From 5379135c88927550ba015e1425ce232fe53468c5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 23 Jun 2024 19:01:09 +0200 Subject: [PATCH 1/5] refactor: Bump ws from 8.16.0 to 8.17.1 (#9159) --- package-lock.json | 42 +++++++++++++++++++++++++++++++++++------- package.json | 2 +- 2 files changed, 36 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 5088a52e..5b1f74a8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -53,7 +53,7 @@ "uuid": "9.0.1", "winston": "3.12.0", "winston-daily-rotate-file": "5.0.0", - "ws": "8.16.0" + "ws": "8.17.1" }, "bin": { "parse-server": "bin/parse-server" @@ -15762,6 +15762,26 @@ "node": ">=6" } }, + "node_modules/parse/node_modules/ws": { + "version": "8.16.0", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.16.0.tgz", + "integrity": "sha512-HS0c//TP7Ina87TfiPUz1rQzMhHrl/SG2guqRcTOIUYD2q8uhUdNHZYJUaQ8aTGPzCh+c6oawMKW35nFl1dxyQ==", + "engines": { + "node": ">=10.0.0" + }, + "peerDependencies": { + "bufferutil": "^4.0.1", + "utf-8-validate": ">=5.0.2" + }, + "peerDependenciesMeta": { + "bufferutil": { + "optional": true + }, + "utf-8-validate": { + "optional": true + } + } + }, "node_modules/parseurl": { "version": "1.3.3", "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", @@ -19789,9 +19809,9 @@ } }, "node_modules/ws": { - "version": "8.16.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.16.0.tgz", - "integrity": "sha512-HS0c//TP7Ina87TfiPUz1rQzMhHrl/SG2guqRcTOIUYD2q8uhUdNHZYJUaQ8aTGPzCh+c6oawMKW35nFl1dxyQ==", + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", "engines": { "node": ">=10.0.0" }, @@ -31573,6 +31593,14 @@ "uuid": "9.0.1", "ws": "8.16.0", "xmlhttprequest": "1.8.0" + }, + "dependencies": { + "ws": { + "version": "8.16.0", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.16.0.tgz", + "integrity": "sha512-HS0c//TP7Ina87TfiPUz1rQzMhHrl/SG2guqRcTOIUYD2q8uhUdNHZYJUaQ8aTGPzCh+c6oawMKW35nFl1dxyQ==", + "requires": {} + } } }, "parse-json": { @@ -34662,9 +34690,9 @@ } }, "ws": { - "version": "8.16.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.16.0.tgz", - "integrity": "sha512-HS0c//TP7Ina87TfiPUz1rQzMhHrl/SG2guqRcTOIUYD2q8uhUdNHZYJUaQ8aTGPzCh+c6oawMKW35nFl1dxyQ==", + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", "requires": {} }, "xmlcreate": { diff --git a/package.json b/package.json index 80e03908..041aecc0 100644 --- a/package.json +++ b/package.json @@ -62,7 +62,7 @@ "uuid": "9.0.1", "winston": "3.12.0", "winston-daily-rotate-file": "5.0.0", - "ws": "8.16.0" + "ws": "8.17.1" }, "devDependencies": { "@actions/core": "1.10.1", From e6be5117d0c78993491fd8e0af19c57dd7ec8934 Mon Sep 17 00:00:00 2001 From: Parse Platform <90459499+parseplatformorg@users.noreply.github.com> Date: Sun, 23 Jun 2024 19:01:31 +0200 Subject: [PATCH 2/5] refactor: Security upgrade node from lts-alpine to 20.14.0-alpine3.20 (#9160) --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index c6826d64..1d63c753 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ ############################################################ # Build stage ############################################################ -FROM node:lts-alpine AS build +FROM node:20.14.0-alpine3.20 AS build RUN apk --no-cache add \ build-base \ @@ -28,7 +28,7 @@ RUN npm ci --omit=dev --ignore-scripts \ ############################################################ # Release stage ############################################################ -FROM node:lts-alpine AS release +FROM node:20.14.0-alpine3.20 AS release VOLUME /parse-server/cloud /parse-server/config From 480282cf18e8d8bf5db591dea3cd814422a9fc8c Mon Sep 17 00:00:00 2001 From: Manuel <5673677+mtrezza@users.noreply.github.com> Date: Sun, 23 Jun 2024 19:03:13 +0200 Subject: [PATCH 3/5] ci: Fix codecov token fail for Postgres (#9156) --- .github/workflows/ci.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2cacbf5e..011abd14 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -289,8 +289,10 @@ jobs: - name: Upload code coverage uses: codecov/codecov-action@v4 with: - fail_ci_if_error: true + fail_ci_if_error: false token: ${{ secrets.CODECOV_TOKEN }} + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true From 73eec3dfb160febaef25d03bf3b30437c45c39cc Mon Sep 17 00:00:00 2001 From: Corey Date: Mon, 24 Jun 2024 12:14:29 -0700 Subject: [PATCH 4/5] docs: Fix codecov badge links (#9163) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 795a9e3e..c44c620a 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ [![Build Status](https://github.com/parse-community/parse-server/workflows/ci/badge.svg?branch=beta)](https://github.com/parse-community/parse-server/actions?query=workflow%3Aci+branch%3Abeta) [![Build Status](https://github.com/parse-community/parse-server/workflows/ci/badge.svg?branch=release)](https://github.com/parse-community/parse-server/actions?query=workflow%3Aci+branch%3Arelease) [![Snyk Badge](https://snyk.io/test/github/parse-community/parse-server/badge.svg)](https://snyk.io/test/github/parse-community/parse-server) -[![Coverage](https://img.shields.io/codecov/c/github/parse-community/parse-server/alpha.svg)](https://codecov.io/github/parse-community/parse-server?branch=alpha) +[![Coverage](https://codecov.io/github/parse-community/parse-server/branch/alpha/graph/badge.svg)](https://app.codecov.io/github/parse-community/parse-server/tree/alpha) [![auto-release](https://img.shields.io/badge/%F0%9F%9A%80-auto--release-9e34eb.svg)](https://github.com/parse-community/parse-dashboard/releases) [![Node Version](https://img.shields.io/badge/nodejs-18,_20-green.svg?logo=node.js&style=flat)](https://nodejs.org) From 5000c2ac3b84ec1dd1d8fa675b8f3578d53b0f0b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Jun 2024 22:28:12 +0200 Subject: [PATCH 5/5] refactor: Bump @grpc/grpc-js from 1.10.8 to 1.10.9 (#9150) --- package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 5b1f74a8..d4e13bf3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2738,9 +2738,9 @@ } }, "node_modules/@grpc/grpc-js": { - "version": "1.10.8", - "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-1.10.8.tgz", - "integrity": "sha512-vYVqYzHicDqyKB+NQhAc54I1QWCBLCrYG6unqOIcBTHx+7x8C9lcoLj3KVJXs2VB4lUbpWY+Kk9NipcbXYWmvg==", + "version": "1.10.9", + "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-1.10.9.tgz", + "integrity": "sha512-5tcgUctCG0qoNyfChZifz2tJqbRbXVO9J7X6duFcOjY3HUNCxg5D0ZCK7EP9vIcZ0zRpLU9bWkyCqVCLZ46IbQ==", "optional": true, "dependencies": { "@grpc/proto-loader": "^0.7.13", @@ -21887,9 +21887,9 @@ "requires": {} }, "@grpc/grpc-js": { - "version": "1.10.8", - "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-1.10.8.tgz", - "integrity": "sha512-vYVqYzHicDqyKB+NQhAc54I1QWCBLCrYG6unqOIcBTHx+7x8C9lcoLj3KVJXs2VB4lUbpWY+Kk9NipcbXYWmvg==", + "version": "1.10.9", + "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-1.10.9.tgz", + "integrity": "sha512-5tcgUctCG0qoNyfChZifz2tJqbRbXVO9J7X6duFcOjY3HUNCxg5D0ZCK7EP9vIcZ0zRpLU9bWkyCqVCLZ46IbQ==", "optional": true, "requires": { "@grpc/proto-loader": "^0.7.13",