mirror of
https://github.com/mauriceboe/TREK.git
synced 2026-06-19 13:21:46 +00:00
Maurice
d845057f84
- Fix backup restore: try/finally ensures DB always reopens after closeDb - Fix EBUSY on uploads during restore (in-place overwrite instead of rmSync) - Add DB proxy null guard for clearer errors during restore window - Add red warning modal before backup restore (DE/EN, dark mode support) - JWT secret: empty docker-compose default so auto-generation kicks in - OIDC: pass token via URL fragment instead of query param (no server logs) - Block SVG uploads on photos, files and covers (stored XSS prevention) - Add helmet for security headers (HSTS, X-Frame, nosniff, etc.) - Explicit express.json body size limit (100kb) - Fix XSS in Leaflet map markers (escape image_url in HTML) - Remove verbose WebSocket debug logging from client
28 lines
597 B
JSON
28 lines
597 B
JSON
{
|
|
"name": "nomad-server",
|
|
"version": "2.5.0",
|
|
"main": "src/index.js",
|
|
"scripts": {
|
|
"start": "node --experimental-sqlite src/index.js",
|
|
"dev": "nodemon src/index.js"
|
|
},
|
|
"dependencies": {
|
|
"archiver": "^6.0.1",
|
|
"bcryptjs": "^2.4.3",
|
|
"cors": "^2.8.5",
|
|
"dotenv": "^16.4.1",
|
|
"express": "^4.18.3",
|
|
"helmet": "^8.1.0",
|
|
"jsonwebtoken": "^9.0.2",
|
|
"multer": "^1.4.5-lts.1",
|
|
"node-cron": "^4.2.1",
|
|
"node-fetch": "^2.7.0",
|
|
"unzipper": "^0.12.3",
|
|
"uuid": "^9.0.0",
|
|
"ws": "^8.19.0"
|
|
},
|
|
"devDependencies": {
|
|
"nodemon": "^3.1.0"
|
|
}
|
|
}
|