Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: update ws #1921

Merged
merged 2 commits into from
Jul 29, 2024
Merged

fix: update ws #1921

merged 2 commits into from
Jul 29, 2024

Conversation

theodesp
Copy link
Member

Tasks

  • I have signed a Contributor License Agreement (CLA) with WP Engine.
  • If a code change, I have written testing instructions that the whole team & outside contributors can understand.
  • I have written and included a comprehensive changeset to properly document the changes I've made.

Description

Forces ws overrides version to cover false flag triggers of GHSA-3h5v-q93c-6h6q

Related Issue(s):

Testing

Screenshots

Documentation Changes

Dependant PRs

@theodesp theodesp requested a review from a team as a code owner July 29, 2024 08:42
Copy link

changeset-bot bot commented Jul 29, 2024

⚠️ No Changeset found

Latest commit: aaa7a98

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Copy link
Contributor

github-actions bot commented Jul 29, 2024

📦 Next.js Bundle Analysis for @faustwp/getting-started-example

This analysis was generated by the Next.js Bundle Analysis action. 🤖

This PR introduced no changes to the JavaScript bundle! 🙌

@theodesp theodesp requested a review from josephfusco July 29, 2024 14:17
@theodesp theodesp merged commit 9b4ed77 into canary Jul 29, 2024
22 checks passed
@theodesp theodesp deleted the fix-ws-vuln-update branch July 29, 2024 14:50
josephfusco added a commit that referenced this pull request Nov 25, 2024
* Add `continue-on-error` for next bundle workflow for outside contributors (#1770)

* Add `continue-on-error` for next bundle workflow for outside contributors

* Don't run bundle analysis on `main`

* Chore: Update Block Support (#1759)

* fix: (#1729) Make attributes field optional (#1730)

* fix: (#1729) Make attributes field optional

* Update .changeset/spicy-doors-lie.md

---------

Co-authored-by: Blake Wilson <blake.wilson@wpengine.com>
Co-authored-by: Blake Wilson <blake@blake.id>

* Update @apollo/experimental-nextjs-app-support to v0.8.0-NEW (#1796)

* Test CI/CD

* Update package.json

* Chore: Update package.json

* Update client.ts

* Added experimental app router to script build

---------

Co-authored-by: Teresa (Terri) Gobble <teresa.gobble@wpengine.com>

* Version Packages (#1790)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Update our issue templates (#1800)

* Add issues contact links

* Create new bug report

* Delete old bug report

* Remove security section

* Capitalize fields

* This example is no longer experimental

* Update .github/ISSUE_TEMPLATE/bug_report.yml

Co-authored-by: John Parris <john.parris@wpengine.com>

* Update .github/ISSUE_TEMPLATE/config.yml

Co-authored-by: John Parris <john.parris@wpengine.com>

---------

Co-authored-by: John Parris <john.parris@wpengine.com>

* Update GitHub Actions (#1798)

* ci: remove audit-dependencies workflow

* ci: e2e-next-example: upgrade action versions.

Upgrades actions/checkout from v3 to v4.

Upgrades actions/setup-node from v3 to v4.

* ci: e2e-next-example: Pin Ubuntu to ubuntu-22.04

* ci: e2e-next-faustwp-example: pin ubuntu-22.04.

Upgrade checkout and setup-node actions to v4.

* ci: e2e-nightly-build: pin ubuntu-22.04.

Upgrade checkout and setup-node actions to v4.

* ci: e2e-test-plugin: Update actions and pin Ubuntu version

* ci: experimental-app-router: Update actions and pin Ubuntu version

* ci: lint-packages: Update actions and pin Ubuntu version

* ci: lint-plugin: Update actions and pin Ubuntu version

* ci: nextjs-bundle-analysis: Update actions and pin Ubuntu version

* ci: nightly-releases: Update actions and pin Ubuntu version

Pins setup-node to v4 instead of master.

* ci: notify-discord: Update actions and pin Ubuntu version

* ci: release-packages: Update actions and pin Ubuntu version

* ci: release-plugin: Update actions and pin Ubuntu version

* ci: sonarqube-scan: Update checkout action to v4

* ci: test-packages: Update actions and pin Ubuntu version

* ci: test-plugin: Update actions and pin Ubuntu version

* 1761: Fix preview issue due to samesite status (#1799)

* updated SameSite to use 'lax' to allow urls from wordpress

* Create healthy-mayflies-end.md

* Removed breaking change status

* Update .changeset/healthy-mayflies-end.md

Co-authored-by: Blake Wilson <blake.wilson@wpengine.com>

---------

Co-authored-by: Blake Wilson <blake.wilson@wpengine.com>

* Detect NEXT_PUBLIC_WORDPRESS_URL using wpengine.com TLD and recommend using wpenginepowered.com TLD (#1801)

* Detect wpengine.com TLD

* Create unit tests

* Update messaging

* Add changeset

* Update packages/faustwp-cli/tests/healthCheck/validateFaustEnvVars.test.ts

Co-authored-by: John Parris <john.parris@wpengine.com>

* Simplify regex test return statement

* Update info message

---------

Co-authored-by: John Parris <john.parris@wpengine.com>

* Merl 1749 faust should warn if the secret key is invalid  (#1777)

* Added validation check for disparate FAUST_SECRET_KEYs
* Refactored getWpSecret to const secretWp
* Added unit testing
---------
Co-authored-by: Blake Wilson <blake.wilson@wpengine.com>
Co-authored-by: John Parris <john.parris@wpengine.com>

* chore(deps-dev): Bump undici from 5.26.3 to 5.28.3 (#1805)

Bumps [undici](https://github.com/nodejs/undici) from 5.26.3 to 5.28.3.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.26.3...v5.28.3)

---
updated-dependencies:
- dependency-name: undici
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): Bump ip from 1.1.8 to 1.1.9 (#1808)

Bumps [ip](https://github.com/indutny/node-ip) from 1.1.8 to 1.1.9.
- [Commits](indutny/node-ip@v1.1.8...v1.1.9)

---
updated-dependencies:
- dependency-name: ip
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* 16: update lowest version of node to 18 since 16 is deprecating (#1806)

* init commit

* typo

* changesets

* 1793: plugin system - take out of experimental (#1807)

* init commit

* updated config to support experimentalPlugins and new plugins

* warning added around experimentalPlugins deprecation and plugins usage

* updated experimentalPlugins to plugins

* changeset

* Update mighty-geese-cover.md

* updated per PR for console logging consistency

* Update .changeset/mighty-geese-cover.md

Co-authored-by: John Parris <john.parris@wpengine.com>

---------

Co-authored-by: John Parris <john.parris@wpengine.com>

* chore: Update .nvmrc to allow v18 upgrades (#1821)

Updates the value from v18.0.0 to v18, to allow the use of the latest 18.x version.

* chore: fix syntax error in GitHub workflows (#1822)

* chore: fix syntax error in GitHub workflows

* Fix `experimentalPlugins` -> `plugins` tests (#1823)

* Version Packages (#1802)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Only request token endpoint initially, then use a cookie to determine if there is an authenticated user (#1740)

* Create readable client side cookie to determine login state

* Fix cookie being set when it shouldn't and fix reset cookie

* Rename has token key

* Update cookie name in toolbar

* Update variable names

* mergeCookies function and properly set expires and maxage

* Remove `removeCookie` in favor of `setCookie`

* Add `getHeader` to mocked test responses

* Add unit tests

* Add changeset

* Update .changeset/brave-cougars-lie.md

Co-authored-by: Matthew Wright <1815200+matthewguywright@users.noreply.github.com>

---------

Co-authored-by: Matthew Wright <1815200+matthewguywright@users.noreply.github.com>

* Add next-secure-headers in example projects (#1803)

* Add next-secure-headers in example projects

* Update next.config.js paths

* FeatI: set xssProtection: false

* Feature: Error when NEXT_PUBLIC_WORDPRESS_URL same as headless site URL (#1809)

* Feature: Error when NEXT_PUBLIC_WORDPRESS_URL pointing to headless site

* Update packages/faustwp-cli/src/healthCheck/validateNextWordPressUrl.ts

Co-authored-by: John Parris <john.parris@wpengine.com>

* Chore: Fix PHP Lint issues

* Chore: PHP Lint issues

* Feature: handle older versions of FaustWP Plugin

* Tests: Add unit tests for domains_match

* PHPCS: Fix

* PHPCS: Lint issues

* Chore: Remove WP_Rest_Response messages.

* Feat: Only perform the check on valid secret key

---------

Co-authored-by: John Parris <john.parris@wpengine.com>

* Feat: Added Error Logging Apollo Link (#1832)

* Feat: Added Error Logging Apollo Link

* Update errorLoggingLink.test.ts

* Update errorLoggingLink.test.ts

* Update errorLoggingLink.test.ts

* update @experimental-app-router for handle trailing slash config (#1815)

* update @experimental-app-router for handle trailing slash config

* changeset

* Update changeset

* Update changeset

---------

Co-authored-by: John Parris <john.parris@wpengine.com>

* Bug Fix: Pass Next server to tokenHandler to fix build issues with experimental-app-router (#1836)

* Bug Fix: Fix wierd issue with import in experimental-app-router

* Update Deps

* Tests: Fix unit tests in app router

* Update test in TokenHandler

* TOOLBAR LOGOUT LOOP: init commit and test (#1828)

* init commit and test

* Update useLogout.tsx

* Update useLogout.tsx

* updated per PR

* added test to cover use case

* Update useLogout.test.ts

* changeset

* updated per PR

* Toolbar should respect show avatars setting in wp (#1845)

* Added conditional for avatar value of null to toolbar

* Added optional chaining to ViewerType in useAuth

* Added optional chaining to both instances of img in MyAccount

* Updated additional useAuth test to include changes to Viewer

* Update .changeset/smooth-dogs-cough.md

Co-authored-by: John Parris <john.parris@wpengine.com>

---------

Co-authored-by: John Parris <john.parris@wpengine.com>

* Do not require `plugins`, `experimentalPlugins` in the FaustConfig type (#1840)

* Do not require plugins in Faust Config

* Create changeset

* Added multiple queries to interface for FaustTemplate (#1847)

* Added `queries` property to FaustTemplate interface, which fixes an error when using multiple queries with TypeScript.

Co-authored-by: John Parris <john.parris@wpengine.com>

---------

Co-authored-by: John Parris <john.parris@wpengine.com>

* chore(deps-dev): Bump follow-redirects from 1.15.4 to 1.15.6 (#1852)

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.4 to 1.15.6.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.4...v1.15.6)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump follow-redirects in /internal/legacy.faustjs.org (#1851)

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.4 to 1.15.6.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.4...v1.15.6)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Docs: Update Development Guide 2024 (#1848)

* Docs: Update Development Guide 2024

* Update DEVELOPMENT.md: Removed legacy docs reference.

* DEVELOPMENT.md: Added Monorepo section.

* Changed 'tested up to' in readme.txt to 6.5 (#1857)

* chore(deps): Bump webpack-dev-middleware in /internal/legacy.faustjs.org (#1859)

Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4.
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4)

---
updated-dependencies:
- dependency-name: webpack-dev-middleware
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): Bump webpack-dev-middleware from 5.3.3 to 5.3.4 (#1860)

Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4.
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4)

---
updated-dependencies:
- dependency-name: webpack-dev-middleware
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): Bump express from 4.18.2 to 4.19.2 (#1866)

Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.18.2...4.19.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump express in /internal/legacy.faustjs.org (#1867)

Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.18.2...4.19.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Fix: Fix issue with errorLoggingLink (#1869)

* Revert "Only request token endpoint initially, then use a cookie to d… (#1868)

* Revert "Only request token endpoint initially, then use a cookie to determine if there is an authenticated user (#1740)"

This reverts commit 0759959.

* Restore js-cookie

* Version Packages (#1824)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Feat: Output faust version in dev|build|start commands. (#1874)

* Feat: Output faust version in dev|build|start commands.

* Lint: Fix eslint issue

* Acceptance Tests: update preview button selectos for WP 6.5

* Acceptance Tests: Attempt to fix preview tests

* Acceptance Test: Use correct variables

* Acceptance Test: Fix cpt_name var

* Acceptance Test: Remove click event

* Acceptance Test: Attempt to close welcome modals.

* Acceptance Test: Revert last commit

* Acceptance Test: Update DEVELOPMENT.md

* Acceptance Test: Click Welcome modal if present

* Acceptance Test: Pin e2e tests to WP 6.4

* Load plugin textdomain (#1877)

* Ignore the WordPress source code.

* fix: Load the plugin's text domain to allow translations to be utilized.

* Add changeset

* feat: Set `enable_image_source` to on by default (#1879)

* feat: Set `enable_image_source` to on by default

* Add changeset

* Update acceptance test for new default

* chore(deps-dev): Bump undici from 5.28.3 to 5.28.4 (#1871)

* chore(deps-dev): Bump undici from 5.28.3 to 5.28.4

Bumps [undici](https://github.com/nodejs/undici) from 5.28.3 to 5.28.4.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.28.3...v5.28.4)

---
updated-dependencies:
- dependency-name: undici
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Feat: Output faust version in dev|build|start commands. (#1874)

* Feat: Output faust version in dev|build|start commands.

* Lint: Fix eslint issue

* Acceptance Tests: update preview button selectos for WP 6.5

* Acceptance Tests: Attempt to fix preview tests

* Acceptance Test: Use correct variables

* Acceptance Test: Fix cpt_name var

* Acceptance Test: Remove click event

* Acceptance Test: Attempt to close welcome modals.

* Acceptance Test: Revert last commit

* Acceptance Test: Update DEVELOPMENT.md

* Acceptance Test: Click Welcome modal if present

* Acceptance Test: Pin e2e tests to WP 6.4

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Theofanis Despoudis <328805+theodesp@users.noreply.github.com>

* Update Next.js in Legacy Faust (#1886)

* Update Next 12 in appropriate packages

* Add WordPress 6.5 to testing Matrix

* Add changeset

* Update Next.js 14 in packages < 14.1.1

* Version Packages (#1876)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Update plugin unit testing with more WordPress versions and Nightly WordPress builds (#1887)

* Modernize plugin testing

* Fix directory

* Fix the path

* Our older composer setup does not run on PHP 7.4

* Ensure we end the command

* Ensure we're passing WP_VERSION

* FROM should be after ARG

* Update PHP version

* Normalize E2E tests

* Ensure we're using PHP 8.2 for all

* Remove redudant steps and normalize output

* Reverse the order of the E2E tests

* Don't fail fast with Matrix

* Reintroduce "Maybe update DB" step to E2E tests

* Update DB on correct workflow

* Upload fail output to correct location

* Fix output path

* Revert E2E changes

* Use current WP version for default

* Use current WP version for default

* Include WP version for current E2E build

* Revert plugin E2E test to WP 6.4

* Add plugin unit tests for WordPress nightly

* Fix workflow name

* Update test names for better identification.

* Call out existing plugin E2E tests are against legacy Faust.

* Improve domain_match Function and add test cases (#1889)

* fix(domains_match): make stricter checks about domains

* chore: add changeset

* format: use snake_case unit test names

* style: phpcs format fix

* style: phpcs fix

* style: phpcs:fixx

* Version Packages (#1890)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Update PHPCS and coding standards to the current version. (#1894)

* Update PHPCS and coding standards to the current version.

* Exclude UnusedFunctionParameter Warnings

* Fix linting issues

* Update default packages in example project (#1896)

* Update default packages in example project

* Update package-lock for changes in Getting started example.

* Adds the `react-refresh` package to avoid having to manually do so. (#1901)

* [Bug] Add missing textarea control handler. (#1898)

* bug(block-editor-utils): add missing TextArea handler

* chore: Add Changeset

* Bug: Fixes issue with blocks not showing in the block editor when running blockset command on WP >=v6.5 (#1904)

* chore(deps): Bump braces from 3.0.2 to 3.0.3 (#1910)

Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump braces in /internal/legacy.faustjs.org (#1912)

Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): Bump ws from 7.5.9 to 7.5.10 (#1913)

Bumps [ws](https://github.com/websockets/ws) from 7.5.9 to 7.5.10.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.5.9...7.5.10)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Fix: Ensure Accurate Detection of WordPress Previews via URL Query Parameters (#1911)

* fix(WordPressTemplate): fix issue when is-preview check is too greedy

* chore(changeset): add changeset

* Create CODE_OF_CONDUCT.md (#1908)

> community health files are a set of predefined files that provide guidance and templates for maintaining a healthy and collaborative open-source project.

https://docs.github.com/en/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file

* test(gha): include node 22 in github actions pipeline (#1915)

* Version Packages (#1902)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* security(ws): update ws vulnerable version (#1917)

* fix: update ws (#1921)

* fix: update ws

* fix: include package-lock.json updates

* chore(deps): Bump fast-xml-parser from 4.3.2 to 4.4.1 (#1922)

Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 4.3.2 to 4.4.1.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v4.3.2...v4.4.1)

---
updated-dependencies:
- dependency-name: fast-xml-parser
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: only remove non-faust Nav Menu locations if the user opts-in to it (#1926)

* - introduce new setting to "remove additional menu locations"
- update callback to `remove_menu_locations` to only execute the removal if the faustwp setting is checked.

* - change `docker-compose` to `docker compose`

* - change `docker-compose` to `docker compose`

* - change `docker-compose` to `docker compose`

* - update test

* - phpcs
- update unit tests to use docker compose instead of docker-compose

* - add changeset

* chore(deps): Bump axios to 1.7.4 (#1930)

* chore: update dependencies to better support local development (#1929)

* - remove react and react-dom as devDependencies for the block-editor-utils package
- remove react and react-dom as devDependencies for the blocks package
- remove faustwp/cli, faustwp/core, react and react-dom as devDependencies for the experimental-app-router package
- remove next, react and react-dom as devDependencies for the next package
- remove faustjs/core and faustjs/react as dependencies and mark them as peerDependenncies of the next packagee
- remove faustjs/core and mark it as a peerDependency for the react package
- remove react and react-dom as devDependencies of the react package

* - add changeset

* Introduce configurable "sitemap index path" for enhanced plugin compatibility (#1936)

* Add support for configuring a custom sitemap index

* Add example usage in example project

* Add changeset

* Fix linting issues

* chore: add "Local Development" guide for `@faustwp/core` (#1934)

* - re-order dependencies
- add guide for "Local Development" of @faustwp/core package

* - update Local Development guide for more clarity after walking through it with `@josephfusco`

* - update docs

* - move file

* fix: ssr not always working (#1939)

* - fix a bug where the WordPressTemplate was returning null when `isPreview` was null

* - update WordPressTemplate conditionals

* - add glob as a dependency to @faustwp/cli

* - add changeset for faustwp/cli

* Version Packages (#1928)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* Update CODEOWNERS (#1944)

* chore(deps): Bump micromatch in /internal/legacy.faustjs.org (#1945)

Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8.
- [Release notes](https://github.com/micromatch/micromatch/releases)
- [Changelog](https://github.com/micromatch/micromatch/blob/4.0.8/CHANGELOG.md)
- [Commits](micromatch/micromatch@4.0.5...4.0.8)

---
updated-dependencies:
- dependency-name: micromatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump micromatch from 4.0.5 to 4.0.8 (#1948)

Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8.
- [Release notes](https://github.com/micromatch/micromatch/releases)
- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/micromatch@4.0.5...4.0.8)

---
updated-dependencies:
- dependency-name: micromatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update "tested up to" version for faustwp WordPress plugin. (#1949)

* Update tested up to version

* Add changeset

* Version Packages (#1950)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* security: fix path-to-regexp=8.1.0 (#1951)

* security: fix path-to-regexp=8.1.0

* security: fix vulnerabilities

* chore(deps): Bump body-parser and express (#1960)

Bumps [body-parser](https://github.com/expressjs/body-parser) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `body-parser` from 1.20.2 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.2...1.20.3)

Updates `express` from 4.19.2 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.19.2...4.21.0)

---
updated-dependencies:
- dependency-name: body-parser
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump serve-static and express (#1959)

Bumps [serve-static](https://github.com/expressjs/serve-static) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `serve-static` from 1.15.0 to 1.16.2
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.2)

Updates `express` from 4.19.2 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.19.2...4.21.0)

---
updated-dependencies:
- dependency-name: serve-static
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump send and express in /internal/legacy.faustjs.org (#1957)

Bumps [send](https://github.com/pillarjs/send) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `send` from 0.18.0 to 0.19.0
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.18.0...0.19.0)

Updates `express` from 4.19.2 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.19.2...4.21.0)

---
updated-dependencies:
- dependency-name: send
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump webpack in /internal/legacy.faustjs.org (#1947)

Bumps [webpack](https://github.com/webpack/webpack) from 5.89.0 to 5.94.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v5.89.0...v5.94.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: Add PluginUpdater to Support Plugin Updates from Custom API (#1964)

* Add plugin updater

* Update package name

* Add changeset

* Add plugin updater

* Ignore error_log case

* Update plugins/faustwp/faustwp.php

* Apply suggestions from code review

- update the docblock to account for possible null values

* Update plugins/faustwp/includes/updates/class-plugin-updater.php

* Apply suggestions from code review

---------

Co-authored-by: Jason Bahl <jasonbahl@mac.com>

* chore(deps): Bump cookie from 0.4.2 to 0.7.0 (#1969)

Bumps [cookie](https://github.com/jshttp/cookie) from 0.4.2 to 0.7.0.
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.4.2...v0.7.0)

---
updated-dependencies:
- dependency-name: cookie
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump cookie and express in /internal/legacy.faustjs.org (#1970)

Bumps [cookie](https://github.com/jshttp/cookie) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `cookie` from 0.6.0 to 0.7.1
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.6.0...v0.7.1)

Updates `express` from 4.21.0 to 4.21.1
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.1/History.md)
- [Commits](expressjs/express@4.21.0...4.21.1)

---
updated-dependencies:
- dependency-name: cookie
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Version Packages (#1965)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* deps: update path-to-regexp=6.3.0 (#1971)

* deps: update path-to-regexp=6.3.0

* Update package.json overrides

* fix: cannot query field "align" on type "CoreQuoteAttributes"' (#1946)

* - update query fragment on CoreQuote to be compatible with WordPress 6.6

* - update query string

* fix: add legacyBehavior in <Link/>

* chore: update changeset

---------

Co-authored-by: Theo <328805+theodesp@users.noreply.github.com>

* bump: http-proxy-middleware to 2.0.7 (#1979)

* ci: upload plugin zip to releases workflow step (#1974)

* feat: separate legacy example projects (#1977)

* chore: wip cleanup

* chore: install and build step

* chore: add sass

* chore: update deps

* chore: add deps

* chore: cleanup

* chore: include packages/experimental-app-router

* chore: update changesets

* chore: update gettting-started postcss dependency

* chore: update dev npm command

* Version Packages (#1975)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* chore: update deps (#1982)

* Create SECURITY.md (#1909)

Providing a clear security policy ensures that the community will know how to report a vulnerability should they find one, which also signals trust in our codebase and standards.

https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository

* chore(deps): Bump cross-spawn in /internal/legacy.faustjs.org (#1990)

Bumps [cross-spawn](https://github.com/moxystudio/node-cross-spawn) from 7.0.3 to 7.0.6.
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md)
- [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6)

---
updated-dependencies:
- dependency-name: cross-spawn
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Blake Wilson <blake.wilson@wpengine.com>
Co-authored-by: Theofanis Despoudis <328805+theodesp@users.noreply.github.com>
Co-authored-by: Mattias <traed@users.noreply.github.com>
Co-authored-by: Blake Wilson <blake@blake.id>
Co-authored-by: Teresa (Terri) Gobble <teresa.gobble@wpengine.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: John Parris <john.parris@wpengine.com>
Co-authored-by: Matthew Wright <1815200+matthewguywright@users.noreply.github.com>
Co-authored-by: Teresa Gobble <teresagobble@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Christophe VACHER <christophe.vacher@gmail.com>
Co-authored-by: Chris Wiegman <chris.wiegman@wpengine.com>
Co-authored-by: Damon Cook <colorful-tones@users.noreply.github.com>
Co-authored-by: Jason Bahl <jasonbahl@mac.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants