* Add ServerRegistration, begin refactoring to match frontend
* move graphData logic into ServerRegistration
* move ping updates/history into ServerRegistration
* start updating main app entry methods
* fix default rates.updateMojangStatus
* fix record loading delays on freshly booted instances
* move database loading logic to method + callback
* use data in frontend for type lookup instead of ping
* cleanup app.js
* reorganize methods to improve flow
* avoid useless mojang updates, remove legacy fields
* rename legacy fields for consistency
* finish restructure around App model
* ensure versions are sorted by release order
* filter errors sent to frontend to avoid data leaks
* fix version listing behavior on frontend
* 5.1.0
* remove unused #getServer methods, inline #roundToPoint
* replace #safeName regex with incremental ids
* remove legacy #setInterval based #updateMojangServices handling
* add Tooltip class, move faviconSize to css instead of js
* move server id assignment to ServerRegistry
* move printPort logic to formatMinecraftServerAddress, add MINECRAFT_DEFAULT_PORTS
* simplify ping tracking
* rework perc-bar tooltip to not use mousemove event
* begin moving graphing logic to GraphDisplayManager
* begin merge graph point tracking into graphDisplayManager
* centralizing graphing logic into GraphDisplayManager
* properly reset GraphDisplayManager when handling disconnects
* move individual server graph data into ServerGraph class
* constantly run sortServers loop to simplify logic
* inline #updateMojangServices method
* resize performance improvements
* remove legacy bootTime refresh behavior, require manual user refresh
* move class defs to core.js
* remove unused #isGraphDataVisible arg
* remove #toggleControlsDrawer
* dont call #updatePercentageBar in #updateServerStatus calls
* centralize caption handling
* inline #msToTime
* remove hackish seconds handling for timestamps
* reduce #forEach calls with filter/map
* safely fallback to errorMessage if errno/description does not match
* Add /images/missing_favicon.png path instead of putting base64 in js
* remove debug
* cleanup mojang status handling
* move historyPlot instance into GraphDisplayManager
* cleanup checkbox html generation
* cleanup #updateServerStatus
* fix up tooltip styling
* move jquery code out of core.js
* fix add server race condition when initially pinging servers
* send error.placeholder=true for pending pings so the frontend can discard later
* filter placeholder pings sent by the backend
* del assets/images/logo_2014.png
* move graph code into graph.js
* merge pingTracker into ServerRegistry+ServerGraph
* remove todos
* simplify getVisibleGraphData
* fix potential sortServers race condition when adding
* use #show instead of #fadeIn(0)
* remove publicConfig.json, send over socket
* update docs/CHANGELOG.md
* getOrAssign -> getOrCreateId
* dont delete graph controls when disconnected
* early work cleaning up HTML+CSS structures
* cleanup server css elements
* cleanup graph control css elements
* move base CSS color values into @media(prefers-color-scheme: light)
* move CSS magic colors to vars
* reduce duplicated CSS color rules
* inline body text color CSS
* WIP replacing jQuery calls with vanilla JS
* WIP replacing jQuery calls with vanilla JS
* replace getElementsByClass with querySelectorAll
* typeMarker -> serverTypeHTML
* use jQuery slim for remaining flot.js dependency
* merge setAllGraphVisibility into GraphDisplayManager
* break apart element update and redraw logic
* add eslint + parcel bundler
* auto lint assets/js when building
* statically serve favicons/ for faviconOverrides outside of dist/
* only send favicons when changed
* move faviconOverride behavior into entry in servers.json
* add warning to backend server files
* remove .server-favicon-missing class
* add Minetrack 5 migration guide
* add npm run build step to install.sh
* adjust package.json version to 5.0.0
* remove js references from index.html
* move logic and behavior out of site.js
* cleanup ServerRegistry methods
* prevent multiple history graph redraws
* add comments
* cleanup #addServer usage, move to App
* move graph control bindings into GraphDisplayManager
* site.js -> main.js, core.js -> servers.js
* move Tooltip/Caption into util.js
* spacing tweak
* format index.html
* ensure the frontend does not handling updateHistoryGraph events
* prevent versions/record updates if the same value
* avoid empty percbar updates, ensure versions are sorted
* only include main.js ref in index.html
* serve minified copy of font awesome directly
* bundle icons.css into main.css, remove Open Sans 400
* add new SVG logo
* update docs/CHANGELOG.md
* new design, server version grouping
* remove start.sh call from install.sh
* move graph controls into header with new button
* move #handleSettingsToggle back to graph
* fix legacy code behavior of currentVersionIndex applying globally
* fix header text color in light mode
* fix mojang status text color in light mode
* fix toggle settings and checkbox colors
* tweak button hover color
* tweak button hover color
* add new status-overlay to avoid complicated DOM management during loading
* fix initial graph rendering bug
* add comments
* update default graph tick sizes
* prevent #tooltip from overflowing page
* remove localhost spec
* prevent minor connection errors from reshuffling layout
* update CHANGELOG.md
* add message/button for manually loading historical graph on mobile devices
* send isGraphVisible to frontend to prevent alert if logToDatabase: false
* send timestamp data with record
* update docs/CHANGELOG.md
* remove clock icon
* remove 24h peak timestamp
* Only check favicon if present
* safely handle undefined/empty knownVersions in #formatMinecraftVersions
* merge config.versions and minecraft.json into minecraft_versions.json, simplify index matching behavior
* remove localhost url in socket.io config
* stub methods/linkage for FocusManager
* add #isObjectEqual hack, add event proxying to FocusManager
* wip extended stats box
* remove server-type badging
* tweak mojang unstable color
* serve socket.io-client using parcel
* fix incorrect mojang status colors
* remove legacy capitalization design
* redesign focus boxes
* update docs/CHANGELOG.md
* remove localhost ref
* color clock icon
* use background-color for hover effect, remove unused var
* improve stats focus box icons
* change mojang sessions icon to globe
* Add favorites system
* remove focus boxes
* update docs/CHANGELOG.md
* remove focus icons from font
* simplify graph related event binding
* Add Sort By button
* store current sortOption in localStorage
* update docs/CHANGELOG.md
* move magic 0 sortOption to SORT_OPTION_INDEX_DEFAULT
* remove localhost ref
* merge #settings-toggle, #sort-by and .mojang-status CSS
* remove .focus-box CSS
* use sortedServerIds for _lastSortedServers
* tweak --color-blue
* new missing_favicon design to match logo
* edit footer CSS/text, remove github icon
* replace player count diff counter with GROWTH sort option
* italize non-default sort options
* add Only Favorites button to auto sync favorites to the visible graph data
* add icons to graph control buttons
* update docs/CHANGELOG.md
* use * to denote non-default sort option instead
* remove localhost url in socket.io config
* add value highlighting to make sort by easier to read
* remove last remaining uppercase text
* remove serverTypesVisible from config.json
* simplify header CSS, fix spacing with logToDatabase=false
* fix inverted text color on highlighted values
* remove localhost url in socket.io config
* break header into rows on mobile devices
Co-authored-by: Hugo Manrique <contact@hugmanrique.me>
I added caret version ranges to big packages because there are no breaking changes in a patch update. Taken from npm: Allows changes that do not modify the left-most non-zero digit in the [major, minor, patch] tuple. In other words, this allows patch and minor updates for versions 1.0.0 and above, patch updates for versions 0.X >=0.1.0, and no updates for versions 0.0.X. [More](https://docs.npmjs.com/misc/semver#caret-ranges-123-025-004)
Minetrack currently has a 11 vulnerable dependency paths, introducing 6 different types of known vulnerabilities.
This PR fixes vulnerable dependencies, [ReDOS vulnerability](https://snyk.io/vuln/npm:tough-cookie:20160722) in the `tough-cookie` dependency, [remote memory exposure ](https://snyk.io/vuln/npm:request:20160119) vulnerability in the `request` dependency.
You can see [Snyk test report](https://snyk.io/test/github/Cryptkeeper/Minetrack) of this project for details.
This PR changes `Package.json` to upgrade `request` to the newer 2.74.0 version, and will fix all the vulnerabilities listed above.
You can get alerts and fix PRs for future vulnerabilities for free by [watching this repo with Snyk](https://snyk.io/add).
Note this PR fixes all the vulnerabilities introduced trough `request` dependency, in order to be vulnerability free you will need to upgrade others dependencies as well.
Full disclosure: I'm a part of the Snyk team, just looking to spread some security goodness and awareness ;)
