letsbe/pn-new-crm
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
e2b5898efca0fb1e3945e4118dbbdd0dd6fa314f
pn-new-crm/package.json
Matt e2b5898efc
Some checks failed
Build & Push Docker Images / lint (push) Successful in 1m31s
Details
Build & Push Docker Images / build-and-push (push) Has been cancelled
Details
chore(deps): bump next 15.2.9→15.5.18 + drizzle-orm 0.38.4→0.45.2 (Phase 1b/c) 
Security-driven version bumps; both stay within their existing major.

next 15.2.9 → 15.5.18 closes (1 high + 6 moderate next-specific CVEs):
- DoS via Server Components (high)
- Image Optimizer cache key confusion / content injection (moderate)
- Improper middleware redirect handling → SSRF (moderate)
- HTTP request smuggling in rewrites (moderate)
- Unbounded next/image disk cache growth → storage exhaustion (moderate)
- Self-hosted DoS via Image Optimizer remotePatterns (moderate)

drizzle-orm 0.38.4 → 0.45.2 closes:
- SQL injection via improperly escaped SQL identifiers (high)

Drizzle 0.45 changed query-error wrapping: outer Error.message is now
generic ("Failed query: insert into ...") with the postgres error on
.cause. Two integration test suites updated to assert on
cause.code === '23505' (postgres unique_violation) instead of message
regex — more robust + unambiguous.

eslint-config-next bumped 15.2.9 → 15.5.18 to match.
drizzle-kit bumped 0.30.6 → 0.31.10 to match.

Note: next-env.d.ts is auto-generated by next at build time; not
committed here (the new triple-slash routes reference would fail the
project's eslint rule, and CI regenerates it anyway).

Tests: 1185/1185 vitest passing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-08 16:34:01 +02:00

133 lines
4.5 KiB
JSON
Raw Blame History

{
"name": "port-nimara-crm",
"version": "0.1.0",
"private": true,
"packageManager": "pnpm@10.33.2",
"scripts": {
"dev": "next dev",
"build": "next build && pnpm build:server",
"build:server": "esbuild src/server.ts --bundle --platform=node --target=node20 --format=cjs --outdir=dist --packages=external --tsconfig=tsconfig.server.json",
"build:worker": "esbuild src/worker.ts --bundle --platform=node --target=node20 --format=cjs --outdir=dist --packages=external --tsconfig=tsconfig.server.json",
"start": "next start",
"lint": "next lint",
"format": "prettier --write \"src/**/*.{ts,tsx,json,css}\"",
"db:generate": "drizzle-kit generate",
"db:push": "drizzle-kit push",
"db:studio": "drizzle-kit studio",
"db:seed": "tsx src/lib/db/seed.ts",
"db:seed:realistic": "tsx src/lib/db/seed.ts",
"db:seed:synthetic": "tsx src/lib/db/seed-synthetic.ts",
"db:reset": "tsx scripts/db-reset.ts --confirm",
"db:reseed:realistic": "pnpm db:reset && pnpm db:seed:realistic",
"db:reseed:synthetic": "pnpm db:reset && pnpm db:seed:synthetic",
"test:e2e": "playwright test",
"test:e2e:smoke": "playwright test --project=smoke",
"test:e2e:exhaustive": "playwright test --project=exhaustive",
"test:e2e:destructive": "playwright test --project=destructive",
"prepare": "husky || true"
},
"dependencies": {
"@dnd-kit/core": "^6.3.1",
"@dnd-kit/sortable": "^10.0.0",
"@dnd-kit/utilities": "^3.2.2",
"@hookform/resolvers": "^3.10.0",
"@pdfme/common": "^5.5.10",
"@pdfme/generator": "^5.5.10",
"@pdfme/schemas": "^5.5.10",
"@radix-ui/react-accordion": "^1.2.12",
"@radix-ui/react-alert-dialog": "^1.1.15",
"@radix-ui/react-avatar": "^1.1.11",
"@radix-ui/react-checkbox": "^1.3.3",
"@radix-ui/react-dialog": "^1.1.15",
"@radix-ui/react-dropdown-menu": "^2.1.16",
"@radix-ui/react-icons": "^1.3.2",
"@radix-ui/react-label": "^2.1.8",
"@radix-ui/react-navigation-menu": "^1.2.14",
"@radix-ui/react-popover": "^1.1.15",
"@radix-ui/react-progress": "^1.1.8",
"@radix-ui/react-radio-group": "^1.3.8",
"@radix-ui/react-scroll-area": "^1.2.10",
"@radix-ui/react-select": "^2.2.6",
"@radix-ui/react-separator": "^1.1.8",
"@radix-ui/react-slider": "^1.3.6",
"@radix-ui/react-slot": "^1.2.4",
"@radix-ui/react-switch": "^1.2.6",
"@radix-ui/react-tabs": "^1.1.13",
"@radix-ui/react-tooltip": "^1.2.8",
"@socket.io/redis-adapter": "^8.3.0",
"@tanstack/react-query": "^5.100.9",
"@tanstack/react-query-devtools": "^5.100.9",
"@tanstack/react-table": "^8.21.3",
"@types/pdfkit": "^0.17.6",
"archiver": "^7.0.1",
"better-auth": "^1.6.9",
"bullmq": "^5.76.6",
"class-variance-authority": "^0.7.1",
"clsx": "^2.1.1",
"cmdk": "^1.1.1",
"date-fns": "^4.1.0",
"drizzle-orm": "^0.45.2",
"imapflow": "^1.3.3",
"ioredis": "^5.10.1",
"iso-3166-2": "^1.0.0",
"jose": "^6.2.3",
"libphonenumber-js": "^1.12.43",
"lucide-react": "^0.460.0",
"mailparser": "^3.9.8",
"minio": "^8.0.7",
"next": "15.5.18",
"next-themes": "^0.4.6",
"nodemailer": "^6.10.1",
"openai": "^6.37.0",
"pdf-lib": "^1.17.1",
"pdfkit": "^0.18.0",
"pino": "^9.14.0",
"pino-pretty": "^13.1.3",
"postgres": "^3.4.9",
"react": "^19.2.6",
"react-day-picker": "^9.14.0",
"react-dom": "^19.2.6",
"react-easy-crop": "^5.5.7",
"react-hook-form": "^7.75.0",
"recharts": "^3.8.1",
"sharp": "^0.34.5",
"socket.io": "^4.8.3",
"socket.io-client": "^4.8.3",
"sonner": "^1.7.4",
"tailwind-merge": "^2.6.1",
"tailwindcss-animate": "^1.0.7",
"tesseract.js": "^7.0.0",
"vaul": "^1.1.2",
"zod": "^3.25.76",
"zustand": "^5.0.13"
},
"devDependencies": {
"@eslint/eslintrc": "^3.3.5",
"@playwright/test": "^1.59.1",
"@types/archiver": "^7.0.0",
"@types/iso-3166-2": "^1.0.4",
"@types/mailparser": "^3.4.6",
"@types/node": "^22.19.18",
"@types/nodemailer": "^6.4.23",
"@types/react": "^19.2.14",
"@types/react-dom": "^19.2.3",
"@vitest/coverage-v8": "^4.1.5",
"autoprefixer": "^10.5.0",
"dotenv": "^17.4.2",
"drizzle-kit": "^0.31.10",
"esbuild": "^0.25.12",
"eslint": "^9.39.4",
"eslint-config-next": "15.5.18",
"eslint-config-prettier": "^9.1.2",
"husky": "^9.1.7",
"lint-staged": "^15.5.2",
"postcss": "^8.5.14",
"prettier": "^3.8.3",
"react-grab": "^0.1.33",
"tailwindcss": "^3.4.19",
"tsx": "^4.21.0",
"typescript": "^5.9.3",
"vitest": "^4.1.5"
}
}
Reference in New Issue View Git Blame Copy Permalink