lywsvip/GameServerManager
1
0
Fork 0
mirror of https://github.com/GSManagerXZ/GameServerManager.git synced 2026-06-01 18:39:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

Upgrade node-cron and postcss to fix Dependabot alerts

Browse Source
This commit is contained in:
yxsj245
2026-04-30 09:15:30 +08:00
parent 12a6f687e1
commit 7c39453b24
6 changed files with 18 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
client/package-lock.json generated
View File

@@ -39,7 +39,7 @@
"eslint-plugin-react-hooks": "^4.6.2",
"eslint-plugin-react-refresh": "^0.4.26",
"fast-check": "^4.6.0",
"postcss": "^8.5.8",
"postcss": "^8.5.10",
"tailwindcss": "^3.4.19",
"typescript": "^5.9.3",
"vite": "^5.4.21",
@@ -4526,9 +4526,9 @@
}
},
"node_modules/postcss": {
"version": "8.5.9",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.9.tgz",
"integrity": "sha512-7a70Nsot+EMX9fFU3064K/kdHWZqGVY+BADLyXc8Dfv+mTLLVl6JzJpPaCZ2kQL9gIJvKXSLMHhqdRRjwQeFtw==",
"version": "8.5.12",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.12.tgz",
"integrity": "sha512-W62t/Se6rA0Az3DfCL0AqJwXuKwBeYg6nOaIgzP+xZ7N5BFCI7DYi1qs6ygUYT6rvfi6t9k65UMLJC+PHZpDAA==",
"dev": true,
"funding": [
{

2
client/package.json
View File

@@ -43,7 +43,7 @@
"eslint": "^8.57.1",
"eslint-plugin-react-hooks": "^4.6.2",
"eslint-plugin-react-refresh": "^0.4.26",
"postcss": "^8.5.8",
"postcss": "^8.5.10",
"tailwindcss": "^3.4.19",
"typescript": "^5.9.3",
"vite": "^5.4.21",

5
docs/依赖升级说明.md
View File

@@ -18,7 +18,9 @@
- `client` 保持在与现有代码兼容的 React 18、`react-router-dom` 6、`framer-motion` 11、`lucide-react` 0.x、`vite` 5 组合。
- `server` 保持在与现有代码兼容的 Express 4、`cron-parser` 4、`node-cron` 3、`tar` 6 组合。
- `server``uuid` 已升级 `>=14.0.0`同时移除了不再需要的 `@types/uuid`,改用 `uuid` 自带类型声明
- `server``node-cron` 已升级 `^4.2.1`,移除了旧版 `uuid` 的传递依赖来源
- `server``uuid` 仍保持在 `>=14.0.0`,同时移除了不再需要的 `@types/uuid`,改用 `uuid` 自带类型声明。
- `client``postcss` 已升级到 `^8.5.10`,用于修复 Dependabot 提示的字符串化输出风险。
- `server/src/utils/tarSecurityFilter.ts` 改为通过 `tar.extract` 推导类型,避免直接引用不存在的 `ExtractOptions`
## 验证方式
@@ -41,5 +43,6 @@ npm run build
- 这次升级已经同步更新了锁文件。
- `uuid@14.0.0` 仍然保持 ESM 导出和 `types` 声明导出,和当前服务端的 `type: module`、TypeScript 配置兼容。
- `node-cron@4.2.1` 继续保留 `schedule``validate` 等当前用法,且不再额外引入老版 `uuid`
- 构建时如果看到 Vite 的 chunk size 警告,属于体积提示,不影响本次升级结果。
- 如果后续要继续冲主版本,建议分模块推进,先改依赖,再改类型和运行时调用。

28
server/package-lock.json generated
View File

@@ -25,7 +25,7 @@
"jsonwebtoken": "^9.0.3",
"mime-types": "^2.1.35",
"multer": "^2.1.1",
"node-cron": "^3.0.3",
"node-cron": "^4.2.1",
"properties-reader": "^2.3.0",
"smol-toml": "^1.4.2",
"socket.io": "^4.8.3",
@@ -46,7 +46,6 @@
"@types/mime-types": "^2.1.4",
"@types/multer": "2.0.0",
"@types/node": "^20.19.37",
"@types/node-cron": "^3.0.11",
"@types/tar-stream": "^3.1.4",
"fast-check": "^4.6.0",
"jest": "^29.7.0",
@@ -1793,13 +1792,6 @@
"undici-types": "~6.21.0"
}
},
"node_modules/@types/node-cron": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/@types/node-cron/-/node-cron-3.0.11.tgz",
"integrity": "sha512-0ikrnug3/IyneSHqCBeslAhlK2aBfYek1fGo4bP4QnZPmiqSGRK+Oy7ZMisLWkesffJvQ1cqAcBnJC+8+nxIAg==",
"dev": true,
"license": "MIT"
},
"node_modules/@types/qs": {
"version": "6.15.0",
"resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.15.0.tgz",
@@ -5329,26 +5321,14 @@
"license": "MIT"
},
"node_modules/node-cron": {
"version": "3.0.3",
"resolved": "https://registry.npmjs.org/node-cron/-/node-cron-3.0.3.tgz",
"integrity": "sha512-dOal67//nohNgYWb+nWmg5dkFdIwDm8EpeGYMekPMrngV3637lqnX0lbUcCtgibHTz6SEz7DAIjKvKDFYCnO1A==",
"version": "4.2.1",
"resolved": "https://registry.npmjs.org/node-cron/-/node-cron-4.2.1.tgz",
"integrity": "sha512-lgimEHPE/QDgFlywTd8yTR61ptugX3Qer29efeyWw2rv259HtGBNn1vZVmp8lB9uo9wC0t/AT4iGqXxia+CJFg==",
"license": "ISC",
"dependencies": {
"uuid": "8.3.2"
},
"engines": {
"node": ">=6.0.0"
}
},
"node_modules/node-cron/node_modules/uuid": {
"version": "8.3.2",
"resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
"integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==",
"license": "MIT",
"bin": {
"uuid": "dist/bin/uuid"
}
},
"node_modules/node-int64": {
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz",

3
server/package.json
View File

@@ -27,7 +27,7 @@
"jsonwebtoken": "^9.0.3",
"mime-types": "^2.1.35",
"multer": "^2.1.1",
"node-cron": "^3.0.3",
"node-cron": "^4.2.1",
"properties-reader": "^2.3.0",
"smol-toml": "^1.4.2",
"socket.io": "^4.8.3",
@@ -54,7 +54,6 @@
"@types/mime-types": "^2.1.4",
"@types/multer": "2.0.0",
"@types/node": "^20.19.37",
"@types/node-cron": "^3.0.11",
"@types/tar-stream": "^3.1.4",
"jest": "^29.7.0",
"tsx": "^4.21.0",

9
server/src/modules/scheduler/SchedulerManager.ts
View File

@@ -3,6 +3,7 @@ import { promises as fs } from 'fs'
import path from 'path'
import { fileURLToPath } from 'url'
import { v4 as uuidv4 } from 'uuid'
import type { ScheduledTask as CronScheduledTask } from 'node-cron'
import winston from 'winston'
import cron from 'node-cron'
import cronParser from 'cron-parser'
@@ -40,7 +41,7 @@ export interface ScheduledTask {
}
interface ScheduledTaskWithJob extends ScheduledTask {
job?: cron.ScheduledTask
job?: CronScheduledTask
}
export class SchedulerManager extends EventEmitter {
@@ -174,11 +175,9 @@ export class SchedulerManager extends EventEmitter {
}
// 创建新的定时任务
task.job = cron.schedule(task.schedule, async () => {
task.job = cron.createTask(task.schedule, async () => {
this.logger.info(`[Scheduler] Cron callback triggered for task: ${task.name} (${taskId})`);
await this.executeTask(taskId)
}, {
scheduled: false
})
// 设置下次执行时间
@@ -612,4 +611,4 @@ export class SchedulerManager extends EventEmitter {
this.tasks.clear()
this.logger.info('定时任务管理器已销毁')
}
}
}