Commit Graph

350 Commits

Author SHA1 Message Date
Christoph (Sheogorath) Kern f6df2deb84
Merge pull request #743 from hackmdio/fix-to-use-url-safe-base64
Fix to use url-safe base64 in note url
2018-03-18 15:13:06 +01:00
David Mehren 7904558292
Remove engine.io-client dependency and fix webpack config
Signed-off-by: David Mehren <dmehren1@gmail.com>
2018-03-06 14:45:14 +01:00
Max Wu baa0418fb5 Remove and replace all note id compression in LZString with base64url
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-02-26 16:43:29 +08:00
Sheogorath faa839ed3a
Use jq instead of jsonlint
As the jsonlint package from NPM causes problems and looks unmaintained,
it'll be replaced with `jq` a well maintained project which allows to
search through JSON files in a `grep`-like style, but knowing the JSON
structure.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-02-19 19:50:01 +01:00
Sheogorath a01b4a843c
Update socket.io to version 2.0.4
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-30 19:44:32 +01:00
Dario Ernst 9e0359e079 Add simple user-management tool for emailsignin …
Currently, administrators of closed instances need to manually fiddle in
their databases for user-management.
This commit adds a small commandline utility that allows to create and
delete users.

Signed-off-by: Dario Ernst <dario@kanojo.de>
2018-01-29 19:49:04 +01:00
Wu Cheng-Han 3c473e60a6 Upgrade reveal.js to 3.6.0 and useCDN option for CSS include 2018-01-29 13:09:52 +08:00
Christoph (Sheogorath) Kern eec2318bda
Merge pull request #506 from erasys/minio
Add support for minio
2018-01-23 11:43:24 +01:00
Christoph (Sheogorath) Kern 7de6e3211f
Merge pull request #598 from xxyy/feature/csp
Implement basic CSP support
2018-01-22 20:43:46 +01:00
Sheogorath 40d1d75704
Release 1.0.1-ce 2018-01-19 14:40:15 +01:00
Sheogorath 11a5dd0eb4
Release 1.0.0-ce 2018-01-18 13:03:18 +01:00
Max Wu 1b7d621fd1
Merge pull request #578 from hackmdio/licenseChangeAgreement
License Change Agreement
2017-12-07 06:54:12 +08:00
Norihito Nakae 4a4ae9d332 Initial support for SAML authentication 2017-11-28 18:52:24 +09:00
Literallie 3a752fde51
Revert "Load js-url lib using legacy-loader"
Didn't work in Firefox for some reason.

`[Script Loader] ReferenceError: module is not defined`

This reverts commit 5b83deb043.
2017-11-02 17:57:44 +01:00
Christoph Witzany 5cda55086a Add mattermost authentication 2017-10-31 10:34:51 +01:00
Peter Dave Hello f896432250 Upgrade mermaid to v7.1.0, fix #600 2017-10-30 00:18:53 +08:00
Sheogorath 94021e2d34 Merge pull request #574 from PeterDaveHello/README.md-Table-of-Contents
Add "Table of Contents" in README.md
2017-10-27 11:51:50 +02:00
Literallie 5b83deb043
Load js-url lib using legacy-loader
Doesn't use eval, plus no window object access
2017-10-22 00:03:45 +02:00
Literallie 080436aebb
CSP: Add nonce to slide view inline JS 2017-10-22 00:03:45 +02:00
Peter Dave Hello f70d2df1be Add jsonlint script to ensure all json files are valid 2017-10-14 00:19:32 +08:00
Peter Dave Hello 0864b06e0c Integrate npm package "doctoc" to update README.md 2017-10-13 16:21:25 +08:00
Wu Cheng-Han bee5e2a558 Update license field in package.json 2017-10-13 01:56:13 +08:00
Marc Deop 2c780f53df
Add support for minio 2017-08-30 18:58:34 +02:00
Bryan Davis 723c9d79b6 Use git URLs in package.json
Using the "github:..." form to declare a dependency in package.json
makes npm attempt to install the package using an ssh clone rather than
an https clone. Some deployment environments may not allow ssh access
to external servers which will prevent the clones from succeeding. Using
the "git+https://..." form will clone the same repo from GitHub without
requiring ssh connectivity.
2017-07-01 15:41:56 -06:00
Sheogorath 8acceb28ed
Use non-zero exit codes when build fails 2017-06-03 18:22:37 +02:00
Max Wu c37b666915 Merge branch 'master' into BackendRefactor 2017-05-14 17:42:14 +08:00
BoHong Li ecb0533605 refactor(config.js): Extract config file
* Separate different config source to each files
* Freeze config object
2017-05-08 19:29:07 +08:00
Yukai Huang db06a51299 Load statusbar template by string-loader 2017-05-07 20:37:26 +08:00
Wu Cheng-Han 1d51fdaa7c chore(build): Upgrade uws to 0.14.1, other npm version have been removed 2017-03-29 12:43:03 +08:00
Wu Cheng-Han 1c6f5d272f style: Fix missing newline in variables 2017-03-29 12:41:23 +08:00
Wu Cheng-Han 7e3b74d0da Mark as 0.5.1 2017-03-23 00:22:44 +08:00
Max Wu f6bd238b0f Merge pull request #387 from hackmdio/cm-refactor
Extract CodeMirror instance
2017-03-14 23:11:56 +08:00
Wu Cheng-Han f55a4b8497 Update to fix pagination error in list.js over v1.5.0 2017-03-14 23:08:15 +08:00
Yukai Huang 24f1413654 Add inlineAttachment to global 2017-03-13 22:00:29 +08:00
Yukai Huang b4424419c0 Add standarjs globals 2017-03-13 21:42:09 +08:00
BoHong Li 6cf06837f8 Remove eslint
1. Remove eslint , bacause we use JavaScript Standard Style.
2. Add lts/boron version to travis CI, web use it in docker version

Signed-off-by: BoHong Li <a60814billy@gmail.com>
2017-03-13 02:23:58 +08:00
BoHong Li 4889e9732d Use JavaScript Standard Style
Introduce JavaScript Standard Style as project style rule,
and fixed all fail on backend code.
2017-03-08 18:45:51 +08:00
bananaappletw 40dfffd4f4 Using package.json to test lint instead
Exclude *.min.js from eslint
2017-02-16 13:05:46 +08:00
bananaappletw af783b2746 Update node dependency up to 6.x in package.json 2017-02-15 19:17:51 +08:00
bananaappletw 4198d0d560 Add travis ci 2017-02-15 19:11:53 +08:00
Wu Cheng-Han 15bf2b6da8 Update webpack config to use parallel uglify plugin to speed up production build 2017-02-03 22:05:09 +08:00
Wu Cheng-Han 5ce5d4cd84 Update to use babel-polyfill to support ES6 features in old browsers 2017-02-03 22:04:43 +08:00
Wu Cheng-Han 4dbafe62a3 Upgrade mermaid to support class diagram 2017-02-02 23:28:05 +08:00
Wu Cheng-Han 3df5507589 Upgrade viz.js to fix manual workaround and get smaller file size 2017-02-02 23:27:34 +08:00
Yukai Huang 26d8942852 Revert experimental vue for now 2017-01-21 12:30:55 +08:00
Yukai Huang 3d6b319216 Merge branch 'master' into frontend-next 2017-01-13 22:53:33 +08:00
Max Wu b13635aac9 Merge pull request #279 from alecdwm/ldap-auth
Support for LDAP server authentication
2017-01-09 00:49:40 +08:00
alecdwm b044c2ae19 Use randomcolor not seedrandom for avatar backgrounds 2017-01-06 07:08:07 +01:00
alecdwm 01361afa7a Profile pictures for LDAP users 2017-01-06 05:37:40 +01:00
bananaappletw 78c51e5e88 Revert "Rename npm script"
This reverts commit ed83dfc862.
2017-01-04 14:30:47 +08:00
Yukai Huang 65acaea8cf Merge branch 'master' into frontend-next 2017-01-02 15:09:19 +08:00
Wu Cheng-Han bd4335964d Mark as 0.5.0 2017-01-02 11:19:01 +08:00
Wu Cheng-Han 6ac1df5965 Update dependencies 2017-01-02 11:17:23 +08:00
Yukai Huang 99dd107724 Basic setup for Vue app 2016-12-24 11:50:57 +08:00
Yukai Huang a06fad974e Install vue and babel dependency 2016-12-24 11:10:18 +08:00
Wu Cheng-Han 39521f25a7 Mark as 0.4.6 2016-12-19 17:30:33 +08:00
Wu Cheng-Han 276d500406 Upgrade dependencies 2016-12-19 16:20:27 +08:00
Wu Cheng-Han c6742e50ee Remove unused vendor code and add missing dependency 2016-12-19 16:13:56 +08:00
Wu Cheng-Han 59725e9390 Remove unused dependencies 2016-12-18 22:54:00 +08:00
alecdwm 02e9927714 Initial support for LDAP server authentication
Limitations as of this commit:

- tlsOptions can only be specified in config.json, not as env vars
- authentication failures are not yet gracefully handled by the UI
  - instead the error message is shown on a blank page (/auth/ldap)
- no email address is associated with the LDAP user's account
- no picture/profile URL is associated with the LDAP user's account
- we might have to generate our own access + refresh tokens,
  because we aren't using oauth. The currently generated
  tokens are just a placeholder.
- 'LDAP Sign in' needs to be translated to each locale
2016-12-13 22:41:07 +01:00
Yukai Huang 9e6fd505e1 Remove bower occurences 2016-12-11 11:18:08 +08:00
Yukai Huang ed83dfc862 Rename npm script
webpack scripts are meant to “build” assets, so place them under the same namespace

* dev => build:dev
* build => build:prod
2016-12-10 22:12:07 +08:00
Yukai Huang 65a1a62cc0 Drop nodemon dependency
Sometimes nodemon not reload source code correctly, so simply drop it.
2016-12-10 22:09:50 +08:00
Wu Cheng-Han 5958654ea4 Remove preprocess image on upload image or it will losing support of image some formats 2016-12-03 14:37:12 +08:00
Wu Cheng-Han 840cac7435 Add delay to throttle nodemon in dev script 2016-12-02 02:24:12 +08:00
Wu Cheng-Han a73d9ce39e Update to support optional email register and signin 2016-12-02 01:58:14 +08:00
Wu Cheng-Han b081302f3d Remove webpack shell plugin for webpack because it've been solved in another way 2016-11-28 03:19:15 +08:00
Wu Cheng-Han 9f79ed929e Update to move custom CodeMirror codebase to our own repo and update webpack build config 2016-11-28 01:36:48 +08:00
Max Wu bd3d4958e4 Merge pull request #248 from hackmdio/file-upload-options
Support other options for image uploading
2016-11-27 10:54:00 +08:00
Wu Cheng-Han 5287d46931 Optimize hackmd resource packing and load orders 2016-11-26 23:18:51 +08:00
Wu Cheng-Han 3fbfdb7db8 Optimize index page resources packing and loads 2016-11-26 23:13:02 +08:00
Wu Cheng-Han 9383df59c9 Update socket.io to 1.6.0 2016-11-26 22:40:50 +08:00
Wu Cheng-Han f387bb312f Try to replace engine.io to uws in socket.io for better performance 2016-11-18 12:18:29 +08:00
Yukai Huang 2279986f97 Config sharp image preprocessing 2016-11-16 17:07:00 +08:00
Yukai Huang 518a4a120b upload image to s3 2016-11-16 12:05:24 +08:00
Yukai Huang a04c6ef127 Install nodemon for local development 2016-11-14 16:44:12 +08:00
Yukai Huang 689b1dc4d6 Add optimize-css webpack plugin 2016-11-03 13:59:25 +08:00
Max Wu 7e05976a93 Revert "html minify in production environment" 2016-10-24 00:00:05 +08:00
Peter Dave Hello 731375c220 html minify in production environment 2016-10-23 23:31:04 +08:00
Wu Cheng-Han 7e8d1f22b1 Fix missing dependency in d44e830366 2016-10-18 21:41:06 +08:00
Wu Cheng-Han d44e830366 Update emoji parser using markdown-it-emoji instead of emojify to solve issue #217 2016-10-18 16:50:58 +08:00
Yukai Huang 9f63581c61 Config heroku deployment 2016-10-16 11:20:29 +08:00
Yukai Huang 4c1109b70b Move gist-embed to CDN 2016-10-14 09:56:19 +08:00
Yukai Huang 142b4c6771 Move highlight.js to CDN 2016-10-14 09:21:41 +08:00
Yukai Huang 83be3465cc Fix scrollspy 2016-10-13 13:59:34 +08:00
Yukai Huang 2cafe15e85 Enable production assets hash 2016-10-12 17:15:59 +08:00
Yukai Huang 91266f1cad Load more scripts using webpack 2016-10-12 17:03:47 +08:00
Yukai Huang 02eef3f68a Load customized vendor script through script-loader 2016-10-12 13:18:29 +08:00
Yukai Huang 2e929879ad Fix engine.io-client webpack load dependency 2016-10-12 12:57:16 +08:00
Yukai Huang 6e651c8108 Merge branch 'master' into webpack-frontend 2016-10-11 18:40:23 +08:00
Yukai Huang f9e7f482d3 Setup webpack production config 2016-10-11 15:45:00 +08:00
Yukai Huang 06437ccaa9 Manage more packages with npm and webpack 2016-10-11 14:52:45 +08:00
Yukai Huang 3368b57b89 Remove ot from package.json 2016-10-11 14:09:40 +08:00
Yukai Huang 9c8752d452 Split common vendor javascript into chunks 2016-10-11 12:30:30 +08:00
Wu Cheng-Han 9a15cad42d Mark as 0.4.5 2016-10-11 11:01:05 +08:00
Wu Cheng-Han fb5d7e4359 Update npm and bower dependencies with related patch 2016-10-10 21:14:28 +08:00
Wu Cheng-Han 138aa876f4 Remove unused npm dependency 2016-10-10 21:05:33 +08:00
Yukai Huang e10203b7e9 More function expose workaround for reveal-markdown.js 2016-10-10 08:24:58 +08:00
Yukai Huang a258897884 Revert some bower assets 2016-10-09 21:43:41 +08:00
Yukai Huang 3e2905be13 Revert to customized codemirror 2016-10-09 17:54:51 +08:00
Yukai Huang 8e2b03cfd6 Config bootstrap with webpack 2016-10-08 23:04:19 +08:00
Yukai Huang 963a435ae1 Resolve dependency module requiring
* es5 style module exports
* remove script tag require
* webpack config ProvidePlugin

Note that this commit only fix JavaScript module loading runtime error.
2016-10-08 20:02:30 +08:00
Yukai Huang ebee5a8d05 Use xss in script tag 2016-10-08 19:57:50 +08:00
Yukai Huang ab21311161 Change npm task 'build' to 'dev' 2016-10-08 10:16:49 +08:00
Yukai Huang b8467a562c Remove Idle.Js dependency
use vendor minified js for now
2016-10-08 10:07:12 +08:00
Yukai Huang 325d1f1a32 Create webpack config 2016-10-08 08:13:40 +08:00
Wu Cheng-Han b9c59c454d Add support of i18n with related patches and support "en" and "zh" locales for now 2016-08-19 11:49:24 +08:00
Wu Cheng-Han f35aa94b41 Mark as 0.4.4 2016-08-02 17:17:33 +08:00
Wu Cheng-Han b6ca8649af Update npm dependencies 2016-07-30 12:23:40 +08:00
Wu Cheng-Han 045c08447f Update to use own package of google-diff-match-patch to solve encodeURI exception issue 2016-07-30 11:12:28 +08:00
Wu Cheng-Han 2b5c7365ab Change npm imgur package to self owned repo in order to fix some exception 2016-07-13 10:42:32 +08:00
Wu Cheng-Han 458d07dde7 Update to change server-side pre-rendering engine from marked to markdown-it 2016-07-02 16:11:06 +08:00
Wu Cheng-Han d7d83c102b Mark as 0.4.3 2016-06-28 09:38:31 +08:00
Cheng-Han, Wu 6fddab1bfc Update npm dependencies 2016-06-17 16:32:05 +08:00
Cheng-Han, Wu dbc126b156 Add support of saving note revision and improve app start and stop procedure to ensure data integrity 2016-06-17 16:09:33 +08:00
Cheng-Han, Wu c439797efd Mark as 0.4.2 2016-06-01 20:44:19 +08:00
Cheng-Han, Wu 16990e35a2 Update slide template using ejs instead of mustache to reduce similar package dependency 2016-05-29 17:54:24 +08:00
Cheng-Han, Wu e52937df50 Update project infos, reclaim authors and add authors list 2016-05-28 01:49:15 +08:00
Cheng-Han, Wu 6405bb5056 Add support of google signin 2016-05-21 22:48:00 +08:00
Cheng-Han, Wu baa946968d Add db migrations for PR #121 2016-05-15 12:20:42 +08:00
Jason Croft a3876dfc92 Start extending to support GitLab authentication.
Add necessary dependency.
Add baseURL parameter for self-hosted GitLab
Add necessary require.
Add block for GitLab auth.
Fix typo
Update font-awesome dependency for GitLab icon.
Use a color closer to GitLab orange.
More direct TODO
2016-05-11 21:02:53 -04:00
Cheng-Han, Wu 197ac5d5fb Mark as 0.4.0 2016-04-20 18:23:56 +08:00
Cheng-Han, Wu f13f70696a Update package dependencies 2016-04-20 18:15:48 +08:00
Cheng-Han, Wu 49b51e478f Refactor server with Sequelize ORM, refactor server configs, now will show note status (created or updated) and support docs (note alias) 2016-04-20 18:03:55 +08:00
Cheng-Han, Wu 61084e5a4e Updated dependencies 2016-03-15 11:14:00 +08:00
Cheng-Han, Wu d69d65ea74 Updated to send hsts in https header 2016-03-15 10:41:49 +08:00
Cheng-Han, Wu 4c4a0e0f3f Fixed prevent XSS might break lots of tags and only need after rendered 2016-02-11 03:45:13 -06:00
Cheng-Han, Wu 6700f033ab Prevent XSS in markdown rendering 2016-02-11 02:36:52 -06:00
Cheng-Han, Wu 7305984676 Updated engine requirement because connect-mongo package 2016-02-07 21:56:54 -06:00
Cheng-Han, Wu ff2fc76491 Supported export to gist 2016-01-31 15:42:26 -06:00
Wu Cheng-Han 1b2a3108be Marked as 0.3.4 2016-01-19 10:06:22 -06:00
Wu Cheng-Han 96931e6e3a Upgrade all dependencies and fixes afterward issues 2016-01-19 09:57:58 -06:00
Wu Cheng-Han 2ecec3b59a Support show last change user with profile and support YAML config inside the note with robots, lang, dir, breaks options 2016-01-12 08:01:42 -06:00
Wu Cheng-Han a6d1bddf47 Updated other packages to lastest versions 2015-12-15 15:01:13 -06:00
greenkeeperio-bot e9718d35ac chore(package): update dependencies
http://greenkeeper.io/
2015-12-15 10:38:34 -06:00
Wu Cheng-Han a0b1321ad2 Updated imgur package version from "0.1.5" to "0.1.7" 2015-12-12 14:19:22 -06:00
jackycute a4d0c56396 Merge pull request #47 from PeterDaveHello/patch-2
Update package.json
2015-12-08 20:48:26 -06:00
Peter Dave Hello fc687b37cb Update package.json
Bump dependency marked to ^0.3.5

Reference(security issue):

https://nodesecurity.io/advisories/marked_regular-expression-denial-of-service
2015-12-09 08:41:06 +08:00
Peter Dave Hello d635440f27 Update package.json
Change required dependency - express from "4.x" to ">=4.5"

Reference(security issue):

https://nodesecurity.io/advisories/express_no-charset-in-content-type-header
2015-12-09 08:39:37 +08:00
Wu Cheng-Han fa5485c185 Updated npm cookie package version to 0.2.3 2015-11-29 02:11:57 -06:00
Wu Cheng-Han a8123b6306 Fixed connect-mongo have peer dependencies 2015-11-29 00:23:19 -06:00
xnum f51b7370f0 Add Slide Mode
using reveal.js
and some part of reveal-md
2015-11-23 20:38:26 +08:00
Fabien Meghazi 872983e653 Updated pinned version of `cookie-parser` [Fixes #21] 2015-11-12 10:55:42 +01:00
Wu Cheng-Han 4e0f157739 Updated passport and its plugins' version 2015-11-10 11:34:54 +08:00
Wu Cheng-Han bc1f59af65 Marked as 0.3.3 2015-09-27 14:36:08 +08:00
Wu Cheng-Han bb9deef077 Marked as 0.3.2 2015-07-11 12:52:04 +08:00
Wu Cheng-Han 10c9811fc5 Jump to 0.3.1 2015-07-02 00:10:20 +08:00
Wu Cheng-Han f7f8c901f4 Marked as 0.2.9 2015-06-01 18:04:25 +08:00
Wu Cheng-Han 4e64583a0b Marked as 0.2.8 2015-05-15 12:58:13 +08:00
Wu Cheng-Han 4b0ca55eb7 First commit, version 0.2.7 2015-05-04 15:53:29 +08:00