`npm audit` reports a ton of issues on CodiMD. Most of them are minor
issues, but these are still things that should be fixed.
This changes were created by running `npm audit fix`.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Octicon no longer provides its CSS classes and this way is useless in
CodiMD. Replacing all used classes in the UI and remove it from build
system.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
With OpenID every OpenID capable provider can provide authentication for
users of a CodiMD instance. This means we have federated
authentication.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This patch replaces font-awesome with its fork called fork-awesome.
Besides the fact that the newer versions of font-awesome can't be
shipped with distros like debian due to license issues, fork-awesome
also provides more FOSS related icons and builds on top of version 4.7.x
of font-awesome, which we used until this patch.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Since we have an own URL we should use it in here, since CodiMD and
HackMD are really drifting away from each other.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Well, since I'm currently the maintainer of CodiMD, I should maybe
mentioned in the package.json, just in case someone is willing to
contact me about it.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Seems like the old version of helmet had a problem with `data:`. This
patch upgrades to the latest version and adds the CSP rule to allow
Google Fonts and the offline version of it, to properly include the
fonts and no longer throw ugly error messages at us.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Seems like we have to explicitly tell the new webpack version that we
want to use the development environment. This provides us with source
maps and similar.
This patch adds the commandline option in our scripts in package.json
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This reverts commit d2ded08f59.
Seems like the package is used for building the sqlite3 integration.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This dependency where installed, but it seems like they were never used.
Seems like it's a remaining piece from the the prototyping phase of the
project.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
`uws` was deprecated by its maintainer and starts to cause more and more
problems and issue reports. So it's time to replace it and use a
maintained project instead. Lucky us, `uws` and `ws` can be used in an
identical way, without problems. To provide better performance, we
install the optional packages as well.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
To export the notes we need the archiver package that takes care of
creating the zip files.
Looks like I forgot this one in the initial commit.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
There was recently a possible security problem with base64url. Shouldn't
really hit us but it doesn't hurt.
Details: https://snyk.io/vuln/npm:base64url:20180511
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
As we currently may need higher nofile limits than usual/default on
various systems this commit should probide a fix for that an allow to
build HackMD without highering these limits and increase security.
Inspiration was found in a copy-webpack-plugin-issue[1] and found by
@thegcat[2]. Thanks for that!
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
[1]:
https://github.com/webpack-contrib/copy-webpack-plugin/issues/59#issuecomment-228563990
[2]: https://github.com/thegcat
This commit extends the find command to also match the example config
file.
This should validate the syntax or this file to prevent syntax errors
for future pull request.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>