BoHong Li
53ae65e95e
chore: upgrade xss to 1.0.6
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:23 +08:00
BoHong Li
a84a333d19
chore: upgrade chance to 1.0.18
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:22 +08:00
BoHong Li
2c3ed673ab
chore: remove compression
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:22 +08:00
BoHong Li
b8b9e208da
chore: uprgade async to 3.1.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:22 +08:00
BoHong Li
aeb4049a39
chore: uprgade archiver to 3.0.3
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:21 +08:00
Chulki Lee
5ce981859e
Render plantuml only in fence
...
Signed-off-by: Chulki Lee <chulki.lee@gmail.com>
2019-07-31 10:02:07 -07:00
Chulki Lee
1d7895c869
Add plantuml support
...
Signed-off-by: Chulki Lee <chulki.lee@gmail.com>
2019-07-31 10:02:07 -07:00
Max Wu
62918134c0
Merge branch 'develop' into feature/lutim
2019-08-01 00:22:23 +08:00
BoHong Li
c628737411
Merge branch 'develop' into refactor-realtime
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
# Conflicts:
# README.md
# package.json
2019-07-30 18:20:09 +08:00
Max Wu
a7082633aa
Upgrade mermaid to 8.2.3
...
to avoid XSS inside the svg tag
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-07-28 20:04:41 +08:00
Yukai Huang
d7fa4000c2
Update codemirror to 5.46.2
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-06-27 17:24:47 +08:00
Jenny Danzmayr
df101168d4
updated flowchart.js to v1.12.0
...
Signed-off-by: Jenny Danzmayr <mail@evilscientress.at>
2019-06-24 05:13:13 +02:00
BoHong Li
a1bb450f47
ci: refind config
2019-05-27 17:53:10 +08:00
BoHong Li
cc5aaa1228
chore: cleanup jsonlint output, only show filename and error
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:08 +08:00
BoHong Li
6b549d3642
fix: move babel-polyfill to dependency
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:08 +08:00
BoHong Li
a6036cb70b
refactor: back to use js-standard
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:08 +08:00
BoHong Li
bfb0a66c32
feat: add nyc for unit test code coverage
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:02 +08:00
BoHong Li
5575e08485
refactor: remove compression, response compression is responsibility of load balancer
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:01 +08:00
BoHong Li
8f9cfeec77
remove postintall script
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:01 +08:00
BoHong Li
97aecfa8d9
Merge branch 'master' into upgrade-dependency
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-15 13:13:10 +08:00
BoHong Li
6c137ae6ed
fix: mattermost has been deprecated, use mattermost-redux instead it.
...
1. change mattermost color and gitlab color to official color
2. Add mattermost icon because Fork-awesome/font-awesome doesn’t provide mattermost icon
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-15 13:03:31 +08:00
BoHong Li
013ee9a72e
chore: upgrade dependency
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-15 13:03:31 +08:00
BoHong Li
c8b59e7b30
fix: js-sequence-diagram
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-13 15:08:22 +08:00
BoHong Li
cdf68f7c7e
refactor: use npm version raphael
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:23 +08:00
BoHong Li
4ae1c0ab3e
refactor: replace lz-string with @hackmd/lz-string
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:22 +08:00
BoHong Li
67707d097f
fix: remove string.js for sucurity issue
...
1. Upgrade Imgur to fix npm install
2. Upgrade less version for security
3. Change package name in package.json to fit npm package.json rule
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:22 +08:00
BoHong Li
22b29c42fe
feat: upgrade minimum node support version to 8 LTS
...
BREAKING CHANGE: node version minimum require carbon LTS
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:22 +08:00
BoHong Li
1150dbe73a
fix: upgrade sequelize to latest version to fix CVE
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:21 +08:00
BoHong Li
7fcfbae89f
feat: replace imgur with @hackmd/imgur
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:21 +08:00
BoHong Li
f915957a4f
refactor: replace js-url with wurl (original version of js-url)
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-11 19:35:12 +08:00
BoHong Li
651c11f92a
refactor: replace diff-match-patch to @hackmd/diff-match-patch
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-11 19:35:12 +08:00
BoHong Li
541576d4d0
refactor: replace codemirror to @hackmd/codemirror
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-11 19:04:09 +08:00
BoHong Li
628e679916
refactor: replace Idle.js to @hackmd/idle-js
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-11 18:30:20 +08:00
BoHong Li
c69d91be9f
fix: bump js-sequence-diagrams version to alpha.2 to fix error height measure
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-10 19:39:00 +08:00
BoHong Li
0734f0faa8
fix: js-sequence-diagram not found
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-10 18:34:31 +08:00
BoHong Li
a68d19bc22
fix: scrypt cannot build on some platform, revert the change library commit
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-10 18:34:31 +08:00
Sheogorath
50c80c99a4
Release version 1.3.1
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-23 13:27:39 +01:00
Sheogorath
87443dec5f
Release version 1.3.0
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-04 12:37:00 +01:00
Sheogorath
b718eac70a
Force upgrade of some outdated dependencies
...
I don't really like the way to go here, but I guess having those
forcefully upgraded is better than staying around with vulnerable
dependencies.
This patch fixes some vulnerbilities in dependencies that were
categories as high severity.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-02 19:14:12 +01:00
Sheogorath
bce58db97c
Update handlebar to version 4.0.13
...
Synk found an security vulnerbility in the version we provide, that in
theory can provide an RCE.
Details: https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692
2019-02-15 15:40:44 +01:00
Dylan Dervaux
d38931185c
Add lutim dependency
...
Signed-off-by: Dylan Dervaux <dylanderv05@gmail.com>
2019-02-01 12:33:27 +01:00
Claudius Coenen
fa0dea0a1b
Fixing deep dependency problem with node 6.x
...
this commit has been blatantly stolen from @samselikoff in ember-cli-addon-docs. It prevents an issue introduced via a deep dependency that no longer supports node 6 (which we still would like to support).
see: 231275b5a4
see: https://github.com/salesforce/tough-cookie/pull/141
Signed-off-by: Claudius Coenen <opensource@amenthes.de>
2019-01-23 23:37:13 +01:00
Sheogorath
bf229d91c6
Add linting for tests
...
The tests are currently not linted. This causes a different coding style
than the rest of the sources.
This patch adds the `./test` directory to the eslint testing and fixes
linting for existing tests.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-21 17:17:54 +01:00
Sheogorath
d408f4c0fe
Add tests for csp.js
...
Since we lack of tests but got some great point to start, let's write
more tests.
This patch provides some basic tests for our CSP library. It's more an
integration than a unit test, but gets the job done.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-19 13:54:52 +01:00
Sheogorath
62477f0279
Update bootstrap from 3.3.7 to 3.4.0
...
Seems like finally there is a new bootstrap version for old version 3.
This patch implements this new version with CodiMD and this way fixes
some possible security issues in the frontend code.
See:
https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72889
https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72890
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-11 01:56:52 +01:00
Sheogorath
9eb4e545d2
Update SAML to version 1.0.0
...
Seems like there was a security problem with the library.
This patch updates to version 1.0.0 which fixed the details.
Details: https://snyk.io/vuln/SNYK-JS-PASSPORTSAML-72411
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-09 01:15:02 +01:00
Daan Sprenkels
f7bc1e99c0
Remove blueimp-md5 dependency
...
Signed-off-by: Daan Sprenkels <hello@dsprenkels.com>
2018-12-22 19:09:50 +01:00
Daan Sprenkels
318a37d41c
Add a test for gravatar urls
...
Signed-off-by: Daan Sprenkels <hello@dsprenkels.com>
2018-12-22 19:09:45 +01:00
Sheogorath
cf95465103
Update socket.io
...
Our socket.io version is 2.0.4 while the current socket.io version is
2.1.1.
This patch updates socket.io to version 2.1.1 and takes care of the CDN
client version.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-28 13:23:36 +01:00
Christoph (Sheogorath) Kern
8bace89cab
Merge pull request #1072 from SISheogorath/update/doctoc
...
Update doctoc to version 1.4.0
2018-11-24 17:36:16 +01:00