BoHong Li
5699036509
chore: upgrade socket.io-client to 2.2.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:59:00 +08:00
BoHong Li
71588718b6
chore: upgrade socket.io to 2.2.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:59:00 +08:00
BoHong Li
3d1db55ca4
chore: upgrade shortid to 2.2.14
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:58:59 +08:00
BoHong Li
ae7d15343d
chore: upgrade randomcolor to 0.5.4
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:58:59 +08:00
BoHong Li
721886a90c
chore: upgrade prismjs to 1.17.1
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:58:59 +08:00
BoHong Li
ecd07f9aaa
chore: upgrade pdfobject to 2.1.1
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:48 +08:00
BoHong Li
f7ae705fc8
chore: upgrade mysql to 2.17.1
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:48 +08:00
BoHong Li
1d16e681ee
chore: upgrade minio to 7.0.10
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:47 +08:00
BoHong Li
82b5bc8a1c
chore: upgrade method-override to 3.0.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:47 +08:00
BoHong Li
885fb34c27
chore: upgrade mattermost-redux to 5.13.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:47 +08:00
BoHong Li
b8ffa2f3a0
chore: upgrade mathjax to 2.7.5
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:46 +08:00
BoHong Li
687e707135
chore: upgrade markdown-it-footnote to 3.0.2
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:46 +08:00
BoHong Li
849bcfaa36
chore: upgrade markdown-it-emoji to 1.4.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:46 +08:00
BoHong Li
319f75af15
chore: upgrade markdown-it-deflist to 2.0.3
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:45 +08:00
BoHong Li
9c08b23c9c
chore: upgrade markdown-it to 9.0.1
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:45 +08:00
BoHong Li
d647c44f80
chore: upgrade lodash to 4.17.15
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:45 +08:00
BoHong Li
1b29671f12
chore: upgrade js-cookie to 2.2.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:45 +08:00
BoHong Li
649bb4c4ec
chore: upgrade jquery.js to 3.4.1
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:44 +08:00
BoHong Li
d7e522f6f8
chore: upgrade highlight.js to 9.15.9
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:44 +08:00
BoHong Li
aa87d93f46
chore: upgrade helmet to 3.20.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:44 +08:00
BoHong Li
edc27fa820
chore: upgrade handlebars to 4.1.2
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:43 +08:00
BoHong Li
947c887a58
chore: upgrade graceful-fs to 4.2.1
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:43 +08:00
BoHong Li
b657cc3e82
chore: upgrade fork-awesome to 1.1.7
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:42 +08:00
BoHong Li
05f818ba5d
chore: upgrade flowchart.js to 1.12.2
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:42 +08:00
BoHong Li
86dce4b92c
chore: upgrade file-saver to 2.0.2
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:42 +08:00
BoHong Li
a6799f5eac
chore: upgrade ejs to 2.6.2
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:41 +08:00
BoHong Li
14f44176e8
chore: upgrade cookie-parser to 1.4.4
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:41 +08:00
BoHong Li
ee3c825208
chore: upgrade cookie to 0.4.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:41 +08:00
BoHong Li
b08febc1d9
chore: upgrade body-parser to 1.19.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:40 +08:00
BoHong Li
6729d708b0
chore: upgrade base64url to 3.0.1
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:40 +08:00
BoHong Li
cfda235a64
chore: upgrade azure-storage to 2.10.3
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:40 +08:00
BoHong Li
30473c6b9a
chore: upgrade aws-sdk to 2.503.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:39 +08:00
BoHong Li
7cee10cb64
chore: upgrade archiver to 3.1.1
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:39 +08:00
BoHong Li
e120629272
chore: upgrade diff-match-patch to 1.1.3
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:39 +08:00
BoHong Li
df4741526b
chore: upgrade express and related dependencies
...
upgrade express to 4.17.1
upgrade express-session to 1.16.2
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:38 +08:00
BoHong Li
692e6ab2ed
chore: upgrade standard to 13
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:25 +08:00
BoHong Li
0b2608d476
chore: upgrade style-loader to 0.23.1
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:24 +08:00
BoHong Li
c68dcb7677
chore: upgrade webpack and related dependencies
...
upgrade webpack to 4.39.0
upgrade webpack-cli to 3.3.6
upgrade webpack-merge to 4.2.1
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:24 +08:00
BoHong Li
ab1a3b663e
chore: upgrade spin.js to 4.0.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:24 +08:00
BoHong Li
bccf4583a7
chore: upgrade uuid to 3.3.2
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:23 +08:00
BoHong Li
a0fe065d96
chore: upgrade winston to 3.2.1
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:23 +08:00
BoHong Li
53ae65e95e
chore: upgrade xss to 1.0.6
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:23 +08:00
BoHong Li
a84a333d19
chore: upgrade chance to 1.0.18
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:22 +08:00
BoHong Li
2c3ed673ab
chore: remove compression
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:22 +08:00
BoHong Li
b8b9e208da
chore: uprgade async to 3.1.0
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:22 +08:00
BoHong Li
aeb4049a39
chore: uprgade archiver to 3.0.3
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:21 +08:00
Max Wu
49c6672b95
feat: add support of vega-lite
...
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-08-04 20:16:46 +08:00
Chulki Lee
5ce981859e
Render plantuml only in fence
...
Signed-off-by: Chulki Lee <chulki.lee@gmail.com>
2019-07-31 10:02:07 -07:00
Chulki Lee
1d7895c869
Add plantuml support
...
Signed-off-by: Chulki Lee <chulki.lee@gmail.com>
2019-07-31 10:02:07 -07:00
Max Wu
62918134c0
Merge branch 'develop' into feature/lutim
2019-08-01 00:22:23 +08:00
BoHong Li
c628737411
Merge branch 'develop' into refactor-realtime
...
Signed-off-by: BoHong Li <raccoon@hackmd.io>
# Conflicts:
# README.md
# package.json
2019-07-30 18:20:09 +08:00
Max Wu
a7082633aa
Upgrade mermaid to 8.2.3
...
to avoid XSS inside the svg tag
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-07-28 20:04:41 +08:00
Yukai Huang
d7fa4000c2
Update codemirror to 5.46.2
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-06-27 17:24:47 +08:00
Jenny Danzmayr
df101168d4
updated flowchart.js to v1.12.0
...
Signed-off-by: Jenny Danzmayr <mail@evilscientress.at>
2019-06-24 05:13:13 +02:00
BoHong Li
a1bb450f47
ci: refind config
2019-05-27 17:53:10 +08:00
BoHong Li
cc5aaa1228
chore: cleanup jsonlint output, only show filename and error
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:08 +08:00
BoHong Li
6b549d3642
fix: move babel-polyfill to dependency
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:08 +08:00
BoHong Li
a6036cb70b
refactor: back to use js-standard
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:08 +08:00
BoHong Li
bfb0a66c32
feat: add nyc for unit test code coverage
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:02 +08:00
BoHong Li
5575e08485
refactor: remove compression, response compression is responsibility of load balancer
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:01 +08:00
BoHong Li
8f9cfeec77
remove postintall script
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:01 +08:00
BoHong Li
97aecfa8d9
Merge branch 'master' into upgrade-dependency
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-15 13:13:10 +08:00
BoHong Li
6c137ae6ed
fix: mattermost has been deprecated, use mattermost-redux instead it.
...
1. change mattermost color and gitlab color to official color
2. Add mattermost icon because Fork-awesome/font-awesome doesn’t provide mattermost icon
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-15 13:03:31 +08:00
BoHong Li
013ee9a72e
chore: upgrade dependency
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-15 13:03:31 +08:00
BoHong Li
c8b59e7b30
fix: js-sequence-diagram
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-13 15:08:22 +08:00
BoHong Li
cdf68f7c7e
refactor: use npm version raphael
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:23 +08:00
BoHong Li
4ae1c0ab3e
refactor: replace lz-string with @hackmd/lz-string
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:22 +08:00
BoHong Li
67707d097f
fix: remove string.js for sucurity issue
...
1. Upgrade Imgur to fix npm install
2. Upgrade less version for security
3. Change package name in package.json to fit npm package.json rule
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:22 +08:00
BoHong Li
22b29c42fe
feat: upgrade minimum node support version to 8 LTS
...
BREAKING CHANGE: node version minimum require carbon LTS
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:22 +08:00
BoHong Li
1150dbe73a
fix: upgrade sequelize to latest version to fix CVE
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:21 +08:00
BoHong Li
7fcfbae89f
feat: replace imgur with @hackmd/imgur
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:21 +08:00
BoHong Li
f915957a4f
refactor: replace js-url with wurl (original version of js-url)
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-11 19:35:12 +08:00
BoHong Li
651c11f92a
refactor: replace diff-match-patch to @hackmd/diff-match-patch
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-11 19:35:12 +08:00
BoHong Li
541576d4d0
refactor: replace codemirror to @hackmd/codemirror
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-11 19:04:09 +08:00
BoHong Li
628e679916
refactor: replace Idle.js to @hackmd/idle-js
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-11 18:30:20 +08:00
BoHong Li
c69d91be9f
fix: bump js-sequence-diagrams version to alpha.2 to fix error height measure
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-10 19:39:00 +08:00
BoHong Li
0734f0faa8
fix: js-sequence-diagram not found
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-10 18:34:31 +08:00
BoHong Li
a68d19bc22
fix: scrypt cannot build on some platform, revert the change library commit
...
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-10 18:34:31 +08:00
Sheogorath
50c80c99a4
Release version 1.3.1
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-23 13:27:39 +01:00
Sheogorath
87443dec5f
Release version 1.3.0
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-04 12:37:00 +01:00
Sheogorath
b718eac70a
Force upgrade of some outdated dependencies
...
I don't really like the way to go here, but I guess having those
forcefully upgraded is better than staying around with vulnerable
dependencies.
This patch fixes some vulnerbilities in dependencies that were
categories as high severity.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-02 19:14:12 +01:00
Sheogorath
bce58db97c
Update handlebar to version 4.0.13
...
Synk found an security vulnerbility in the version we provide, that in
theory can provide an RCE.
Details: https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692
2019-02-15 15:40:44 +01:00
Dylan Dervaux
d38931185c
Add lutim dependency
...
Signed-off-by: Dylan Dervaux <dylanderv05@gmail.com>
2019-02-01 12:33:27 +01:00
Claudius Coenen
fa0dea0a1b
Fixing deep dependency problem with node 6.x
...
this commit has been blatantly stolen from @samselikoff in ember-cli-addon-docs. It prevents an issue introduced via a deep dependency that no longer supports node 6 (which we still would like to support).
see: 231275b5a4
see: https://github.com/salesforce/tough-cookie/pull/141
Signed-off-by: Claudius Coenen <opensource@amenthes.de>
2019-01-23 23:37:13 +01:00
Sheogorath
bf229d91c6
Add linting for tests
...
The tests are currently not linted. This causes a different coding style
than the rest of the sources.
This patch adds the `./test` directory to the eslint testing and fixes
linting for existing tests.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-21 17:17:54 +01:00
Sheogorath
d408f4c0fe
Add tests for csp.js
...
Since we lack of tests but got some great point to start, let's write
more tests.
This patch provides some basic tests for our CSP library. It's more an
integration than a unit test, but gets the job done.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-19 13:54:52 +01:00
Sheogorath
62477f0279
Update bootstrap from 3.3.7 to 3.4.0
...
Seems like finally there is a new bootstrap version for old version 3.
This patch implements this new version with CodiMD and this way fixes
some possible security issues in the frontend code.
See:
https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72889
https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72890
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-11 01:56:52 +01:00
Sheogorath
9eb4e545d2
Update SAML to version 1.0.0
...
Seems like there was a security problem with the library.
This patch updates to version 1.0.0 which fixed the details.
Details: https://snyk.io/vuln/SNYK-JS-PASSPORTSAML-72411
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-09 01:15:02 +01:00
Daan Sprenkels
f7bc1e99c0
Remove blueimp-md5 dependency
...
Signed-off-by: Daan Sprenkels <hello@dsprenkels.com>
2018-12-22 19:09:50 +01:00
Daan Sprenkels
318a37d41c
Add a test for gravatar urls
...
Signed-off-by: Daan Sprenkels <hello@dsprenkels.com>
2018-12-22 19:09:45 +01:00
Sheogorath
cf95465103
Update socket.io
...
Our socket.io version is 2.0.4 while the current socket.io version is
2.1.1.
This patch updates socket.io to version 2.1.1 and takes care of the CDN
client version.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-28 13:23:36 +01:00
Christoph (Sheogorath) Kern
8bace89cab
Merge pull request #1072 from SISheogorath/update/doctoc
...
Update doctoc to version 1.4.0
2018-11-24 17:36:16 +01:00
Christoph (Sheogorath) Kern
4856aa2840
Merge pull request #1069 from SISheogorath/fix/to-markdown
...
Update from to-markdown to turndown
2018-11-24 17:35:53 +01:00
Sheogorath
306c25d8f7
Update doctoc to version 1.4.0
...
When installing doctoc it throws some warnings about the markdown-to-ast
package that moved to an own namespace.
This patch updates to the version containing the new, namespaced,
package.
References:
https://github.com/thlorenz/doctoc/pull/151
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-21 16:43:26 +01:00
Sheogorath
1091efc259
Remove node-uuid
...
We currently install `uuid` and `node-uuid`. `node-uuid` is deprecated
in favor of `uuid`. It seems like we already switched a while ago, but
somehow missed to remove the dependency.
This patch does exactly that. It removes the dependency from
`package.json` and this way removes the warning during install about
`node-uuid` being deprecated.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-21 11:38:40 +01:00
Sheogorath
33774c11b9
Update from to-markdown to turndown
...
We got a security alert for a regular expression DoS attack on our used
library `to-markdown`.
After checking `to-markdown` to be maintained or not, it turned out they
renamed the library to `turndown`. So upgrading to `turndown` should fix
this vulnerbility.
References:
https://www.npmjs.com/package/to-markdown
https://github.com/domchristie/turndown/wiki/Migrating-from-to-markdown-to-Turndown
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-21 11:12:09 +01:00
Christoph (Sheogorath) Kern
2323d203b4
Merge pull request #1063 from SISheogorath/fix/nodeVersion
...
After removing ws, node version 10 should work
2018-11-21 01:42:35 +01:00
Sheogorath
cee2aa92f9
Switch scrypt library to a successor
...
Since our previous scrypt library is unmaintained since 3 years, it's
time to look for an alternative.
A refactoring towards another password algorithm was worked on and this
is probably still the way to go. But for now the successor of our
previous library should already be enough.
https://www.npmjs.com/package/scrypt (old library)
https://github.com/ml1nk/node-scrypt (new library)
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-21 01:33:34 +01:00
Sheogorath
bcebf1e8d2
Update reveal.js to version 3.7.0
...
There is a new reveal.js version out. As we try to keep up with
upstream, time to integreate it.
This patch updates reveal.js in for CDN-using instances as well as the
ones using the libraries.
Checked that speaker view in slide mode still works, so no CSP change
needed.
https://github.com/hakimel/reveal.js/releases/tag/3.7.0
2d241b9300/lib/csp.js (L72-L74)
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-19 22:31:05 +01:00
Sheogorath
e3b6bcc5f8
After removing ws, node version 10 should work
...
In my local environment I switched to Fedora 29. Fedora 29 comes with
NodeJS version 10.
As far as I can say, it works, so let's try to remove the restriction to
"<10.x"
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-19 18:42:28 +01:00