }