Commit graph

748 commits

Author SHA1 Message Date
Renovate Bot
13e0ee337e
Update dependency helmet to ^4.5.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-04-19 12:09:14 +00:00
Philip Molares
da811aca09 Dependency: Remove imgur
This dependency is outdated anyway (it still uses the old imgur api) and for our purposes we can substitute it with a simple POST request via note-fetch.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-19 12:29:44 +02:00
Renovate Bot
f8e36a4ec1
Lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-04-17 13:01:14 +00:00
Renovate Bot
780d6a5dff
Update dependency css-loader to v5.2.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-04-16 16:43:11 +00:00
Renovate Bot
af82e760ed
Update dependency eslint-plugin-promise to v5
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-04-15 20:13:31 +00:00
Renovate Bot
92a484224f
Update dependency eslint to v7.24.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-04-15 20:05:50 +00:00
Renovate Bot
95d1385560
Update dependency css-loader to v5.2.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-04-13 20:01:39 +00:00
Renovate Bot
6c90f36169
Update dependency mini-css-extract-plugin to v1.4.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-04-07 13:04:02 +00:00
Renovate Bot
416d8d5b5b
Lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-04-05 00:28:45 +00:00
Yannick Bungers
1534d7029b
Merge pull request #1079 from hedgedoc/fix/mimeTypes 2021-03-29 23:14:53 +02:00
Renovate Bot
92f3b523e7
Lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-29 00:04:54 +00:00
Philip Molares
fdb04a3655 Dependency: Add is-svg
This is used to check if .svg files really are svg.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-28 22:26:36 +02:00
Renovate Bot
54d735adca
Update dependency eslint to v7.23.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-28 18:35:44 +00:00
David Mehren
396e4a10a4
Merge pull request #1074 from hedgedoc/renovate/master-webpack-cli-4.x
Update dependency webpack-cli to v4.6.0 (master)
2021-03-28 20:34:08 +02:00
David Mehren
b3f9a1bab8
Merge pull request #1069 from hedgedoc/renovate/master-mini-css-extract-plugin-1.x
Update dependency mini-css-extract-plugin to v1.4.0 (master)
2021-03-28 20:34:01 +02:00
Renovate Bot
f1b2cf779b
Update dependency webpack-cli to v4.6.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-27 16:07:02 +00:00
Renovate Bot
359e80bd98
Update dependency mini-css-extract-plugin to v1.4.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 19:59:24 +00:00
Renovate Bot
504a796cda
Update dependency css-loader to v5.2.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-25 11:19:38 +00:00
Renovate Bot
5bbaee9d26
Lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-22 01:14:43 +00:00
Renovate Bot
0b2d7d2cbb
Update dependency css-loader to v5.1.3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-15 20:33:24 +00:00
David Mehren
cddbe57e76
Merge pull request #1025 from hedgedoc/1.x/replace-request
[1.x] Dependencies: Replace deprecated request library with node-fetch
2021-03-15 21:32:33 +01:00
Renovate Bot
7781306602
Lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-14 18:12:32 +00:00
Renovate Bot
a2a813d64a
Update dependency eslint to v7.22.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-14 18:03:39 +00:00
David Mehren
84e20db4c3
Merge pull request #1027 from hedgedoc/renovate/master-test-packages
Update dependency mocha to v8.3.2 (master)
2021-03-14 19:01:13 +01:00
Renovate Bot
aea402e0d6
Update dependency mocha to v8.3.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-14 16:16:40 +00:00
Renovate Bot
f06a4642ea
Update dependency css-loader to v5.1.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-14 16:16:10 +00:00
Erik Michelson
731fb24500
Replace request library with node-fetch
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2021-03-12 22:27:49 +01:00
Renovate Bot
1f93a795fa
Lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-07 21:37:50 +00:00
Renovate Bot
d87b12a2d2
Update dependency mocha to v8.3.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-07 21:14:55 +00:00
Renovate Bot
04240ba4e3
Update dependency eslint to v7.21.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-05 19:26:00 +00:00
Renovate Bot
c0d703e2b3
Update dependency css-loader to v5.1.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-03-04 19:34:21 +00:00
David Mehren
0db862f3c9
Run database migrations automatically on startup
This commit removes the need for separate migrations with the sequelize-cli
by running them with umzug on application startup.

This is a port of #384

Co-authored-by: Sheogorath <sheogorath@shivering-isles.com>
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-27 21:33:05 +01:00
David Mehren
d98393e431
Merge pull request #889 from hedgedoc/renovate/master-uuid-8.x 2021-02-25 20:49:03 +01:00
Renovate Bot
60b689a56b
Update dependency mini-css-extract-plugin to v1.3.9
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-25 19:02:35 +00:00
Renovate Bot
be5872004a
Update dependency css-loader to v5.1.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-25 16:12:37 +00:00
Renovate Bot
2af4b8d3cc
Update dependency mini-css-extract-plugin to v1.3.8
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-18 19:47:09 +00:00
Renovate Bot
a61d2b8260
Update dependency html-webpack-plugin to v4.5.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-18 15:06:27 +00:00
Renovate Bot
b9ae440d53
Update dependency uuid to v8
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-16 22:25:36 +01:00
Renovate Bot
d4026855dc
Lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-16 21:17:12 +00:00
Renovate Bot
27ffe2515b
Update dependency turndown to v7
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-16 22:06:45 +01:00
Renovate Bot
02d9799c5e
Update dependency mini-css-extract-plugin to v1.3.7
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-16 19:16:17 +00:00
Renovate Bot
b0a45bdf9c
Update linters
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-13 19:16:36 +00:00
Renovate Bot
f0d0070b46
Update dependency markdown-it-mark to v3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-13 19:05:07 +00:00
Yannick Bungers
b01421c470
Merge pull request #841 from hedgedoc/renovate/master-ejs-3.x 2021-02-13 20:03:45 +01:00
Renovate Bot
eaaa929dd2
Update dependency markdown-it-ins to v3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-13 18:34:59 +00:00
Renovate Bot
669c581cd7
Update dependency markdown-it-emoji to v2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-13 18:05:52 +00:00
Renovate Bot
9a3b02a7ae
Update dependency markdown-it-container to v3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-13 17:56:13 +00:00
Renovate Bot
aa101fd3da
Update dependency markdown-it to v12
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-13 17:24:00 +00:00
Renovate Bot
391316fef9
Update dependency highlight.js to v10
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-13 17:07:59 +00:00
Renovate Bot
453faf21e9
Update dependency helmet to v4
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-13 16:01:13 +00:00
Renovate Bot
18b3a98f23
Update dependency sequelize-cli to v6
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-12 23:00:55 +00:00
Renovate Bot
faffe806b7
Update dependency spin.js to v4
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-12 22:25:41 +00:00
Renovate Bot
1153b9a1bb
Update dependency minio to v7
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-12 21:58:43 +00:00
David Mehren
fbac2d7ef8
Merge pull request #895 from hedgedoc/renovate/master-webpack-merge-5.x 2021-02-12 22:53:05 +01:00
Renovate Bot
ac7b9c0e5c
Update dependency ws to v7
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-12 21:39:46 +00:00
Renovate Bot
6b2b0d3b38
Update dependency webpack-merge to v5
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-12 21:35:47 +00:00
Renovate Bot
db292838b6
Update dependency validator to v13
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-12 21:19:34 +00:00
Renovate Bot
40a751ca32
Update dependency visibilityjs to v2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-12 11:45:21 +00:00
Renovate Bot
8faf50d517
Update dependency sqlite3 to v5
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-11 21:33:58 +00:00
David Mehren
e1e7df0f54
Merge pull request #883 from hedgedoc/renovate/master-test-packages
Update dependency mocha to v8.3.0 (master)
2021-02-11 22:24:13 +01:00
David Mehren
3db954dba7
Merge pull request #882 from hedgedoc/renovate/master-linters
Update dependency eslint-plugin-promise to v4.3.1 (master)
2021-02-11 22:23:42 +01:00
Renovate Bot
8f3d0d3de5
Update dependency passport-ldapauth to v3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-11 21:12:57 +00:00
Renovate Bot
b32ac1b03b
Update dependency mocha to v8.3.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-11 21:10:21 +00:00
Renovate Bot
eb69dbb3e3
Update dependency eslint-plugin-promise to v4.3.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-11 21:09:57 +00:00
Renovate Bot
2b3e6f7268
Update dependency passport-saml to v2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-11 20:49:50 +00:00
Renovate Bot
36e786eb8c
Update dependency passport-google-oauth20 to v2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-11 20:35:35 +00:00
David Mehren
b68d1610de
Merge pull request #870 from hedgedoc/renovate/master-passport-gitlab2-5.x
Update dependency passport-gitlab2 to v5 (master)
2021-02-11 21:26:47 +01:00
Renovate Bot
9604bc0d17
Update dependency passport-gitlab2 to v5
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-09 21:24:12 +00:00
Renovate Bot
6d64bd86d3
Update dependency passport-facebook to v3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-09 21:23:55 +00:00
Renovate Bot
c656999e68
Update dependency mocha to v8
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-09 21:05:36 +00:00
David Mehren
9b91836a4b
Merge pull request #865 from hedgedoc/renovate/master-method-override-3.x
Update dependency method-override to v3 (master)
2021-02-09 21:58:04 +01:00
Renovate Bot
e6a1e82f03
Update dependency method-override to v3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-09 19:51:10 +00:00
Renovate Bot
7c35ce5b49
Update dependency list.js to v2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-09 19:49:17 +00:00
David Mehren
7f5ceaa496
Merge pull request #830 from hedgedoc/renovate/master-major-remark-monorepo
Update remark monorepo (master) (major)
2021-02-09 20:41:13 +01:00
Renovate Bot
554a1db487
Update remark monorepo
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-09 19:09:07 +00:00
Renovate Bot
5a2918d855
Update dependency file-saver to v2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-09 19:04:33 +00:00
Renovate Bot
fcc4efb8db
Update dependency ejs to v3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-09 19:04:17 +00:00
Renovate Bot
f2e7361119
Update dependency connect-session-sequelize to v7
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-09 18:06:28 +00:00
David Mehren
472f94877a
Update webpack-cli to 4.5.0
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-08 23:20:15 +01:00
David Mehren
0fc6ee6250
Update url-loader to 4.1.1
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-08 23:19:20 +01:00
David Mehren
28fa996b4f
Update mini-css-extract-plugin to 1.3.6
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-08 23:12:12 +01:00
David Mehren
06830f1f78
Update css-loader to 5.0.2
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-08 23:12:12 +01:00
David Mehren
5c54283b23
Update less to 4.1.1
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-08 23:12:12 +01:00
David Mehren
5f7613b85d
Update less-loader to 7.3.0
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-08 23:12:12 +01:00
Renovate Bot
394d9161e8
Update dependency file-loader to v6
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-08 21:09:27 +00:00
David Mehren
fea78d8ef0
Upgrade to expose-loader 1.0.3
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-08 21:52:34 +01:00
David Mehren
8c60e2159c
Upgrade to imports-loader 1.2.0
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-08 21:52:30 +01:00
Renovate Bot
c5d3e7cda1
Update dependency async to v3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-05 21:18:09 +00:00
Renovate Bot
64e850ce71
Update dependency webpack to v4.46.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-05 20:58:55 +00:00
Renovate Bot
0b203b38e1
chore(deps): update dependency html-webpack-plugin to v4.5.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-02-05 11:46:21 +00:00
David Mehren
f3412146ba
Regenerate yarn.lock
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-14 23:31:53 +01:00
David Mehren
606d92997a
Upgrade to socket.io 2.4.1
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-14 23:31:53 +01:00
David Mehren
a4801187b7
Update yarn.lock
archiver@5.2.0, aws-sdk@2.828.0, file-type@16.2.0, prismjs@1.23.0, socket.io-client@2.4.0, bufferutil@4.0.3, utf-8-validate@5.0.4

Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-14 23:31:53 +01:00
David Mehren
591f0c10f0
Update yarn.lock
Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-27 19:54:06 +01:00
David Mehren
cf4344d9e0
Improve MIME-type checks of uploaded files
This commit adds a check if the MIME-type of the uploaded file (detected using the magic bytes) matches the file extension.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-27 19:51:12 +01:00
David Mehren
7273469022
Update yarn.lock
Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-21 21:20:00 +01:00
David Mehren
96fbee3f86
Merge pull request #629 from hedgedoc/renovate/less-3.x
Update dependency less to v3.13.1
2020-12-21 11:43:15 +01:00
Renovate Bot
4c1419a54e
Update dependency less to v3.13.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-12-18 15:54:19 +00:00
Renovate Bot
344f65ed2c
Update dependency copy-webpack-plugin to v6.4.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-12-16 13:54:40 +00:00
Renovate Bot
b4c6f3b22f
Update dependency less to v3.13.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-12-12 02:11:41 +00:00
Renovate Bot
e4ce3cfc19
Update dependency copy-webpack-plugin to v6.4.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-12-07 15:43:22 +00:00
David Mehren
35f5dfa866
Update yarn.lock
Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-02 21:04:29 +01:00
David Mehren
96d2d23426
Update yarn.lock
Signed-off-by: David Mehren <git@herrmehren.de>
2020-11-29 15:59:01 +01:00
Renan Rodrigues
709b2c101c chore: bump AWS SDK from 2.345.0 to 2.521.0
Signed-off-by: Renan Rodrigues <renanqts@gmail.com>
2020-11-27 16:44:15 +01:00
Renovate Bot
4501fc0e68
Update dependency copy-webpack-plugin to v6.3.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-11-19 16:17:15 +00:00
David Mehren
ed98084c13
Merge pull request #583 from hedgedoc/renovate/tough-cookie-2.x
Update dependency tough-cookie to ~2.5.0
2020-11-17 19:51:43 +01:00
David Mehren
d3b2f482b2
Merge pull request #582 from hedgedoc/renovate/shortid-2.x
Update dependency shortid to v2.2.16
2020-11-17 19:40:00 +01:00
Renovate Bot
5a7adef1db
Update dependency tough-cookie to ~2.5.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-11-17 17:05:24 +00:00
Renovate Bot
6c5bde70bd
Update dependency shortid to v2.2.16
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-11-17 15:44:53 +00:00
Renovate Bot
b107ab7192
Update dependency randomcolor to ^0.6.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-11-17 15:44:33 +00:00
David Mehren
7281876763
Merge pull request #578 from hedgedoc/renovate/i18n-0.x
Update dependency i18n to ^0.13.0
2020-11-17 15:38:58 +01:00
David Mehren
2507ecb938
Merge pull request #579 from hedgedoc/renovate/mini-css-extract-plugin-0.x
Update dependency mini-css-extract-plugin to v0.12.0
2020-11-17 15:37:40 +01:00
Renovate Bot
531ac457ab
Update dependency mini-css-extract-plugin to v0.12.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-11-17 14:07:18 +00:00
David Mehren
2eba521d81
Merge pull request #577 from hedgedoc/renovate/cookie-0.x
Update dependency cookie to ^0.4.0
2020-11-17 15:07:10 +01:00
Renovate Bot
cfd11d22d7
Update dependency i18n to ^0.13.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-11-17 14:06:58 +00:00
Renovate Bot
4f1eaf9d94
Update dependency cookie to ^0.4.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-11-17 13:55:56 +00:00
Renovate Bot
74db870fe3
Pin dependencies
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2020-11-17 13:55:35 +00:00
Tilman Vatteroth
6689be4581
Replace slogan
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2020-11-14 22:23:18 +01:00
Tilman Vatteroth
bc3d895e35
Regenerate yarn.lock
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2020-11-14 21:27:37 +01:00
David Mehren
5bd8d9f03e
Use our fork of CodeMirror
Signed-off-by: David Mehren <git@herrmehren.de>
2020-11-11 20:20:24 +01:00
David Mehren
611a5bc915
Update yarn.lock
Signed-off-by: David Mehren <git@herrmehren.de>
2020-11-10 22:59:21 +01:00
David Mehren
788292e1fd
Upgrade archiver to v5
Breaking changes only include dropping node <8 and glob patterns.

Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-11-10 22:56:00 +01:00
David Mehren
74f38fab50
Upgrade meta-marked
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-11-10 22:56:00 +01:00
David Mehren
29d5015df7
Upgrade js-sequence-diagrams
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-11-10 22:56:00 +01:00
David Mehren
2d5cd01373
Upgrade imgur
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-11-10 22:56:00 +01:00
David Mehren
2f9013cd8a
Upgrade diff-match-patch
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-11-10 22:56:00 +01:00
David Mehren
37c2b12166
Use npm-release of raphael
Other dependencies already depend on npm-releases of this, so it does not seem to make sense to get this via Git.

Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-11-10 22:56:00 +01:00
David Mehren
9f756604fd
Always use ~ to allow minor upgrades of dependencies
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-11-10 22:56:00 +01:00
David Mehren
c5fb4c67a5
Remove unneeded style-loader dependency
Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-11-10 22:56:00 +01:00
David Mehren
724319d355
Update dependencies
chance@1.1.7, express-session@1.17.1, formidable@1.2.2, graceful-fs@4.2.4, handlebars@4.7.6, lutim@1.0.3, mathjax@2.7.9, mermaid@8.5.2, minimist@1.2.5, xss@1.0.8, eslint-plugin-standard@4.0.2, optimize-css-assets-webpack-plugin@5.0.4, remark-cli@8.0.1, webpack@4.44.2

aws-sdk@2.781.0, flowchart.js@1.15.0, helmet@3.23.3, i18n@0.8.6, js-yaml@3.14.0, mariadb@2.5.1, markdown-it-deflist@2.1.0, moment@2.29.1, morgan@1.10.0, mysql2@2.2.5, passport-saml@1.4.2, pdfobject@2.2.4, pg@8.4.2, prismjs@1.22.0, sequelize@5.22.3, sqlite3@4.2.0, winston@3.3.3, copy-webpack-plugin@6.2.1, eslint-plugin-import@2.22.1, html-webpack-plugin@4.5.0, less@3.12.2, style-loader@1.3.0

Signed-off-by: David Mehren <git@herrmehren.de>
Co-authored-by: Yannick Bungers <git@innay.de>
2020-11-10 22:55:55 +01:00
Tilman Vatteroth
8c453c3fca
regenerate yarn.lock
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2020-11-08 22:31:42 +01:00
David Mehren
f7fea81c32
Update copy-webpack-plugin, css-loader, html-webpack-plugin, style-loader, webpack and webpack-cli
Signed-off-by: David Mehren <git@herrmehren.de>
2020-08-19 19:40:17 +02:00
snyk-bot
456ca592dc fix: package.json & yarn.lock to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-590103
2020-08-17 05:34:56 +00:00
snyk-bot
402d5f2f3c fix: package.json & yarn.lock to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-PRISMJS-597628
2020-08-10 05:34:26 +00:00
David Mehren
3db8b0df43
Merge pull request #410 from oupala/feature/markdown-linting 2020-07-10 19:59:32 +02:00
oupala
89895cef2e chore: update yarn.lock
Signed-off-by: oupala <oupala@users.noreply.github.com>
2020-07-10 18:57:59 +02:00
snyk-bot
09d210e70b fix: package.json & yarn.lock to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
2020-07-10 05:35:53 +00:00
Sheogorath
3cc957a88b
Upgrade LDAP-auth to fix RCE in ldapauth dependency
Synk reported an Remote Code Execution vulnerability for the
passport-ldapauth dependency `bunyan`. This RCE is due to wrong command
sanitizing but doesn't only affects the executable the libary provides.
It has no impact on CodiMD.

This patch just updates passport-ldapauth since it's long overdue anyway
and to silence annoying security scanners that pretend this is rather
critical for us.

Reference:
ea21d75f54
https://app.snyk.io/vuln/SNYK-JS-BUNYAN-573166
2020-06-27 13:04:54 +02:00
Sheogorath
d6ce60c86e
Upgrade pg to fix node version 14 compatibility
As @davidmehren figured out, the problem that NodeJS version 14 gets
stuck while CodiMD is starting, was due to the outdated postgres
dependency. The old pg version doesn't work with node version 14 due to
an undocumented API change in the `readyState` in the socket API.

This patch updates the required dependency and this way resolves the
issue.

Reference:
https://github.com/sequelize/sequelize/issues/12158
149f482324

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-06-09 20:26:51 +02:00
Nick Hahn
26144a5091 Update all other dependencies
because I can't figure out how to just update mermaid

Signed-off-by: Nick Hahn <nick.hahn@posteo.de>
2020-05-27 14:10:19 +02:00
Sheogorath
a9fea54db0
Upgrade jquery to 3.5.1
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-05-26 16:16:49 +02:00
snyk-bot
dae60e784d fix: package.json & yarn.lock to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-JQUERY-565129
2020-04-14 05:36:30 +00:00
Sheogorath
afe38bcbb7
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-02-16 23:41:12 +01:00
Sheogorath
8039066f99
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-02-09 14:34:28 +01:00
David Mehren
3e218e2983
Upgrade webpack & plugins
Signed-off-by: David Mehren <dmehren1@gmail.com>
2019-11-23 18:11:17 +01:00
Sheogorath
402dc7095e
Upgrade all ORM/database related packages
This patch provides some major upgrades to all database backend library.
It also fixes an issues that appears since the change from sequelize v3
to v5 where mariadb was originally handled by mysql2 and is now handled
by an own mariadb library.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-10-28 01:43:22 +01:00
Sheogorath
20a67e3446
Update yarn.lock 2019-10-23 21:21:35 +02:00
Sheogorath
09e1584800
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-08-15 23:25:30 +02:00
Sheogorath
c4053ea7ce
Update meta-marked to latest version
Meta-marked 0.4.4 which we used from our git repository contains a
RegexDOS attack in the marked dependency. The dependency was already
updated in our meta-marked repository, but not updated in yarn.

This made us still vulnerable to this ReDOS which was able to cause a
DOS attack on the server when updating a note.

For Details:

https://github.com/markedjs/marked/releases/tag/v0.7.0
https://github.com/markedjs/marked/pull/1515

What is a ReDOS?

A ReDOS attack is a DOS attack where an attacker targets a
not-well-written Regular Expression. Regular expressions try to build a
tree of all possibilities it can match in order to figure out if the
given statement is valid or not. A ReDOS attack abuses this concept by
providing a statement that doesn't match but causes extremly huge trees
that simply lead to exhausting CPU usage.

For more details see: https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS

Credit:

Huge thanks to @bitinerant for finding this and handling it with a
responsible disclosure.

Also thanks to the `marked`-team for fixing things already.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-08-15 23:14:48 +02:00
Sheogorath
7d67566b96
Update yarn.lock 2019-08-01 20:14:48 +02:00
Sheogorath
0d5923d61c
Update sequelize to latest version
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-06-22 16:29:09 +02:00
Sheogorath
502fae70a4
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-06-22 16:23:24 +02:00
Sheogorath
3eca0a74ae
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-30 00:10:44 +02:00
Sheogorath
9101be92ab
Update jQuery to version 3.4.1 2019-05-06 10:42:41 +02:00
Sheogorath
d359d4aa84
Update yarn.lock 2019-04-16 14:31:01 +02:00
Sheogorath
197b0db88f
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-10 13:58:04 +02:00
Sheogorath
b817b9efd9
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-23 13:25:33 +01:00
Sheogorath
b718eac70a
Force upgrade of some outdated dependencies
I don't really like the way to go here, but I guess having those
forcefully upgraded is better than staying around with vulnerable
dependencies.

This patch fixes some vulnerbilities in dependencies that were
categories as high severity.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-02 19:14:12 +01:00
Sheogorath
edfe7fc401
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-02 15:27:16 +01:00
Sheogorath
0d88707475
Update yarn.lock 2019-02-15 15:40:45 +01:00
Sheogorath
3dc40116e4
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-24 12:21:19 +01:00
Sheogorath
5f1406a136
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-18 22:04:22 +01:00
Sheogorath
b40f14f66d
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-12-04 14:04:34 +01:00
Sheogorath
f9929605af
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-21 11:34:56 +01:00
Sheogorath
2d241b9300
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-19 22:06:37 +01:00
Sheogorath
3d1b138a31
Update yarn.lock 2018-11-12 14:27:42 +01:00
MartB
6bce9ac5bf Fix #1016: webpack include defect for scripts and header files.
Signed-off-by: MartB <mart.b@outlook.de>
2018-10-16 11:40:21 +02:00
Sheogorath
a7281a5275
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-11 00:23:23 +02:00
David Mehren
7eed584c01
Update yarn.lock
Signed-off-by: David Mehren <dmehren1@gmail.com>
2018-10-10 22:09:46 +02:00
Sheogorath
c7478c1694
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-09 23:08:57 +02:00
Sheogorath
53ad4ef555
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-06 15:56:18 +02:00
Sheogorath
d9ba11b21a
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-03 19:31:56 +02:00
David Mehren
ce63c1cc1c
Upgrade to Webpack 4 - clean dependencies
Signed-off-by: David Mehren <dmehren1@gmail.com>
2018-09-06 17:26:09 +02:00
David Mehren
29a3813ada
Upgrade to Webpack 4 - first try
Signed-off-by: David Mehren <dmehren1@gmail.com>
2018-09-06 17:26:09 +02:00
Sheogorath
0017ddd310
Update yarn.lock 2018-09-06 15:12:37 +01:00
Sheogorath
53a846bdc5
Update markdown-pdf
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-07-27 14:15:45 +02:00
Sheogorath
bd93269dae
Update yarn.lock 2018-06-30 17:45:26 +02:00
Sheogorath
fe5248acbd
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-30 17:07:53 +02:00
Sheogorath
4fcefebe5c
Update yarn.lock 2018-06-17 23:36:22 +02:00
Sheogorath
b07925b849
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-05 01:43:17 +02:00
Sheogorath
7a91d01830
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-21 23:12:34 +02:00
Sheogorath
43fa5cf57f
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-17 12:20:57 +02:00
Sheogorath
6e6a98b392
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-18 15:36:52 +01:00
Sheogorath
21be5a5517
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-07 11:30:08 +01:00
Sheogorath
6b97dd7aac
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-31 01:16:52 +01:00
Sheogorath
e055f270b4
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-29 22:37:02 +01:00
Sheogorath
4c08afbbb5
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-29 16:38:32 +01:00
Sheogorath
e5074df910
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-24 19:50:09 +01:00
Sheogorath
ae294f51f5
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-17 16:34:56 +01:00
Sheogorath
9c002ce29b Update yarn 2017-11-27 08:14:28 +01:00
Peter Dave Hello
da2426ae3d Update yarn.lock 2017-10-30 00:21:35 +08:00
Wu Cheng-Han
7f52a4b38a Update yarn.lock file 2017-09-27 22:07:55 +08:00
Christian Schuhmann
355c805db8 Update yarn.lock 2017-08-29 16:53:15 +02:00
Max Wu
c37b666915 Merge branch 'master' into BackendRefactor 2017-05-14 17:42:14 +08:00
BoHong Li
ecb0533605 refactor(config.js): Extract config file
* Separate different config source to each files
* Freeze config object
2017-05-08 19:29:07 +08:00
Yukai Huang
db06a51299 Load statusbar template by string-loader 2017-05-07 20:37:26 +08:00
BoHong Li
a1fab034b4 build: Update yarn.lock 2017-03-29 19:05:29 +08:00
BoHong Li
d98993f76e build: Support yarn dependency management system
1. Add yarn.lock to support yarn
2017-03-24 07:18:42 +08:00