chore: ⬆️ Upgrade Bun to 1.2.7

2025-12-06 08:28:19 +01:00 · 2025-03-27 14:41:43 +01:00 · 2025-03-27 14:41:43 +01:00 · 5f8c57b3e1
parent ebb0f52f1e
commit 5f8c57b3e1
5 changed files with 160 additions and 160 deletions
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@ -1,5 +1,5 @@
 # Bun doesn't run well on Musl but this seems to work
-FROM oven/bun:1.2.5-alpine as base
+FROM oven/bun:1.2.7-alpine as base
 # Switch to Bash by editing /etc/passwd
 RUN apk add --no-cache libstdc++ git bash curl openssh cloc && \
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -10,33 +10,33 @@ Please see [Database Changes](#database-changes) and [New Configuration](#new-co
 ### Federation
- [x] 🦄 Updated to [`Versia 0.5`](https://versia.pub/changelog).
+-   [x] 🦄 Updated to [`Versia 0.5`](https://versia.pub/changelog).
- [x] 📦 Added support for new Versia features:
+-   [x] 📦 Added support for new Versia features:
-  - [x] [**Instance Messaging Extension**](https://versia.pub/extensions/instance-messaging)
+    -   [x] [**Instance Messaging Extension**](https://versia.pub/extensions/instance-messaging)
-  - [x] [**Shared Inboxes**](https://versia.pub/federation#inboxes)
+    -   [x] [**Shared Inboxes**](https://versia.pub/federation#inboxes)
- [x] 🔗 Changed entity URIs to be more readable (`example.org/objects/:id` → `example.org/{notes,likes,...}/:id`)
+-   [x] 🔗 Changed entity URIs to be more readable (`example.org/objects/:id` → `example.org/{notes,likes,...}/:id`)
 ### API
- [x] 📲 Added [Push Notifications](https://docs.joinmastodon.org/methods/push) support.
+-   [x] 📲 Added [Push Notifications](https://docs.joinmastodon.org/methods/push) support.
- [x] 📖 Overhauled OpenAPI schemas to match [Mastodon API docs](https://docs.joinmastodon.org)
+-   [x] 📖 Overhauled OpenAPI schemas to match [Mastodon API docs](https://docs.joinmastodon.org)
- [x] 👷 Improved [**Roles API**](https://server.versia.pub/api/roles) to allow for full role control (create, update, delete, assign).
+-   [x] 👷 Improved [**Roles API**](https://server.versia.pub/api/roles) to allow for full role control (create, update, delete, assign).
- [x] ✏️ `<div>` and `<span>` tags are now allowed in Markdown.
+-   [x] ✏️ `<div>` and `<span>` tags are now allowed in Markdown.
 ### CLI
- [x] ⌨️ New commands!
+-   [x] ⌨️ New commands!
-  - [x] ✨️ `cli user token` to generate API tokens.
+    -   [x] ✨️ `cli user token` to generate API tokens.
-  - [x] ✨️ `cli notes recalculate` to recalculate note attributes (such as emojis). Useful after deleting and reuploading emojis with the same name.
+    -   [x] ✨️ `cli notes recalculate` to recalculate note attributes (such as emojis). Useful after deleting and reuploading emojis with the same name.
 ### Backend
- [x] 🚀 Upgraded Bun to `1.2.5`
+-   [x] 🚀 Upgraded Bun to `1.2.7`
- [x] 🖼️ Simplified media pipeline: this will improve S3 performance
+-   [x] 🖼️ Simplified media pipeline: this will improve S3 performance
-  - [ ] 📈 It is now possible to disable media proxying for your CDN (offloading considerable bandwidth to your more optimized CDN).
+    -   [ ] 📈 It is now possible to disable media proxying for your CDN (offloading considerable bandwidth to your more optimized CDN).
- [x] 👷 Outbound federation, inbox processing, data fetching and media processing are now handled by a queue system.
+-   [x] 👷 Outbound federation, inbox processing, data fetching and media processing are now handled by a queue system.
-  - [x] 🌐 An administration panel is available at `/admin/queues` to monitor and manage queues.
+    -   [x] 🌐 An administration panel is available at `/admin/queues` to monitor and manage queues.
- [x] 🔥 Removed support for **from-source** installations, as Versia Server is designed around containerization and maintaining support was a large burden.
+-   [x] 🔥 Removed support for **from-source** installations, as Versia Server is designed around containerization and maintaining support was a large burden.
 ## New Configuration
@ -46,16 +46,16 @@ Configuration parsing and validation has been overhauled. Unfortunately, this me
 Various media-related attributes have been merged into a single `Medias` table. This will require a migration in order to preserve the old data.
-Since very few instances are running `0.7.0`, we have decided to "rawdog it" instead of making a proper migration script (as that would take a ton of *unpaid* time).
+Since very few instances are running `0.7.0`, we have decided to "rawdog it" instead of making a proper migration script (as that would take a ton of _unpaid_ time).
 In the case that you've been running secret instances in the shadows, let us know and we'll help you out.
 ## Bug Fixes
- 🐛 All URIs in custom Markdown text are now correctly proxied.
+-   🐛 All URIs in custom Markdown text are now correctly proxied.
- 🐛 Fixed several issues with the [ActivityPub Federation Bridge](https://github.com/versia-pub/activitypub) preventing it from operating properly.
+-   🐛 Fixed several issues with the [ActivityPub Federation Bridge](https://github.com/versia-pub/activitypub) preventing it from operating properly.
- 🐛 Fixed incorrect content-type on some media when using S3.
+-   🐛 Fixed incorrect content-type on some media when using S3.
- 🐛 All media content-type is now correctly fetched, instead of guessed from the file extension as before.
+-   🐛 All media content-type is now correctly fetched, instead of guessed from the file extension as before.
 # `0.7.0` • The Auth and APIs Update
@ -68,32 +68,32 @@ Versia Server `0.7.0` is backwards compatible with `0.6.0`. However, some new fe
 ## Features
- Upgraded Bun to `1.1.34`. This brings performance upgrades and better stability.
+-   Upgraded Bun to `1.1.34`. This brings performance upgrades and better stability.
- Added support for the [ActivityPub Federation Bridge](https://github.com/versia-pub/activitypub).
+-   Added support for the [ActivityPub Federation Bridge](https://github.com/versia-pub/activitypub).
- Added support for the [Sonic](https://github.com/valeriansaliou/sonic) search indexer.
+-   Added support for the [Sonic](https://github.com/valeriansaliou/sonic) search indexer.
- Note deletions are now federated.
+-   Note deletions are now federated.
- Note edits are now federated.
+-   Note edits are now federated.
- Added support for [Sentry](https://sentry.io).
+-   Added support for [Sentry](https://sentry.io).
- Added option for more federation debug logging.
+-   Added option for more federation debug logging.
- Added [**Roles API**](https://server.versia.pub/api/roles).
+-   Added [**Roles API**](https://server.versia.pub/api/roles).
- Added [**Permissions API**](https://server.versia.pub/api/roles) and enabled it for every route.
+-   Added [**Permissions API**](https://server.versia.pub/api/roles) and enabled it for every route.
- Added [**TOS and Privacy Policy**](https://server.versia.pub/api/mastodon) endpoints.
+-   Added [**TOS and Privacy Policy**](https://server.versia.pub/api/mastodon) endpoints.
- Added [**Challenge API**](https://server.versia.pub/api/challenges). (basically CAPTCHAS). This can be enabled/disabled by administrators. No `versia-fe` support yet.
+-   Added [**Challenge API**](https://server.versia.pub/api/challenges). (basically CAPTCHAS). This can be enabled/disabled by administrators. No `versia-fe` support yet.
- Added ability to refetch user data from remote instances.
+-   Added ability to refetch user data from remote instances.
- Added ability to change the `username` of a user. ([Mastodon API extension](https://server.versia.pub/api/mastodon#api-v1-accounts-update-credentials)).
+-   Added ability to change the `username` of a user. ([Mastodon API extension](https://server.versia.pub/api/mastodon#api-v1-accounts-update-credentials)).
- Added an endpoint to get a user by its username.
+-   Added an endpoint to get a user by its username.
- Add OpenID Connect registration support. Admins can now disable username/password registration entirely and still allow users to sign up via OpenID Connect.
+-   Add OpenID Connect registration support. Admins can now disable username/password registration entirely and still allow users to sign up via OpenID Connect.
- Add option to never convert vector images to a raster format.
+-   Add option to never convert vector images to a raster format.
- Refactor logging system to be more robust and easier to use. Log files are now automatically rotated.
+-   Refactor logging system to be more robust and easier to use. Log files are now automatically rotated.
- Add support for HTTP proxies.
+-   Add support for HTTP proxies.
- Add support for serving Versia over a Tor hidden service.
+-   Add support for serving Versia over a Tor hidden service.
- Add global server error handler, to properly return 500 error messages to clients.
+-   Add global server error handler, to properly return 500 error messages to clients.
- Sign all federation HTTP requests.
+-   Sign all federation HTTP requests.
- Add JSON schema for configuration file.
+-   Add JSON schema for configuration file.
- Rewrite federation stack
+-   Rewrite federation stack
- Updated federation to Versia 0.4
+-   Updated federation to Versia 0.4
- Implement OAuth2 token revocation
+-   Implement OAuth2 token revocation
- Add new **Plugin API**
+-   Add new **Plugin API**
 ## Plugin System
@ -105,50 +105,50 @@ A new plugin system for extending Versia Server has been added in this release!
 Plugins using this framework support:
- [x] Plugin hotswapping and hotreloading
+-   [x] Plugin hotswapping and hotreloading
- [x] Manifest files (JSON, JSON5, JSONC supported) with metadata (JSON schema provided)
+-   [x] Manifest files (JSON, JSON5, JSONC supported) with metadata (JSON schema provided)
- [x] Installation by dropping a folder into the plugins/ directory
+-   [x] Installation by dropping a folder into the plugins/ directory
- [x] Support for plugins having their own NPM dependencies
+-   [x] Support for plugins having their own NPM dependencies
- [x] Support for storing plugins' configuration in the main config.toml (single source of truth)
+-   [x] Support for storing plugins' configuration in the main config.toml (single source of truth)
- [x] Schema-based strict config validation (plugins can specify their own schemas)
+-   [x] Schema-based strict config validation (plugins can specify their own schemas)
- [x] Full type-safety
+-   [x] Full type-safety
- [x] Custom hooks
+-   [x] Custom hooks
- [x] FFI compatibility (with `bun:ffi` or Node's FFI)
+-   [x] FFI compatibility (with `bun:ffi` or Node's FFI)
- [x] Custom API route registration or overriding or middlewaring
+-   [x] Custom API route registration or overriding or middlewaring
- [x] Automatic OpenAPI schema generation for all installed plugins
+-   [x] Automatic OpenAPI schema generation for all installed plugins
- [x] End-to-end and unit testing supported
+-   [x] End-to-end and unit testing supported
- [x] Automatic user input validation for API routes with schemas (specify a schema for the route and the server will take care of validating everything)
+-   [x] Automatic user input validation for API routes with schemas (specify a schema for the route and the server will take care of validating everything)
- [x] Access to internal database abstractions
+-   [x] Access to internal database abstractions
- [x] Support for sending raw SQL to database (type-safe!)
+-   [x] Support for sending raw SQL to database (type-safe!)
- [x] Plugin autoload on startup with override controls (enable/disable)
+-   [x] Plugin autoload on startup with override controls (enable/disable)
 As a demonstration of the power of this system and an effort to modularize the codebase further, OpenID functionality has been moved to a plugin. This plugin is required for login.
 ## Bug Fixes
- Fix favouriting/unfavouriting sometimes returning negative counts.
+-   Fix favouriting/unfavouriting sometimes returning negative counts.
- Non-images will now properly be uploaded to object storage.
+-   Non-images will now properly be uploaded to object storage.
- Make account searches case-insensitive
+-   Make account searches case-insensitive
- Fix image decoding error when passing media through proxy.
+-   Fix image decoding error when passing media through proxy.
- OpenID Connect now correctly remembers and passes `state` parameter.
+-   OpenID Connect now correctly remembers and passes `state` parameter.
- OpenID Connect will not reject some correct but weird redirect URIs.
+-   OpenID Connect will not reject some correct but weird redirect URIs.
- Markdown posts will not have invisible anchor tags anymore (this messed up accessibility).
+-   Markdown posts will not have invisible anchor tags anymore (this messed up accessibility).
- Reverse proxies incorrectly reporting an HTTPS request as HTTP will now be handled correctly during OpenID Connect flows.
+-   Reverse proxies incorrectly reporting an HTTPS request as HTTP will now be handled correctly during OpenID Connect flows.
- API Relationships will now correctly return `requested_by`.
+-   API Relationships will now correctly return `requested_by`.
- Make process wait for Ctrl+C to exit on error, instead of exiting immediately. This fixes some issues with Docker restarting endlessly.
+-   Make process wait for Ctrl+C to exit on error, instead of exiting immediately. This fixes some issues with Docker restarting endlessly.
- Animated media will now stay animated when uploaded.
+-   Animated media will now stay animated when uploaded.
- Some instance metadata will no longer be missing from `/api/v2/instabnce` endpoint. In fact, it will now be more complete than Mastodon's implementation.
+-   Some instance metadata will no longer be missing from `/api/v2/instabnce` endpoint. In fact, it will now be more complete than Mastodon's implementation.
- The Origin HTTP header will no longer be used to determine the origin of a request. This was a security issue.
+-   The Origin HTTP header will no longer be used to determine the origin of a request. This was a security issue.
- New notes will no longer incorrectly be federated to *all* remote users at once.
+-   New notes will no longer incorrectly be federated to _all_ remote users at once.
- Fix [Elk Client](https://elk.zone/) not being able to log in.
+-   Fix [Elk Client](https://elk.zone/) not being able to log in.
 ## Removals
- Remove old logging system, to be replaced by a new one.
+-   Remove old logging system, to be replaced by a new one.
- Removed Meilisearch support, in favor of Sonic. Follow instructions in the [installation guide](https://server.versia.pub/setup/installation) to set up Sonic.
+-   Removed Meilisearch support, in favor of Sonic. Follow instructions in the [installation guide](https://server.versia.pub/setup/installation) to set up Sonic.
- Removed explicit Glitch-FE support. Glitch-FE will still work, but must be hosted separately like any other frontend.
+-   Removed explicit Glitch-FE support. Glitch-FE will still work, but must be hosted separately like any other frontend.
 ## Miscellaneous
- Remove Node.js from Docker build.
+-   Remove Node.js from Docker build.
- Update all dependencies.
+-   Update all dependencies.
--- a/2
+++ b/2
@ -26,7 +26,7 @@ RUN bun run build
 WORKDIR /temp/dist
 # Copy production dependencies and source code into final image
-FROM oven/bun:1.2.5-alpine
+FROM oven/bun:1.2.7-alpine
 # Install libstdc++ for Bun and create app directory
 RUN apk add --no-cache libstdc++ && \
--- a/Worker.Dockerfile
+++ b/Worker.Dockerfile
@ -26,7 +26,7 @@ RUN bun run build:worker
 WORKDIR /temp/dist
 # Copy production dependencies and source code into final image
-FROM oven/bun:1.2.5-alpine
+FROM oven/bun:1.2.7-alpine
 # Install libstdc++ for Bun and create app directory
 RUN apk add --no-cache libstdc++ && \
--- a/bun.lock
+++ b/bun.lock
@ -4,82 +4,82 @@
    "": {
      "name": "versia-server",
      "dependencies": {
-        "@bull-board/api": "latest",
+        "@bull-board/api": "^6.7.10",
-        "@bull-board/hono": "latest",
+        "@bull-board/hono": "^6.7.10",
-        "@clerc/plugin-completions": "latest",
+        "@clerc/plugin-completions": "^0.44.0",
-        "@clerc/plugin-friendly-error": "latest",
+        "@clerc/plugin-friendly-error": "^0.44.0",
-        "@clerc/plugin-help": "latest",
+        "@clerc/plugin-help": "^0.44.0",
-        "@clerc/plugin-not-found": "latest",
+        "@clerc/plugin-not-found": "^0.44.0",
-        "@clerc/plugin-version": "latest",
+        "@clerc/plugin-version": "^0.44.0",
-        "@hackmd/markdown-it-task-lists": "latest",
+        "@hackmd/markdown-it-task-lists": "^2.1.4",
-        "@hono/prometheus": "latest",
+        "@hono/prometheus": "^1.0.1",
-        "@hono/zod-openapi": "latest",
+        "@hono/zod-openapi": "0.19.2",
-        "@hono/zod-validator": "latest",
+        "@hono/zod-validator": "^0.4.3",
-        "@inquirer/confirm": "latest",
+        "@inquirer/confirm": "^5.1.8",
-        "@logtape/file": "latest",
+        "@logtape/file": "^0.9.0",
-        "@logtape/logtape": "latest",
+        "@logtape/logtape": "^0.9.0",
-        "@scalar/hono-api-reference": "latest",
+        "@scalar/hono-api-reference": "^0.7.3",
-        "@sentry/bun": "latest",
+        "@sentry/bun": "^9.9.0",
        "@versia/client": "workspace:*",
-        "@versia/federation": "latest",
+        "@versia/federation": "^0.2.1",
        "@versia/kit": "workspace:*",
-        "altcha-lib": "latest",
+        "altcha-lib": "^1.2.0",
-        "blurhash": "latest",
+        "blurhash": "^2.0.5",
-        "bullmq": "latest",
+        "bullmq": "^5.44.4",
-        "c12": "latest",
+        "c12": "^3.0.2",
-        "chalk": "latest",
+        "chalk": "^5.4.1",
-        "clerc": "latest",
+        "clerc": "^0.44.0",
-        "confbox": "latest",
+        "confbox": "^0.2.1",
-        "drizzle-orm": "latest",
+        "drizzle-orm": "^0.41.0",
-        "hono": "latest",
+        "hono": "^4.7.5",
-        "html-to-text": "latest",
+        "html-to-text": "^9.0.5",
-        "ioredis": "latest",
+        "ioredis": "^5.6.0",
-        "ip-matching": "latest",
+        "ip-matching": "^2.1.2",
-        "iso-639-1": "latest",
+        "iso-639-1": "^3.1.5",
-        "jose": "latest",
+        "jose": "^6.0.10",
-        "linkify-html": "latest",
+        "linkify-html": "^4.2.0",
-        "linkify-string": "latest",
+        "linkify-string": "^4.2.0",
-        "linkifyjs": "latest",
+        "linkifyjs": "^4.2.0",
-        "magic-regexp": "latest",
+        "magic-regexp": "^0.8.0",
-        "markdown-it": "latest",
+        "markdown-it": "^14.1.0",
-        "markdown-it-anchor": "latest",
+        "markdown-it-anchor": "^9.2.0",
-        "markdown-it-container": "latest",
+        "markdown-it-container": "^4.0.0",
-        "markdown-it-toc-done-right": "latest",
+        "markdown-it-toc-done-right": "^4.2.0",
-        "mime-types": "latest",
+        "mime-types": "^3.0.1",
-        "mitata": "latest",
+        "mitata": "^1.0.34",
-        "oauth4webapi": "latest",
+        "oauth4webapi": "^3.3.1",
-        "ora": "latest",
+        "ora": "^8.2.0",
-        "pg": "latest",
+        "pg": "^8.14.1",
-        "qs": "latest",
+        "qs": "^6.14.0",
-        "sharp": "latest",
+        "sharp": "^0.33.5",
-        "sonic-channel": "latest",
+        "sonic-channel": "^1.3.1",
-        "string-comparison": "latest",
+        "string-comparison": "^1.3.0",
-        "stringify-entities": "latest",
+        "stringify-entities": "^4.0.4",
-        "uqr": "latest",
+        "uqr": "^0.1.2",
-        "web-push": "latest",
+        "web-push": "^3.6.7",
-        "xss": "latest",
+        "xss": "^1.0.15",
-        "zod": "latest",
+        "zod": "^3.24.2",
-        "zod-validation-error": "latest",
+        "zod-validation-error": "^3.4.0",
      },
      "devDependencies": {
-        "@biomejs/biome": "latest",
+        "@biomejs/biome": "^1.9.4",
-        "@types/bun": "latest",
+        "@types/bun": "^1.2.7",
-        "@types/html-to-text": "latest",
+        "@types/html-to-text": "^9.0.4",
-        "@types/markdown-it-container": "latest",
+        "@types/markdown-it-container": "^2.0.10",
-        "@types/mime-types": "latest",
+        "@types/mime-types": "^2.1.4",
-        "@types/pg": "latest",
+        "@types/pg": "^8.11.11",
-        "@types/qs": "latest",
+        "@types/qs": "^6.9.18",
-        "@types/web-push": "latest",
+        "@types/web-push": "^3.6.4",
-        "drizzle-kit": "latest",
+        "drizzle-kit": "^0.30.6",
-        "markdown-it-image-figures": "latest",
+        "markdown-it-image-figures": "^2.1.1",
-        "markdown-it-mathjax3": "latest",
+        "markdown-it-mathjax3": "^4.3.2",
-        "ts-prune": "latest",
+        "ts-prune": "^0.10.3",
-        "typescript": "latest",
+        "typescript": "^5.8.2",
-        "vitepress": "latest",
+        "vitepress": "^1.6.3",
-        "vitepress-plugin-tabs": "latest",
+        "vitepress-plugin-tabs": "^0.6.0",
-        "vitepress-sidebar": "latest",
+        "vitepress-sidebar": "^1.31.1",
-        "vue": "latest",
+        "vue": "^3.5.13",
-        "zod-to-json-schema": "latest",
+        "zod-to-json-schema": "^3.24.5",
      },
      "peerDependencies": {
        "typescript": "^5.7.2",