Commit graph

2280 commits

Author SHA1 Message Date
Christoph (Sheogorath) Kern
2df474b63e
Merge pull request #48 from SISheogorath/fix/graphvizXSS
Fix stored XSS in the graphviz error message rendering
2019-04-16 14:17:10 +02:00
Max Wu
fb399ebe73
Fix stored XSS in the graphviz error message rendering [Security Issue]
Signed-off-by: Max Wu <jackymaxj@gmail.com>

Co-Authored-By: Sheogorath <sheogorath@shivering-isles.com>
2019-04-16 14:05:26 +02:00
Claudius
32d3b914b2 fixing manual upgrade instructions and completing requirements
Signed-off-by: Claudius <opensource@amenthes.de>
2019-04-15 22:25:06 +02:00
Christoph (Sheogorath) Kern
074198f941
Merge pull request #43 from SISheogorath/feature/community
Add community forum to help section
2019-04-12 23:47:51 +02:00
Christoph (Sheogorath) Kern
2b99ed6d53
Merge pull request #42 from SISheogorath/fix/meta-marked
Update meta-marked to fix possible vulnerabilities
2019-04-12 23:33:52 +02:00
Christoph (Sheogorath) Kern
4630c7afea Update zh-CN.json (POEditor.com) 2019-04-12 15:17:52 +02:00
Sheogorath
454b39ac10
Add community forum to help section
We have a community forum and want to use it for users support and to
bring developers and end-users together. In order to achieve this, it
would be helpful to inform users about its existence.

This patch adds the community forum as resource to the help section and
aligns it along the Matrix channel and GitHub issue tracker.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-12 12:29:56 +02:00
Sheogorath
197b0db88f
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-10 13:58:04 +02:00
Sheogorath
32f6037da9
Update yarn to version 1.15.2
The yarn version we use in CI is quite outdated. This brings up the
problem that it doesn't support semver for git repositories. In order to
fix that problem updating yarn seems to be the right thing to do.

This patch should fix the CI problem caused by the semver git URL.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-10 13:40:54 +02:00
Sheogorath
e014a73393
Update meta-marked to fix possible vulnerabilities
Snyk informed us about possible vulnerabilities in meta-marked. It seems
like at least some of them were already address by HackMD around a year
ago but never pushed upstream to CodiMD.

This patch provides a fix by using an up-to-date dependency from our own
repository with CI integration.

Details: https://app.snyk.io/vuln/SNYK-JS-JSYAML-174129

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-10 13:11:57 +02:00
Christoph (Sheogorath) Kern
ef348fc49b
Merge pull request #33 from codimd/lutim-support
Add support for image hosting with lutim
2019-04-10 11:39:11 +02:00
Christoph (Sheogorath) Kern
f541c00bad
Merge pull request #41 from SISheogorath/js-diagram-v2
Fix broken dependency js-sequence-diagrams
2019-04-10 11:38:54 +02:00
Dylan Dervaux
208070d2e7
Add lutim support
Signed-off-by: Dylan Dervaux <dylanderv05@gmail.com>
2019-04-10 01:37:12 +02:00
Sheogorath
1f55150441
Fix broken dependency js-sequence-diagrams
A few days ago the dependency was removed from npm. this causes various
setups to fail and blocks deployments and development.

This patch should fix the dependency and allow CodiMD to move forward.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-10 00:18:24 +02:00
Christoph (Sheogorath) Kern
c6384567b8
Merge pull request #38 from codimd/snyk-fix-d5beoi
[Snyk] Fix for 1 vulnerable dependencies
2019-04-07 22:03:21 +02:00
snyk-bot
502c70008e fix: package.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-JSYAML-174129
2019-04-07 19:49:25 +00:00
Christoph (Sheogorath) Kern
36c083277e
Merge pull request #30 from codimd/samlConfig
Added a configuration option for passport-saml:
2019-04-06 21:35:39 +02:00
Emmanuel Ormancey
df53f465c0
Added a configuration option for passport-saml:
disableRequestedAuthnContext: true|false

By default only Password authmethod is accepted, this option allows any other method.

Issue and option described here:
https://github.com/bergie/passport-saml/issues/226

Signed-off-by: Emmanuel Ormancey <emmanuel.ormancey@cern.ch>
2019-04-06 17:54:58 +02:00
Christoph (Sheogorath) Kern
5379d65edc
Merge pull request #31 from codimd/hidePortMinio
Hide port minio
2019-04-06 17:50:22 +02:00
Thor77
022c7ad616
Hide port from minio URL for protocol default port
Signed-off-by: Thor77 <thor77@thor77.org>
2019-04-06 13:52:49 +02:00
Christoph (Sheogorath) Kern
ee725dc58c
Merge pull request #37 from stragu/patch-1
change default mode to "both" when clicking edit
2019-04-05 13:49:28 +02:00
Stéphane Guillou
afc8541c86 change default mode to "both" when clicking edit
Add "both" mode to URLs because I assume most people want to straight away see the code when they click the "edit" button in a published note.

Fixes https://github.com/codimd/server/issues/27

Not tested, followed instructions from @ccoenen , please do review! :)

Signed-off-by: Stéphane Guillou <stephane.guillou@member.fsf.org>
2019-04-05 20:58:06 +10:00
Christoph (Sheogorath) Kern
fdd912d23a Update sr.json (POEditor.com) 2019-04-04 14:27:27 +02:00
Christoph (Sheogorath) Kern
0d3e065e34
Merge pull request #35 from ccoenen/enhancement/translation-churn
specifying the locale jsons to be in the exact style of poeditor
2019-04-04 13:45:31 +02:00
Claudius
e738efe217 specifying the locale jsons to be in the exact style of poeditor should cut down on unneccessary changes ('churn')
Signed-off-by: Claudius <opensource@amenthes.de>
2019-04-04 12:31:38 +02:00
Christoph (Sheogorath) Kern
279235fbbb Update pl.json (POEditor.com) 2019-04-04 12:05:36 +02:00
Henrik "HerHde" Hüttemann
f13a91c698 Clean up headings
Signed-off-by: Henrik "HerHde" Hüttemann <mail@herh.de>
2019-04-04 00:54:47 +02:00
Claudius Coenen
49539fb27f
tiny correction to url. also adding RSS feed. 2019-04-04 00:34:23 +02:00
Sheogorath
e96c8d1dd4
Update community call URL
We have a discourse forum and since it's the place for all kinds of
community organisation, this should be used for organising the community
calls.

This patch updates the link to the new topic in the forum.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-03 23:56:31 +02:00
Claudius
acd7634fc7 more ways to engage with the community added to the readme
Signed-off-by: Claudius <opensource@amenthes.de>
2019-04-03 23:24:05 +02:00
Christoph (Sheogorath) Kern
07a0594c9a
Merge pull request #22 from SISheogorath/feature/newScreenshot
Add new screenshot
2019-04-02 01:47:48 +02:00
Sheogorath
004b2e51f1
Add new screenshot
The old screenshot is quite dated since it's from the earlier days of
HackMD.

But we developed a lot in the recent years. Changed the name, added a
toolbar, moved buttons, and so on.

This patch should represent those changes in the front page.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-01 23:19:02 +02:00
Henrik Hüttemann
5951dd1805 Add missing space to footer
Signed-off-by: Henrik "HerHde" Hüttemann <mail@herh.de>
2019-04-01 09:47:06 +02:00
Claudius
a140bff47e minor fixes to internal links in documentation 2019-04-01 09:42:33 +02:00
Claudius Coenen
a95f1e9f56
Merge pull request #15 from ccoenen/feature/documentation-overhaul
Documentation overhaul
2019-04-01 01:31:05 +02:00
Claudius
ba6ede57bd moving code of conduct into its own file for better discoverability
Signed-off-by: Claudius <opensource@amenthes.de>
2019-04-01 01:26:42 +02:00
Claudius
33b22cf26f breaking up config docs into sections
Signed-off-by: Claudius <opensource@amenthes.de>
2019-04-01 01:16:24 +02:00
Claudius
54edec8900 striving for consistency across various docs
Signed-off-by: Claudius <opensource@amenthes.de>
2019-04-01 01:03:36 +02:00
Claudius
74fdd26ea0 integrating information from the old wiki
Signed-off-by: Claudius <opensource@amenthes.de>
2019-04-01 01:03:36 +02:00
Claudius
fb973d2a6f removing doctoc, which is no longer being used
Signed-off-by: Claudius <opensource@amenthes.de>
2019-04-01 01:03:36 +02:00
Claudius
edf301cfa3 splitting README.md into files in /docs for better readability
Signed-off-by: Claudius <opensource@amenthes.de>
2019-04-01 01:03:36 +02:00
Christoph (Sheogorath) Kern
3a0ff5edd3
Merge pull request #9 from SISheogorath/feature/moveUpload
Move upload button into toolbar
2019-03-31 15:14:31 +02:00
Christoph (Sheogorath) Kern
948c3367eb
Merge pull request #14 from SISheogorath/fix/LICENSE
Fix LICENSE content
2019-03-31 12:41:49 +02:00
Claudius Coenen
d08d9f34b0
Merge pull request #13 from ccoenen/feature/heroku-cleanup
cleanup of the heroku configuration
2019-03-31 12:41:38 +02:00
Christoph (Sheogorath) Kern
7f04013f4a
Merge pull request #7 from SISheogorath/feature/libravatar
Use libravatar as drop-in replacement for gravatar
2019-03-31 03:30:51 +02:00
Christoph (Sheogorath) Kern
52055ec7b7
Merge pull request #8 from SISheogorath/fix/languages
Fix capital letters in language selection
2019-03-31 03:30:15 +02:00
Sheogorath
962330933d
Fix LICENSE content
It seems like the license was never correctly filled.

This patch updates the LICENSE file to represent members of the
community and major code contributors.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-31 03:27:12 +02:00
Claudius
5c607c4f80 cleanup of the heroku configuration
this removes the general `postinstall` call to `bin/heroku` and instead
puts it into a heroku-prebuild hook. At the same time, env vars get
updated to use the `CMD` prefix. The configured buildpacks were not used.
Finally, npm run build is now automatically
done by Heroku.

Signed-off-by: Claudius <opensource@amenthes.de>
2019-03-31 01:29:34 +01:00
Sheogorath
4ffeab6129
Release version 1.3.2
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-29 12:33:20 +01:00
Sheogorath
16d84926f9
Fix logo URL in app.json
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-29 12:31:18 +01:00