bee5945c0b
chore(deps-dev): bump @types/markdown-it from 14.1.1 to 14.1.2 ( #12260 )
...
* chore(deps-dev): bump @types/markdown-it from 14.1.1 to 14.1.2
Bumps [@types/markdown-it](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/markdown-it ) from 14.1.1 to 14.1.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/markdown-it )
---
updated-dependencies:
- dependency-name: "@types/markdown-it"
dependency-version: 14.1.2
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
* fix: Drop removed `jump` field from mark delimiter
@types/markdown-it 14.1.2 removed `jump` from the `Delimiter` interface
to match upstream markdown-it, which tracks jumps in a local array
inside balance_pairs rather than on each delimiter.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com >
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com >
2026-05-04 21:10:58 -04:00
1f8f708c83
chore(deps): bump @bull-board/api from 6.21.2 to 6.21.3 ( #12259 )
...
* chore(deps): bump @bull-board/api from 6.21.2 to 6.21.3
Bumps [@bull-board/api](https://github.com/felixmosh/bull-board/tree/HEAD/packages/api ) from 6.21.2 to 6.21.3.
- [Release notes](https://github.com/felixmosh/bull-board/releases )
- [Changelog](https://github.com/felixmosh/bull-board/blob/master/CHANGELOG.md )
- [Commits](https://github.com/felixmosh/bull-board/commits/v6.21.3/packages/api )
---
updated-dependencies:
- dependency-name: "@bull-board/api"
dependency-version: 6.21.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore(deps): bump @bull-board/koa to 6.21.3
Aligns koa adapter's nested @bull-board/api with the top-level 6.21.3
to fix a TS2322 error from divergent BaseAdapter types.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com >
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com >
2026-05-04 21:10:44 -04:00
ac4dc014d5
chore(deps-dev): bump @babel/preset-env in the babel group ( #12257 )
...
Bumps the babel group with 1 update: [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ).
Updates `@babel/preset-env` from 7.29.2 to 7.29.3
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.29.3/packages/babel-preset-env )
---
updated-dependencies:
- dependency-name: "@babel/preset-env"
dependency-version: 7.29.3
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: babel
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-04 20:42:46 -04:00
b4fe88ba98
chore(deps): bump @dotenvx/dotenvx from 1.61.0 to 1.64.0 ( #12258 )
...
Bumps [@dotenvx/dotenvx](https://github.com/dotenvx/dotenvx ) from 1.61.0 to 1.64.0.
- [Release notes](https://github.com/dotenvx/dotenvx/releases )
- [Changelog](https://github.com/dotenvx/dotenvx/blob/main/CHANGELOG.md )
- [Commits](https://github.com/dotenvx/dotenvx/compare/v1.61.0...v1.64.0 )
---
updated-dependencies:
- dependency-name: "@dotenvx/dotenvx"
dependency-version: 1.64.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-04 20:42:33 -04:00
04a13de0e7
v1.7.1
2026-05-03 21:39:25 -04:00
eaca221fde
fix: parseXML error in AWS SDK ( #12231 )
2026-05-01 02:56:10 +00:00
49ca7d5e37
chore(deps): bump react-hook-form and vite-plugin-pwa ( #12212 )
...
- react-hook-form 7.69.0 → 7.74.0 (^7.72.1 range)
- vite-plugin-pwa 1.0.3 → 1.2.0
2026-04-29 08:25:01 -04:00
816a474a46
chore(deps-dev): bump oxlint and tsgolint ( #12127 )
...
* chore(deps-dev): bump oxlint-tsgolint from 0.1.6 to 0.21.1
Bumps [oxlint-tsgolint](https://github.com/oxc-project/tsgolint ) from 0.1.6 to 0.21.1.
- [Release notes](https://github.com/oxc-project/tsgolint/releases )
- [Commits](https://github.com/oxc-project/tsgolint/compare/v0.1.6...v0.21.1 )
---
updated-dependencies:
- dependency-name: oxlint-tsgolint
dependency-version: 0.21.1
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore: Adjust lint config for newer oxlint-tsgolint
Pin oxlint to 1.50.0 and oxlint-tsgolint to 0.14.2. Older oxlint
can't parse newer tsgolint diagnostic payloads, and tsgolint >=0.15
rejects moduleResolution: "node" — moving off it requires either
"bundler" (currently breaks @hocuspocus@1.1.3 typings, which lack a
types condition in their package.json exports) or "node16"/"nodenext"
(would require explicit .js extensions on every relative import).
Add per-package ignorePatterns since they no longer propagate from
the root config when nested configs are present.
Drop tsconfig baseUrl (typescript-go in tsgolint rejects it) and add
a plugins/* path alias so cross-plugin imports keep resolving. The
babel resolver is switched from babel-plugin-tsconfig-paths-module-
resolver (which required baseUrl) to babel-plugin-module-resolver
with explicit aliases.
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com >
2026-04-28 13:50:42 -04:00
c34567cb0a
chore(deps): bump ioredis from 5.8.2 to 5.10.1 ( #12190 )
...
* chore(deps): bump ioredis from 5.8.2 to 5.10.1
Bumps [ioredis](https://github.com/luin/ioredis ) from 5.8.2 to 5.10.1.
- [Release notes](https://github.com/luin/ioredis/releases )
- [Changelog](https://github.com/redis/ioredis/blob/main/CHANGELOG.md )
- [Commits](https://github.com/luin/ioredis/compare/v5.8.2...v5.10.1 )
---
updated-dependencies:
- dependency-name: ioredis
dependency-version: 5.10.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* dedupe
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com >
2026-04-27 21:02:42 +00:00
bf696581b7
chore(deps): bump @css-inline/css-inline-wasm from 0.18.0 to 0.20.2 ( #12191 )
...
Bumps [@css-inline/css-inline-wasm](https://github.com/Stranger6667/css-inline ) from 0.18.0 to 0.20.2.
- [Release notes](https://github.com/Stranger6667/css-inline/releases )
- [Changelog](https://github.com/Stranger6667/css-inline/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Stranger6667/css-inline/compare/v0.18.0...c-v0.20.2 )
---
updated-dependencies:
- dependency-name: "@css-inline/css-inline-wasm"
dependency-version: 0.20.2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-27 16:54:39 -04:00
9cc22df873
chore(deps): bump dd-trace from 5.82.0 to 5.98.0 ( #12189 )
...
Bumps [dd-trace](https://github.com/DataDog/dd-trace-js ) from 5.82.0 to 5.98.0.
- [Commits](https://github.com/DataDog/dd-trace-js/compare/v5.82.0...v5.98.0 )
---
updated-dependencies:
- dependency-name: dd-trace
dependency-version: 5.98.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-27 16:54:06 -04:00
5058ad3640
chore(deps): bump class-validator from 0.14.4 to 0.15.1 ( #12188 )
...
Bumps [class-validator](https://github.com/typestack/class-validator ) from 0.14.4 to 0.15.1.
- [Release notes](https://github.com/typestack/class-validator/releases )
- [Changelog](https://github.com/typestack/class-validator/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/typestack/class-validator/compare/v0.14.4...v0.15.1 )
---
updated-dependencies:
- dependency-name: class-validator
dependency-version: 0.15.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-27 16:29:17 -04:00
26049e35ab
chore(deps): bump compressorjs from 1.2.1 to 1.3.0 ( #12187 )
...
Bumps [compressorjs](https://github.com/fengyuanchen/compressorjs ) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/fengyuanchen/compressorjs/releases )
- [Changelog](https://github.com/fengyuanchen/compressorjs/blob/main/CHANGELOG.md )
- [Commits](https://github.com/fengyuanchen/compressorjs/compare/v1.2.1...v1.3.0 )
---
updated-dependencies:
- dependency-name: compressorjs
dependency-version: 1.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-27 16:29:02 -04:00
755bf03e8c
chore(deps): bump pg from 8.16.3 to 8.20.0 ( #12186 )
...
Bumps [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg ) from 8.16.3 to 8.20.0.
- [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md )
- [Commits](https://github.com/brianc/node-postgres/commits/pg@8.20.0/packages/pg )
---
updated-dependencies:
- dependency-name: pg
dependency-version: 8.20.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-27 16:28:45 -04:00
c0521dbfd0
chore: Bump ajv to 8.18.0 to address GHSA-2g4f-4pwh-qvx6 ( #12185 )
...
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com >
2026-04-27 11:09:21 -04:00
11d10bb67c
chore: Remove redundant package resolutions ( #12184 )
...
Drops nine global resolutions whose versions are already produced by
yarn's natural resolution: @hocuspocus/server, fengari, d3, node-fetch,
socket.io-parser, @xmldom/xmldom, tar, @hono/node-server, and underscore.
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com >
2026-04-27 10:48:43 -04:00
8e83544bb4
chore: Bump qs to 6.14.2 to address GHSA-w7fw-mjwx-w883 ( #12183 )
...
* chore: Bump qs to 6.14.2 to address GHSA-w7fw-mjwx-w883
2026-04-27 10:29:07 -04:00
88d871e463
chore: Clear lodash _.template injection advisory from audit ignore list ( #12180 )
...
Pin lodash and lodash-es to ^4.18.1 via resolutions so transitive deps
pick up the patched versions, then drop the advisory ID.
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com >
2026-04-27 10:13:15 -04:00
e515fa5b44
chore: Bump fast-xml-parser to 5.7.0 to address GHSA-gh4j-gqv2-49f6 ( #12181 )
...
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com >
2026-04-27 10:13:04 -04:00
c280bddab9
chore: Clear picomatch ReDoS advisories from audit ignore list ( #12179 )
...
Pin picomatch to ^2.3.2 / ^4.0.4 via resolutions so transitive
deps pick up the patched versions, then drop the advisory IDs.
2026-04-27 09:48:03 -04:00
ec2463e5ff
chore: Bump zod to 4.3.6 ( #12178 )
2026-04-27 09:33:44 -04:00
c6aacfeeeb
chore: Clear minimatch ReDoS advisories from audit ignore list ( #12177 )
...
* chore: Resolve minimatch ReDoS advisories via dep bumps and resolutions
Bump glob (8→11), rimraf (2→6), babel-jest, jest-environment-jsdom (29→30),
and lint-staged (13→16) to drop several vulnerable transitive chains. Pin
remaining minimatch and brace-expansion descriptors via resolutions so all
in-tree copies are on their latest patched release. Removes 9 ignored
advisory IDs from .yarnrc.yml.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com >
* fix: Make routeHelpers.urlify origin testable for jsdom 26
jsdom 26 (jest-environment-jsdom@30) makes window.location and
location.origin non-configurable, breaking the previous test that
redefined them via Object.defineProperty.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com >
* chore: Align jest-cli to ^30.3.0 with other jest packages
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com >
---------
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com >
2026-04-27 09:13:52 -04:00
3f07771a7e
chore: Improve setup against supply chain attacks ( #12170 )
...
* Add npm audit CI
Remove postinstall
Disable postinstall scripts
Increase age gate to 3d
* audit cleanup
* Gate on dep changes
2026-04-26 21:23:26 -04:00
22f5618465
chore: Upgrade socket.io-parser ( #12053 )
...
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: tommoor <380914+tommoor@users.noreply.github.com >
2026-04-25 09:15:36 -04:00
b5923569ee
chore(deps): bump i18next-http-backend from 2.7.3 to 3.0.5 ( #12137 )
...
Bumps [i18next-http-backend](https://github.com/i18next/i18next-http-backend ) from 2.7.3 to 3.0.5.
- [Changelog](https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next-http-backend/compare/v2.7.3...v3.0.5 )
---
updated-dependencies:
- dependency-name: i18next-http-backend
dependency-version: 3.0.5
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-25 08:48:54 -04:00
568b4ac074
v1.7.0
2026-04-24 20:19:52 +00:00
5b2283386d
chore(deps): bump i18next-fs-backend from 2.6.3 to 2.6.4 ( #12136 )
...
Bumps [i18next-fs-backend](https://github.com/i18next/i18next-fs-backend ) from 2.6.3 to 2.6.4.
- [Changelog](https://github.com/i18next/i18next-fs-backend/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next-fs-backend/compare/v2.6.3...v2.6.4 )
---
updated-dependencies:
- dependency-name: i18next-fs-backend
dependency-version: 2.6.4
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-22 14:07:49 -04:00
26bc3fb1b8
chore(deps): bump @tanstack/react-virtual from 3.13.23 to 3.13.24 ( #12128 )
...
Bumps [@tanstack/react-virtual](https://github.com/TanStack/virtual/tree/HEAD/packages/react-virtual ) from 3.13.23 to 3.13.24.
- [Release notes](https://github.com/TanStack/virtual/releases )
- [Changelog](https://github.com/TanStack/virtual/blob/main/packages/react-virtual/CHANGELOG.md )
- [Commits](https://github.com/TanStack/virtual/commits/@tanstack/react-virtual@3.13.24/packages/react-virtual )
---
updated-dependencies:
- dependency-name: "@tanstack/react-virtual"
dependency-version: 3.13.24
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-22 04:51:10 -04:00
4e07cf75bf
chore(deps): bump the aws group with 5 updates ( #12124 )
...
Bumps the aws group with 5 updates:
| Package | From | To |
| --- | --- | --- |
| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3 ) | `3.990.0` | `3.1032.0` |
| [@aws-sdk/lib-storage](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage ) | `3.990.0` | `3.1032.0` |
| [@aws-sdk/s3-presigned-post](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-presigned-post ) | `3.990.0` | `3.1032.0` |
| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner ) | `3.990.0` | `3.1032.0` |
| [@aws-sdk/signature-v4-crt](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/signature-v4-crt ) | `3.990.0` | `3.1032.0` |
Updates `@aws-sdk/client-s3` from 3.990.0 to 3.1032.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases )
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1032.0/clients/client-s3 )
Updates `@aws-sdk/lib-storage` from 3.990.0 to 3.1032.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases )
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/lib/lib-storage/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1032.0/lib/lib-storage )
Updates `@aws-sdk/s3-presigned-post` from 3.990.0 to 3.1032.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases )
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/packages/s3-presigned-post/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1032.0/packages/s3-presigned-post )
Updates `@aws-sdk/s3-request-presigner` from 3.990.0 to 3.1032.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases )
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/packages/s3-request-presigner/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1032.0/packages/s3-request-presigner )
Updates `@aws-sdk/signature-v4-crt` from 3.990.0 to 3.1032.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases )
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/packages/signature-v4-crt/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1032.0/packages/signature-v4-crt )
---
updated-dependencies:
- dependency-name: "@aws-sdk/client-s3"
dependency-version: 3.1032.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: aws
- dependency-name: "@aws-sdk/lib-storage"
dependency-version: 3.1032.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: aws
- dependency-name: "@aws-sdk/s3-presigned-post"
dependency-version: 3.1032.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: aws
- dependency-name: "@aws-sdk/s3-request-presigner"
dependency-version: 3.1032.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: aws
- dependency-name: "@aws-sdk/signature-v4-crt"
dependency-version: 3.1032.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: aws
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-20 19:34:05 -04:00
a422c537ec
chore(deps): bump @simplewebauthn/browser from 13.2.2 to 13.3.0 ( #12125 )
...
Bumps [@simplewebauthn/browser](https://github.com/MasterKale/SimpleWebAuthn/tree/HEAD/packages/browser ) from 13.2.2 to 13.3.0.
- [Release notes](https://github.com/MasterKale/SimpleWebAuthn/releases )
- [Changelog](https://github.com/MasterKale/SimpleWebAuthn/blob/master/CHANGELOG.md )
- [Commits](https://github.com/MasterKale/SimpleWebAuthn/commits/v13.3.0/packages/browser )
---
updated-dependencies:
- dependency-name: "@simplewebauthn/browser"
dependency-version: 13.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-20 19:33:47 -04:00
49d5052a51
feat: RTL layout ( #12107 )
...
* First pass
* Remove prop drilling, fix comment layout
* Revert dev:watch to use dev:backend
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com >
---------
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com >
2026-04-18 15:12:57 -04:00
e6cfc45fb4
chore: Upgrade xmldom ( #12108 )
2026-04-18 19:04:17 +00:00
1596e51fa5
chore(deps): bump @node-oauth/oauth2-server from 5.2.1 to 5.3.0 ( #12081 )
...
Bumps [@node-oauth/oauth2-server](https://github.com/node-oauth/node-oauth2-server ) from 5.2.1 to 5.3.0.
- [Release notes](https://github.com/node-oauth/node-oauth2-server/releases )
- [Changelog](https://github.com/node-oauth/node-oauth2-server/blob/master/CHANGELOG.md )
- [Commits](https://github.com/node-oauth/node-oauth2-server/compare/v5.2.1...v5.3.0 )
---
updated-dependencies:
- dependency-name: "@node-oauth/oauth2-server"
dependency-version: 5.3.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-16 17:36:49 -04:00
7a4b545e7f
chore: vendor autotrack library ( #12070 )
...
The autotrack npm package is no longer maintained. Vendor the three
plugins we use (eventTracker, outboundLinkTracker, urlChangeTracker)
and their dom-utils dependencies into a single local JS file.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-04-16 07:42:21 -04:00
f1033f37b8
chore: Patch upgrade all dependencies ( #12061 )
...
* chore: Patch upgrade all dependencies and fix type issues
Upgrades 38 packages to latest patch versions. Dedupes prosemirror-view
and @bull-board/api to fix type conflicts, pins @types/markdown-it to
14.1.1 via resolutions (14.1.2 has a breaking type change), and removes
an unused @ts-expect-error in mark.ts.
Also fixes npmMinimalAgeGate from 86400 to 1440 — the unit is minutes
not seconds, so it was blocking any package published in the last 60
days instead of 24 hours.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
* fix: Update resolutions to match bumped dependency versions
Syncs @types/react (17.0.75 → 17.0.91), @hocuspocus/server (1.1.2 →
1.1.3), and prosemirror-transform (1.10.0 → 1.10.5) in the resolutions
field to match the upgraded versions in dependencies/devDependencies.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-04-15 21:18:55 -04:00
03c3be4cf2
fix: npmMinimalAgeGate incorrectly set, upgrade axios, aws ( #12057 )
2026-04-15 08:45:55 -04:00
2a2774a6d0
chore: Update modelcontextprotocol ( #12052 )
...
* chore: Update modelcontextprotocol
* fix: Restore native Web API classes after jest-fetch-mock setup
jest-fetch-mock replaces globalThis.Response with a cross-fetch polyfill
that doesn't support Web Streams (ReadableStream bodies become Buffers).
The MCP SDK's @hono/node-server adapter calls response.body.getReader()
which fails with the polyfilled Response. Since dontMock() is already
called, preserving the native classes is the correct behavior.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-04-15 08:15:43 -04:00
3fa5e745be
chore: Bump fast-xml-parser from 5.2.5 to 5.5.7 ( #12054 )
...
Adds a yarn resolution to upgrade the transitive dependency
fast-xml-parser to 5.5.7, resolving a security vulnerability.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-04-15 08:04:03 -04:00
336bbb251f
chore(deps): bump the fortawesome group with 3 updates ( #12017 )
...
Bumps the fortawesome group with 3 updates: [@fortawesome/fontawesome-svg-core](https://github.com/FortAwesome/Font-Awesome ), [@fortawesome/free-brands-svg-icons](https://github.com/FortAwesome/Font-Awesome ) and [@fortawesome/free-solid-svg-icons](https://github.com/FortAwesome/Font-Awesome ).
Updates `@fortawesome/fontawesome-svg-core` from 7.1.0 to 7.2.0
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases )
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/7.x/CHANGELOG.md )
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/7.1.0...7.2.0 )
Updates `@fortawesome/free-brands-svg-icons` from 7.1.0 to 7.2.0
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases )
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/7.x/CHANGELOG.md )
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/7.1.0...7.2.0 )
Updates `@fortawesome/free-solid-svg-icons` from 7.1.0 to 7.2.0
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases )
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/7.x/CHANGELOG.md )
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/7.1.0...7.2.0 )
---
updated-dependencies:
- dependency-name: "@fortawesome/fontawesome-svg-core"
dependency-version: 7.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: fortawesome
- dependency-name: "@fortawesome/free-brands-svg-icons"
dependency-version: 7.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: fortawesome
- dependency-name: "@fortawesome/free-solid-svg-icons"
dependency-version: 7.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: fortawesome
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 17:11:51 -04:00
299e0723f3
chore(deps): bump nodemailer from 7.0.11 to 7.0.13 ( #12019 )
...
Bumps [nodemailer](https://github.com/nodemailer/nodemailer ) from 7.0.11 to 7.0.13.
- [Release notes](https://github.com/nodemailer/nodemailer/releases )
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nodemailer/nodemailer/compare/v7.0.11...v7.0.13 )
---
updated-dependencies:
- dependency-name: nodemailer
dependency-version: 7.0.13
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 17:11:32 -04:00
b935dd7d27
chore(deps): bump prosemirror-tables from 1.8.3 to 1.8.5 ( #12020 )
...
Bumps [prosemirror-tables](https://github.com/ProseMirror/prosemirror-tables ) from 1.8.3 to 1.8.5.
- [Release notes](https://github.com/ProseMirror/prosemirror-tables/releases )
- [Changelog](https://github.com/ProseMirror/prosemirror-tables/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ProseMirror/prosemirror-tables/compare/v1.8.3...v1.8.5 )
---
updated-dependencies:
- dependency-name: prosemirror-tables
dependency-version: 1.8.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 17:11:14 -04:00
c4479e257e
chore: upgrade Node.js to 24.14.1 (LTS) ( #11918 )
...
* Initial plan
* chore: upgrade Node.js base image from 22.21.0 to 24.14.1 (LTS)
* chore: include node version in node_modules cache keys
* Add canary build for docker changes
* fix: Try docker driver
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: tommoor <380914+tommoor@users.noreply.github.com >
Co-authored-by: Tom Moor <tom@getoutline.com >
2026-04-01 17:47:01 -04:00
979d9a412d
Mermaid improvements ( #11874 )
...
* fix: Upgrade mermaid to 11.13.0
Includes a fix for incorrect viewBox casing in Radar and Packet diagram
renderers (mermaid-js/mermaid#7076) and other improvements.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
* fix: Use visibility:hidden for mermaid rendering element
Instead of positioning the temporary render element offscreen at
-9999px, use visibility:hidden with position:fixed so the browser
computes correct bounding boxes for SVG elements. Offscreen elements
can produce incorrect getBBox() results, leading to wrong viewBox
dimensions and diagrams rendering too big or too small.
Fixes #11782
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
* Add session storage for generated diagrams to reduce relayout
* fix: Use LRU eviction for mermaid sessionStorage cache
Track access order via a dedicated LRU index key so the cache evicts
least-recently-used entries rather than arbitrary ones.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-25 22:59:57 -04:00
0ba310e027
Remove unused files and dependencies ( #11850 )
...
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-22 18:44:51 -04:00
05eac5bc3b
v1.6.1
2026-03-18 19:49:24 -04:00
24954204ea
v1.6.0
2026-03-15 12:18:08 -04:00
1a893b0e45
Group sync framework ( #11684 )
...
Adds group sync from external authentication providers, allowing team group memberships to be automatically managed based on provider data on sign-in in the future.
2026-03-14 23:02:20 -04:00
03a78ab6d6
feat: Use web haptics lib ( #11685 )
2026-03-08 18:26:42 -04:00
3066b7ba4e
feat: Presentation mode ( #11678 )
...
* wip
* fix scaling, query string, icons, refactor
* refactor
2026-03-07 09:17:47 -05:00
3d1c2a8759
chore: Remove datadog-metrics lib ( #11665 )
...
* chore: Remove datadog-metrics lib
* Restore Pako transient dep types
* PR feedback
2026-03-05 19:27:11 -05:00
dependabot[bot]