summaryrefslogtreecommitdiff
path: root/yarn.lock (follow)
Commit message (Collapse)AuthorAgeFilesLines
* chore(deps): update dependency html-webpack-plugin to v4.5.1Renovate Bot2021-02-051-5/+5
| | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Regenerate yarn.lockDavid Mehren2021-01-141-342/+319
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Upgrade to socket.io 2.4.1David Mehren2021-01-141-106/+21
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Update yarn.lockDavid Mehren2021-01-141-54/+83
| | | | | | archiver@5.2.0, aws-sdk@2.828.0, file-type@16.2.0, prismjs@1.23.0, socket.io-client@2.4.0, bufferutil@4.0.3, utf-8-validate@5.0.4 Signed-off-by: David Mehren <git@herrmehren.de>
* Update yarn.lockDavid Mehren2020-12-271-217/+40
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Improve MIME-type checks of uploaded filesDavid Mehren2020-12-271-45/+279
| | | | | | This commit adds a check if the MIME-type of the uploaded file (detected using the magic bytes) matches the file extension. Signed-off-by: David Mehren <git@herrmehren.de>
* Update yarn.lockDavid Mehren2020-12-211-125/+57
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Merge pull request #629 from hedgedoc/renovate/less-3.xDavid Mehren2020-12-211-4/+17
|\ | | | | Update dependency less to v3.13.1
| * Update dependency less to v3.13.1Renovate Bot2020-12-181-4/+17
| | | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* | Update dependency copy-webpack-plugin to v6.4.1Renovate Bot2020-12-161-4/+4
|/ | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Update dependency less to v3.13.0Renovate Bot2020-12-121-4/+4
| | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Update dependency copy-webpack-plugin to v6.4.0Renovate Bot2020-12-071-4/+4
| | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Update yarn.lockDavid Mehren2020-12-021-3/+3
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Update yarn.lockDavid Mehren2020-11-291-240/+61
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* chore: bump AWS SDK from 2.345.0 to 2.521.0Renan Rodrigues2020-11-271-4/+4
| | | | Signed-off-by: Renan Rodrigues <renanqts@gmail.com>
* Update dependency copy-webpack-plugin to v6.3.2Renovate Bot2020-11-191-4/+4
| | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Merge pull request #583 from hedgedoc/renovate/tough-cookie-2.xDavid Mehren2020-11-171-9/+9
|\ | | | | Update dependency tough-cookie to ~2.5.0
| * Update dependency tough-cookie to ~2.5.0Renovate Bot2020-11-171-9/+9
| | | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* | Merge pull request #582 from hedgedoc/renovate/shortid-2.xDavid Mehren2020-11-171-4/+11
|\ \ | | | | | | Update dependency shortid to v2.2.16
| * | Update dependency shortid to v2.2.16Renovate Bot2020-11-171-4/+11
| |/ | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* / Update dependency randomcolor to ^0.6.0Renovate Bot2020-11-171-4/+4
|/ | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Merge pull request #578 from hedgedoc/renovate/i18n-0.xDavid Mehren2020-11-171-16/+16
|\ | | | | Update dependency i18n to ^0.13.0
| * Update dependency i18n to ^0.13.0Renovate Bot2020-11-171-16/+16
| | | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* | Merge pull request #579 from hedgedoc/renovate/mini-css-extract-plugin-0.xDavid Mehren2020-11-171-4/+4
|\ \ | | | | | | Update dependency mini-css-extract-plugin to v0.12.0
| * | Update dependency mini-css-extract-plugin to v0.12.0Renovate Bot2020-11-171-4/+4
| |/ | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* | Merge pull request #577 from hedgedoc/renovate/cookie-0.xDavid Mehren2020-11-171-1/+6
|\ \ | |/ |/| Update dependency cookie to ^0.4.0
| * Update dependency cookie to ^0.4.0Renovate Bot2020-11-171-1/+6
| | | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* | Pin dependenciesRenovate Bot2020-11-171-34/+34
|/ | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Replace sloganTilman Vatteroth2020-11-141-2/+2
| | | | Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
* Regenerate yarn.lockTilman Vatteroth2020-11-141-511/+351
| | | | Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
* Use our fork of CodeMirrorDavid Mehren2020-11-111-1/+1
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Update yarn.lockDavid Mehren2020-11-101-350/+85
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Upgrade `archiver` to v5David Mehren2020-11-101-98/+106
| | | | | | | Breaking changes only include dropping node <8 and glob patterns. Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Upgrade meta-markedDavid Mehren2020-11-101-10/+10
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Upgrade js-sequence-diagramsDavid Mehren2020-11-101-31/+29
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Upgrade imgurDavid Mehren2020-11-101-2/+2
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Upgrade diff-match-patchDavid Mehren2020-11-101-1/+1
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Use npm-release of raphaelDavid Mehren2020-11-101-7/+1
| | | | | | | Other dependencies already depend on npm-releases of this, so it does not seem to make sense to get this via Git. Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Always use `~` to allow minor upgrades of dependenciesDavid Mehren2020-11-101-129/+228
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Remove unneeded `style-loader` dependencyDavid Mehren2020-11-101-8/+0
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Update dependenciesDavid Mehren2020-11-101-771/+1035
| | | | | | | | | chance@1.1.7, express-session@1.17.1, formidable@1.2.2, graceful-fs@4.2.4, handlebars@4.7.6, lutim@1.0.3, mathjax@2.7.9, mermaid@8.5.2, minimist@1.2.5, xss@1.0.8, eslint-plugin-standard@4.0.2, optimize-css-assets-webpack-plugin@5.0.4, remark-cli@8.0.1, webpack@4.44.2 aws-sdk@2.781.0, flowchart.js@1.15.0, helmet@3.23.3, i18n@0.8.6, js-yaml@3.14.0, mariadb@2.5.1, markdown-it-deflist@2.1.0, moment@2.29.1, morgan@1.10.0, mysql2@2.2.5, passport-saml@1.4.2, pdfobject@2.2.4, pg@8.4.2, prismjs@1.22.0, sequelize@5.22.3, sqlite3@4.2.0, winston@3.3.3, copy-webpack-plugin@6.2.1, eslint-plugin-import@2.22.1, html-webpack-plugin@4.5.0, less@3.12.2, style-loader@1.3.0 Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* regenerate yarn.lockTilman Vatteroth2020-11-081-270/+14
| | | | Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
* Update copy-webpack-plugin, css-loader, html-webpack-plugin, style-loader, ↵David Mehren2020-08-191-532/+961
| | | | | | webpack and webpack-cli Signed-off-by: David Mehren <git@herrmehren.de>
* fix: package.json & yarn.lock to reduce vulnerabilitiessnyk-bot2020-08-171-4/+4
| | | | | The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-590103
* fix: package.json & yarn.lock to reduce vulnerabilitiessnyk-bot2020-08-101-4/+4
| | | | | The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PRISMJS-597628
* Merge pull request #410 from oupala/feature/markdown-lintingDavid Mehren2020-07-101-11/+1195
|\
| * chore: update yarn.lockoupala2020-07-101-11/+1195
| | | | | | | | Signed-off-by: oupala <oupala@users.noreply.github.com>
* | fix: package.json & yarn.lock to reduce vulnerabilitiessnyk-bot2020-07-101-0/+5
|/ | | | | The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-567746
* Upgrade LDAP-auth to fix RCE in ldapauth dependencySheogorath2020-06-271-40/+69
| | | | | | | | | | | | | | | Synk reported an Remote Code Execution vulnerability for the passport-ldapauth dependency `bunyan`. This RCE is due to wrong command sanitizing but doesn't only affects the executable the libary provides. It has no impact on CodiMD. This patch just updates passport-ldapauth since it's long overdue anyway and to silence annoying security scanners that pretend this is rather critical for us. Reference: https://github.com/trentm/node-bunyan/commit/ea21d75f548373f29bb772b15faeb83e87089746 https://app.snyk.io/vuln/SNYK-JS-BUNYAN-573166
* Upgrade pg to fix node version 14 compatibilitySheogorath2020-06-091-22/+22
| | | | | | | | | | | | | | | | As @davidmehren figured out, the problem that NodeJS version 14 gets stuck while CodiMD is starting, was due to the outdated postgres dependency. The old pg version doesn't work with node version 14 due to an undocumented API change in the `readyState` in the socket API. This patch updates the required dependency and this way resolves the issue. Reference: https://github.com/sequelize/sequelize/issues/12158 https://github.com/brianc/node-postgres/commit/149f48232445da0fb3022044e4f1c53509040ad3 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>