-
Notifications
You must be signed in to change notification settings - Fork 135
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
security(ws): update ws vulnerable version #1917
Conversation
|
📦 Next.js Bundle Analysis for @faustwp/getting-started-exampleThis analysis was generated by the Next.js Bundle Analysis action. 🤖 🎉 Global Bundle Size Decreased
DetailsThe global bundle is the javascript bundle that loads alongside every page. It is in its own category because its impact is much higher - an increase to its size means that every page on your website loads slower, and a decrease means every page loads faster. Any third party scripts you have added directly to your app using the If you want further insight into what is behind the changes, give @next/bundle-analyzer a try! |
* Add `continue-on-error` for next bundle workflow for outside contributors (#1770) * Add `continue-on-error` for next bundle workflow for outside contributors * Don't run bundle analysis on `main` * Chore: Update Block Support (#1759) * fix: (#1729) Make attributes field optional (#1730) * fix: (#1729) Make attributes field optional * Update .changeset/spicy-doors-lie.md --------- Co-authored-by: Blake Wilson <[email protected]> Co-authored-by: Blake Wilson <[email protected]> * Update @apollo/experimental-nextjs-app-support to v0.8.0-NEW (#1796) * Test CI/CD * Update package.json * Chore: Update package.json * Update client.ts * Added experimental app router to script build --------- Co-authored-by: Teresa (Terri) Gobble <[email protected]> * Version Packages (#1790) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Update our issue templates (#1800) * Add issues contact links * Create new bug report * Delete old bug report * Remove security section * Capitalize fields * This example is no longer experimental * Update .github/ISSUE_TEMPLATE/bug_report.yml Co-authored-by: John Parris <[email protected]> * Update .github/ISSUE_TEMPLATE/config.yml Co-authored-by: John Parris <[email protected]> --------- Co-authored-by: John Parris <[email protected]> * Update GitHub Actions (#1798) * ci: remove audit-dependencies workflow * ci: e2e-next-example: upgrade action versions. Upgrades actions/checkout from v3 to v4. Upgrades actions/setup-node from v3 to v4. * ci: e2e-next-example: Pin Ubuntu to ubuntu-22.04 * ci: e2e-next-faustwp-example: pin ubuntu-22.04. Upgrade checkout and setup-node actions to v4. * ci: e2e-nightly-build: pin ubuntu-22.04. Upgrade checkout and setup-node actions to v4. * ci: e2e-test-plugin: Update actions and pin Ubuntu version * ci: experimental-app-router: Update actions and pin Ubuntu version * ci: lint-packages: Update actions and pin Ubuntu version * ci: lint-plugin: Update actions and pin Ubuntu version * ci: nextjs-bundle-analysis: Update actions and pin Ubuntu version * ci: nightly-releases: Update actions and pin Ubuntu version Pins setup-node to v4 instead of master. * ci: notify-discord: Update actions and pin Ubuntu version * ci: release-packages: Update actions and pin Ubuntu version * ci: release-plugin: Update actions and pin Ubuntu version * ci: sonarqube-scan: Update checkout action to v4 * ci: test-packages: Update actions and pin Ubuntu version * ci: test-plugin: Update actions and pin Ubuntu version * 1761: Fix preview issue due to samesite status (#1799) * updated SameSite to use 'lax' to allow urls from wordpress * Create healthy-mayflies-end.md * Removed breaking change status * Update .changeset/healthy-mayflies-end.md Co-authored-by: Blake Wilson <[email protected]> --------- Co-authored-by: Blake Wilson <[email protected]> * Detect NEXT_PUBLIC_WORDPRESS_URL using wpengine.com TLD and recommend using wpenginepowered.com TLD (#1801) * Detect wpengine.com TLD * Create unit tests * Update messaging * Add changeset * Update packages/faustwp-cli/tests/healthCheck/validateFaustEnvVars.test.ts Co-authored-by: John Parris <[email protected]> * Simplify regex test return statement * Update info message --------- Co-authored-by: John Parris <[email protected]> * Merl 1749 faust should warn if the secret key is invalid (#1777) * Added validation check for disparate FAUST_SECRET_KEYs * Refactored getWpSecret to const secretWp * Added unit testing --------- Co-authored-by: Blake Wilson <[email protected]> Co-authored-by: John Parris <[email protected]> * chore(deps-dev): Bump undici from 5.26.3 to 5.28.3 (#1805) Bumps [undici](https://github.com/nodejs/undici) from 5.26.3 to 5.28.3. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.26.3...v5.28.3) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): Bump ip from 1.1.8 to 1.1.9 (#1808) Bumps [ip](https://github.com/indutny/node-ip) from 1.1.8 to 1.1.9. - [Commits](indutny/node-ip@v1.1.8...v1.1.9) --- updated-dependencies: - dependency-name: ip dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * 16: update lowest version of node to 18 since 16 is deprecating (#1806) * init commit * typo * changesets * 1793: plugin system - take out of experimental (#1807) * init commit * updated config to support experimentalPlugins and new plugins * warning added around experimentalPlugins deprecation and plugins usage * updated experimentalPlugins to plugins * changeset * Update mighty-geese-cover.md * updated per PR for console logging consistency * Update .changeset/mighty-geese-cover.md Co-authored-by: John Parris <[email protected]> --------- Co-authored-by: John Parris <[email protected]> * chore: Update .nvmrc to allow v18 upgrades (#1821) Updates the value from v18.0.0 to v18, to allow the use of the latest 18.x version. * chore: fix syntax error in GitHub workflows (#1822) * chore: fix syntax error in GitHub workflows * Fix `experimentalPlugins` -> `plugins` tests (#1823) * Version Packages (#1802) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Only request token endpoint initially, then use a cookie to determine if there is an authenticated user (#1740) * Create readable client side cookie to determine login state * Fix cookie being set when it shouldn't and fix reset cookie * Rename has token key * Update cookie name in toolbar * Update variable names * mergeCookies function and properly set expires and maxage * Remove `removeCookie` in favor of `setCookie` * Add `getHeader` to mocked test responses * Add unit tests * Add changeset * Update .changeset/brave-cougars-lie.md Co-authored-by: Matthew Wright <[email protected]> --------- Co-authored-by: Matthew Wright <[email protected]> * Add next-secure-headers in example projects (#1803) * Add next-secure-headers in example projects * Update next.config.js paths * FeatI: set xssProtection: false * Feature: Error when NEXT_PUBLIC_WORDPRESS_URL same as headless site URL (#1809) * Feature: Error when NEXT_PUBLIC_WORDPRESS_URL pointing to headless site * Update packages/faustwp-cli/src/healthCheck/validateNextWordPressUrl.ts Co-authored-by: John Parris <[email protected]> * Chore: Fix PHP Lint issues * Chore: PHP Lint issues * Feature: handle older versions of FaustWP Plugin * Tests: Add unit tests for domains_match * PHPCS: Fix * PHPCS: Lint issues * Chore: Remove WP_Rest_Response messages. * Feat: Only perform the check on valid secret key --------- Co-authored-by: John Parris <[email protected]> * Feat: Added Error Logging Apollo Link (#1832) * Feat: Added Error Logging Apollo Link * Update errorLoggingLink.test.ts * Update errorLoggingLink.test.ts * Update errorLoggingLink.test.ts * update @experimental-app-router for handle trailing slash config (#1815) * update @experimental-app-router for handle trailing slash config * changeset * Update changeset * Update changeset --------- Co-authored-by: John Parris <[email protected]> * Bug Fix: Pass Next server to tokenHandler to fix build issues with experimental-app-router (#1836) * Bug Fix: Fix wierd issue with import in experimental-app-router * Update Deps * Tests: Fix unit tests in app router * Update test in TokenHandler * TOOLBAR LOGOUT LOOP: init commit and test (#1828) * init commit and test * Update useLogout.tsx * Update useLogout.tsx * updated per PR * added test to cover use case * Update useLogout.test.ts * changeset * updated per PR * Toolbar should respect show avatars setting in wp (#1845) * Added conditional for avatar value of null to toolbar * Added optional chaining to ViewerType in useAuth * Added optional chaining to both instances of img in MyAccount * Updated additional useAuth test to include changes to Viewer * Update .changeset/smooth-dogs-cough.md Co-authored-by: John Parris <[email protected]> --------- Co-authored-by: John Parris <[email protected]> * Do not require `plugins`, `experimentalPlugins` in the FaustConfig type (#1840) * Do not require plugins in Faust Config * Create changeset * Added multiple queries to interface for FaustTemplate (#1847) * Added `queries` property to FaustTemplate interface, which fixes an error when using multiple queries with TypeScript. Co-authored-by: John Parris <[email protected]> --------- Co-authored-by: John Parris <[email protected]> * chore(deps-dev): Bump follow-redirects from 1.15.4 to 1.15.6 (#1852) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.4 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.4...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): Bump follow-redirects in /internal/legacy.faustjs.org (#1851) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.4 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.4...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Docs: Update Development Guide 2024 (#1848) * Docs: Update Development Guide 2024 * Update DEVELOPMENT.md: Removed legacy docs reference. * DEVELOPMENT.md: Added Monorepo section. * Changed 'tested up to' in readme.txt to 6.5 (#1857) * chore(deps): Bump webpack-dev-middleware in /internal/legacy.faustjs.org (#1859) Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4. - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) --- updated-dependencies: - dependency-name: webpack-dev-middleware dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): Bump webpack-dev-middleware from 5.3.3 to 5.3.4 (#1860) Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4. - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) --- updated-dependencies: - dependency-name: webpack-dev-middleware dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): Bump express from 4.18.2 to 4.19.2 (#1866) Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): Bump express in /internal/legacy.faustjs.org (#1867) Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix: Fix issue with errorLoggingLink (#1869) * Revert "Only request token endpoint initially, then use a cookie to d… (#1868) * Revert "Only request token endpoint initially, then use a cookie to determine if there is an authenticated user (#1740)" This reverts commit 0759959. * Restore js-cookie * Version Packages (#1824) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Feat: Output faust version in dev|build|start commands. (#1874) * Feat: Output faust version in dev|build|start commands. * Lint: Fix eslint issue * Acceptance Tests: update preview button selectos for WP 6.5 * Acceptance Tests: Attempt to fix preview tests * Acceptance Test: Use correct variables * Acceptance Test: Fix cpt_name var * Acceptance Test: Remove click event * Acceptance Test: Attempt to close welcome modals. * Acceptance Test: Revert last commit * Acceptance Test: Update DEVELOPMENT.md * Acceptance Test: Click Welcome modal if present * Acceptance Test: Pin e2e tests to WP 6.4 * Load plugin textdomain (#1877) * Ignore the WordPress source code. * fix: Load the plugin's text domain to allow translations to be utilized. * Add changeset * feat: Set `enable_image_source` to on by default (#1879) * feat: Set `enable_image_source` to on by default * Add changeset * Update acceptance test for new default * chore(deps-dev): Bump undici from 5.28.3 to 5.28.4 (#1871) * chore(deps-dev): Bump undici from 5.28.3 to 5.28.4 Bumps [undici](https://github.com/nodejs/undici) from 5.28.3 to 5.28.4. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.28.3...v5.28.4) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * Feat: Output faust version in dev|build|start commands. (#1874) * Feat: Output faust version in dev|build|start commands. * Lint: Fix eslint issue * Acceptance Tests: update preview button selectos for WP 6.5 * Acceptance Tests: Attempt to fix preview tests * Acceptance Test: Use correct variables * Acceptance Test: Fix cpt_name var * Acceptance Test: Remove click event * Acceptance Test: Attempt to close welcome modals. * Acceptance Test: Revert last commit * Acceptance Test: Update DEVELOPMENT.md * Acceptance Test: Click Welcome modal if present * Acceptance Test: Pin e2e tests to WP 6.4 --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Theofanis Despoudis <[email protected]> * Update Next.js in Legacy Faust (#1886) * Update Next 12 in appropriate packages * Add WordPress 6.5 to testing Matrix * Add changeset * Update Next.js 14 in packages < 14.1.1 * Version Packages (#1876) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Update plugin unit testing with more WordPress versions and Nightly WordPress builds (#1887) * Modernize plugin testing * Fix directory * Fix the path * Our older composer setup does not run on PHP 7.4 * Ensure we end the command * Ensure we're passing WP_VERSION * FROM should be after ARG * Update PHP version * Normalize E2E tests * Ensure we're using PHP 8.2 for all * Remove redudant steps and normalize output * Reverse the order of the E2E tests * Don't fail fast with Matrix * Reintroduce "Maybe update DB" step to E2E tests * Update DB on correct workflow * Upload fail output to correct location * Fix output path * Revert E2E changes * Use current WP version for default * Use current WP version for default * Include WP version for current E2E build * Revert plugin E2E test to WP 6.4 * Add plugin unit tests for WordPress nightly * Fix workflow name * Update test names for better identification. * Call out existing plugin E2E tests are against legacy Faust. * Improve domain_match Function and add test cases (#1889) * fix(domains_match): make stricter checks about domains * chore: add changeset * format: use snake_case unit test names * style: phpcs format fix * style: phpcs fix * style: phpcs:fixx * Version Packages (#1890) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Update PHPCS and coding standards to the current version. (#1894) * Update PHPCS and coding standards to the current version. * Exclude UnusedFunctionParameter Warnings * Fix linting issues * Update default packages in example project (#1896) * Update default packages in example project * Update package-lock for changes in Getting started example. * Adds the `react-refresh` package to avoid having to manually do so. (#1901) * [Bug] Add missing textarea control handler. (#1898) * bug(block-editor-utils): add missing TextArea handler * chore: Add Changeset * Bug: Fixes issue with blocks not showing in the block editor when running blockset command on WP >=v6.5 (#1904) * chore(deps): Bump braces from 3.0.2 to 3.0.3 (#1910) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): Bump braces in /internal/legacy.faustjs.org (#1912) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): Bump ws from 7.5.9 to 7.5.10 (#1913) Bumps [ws](https://github.com/websockets/ws) from 7.5.9 to 7.5.10. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.5.9...7.5.10) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix: Ensure Accurate Detection of WordPress Previews via URL Query Parameters (#1911) * fix(WordPressTemplate): fix issue when is-preview check is too greedy * chore(changeset): add changeset * Create CODE_OF_CONDUCT.md (#1908) > community health files are a set of predefined files that provide guidance and templates for maintaining a healthy and collaborative open-source project. https://docs.github.com/en/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file * test(gha): include node 22 in github actions pipeline (#1915) * Version Packages (#1902) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * security(ws): update ws vulnerable version (#1917) * fix: update ws (#1921) * fix: update ws * fix: include package-lock.json updates * chore(deps): Bump fast-xml-parser from 4.3.2 to 4.4.1 (#1922) Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 4.3.2 to 4.4.1. - [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases) - [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-parser@v4.3.2...v4.4.1) --- updated-dependencies: - dependency-name: fast-xml-parser dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: only remove non-faust Nav Menu locations if the user opts-in to it (#1926) * - introduce new setting to "remove additional menu locations" - update callback to `remove_menu_locations` to only execute the removal if the faustwp setting is checked. * - change `docker-compose` to `docker compose` * - change `docker-compose` to `docker compose` * - change `docker-compose` to `docker compose` * - update test * - phpcs - update unit tests to use docker compose instead of docker-compose * - add changeset * chore(deps): Bump axios to 1.7.4 (#1930) * chore: update dependencies to better support local development (#1929) * - remove react and react-dom as devDependencies for the block-editor-utils package - remove react and react-dom as devDependencies for the blocks package - remove faustwp/cli, faustwp/core, react and react-dom as devDependencies for the experimental-app-router package - remove next, react and react-dom as devDependencies for the next package - remove faustjs/core and faustjs/react as dependencies and mark them as peerDependenncies of the next packagee - remove faustjs/core and mark it as a peerDependency for the react package - remove react and react-dom as devDependencies of the react package * - add changeset * Introduce configurable "sitemap index path" for enhanced plugin compatibility (#1936) * Add support for configuring a custom sitemap index * Add example usage in example project * Add changeset * Fix linting issues * chore: add "Local Development" guide for `@faustwp/core` (#1934) * - re-order dependencies - add guide for "Local Development" of @faustwp/core package * - update Local Development guide for more clarity after walking through it with `@josephfusco` * - update docs * - move file * fix: ssr not always working (#1939) * - fix a bug where the WordPressTemplate was returning null when `isPreview` was null * - update WordPressTemplate conditionals * - add glob as a dependency to @faustwp/cli * - add changeset for faustwp/cli * Version Packages (#1928) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Update CODEOWNERS (#1944) * chore(deps): Bump micromatch in /internal/legacy.faustjs.org (#1945) Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8. - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/4.0.8/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) --- updated-dependencies: - dependency-name: micromatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): Bump micromatch from 4.0.5 to 4.0.8 (#1948) Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8. - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) --- updated-dependencies: - dependency-name: micromatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update "tested up to" version for faustwp WordPress plugin. (#1949) * Update tested up to version * Add changeset * Version Packages (#1950) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * security: fix path-to-regexp=8.1.0 (#1951) * security: fix path-to-regexp=8.1.0 * security: fix vulnerabilities * chore(deps): Bump body-parser and express (#1960) Bumps [body-parser](https://github.com/expressjs/body-parser) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `body-parser` from 1.20.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.2...1.20.3) Updates `express` from 4.19.2 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.19.2...4.21.0) --- updated-dependencies: - dependency-name: body-parser dependency-type: indirect - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): Bump serve-static and express (#1959) Bumps [serve-static](https://github.com/expressjs/serve-static) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `express` from 4.19.2 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.19.2...4.21.0) --- updated-dependencies: - dependency-name: serve-static dependency-type: indirect - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): Bump send and express in /internal/legacy.faustjs.org (#1957) Bumps [send](https://github.com/pillarjs/send) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `express` from 4.19.2 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.19.2...4.21.0) --- updated-dependencies: - dependency-name: send dependency-type: indirect - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): Bump webpack in /internal/legacy.faustjs.org (#1947) Bumps [webpack](https://github.com/webpack/webpack) from 5.89.0 to 5.94.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.89.0...v5.94.0) --- updated-dependencies: - dependency-name: webpack dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat: Add PluginUpdater to Support Plugin Updates from Custom API (#1964) * Add plugin updater * Update package name * Add changeset * Add plugin updater * Ignore error_log case * Update plugins/faustwp/faustwp.php * Apply suggestions from code review - update the docblock to account for possible null values * Update plugins/faustwp/includes/updates/class-plugin-updater.php * Apply suggestions from code review --------- Co-authored-by: Jason Bahl <[email protected]> * chore(deps): Bump cookie from 0.4.2 to 0.7.0 (#1969) Bumps [cookie](https://github.com/jshttp/cookie) from 0.4.2 to 0.7.0. - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.4.2...v0.7.0) --- updated-dependencies: - dependency-name: cookie dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): Bump cookie and express in /internal/legacy.faustjs.org (#1970) Bumps [cookie](https://github.com/jshttp/cookie) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `cookie` from 0.6.0 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.6.0...v0.7.1) Updates `express` from 4.21.0 to 4.21.1 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.1/History.md) - [Commits](expressjs/express@4.21.0...4.21.1) --- updated-dependencies: - dependency-name: cookie dependency-type: indirect - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Version Packages (#1965) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * deps: update path-to-regexp=6.3.0 (#1971) * deps: update path-to-regexp=6.3.0 * Update package.json overrides * fix: cannot query field "align" on type "CoreQuoteAttributes"' (#1946) * - update query fragment on CoreQuote to be compatible with WordPress 6.6 * - update query string * fix: add legacyBehavior in <Link/> * chore: update changeset --------- Co-authored-by: Theo <[email protected]> * bump: http-proxy-middleware to 2.0.7 (#1979) * ci: upload plugin zip to releases workflow step (#1974) * feat: separate legacy example projects (#1977) * chore: wip cleanup * chore: install and build step * chore: add sass * chore: update deps * chore: add deps * chore: cleanup * chore: include packages/experimental-app-router * chore: update changesets * chore: update gettting-started postcss dependency * chore: update dev npm command * Version Packages (#1975) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * chore: update deps (#1982) * Create SECURITY.md (#1909) Providing a clear security policy ensures that the community will know how to report a vulnerability should they find one, which also signals trust in our codebase and standards. https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository * chore(deps): Bump cross-spawn in /internal/legacy.faustjs.org (#1990) Bumps [cross-spawn](https://github.com/moxystudio/node-cross-spawn) from 7.0.3 to 7.0.6. - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6) --- updated-dependencies: - dependency-name: cross-spawn dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Blake Wilson <[email protected]> Co-authored-by: Theofanis Despoudis <[email protected]> Co-authored-by: Mattias <[email protected]> Co-authored-by: Blake Wilson <[email protected]> Co-authored-by: Teresa (Terri) Gobble <[email protected]> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: John Parris <[email protected]> Co-authored-by: Matthew Wright <[email protected]> Co-authored-by: Teresa Gobble <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Christophe VACHER <[email protected]> Co-authored-by: Chris Wiegman <[email protected]> Co-authored-by: Damon Cook <[email protected]> Co-authored-by: Jason Bahl <[email protected]>
Tasks
Description
Fixes GHSA-3h5v-q93c-6h6q
Related Issue(s):
Testing
Screenshots
Documentation Changes
Dependant PRs