mirror of
https://github.com/transloadit/uppy.git
synced 2026-07-18 00:55:35 +00:00
3235 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
1b3602405f
|
Merge branch 'restore/pr-6284' of github.com:transloadit/uppy into restore/pr-6284 | ||
|
|
f88e037395
|
revert body = null in fetcher | ||
|
|
113a5c5747
|
exclude minio.test.ts from jsdom test
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> |
||
|
|
2d429a8aef
|
@uppy/aws-s3: remote uploads and golden retriever (#6186)
- add support for remote uploads - add support for restore using golden-retriever - update examples - #6181 still persists --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Mikael Finstad <finstaden@gmail.com> |
||
|
|
da46951771
|
@uppy/aws-s3: wrong upload meta in upload-success event (#6234)
right now whenever you upload any file through multipart upload you'll find empty body returned in `upload-success` event cause : response from completeMultipartRequest returned in CamelCase which was not parsed correctly ```xml <?xml version="1.0" encoding="UTF-8"?> <CompleteMultipartUploadResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Location>https://testbucketnewfix.s3.eu-north-1.amazonaws.com/13febe01-8d5b-4ed3-bda1-9620fc37c694-VSCode-darwin-universal.dmg</Location><Bucket>testbucketnewfix</Bucket><Key>13febe01-8d5b-4ed3-bda1-9620fc37c694-VSCode-darwin-universal.dmg</Key><ETag>"be4129821e06a893b453f1373995202b-49"</ETag><ChecksumCRC64NVME>Wjr7mcJOfU0=</ChecksumCRC64NVME><ChecksumType>FULL_OBJECT</ChecksumType></CompleteMultipartUploadResult> ``` --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> |
||
|
|
779c19c9d7
|
@uppy/aws-s3 add queue (#6171)
- queue support added for file level concurrency. |
||
|
|
3529f97899
|
fix signature mismatch in @uppy/aws-s3 (#6165)
shouldUseMultipart: true was not working due to signature mismatch AI summary : This pull request improves support for specifying the `contentType` during S3 uploads, ensuring that the correct content type is set when generating presigned URLs for both single and multipart uploads. It also updates the client-side and server-side code to handle this new parameter. **Backend and API enhancements:** - Updated the `/s3/presign` endpoint in `index.js` to accept an optional `contentType` parameter and to include it in the S3 `PutObjectCommand` and `CreateMultipartUploadCommand` requests, defaulting to `'application/octet-stream'` if not provided. [[1]](diffhunk://#diff-0c4471088c62917198e1438777b4c7e78fd4d87d450d2a7c78b86b7c647ac97bL360-R360) [[2]](diffhunk://#diff-0c4471088c62917198e1438777b4c7e78fd4d87d450d2a7c78b86b7c647ac97bR384-R391) **Client-side and types improvements:** - Added `contentType` to the `presignableRequest` type to ensure type safety and clarity when passing this parameter. - Modified the S3 client (`S3.ts`) to include `contentType` when making presign requests. - Updated the example HTML (`rewrite-test.html`) to send `contentType` in presign requests and enabled multipart uploads for testing. [[1]](diffhunk://#diff-ca9bc28a71d2d8ac4e0aa6844698f2244594a12e695fc3e153db36674ccb2b52L103-R103) [[2]](diffhunk://#diff-ca9bc28a71d2d8ac4e0aa6844698f2244594a12e695fc3e153db36674ccb2b52R114) |
||
|
|
828b8df284
|
Use fetcher in s3mini for progress and retries with backoff (#6155)
Cherry-picked as the previous branch got messy ( from last PR ) - XHR-based uploads using `@uppy/utils/fetcher` - Silent offline detection (without treating it as an error) with automatic resume ( inspired from old plugin code ) - Retry with backoff using fetcher defaults: - Max retries: 3 - Delays: 300ms → 600ms → 1200ms - Retries on 5xx and 429; skips other 4xx errors - S3 Error Mappings |
||
|
|
af1ce527f5
|
implement minimal aws-s3 plugin (#6151)
Working : - Simple uploads (putObject) - Multipart uploads - Pause / Resume / Abort , Resume works using listParts as before - Progress tracking per chunk ( `#onProgress` ) - this is temporary , until we implement xhr based progress tracking as - before. **added new examples to examples/aws-nodejs to test the rewrite , old examples will eventually be removed** Not Yet Implemented - Rate limiting – Currently uploads are sequential - Retries - Remote file uploads – Files from Google Drive, Dropbox, etc. XHR progress - full wiring with uppy state ( I saw few state bugs while testing it manually ) --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Murderlon <merlijn@soverin.net> |
||
|
|
8757a86b15
|
s3mini use presigned URLs instead of signed headers (#6130)
#### This PR replaces signed headers with presigned urls , for signing. - I implemented this along with the uploader rewrite , but raised PR for this it separately to reduce diffs. - `signer.ts` now returns signed url , which is directly used by `_presignedRequest` method to make calls to s3 - tested it with uploader rewrite working fine. --------- Co-authored-by: Murderlon <merlijn@soverin.net> |
||
|
|
a3ca750b13
|
remove tests | ||
|
|
e7f62dd5c6
|
remove HTTPCommunication queue and clean index.ts and MultipartUplaoder.ts | ||
|
|
bd8d51b02d
|
@uppy/aws-s3: add support for tempCredentials in s3mini (#6110)
- added `getCredentials` callback in `S3Config` - simplified signer test util ( `sigv4-signer.js` ) and moved to `src/signer.ts` - all tests run in a new non root minio user ( required for sts ) , which gets created before the tests start see `tests/s3-client/setup.js` - tests added for sts , using `@aws-sdk/client-sts` for getting creds. - credential caching inspired from the current implementation in `@aws-s3` plugin , see `#getTemporarySecurityCredentials` inside `@uppy/aws-s3/src/index.ts` --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
|
db9506a57c
|
give credit | ||
|
|
6b9521f6b1
|
add s3mini client to @uppy/aws-s3 plugin (#6103)
- base branch cleanup and ran `yarn && yarn dedupe` - client copied and tests wired up |
||
|
|
f6efd2ebcc
|
Fix allowMultipleUploadBatches by preventing file operations during upload (#6156)
## Implementation Plan for Transloadit allowMultipleUploadBatches Fix - [x] Explore the codebase to understand existing structure - [x] Review transloadit/src/index.ts - [x] Review existing event handlers (#onError, #onCancelAll) - [x] Review install() and uninstall() methods - [x] Understand test structure - [x] Implement the proper fix in packages/@uppy/transloadit/src/index.ts - [x] Set allowNewUpload: false at start of #prepareUpload (preprocessor) - [x] Reset allowNewUpload: true at end of #afterUpload (postprocessor) - [x] Reset allowNewUpload: true in #prepareUpload error handler - [x] Keep existing resets in #onError and #onCancelAll handlers - [x] Removed event listener approach (was causing race conditions) - [x] Update tests to match implementation - [x] Test allowNewUpload lifecycle through actual upload flow (preprocessor/postprocessor) - [x] Test allowNewUpload reset on preprocessor error - [x] Test allowNewUpload reset on error event - [x] Test allowNewUpload reset on cancel-all - [x] Remove obsolete event listener tests <!-- START COPILOT CODING AGENT TIPS --> --- 💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more [Copilot coding agent tips](https://gh.io/copilot-coding-agent-tips) in the docs. --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: mifi <402547+mifi@users.noreply.github.com> Co-authored-by: Mikael Finstad <finstaden@gmail.com> |
||
|
|
49db42d72a
|
@uppy/companion: fix 429 not returning JSON response with message (#6177)
discovered by llm |
||
|
|
6b1abaa541
|
@uppy/utils,@uppy/xhr-upload: create and use new queue (#6105)
Closes #4173, kind off ## Problem Current situation with `RateLimitedQueue` - Track concurrency: keep a running count, only dispatch up to limit, accept Infinity. - Priority enqueue: queued handlers sorted by priority; dequeued in that order. - Lifecycle bookkeeping: each job gets abort()/done() hooks; abort for running vs queued differs; decrement active count and advance queue via microtasks. - Requeue placeholders: supports a shouldBeRequeued marker so callers can hold/retry slots without running immediately. - Function wrappers: wrap sync or async fns to enforce the queue and return abortable handles. - Cancellation plumbing: provides abortOn(signal) to bind queued/running work to an AbortSignal; abortable promises carry abort(). - Pausing: pause(duration?) freezes dispatch (optional auto-resume); resume() restarts up to the current limit. - Rate limiting/backoff: rateLimit(duration) pauses, drops concurrency, then ramps it back toward the previous upper bound over time. Case in point: it's some sort of made up, monstrosity data structure trying to be too many things. It also has rate limiting and exponential backoff but that's already in [`fetcher`](https://github.com/transloadit/uppy/blob/main/packages/%40uppy/utils/src/fetcher.ts) too. Would be better if we had separation of concerns and proven data structures. ## Solution A "dumb" promise-based priority queue that doesn't care at all about what a promise does or if it needs to be retried. The promise inside determines if it has retrying and exponential backoff, such as a `fetcher` promise. To not make this a breaking change and a huge diff, we still implement this per uploader, starting with xhr-upload, and keep backwards compatibility in the interface so we can still pass it to `companion-client`, which needs to share the same queue. ## Ideal future When you think about it, it's odd that we implement a queue per uploader if a queue is so central to uppy working correctly. It's even more odd that we also have to inject that queue into `companion-client` per uploader for queue sharing. Ideally, `core` is responsible for having the queue. All uploaders would do is push a promise to `core` and `core` doesn't care if that promise is a tus, xhr, or S3 upload. --------- Co-authored-by: Prakash <qxprakash@gmail.com> |
||
|
|
9d87b9eab1
|
[ci] release (#6166)
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @uppy/components@1.2.0 ### Minor Changes - |
||
|
|
c979a9d82b
|
@uppy/components: do not use symlink
Breaks changeset releases |
||
|
|
37f69d088d
|
Revert "[ci] release (#6162)"
This reverts commit
|
||
|
|
671e6b26f4
|
[ci] release (#6162)
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @uppy/components@1.2.0 ### Minor Changes - |
||
|
|
c0a8776484
|
Revert "[ci] release (#6153)"
This reverts commit
|
||
|
|
0ee8fef148
|
[ci] release (#6153)
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @uppy/components@1.2.0 ### Minor Changes - |
||
|
|
850c1cb1c5
|
Add useImageEditor (#6122)
- Create image editor abstraction in `@uppy/components`
- Refactor `Editor` (Preact) and `ImageEditor` (Uppy plugin) to put all
methods in the Uppy plugin class so they can be reused by the headless
abstraction
- Create framework hooks for React, Vue, Svelte
- Update all examples to showcase the new hook
- Symlink the `cropper.scss` (just regular CSS) from
`@uppy/image-editor` into `@uppy/components`, update `build:css` in all
framework packages to copy that file too into their own `dist/` output.
- cropper-js needs basic CSS to do the rotations and stuff which would
be very tedious to write yourself so we ship that CSS file to consumers
too so they can just import it.
- Fix memory leak where we created the image on each render inside the
original Preact plugin UI
```ts
import type { UppyFile } from '@uppy/core'
import { useImageEditor } from '@uppy/react'
interface ImageEditorProps {
file: UppyFile<any, any>
close: () => void
}
export function ImageEditor({ file, close }: ImageEditorProps) {
const {
state,
getImageProps,
getSaveButtonProps,
getCancelButtonProps,
getRotateButtonProps,
getFlipHorizontalButtonProps,
getZoomButtonProps,
getCropSquareButtonProps,
getCropLandscapeButtonProps,
getCropPortraitButtonProps,
getResetButtonProps,
getRotationSliderProps,
} = useImageEditor({ file })
return (
<div className="p-4 max-w-2xl w-full">
<div className="flex justify-between items-center mb-4">
<h2 className="text-xl font-bold">Edit Image</h2>
<button
type="button"
onClick={close}
className="text-gray-500 hover:text-gray-700"
>
✕
</button>
</div>
<div className="mb-4">
{/* biome-ignore lint/a11y/useAltText: alt is provided by getImageProps() */}
<img
className="w-full max-h-[400px] rounded-lg border-2"
{...getImageProps()}
/>
</div>
<div className="mb-4">
<label className="block text-sm font-medium mb-2">
Fine Rotation: {state.angle}°
<input className="w-full mt-1" {...getRotationSliderProps()} />
</label>
</div>
<div className="flex gap-2 flex-wrap mb-4">
<button
className="bg-gray-200 px-3 py-1 rounded disabled:opacity-50"
{...getRotateButtonProps(-90)}
>
↶ -90°
</button>
<button
className="bg-gray-200 px-3 py-1 rounded disabled:opacity-50"
{...getRotateButtonProps(90)}
>
↷ +90°
</button>
<button
className="bg-gray-200 px-3 py-1 rounded disabled:opacity-50"
{...getFlipHorizontalButtonProps()}
>
⇆ Flip
</button>
<button
className="bg-gray-200 px-3 py-1 rounded disabled:opacity-50"
{...getZoomButtonProps(0.1)}
>
+ Zoom
</button>
<button
className="bg-gray-200 px-3 py-1 rounded disabled:opacity-50"
{...getZoomButtonProps(-0.1)}
>
- Zoom
</button>
</div>
<div className="flex gap-2 flex-wrap mb-4">
<button
className="bg-gray-200 px-3 py-1 rounded disabled:opacity-50"
{...getCropSquareButtonProps()}
>
1:1
</button>
<button
className="bg-gray-200 px-3 py-1 rounded disabled:opacity-50"
{...getCropLandscapeButtonProps()}
>
16:9
</button>
<button
className="bg-gray-200 px-3 py-1 rounded disabled:opacity-50"
{...getCropPortraitButtonProps()}
>
9:16
</button>
<button
className="bg-gray-200 px-3 py-1 rounded disabled:opacity-50"
{...getResetButtonProps()}
>
Reset
</button>
</div>
<div className="flex gap-4 justify-end">
<button
className="bg-gray-500 text-white px-4 py-2 rounded-md"
{...getCancelButtonProps({ onClick: close })}
>
Cancel
</button>
<button
className="bg-green-500 text-white px-4 py-2 rounded-md disabled:opacity-50 disabled:bg-green-300"
{...getSaveButtonProps({ onClick: close })}
>
Save
</button>
</div>
</div>
)
}
export default ImageEditor
```
https://github.com/user-attachments/assets/4b0a99cc-8489-41a2-aa3b-ce88110025bf
---------
Co-authored-by: Prakash <qxprakash@gmail.com>
|
||
|
|
09bf6857a1
|
build(deps): bump lodash from 4.17.21 to 4.17.23 (#6152)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
|
680052b3ce
|
Revert "[ci] release (#6144)"
This reverts commit
|
||
|
|
e290a176e7
|
[ci] release (#6144)
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @uppy/transloadit@5.5.0 ### Minor Changes - |
||
|
|
54a46db340
|
@uppy/tus: fix Node.js support (#6145)
Fixes #6119 |
||
|
|
efda84cc23
|
@uppy/transloadit: use lighter types package (#6147)
We don't need to drag in the entire SDK just for types. |
||
|
|
fa23832f6a
|
@uppy/vue: support kebab-case props in generated components (#6125)
## Summary
- Fix Vue components to work with kebab-case props (`:edit-file` instead
of `:editFile`)
- Update `migrate.mjs` to parse prop names from TypeScript source files
and generate explicit `props` arrays
## Problem
The generated Vue components didn't work correctly with Vue's standard
kebab-case prop convention:
```vue
<!-- This didn't work -->
<FilesList :edit-file="handleEdit" />
<!-- Only this worked (non-standard) -->
<FilesList :editFile="handleEdit" />
```
## Root Cause
The original Vue template used `attrs` to pass props to Preact:
```ts
setup(props, { attrs }) {
preactRender(preactH(PreactComponent, {
...(attrs as Props), // attrs preserves kebab-case!
ctx,
}), container)
}
```
When using `:edit-file` in a Vue template, Vue passes
`attrs['edit-file']` (kebab-case preserved), but Preact expects
`editFile` (camelCase).
## Solution
Generate Vue components with explicit `props` declarations:
```ts
defineComponent({
props: ['editFile', 'columns', 'imageThumbnail'],
setup(props) {
preactRender(preactH(PreactComponent, {
...props, // Vue already converted kebab → camelCase
ctx,
}), container)
}
})
```
When Vue components declare their props, Vue automatically converts
kebab-case template usage to camelCase in the `props` object. This is
standard Vue behavior.
## Why Simpler Alternatives Don't Work
### "Just use `props` instead of `attrs`"
Without a `props` declaration, Vue doesn't know which attributes are
props. The `props` object will be empty and everything goes to `attrs`:
```ts
// Without props declaration
defineComponent({
setup(props, { attrs }) {
// props = {} (empty!)
// attrs = { 'edit-file': fn } (kebab-case preserved)
}
})
```
### "Accept all props dynamically"
Vue doesn't have a "accept all props and convert casing" option. You
must explicitly declare which props you expect for Vue to handle the
conversion.
### "Just document to use camelCase"
This works but violates Vue conventions. Every Vue developer expects
`:edit-file` to work.
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Prakash <qxprakash@gmail.com>
|
||
|
|
642c75dd0e
|
Update the cs dropPaste translation keys to match en locale (#6135)
This fixes an issue where selecting folders was not possible in the `Dashboard` component in the Czech locale. |
||
|
|
b3d9ef5cce
|
build(deps-dev): bump @sveltejs/kit from 2.20.7 to 2.49.5 (#6143)
Bumps [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) from 2.20.7 to 2.49.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/kit/releases"><code>@sveltejs/kit</code>'s releases</a>.</em></p> <blockquote> <h2><code>@sveltejs/kit</code><a href="https://github.com/2"><code>@2</code></a>.49.5</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: avoid overriding Vite default <code>base</code> when running Vitest 4 (<a href="https://redirect.github.com/sveltejs/kit/pull/14866">#14866</a>)</p> </li> <li> <p>fix: ensure url decoded pathnames are not mistaken as rerouted requests (<a href=" |
||
|
|
695bb6ec07
|
[ci] release (#6120)
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @uppy/dashboard@5.1.1 ### Patch Changes - |
||
|
|
3c159b1740
|
build(deps): bump @angular/compiler from 19.2.17 to 19.2.18 (#6128)
Bumps [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) from 19.2.17 to 19.2.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/angular/angular/releases"><code>@angular/compiler</code>'s releases</a>.</em></p> <blockquote> <h2>19.2.18</h2> <h3>core</h3> <table> <thead> <tr> <th>Commit</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href=" |
||
|
|
71e8a56127
|
build(deps): bump @angular/core from 19.2.17 to 19.2.18 (#6129)
Bumps [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) from 19.2.17 to 19.2.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/angular/angular/releases"><code>@angular/core</code>'s releases</a>.</em></p> <blockquote> <h2>19.2.18</h2> <h3>core</h3> <table> <thead> <tr> <th>Commit</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><a href=" |
||
|
|
fd8f54f542
|
build(deps): bump preact from 10.26.9 to 10.26.10 (#6123)
Bumps [preact](https://github.com/preactjs/preact) from 10.26.9 to 10.26.10. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/preactjs/preact/releases">preact's releases</a>.</em></p> <blockquote> <h2>10.26.10</h2> <h2>Fixes</h2> <ul> <li>Enforce strict equality for VNode object constructors</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
|
6975782339
|
properly remove event listener for "focus" and "click" (#6116)
fix https://github.com/transloadit/uppy/issues/6115 --------- Co-authored-by: Mikael Finstad <finstaden@gmail.com> |
||
|
|
9d087791dc
|
[ci] release (#6096)
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @uppy/golden-retriever@5.2.1 ### Patch Changes - |
||
|
|
d766c30f2f
|
don't restore currentUploads if no files (#6098)
if there are no files, no need to restore currentUploads. if we do restore currentUploads (as we currently do), and if the upload for some reason completes without completing all files (for example reproduced by #5366) and the user next time re-adds some of the *same* files as before, the upload would use only a subset of the files the user selected (only those that are from the restored currentUploads subset), which is wrong. |
||
|
|
648f245af0
|
fix xhr abort (#6097)
abortOn makes the promise (and upload) hang indefinitely, so remove it closes #5366 --------- Co-authored-by: Prakash <qxprakash@gmail.com> |
||
|
|
50e242098b
|
resolve folder inside shared drive (#6093)
also ignore shortcuts to folders and simplify closes #6089 --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Merlijn Vos <merlijn@soverin.net> |
||
|
|
943ed7ad56
|
Upgrade playwright in all packages (#6086)
To resolve security advisories. Should be merged after #6085
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Upgrades Playwright to 1.57.0 across examples and packages, updating
corresponding yarn.lock entries.
>
> - **Dependencies**:
> - Bump `playwright` to `1.57.0` in `examples/react/package.json`,
`examples/sveltekit/package.json`, `examples/vue/package.json`,
`packages/@uppy/dashboard/package.json`, and
`packages/@uppy/url/package.json`.
> - Update `yarn.lock` to `playwright@1.57.0` and
`playwright-core@1.57.0`.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
|
3c3034b408
|
Dedupe dependencies (#6085)
With `yarn dedupe`. New type error surfaced due to new types getting
loaded.
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Dedupes dependencies and updates code: aligns S3 presign tests with
checksum behavior, narrows HMAC key type, tweaks AudioOscilloscope
buffer typing, and simplifies Tus success logging.
>
> - **AWS S3**:
> - Tests: add `requestChecksumCalculation` (from
`@aws-sdk/middleware-flexible-checksums`) to `S3Client` options to match
presign behavior.
> - Impl: change `generateHmacKey` signature to accept `string |
ArrayBuffer` (remove `Uint8Array`).
> - **Audio**:
> - `AudioOscilloscope`: change `dataArray` type to
`Uint8Array<ArrayBuffer>`.
> - **Tus**:
> - Simplify success log to `Download <url>` (remove file name
extraction).
> - **Dependencies**:
> - Deduplicate/upgrade various packages in lockfile.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
|
5c6337682e
|
[ci] release (#6087)
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @uppy/image-generator@1.0.0 ### Major Changes - |
||
|
|
5684efa64e
|
Introduce @uppy/image-generator (#6056)
Closes #5378
- Introduce `@uppy/image-generator`, a new plugin to generate images
based on a prompt via Transloadit
- until we have "golden templates" the idea is to just send
[steps](https://transloadit.com/docs/topics/templates/#overruling-templates-at-runtime)
- because we must send steps and since we must use signature
authentication for security, which is signed based on the params we
send, we can't reuse the `assemblyOptions` the consumers is already
passing to `@uppy/transloadit` (if they use that uploaders, not needed).
- Remove `SearchInput` (this component was trying to be too many things,
all with conditional boolean props, which is bad practise) in favor of
`useSearchForm` and reuse this hook in two new components `SearchView`
and `FilterInput`
- Reuse all the styles from `SearchProviderView`. This deviates from the
design in #5378. It felt too inconsistent to me to do another UI here
again. For the initial version, I think it's best to stay consistent and
then redesign with search providers taken into account too.
- Because the service is so slow, I went a bit further with the loading
state to show funny messages that rotate while loading mostly because
users will start thinking it is broken after 5 seconds while it fact we
are still loading. But open to ideas here.
This unfortunately means the integration for the consumer is not as lean
and pretty as you would hope. On the upside, it does give them complete
freedom.
```ts
.use(ImageGenerator, {
assemblyOptions: async (prompt) => {
const res = await fetch(`/assembly-options?prompt=${encodeURIComponent(prompt)}`)
return res.json()
}
})
```
on the consumer's server:
```ts
import crypto from 'node:crypto'
const utcDateString = (ms) => {
return new Date(ms)
.toISOString()
.replace(/-/g, '/')
.replace(/T/, ' ')
.replace(/\.\d+Z$/, '+00:00')
}
// expire 1 hour from now (this must be milliseconds)
const expires = utcDateString(Date.now() + 1 * 60 * 60 * 1000)
const authKey = 'YOUR_TRANSLOADIT_KEY'
const authSecret = 'YOUR_TRANSLOADIT_SECRET'
const params = JSON.stringify({
auth: {
key: authKey,
expires,
},
// can not contain any more steps, the only step must be /image/generate
steps: {
generated_image: { // can be named different
robot: '/image/generate',
result: true, // mandatory
aspect_ratio: '2:3', // up to them
model: 'flux-1.1-pro-ultra', // up to them
prompt, // mandatory
num_outputs: 2, // up to them
},
},
})
const signatureBytes = crypto.createHmac('sha384', authSecret).update(Buffer.from(params, 'utf-8'))
// The final signature needs the hash name in front, so
// the hashing algorithm can be updated in a backwards-compatible
// way when old algorithms become insecure.
const signature = `sha384:${signatureBytes.digest('hex')}`
// respond with { params, signature } JSON to the client
```
https://github.com/user-attachments/assets/9217e457-b38b-48ac-81f0-37a417309e98
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Adds AI image generation plugin using Transloadit, exports low-level
Transloadit APIs, and replaces SearchInput with new
FilterInput/SearchView + useSearchForm across provider views.
>
> - **New plugin: `@uppy/image-generator`**
> - UI plugin to generate images from a prompt via Transloadit
(`src/index.tsx`, styles, locale, build configs).
> - Integrated into dev Dashboard and included in `uppy` bundle and
global styles.
> - **Provider Views refactor**
> - Remove `SearchInput`; introduce `useSearchForm`, `SearchView`, and
`FilterInput` components.
> - Update `ProviderView`, `SearchProviderView`, and `Webdav` to use new
components; export them from `@uppy/provider-views`.
> - **Transloadit updates**
> - Export `Assembly`, `AssemblyError`, and `Client` from
`@uppy/transloadit`.
> - Minor internal change: normalize `assemblyOptions.fields`.
> - **Locales**
> - Add strings for image generation and minor additions (e.g.,
`chooseFiles`).
> - Ensure locales build depends on `@uppy/image-generator`.
> - **Build config**
> - Turborepo: add `uppy#build:css` and hook `image-generator` into
locales build.
> - **Changesets**
> - `@uppy/image-generator` major; `@uppy/transloadit` minor;
`@uppy/locales` and `uppy` minor; `@uppy/provider-views` and
`@uppy/webdav` patch.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
|
93ef1ba0e7
|
Resolve all angular yarn warnings (#6080)
<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Aligns Angular dependencies (including compiler-cli and animations) to
^19.2.17 in examples/angular and packages/@uppy/angular.
>
> - **Dependencies**:
> - `examples/angular/package.json`:
> - Bump `@angular/common`, `core`, `forms`, `platform-browser`,
`platform-browser-dynamic`, `router`, and `@angular/compiler-cli` to
`^19.2.17`.
> - `packages/@uppy/angular/package.json`:
> - Bump `@angular/animations`, `common`, `compiler`, `core`, `forms`,
`platform-browser`, `platform-browser-dynamic`, `router` to `^19.2.17`.
> - Update dev dependency `@angular/compiler-cli` to `^19.2.17`.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
|
28c27e875c
|
build(deps): bump validator from 13.15.20 to 13.15.22 (#6082)
Bumps [validator](https://github.com/validatorjs/validator.js) from 13.15.20 to 13.15.22. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/validatorjs/validator.js/releases">validator's releases</a>.</em></p> <blockquote> <h2>13.15.22</h2> <h3>Fixes, New Locales and Enhancements</h3> <ul> <li><a href="https://redirect.github.com/validatorjs/validator.js/pull/2622">#2622</a> <code>isURL</code>: fix regression with hostnames with ports <a href="https://github.com/mbtools"><code>@mbtools</code></a></li> <li><a href="https://redirect.github.com/validatorjs/validator.js/pull/2616">#2616</a> <code>isLength</code>: improve handling Unicode variation selectors <a href="https://github.com/koral"><code>@koral</code></a>--</li> <li><strong>Doc fixes and others:</strong> <ul> <li><a href="https://redirect.github.com/validatorjs/validator.js/pull/2621">#2621</a> <a href="https://github.com/mbtools"><code>@mbtools</code></a></li> </ul> </li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/mbtools"><code>@mbtools</code></a> made their first contribution in <a href="https://redirect.github.com/validatorjs/validator.js/pull/2622">validatorjs/validator.js#2622</a></li> <li><a href="https://github.com/koral"><code>@koral</code></a>-- made their first contribution in <a href="https://redirect.github.com/validatorjs/validator.js/pull/2616">validatorjs/validator.js#2616</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22">https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md">validator's changelog</a>.</em></p> <blockquote> <h1>13.15.22</h1> <h3>Fixes, New Locales and Enhancements</h3> <ul> <li><a href="https://redirect.github.com/validatorjs/validator.js/pull/2622">#2622</a> <code>isURL</code>: fix regression with hostnames with ports <a href="https://github.com/mbtools"><code>@mbtools</code></a></li> <li><a href="https://redirect.github.com/validatorjs/validator.js/pull/2616">#2616</a> <code>isLength</code>: improve handling Unicode variation selectors <a href="https://github.com/koral"><code>@koral</code></a>--</li> <li><strong>Doc fixes and others:</strong> <ul> <li><a href="https://redirect.github.com/validatorjs/validator.js/pull/2621">#2621</a> <a href="https://github.com/mbtools"><code>@mbtools</code></a></li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
|
556e36de4c
|
[ci] release (#6060)
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @uppy/audio@3.1.0 ### Minor Changes - |
||
|
|
5b680f2f05
|
build(deps): bump body-parser from 1.20.3 to 1.20.4 (#6070)
Bumps [body-parser](https://github.com/expressjs/body-parser) from 1.20.3 to 1.20.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/expressjs/body-parser/releases">body-parser's releases</a>.</em></p> <blockquote> <h2>v2.2.1</h2> <h2>Important: Security</h2> <ul> <li>Security fix for <a href="https://www.cve.org/CVERecord?id=CVE-2025-13466">CVE-2025-13466</a> (<a href="https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4">GHSA-wqch-xfxh-vrr4</a>)</li> </ul> <h2>What's Changed</h2> <ul> <li>ci: add dependabot by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/593">expressjs/body-parser#593</a></li> <li>ci: use full SHAs for github action versions by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/594">expressjs/body-parser#594</a></li> <li>deps: type-is@^2.0.1 by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/599">expressjs/body-parser#599</a></li> <li>build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/609">expressjs/body-parser#609</a></li> <li>build(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/610">expressjs/body-parser#610</a></li> <li>build(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/611">expressjs/body-parser#611</a></li> <li>build(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/613">expressjs/body-parser#613</a></li> <li>build(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/612">expressjs/body-parser#612</a></li> <li>ci: add codeql github workflows scanning by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/614">expressjs/body-parser#614</a></li> <li>ci: update CodeQL config to ignore the test directory by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/615">expressjs/body-parser#615</a></li> <li>build(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/620">expressjs/body-parser#620</a></li> <li>build(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/619">expressjs/body-parser#619</a></li> <li>chore(deps): unpin devDependencies by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/616">expressjs/body-parser#616</a></li> <li>ci: add node.js 24 to test matrix by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/621">expressjs/body-parser#621</a></li> <li>build(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/623">expressjs/body-parser#623</a></li> <li>build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/624">expressjs/body-parser#624</a></li> <li>chore: add funding to package.json by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/617">expressjs/body-parser#617</a></li> <li>build(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/625">expressjs/body-parser#625</a></li> <li>build(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/630">expressjs/body-parser#630</a></li> <li>refactor: move common request validation to read function by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/600">expressjs/body-parser#600</a></li> <li>deps: bump iconv-lite by <a href="https://github.com/bjohansebas"><code>@bjohansebas</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/631">expressjs/body-parser#631</a></li> <li>doc: pull beta changelog forward into 2.0.0 by <a href="https://github.com/jonchurch"><code>@jonchurch</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/629">expressjs/body-parser#629</a></li> <li>refactor: optimize raw and text parsers with shared passthrough function by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/634">expressjs/body-parser#634</a></li> <li>build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/640">expressjs/body-parser#640</a></li> <li>build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/639">expressjs/body-parser#639</a></li> <li>build(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/636">expressjs/body-parser#636</a></li> <li>build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/637">expressjs/body-parser#637</a></li> <li>build(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/638">expressjs/body-parser#638</a></li> <li>deps: raw-body@^3.0.1 by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/641">expressjs/body-parser#641</a></li> <li>deps: debug@^4.4.3 by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/642">expressjs/body-parser#642</a></li> <li>docs: add iconv-lite 0.7.0 changes to history entry by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/645">expressjs/body-parser#645</a></li> <li>ci: add node.js 25 to test matrix by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/650">expressjs/body-parser#650</a></li> <li>perf: move read options outside parser middlewares by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/648">expressjs/body-parser#648</a></li> <li>test(json): add RFC 7159 whitespace edge cases by <a href="https://github.com/Ayoub-Mabrouk"><code>@Ayoub-Mabrouk</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/653">expressjs/body-parser#653</a></li> <li>test: add test for urlencoded invalid defaultCharset by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/643">expressjs/body-parser#643</a></li> <li>build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/657">expressjs/body-parser#657</a></li> <li>build(deps): bump github/codeql-action from 3.30.5 to 4.31.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/656">expressjs/body-parser#656</a></li> <li>build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/655">expressjs/body-parser#655</a></li> <li>build(deps): bump actions/setup-node from 5.0.0 to 6.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/expressjs/body-parser/pull/654">expressjs/body-parser#654</a></li> <li>ci: also test on first supported node.js version by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/646">expressjs/body-parser#646</a></li> <li>chore: switch badges from badgen.net to shields.io by <a href="https://github.com/Phillip9587"><code>@Phillip9587</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/661">expressjs/body-parser#661</a></li> <li>Remove history.md from being packaged on publish by <a href="https://github.com/bjohansebas"><code>@bjohansebas</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/660">expressjs/body-parser#660</a></li> <li>Release: 2.2.1 by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/659">expressjs/body-parser#659</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/expressjs/body-parser/blob/master/HISTORY.md">body-parser's changelog</a>.</em></p> <blockquote> <h1>2.2.1 / 2025-11-24</h1> <ul> <li>Security fix for <a href="https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4">GHSA-wqch-xfxh-vrr4</a></li> <li>deps: <ul> <li>type-is@^2.0.1</li> <li>iconv-lite@^0.7.0 <ul> <li>Handle split surrogate pairs when encoding UTF-8</li> <li>Avoid false positives in <code>encodingExists</code> by using prototype-less objects</li> </ul> </li> <li>raw-body@^3.0.1</li> <li>debug@^4.4.3</li> </ul> </li> </ul> <h1>2.2.0 / 2025-03-27</h1> <ul> <li>refactor: normalize common options for all parsers</li> <li>deps: <ul> <li>iconv-lite@^0.6.3</li> </ul> </li> </ul> <h1>2.1.0 / 2025-02-10</h1> <ul> <li>deps: <ul> <li>type-is@^2.0.0</li> <li>debug@^4.4.0</li> <li>Removed destroy</li> </ul> </li> <li>refactor: prefix built-in node module imports</li> <li>use the node require cache instead of custom caching</li> </ul> <h1>2.0.2 / 2024-10-31</h1> <ul> <li>remove <code>unpipe</code> package and use native <code>unpipe()</code> method</li> </ul> <h1>2.0.1 / 2024-09-10</h1> <ul> <li>Restore expected behavior <code>extended</code> to <code>false</code></li> </ul> <h1>2.0.0 / 2024-09-10</h1> <h2>Breaking Changes</h2> <ul> <li>Node.js 18 is the minimum supported version</li> <li><code>req.body</code> is no longer always initialized to <code>{}</code> <ul> <li>it is left <code>undefined</code> unless a body is parsed</li> </ul> </li> <li>Remove deprecated <code>bodyParser()</code> combination middleware</li> <li><del><code>urlencoded</code> parser now defaults <code>extended</code> to <code>false</code></del> as released, this is not the case, fixed in 2.0.1</li> <li><code>urlencoded</code> simple parser now uses <code>qs</code> module instead of <code>querystring</code> module</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |