einundzwanzig-verein

mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-nostr.git synced 2026-02-15 03:23:17 +00:00

Author	SHA1	Message	Date
vk	9b4930f419	[P1 Security] Vite auf v6+ upgraden – esbuild CVE fixen (vibe-kanban 3d74a242) ## Security Audit: Vite/esbuild Sicherheitslücke ### Problem `yarn audit` meldet eine Moderate Vulnerability in `esbuild` (Dependency von Vite 5.x): - Package: `esbuild` (transitive Dependency von `vite@5.4.21`) - Schwachstelle: Dev-Server erlaubt beliebige Cross-Origin-Requests – ein Angreifer könnte über einen bösartigen Browser-Tab auf den lokalen Dev-Server zugreifen - Fix: `esbuild >= 0.25.0` (enthalten in Vite 6+) Aktuelle Versionen: ``` vite: 5.4.21 → 7.3.1 (Major) laravel-vite-plugin: 1.3.0 → 2.1.0 (Major) ``` ### Lösung Upgrade-Pfad: 1. Vite upgraden: `yarn add -D vite@^7` (oder mindestens `vite@^6` für den Security-Fix) 2. Laravel Vite Plugin upgraden: `yarn add -D laravel-vite-plugin@^2` 3. Vite-Config anpassen: `vite.config.js` / `vite.config.ts` prüfen – breaking Changes zwischen v5 und v6/v7 beachten ### Vorgehen 1. Dokumentation lesen: Nutze `search-docs` mit `queries: ['vite', 'vite upgrade']` und `packages: ['laravel-vite-plugin']` 2. Aktuellen Build prüfen: `yarn run build` ausführen und sicherstellen dass es funktioniert (Baseline) 3. Backup: Aktuellen `yarn.lock` sichern 4. Upgrade durchführen: ```bash yarn add -D vite@^7 laravel-vite-plugin@^2 ``` 5. `vite.config.js` lesen und auf Breaking Changes prüfen – insbesondere: - Plugin-API Änderungen - CSS-Processing-Änderungen (PostCSS, Tailwind v4 Kompatibilität) - Asset-Handling-Änderungen 6. Build testen: `yarn run build` – muss fehlerfrei durchlaufen 7. Dev-Server testen: `yarn run dev` kurz starten und prüfen 8. Security Audit bestätigen: `yarn audit` erneut ausführen – die esbuild-Vulnerability sollte verschwunden sein 9. `php artisan test --compact` laufen lassen ### Betroffene Dateien - `package.json` – Version-Bumps - `yarn.lock` – Dependency-Tree Update - `vite.config.js` oder `vite.config.ts` – Ggf. Anpassungen für Breaking Changes - `resources/css/app.css` – Prüfen ob Tailwind v4 + PostCSS weiterhin funktioniert ### Risiken - Major-Version-Upgrade kann Breaking Changes haben - Tailwind v4 CSS-Import muss kompatibel bleiben - Flux UI Assets müssen weiterhin korrekt gebundelt werden ### Akzeptanzkriterien - `yarn audit` zeigt keine Vulnerabilities mehr - `yarn run build` läuft fehlerfrei - Dev-Server funktioniert - Alle bestehenden Tests bestehen - Tailwind CSS und Flux UI Components werden korrekt gerendert	2026-02-11 23:24:29 +01:00
HolgerHatGarKeineNode	7882e0d724	Fix (vibe-kanban 7be09dee) ## Wenn `changelog nicht mehr existert, dann lösche die Vorkommnisse.` Exception Summary - Class: `Livewire\Exceptions\ComponentNotFoundException` - Message: `Unable to find component: [changelog]` - Code: `0` - File: `vendor/livewire/livewire/src/Factory/Factory.php:76` - Timestamp: `2026-02-10T17:36:34+00:00` - Details: This exception was thrown during a HTTP Request. ## HTTP Request - Method: `GET` - URL: `https://verein.einundzwanzig.space/changelog` - Route: `changelog` - Status code: `500` - IP address: `43.173.173.8` ### Request Headers - `accept-encoding: gzip` - `upgrade-insecure-requests: 1` - `accept-language: en-US,en;q=0.9` - `accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7` - `user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36` - `host: verein.einundzwanzig.space` ### Authenticated User - Not authenticated for this execution. ## Database Queries (before exception) - Not captured ## Stack Trace (most recent call first) - [0] Livewire\\Factory\\Factory->resolveComponentNameAndClass() at vendor/livewire/livewire/src/Factory/Factory.php:76 - [1] Livewire\\Factory\\Factory->resolveComponentNameAndClass() at vendor/livewire/livewire/src/Factory/Factory.php:88 - [2] Livewire\\Factory\\Factory->resolveComponentClass() at vendor/livewire/livewire/src/Features/SupportPageComponents/SupportPageComponents.php:251 - [3] Livewire\\Features\\SupportPageComponents\\SupportPageComponents::routeActionIsAPageComponent() at vendor/livewire/livewire/src/Features/SupportPageComponents/SupportPageComponents.php:209 - [4] Livewire\\Features\\SupportPageComponents\\SupportPageComponents::{closure:Livewire\\Features\\SupportPageComponents\\SupportPageComponents::resolvePageComponentRouteBindings():207}() at [internal function] - [5] call\_user\_func() at vendor/laravel/framework/src/Illuminate/Routing/Router.php:982 - [6] Illuminate\\Routing\\Router->substituteImplicitBindings() at vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php:41 - [7] Illuminate\\Routing\\Middleware\\SubstituteBindings->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [8] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php:87 - [9] Illuminate\\Foundation\\Http\\Middleware\\VerifyCsrfToken->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [10] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php:48 - [11] Illuminate\\View\\Middleware\\ShareErrorsFromSession->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [12] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php:120 - [13] Illuminate\\Session\\Middleware\\StartSession->handleStatefulRequest() at vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php:63 - [14] Illuminate\\Session\\Middleware\\StartSession->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [15] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php:36 - [16] Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [17] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php:74 - [18] Illuminate\\Cookie\\Middleware\\EncryptCookies->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [19] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:137 - [20] Illuminate\\Pipeline\\Pipeline->then() at vendor/laravel/framework/src/Illuminate/Routing/Router.php:821 - [21] Illuminate\\Routing\\Router->runRouteWithinStack() at vendor/laravel/framework/src/Illuminate/Routing/Router.php:800 - [22] Illuminate\\Routing\\Router->runRoute() at vendor/laravel/framework/src/Illuminate/Routing/Router.php:764 - [23] Illuminate\\Routing\\Router->dispatchToRoute() at vendor/laravel/framework/src/Illuminate/Routing/Router.php:753 - [24] Illuminate\\Routing\\Router->dispatch() at vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php:200 - [25] Illuminate\\Foundation\\Http\\Kernel->{closure:Illuminate\\Foundation\\Http\\Kernel::dispatchToRouter():197}() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:180 - [26] Illuminate\\Pipeline\\Pipeline->{closure:Illuminate\\Pipeline\\Pipeline::prepareDestination():178}() at vendor/livewire/livewire/src/Features/SupportDisablingBackButtonCache/DisableBackButtonCacheMiddleware.php:19 - [27] Livewire\\Features\\SupportDisablingBackButtonCache\\DisableBackButtonCacheMiddleware->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [28] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php:21 - [29] Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle() at vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ConvertEmptyStringsToNull.php:31 - [30] Illuminate\\Foundation\\Http\\Middleware\\ConvertEmptyStringsToNull->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [31] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php:21 - [32] Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle() at vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php:51 - [33] Illuminate\\Foundation\\Http\\Middleware\\TrimStrings->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [34] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Http/Middleware/ValidatePostSize.php:27 - [35] Illuminate\\Http\\Middleware\\ValidatePostSize->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [36] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php:109 - [37] Illuminate\\Foundation\\Http\\Middleware\\PreventRequestsDuringMaintenance->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [38] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Http/Middleware/HandleCors.php:48 - [39] Illuminate\\Http\\Middleware\\HandleCors->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [40] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php:58 - [41] Illuminate\\Http\\Middleware\\TrustProxies->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [42] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/InvokeDeferredCallbacks.php:22 - [43] Illuminate\\Foundation\\Http\\Middleware\\InvokeDeferredCallbacks->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [44] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Http/Middleware/ValidatePathEncoding.php:26 - [45] Illuminate\\Http\\Middleware\\ValidatePathEncoding->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [46] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/nightwatch/src/Hooks/GlobalMiddleware.php:53 - [47] Laravel\\Nightwatch\\Hooks\\GlobalMiddleware->handle() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:219 - [48] Illuminate\\Pipeline\\Pipeline->{closure:{closure:Illuminate\\Pipeline\\Pipeline::carry():194}:195}() at vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:137 - [49] Illuminate\\Pipeline\\Pipeline->then() at vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php:175 - [50] Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter() at vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php:144 - [51] Illuminate\\Foundation\\Http\\Kernel->handle() at vendor/laravel/framework/src/Illuminate/Foundation/Application.php:1220 - [52] Illuminate\\Foundation\\Application->handleRequest() at public/index.php:17 ## Code Context - Not captured ## Occurrence Statistics - First seen: `2026-02-01T12:05:09+00:00` - Last seen: `2026-02-10T17:36:34+00:00` - Occurrences (last 24 hours): `2` - Occurrences (last 7 days): `17` - Users affected: `0`	2026-02-11 14:24:11 +01:00
HolgerHatGarKeineNode	578e4f13fc	🧹 Migrate Yarn registry URLs to npm registry: update `yarn.lock` dependencies for consistency and clean up unused entries.	2026-01-23 20:02:21 +01:00
HolgerHatGarKeineNode	c5793872af	🛠️ Refactor Blade templates: improve HTML structure, standardize indentation, and enhance readability in layouts and component definitions.	2026-01-19 22:14:49 +01:00
HolgerHatGarKeineNode	a4aad6ebb6	🗑️ Remove deprecated and unused layouts, components, and assets; update dependencies and integrate TailwindCSS v4 for improved consistency.	2026-01-18 19:18:51 +01:00
HolgerHatGarKeineNode	5476a74c8c	🗑️ Remove unused Nova app.css file to streamline vendor assets	2026-01-18 15:26:42 +01:00
HolgerHatGarKeineNode	087b7a4997	🗑️ Remove Pulse and Sanctum configuration files due to deprecation 🛠️ Upgrade to Laravel 12 and update dependencies, including `laravel-echo` and `pusher-js` 🗑️ Remove `laravel/folio` package and related configurations	2026-01-18 00:50:27 +01:00
user	aff3f32c9b	Remove `nostr-login` dependency and update lockfile.	2025-11-20 21:01:08 +01:00
user	52e7535d84	Update dependency versions in package.json and yarn.lock	2025-11-16 18:46:50 +01:00
fsociety	14a216325d	🔄 chore(deps): update multiple dependencies in `yarn.lock` to latest versions for improved compatibility	2025-06-04 17:33:30 +02:00
fsociety	9016663929	✨ feat(markdown): add spatie/laravel-markdown for enhanced markdown rendering and code highlighting	2024-10-23 18:29:02 +02:00
fsociety	7e2e806d8f	new yarn.lock	2024-10-06 13:43:42 +02:00
fsociety	1d5079bfa0	feat: handle logout events in nostr-login This commit introduces handling for logout events in nostr-login across various pages. When a user logs out, the current public key and other related information are reset to null. The nostrLogin.js file has also been updated to dispatch a 'nostrLoggedOut' event when this occurs. Additionally, the nostr-login package has been added to the project dependencies.	2024-10-06 13:38:49 +02:00
fsociety	e0a34d9376	feat: add QR code generator and Nostr event handling - Added the `simplesoftwareio/simple-qrcode` package to the project - Created a new JavaScript file `nostrZap.js` to handle Nostr events - Added the `nostrZap` function to the Alpine.js data property in `app.js` - Updated the `services.php` configuration file to include the `nostr` environment variable - Created a new database migration to add a `payment_event` field to the `einundzwanzig_plebs` table - Made adjustments in the `Election:year.blade.php` view file to handle potential null values - Updated `composer.lock` and `package.json` with the new dependencies	2024-09-30 14:46:30 +02:00
fsociety	ef0650f4d5	real-time-admin-dashboard added	2024-09-29 16:18:44 +02:00
fsociety	354680f702	voting system with nostr added	2024-09-29 01:02:04 +02:00
fsociety	a0ef037b2d	first copies from portal	2024-09-04 19:37:46 +02:00

17 Commits