summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #309 from margau/masterSheogorath2020-04-211-2/+4
|\ | | | | Make "transform-style: preserve-3d;" screen-only.
| * Make "transform-style: preserve-3d;" screen-only.Marvin Gaube2020-03-231-2/+4
| | | | | | | | Signed-off-by: Marvin Gaube <dev@marvingaube.de>
* | Merge pull request #321 from codimd/snyk-fix-36a009650e9001b5861c54337c2b192dSheogorath2020-04-162-22/+6
|\ \ | |/ |/| [Snyk] Security upgrade jquery from 3.4.1 to 3.5.0
| * fix: package.json & yarn.lock to reduce vulnerabilitiessnyk-bot2020-04-142-22/+6
|/ | | | | The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JQUERY-565129
* Merge pull request #305 from ErikMichelson/fix/eslintSheogorath2020-03-221-19/+23
|\ | | | | Fixed eslint errors in cleanup-script
| * Fixed eslint errors (whitespaces)Erik Michelson2020-03-211-19/+23
|/ | | | Signed-off-by: Erik Michelson <erik@liltv.de>
* Clean up all foreign-key constraintsSheogorath2020-03-211-0/+20
| | | | | | | | | | | This patch cleans up the remaining possible foreign-key constraint. This case seem to appear, when notes are deleted, but due to missing database contraints not their authroships. This function should clean that up as well and complete the preparation for the new db contraints. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Reduce requested arguments on cleanupSheogorath2020-03-211-6/+13
| | | | | | | | In order to prevent OOM situations due to large databases, this patch should reduce the amount of data requested from the database drastically. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* fixup! Add fix for missing deletion of notes on user-deletion requestSheogorath2020-03-211-0/+17
|
* Update fr.json (POEditor.com)Sheogorath2020-03-211-19/+19
|
* Update ar.json (POEditor.com)Sheogorath2020-03-211-16/+16
|
* Fix broken redirect on loginSheogorath2020-03-211-2/+4
| | | | | | | | | | | | | | | | | | | | This patch fixes the currently broken redirect on login when people try to access a site they have no access to, they are redirected to the main page to log in. After a successful login they should be redirected to the original note, but instead are redirect to the index page again. This aptch fixes the typo that causes the behavior and brings people back to the note they edited. Thanks to @clvs7-gh on Github[1], who submitted the patch via email. On their behalf I hereby submit the change. [1]: https://github.com/clvs7-gh Note: I had to ajust this patch to work properly. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Backport Fix for relative theme pathSheogorath2020-03-211-1/+1
| | | | | | This commit backport 856fc01fb9b30489b254f2ef9d29de80aa189118 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Add fix for missing deletion of notes on user-deletion requestSheogorath2020-03-212-0/+117
| | | | | | | | | | | | | | | | | | | | | | Depending on how the system was setup, this bug lead to keep user's data around even after a successful deletion of user'S account. This patch will make sure the missing database constraints are implemented and missed out deletions are executed. This bug was introduced to insufficent testing after implementing the feature initially. It was well tested, using the app process itself, but the migrations where missed out. I'm currently not sure, if there was also a change in how sequelize handles cassaded deletion, since I'm unter the impression that before switching to sequelize 5, this feature has worked. But I haven't verified this. No matter what, the cleanup process is rather straight forward and will be invoked on migration, but can also be done manually using the new `bin/cleanup` script. This change will result in a release 1.6.1. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Release version 1.6.0Sheogorath2020-02-182-1/+86
| | | | Thanks for all contributions, this community is awesome.
* Update sv.json (POEditor.com)Sheogorath2020-02-171-1/+1
|
* Update es.json (POEditor.com)Sheogorath2020-02-171-2/+3
|
* Update ru.json (POEditor.com)Sheogorath2020-02-171-1/+6
|
* Update pt.json (POEditor.com)Sheogorath2020-02-171-102/+120
|
* Update ja.json (POEditor.com)Sheogorath2020-02-171-1/+2
|
* Update de.json (POEditor.com)Sheogorath2020-02-171-1/+1
|
* Update nl.json (POEditor.com)Sheogorath2020-02-171-10/+13
|
* Update zh-CN.json (POEditor.com)Sheogorath2020-02-171-1/+2
|
* Remove Tests for EOL node version 8Sheogorath2020-02-161-6/+1
| | | | | | | | | | | | Node 8 is End of Life since the beginning of 2020.[1] Due to not deprecating it earlier, the next release will be the last release supporting it. There are no breaking changes to be expected anymore, therefore removing the Tests can be considered safe and the release can start its existence with a green CI. This patch removes the test for NodeJS version 8 from the TravisCI jobs. [1]: https://nodejs.org/en/about/releases/
* Update yarn.lockSheogorath2020-02-161-2445/+206
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Merge pull request #271 from SuperSandro2000/patch-2Sheogorath2020-02-161-6/+6
|\ | | | | Replace dead browser icons and add missing
| * Replace dead browser icons and add missingSandro2020-02-161-6/+6
|/ | | | Signed-off-by: Sandro Jäckel <sandro.jaeckel@gmail.com>
* Merge pull request #268 from stefandesu/patch-1Sheogorath2020-02-111-1/+1
|\ | | | | Adjust description of CMD_ALLOW_ANONYMOUS_EDITS
| * Adjust description of CMD_ALLOW_ANONYMOUS_EDITSStefan Peters2020-02-111-1/+1
|/ | | | | | `CMD_ALLOW_ANONYMOUS_EDITS` is only applied when `CMD_ALLOW_ANONYMOUS` is `false`, see [here](https://github.com/codimd/server/blob/9c1665ae5bf3cf38210ffd862d10de9b13bfacdd/lib/config/index.js#L71-L73). Signed-off-by: Stefan Peters <stefandesu@exo.pm>
* Merge pull request #267 from SISheogorath/fix/revisionLinksSheogorath2020-02-101-1/+1
|\ | | | | Fix revision redirect to index page
| * Fix revision redirect to index pageSheogorath2020-02-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The revision view had a bug that clicking on a list entry would redirect the user back to the index page instead of providing the revision diff. This was cased by the baseurl which is now used as reference for hrefs. Therefore when clicking on the `href="#"` this was actually pointing at `<baseurl>#` which is usually the index page. This patch simply removes the href from the list items and therefore the link functionality. This fixes the whole problem by removing 9 characters from our source code. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Merge pull request #264 from Belphemur/update-mermaidSheogorath2020-02-104-4/+4
|\ \ | |/ |/| Update mermaid
| * Update mermaid in CDNAntoine Aflalo2020-02-103-3/+3
| | | | | | | | Signed-off-by: Antoine Aflalo <antoine@warrantymaster.com>
| * Update mermaidAntoine Aflalo2020-02-101-1/+1
| | | | | | | | Signed-off-by: Antoine Aflalo <antoine@warrantymaster.com>
* | Merge pull request #266 from SISheogorath/feature/change-cdn-defaultsSheogorath2020-02-102-2/+2
|\ \ | |/ |/| Update CDN defaults
| * Update CDN defaultsSheogorath2020-02-092-2/+2
|/ | | | | | | | | | | | | | | | | | As we noticed in our poll about CDN usage, that most people intentionally turn it off, but very little intetionally turn it on or leave it on. [1] There is also strong indicators that CDNs don't really provide any benefits in loading time and due to the small deployments of CodiMD, there is no big savings due to CDNs either. [2] Therefore this patch changes the CDN default settings to off in order to reduce the exposed user data. [1]: https://community.codimd.org/t/poll-on-cdn-usage/28 [2]: https://csswizardry.com/2019/05/self-host-your-static-assets/ Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2020-02-091-2024/+1854
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Merge branch 'google-oauth'Sheogorath2020-02-097-5/+13
|\ | | | | | | See https://github.com/codimd/server/pull/265
| * Update app.jsonike2020-02-081-0/+4
| | | | | | | | Signed-off-by: ike <developer@ikewat.com>
| * Add Google oauth variable: hostedDomainike2020-02-086-5/+9
|/ | | | | | | | Which is part of `passport-google-oauth2`. It could be used as whitelist to a domain supported by google oauth. Ref: https://github.com/jaredhanson/passport-google-oauth2/issues/3 Signed-off-by: ike <developer@ikewat.com>
* Update RevealJS to version 3.9.2Sheogorath2020-02-014-5/+3
| | | | | | | | | | | | This update of revealJS helps us to get rid of the headjs depedency integration using webpack. It updates reveal.js to 3.9.2 and updates the csp hash accordingly for using the slide mode. Background for this update is the critical security vulnerability described by snyk in their disclosure: https://snyk.io/vuln/SNYK-JS-REVEALJS-543841 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Merge pull request #261 from ErikMichelson/fix/privacy-template-libravatarSheogorath2020-01-231-2/+2
|\ | | | | Changed Gravatar to Libravatar in privacy-template
| * Changed Gravatar to Libravatar in privacy-templateErik Michelson2020-01-231-2/+2
|/ | | | Signed-off-by: Erik Michelson <erik@liltv.de>
* Merge pull request #259 from Amolith/masterSheogorath2020-01-211-1/+1
|\ | | | | update env docs in reference to #247
| * update env docs in reference to #247Amolith2020-01-161-1/+1
| | | | | | | | Signed-off-by: Amolith <amolith@nixnet.xyz>
* | Merge pull request #250 from ErikMichelson/fix/signin-focusSheogorath2020-01-201-0/+14
|\ \ | |/ |/| Fix #249 - Focus user field after opening login modal
| * Fix #249 - Focus user field after opening login modalErik Michelson2020-01-081-0/+14
| | | | | | | | Signed-off-by: Erik Michelson <erik@liltv.de>
* | Merge pull request #257 from bluehood/fix_fonts_without_cdnSheogorath2020-01-152-27/+32
|\ \ | | | | | | Fix font loading when useCDN is false
| * | Fix font path when useCND is false and `urlPath` is usedEnrico Guiraud2020-01-151-26/+26
| | | | | | | | | | | | Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
| * | Fix font paths when useCDN is false and no `urlPath` is presentEnrico Guiraud2020-01-151-1/+6
|/ / | | | | | | Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>