diff --git a/packages/server/package.json b/packages/server/package.json index 96dea7231..c40be70cb 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -34,7 +34,7 @@ "bulma-prefers-dark": "0.1.0-beta.1", "compare-versions": "6.1.0", "dayjs": "1.11.10", - "formidable": "3.5.1", + "formidable": "2.1.2", "fs-extra": "11.2.0", "html-entities": "1.4.0", "jquery": "3.7.1", @@ -63,7 +63,7 @@ "@joplin/tools": "~2.14", "@rmp135/sql-ts": "1.18.1", "@types/bcryptjs": "2.4.6", - "@types/formidable": "3.4.5", + "@types/formidable": "2.0.6", "@types/fs-extra": "11.0.4", "@types/jest": "29.5.8", "@types/jest-expect-message": "1.0.4", diff --git a/packages/server/src/utils/requestUtils.ts b/packages/server/src/utils/requestUtils.ts index bd15633d8..b04516186 100644 --- a/packages/server/src/utils/requestUtils.ts +++ b/packages/server/src/utils/requestUtils.ts @@ -1,12 +1,10 @@ import { cookieGet } from './cookies'; import { ErrorForbidden } from './errors'; import { AppContext } from './types'; -import * as formidableFn from 'formidable'; +import * as formidable from 'formidable'; import { Fields, Files } from 'formidable'; import { IncomingMessage } from 'http'; -const formidable = require('formidable').default as typeof formidableFn; - export type BodyFields = Record; interface FormParseResult { @@ -26,16 +24,17 @@ interface FormParseRequest extends IncomingMessage { body: any; } -// Previously Formidable would return the files and fields as key/value pairs. -// With v3, the value however is always an array. This is unclear why they did -// this but for example a field `email=test@example.com` would come out as -// `email: ['test@example.com']`. Since all our code expect simple key/value -// pairs, we use this function to convert back to the old style. +// Previously Formidable would return the files and fields as key/value pairs. With v3, the value +// however is always an array. This is unclear why they did this but for example a field +// `email=test@example.com` would come out as `email: ['test@example.com']`. Since all our code +// expect simple key/value pairs, we use this function to convert back to the old style. // // For the extra challenge, they made this change only if the content-type is -// "application/x-www-form-urlencoded". Other content types such as JSON are not -// modified. -const convertFieldsToKeyValue = (fields: Record) => { +// "application/x-www-form-urlencoded". Other content types such as JSON are not modified. +// +// As of 2024-01-18, this may no longer be necessary since we reverted to Formidable v2, but keeping +// it anyway just in case. +const convertFieldsToKeyValue = (fields: Files | Fields) => { const convertedFields: Record = {}; for (const [k, v] of Object.entries(fields)) { if (Array.isArray(v)) { diff --git a/renovate.json5 b/renovate.json5 index 45f350dbb..3a102b813 100644 --- a/renovate.json5 +++ b/renovate.json5 @@ -135,6 +135,11 @@ "strip-ansi", "node-emoji", + // Formidable v3 is broken: + // https://github.com/node-formidable/formidable/issues/958 + "formidable", + "@types/formidable", + // @koa/cors has undocumented breaking changes, and the package is not // well supported so we're stuck with latest v3 for now "@koa/cors", diff --git a/yarn.lock b/yarn.lock index 0a7a7e59f..b3d09b191 100644 --- a/yarn.lock +++ b/yarn.lock @@ -7045,7 +7045,7 @@ __metadata: "@koa/cors": 3.4.3 "@rmp135/sql-ts": 1.18.1 "@types/bcryptjs": 2.4.6 - "@types/formidable": 3.4.5 + "@types/formidable": 2.0.6 "@types/fs-extra": 11.0.4 "@types/jest": 29.5.8 "@types/jest-expect-message": 1.0.4 @@ -7062,7 +7062,7 @@ __metadata: bulma-prefers-dark: 0.1.0-beta.1 compare-versions: 6.1.0 dayjs: 1.11.10 - formidable: 3.5.1 + formidable: 2.1.2 fs-extra: 11.2.0 gulp: 4.0.2 html-entities: 1.4.0 @@ -10415,12 +10415,12 @@ __metadata: languageName: node linkType: hard -"@types/formidable@npm:3.4.5": - version: 3.4.5 - resolution: "@types/formidable@npm:3.4.5" +"@types/formidable@npm:2.0.6": + version: 2.0.6 + resolution: "@types/formidable@npm:2.0.6" dependencies: "@types/node": "*" - checksum: 27384c8459e44f5e167922927bd31fcd1259555062faacaa490b52f8896a0a5614918ee4ec6ec9123c1418ac127908270c1182a2441d49681b37dc34737c3646 + checksum: d6be0ac12bf8dd2e4f8a022271ee6e501c7f6d7dd58d71c68497ca7da84bee1538d1a2a64a90b56dad557ddb291d48c5731206269e9ab53ed91264e68a4d1476 languageName: node linkType: hard @@ -21857,14 +21857,15 @@ __metadata: languageName: node linkType: hard -"formidable@npm:3.5.1": - version: 3.5.1 - resolution: "formidable@npm:3.5.1" +"formidable@npm:2.1.2": + version: 2.1.2 + resolution: "formidable@npm:2.1.2" dependencies: dezalgo: ^1.0.4 hexoid: ^1.0.0 once: ^1.4.0 - checksum: 46b21496f9f985161cf7636163147b6728f9997c7e1d59433680d92619758bf6862330e6d105b5816bafcd1ab32f27ef183455991f93ef836ea731c68db62af9 + qs: ^6.11.0 + checksum: 81c8e5d89f5eb873e992893468f0de22c01678ca3d315db62be0560f9de1c77d4faefc9b1f4575098eb2263b3c81ba1024833a9fc3206297ddbac88a4f69b7a8 languageName: node linkType: hard @@ -34662,7 +34663,7 @@ __metadata: languageName: node linkType: hard -"qs@npm:^6.11.2": +"qs@npm:^6.11.0, qs@npm:^6.11.2": version: 6.11.2 resolution: "qs@npm:6.11.2" dependencies: