BreizhHardware/express-prom-bundle
1
0
Fork 0
mirror of https://github.com/BreizhHardware/express-prom-bundle.git synced 2026-01-19 00:37:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: BreizhHardware:v8.0.6
Branches Tags
BreizhHardware:master BreizhHardware:dependabot/npm_and_yarn/dev/supertest-7.2.2 BreizhHardware:dependabot/npm_and_yarn/dev/globals-17.0.0 BreizhHardware:main BreizhHardware:dev BreizhHardware:copilot/sub-pr-9
BreizhHardware:v8.0.7 BreizhHardware:v8.0.6 BreizhHardware:v8.0.5 BreizhHardware:v8.0.4 BreizhHardware:8.0.0 BreizhHardware:7.0.2 BreizhHardware:7.0.1 BreizhHardware:7.0.0 BreizhHardware:6.6.0 BreizhHardware:6.5.0 BreizhHardware:6.4.1 BreizhHardware:6.4.0 BreizhHardware:6.3.6 BreizhHardware:6.3.5 BreizhHardware:6.3.4 BreizhHardware:6.3.3 BreizhHardware:6.3.2 BreizhHardware:6.3.1 BreizhHardware:6.3.0 BreizhHardware:6.2.0 BreizhHardware:6.1.0 BreizhHardware:6.0.0 BreizhHardware:5.1.5 BreizhHardware:5.1.4 BreizhHardware:5.1.3 BreizhHardware:5.1.2 BreizhHardware:5.1.1 BreizhHardware:5.1.0 BreizhHardware:5.0.2 BreizhHardware:5.0.1 BreizhHardware:5.0.0 BreizhHardware:4.3.0 BreizhHardware:4.2.1 BreizhHardware:4.2.0 BreizhHardware:4.1.0 BreizhHardware:4.0.0 BreizhHardware:3.3.0 BreizhHardware:3.0.0 BreizhHardware:2.2.0 BreizhHardware:2.1.0 BreizhHardware:2.0.0 BreizhHardware:1.2.3 BreizhHardware:1.2.1 BreizhHardware:1.1.8 BreizhHardware:1.1.7 BreizhHardware:1.1.5 BreizhHardware:1.1.6 BreizhHardware:1.1.4 BreizhHardware:1.1.3
...
compare: BreizhHardware:main
Branches Tags
BreizhHardware:dependabot/npm_and_yarn/dev/supertest-7.2.2 BreizhHardware:dependabot/npm_and_yarn/dev/globals-17.0.0 BreizhHardware:main BreizhHardware:dev BreizhHardware:copilot/sub-pr-9 BreizhHardware:master
BreizhHardware:v8.0.7 BreizhHardware:v8.0.6 BreizhHardware:v8.0.5 BreizhHardware:v8.0.4 BreizhHardware:8.0.0 BreizhHardware:7.0.2 BreizhHardware:7.0.1 BreizhHardware:7.0.0 BreizhHardware:6.6.0 BreizhHardware:6.5.0 BreizhHardware:6.4.1 BreizhHardware:6.4.0 BreizhHardware:6.3.6 BreizhHardware:6.3.5 BreizhHardware:6.3.4 BreizhHardware:6.3.3 BreizhHardware:6.3.2 BreizhHardware:6.3.1 BreizhHardware:6.3.0 BreizhHardware:6.2.0 BreizhHardware:6.1.0 BreizhHardware:6.0.0 BreizhHardware:5.1.5 BreizhHardware:5.1.4 BreizhHardware:5.1.3 BreizhHardware:5.1.2 BreizhHardware:5.1.1 BreizhHardware:5.1.0 BreizhHardware:5.0.2 BreizhHardware:5.0.1 BreizhHardware:5.0.0 BreizhHardware:4.3.0 BreizhHardware:4.2.1 BreizhHardware:4.2.0 BreizhHardware:4.1.0 BreizhHardware:4.0.0 BreizhHardware:3.3.0 BreizhHardware:3.0.0 BreizhHardware:2.2.0 BreizhHardware:2.1.0 BreizhHardware:2.0.0 BreizhHardware:1.2.3 BreizhHardware:1.2.1 BreizhHardware:1.1.8 BreizhHardware:1.1.7 BreizhHardware:1.1.5 BreizhHardware:1.1.6 BreizhHardware:1.1.4 BreizhHardware:1.1.3

12 Commits
v8.0.6 ... main

Author SHA1 Message Date
Félix MARQUET
ef4fe2c5b5 Merge pull request #25 from BreizhHardware/dev 
chore(deps): Update qs to fix security issue
 2026-01-04 10:22:06 +01:00
Félix MARQUET
dcc9e1f893 chore(deps): Update qs to fix security issue 2026-01-04 09:18:26 +00:00
Félix MARQUET
02a5cb67c3 Merge pull request #23 from BreizhHardware/dev 
Dev
 2025-12-17 10:05:02 +01:00
Félix MARQUET
36d1484d33 feat(security): Add security policy documentation 2025-12-17 09:01:43 +00:00
Félix MARQUET
8fc61cd1d8 chore(version): bump version to 8.0.7 2025-12-17 08:55:50 +00:00
Félix MARQUET
4fd7a797c5 feat(action): Add regular github action for audit security vulnerability 2025-12-17 08:53:44 +00:00
Félix MARQUET
30d9c3d473 Merge pull request #21 from BreizhHardware/dependabot/npm_and_yarn/dev/eslint/js-9.39.2 
chore(deps-dev): bump @eslint/js from 9.39.1 to 9.39.2
 2025-12-17 09:33:16 +01:00
Félix MARQUET
10fe1cac8f Merge pull request #22 from BreizhHardware/dependabot/npm_and_yarn/dev/eslint-9.39.2 
chore(deps-dev): bump eslint from 9.39.1 to 9.39.2
 2025-12-17 09:32:50 +01:00
dependabot[bot]
9b4e0eb163 chore(deps-dev): bump eslint from 9.39.1 to 9.39.2 
Bumps [eslint](https://github.com/eslint/eslint) from 9.39.1 to 9.39.2.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/compare/v9.39.1...v9.39.2)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 9.39.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 15:37:01 +00:00
dependabot[bot]
475b7a8f6d chore(deps-dev): bump @eslint/js from 9.39.1 to 9.39.2 
Bumps [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) from 9.39.1 to 9.39.2.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/commits/v9.39.2/packages/js)

---
updated-dependencies:
- dependency-name: "@eslint/js"
  dependency-version: 9.39.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 15:36:51 +00:00
Félix MARQUET
c1482220c2 Merge pull request #20 from BreizhHardware/dependabot/npm_and_yarn/dev/multi-b251156d90 
chore(deps): bump express and @types/express
 2025-12-15 08:51:57 +01:00
dependabot[bot]
66643411b8 chore(deps): bump express and @types/express 
Bumps [express](https://github.com/expressjs/express) and [@types/express](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/express). These dependencies needed to be updated together.

Updates `express` from 5.2.0 to 5.2.1
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/v5.2.0...v5.2.1)

Updates `@types/express` from 5.0.5 to 5.0.6
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/express)

---
updated-dependencies:
- dependency-name: express
  dependency-version: 5.2.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: "@types/express"
  dependency-version: 5.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-08 15:41:39 +00:00
5 changed files with 98 additions and 39 deletions
Expand all files Collapse all files

12
.devcontainer/devcontainer.json Normal file
View File

@@ -0,0 +1,12 @@
{
"name": "Node.js 24",
"image": "mcr.microsoft.com/devcontainers/base:ubuntu",
"features": {
"ghcr.io/devcontainers/features/node:1": {
"nodeGypDependencies": true,
"version": "lts",
"nvmVersion": "latest"
},
"ghcr.io/devcontainers/features/git-lfs:1": {}
}
}

42
.github/workflows/audit.yml vendored Normal file
View File

@@ -0,0 +1,42 @@
name: Security Audit
on:
push:
branches: [main, dev]
pull_request:
branches:
- '**'
schedule:
- cron: '0 8 * * *'
workflow_dispatch:
jobs:
audit:
runs-on: ubuntu-latest
permissions:
contents: read
issues: write
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Install dependencies
run: npm install
- name: Run security audit
id: audit
run: npm audit --audit-level moderate
continue-on-error: true
- name: Create issue on failure
if: steps.audit.outcome == 'failure'
uses: actions/github-script@v8
with:
script: |
github.rest.issues.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: 'Security Audit Failed',
body: 'The daily security audit has failed. Please check the workflow run for details: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}',
labels: ['security', 'audit']
});

12
SECURITY.md Normal file
View File

@@ -0,0 +1,12 @@
# Security Policy
## Supported Versions
| Version | Supported |
| ------- | ------------------ |
| >= 8.0.x| :white_check_mark: |
| < 8.0.0 | :x: |
## Reporting a Vulnerability
Please use [GitHub's private vulnerability reporting](https://github.com/breizhhardware/express-prom-bundle/security/advisories/new) to report a vulnerability.

69
package-lock.json generated
View File

@@ -1,12 +1,12 @@
{
"name": "@breizhhardware/express-prom-bundle",
"version": "8.0.6",
"version": "8.0.7",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "@breizhhardware/express-prom-bundle",
"version": "8.0.6",
"version": "8.0.7",
"license": "MIT",
"dependencies": {
"@types/express": "^5.0.0",
@@ -65,6 +65,7 @@
"resolved": "https://registry.npmjs.org/@babel/core/-/core-7.28.5.tgz",
"integrity": "sha512-e7jT4DxYvIDLk1ZHmU/m/mB19rex9sv0c2ftBtjSBv+kVM/902eh0fINUzD7UwLLNR+jU585GxUJ8/EBfAM5fw==",
"dev": true,
"peer": true,
"dependencies": {
"@babel/code-frame": "^7.27.1",
"@babel/generator": "^7.28.5",
@@ -401,9 +402,9 @@
}
},
"node_modules/@eslint/js": {
"version": "9.39.1",
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.39.1.tgz",
"integrity": "sha512-S26Stp4zCy88tH94QbBv3XCuzRQiZ9yXofEILmglYTh/Ug/a9/umqvgFtYBAo3Lp0nsI/5/qH1CCrbdK3AP1Tw==",
"version": "9.39.2",
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.39.2.tgz",
"integrity": "sha512-q1mjIoW1VX4IvSocvM/vbTiveKC4k9eLrajNEuSsmjymSDEbpGddtpfOoN7YGAqBK3NG+uqo8ia4PDTt8buCYA==",
"dev": true,
"license": "MIT",
"engines": {
@@ -767,13 +768,14 @@
"dev": true
},
"node_modules/@types/express": {
"version": "5.0.5",
"resolved": "https://registry.npmjs.org/@types/express/-/express-5.0.5.tgz",
"integrity": "sha512-LuIQOcb6UmnF7C1PCFmEU1u2hmiHL43fgFQX67sN3H4Z+0Yk0Neo++mFsBjhOAuLzvlQeqAAkeDOZrJs9rzumQ==",
"version": "5.0.6",
"resolved": "https://registry.npmjs.org/@types/express/-/express-5.0.6.tgz",
"integrity": "sha512-sKYVuV7Sv9fbPIt/442koC7+IIwK5olP1KWeD88e/idgoJqDm3JV/YUiPwkoKK92ylff2MGxSz1CSjsXelx0YA==",
"license": "MIT",
"dependencies": {
"@types/body-parser": "*",
"@types/express-serve-static-core": "^5.0.0",
"@types/serve-static": "^1"
"@types/serve-static": "^2"
}
},
"node_modules/@types/express-serve-static-core": {
@@ -790,7 +792,8 @@
"node_modules/@types/http-errors": {
"version": "2.0.5",
"resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.5.tgz",
"integrity": "sha512-r8Tayk8HJnX0FztbZN7oVqGccWgw98T/0neJphO91KkmOzug1KkofZURD4UaD5uH8AqcFLfdPErnBod0u71/qg=="
"integrity": "sha512-r8Tayk8HJnX0FztbZN7oVqGccWgw98T/0neJphO91KkmOzug1KkofZURD4UaD5uH8AqcFLfdPErnBod0u71/qg==",
"license": "MIT"
},
"node_modules/@types/json-schema": {
"version": "7.0.15",
@@ -798,11 +801,6 @@
"integrity": "sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==",
"dev": true
},
"node_modules/@types/mime": {
"version": "1.3.5",
"resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz",
"integrity": "sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w=="
},
"node_modules/@types/minimist": {
"version": "1.2.5",
"resolved": "https://registry.npmjs.org/@types/minimist/-/minimist-1.2.5.tgz",
@@ -842,21 +840,12 @@
}
},
"node_modules/@types/serve-static": {
"version": "1.15.10",
"resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.10.tgz",
"integrity": "sha512-tRs1dB+g8Itk72rlSI2ZrW6vZg0YrLI81iQSTkMmOqnqCaNr/8Ek4VwWcN5vZgCYWbg/JJSGBlUaYGAOP73qBw==",
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-2.2.0.tgz",
"integrity": "sha512-8mam4H1NHLtu7nmtalF7eyBH14QyOASmcxHhSfEoRyr0nP/YdoesEtU+uSRvMe96TW/HPTtkoKqQLl53N7UXMQ==",
"license": "MIT",
"dependencies": {
"@types/http-errors": "*",
"@types/node": "*",
"@types/send": "<1"
}
},
"node_modules/@types/serve-static/node_modules/@types/send": {
"version": "0.17.6",
"resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.6.tgz",
"integrity": "sha512-Uqt8rPBE8SY0RK8JB1EzVOIZ32uqy8HwdxCnoCOsYrvnswqmFZ/k+9Ikidlk/ImhsdvBsloHbAlewb2IEBV/Og==",
"dependencies": {
"@types/mime": "^1",
"@types/node": "*"
}
},
@@ -887,6 +876,7 @@
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz",
"integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
"dev": true,
"peer": true,
"bin": {
"acorn": "bin/acorn"
},
@@ -1126,6 +1116,7 @@
"url": "https://github.com/sponsors/ai"
}
],
"peer": true,
"dependencies": {
"baseline-browser-mapping": "^2.8.19",
"caniuse-lite": "^1.0.30001751",
@@ -1713,11 +1704,12 @@
}
},
"node_modules/eslint": {
"version": "9.39.1",
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.39.1.tgz",
"integrity": "sha512-BhHmn2yNOFA9H9JmmIVKJmd288g9hrVRDkdoIgRCRuSySRUHH7r/DI6aAXW9T1WwUuY3DFgrcaqB+deURBLR5g==",
"version": "9.39.2",
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.39.2.tgz",
"integrity": "sha512-LEyamqS7W5HB3ujJyvi0HQK/dtVINZvd5mAAp9eT5S/ujByGjiZLCzPcHVzuXbpJDJF/cxwHlfceVUDZ2lnSTw==",
"dev": true,
"license": "MIT",
"peer": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.8.0",
"@eslint-community/regexpp": "^4.12.1",
@@ -1725,7 +1717,7 @@
"@eslint/config-helpers": "^0.4.2",
"@eslint/core": "^0.17.0",
"@eslint/eslintrc": "^3.3.1",
"@eslint/js": "9.39.1",
"@eslint/js": "9.39.2",
"@eslint/plugin-kit": "^0.4.1",
"@humanfs/node": "^0.16.6",
"@humanwhocodes/module-importer": "^1.0.1",
@@ -1910,9 +1902,9 @@
}
},
"node_modules/express": {
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/express/-/express-5.2.0.tgz",
"integrity": "sha512-XdpJDLxfztVY59X0zPI6sibRiGcxhTPXRD3IhJmjKf2jwMvkRGV1j7loB8U+heeamoU3XvihAaGRTR4aXXUN3A==",
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/express/-/express-5.2.1.tgz",
"integrity": "sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -4028,10 +4020,11 @@
}
},
"node_modules/qs": {
"version": "6.14.0",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz",
"integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==",
"version": "6.14.1",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.1.tgz",
"integrity": "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==",
"dev": true,
"license": "BSD-3-Clause",
"dependencies": {
"side-channel": "^1.1.0"
},

2
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@breizhhardware/express-prom-bundle",
"version": "8.0.6",
"version": "8.0.7",
"description": "express middleware with popular prometheus metrics in one bundle",
"main": "src/index.js",
"keywords": [