David Mehren
ea7f21e239
Merge pull request #1562 from hedgedoc/release/1.9.0-rc1
...
Release 1.9.0-rc1
2021-08-29 17:58:57 +02:00
David Mehren
8ccbe9b3a3
Update minio and passport-saml
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-29 17:55:19 +02:00
David Mehren
876d31d82a
Update fork-awesome to 1.2.0
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-29 17:55:19 +02:00
David Mehren
2cebf944b3
Update yarn.lock
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-29 17:55:19 +02:00
David Mehren
ca71473ed9
Bump version to 1.9.0-rc1
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-29 17:55:19 +02:00
David Mehren
009aa5ce53
Update aws-sdk to 2.977.0
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-29 17:55:19 +02:00
David Mehren
0d26c921d2
Update meta-marked
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-29 17:55:19 +02:00
David Mehren
30722503c5
Update release notes for 1.9.0-rc1
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-29 17:55:19 +02:00
renovate[bot]
fdac51dd4b
chore(deps): update dependency mocha to v9.1.1 ( #1587 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-28 15:06:02 +00:00
David Mehren
d62b3badad
Merge pull request #1583 from hedgedoc/chore/no_embed_feature
2021-08-27 22:37:20 +02:00
David Mehren
41166a8e01
Merge pull request #1582 from hedgedoc/renovate/master-mermaid-8.x
...
chore(deps): update dependency mermaid to v8.12.0 (master)
2021-08-26 20:27:52 +02:00
David Mehren
c2691210af
Update FAQ link in features page
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-26 20:12:09 +02:00
David Mehren
f2cce60761
Remove embedding from feature page
...
We discourage allowing HedgeDoc to be embedded into other pages in the
FAQ.
Therefore, we should not advertise this feature, especially as it needs
a non-standard config.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-26 20:11:46 +02:00
Renovate Bot
72c4db383d
chore(deps): update dependency mermaid to v8.12.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-08-26 18:00:56 +00:00
Yannick Bungers
74b10d4e9b
Merge pull request #1571 from hedgedoc/chore/remove_tedious
...
Drop support for MS SQL Server
2021-08-26 19:59:56 +02:00
renovate[bot]
2fb83e5a34
chore(deps): update dependency mkdocs-material to v7.2.5 ( #1576 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-25 08:54:44 +00:00
renovate[bot]
b77f183212
chore(deps): update dependency eslint-plugin-import to v2.24.2 ( #1574 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-25 02:26:47 +00:00
David Mehren
7729cc49a7
Drop support for MS SQL Server
...
Sequelize generates invalid SQL for the 'fix-enum' migration from 2018.
Since nobody has complained about this issue since then, we can just
drop support for SQL Server.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-23 17:45:45 +02:00
David Mehren
b87003ea47
Merge pull request #1566 from hedgedoc/renovate/master-test-packages
...
chore(deps): update dependency mocha to v9.1.0 (master)
2021-08-21 11:03:00 +02:00
Renovate Bot
2a53846da6
chore(deps): update dependency mocha to v9.1.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-08-20 08:21:36 +00:00
renovate[bot]
64a6adfbae
chore(deps): update dependency eslint-plugin-import to v2.24.1 ( #1563 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-19 23:31:26 +00:00
David Mehren
e081f7715c
Merge pull request #1559 from hedgedoc/ignore-local-fonts
...
Ignore local installed fonts
2021-08-19 23:13:54 +02:00
David Mehren
e0b5c63f93
Merge pull request #1532 from hedgedoc/docs/faq
2021-08-19 21:31:10 +02:00
David Mehren
c7d581953c
Add heading to FAQ
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-19 20:22:17 +02:00
renovate[bot]
aaa6a701fc
chore(deps): update dependency esbuild-loader to v2.15.1 ( #1561 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-19 18:11:22 +00:00
Erik Michelson
2c180517fd
Add changelog snippet
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2021-08-18 22:59:13 +02:00
Erik Michelson
d641954c73
Ignore local installed fonts
...
There were several reports of HedgeDoc not looking correctly when having some variants of fonts locally installed which HedgeDoc uses. The only way to fix this for the users was to remove the locally installed font or update them to another variant.
As we use woff font files which aren't very heavy in terms of file-size, it seems reasonable to fetch them always from the server (or the local browser cache).
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2021-08-18 22:47:22 +02:00
renovate[bot]
63bac2a44e
chore(deps): update dependency remark-preset-lint-markdown-style-guide to v5.0.1 ( #1556 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-17 16:23:07 +00:00
renovate[bot]
aa2d211fd0
chore(deps): update dependency mermaid to v8.11.5 ( #1551 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-16 15:43:04 +00:00
David Mehren
6837b210f5
Merge pull request #1548 from hedgedoc/renovate/master-webpack-cli-4.x
...
chore(deps): update dependency webpack-cli to v4.8.0 (master)
2021-08-16 14:10:15 +02:00
Renovate Bot
2a6eb4597e
chore(deps): update dependency webpack-cli to v4.8.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2021-08-16 03:29:51 +00:00
renovate[bot]
cbc0dc929f
chore(deps): lock file maintenance ( #1549 )
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-16 03:28:47 +00:00
David Mehren
06a50d5430
Merge pull request #1536 from hedgedoc/misc/changelog_snippets
...
Introduce changelog snippets
2021-08-15 20:14:25 +02:00
David Mehren
957d7d553e
Merge pull request #1394 from hedgedoc/remove-cdn
2021-08-15 20:11:26 +02:00
David Mehren
a1be1c3695
Merge pull request #1539 from hedgedoc/maint/cleanup_eslint_config
...
Cleanup ESLint config
2021-08-15 20:11:18 +02:00
David Mehren
b0db43ac15
Introduce changelog snippets
...
To make life easier for the release manager,
this introduces changelog snippets to the contribution docs
and the PR template.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 20:11:04 +02:00
David Mehren
a865ed0822
Merge pull request #1538 from hedgedoc/fix/secure_cookies
2021-08-15 00:42:52 +02:00
David Mehren
fc1aec6cb4
Merge pull request #1513 from hedgedoc/fix/csp
2021-08-15 00:39:38 +02:00
David Mehren
e6d167c63c
CSP: Allow all sources for media
...
Otherwise, `video` tags and reveal background video
does not work
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:35:57 +02:00
David Mehren
8973e85ba6
Hardcode YouTube and Vimeo URLs to HTTPS
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:31 +02:00
David Mehren
d56ff5bdf3
Fix slideshare CSP error by always using HTTPS
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:31 +02:00
David Mehren
31bfd6d779
Clarify csp.allowFraming
docs
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:31 +02:00
David Mehren
6760739761
Fix CSP tests by filtering out empty array fields
...
In 25f5fd2a the `media-src`, `child-src` and `connect-src`
settings were removed, as they are filled with the `default-src` automatically.
This caused a bug in the test code, as it now tried to access a
nonexistent field of `unextendedCSP`.
This commit adds a filter that removes the empty array field
before converting to a string.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:31 +02:00
David Mehren
2ac89d3334
Use consistent wording in CSP docs
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:31 +02:00
David Mehren
832f3522b3
Add new CSP config options to release notes
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:31 +02:00
David Mehren
6c722f0ad6
Add config option to disallow embedding PDFs
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:31 +02:00
David Mehren
c002c7b681
CSP: Allow self as manifest-src
...
Chrome complains otherwise, as it can't download the Web Manifest.
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:31 +02:00
David Mehren
46cd60c510
CSP: Allow self as frame-src
...
The reveal.js speaker view uses frames to display the slides
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:30 +02:00
David Mehren
1642242078
CSP: Allow styles from /css/
...
Reveal.js styles are hosted there
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:30 +02:00
David Mehren
1c0af5f75d
Cleanup csp.js
...
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-15 00:22:30 +02:00