renovate[bot]
c371ca7196
chore(deps): update dev-dependencies
2026-05-15 13:57:32 +00:00
renovate[bot]
7caaa9a16a
chore(deps): update dev-dependencies
2026-05-15 10:28:16 +00:00
renovate[bot]
57a0b8fee4
chore(deps): update dev-dependencies to v4.3.0
2026-05-11 21:21:39 +00:00
renovate[bot]
572edd431d
chore(deps): update dev-dependencies
2026-05-11 06:05:06 +00:00
renovate[bot]
812fa11b9b
chore(deps): update dependency vite to v7.3.3
2026-05-07 07:38:48 +00:00
dependabot[bot]
fc9a9a6c71
chore(deps): bump axios from 1.15.0 to 1.15.2 in /frontend
...
Bumps [axios](https://github.com/axios/axios ) from 1.15.0 to 1.15.2.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v1.15.0...v1.15.2 )
---
updated-dependencies:
- dependency-name: axios
dependency-version: 1.15.2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-05-06 12:37:48 +00:00
renovate[bot]
4754230ef0
chore(deps): update dev-dependencies
2026-05-06 12:37:26 +00:00
kolaente
926e163089
chore(deps): bump workbox-precaching to 7.4.1 to match workbox-cli
2026-05-05 08:31:42 +00:00
renovate[bot]
7ed0e3ecd6
chore(deps): update dev-dependencies
2026-05-05 08:31:42 +00:00
renovate[bot]
55e96018f3
chore(deps): update dev-dependencies
2026-05-04 10:55:46 +00:00
renovate[bot]
0f1bf6fab2
chore(deps): update dev-dependencies
2026-05-04 10:21:25 +00:00
kolaente
9852aff4ee
fix(frontend): add postcss-html as explicit devDependency
...
Stylelint 17.9.0 resolves customSyntax modules relative to the
stylelint package, so the transitive postcss-html pulled in via
stylelint-config-recommended-vue is no longer reachable and lint
fails with "Could not find postcss-html".
2026-04-27 09:22:01 +00:00
renovate[bot]
519b65b96e
chore(deps): update dev-dependencies
2026-04-27 09:22:01 +00:00
renovate[bot]
71c2e01366
chore(deps): update dependency caniuse-lite to v1.0.30001790
2026-04-22 10:18:08 +00:00
renovate[bot]
49ac0348e4
chore(deps): update dev-dependencies
2026-04-22 06:31:37 +00:00
renovate[bot]
0b2b5b580d
chore(deps): update dev-dependencies
2026-04-21 18:38:21 +00:00
renovate[bot]
9d25864b25
chore(deps): pin dependency otplib to 12.0.1
2026-04-21 11:14:41 +00:00
kolaente
3b7c098c84
test(e2e): add otplib dev dep for TOTP tests
2026-04-21 10:50:09 +00:00
renovate[bot]
73a597345a
chore(deps): update dev-dependencies to v4.2.3
2026-04-21 07:41:56 +00:00
renovate[bot]
5a1db90103
chore(deps): update dev-dependencies to v8.59.0
2026-04-20 19:28:55 +00:00
renovate[bot]
326874d94c
chore(deps): update dev-dependencies
2026-04-20 06:18:12 +00:00
dependabot[bot]
10ec3b55b0
chore(deps): bump dompurify from 3.3.2 to 3.4.0 in /frontend
...
Bumps [dompurify](https://github.com/cure53/DOMPurify ) from 3.3.2 to 3.4.0.
- [Release notes](https://github.com/cure53/DOMPurify/releases )
- [Commits](https://github.com/cure53/DOMPurify/compare/3.3.2...3.4.0 )
---
updated-dependencies:
- dependency-name: dompurify
dependency-version: 3.4.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-16 13:01:57 +00:00
renovate[bot]
2ae194e943
chore(deps): update dependency postcss to v8.5.10
2026-04-15 16:25:26 +00:00
renovate[bot]
85dbef8330
chore(deps): update dependency stylelint to v17.8.0
2026-04-15 15:49:30 +00:00
kolaente
a1fbc277be
fix(deps): patch follow-redirects and basic-ftp security vulnerabilities
...
Update follow-redirects to 1.16.0 (fixes auth header leak on cross-domain
redirects) and basic-ftp to 5.2.2 (fixes CRLF injection in FTP commands).
2026-04-14 20:49:42 +02:00
renovate[bot]
c68649faf4
chore(deps): update dev-dependencies
2026-04-14 10:51:01 +00:00
renovate[bot]
a3ac01346a
chore(deps): update dev-dependencies
2026-04-13 10:14:34 +00:00
renovate[bot]
160495b84e
chore(deps): update dependency stylelint to v17.7.0
2026-04-12 14:42:19 +00:00
renovate[bot]
df7a5c645c
chore(deps): update dependency wait-on to v9.0.5
2026-04-10 22:57:21 +00:00
dependabot[bot]
e8c20b1244
chore(deps): bump axios from 1.13.5 to 1.15.0 in /frontend
...
Bumps [axios](https://github.com/axios/axios ) from 1.13.5 to 1.15.0.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v1.13.5...v1.15.0 )
---
updated-dependencies:
- dependency-name: axios
dependency-version: 1.15.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-04-10 09:58:30 +00:00
kolaente
28b537837f
chore: v2.3.0 release preparations
2026-04-09 20:43:40 +02:00
kolaente
27a88dd17a
fix(deps): bump basic-ftp override to 5.2.1 to patch CRLF injection
...
Resolves Dependabot alert #183 (high severity): basic-ftp 5.2.0 is
vulnerable to FTP command injection via CRLF. The package is pulled in
as a dev-only transitive dependency by @histoire/plugin-screenshot.
2026-04-09 15:34:00 +02:00
renovate[bot]
4415485675
chore(deps): update dependency vitest to v4.1.4
2026-04-09 08:59:51 +00:00
renovate[bot]
e898c01e3d
chore(deps): update dev-dependencies
2026-04-08 08:03:18 +00:00
renovate[bot]
11299d773f
chore(deps): update dependency vitest to v4.1.3
2026-04-07 13:43:01 +00:00
renovate[bot]
33886d2e3c
chore(deps): update dev-dependencies
2026-04-06 16:23:31 +00:00
kolaente
0834d19f9c
feat: remove flexsearch dependency and replace with simple string filtering ( #2542 )
2026-04-04 21:41:25 +02:00
renovate[bot]
33d607714d
chore(deps): update dependency caniuse-lite to v1.0.30001785
2026-04-04 18:38:07 +00:00
renovate[bot]
12ba9ff985
chore(deps): update dev-dependencies
2026-04-03 17:52:24 +00:00
renovate[bot]
ea54f3eb85
chore(deps): update dependency ws to v8.20.0
2026-04-03 16:57:34 +00:00
renovate[bot]
b69564a77c
chore(deps): pin dependencies
2026-04-03 16:16:07 +00:00
kolaente
4cd79088d1
test: add WebSocket e2e tests
...
Add comprehensive end-to-end tests for the WebSocket system:
- Protocol tests: auth (valid/invalid token, timeout, double auth),
subscriptions (valid/invalid event, auth required, unsubscribe),
message delivery (notification on team add, doer exclusion,
multi-connection)
- Frontend integration tests: notification badge update, dropdown
rendering, and logout cleanup via browser-level Playwright tests
- Comment notification test: full flow where user B mentions user A
in a task comment and user A receives real-time WebSocket notification
Includes ws test dependency, shared test helper utilities, and
cascade-truncation of notifications when truncating users to prevent
test pollution.
2026-04-02 16:30:23 +00:00
renovate[bot]
d73222e4a7
chore(deps): update dependency esbuild to v0.27.5
2026-04-02 08:23:19 +00:00
renovate[bot]
59ebfa3b2c
chore(deps): update dependency caniuse-lite to v1.0.30001784
2026-04-01 09:17:36 +00:00
renovate[bot]
020aa899f8
chore(deps): update dependency browserslist to v4.28.2
2026-03-31 21:21:12 +00:00
renovate[bot]
167380a01e
chore(deps): update dependency @typescript-eslint/parser to v8.58.0
2026-03-30 20:13:08 +00:00
renovate[bot]
1a3a18e42b
chore(deps): update dependency @typescript-eslint/eslint-plugin to v8.58.0
2026-03-30 19:12:16 +00:00
renovate[bot]
1c0513de10
chore(deps): update dev-dependencies
2026-03-30 10:24:04 +00:00
dependabot[bot]
21a450b21f
chore(deps): bump serialize-javascript from 7.0.3 to 7.0.5 in /frontend
...
Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript ) from 7.0.3 to 7.0.5.
- [Release notes](https://github.com/yahoo/serialize-javascript/releases )
- [Commits](https://github.com/yahoo/serialize-javascript/compare/v7.0.3...v7.0.5 )
---
updated-dependencies:
- dependency-name: serialize-javascript
dependency-version: 7.0.5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-03-28 23:35:34 +00:00
renovate[bot]
8d958aef62
chore(deps): update dev-dependencies
2026-03-27 23:06:28 +00:00