Sheogorath
afe38bcbb7
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-02-16 23:41:12 +01:00
Sheogorath
8039066f99
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-02-09 14:34:28 +01:00
David Mehren
3e218e2983
Upgrade webpack & plugins
...
Signed-off-by: David Mehren <dmehren1@gmail.com>
2019-11-23 18:11:17 +01:00
Sheogorath
402dc7095e
Upgrade all ORM/database related packages
...
This patch provides some major upgrades to all database backend library.
It also fixes an issues that appears since the change from sequelize v3
to v5 where mariadb was originally handled by mysql2 and is now handled
by an own mariadb library.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-10-28 01:43:22 +01:00
Sheogorath
20a67e3446
Update yarn.lock
2019-10-23 21:21:35 +02:00
Sheogorath
09e1584800
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-08-15 23:25:30 +02:00
Sheogorath
c4053ea7ce
Update meta-marked to latest version
...
Meta-marked 0.4.4 which we used from our git repository contains a
RegexDOS attack in the marked dependency. The dependency was already
updated in our meta-marked repository, but not updated in yarn.
This made us still vulnerable to this ReDOS which was able to cause a
DOS attack on the server when updating a note.
For Details:
https://github.com/markedjs/marked/releases/tag/v0.7.0
https://github.com/markedjs/marked/pull/1515
What is a ReDOS?
A ReDOS attack is a DOS attack where an attacker targets a
not-well-written Regular Expression. Regular expressions try to build a
tree of all possibilities it can match in order to figure out if the
given statement is valid or not. A ReDOS attack abuses this concept by
providing a statement that doesn't match but causes extremly huge trees
that simply lead to exhausting CPU usage.
For more details see: https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS
Credit:
Huge thanks to @bitinerant for finding this and handling it with a
responsible disclosure.
Also thanks to the `marked`-team for fixing things already.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-08-15 23:14:48 +02:00
Sheogorath
7d67566b96
Update yarn.lock
2019-08-01 20:14:48 +02:00
Sheogorath
0d5923d61c
Update sequelize to latest version
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-06-22 16:29:09 +02:00
Sheogorath
502fae70a4
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-06-22 16:23:24 +02:00
Sheogorath
3eca0a74ae
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-30 00:10:44 +02:00
Sheogorath
9101be92ab
Update jQuery to version 3.4.1
2019-05-06 10:42:41 +02:00
Sheogorath
d359d4aa84
Update yarn.lock
2019-04-16 14:31:01 +02:00
Sheogorath
197b0db88f
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-10 13:58:04 +02:00
Sheogorath
b817b9efd9
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-23 13:25:33 +01:00
Sheogorath
b718eac70a
Force upgrade of some outdated dependencies
...
I don't really like the way to go here, but I guess having those
forcefully upgraded is better than staying around with vulnerable
dependencies.
This patch fixes some vulnerbilities in dependencies that were
categories as high severity.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-02 19:14:12 +01:00
Sheogorath
edfe7fc401
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-02 15:27:16 +01:00
Sheogorath
0d88707475
Update yarn.lock
2019-02-15 15:40:45 +01:00
Sheogorath
3dc40116e4
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-24 12:21:19 +01:00
Sheogorath
5f1406a136
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-18 22:04:22 +01:00
Sheogorath
b40f14f66d
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-12-04 14:04:34 +01:00
Sheogorath
f9929605af
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-21 11:34:56 +01:00
Sheogorath
2d241b9300
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-19 22:06:37 +01:00
Sheogorath
3d1b138a31
Update yarn.lock
2018-11-12 14:27:42 +01:00
MartB
6bce9ac5bf
Fix #1016 : webpack include defect for scripts and header files.
...
Signed-off-by: MartB <mart.b@outlook.de>
2018-10-16 11:40:21 +02:00
Sheogorath
a7281a5275
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-11 00:23:23 +02:00
David Mehren
7eed584c01
Update yarn.lock
...
Signed-off-by: David Mehren <dmehren1@gmail.com>
2018-10-10 22:09:46 +02:00
Sheogorath
c7478c1694
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-09 23:08:57 +02:00
Sheogorath
53ad4ef555
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-06 15:56:18 +02:00
Sheogorath
d9ba11b21a
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-03 19:31:56 +02:00
David Mehren
ce63c1cc1c
Upgrade to Webpack 4 - clean dependencies
...
Signed-off-by: David Mehren <dmehren1@gmail.com>
2018-09-06 17:26:09 +02:00
David Mehren
29a3813ada
Upgrade to Webpack 4 - first try
...
Signed-off-by: David Mehren <dmehren1@gmail.com>
2018-09-06 17:26:09 +02:00
Sheogorath
0017ddd310
Update yarn.lock
2018-09-06 15:12:37 +01:00
Sheogorath
53a846bdc5
Update markdown-pdf
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-07-27 14:15:45 +02:00
Sheogorath
bd93269dae
Update yarn.lock
2018-06-30 17:45:26 +02:00
Sheogorath
fe5248acbd
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-30 17:07:53 +02:00
Sheogorath
4fcefebe5c
Update yarn.lock
2018-06-17 23:36:22 +02:00
Sheogorath
b07925b849
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-05 01:43:17 +02:00
Sheogorath
7a91d01830
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-21 23:12:34 +02:00
Sheogorath
43fa5cf57f
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-17 12:20:57 +02:00
Sheogorath
6e6a98b392
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-18 15:36:52 +01:00
Sheogorath
21be5a5517
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-07 11:30:08 +01:00
Sheogorath
6b97dd7aac
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-31 01:16:52 +01:00
Sheogorath
e055f270b4
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-29 22:37:02 +01:00
Sheogorath
4c08afbbb5
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-29 16:38:32 +01:00
Sheogorath
e5074df910
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-24 19:50:09 +01:00
Sheogorath
ae294f51f5
Update yarn.lock
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-17 16:34:56 +01:00
Sheogorath
9c002ce29b
Update yarn
2017-11-27 08:14:28 +01:00
Peter Dave Hello
da2426ae3d
Update yarn.lock
2017-10-30 00:21:35 +08:00
Wu Cheng-Han
7f52a4b38a
Update yarn.lock file
2017-09-27 22:07:55 +08:00