renovate[bot]
d00b1c454d
chore(deps): update linters
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-30 10:07:01 +02:00
renovate[bot]
b917a01cb3
chore(deps): update react monorepo to v18.3.1
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 15:00:48 +02:00
renovate[bot]
dce5eaf842
fix(deps): update dependency dompurify to v3.1.6
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:59:15 +02:00
renovate[bot]
318799760e
fix(deps): update dependency @reduxjs/toolkit to v2.2.7
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:57:45 +02:00
renovate[bot]
bf39e79510
fix(deps): update dependency @dicebear/identicon to v7.1.3
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:56:35 +02:00
renovate[bot]
f5072ca20d
fix(deps): update dependency d3-graphviz to v5.6.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:55:36 +02:00
renovate[bot]
9d4763184a
fix(deps): update dependency mermaid to v10.9.1
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:54:41 +02:00
renovate[bot]
15613d57f7
fix(deps): update vega
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:53:31 +02:00
renovate[bot]
be34c3a603
fix(deps): update dependency reveal.js to v5.1.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:51:53 +02:00
renovate[bot]
818e2bcddc
fix(deps): update dependency diff to v5.2.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:48:35 +02:00
renovate[bot]
88c6ee8878
fix(deps): update dependency highlight.js to v11.10.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:47:05 +02:00
renovate[bot]
cf68190284
fix(deps): update dependency luxon to v3.5.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:46:12 +02:00
renovate[bot]
48c0f0125a
fix(deps): update dependency @dicebear/core to v7.1.3
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:44:22 +02:00
renovate[bot]
838a756132
fix(deps): update dependency react-bootstrap-icons to v1.11.4
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:43:08 +02:00
renovate[bot]
9dc0d11be8
fix(deps): update dependency sass to v1.77.8
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:41:36 +02:00
renovate[bot]
69a668e3ac
fix(deps): update dependency tlds to v1.254.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:39:30 +02:00
renovate[bot]
db1d3aca39
fix(deps): update i18next
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:38:52 +02:00
renovate[bot]
89799ebb9a
fix(deps): update dependency abcjs to v6.4.2
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:36:45 +02:00
renovate[bot]
aa76da3821
fix(deps): update dependency emoji-picker-element to v1.22.4
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:35:55 +02:00
renovate[bot]
298d170e08
chore(deps): update testing-library
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 14:32:16 +02:00
renovate[bot]
75ba77f8c0
chore(deps): update dependency dotenv-cli to v7.4.2
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 12:40:57 +02:00
renovate[bot]
722e8ca31b
chore(deps): update codemirror
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 12:15:48 +02:00
renovate[bot]
44d41a5ec5
chore(deps): update yarn to v4.1.1
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-08-29 10:08:54 +00:00
renovate[bot]
c4916704ae
fix(deps): update dependency react-redux to v9.1.2
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:52:17 +00:00
renovate[bot]
d441feb6bb
fix(deps): update i18next
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:40:52 +00:00
renovate[bot]
83ccf48f93
fix(deps): update dependency @dicebear/identicon to v7.0.5
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:40:22 +00:00
renovate[bot]
7cf00fe548
fix(deps): update dependency emoji-picker-element to v1.21.3
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:39:54 +00:00
renovate[bot]
fa5d85fc9e
fix(deps): update dependency sharp to v0.33.5
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:22:05 +00:00
renovate[bot]
6cbc291ec4
fix(deps): update dependency react-use to v17.5.1
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:20:09 +00:00
renovate[bot]
335340e1b1
fix(deps): update dependency react-bootstrap to v2.10.4
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:18:27 +00:00
renovate[bot]
5f438a7e27
fix(deps): update dependency picocolors to v1.0.1
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:16:30 +00:00
renovate[bot]
062d5b34b9
fix(deps): update dependency katex to v0.16.11
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:15:30 +00:00
renovate[bot]
7d4d69c3fd
fix(deps): update dependency emoji-picker-element-data to v1.6.1
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:14:20 +00:00
renovate[bot]
c98fa9ca1a
fix(deps): update dependency dompurify to v3.0.11
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:12:24 +00:00
renovate[bot]
179f671796
fix(deps): update dependency bootstrap to v5.3.3
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:11:31 +00:00
renovate[bot]
e83c083c65
fix(deps): update dependency @orama/orama to v2.0.23
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:10:51 +00:00
renovate[bot]
2fbc425bb3
fix(deps): update dependency @dicebear/core to v7.0.5
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 09:10:06 +00:00
renovate[bot]
180f1d7da3
chore(deps): update nextjs monorepo to v14.1.4
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 08:52:59 +00:00
renovate[bot]
b7c4e0c4a2
chore(deps): update testing-library
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 07:17:25 +00:00
renovate[bot]
e229d93cdd
chore(deps): update linters
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 05:26:16 +00:00
renovate[bot]
e3b93ad9a1
chore(deps): update dependency yjs to v13.6.18
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 05:25:31 +00:00
renovate[bot]
58defe5b3a
chore(deps): update dependency cypress to v13.6.6
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 22:52:41 +00:00
renovate[bot]
2cc71588fe
fix(deps): update dependency ws to v8.17.1 [security]
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 00:43:05 +02:00
renovate[bot]
d31b2af368
chore(deps): update codemirror
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 22:41:17 +00:00
renovate[bot]
14fe9470dd
chore(deps): update node.js to 1a526b9
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 22:07:27 +00:00
Erik Michelson
f9b6f6851b
feat(editor): re-add editor mode buttons (edit/both/view)
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-08-23 18:13:58 +02:00
Erik Michelson
9cbd78f622
fix(frontend): do not hardcode example.org, do not prebuild motd
...
The motd.md is user-supplied and should therefore not be prebuild during
the HedgeDoc build process. As that required the presence of the base
URL which is also not available in the build context, it fell back to
our fallback value example.org, thus breaking offline builds.
By removing the example.org domains and disabling the prebuild for the
motd, this seems fixed.
Co-authored-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-08-07 21:28:17 +02:00
Erik Michelson
1f1231a730
ci: remove netlify deployment workflow
...
This workflow was used in an early stage of development of HedgeDoc 2.
It allowed the core developers to quickly check fixes, improvements or
new features to the HedgeDoc UI without the requirement to check-out
the branch locally. As not every pull request required a deployment,
this workflow was only triggered when the "ci: force deployment"
label was added. Since some time already, the frontend and backend
are so tightly coupled that the netfliy deployment doesn't make any
sense anymore and therefore hasn't been used anymore. This commit
therefore removes this leftover workflow.
@RedYetiDev contacted us privately and reported that this deployment
workflow could have been abused to invoke arbitrary commands, including
extraction of environment variables which include our tokens for the
turborepo build cache or the netlify deployment token. For this it
would have been required that somebody created a "safe" pull request,
which would have been labelled with the deployment label and then
changed afterwards since the workflow checks out the pull request
source repository, not the target. We assured that the label was only
added to pull requests from trusted members of the HedgeDoc core team.
There was never any malicious use of the workflow. Furthermore, no
released versions of HedgeDoc (1.x) could have been affected by this,
even in the worst-case scenario.
We're thankful for putting this risk at our attention!
If you too encounter something unusual regarding security in HedgeDoc
itself or our toolchain around it, don't hesitate to contact us.
Details on this are wriiten in our SECURITY.md in the root of the
repository.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-07-30 08:48:38 +02:00
renovate[bot]
3513377d2d
fix(deps): update dependency next to v14.1.1 [security]
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-10 07:42:49 +00:00
Erik Michelson
6bb2452705
feat(sidebar): add media browser
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-04-18 22:11:49 +02:00