b2b1c9cc6a
fix: disable rover checks for now ( #2175 )
2024-03-28 12:09:41 +02:00
8842a8f840
chore(deps): bump express to 4.19.2 ( #2166 )
...
* chore(deps): bump express to 4.19.2
- address https://security.snyk.io/vuln/SNYK-JS-EXPRESS-6474509
* chore(deps): update express used by speckle-server
2024-03-26 10:23:04 +00:00
1be2fde52e
chore(deps): bump undici from 5.26.3 to 5.28.3 ( #2050 )
...
Bumps [undici](https://github.com/nodejs/undici ) from 5.26.3 to 5.28.3.
- [Release notes](https://github.com/nodejs/undici/releases )
- [Commits](https://github.com/nodejs/undici/compare/v5.26.3...v5.28.3 )
---
updated-dependencies:
- dependency-name: undici
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-16 18:35:58 +00:00
ed1029e20d
fix(fe2): optimized 'select all objects by type' ( #2005 )
...
* fix(fe2): optimized 'select all objects by type'
* some more utils
2024-02-01 16:29:18 +02:00
4144ce0d8e
feat(fe2): improved and more thorough logging to help with observability ( #1948 )
...
* better req log text
* minor improvements to server logging
* WIP FE2 req logging
* FE2 apollo operation logging
* undid apolloPlugin changes due to Gergos PR
* seq message templates introduced
2024-01-11 12:15:45 +02:00
c67f6d9c92
feat: clearer email verification flow & related error messages ( #1904 )
...
* fix: fe2 auth error page + various minor UI bugs
* clean up & reporting failing email to fe
* new mutation to resend verification as guest
* email text updates
* fixing issues brought up by agi
* more text fixes
* swapping out space-XXX for gap-XXX
2023-12-15 13:09:26 +02:00
3db83e50be
chore(deps): bump node from 18.18.2 to 18.19.0 ( #1921 )
...
* chore(deps): bump node from 18.18.2 to 18.19.0
* Additional dependencies
2023-12-15 11:30:07 +01:00
ef37030287
fix(server): optimized commit download ( #1913 )
...
* fix(server): optimized commit download
* added test
2023-12-13 14:31:09 +02:00
a329f91a44
fix(server): protecting against scope elevation in PAT creation ( #1901 )
...
* test DX improvements + tests for token:write scope
* protecting against scope elevation
2023-12-08 14:50:23 +02:00
3fbf927778
chore(deps-dev): bump axios from 0.25.0 to 1.6.0 ( #1870 )
...
Bumps [axios](https://github.com/axios/axios ) from 0.25.0 to 1.6.0.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v0.25.0...v1.6.0 )
---
updated-dependencies:
- dependency-name: axios
dependency-type: direct:development
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-10 20:29:07 +00:00
438c6bbf0d
chore(deps): bump node from 18.17.1 to 18.18.2 ( #1844 )
2023-10-31 18:08:25 +00:00
ef3fb7b00f
chore(deps): bump undici from 5.22.1 to 5.26.2 ( #1820 )
...
Bumps [undici](https://github.com/nodejs/undici ) from 5.22.1 to 5.26.2.
- [Release notes](https://github.com/nodejs/undici/releases )
- [Commits](https://github.com/nodejs/undici/compare/v5.22.1...v5.26.2 )
---
updated-dependencies:
- dependency-name: undici
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-18 16:04:55 +01:00
85f256d323
chore(deps): bump sharp to 0.32.6 ( #1823 )
...
- resolves SNYK-JS-SHARP-5922108
2023-10-17 16:57:49 +01:00
b69d9e230e
chore(deps): bump zod from 3.22.2 to 3.22.3 ( #1817 )
...
Bumps [zod](https://github.com/colinhacks/zod ) from 3.22.2 to 3.22.3.
- [Release notes](https://github.com/colinhacks/zod/releases )
- [Changelog](https://github.com/colinhacks/zod/blob/master/CHANGELOG.md )
- [Commits](https://github.com/colinhacks/zod/compare/v3.22.2...v3.22.3 )
---
updated-dependencies:
- dependency-name: zod
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-17 16:24:56 +01:00
79d293e178
fix: preparing automation backend for use in FE ( #1790 )
...
* fix: preparing automation backend for use in FE
* minor migration adjustment
* modelId only
* more CR fixes
* improved validation
* WIP model automation status (#1791 )
* additional run status insert validations
* model card dialog
* show view automation btn
* story mock fixes
* version card dialog
---------
Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com >
2023-09-18 11:49:11 +03:00
8063652dbf
automations backend ( #1789 )
...
* feat(server): WIP automations api
* feat(server): Automations Backend api WIP take 2
* feat(automations): add validation to automation run schema with zod
* fix(server): add zod to package.json
* fix(server): automations pr cleanup
2023-09-11 14:38:15 +02:00
6b6c6b3bfa
chore: updating various dependencies ( #1774 )
...
* chore: updating nuxt & apollo client
* global tsc update
2023-08-25 14:31:08 +03:00
080e8197f9
chore(deps): bump node from 18.17.0 to 18.17.1 ( #1771 )
2023-08-24 10:55:43 +01:00
87a8e7e01d
fix(server): env var definitions
2023-07-31 13:56:29 +03:00
7bebdd1890
fix(server): moved objectloader to main deps
2023-07-31 13:32:28 +03:00
f2f3f90786
fix(server): moved cross-fetch to main deps
2023-07-31 12:58:46 +03:00
f79740b3a0
fix(server): moved apollo client to main deps
2023-07-31 12:31:55 +03:00
ea941b3b81
chore(deps): bump node to 18.17.0 ( #1722 )
2023-07-26 12:38:50 +01:00
ea6d2c9042
feat(prometheus): add status code and improved path grouping to request duration metrics ( #1591 )
...
* replaces expressMonitoring.js
2023-07-13 16:21:16 +01:00
ffc3c5186f
chore(node): bump to 18.16.1 ( #1675 )
2023-07-07 16:54:18 +01:00
d5bb3b9923
feat(server): mailchimp plumbing
2023-06-16 13:34:04 +01:00
440adbd3f9
feat: checking schema changes against apollo studio ( #1603 )
2023-05-30 12:35:15 +03:00
a42ee35c09
fix(server): self-cleaning sub dataloaders + Comment.data type change
2023-05-22 21:00:27 +03:00
55f46aca46
adding profiling tool to server
2023-05-22 18:35:45 +03:00
b02a07e2b6
feat: Frontend 2.0 MVP
2023-05-08 10:47:01 +03:00
4eab7d9dcd
chore(deps): bump node to 18.16.0 ( #1564 )
2023-05-05 12:43:39 +01:00
43c339bccf
fix(logging): use broadcast address to mask logged ip ( #1532 )
2023-04-13 19:43:54 +01:00
5d0fceaaf3
feat: proper sign up tracking ( #1489 )
...
* feat: register flag passed to fe
* feat: mixpanel tracking for all sign ups
* feat: utm first touch & last touch tracking
* feat(helm): Allows Environment Variable for MP to be configured
- default is enabled
- renames environment variable to ENABLE_MP
* feat(helm network policy): allowlist analytics.speckle.systems
---------
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com >
2023-03-30 12:21:59 +03:00
87e8d08e64
chore(deps): bump node to 18.15.0 ( #1446 )
2023-03-10 11:01:30 +00:00
d8b7123ed0
chore(deps): bump node from 18.14.0 to 18.14.2 ( #1426 )
2023-03-01 12:16:55 +00:00
f9c2787f6d
chore(deps): bump @aws-sdk/client-s3 to 3.276.0 due to vulnerability in earlier versions ( #1402 )
2023-02-22 12:00:53 +00:00
9ed1656541
fix(redis): Redis errors should be logged in a structured manner ( #1389 )
...
- errors should be logged to stdout in a structured format
- currently still throws errors which are ultimately unhandled, this matches existing behaviour
- Consolidate redis creation and error handling in a shared module
* remove unused 'redis' module, in favour of 'ioredis'
2023-02-22 09:13:05 +00:00
5880356396
chore(deps): bump @aws-sdk/client-s3 to ^3.272.0 ( #1393 )
...
- address prototype pollution in fast-xml-parser
2023-02-20 13:55:48 +00:00
1975f45164
chore(deps): bump undici from 5.15.0 to 5.19.1 ( #1380 )
...
Bumps [undici](https://github.com/nodejs/undici ) from 5.15.0 to 5.19.1.
- [Release notes](https://github.com/nodejs/undici/releases )
- [Commits](https://github.com/nodejs/undici/compare/v5.15.0...v5.19.1 )
---
updated-dependencies:
- dependency-name: undici
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-17 10:03:10 +00:00
a6fba9ebd3
chore(node): bump node version to 18.14.0 ( #1365 )
2023-02-10 11:44:44 +00:00
f7e71c76b8
chore(deps): bump knex from 2.0.0 to 2.4.1 ( #1306 )
...
* chore(deps): bump knex from 2.0.0 to 2.4.0
Bumps [knex](https://github.com/knex/knex ) from 2.0.0 to 2.4.0.
- [Release notes](https://github.com/knex/knex/releases )
- [Changelog](https://github.com/knex/knex/blob/master/CHANGELOG.md )
- [Commits](https://github.com/knex/knex/compare/2.0.0...2.4.0 )
---
updated-dependencies:
- dependency-name: knex
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump knex from 2.0.0 to 2.4.1
Addresses dependabot issue 165
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com >
2023-01-18 11:40:17 +00:00
6fb2733ecb
chore(deps): bump sanitize-html in server to ^2.7.1 ( #1322 )
2023-01-18 09:54:16 +00:00
6e0235b4f9
Dependabot bumps combined 2023-01-10 part 2 ( #1302 )
...
* build(deps-dev): bump vite from 2.9.8 to 2.9.13
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) from 2.9.8 to 2.9.13.
- [Release notes](https://github.com/vitejs/vite/releases )
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md )
- [Commits](https://github.com/vitejs/vite/commits/v2.9.13/packages/vite )
---
updated-dependencies:
- dependency-name: vite
dependency-type: direct:development
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump sharp from 0.29.3 to 0.30.5
Bumps [sharp](https://github.com/lovell/sharp ) from 0.29.3 to 0.30.5.
- [Release notes](https://github.com/lovell/sharp/releases )
- [Changelog](https://github.com/lovell/sharp/blob/main/docs/changelog.md )
- [Commits](https://github.com/lovell/sharp/compare/v0.29.3...v0.30.5 )
---
updated-dependencies:
- dependency-name: sharp
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
* Bumps viewer-sandbox vite to match frontend version
* chore(deps): bump undici to 5.14.0
* chore(deps): bumps knex from 2.0.0 to 2.4.0
* chore(deps): bump passport to 0.6.0 by bumping azure-ad-passport
* Revert "chore(deps): bumps knex from 2.0.0 to 2.4.0"
This reverts commit 4aa5add9ef0d05e0c17dd9ae9f4eb7709eaad3cd.
* Revert "Bumps viewer-sandbox vite to match frontend version"
This reverts commit 60af00215e6bcfe022f9ea09365b6346f5123e88.
* Updates lockfile
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 11:17:26 +00:00
97ded1a9fe
Dependabot bumps combined (as of 2023-01-10) ( #1298 )
...
* chore(deps): bump vuetify from 2.6.5 to 2.6.10
Bumps [vuetify](https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify ) from 2.6.5 to 2.6.10.
- [Release notes](https://github.com/vuetifyjs/vuetify/releases )
- [Commits](https://github.com/vuetifyjs/vuetify/commits/v2.6.10/packages/vuetify )
---
updated-dependencies:
- dependency-name: vuetify
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump loader-utils from 2.0.2 to 2.0.4
Bumps [loader-utils](https://github.com/webpack/loader-utils ) from 2.0.2 to 2.0.4.
- [Release notes](https://github.com/webpack/loader-utils/releases )
- [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md )
- [Commits](https://github.com/webpack/loader-utils/compare/v2.0.2...v2.0.4 )
---
updated-dependencies:
- dependency-name: loader-utils
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump apollo-server-core from 3.10.2 to 3.11.1
Bumps [apollo-server-core](https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server-core ) from 3.10.2 to 3.11.1.
- [Release notes](https://github.com/apollographql/apollo-server/releases )
- [Changelog](https://github.com/apollographql/apollo-server/blob/apollo-server-core@3.11.1/CHANGELOG.md )
- [Commits](https://github.com/apollographql/apollo-server/commits/apollo-server-core@3.11.1/packages/apollo-server-core )
---
updated-dependencies:
- dependency-name: apollo-server-core
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump express from 4.16.4 to 4.17.3
Bumps [express](https://github.com/expressjs/express ) from 4.16.4 to 4.17.3.
- [Release notes](https://github.com/expressjs/express/releases )
- [Changelog](https://github.com/expressjs/express/blob/master/History.md )
- [Commits](https://github.com/expressjs/express/compare/4.16.4...4.17.3 )
---
updated-dependencies:
- dependency-name: express
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump json5 from 2.2.1 to 2.2.3
Bumps [json5](https://github.com/json5/json5 ) from 2.2.1 to 2.2.3.
- [Release notes](https://github.com/json5/json5/releases )
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md )
- [Commits](https://github.com/json5/json5/compare/v2.2.1...v2.2.3 )
---
updated-dependencies:
- dependency-name: json5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump passport from 0.4.1 to 0.6.0
Bumps [passport](https://github.com/jaredhanson/passport ) from 0.4.1 to 0.6.0.
- [Release notes](https://github.com/jaredhanson/passport/releases )
- [Changelog](https://github.com/jaredhanson/passport/blob/master/CHANGELOG.md )
- [Commits](https://github.com/jaredhanson/passport/compare/v0.4.1...v0.6.0 )
---
updated-dependencies:
- dependency-name: passport
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump luxon from 3.0.1 to 3.2.1
Bumps [luxon](https://github.com/moment/luxon ) from 3.0.1 to 3.2.1.
- [Release notes](https://github.com/moment/luxon/releases )
- [Changelog](https://github.com/moment/luxon/blob/master/CHANGELOG.md )
- [Commits](https://github.com/moment/luxon/compare/3.0.1...3.2.1 )
---
updated-dependencies:
- dependency-name: luxon
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump @graphql-codegen/cli
* chore(deps): bump nodemon to resolve got dependabot issue
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-10 11:26:57 +00:00
38720cecdc
Feature: Add OpenID Connect Generic Authentication Strategy ( #1283 )
...
* feat(server): add OIDC auth strategy
Add an OpenID Connect Authentication Strategy for Speckle Server. Enables configuration of
authentication against an OIDC standard compliant identity provider endpoint.
closes specklesystems#1270
Co-authored-by: spencer.goad <spencer.goad@disney.com >
2023-01-09 13:41:50 +00:00
593c63bc43
fix(server): migrating commits, branches, users timestamp precision ( #1265 )
...
* fix(server): migrating commits, branches, users timestamp precision
* fix(server): incorrect migration heading
2022-12-13 15:05:19 +02:00
96bed71022
fix(logging): Improves error logging and pretty-prints logs during dev & test ( #1255 )
...
* Improves error logging
- use pino error logger correctly by passing in error as first argument
* monitor deployment: Filter logging at INFO level and above
* Use structured logging to create parameters for monitoring results
* Add structured logging to obj fileimport service
* Fileimport service, fix and improve logging
- use child logger with additional context where possible
- select appropriate logging level
- fix duplicated context in log statement
* REST endpoints, add context to structured logging and remove same context from message
* Webhook service provides context to bound logger to properly use structured logging
- Pass bound logger containing context to `makeNetworkRequest`
- do not log url, as it may contain a secret (like Discord's webhook urls), instead log the webhook Id
- log error message when network call fails
* upload: make better use of structured logging when recording data
* pino-pretty when in dev or test mode
- pino-pretty configured to send to stderr
* LOG_PRETTY env var
* Silence structured logging during testing
- can not rely on determining the port number by reading from stdout/stderr
- instead we determine which port is free, then create our server on that port
- we then poll that port until the server is ready before commencing tests
* Allow puppeteer to install chromium
* Do not need to install chromium separately
2022-12-13 09:18:28 +00:00
d09bce7267
feat(docker images): Distroless ( #935 )
...
* Moves speckle-server, webhook-service, fileimport-service, monitoring-deployment, and test-deployment images to Distroless.
Partially addresses https://github.com/specklesystems/speckle-server/issues/883
* preview-service uses similar image for building and production stages
* explicitly include chromium-common dependency to prevent error in preview service
* Bump chromium packages due to package versions not being found
* Handle machine-id in distroless
- distroless has no shell, so node-machine-id will result in an error
- this commit introduces error handling and defaults to a uuid v4 in the case of an error
* Update binary location for readiness and liveness checks to match the binary location in Distroless
* Allow node binary path to be set as environment variable in fileimport service
2022-12-07 12:07:42 +00:00
ee50b32b59
chore(node): upgrades to node 18 ( #1189 )
...
* chore(node): upgrades to node 18
Node 16 was out of support (but not security upgrades), so bumping to next stable version.
https://github.com/specklesystems/speckle-server/issues/1187
* Update server liveness and readiness probes for node 18
* Bump web-ifc to 0.0.36
* Apply `--no-experimental-fetch` flag to fileimport-service to prevent issues in web-ifc (via emscripten) with node 18
2022-12-06 12:57:48 +00:00
4d01e13a84
feat(structured logging) ( #1242 )
...
* Revert "Revert structured logging 2 (#1240 )"
This reverts commit 78ecaeffcbfabis94@live.com >
2022-12-06 11:51:18 +00:00
Kristaps Fabians Geikins