6a6f192942
Build fixes: - tsconfig.json: moduleResolution "node" → "bundler" (resolves node-diff3 v3.2.0 exports-only package); add "es2021" to lib for AggregateError - webpack.config.js: NormalModuleReplacementPlugin to strip "node:" URI prefix so resolve.fallback browserify shims apply - Remove "aggregate-error" import in src/main.ts, src/fsS3.ts, pro/src/sync.ts — use native global AggregateError (Node 15+, Electron 98+, both satisfied by Obsidian runtime) - .gitignore: ignore *.main.js webpack chunks Audit reduction (22 → 4 low): - Remove npm-check-updates devDep (use `npx ncu` ad-hoc) — kills 15 vulns from transitive cacache/sigstore/tar/pacote chain - Pin to versions ≥ 30 days old (supply-chain hygiene): @types/node 24.12.2, c8 11.0.0, mocha 11.7.5, esbuild 0.28.0, crypto-browserify 3.12.1 - package.json overrides: elliptic@6.6.1, diff@9.0.0, serialize-javascript@7.0.5 to push transitive fixes - Remaining 4 lows are all elliptic (advisory marks all versions vulnerable; no upstream fix available)
30 lines
217 B
Plaintext
30 lines
217 B
Plaintext
# Intellij
|
|
*.iml
|
|
.idea/
|
|
|
|
# npm
|
|
node_modules/
|
|
pnpm-lock.yaml
|
|
|
|
# build
|
|
main.js
|
|
*.main.js
|
|
*.js.map
|
|
|
|
# obsidian
|
|
data.json
|
|
|
|
# debug
|
|
logs.txt
|
|
|
|
# coverage
|
|
coverage/
|
|
|
|
# env / secrets
|
|
.env
|
|
.env.local
|
|
|
|
# OS
|
|
.DS_Store
|
|
Thumbs.db
|