Commit Graph

159 Commits

Author SHA1 Message Date
Vercel
89fd5bcb0d Update React Flight/Next.js RCE vulnerability
## React Flight / Next.js RCE Advisory Update

### Summary
Successfully addressed the React Flight / Next.js RCE advisory for the worth-calculator project. The project was affected by the vulnerability as it uses Next.js 15.x.

### Vulnerability Detection
**Affected Packages Found:**
-  `next@15.0.2` - Vulnerable version detected in dependencies
-  `eslint-config-next@15.0.2` - Dev dependency that needed updating

**Not Used:**
-  `react-server-dom-webpack` - Not used
-  `react-server-dom-parcel` - Not used  
-  `react-server-dom-turbopack` - Not used

### Changes Made

#### Modified Files:
1. **package.json**
   - Upgraded `next` from `15.0.2` → `15.0.5` (patched version for 15.0.x)
   - Upgraded `eslint-config-next` from `15.0.2` → `15.0.5` (matching version)
   - React versions left unchanged as Next.js manages these dependencies automatically

2. **package-lock.json**
   - Updated via `npm install --legacy-peer-deps`
   - All dependencies resolved to compatible versions

### Verification Results

 **Build Verification**: `npm run build` completed successfully
- Next.js 15.0.5 built without errors
- All pages generated correctly
- Pre-existing ESLint warnings only (not introduced by this change)

 **Linter Check**: `npm run lint` passed
- Only pre-existing warnings found
- No new errors introduced by the update

 **Dependency Resolution**: Confirmed via `npm ls`
- next@15.0.5 ✓
- eslint-config-next@15.0.5 ✓

### Notes
- The project uses an RC build of React (`19.0.0-rc-02c0e824-20241028`) which required using `--legacy-peer-deps` flag during installation, but this is not a blocker as it's already configured in the project
- No React or React-DOM version changes needed as Next.js handles these automatically
- No manual changes to application code were required
- All changes are dependency-related and backward compatible

### Security Impact
This update patches the Next.js vulnerability affecting React Server Components security, addressing the RCE advisory identified in the security notice.

Co-authored-by: Vercel <vercel[bot]@users.noreply.github.com>
2025-12-08 11:38:06 +00:00
Zylan
87ed2d6cfc Merge pull request #74 from Youshuizhikon/patch-1
docs : 修改了README.md的表述
2025-10-14 20:47:49 +08:00
zihanjian
20b70dec52 version2 2025-08-20 15:16:47 +08:00
Youshuizhikon
9dc5376545 docs : Update README.md
修改了README.md的表述。
1.为中英文增加了日文适配消息,保证三者统一。
2.修改了日文的表述,使其更符合语法和使用习惯,详见下方

1."仕事の本当の価値を計算する"  
→ 更自然的表达:  
"仕事の真の価値を算出します" ("計算"→"算出",更正式)

2. "職務経験などに基づいてカスタマイズされた計算"  
→ 更简洁:  
"職歴などに基づくカスタム計算" ("職務経験"→"職歴")

3. "共有可能でダウンロード可能な"  
→ 更流畅:  
"ダウンロード・共有可能な" (用中黑点・替代"で")
2025-08-07 15:42:09 +08:00
zihanjian
0c98a8a40b 更新Google AdSense广告配置,修改ads.txt文件和layout.tsx中的广告客户端ID 2025-07-15 10:59:33 +08:00
zihanjian
d43be9db09 添加Google AdSense ads.txt文件 2025-07-09 14:40:00 +08:00
zihanjian
5c0bf23c6a 更新横向Banner背景颜色和暗黑模式支持 2025-07-05 02:22:26 +08:00
zihanjian
1a014e0692 进一步缩小横向Banner在大屏幕上的宽度
- 将最大宽度从 max-w-7xl (1280px) 改为 max-w-4xl (896px)
- 添加垂直内边距 (py-2) 让Banner与页面内容有适当间距
- 保持圆角和阴影效果

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-04 18:59:23 +08:00
zihanjian
b643081c0b 修改广告组件使用实际图片文件
- 横向Banner使用 /public/banner.png
- 竖向广告使用 /public/mainpage.png
- 添加图片存在性检查,图片不存在时不显示广告
- 使用 Next.js Image 组件优化图片加载

现在只需要将对应的图片文件放到 public 目录下即可显示广告。

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-04 17:51:10 +08:00
zihanjian
c5d9ffff2b 添加广告时间控制功能
- 创建环境变量配置示例文件 .env.example
- 添加广告配置工具函数,支持时间控制和链接配置
- 修改广告组件,根据环境变量控制显示
- 支持以下环境变量:
  - NEXT_PUBLIC_AD_END_TIME: 广告结束时间
  - NEXT_PUBLIC_AD_ENABLED: 是否启用广告
  - NEXT_PUBLIC_AD_LINK: 广告跳转链接

使用方法:
1. 复制 .env.example 为 .env.local
2. 设置广告结束时间,超过该时间广告自动下线
3. 可通过 NEXT_PUBLIC_AD_ENABLED=false 立即关闭广告

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-04 17:40:57 +08:00
zihanjian
c6cd15040d 为广告组件添加点击跳转功能
- 竖向广告和横向Banner都添加了链接包装
- 点击广告将在新标签页打开Google主页
- 添加了hover效果提升交互体验
- 使用了安全的链接属性(target="_blank" rel="noopener noreferrer")

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-04 17:33:22 +08:00
zihanjian
656db4fcb9 修正竖向广告比例为3:5(宽:高)
- 将竖向广告的宽高比从5:3改为3:5
- 调整宽度为300px,使其呈现真正的竖向效果
- 更新占位图片的尺寸以匹配新比例

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-04 17:27:17 +08:00
zihanjian
3e3d821e7d 添加首页广告组件
- 创建竖向广告弹窗组件(5:3比例,右上角可关闭)
- 创建横向Banner广告组件(7:1比例,顶部展示)
- 在首页集成两个广告组件
- 竖向广告延迟1秒后显示,避免影响首屏加载

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-04 17:24:56 +08:00
Zylan
297db5c17c Update README.md 2025-07-04 15:11:51 +08:00
Zylan
2b3bcf26a8 Update README.md 2025-07-04 15:11:33 +08:00
Zylan
535fefd1cc Update README.md 2025-07-04 15:11:05 +08:00
zihanjian
0fdbfe0045 优化薪资计算器中的薪资倍数计算逻辑,调整了工作单位类型对薪资增长的影响系数,同时移除了分享卡片中的广告单元,提升了组件的整洁性和可读性。 2025-06-09 13:55:40 +08:00
zihanjian
885f202706 在薪资计算器和分享卡片中新增 Google 广告单元,优化广告展示位置。 2025-06-09 11:25:23 +08:00
zihanjian
4c0127a670 在布局中新增 Google 广告脚本,以支持广告展示。 2025-06-09 00:27:22 +08:00
zihanjian
6b1638b24e 新增 @vercel/analytics 依赖并在布局中集成分析组件 2025-05-26 00:35:26 +08:00
Zylan
4f287d3a22 Merge pull request #50 from maoqxxmm/fix/canvas
fix: 修复 html2canvas 处理 rem 文字基线的对齐问题
2025-05-22 18:07:36 +08:00
maoqxxmm
57faf6c01f fix: 修复 html2canvas 处理 rem 文字基线的对齐问题 2025-05-11 21:13:25 +08:00
zihanjian
4b525dfb52 优化薪资计算逻辑,区分应届生与非应届生的薪资倍数计算方式,增加了对工作单位类型的影响系数,提升了薪资计算的准确性和灵活性。 2025-05-06 13:07:20 +08:00
zihanjian
020f21626f 移除了多个功能项的悬浮提示文本,并新增了“拼豆图纸”链接,优化了布局结构。 2025-05-03 14:17:19 +08:00
zihanjian
aa2176bdc1 修复了小红书链接的样式,使其在悬停时变为粉色,同时移除了不必要的注释代码。 2025-05-03 14:10:26 +08:00
Zylan
f4ec1e942b 1 2025-04-05 12:32:26 +08:00
Zylan
17bd97d724 1 2025-04-05 12:31:55 +08:00
Zylan
72b682c76f Merge branch 'main' of https://github.com/Zippland/worth-calculator 2025-04-05 12:25:01 +08:00
Zylan
d448ddf397 1 2025-04-05 12:24:20 +08:00
Zylan
d0387b7a6f Merge pull request #39 from buptorange/main
Revised Ja translation
2025-04-03 16:07:08 +08:00
Zylan
be2b479bac Merge pull request #38 from congweibai/feature/sortting-country-by-alpha
feat: 确保国家选项按照各个语言的顺序 而不是Unicode
2025-04-03 16:06:10 +08:00
orenji
51c57ec894 Revised Ja translation 2025-04-03 10:44:31 +09:00
Zylan
4bb94c6a0c repo 2025-04-03 02:41:19 +08:00
Zylan
5783e20504 return 2025-04-03 01:53:01 +08:00
Wyatt Bai
4750964f75 feat: 确保国家选项按照各个语言的顺序 而不是Unicode 2025-04-02 20:52:29 +10:30
Zylan
52948488d5 优化界面 2025-04-02 02:14:43 +08:00
Zylan
b4b87e8f5e style 2025-04-02 01:32:37 +08:00
Zylan
250e365579 1 2025-04-01 15:40:54 +08:00
Zylan
ca048fa17a debug 2025-04-01 15:39:45 +08:00
Zylan
1b084d72f0 debug 2025-04-01 15:28:19 +08:00
Zylan
5ae25c5e4e debug language 2025-04-01 15:11:52 +08:00
Zylan
c1c28772b1 Merge pull request #36 from SukkaW/next-react-compiler
perf: enable Next.js built-in react compiler
2025-04-01 12:57:04 +08:00
SukkaW
adc9eac4db perf: enable Next.js built-in react compiler 2025-04-01 12:51:36 +08:00
Zylan
164d5fd8ad -xhs 2025-04-01 12:08:33 +08:00
Zylan
71facc8b0e rdm 2025-04-01 12:05:41 +08:00
Zylan
8bd0fc2640 rednote 2025-04-01 11:51:50 +08:00
Zylan
b82f0c3b0e 1 2025-04-01 11:39:56 +08:00
Zylan
79f2f6f9f8 Merge pull request #34 from cpt-kenvie/feature/history
feat: 增加历史记录功能,数据存储在浏览器本地存储
2025-04-01 11:31:57 +08:00
Zylan
f5efb8eff2 Merge branch 'main' into feature/history 2025-04-01 11:31:38 +08:00
Zylan
4112a9858c style 2025-04-01 10:25:52 +08:00