Raccoon
f8364c4118
chore: add .nvmrc to fix node version
...
we're use node.js dubnium lts (10.20.1) for docker image.
therefor add .nvmrc to specify node.js version
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-19 02:08:48 +08:00
Max Wu
89a0de4205
Merge pull request #1515 from hackmdio/release-2.1.0
2020-05-18 21:19:54 +08:00
Raccoon
720348a84b
chore: bump 2.1.0
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-18 21:12:42 +08:00
Max Wu
fb1e07d203
Merge pull request #1519 from hackmdio/fix/photomjs
2020-05-18 21:04:33 +08:00
Raccoon
b87500f866
fix: photomjs dep.
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-18 20:59:53 +08:00
Raccoon
1c38d2477d
Merge pull request #1518 from hackmdio/feat/node-10-build
...
Change to use nodejs 10.20.1
2020-05-18 13:20:51 +08:00
Raccoon
41519b13df
fix: build
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-18 04:26:43 +08:00
Raccoon
209cd29b71
feat: change base image to node 10.20.1
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-17 19:48:17 +08:00
Raccoon
168fdf35c3
Merge branch 'develop' into release-2.1.0
2020-05-17 13:38:03 +08:00
Raccoon
641e569a49
Merge pull request #1517 from hackmdio/fix/getStatus
...
Fix getStatus caused "TypeError: Converting circular structure to JSON"
2020-05-17 13:31:03 +08:00
Raccoon
ac6021a579
fix: returning 500 when getStatus failed
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-17 03:25:57 +08:00
Raccoon
a3742e4564
fix: getStatus should reject promise
...
1. reject promise when getStatus failed
2. change to use promise-way call getStatus in debug message
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-17 03:25:20 +08:00
Raccoon
9c479dd574
Merge branch 'master' into release-2.1.0
2020-05-15 16:50:15 +08:00
Raccoon
54ab0a08de
Merge pull request #1512 from stregouet/oauth2-state
...
fix: add state parameter for oauth2
2020-05-13 16:26:26 +08:00
Raccoon
20bacfbaf1
Merge pull request #1507 from tarlety/feature-metrics-merge-develop
...
Exporting metrics for node.js, express, router, and codimd realtime status.
2020-05-13 16:25:38 +08:00
Samuel Trégouët
6ff6d215ab
fix: add state parameter for oauth2
...
state parameter is recommended with oauth2 authentification
to mitigate CSRF attacks (see [1]).
hydra [2] will throw the following error message if state is
missing:
description="The state is missing or has less than 8 characters and is therefore considered too weak" error=invalid_state hint="Request
parameter \"state\" must be at least be 8 characters long to ensure sufficient entropy."
[1]: https://auth0.com/docs/protocols/oauth2/oauth-state
[2]: https://www.ory.sh/hydra/
Signed-off-by: Samuel Trégouët <samuel.tregouet@gmail.com>
2020-05-11 15:59:49 +02:00
Raccoon
a6c7582aa2
Merge pull request #1500 from ldruschk/fix-internal-server-error-freeurl-not-logged-in
...
return errorForbidden when anonymous user tries to create freeUrl pad
2020-05-11 16:05:20 +08:00
tarlety
ac31e51d67
Fix session flood issue after prometheus metrics are implemented.
...
Root cause:
- prometheus metrics '/metrics/codimd' exported by 3ca0341 are still in 'routes need sessions' section.
- prometheus scrapes metrics repeatedly.
- new session created every time while prometheus scrapes metrics '/metrics/codimd'.
Solution:
- move /metrics/codimd from lib/routes.js to lib/metrics.js.
- move /metrics/codimd from section 'routes need sessions' of app.js to 'routes without sessions'.
Signed-off-by: tarlety <tarlety@gmail.com>
2020-05-04 20:57:46 +08:00
tarlety
6c4fd144f5
Fix test:ci error in app.js.
...
Signed-off-by: tarlety <tarlety@gmail.com>
2020-05-02 00:31:34 +08:00
tarlety
09eb8556db
Exporting metrics for node.js, express, router, and codimd realtime status.
...
1. **/metrics/router** : exporting node.js/express Prometheus metrics by
[prometheus-api-metrics](https://www.npmjs.com/package/prometheus-api-metrics )
2. **/metrics/codimd** : exporting codimd realtime status (/status) as
Prometheus metrics
Signed-off-by: tarlety <tarlety@gmail.com>
2020-05-01 22:17:22 +08:00
Daniele Ricci
5463c8412c
Use array for tags when available ( close #1496 )
...
Signed-off-by: Daniele Ricci <daniele@casaricci.it>
2020-04-30 20:31:22 +02:00
Lucas Druschke
bcd92f500f
return errorForbidden when anonymous user tries to create freeUrl pad ( closes #1499 )
...
Signed-off-by: Lucas Druschke <ldruschk@posteo.de>
2020-04-29 22:42:56 +02:00
zent00
65222df23c
fix typography of footer
...
Signed-off-by: zent00 <rainylau@gmail.com>
2020-04-29 18:35:28 +08:00
zent00
b2af9d9fb7
Update zh-CN.json
...
Signed-off-by: zent00 <rainylau@gmail.com>
2020-04-28 14:50:02 +08:00
Yukai Huang
4fd6293963
Merge pull request #1490 from alphagov/fix-avatars
2020-04-25 14:53:57 +08:00
Yukai Huang
662bb87268
Merge pull request #1488 from hackmdio/feature/fence-params
2020-04-25 14:40:03 +08:00
Rafal Proszowski
e1977a1da7
Fix GitHub's avatar URL
...
At the moment, the URL is being composed and modified with the use of
string composition.
This causes issues, if the URL returned by GitHub slightly differs from
the time developer initially had a look into it.
In our case, the URL from GitHub has two query parameters in it, whilst
the codebase only expected one.
This change will take all of these parameters and only set the one we
care about, whilst leaving others intact and carry on with the full URL.
Fixes #1489
Signed-off-by: Rafal Proszowski <paroxp@gmail.com>
2020-04-20 12:25:32 +01:00
Yukai Huang
d7cc95129d
Merge pull request #1474 from binotaliu/switch-scrypt-kdf
...
Replace scrypt with scrypt-kdf
2020-04-20 00:19:51 +08:00
BinotaLIU
d4d0120ab7
prevert directly call of User.hashPassword()
...
this preverted changes made in 7b8576d. now we use hooks to hash password.
no need to call User.hashPassword() manually.
Signed-off-by: BinotaLIU <me@binota.org>
2020-04-20 00:04:13 +08:00
BinotaLIU
027195e973
add hooks for hash password
...
Signed-off-by: BinotaLIU <me@binota.org>
2020-04-20 00:04:13 +08:00
BinotaLIU
d99346f037
update minimal required node version to 10 (Debnium)
...
Signed-off-by: BinotaLIU <me@binota.org>
2020-04-20 00:04:12 +08:00
BinotaLIU
f618576193
use async hashPassword/verifyPassword
...
Signed-off-by: BinotaLIU <me@binota.org>
2020-04-20 00:04:12 +08:00
BinotaLIU
ec206db173
add methods for password hashing in User model
...
Signed-off-by: BinotaLIU <me@binota.org>
2020-04-20 00:04:12 +08:00
BinotaLIU
527c3ae7d9
remove scrypt && install scrypt-kdf
...
Signed-off-by: BinotaLIU <me@binota.org>
2020-04-20 00:04:12 +08:00
Yukai Huang
4a748cb53f
Merge pull request #1484 from hackmdio:feat/optimize-module-size
...
Feat/optimize module size
2020-04-19 20:14:15 +08:00
Yukai Huang
77f4b0590a
Support brace wrapped param in fence lang
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-04-19 16:52:24 +08:00
Raccoon
b36648a928
feat: add codemirror support markmap syntax
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-04-13 15:15:32 +08:00
Raccoon
e8b1a679b3
style: markmap style on slide mode
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-04-12 17:06:20 +08:00
Raccoon
99afa20e34
fix: lint
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-04-12 16:36:46 +08:00
Raccoon
2fe10a78b7
chore: change aws-sdk to @aws-sdk/client-s3-node, reduced module size
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-04-12 02:24:35 +08:00
Raccoon
a048b587af
chore: move frontend package to devDependencies
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-04-12 02:21:22 +08:00
Raccoon
421ccbfc25
fix: lutim not required properly
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-04-12 02:11:43 +08:00
Raccoon
65b040545c
style: fix markmap height to 300px
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-04-12 00:59:12 +08:00
Raccoon
fb02ee3922
feat: add mindmap-lib support
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-04-11 23:49:47 +08:00
Raccoon
36e373eb69
fix: server not stop when app cannot connect to db
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-04-11 05:37:50 +08:00
Yukai Huang
e29422fa6e
Merge pull request #1477 from hackmdio/release/2.0.1
...
Release 2.0.1
2020-04-09 22:52:52 +08:00
Max Wu
e07884cc33
fix: heading level in release notes
...
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2020-04-09 22:43:00 +08:00
Max Wu
04853ea121
Update 2.0.1 release note
...
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2020-04-09 22:43:00 +08:00
Max Wu
766d4b1b43
Bump version to 2.0.1
...
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2020-04-09 22:43:00 +08:00
Raccoon
e72bcfe0ea
Merge pull request #1459 from hackmdio/feat/improve-version-check
...
Improve version checker behavior
2020-04-05 15:36:10 +08:00