twenty

mirror of https://github.com/twentyhq/twenty.git synced 2026-06-12 01:46:39 -04:00

Files

Charles Bochet ca4fc5615f security: refresh lodash + picomatch in twenty-apps lockfiles (#21378 )

## What

Clears the 4 remaining High alerts in the standalone `twenty-apps`
lockfiles (hello-world, call-recording). Both are transitive and already
in-range, so a plain lockfile refresh picks up the patched releases — no
resolutions.

| Package | From → To | Requested by | Advisory |
|---|---|---|---|
| lodash | 4.17.x → 4.18.1 | `@genql/runtime` (`^4.17.20`),
`twenty-client-sdk` (`^4.17.21`) | GHSA-r5fr-rjxr-66jc |
| picomatch | 4.0.x → 4.0.4 | `tinyglobby` (`^4.0.3`) |
GHSA-c2c7-rcm5-vvqj |

Only the two app `yarn.lock` files change. These are isolated
example/internal apps (not in the root workspace), in the same family as
the already-merged #21371 / #21374.

2026-06-09 19:11:02 +02:00

.github/workflows

chore: centralize deploy/install CD actions in twentyhq/twenty (#19454 )

2026-04-08 15:25:51 +02:00

src

Update twenty sdk commands (#20735 )

2026-05-20 15:12:39 +00:00

.gitignore

Improve apps (#19256 )

2026-04-03 12:44:03 +00:00

.nvmrc

Improve apps (#19256 )

2026-04-03 12:44:03 +00:00

.oxlintrc.json

chore(twenty-sdk): shrink logic-function bundles via stubbing (#20033 )

2026-04-24 17:51:35 +02:00

.yarnrc.yml

Improve apps (#19256 )

2026-04-03 12:44:03 +00:00

LLMS.md

Improve apps (#19256 )

2026-04-03 12:44:03 +00:00

package.json

security(apps): bump twenty-sdk to 2.10.1 for the 3 remaining pre-2.0 apps (tmp, undici) (#21374 )

2026-06-09 17:24:09 +02:00

README.md

Update twenty sdk commands (#20735 )

2026-05-20 15:12:39 +00:00

tsconfig.json

Improve apps (#19256 )

2026-04-03 12:44:03 +00:00

tsconfig.spec.json

Improve apps (#19256 )

2026-04-03 12:44:03 +00:00

vitest.config.ts

Use app's own OAuth credentials for CoreApiClient generation (#19563 )

2026-04-11 11:24:28 +02:00

yarn.lock

security: refresh lodash + picomatch in twenty-apps lockfiles (#21378 )

2026-06-09 19:11:02 +02:00

README.md

This is a Twenty application project bootstrapped with create-twenty-app.

Getting Started

First, authenticate to your workspace:

yarn twenty remote:add --api-url http://localhost:2020 --as local

Then, start development mode to sync your app and watch for changes:

yarn twenty dev

Open your Twenty instance and go to /settings/applications section to see the result.

Available Commands

Run yarn twenty help to list all available commands. Common commands:

# Remotes & Authentication
yarn twenty remote:add --api-url http://localhost:2020 --as local     # Authenticate with Twenty
yarn twenty remote:status         # Check auth status
yarn twenty remote:use            # Set default remote
yarn twenty remote:list           # List all configured remotes
yarn twenty remote:remove <name>  # Remove a remote

# Application
yarn twenty dev            # Start dev mode (watch, build, sync, and auto-generate typed client)
yarn twenty dev:add        # Scaffold a new entity (object, field, function, front-component, role, view, navigation-menu-item)
yarn twenty dev:function:logs    # Stream function logs
yarn twenty dev:function:exec    # Execute a function with JSON payload
yarn twenty app:uninstall  # Uninstall app from workspace

Integration Tests

If your project includes the example integration test (src/__tests__/app-install.integration-test.ts), you can run it with:

# Make sure a Twenty server is running at http://localhost:3000
yarn test

The test builds and installs the app, then verifies it appears in the applications list. Test configuration (API URL and API key) is defined in vitest.config.ts.

LLMs instructions

Main docs and pitfalls are available in LLMS.md file.

Learn More

To learn more about Twenty applications, take a look at the following resources:

twenty-sdk - learn about twenty-sdk tool.
Twenty doc - Twenty's documentation.
Join our Discord

You can check out the Twenty GitHub repository - your feedback and contributions are welcome!