Skip to content

[FKQA-327]: Maintenance/master #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bencelaszlo merged 2 commits into from
May 8, 2026
Merged

[FKQA-327]: Maintenance/master #19

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c10dc4f
build(deps): yarn upgrade & maintenance
horvathbalazshbal May 4, 2026
e794ea1
docs: finish maintenance documentation
horvathbalazshbal May 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
103 changes: 103 additions & 0 deletions maintenance/2026-05-04.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
# Maintenance

## Reasons of pending

**@techteamer/cert-utils**

Update scheduled

**@techteamer/timestamp**

Update scheduled

**@techteamer/timestamp**

Update scheduled

**@types/node**

Update scheduled

**@typescript-eslint/eslint-plugin**

Update scheduled

**@typescript-eslint/parser**

Update scheduled

**@vitest/coverage-v8**

Update scheduled

**eslint**

Update scheduled

**nock**

Update scheduled

**proxy-agent**

Update scheduled

**typescript**

Update scheduled

**vitest**

Update scheduled

## Logs

### Before

```js
yarn outdated v1.22.22
info Color legend :
"<red>" : Major Update backward-incompatible updates
"<yellow>" : Minor Update backward-compatible features
"<green>" : Patch Update backward-compatible bug fixes
Package Current Wanted Latest Workspace Package Type URL
@techteamer/cert-utils 1.1.3 1.1.3 2.0.0 @techteamer/timestamp dependencies https://github.com/TechTeamer/cert_utils#readme
@techteamer/timestamp 2.0.2 exotic exotic cjs dependencies file:package/timestamp_service
@techteamer/timestamp 2.0.2 exotic exotic mjs dependencies file:package/timestamp_service
@types/node 20.19.39 20.19.39 25.6.0 @techteamer/timestamp devDependencies https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node
@typescript-eslint/eslint-plugin 7.18.0 7.18.0 8.59.1 @techteamer/timestamp devDependencies https://typescript-eslint.io/packages/eslint-plugin
@typescript-eslint/parser 7.18.0 7.18.0 8.59.1 @techteamer/timestamp devDependencies https://typescript-eslint.io/packages/parser
@vitest/coverage-v8 2.1.9 2.1.9 4.1.5 @techteamer/timestamp devDependencies https://vitest.dev/guide/coverage
eslint 8.57.1 8.57.1 10.3.0 @techteamer/timestamp devDependencies https://eslint.org
nock 13.5.6 13.5.6 14.0.14 @techteamer/timestamp devDependencies https://github.com/nock/nock#readme
prettier 3.8.1 3.8.3 3.8.3 @techteamer/timestamp devDependencies https://prettier.io
proxy-agent 6.5.0 6.5.0 8.0.1 @techteamer/timestamp dependencies https://github.com/TooTallNate/proxy-agents#readme
rollup 4.60.1 4.60.2 4.60.2 @techteamer/timestamp devDependencies https://rollupjs.org/
typescript 5.5.4 5.5.4 6.0.3 @techteamer/timestamp devDependencies https://www.typescriptlang.org/
vitest 2.1.9 2.1.9 4.1.5 @techteamer/timestamp devDependencies https://vitest.dev
Done in 1.08s.
```

### After

```js
yarn outdated v1.22.22
info Color legend :
"<red>" : Major Update backward-incompatible updates
"<yellow>" : Minor Update backward-compatible features
"<green>" : Patch Update backward-compatible bug fixes
Package Current Wanted Latest Workspace Package Type URL
@techteamer/cert-utils 1.1.3 1.1.3 2.0.0 @techteamer/timestamp dependencies https://github.com/TechTeamer/cert_utils#readme
@techteamer/timestamp 2.0.2 exotic exotic cjs dependencies file:package/timestamp_service
@techteamer/timestamp 2.0.2 exotic exotic mjs dependencies file:package/timestamp_service
@types/node 20.19.39 20.19.39 25.6.0 @techteamer/timestamp devDependencies https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node
@typescript-eslint/eslint-plugin 7.18.0 7.18.0 8.59.2 @techteamer/timestamp devDependencies https://typescript-eslint.io/packages/eslint-plugin
@typescript-eslint/parser 7.18.0 7.18.0 8.59.2 @techteamer/timestamp devDependencies https://typescript-eslint.io/packages/parser
@vitest/coverage-v8 2.1.9 2.1.9 4.1.5 @techteamer/timestamp devDependencies https://vitest.dev/guide/coverage
eslint 8.57.1 8.57.1 10.3.0 @techteamer/timestamp devDependencies https://eslint.org
nock 13.5.6 13.5.6 14.0.14 @techteamer/timestamp devDependencies https://github.com/nock/nock#readme
proxy-agent 6.5.0 6.5.0 8.0.1 @techteamer/timestamp dependencies https://github.com/TooTallNate/proxy-agents#readme
typescript 5.5.4 5.5.4 6.0.3 @techteamer/timestamp devDependencies https://www.typescriptlang.org/
vitest 2.1.9 2.1.9 4.1.5 @techteamer/timestamp devDependencies https://vitest.dev
Done in 1.04s.
```
112 changes: 112 additions & 0 deletions security/2026-05-04.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,112 @@
# Security

## Reasons of pending

## Logs

### Before

```js
yarn audit v1.22.22
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ basic-ftp: Incomplete CRLF Injection Protection Allows │
│ │ Arbitrary FTP Command Execution via Credentials and MKD │
│ │ Commands │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.2.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @techteamer/timestamp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @techteamer/timestamp > proxy-agent > pac-proxy-agent > │
│ │ get-uri > basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1116454 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ basic-ftp: Incomplete CRLF Injection Protection Allows │
│ │ Arbitrary FTP Command Execution via Credentials and MKD │
│ │ Commands │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.2.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ cjs │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ cjs > @techteamer/timestamp > proxy-agent > pac-proxy-agent │
│ │ > get-uri > basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1116454 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ basic-ftp has FTP Command Injection via CRLF │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.2.1 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @techteamer/timestamp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @techteamer/timestamp > proxy-agent > pac-proxy-agent > │
│ │ get-uri > basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1116478 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ basic-ftp has FTP Command Injection via CRLF │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.2.1 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ cjs │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ cjs > @techteamer/timestamp > proxy-agent > pac-proxy-agent │
│ │ > get-uri > basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1116478 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ basic-ftp vulnerable to denial of service via unbounded │
│ │ memory consumption in Client.list() │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.3.0 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @techteamer/timestamp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @techteamer/timestamp > proxy-agent > pac-proxy-agent > │
│ │ get-uri > basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1117083 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ basic-ftp vulnerable to denial of service via unbounded │
│ │ memory consumption in Client.list() │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.3.0 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ cjs │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ cjs > @techteamer/timestamp > proxy-agent > pac-proxy-agent │
│ │ > get-uri > basic-ftp │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1117083 │
└───────────────┴──────────────────────────────────────────────────────────────┘
6 vulnerabilities found - Packages audited: 86
Severity: 6 High
Done in 0.67s.
```

### After

```js
yarn audit v1.22.22
0 vulnerabilities found - Packages audited: 86
Done in 0.46s.
```
Loading
Loading