diff --git a/dependencies.txt b/dependencies.txt index bc389a77..b811a91e 100644 --- a/dependencies.txt +++ b/dependencies.txt @@ -3,7 +3,7 @@ "body-parser": "1.20.3", "cbor": "5.2.0", "compression": "1.7.4", - "cookie-session": "2.0.0", + "cookie-session": "2.1.0", "express": "4.21.1", "express-handlebars": "7.1.3", "express-ws": "5.0.2", @@ -11,6 +11,6 @@ "minimist": "1.2.8", "multiparty": "4.2.3", "node-forge": "1.3.1", - "ua-parser-js": "1.0.37", - "ws": "8.17.1", + "ua-parser-js": "1.0.39", + "ws": "8.18.0", "yauzl": "2.10.0" \ No newline at end of file diff --git a/docker/Dockerfile b/docker/Dockerfile index cd7dc377..afa15331 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -88,7 +88,7 @@ RUN cd meshcentral && npm install && npm install nedb # NOTE: ALL MODULES MUST HAVE A VERSION NUMBER AND THE VERSION MUST MATCH THAT USED IN meshcentral.js mainStart() RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ]; then cd meshcentral && npm install mongodb@4.13.0 saslprep@1.0.3; fi -RUN if ! [ -z "$PREINSTALL_LIBS" ] && [ "$PREINSTALL_LIBS" == "true" ]; then cd meshcentral && npm install ssh2@1.15.0 semver@7.5.4 nodemailer@6.9.8 image-size@1.0.2 wildleek@2.0.0 otplib@10.2.3 yubikeyotp@0.2.0; fi +RUN if ! [ -z "$PREINSTALL_LIBS" ] && [ "$PREINSTALL_LIBS" == "true" ]; then cd meshcentral && npm install ssh2@1.16.0 semver@7.5.4 nodemailer@6.9.15 image-size@1.1.1 wildleek@2.0.0 otplib@10.2.3 yubikeyotp@0.2.0; fi EXPOSE 80 443 4433 diff --git a/meshcentral.js b/meshcentral.js index 17be5d65..8d031abc 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -4207,14 +4207,14 @@ function mainStart() { // Build the list of required modules // NOTE: ALL MODULES MUST HAVE A VERSION NUMBER AND THE VERSION MUST MATCH THAT USED IN Dockerfile - var modules = ['archiver@7.0.1', 'body-parser@1.20.3', 'cbor@5.2.0', 'compression@1.7.4', 'cookie-session@2.0.0', 'express@4.21.1', 'express-handlebars@7.1.3', 'express-ws@5.0.2', 'ipcheck@0.1.0', 'minimist@1.2.8', 'multiparty@4.2.3', '@yetzt/nedb', 'node-forge@1.3.1', 'ua-parser-js@1.0.37', 'ws@8.17.1', 'yauzl@2.10.0']; + var modules = ['archiver@7.0.1', 'body-parser@1.20.3', 'cbor@5.2.0', 'compression@1.7.4', 'cookie-session@2.1.0', 'express@4.21.1', 'express-handlebars@7.1.3', 'express-ws@5.0.2', 'ipcheck@0.1.0', 'minimist@1.2.8', 'multiparty@4.2.3', '@yetzt/nedb', 'node-forge@1.3.1', 'ua-parser-js@1.0.39', 'ws@8.18.0', 'yauzl@2.10.0']; if (require('os').platform() == 'win32') { modules.push('node-windows@0.1.14'); modules.push('loadavg-windows@1.1.1'); if (sspi == true) { modules.push('node-sspi@0.2.10'); } } // Add Windows modules if (ldap == true) { modules.push('ldapauth-fork@5.0.5'); } - if (ssh == true) { modules.push('ssh2@1.15.0'); } + if (ssh == true) { modules.push('ssh2@1.16.0'); } if (passport != null) { modules.push(...passport); } if (captcha == true) { modules.push('svg-captcha@1.4.0'); } - if (sessionRecording == true) { modules.push('image-size@1.0.2'); } // Need to get the remote desktop JPEG sizes to index the recodring file. + if (sessionRecording == true) { modules.push('image-size@1.1.1'); } // Need to get the remote desktop JPEG sizes to index the recodring file. if (config.letsencrypt != null) { modules.push('acme-client@4.2.5'); } // Add acme-client module. We need to force v4.2.4 or higher since olver versions using SHA-1 which is no longer supported by Let's Encrypt. if (config.settings.mqtt != null) { modules.push('aedes@0.39.0'); } // Add MQTT Modules if (config.settings.mysql != null) { modules.push('mysql2@3.6.2'); } // Add MySQL. @@ -4228,7 +4228,7 @@ function mainStart() { if (config.settings.plugins != null) { modules.push('semver@7.5.4'); } // Required for version compat testing and update checks if ((config.settings.plugins != null) && (config.settings.plugins.proxy != null)) { modules.push('https-proxy-agent@7.0.2'); } // Required for HTTP/HTTPS proxy support else if (config.settings.xmongodb != null) { modules.push('mongojs@3.1.0'); } // Add MongoJS, old driver. - if (nodemailer || ((config.smtp != null) && (config.smtp.name != 'console')) || (config.sendmail != null)) { modules.push('nodemailer@6.9.8'); } // Add SMTP support + if (nodemailer || ((config.smtp != null) && (config.smtp.name != 'console')) || (config.sendmail != null)) { modules.push('nodemailer@6.9.15'); } // Add SMTP support if (sendgrid || (config.sendgrid != null)) { modules.push('@sendgrid/mail'); } // Add SendGrid support if ((args.translate || args.dev) && (Number(process.version.match(/^v(\d+\.\d+)/)[1]) >= 16)) { modules.push('jsdom@22.1.0'); modules.push('esprima@4.0.1'); modules.push('html-minifier@4.0.0'); } // Translation support if (typeof config.settings.crowdsec == 'object') { modules.push('@crowdsec/express-bouncer@0.1.0'); } // Add CrowdSec bounser module (https://www.npmjs.com/package/@crowdsec/express-bouncer) @@ -4257,7 +4257,7 @@ function mainStart() { } // Desktop multiplexor support - if (config.settings.desktopmultiplex === true) { modules.push('image-size@1.0.2'); } + if (config.settings.desktopmultiplex === true) { modules.push('image-size@1.1.1'); } // SMS support if (config.sms != null) { diff --git a/package-lock.json b/package-lock.json index 23060d63..25ace989 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14,7 +14,7 @@ "body-parser": "1.20.3", "cbor": "5.2.0", "compression": "1.7.4", - "cookie-session": "2.0.0", + "cookie-session": "2.1.0", "express": "4.21.1", "express-handlebars": "7.1.3", "express-ws": "5.0.2", @@ -22,8 +22,8 @@ "minimist": "1.2.8", "multiparty": "4.2.3", "node-forge": "1.3.1", - "ua-parser-js": "1.0.37", - "ws": "8.17.1", + "ua-parser-js": "1.0.39", + "ws": "8.18.0", "yauzl": "2.10.0" }, "bin": { @@ -421,11 +421,11 @@ } }, "node_modules/cookie-session": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/cookie-session/-/cookie-session-2.0.0.tgz", - "integrity": "sha512-hKvgoThbw00zQOleSlUr2qpvuNweoqBtxrmx0UFosx6AGi9lYtLoA+RbsvknrEX8Pr6MDbdWAb2j6SnMn+lPsg==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/cookie-session/-/cookie-session-2.1.0.tgz", + "integrity": "sha512-u73BDmR8QLGcs+Lprs0cfbcAPKl2HnPcjpwRXT41sEV4DRJ2+W0vJEEZkG31ofkx+HZflA70siRIjiTdIodmOQ==", "dependencies": { - "cookies": "0.8.0", + "cookies": "0.9.1", "debug": "3.2.7", "on-headers": "~1.0.2", "safe-buffer": "5.2.1" @@ -472,9 +472,9 @@ "integrity": "sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==" }, "node_modules/cookies": { - "version": "0.8.0", - "resolved": "https://registry.npmjs.org/cookies/-/cookies-0.8.0.tgz", - "integrity": "sha512-8aPsApQfebXnuI+537McwYsDtjVxGm8gTIzQI3FDW6t5t/DAhERxtnbEPN/8RX+uZthoz4eCOgloXaE5cYyNow==", + "version": "0.9.1", + "resolved": "https://registry.npmjs.org/cookies/-/cookies-0.9.1.tgz", + "integrity": "sha512-TG2hpqe4ELx54QER/S3HQ9SRVnQnGBtKUz5bLQWtYAQ+o6GpgMs6sYUvaiJjVxb+UXwhRhAEP3m7LbsIZ77Hmw==", "dependencies": { "depd": "~2.0.0", "keygrip": "~1.1.0" @@ -1821,9 +1821,9 @@ } }, "node_modules/ua-parser-js": { - "version": "1.0.37", - "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-1.0.37.tgz", - "integrity": "sha512-bhTyI94tZofjo+Dn8SN6Zv8nBDvyXTymAdM3LDI/0IboIUwTu1rEhW7v2TfiVsoYWgkQ4kOVqnI8APUFbIQIFQ==", + "version": "1.0.39", + "resolved": "https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-1.0.39.tgz", + "integrity": "sha512-k24RCVWlEcjkdOxYmVJgeD/0a1TiSpqLg+ZalVGV9lsnr4yqu0w7tX/x2xX6G4zpkgQnRf89lxuZ1wsbjXM8lw==", "funding": [ { "type": "opencollective", @@ -1838,6 +1838,9 @@ "url": "https://github.com/sponsors/faisalman" } ], + "bin": { + "ua-parser-js": "script/cli.js" + }, "engines": { "node": "*" } @@ -2003,9 +2006,9 @@ } }, "node_modules/ws": { - "version": "8.17.1", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", - "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", + "version": "8.18.0", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", + "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", "engines": { "node": ">=10.0.0" }, diff --git a/package.json b/package.json index e885a503..3b16dffe 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "body-parser": "1.20.3", "cbor": "5.2.0", "compression": "1.7.4", - "cookie-session": "2.0.0", + "cookie-session": "2.1.0", "express": "4.21.1", "express-handlebars": "7.1.3", "express-ws": "5.0.2", @@ -50,8 +50,8 @@ "minimist": "1.2.8", "multiparty": "4.2.3", "node-forge": "1.3.1", - "ua-parser-js": "1.0.37", - "ws": "8.17.1", + "ua-parser-js": "1.0.39", + "ws": "8.18.0", "yauzl": "2.10.0" }, "engines": {