9de62e0d0f
## Description - Fix XSS issue by upgrading packages such that the `serialize-javascript` dependency resolves to `v6.0.2` Fixes https://github.com/appsmithorg/appsmith/security/dependabot/376 - Fix XSS issue by upgrading `esbuild` to `v0.25.1` Fixes https://github.com/appsmithorg/appsmith/security/dependabot/367 - Fix vite vulnerability by upgrading `vite` to `v6.2.1` (this is a major version upgrade and effects the `storybook` package) Fixes https://github.com/appsmithorg/appsmith/security/dependabot/364 Fixes https://github.com/appsmithorg/appsmith/security/dependabot/334 Fixes https://github.com/appsmithorg/appsmith/security/dependabot/336 - Fixes TinyMCE XSS vulnerabilities by upgrading `tinymce` to `v7.7.1` and `tinymce-react` to `v6.0.0` (Major version upgrade) Fixes https://github.com/appsmithorg/appsmith/security/dependabot/347 Fixes https://github.com/appsmithorg/appsmith/security/dependabot/348 Fixes https://github.com/appsmithorg/appsmith/security/dependabot/290 - Fix vulnerability in `webpack` by upgrading to `v5.98.0` Fixes https://github.com/appsmithorg/appsmith/security/dependabot/324 - Fix vulnerability in `@sentry/browser` by upgrading `@sentry/react` to `v7.120.3` (Major version upgrade) _Note: [`Severity` enum has been deprecated](https://docs.sentry.io/platforms/javascript/migration/v7-to-v8/#removal-of-severity-enum)_ Fixes https://github.com/appsmithorg/appsmith/security/dependabot/345 - Fix vulnerability in `axios` by upgrading to `v1.8.3` Fixes https://github.com/appsmithorg/appsmith/security/dependabot/391 - Fix vulnerability in `@babel/runtime` by upgrading to `v7.26.10` Fixes https://github.com/appsmithorg/appsmith/security/dependabot/393 - Fix vulnerability in `@babel/helper` by upgrading `@babel/core` to `v7.26.10` Fixes https://github.com/appsmithorg/appsmith/security/dependabot/392 - Fix vulnerability in `prismjs` by upgrading to `v1.30.0` Fixes https://github.com/appsmithorg/appsmith/security/dependabot/390 - Fix vulnerability in `cookie` by upgrading to `v0.7.0` Fixes https://github.com/appsmithorg/appsmith/security/dependabot/346 ## Automation /ok-to-test tags="@tag.All" ### 🔍 Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/13967528524> > Commit: 6a36c9755e7df9e22c1c109876c127b963127a71 > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=13967528524&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.All` > Spec: > <hr>Thu, 20 Mar 2025 12:03:08 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Summary by CodeRabbit - **New Features** - Enhanced the text editor experience by introducing quick markdown-style shortcuts for headings, lists, and quotes. - **Chores** - Upgraded numerous underlying libraries and tools for improved performance and stability. - Streamlined error logging by refining how errors are categorized and reported. - Improved accessibility by updating element selectors to use `aria-label` attributes. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
49 lines
1.5 KiB
JSON
49 lines
1.5 KiB
JSON
{
|
|
"name": "appsmith-rts",
|
|
"version": "0.0.1",
|
|
"description": "Realtime component microservice for Appsmith",
|
|
"main": "index.js",
|
|
"author": "Appsmith Team",
|
|
"license": "Apache-2.0",
|
|
"private": true,
|
|
"scripts": {
|
|
"test:unit": "APPSMITH_API_BASE_URL=http jest -b --colors --no-cache --silent --coverage --collectCoverage=true --coverageDirectory='./' --coverageReporters='json-summary'",
|
|
"test:jest": "APPSMITH_API_BASE_URL=http jest --watch ",
|
|
"lint": "yarn g:lint",
|
|
"prettier": "yarn g:prettier",
|
|
"build": "./build.sh",
|
|
"start": "./start-server.sh"
|
|
},
|
|
"dependencies": {
|
|
"@llamaindex/readers": "2.0.0",
|
|
"@opentelemetry/exporter-trace-otlp-http": "^0.54.2",
|
|
"@opentelemetry/instrumentation": "^0.54.2",
|
|
"@opentelemetry/instrumentation-http": "^0.54.2",
|
|
"@opentelemetry/resources": "^1.27.0",
|
|
"@opentelemetry/sdk-trace-node": "^1.27.0",
|
|
"@opentelemetry/semantic-conventions": "^1.27.0",
|
|
"@shared/ast": "workspace:^",
|
|
"axios": "^1.8.3",
|
|
"dotenv": "10.0.0",
|
|
"express": "^4.20.0",
|
|
"express-validator": "^6.14.2",
|
|
"http-status-codes": "^2.2.0",
|
|
"llamaindex": "0.9.0",
|
|
"loglevel": "^1.8.1",
|
|
"mongodb": "^5.8.0",
|
|
"nodemailer": "6.9.9",
|
|
"readline-sync": "1.4.10"
|
|
},
|
|
"devDependencies": {
|
|
"@types/express": "^4.17.14",
|
|
"@types/jest": "^29.2.3",
|
|
"@types/node": "*",
|
|
"@types/nodemailer": "^6.4.17",
|
|
"@types/readline-sync": "^1.4.8",
|
|
"jest": "^29.3.1",
|
|
"supertest": "^6.3.3",
|
|
"ts-jest": "29.1.0",
|
|
"typescript": "^5.5.4"
|
|
}
|
|
}
|