| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Make oauth2 provider name accessible
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Right now the feature exists but is almost not usable since the only way
to configure it is to know that it exists from reading the source code
and add it to config.json. This patch provides all needed changes so it
can be used by everyone including documentation.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
| |
| |
| |
| |
| |
| | |
Support includes v9.x, but no v10.x
Signed-off-by: Xaver Maierhofer <xaver.maierhofer@xwissen.info>
|
|\ \
| |/
|/| |
enhance configurabiltiy of paths & make execution path-independent
|
| |
| |
| |
| | |
Signed-off-by: WilliButz <wbutz@cyberfnord.de>
|
|/
|
|
| |
Signed-off-by: Claudius Coenen <opensource@amenthes.de>
|
|
|
|
| |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
| |
|
|
|
|
| |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
| |
Signed-off-by: Ondřej Slabý <kron258@gmail.com>
|
|
|
|
|
|
| |
Fixes #923
Signed-off-by: Girish Ramakrishnan <girish@cloudron.io>
|
|
|
|
|
|
|
|
| |
Apart from the uri versioning, one big change is the snippet visibility post data (visibility_level -> visibility)
Default gitlab api version to v4
Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
|
|
|
|
| |
Signed-off-by: Miranda Kastemaa <miranda@foldplop.com>
|
|
|
|
|
|
|
| |
We instruct people to run db migrations on inital setup. We should do
that!
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
| |
As we are no longer HackMD the short tag `HMD` doesn't match anymore. We
move it to the matching prefix `CMD` and inform our users about the
change.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
| |
We want to communicate transparent. So we should state very clear what
CodiMD is and what makes it different from HackMD and at the same time
how we are related and that there are no bad boys involved.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
| |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
|
| |
Since Gravatar is an external image source and not perfect from a
privacy perspective, forbidding it allows to improve privacy.
This commit also simplifies and optimizes the avatar code.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
|
|
| |
In https://github.com/hackmdio/hackmd/issues/834 is described how
starting HackMD crashes when using the wrong working dir.
This is caused by a relative path in our upload routine. This change
should fix it and prevent future crashes.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|\
| |
| | |
Fix wrong docs about default image upload location
|
| |
| |
| |
| |
| |
| |
| |
| | |
We wrongly state that the default image upload location is imgur. This
is no longer true, but got lost when updating docs. This commit should
fix it.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|/
|
|
|
|
|
| |
We have an official K8s chart for helm out there but probably no one
knows about it. Let's advertise it a bit!
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
| |
Signed-off-by: Adam Hoka <hoka.adam@nexogen.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's sad but it's not working. For multiple releases this should be
already broken which shows how often it's used.
As there is also a security issue related to that, it's better to
remove the feature completely. Whoever wants to rewrite it, feel free to
go.
This commit removes the Google Drive integration from HackMD's Frontend
editor and this way removes the need to provide any API key and Client
ID in the frontend.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As we currently may need higher nofile limits than usual/default on
various systems this commit should probide a fix for that an allow to
build HackMD without highering these limits and increase security.
Inspiration was found in a copy-webpack-plugin-issue[1] and found by
@thegcat[2]. Thanks for that!
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
[1]:
https://github.com/webpack-contrib/copy-webpack-plugin/issues/59#issuecomment-228563990
[2]: https://github.com/thegcat
|
|
|
|
|
|
|
| |
Add hint about file descriptor limits and add the new translation
platform.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|\ |
|
| |
| |
| |
| |
| |
| |
| | |
As it was requested to be more visable, this commit adds a migration
section about the introduced config style changes.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|/
|
|
|
|
|
|
|
|
|
| |
Currently the session secret can only be set by config.json or docker
secrets. This creates a problem on Heroku hosted instances that can not
set a session secret.
Since we automatically generate them on startup this results in an
logout of all users on every config change in Heroku.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
| |
This refactors the configs a bit to now use camel case everywhere.
This change should help to clean up the config interface and make it
better understandable.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
| |
This option is needed as it's currently not possible to add an report
URI by the directives array. This option also allows to get CSP reports
not only on docker based setup but also on our heroku instances.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
| |
hackmdio/hackmd#754
Signed-off-by: Felix Schäfer <felix@thegcat.net>
|
|
|
|
| |
Signed-off-by: Dustin Frisch <fooker@lab.sh>
|
|
|
|
| |
Signed-off-by: Anthony "Zearin" Rogers <zearin@users.sourceforge.net>
|
|
|
|
| |
Signed-off-by: Anthony "Zearin" Rogers <zearin@users.sourceforge.net>
|
|
|
|
|
|
|
|
|
| |
Matrix.org is an interesting platform for collaboration and community building.
Thanks to various clients it supports it's maybe better than gitter to keep people on track and have a community feeling, discuss changes and more.
Not not split up into two parties not knowing of each other, the Gitter channel and the Matrix channel are bridged. This helps to keep everyone informed while add more medias.
Signed-off-by: Christoph Kern <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
|
| |
The button needs a parameter to work, that provides the git repository
that is used for the deployment. This commit corrects the link and this
way fixes the provisioning as it's not working with the wrong/default
buildpacks.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|\
| |
| | |
Add simple user-management tool for emailsignin
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, administrators of closed instances need to manually fiddle in
their databases for user-management.
This commit adds a small commandline utility that allows to create and
delete users.
Signed-off-by: Dario Ernst <dario@kanojo.de>
|
|/
|
|
|
|
|
| |
The docker badges have to be updated since we now provide official image
like tags. So `latest-alpine` became `alpine`.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|\
| |
| | |
Remove camel case from `imageuploadtype` in config
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This removes the only camel cased option of the config options
**we** added to the config.json.
In auth provider's config parts are a lot of camel cased options
provided. We shouldn't touch them to keep them as similar as
possible to the examples.
Fixes #315
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|/
|
|
|
|
|
|
|
|
| |
We noticed on multiple places that machines with less than 2GB of RAM
fail their build and result in missing files and unexpected errors.
Sadly we can't really solve this right now since it's a webpack
related bug.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
| |
|
|
|
|
| |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|\
| |
| | |
Implement basic CSP support
|
| |
| |
| |
| | |
Not sure why I was quoting these in the first place
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| | |
Before, closed disallowed guest edits completely, by removing
the `freely` permission. This makes it possible to explicitely bring
back guest-editing, but not guest-note-creation, to closed instances.
Signed-off-by: Dario Ernst <dario@kanojo.de>
|
| |
| |
| | |
To show "Community Edition" on title.
|