summaryrefslogtreecommitdiff
path: root/yarn.lock (follow)
Commit message (Collapse)AuthorAgeFilesLines
* fix: package.json & yarn.lock to reduce vulnerabilitiessnyk-bot2020-04-141-21/+5
| | | | | The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JQUERY-565129
* Update yarn.lockSheogorath2020-02-161-2445/+206
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2020-02-091-2024/+1854
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Upgrade webpack & pluginsDavid Mehren2019-11-231-685/+658
| | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
* Upgrade all ORM/database related packagesSheogorath2019-10-281-167/+392
| | | | | | | | | This patch provides some major upgrades to all database backend library. It also fixes an issues that appears since the change from sequelize v3 to v5 where mariadb was originally handled by mysql2 and is now handled by an own mariadb library. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-10-231-134/+164
|
* Update yarn.lockSheogorath2019-08-151-16/+49
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update meta-marked to latest versionSheogorath2019-08-151-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Meta-marked 0.4.4 which we used from our git repository contains a RegexDOS attack in the marked dependency. The dependency was already updated in our meta-marked repository, but not updated in yarn. This made us still vulnerable to this ReDOS which was able to cause a DOS attack on the server when updating a note. For Details: https://github.com/markedjs/marked/releases/tag/v0.7.0 https://github.com/markedjs/marked/pull/1515 What is a ReDOS? A ReDOS attack is a DOS attack where an attacker targets a not-well-written Regular Expression. Regular expressions try to build a tree of all possibilities it can match in order to figure out if the given statement is valid or not. A ReDOS attack abuses this concept by providing a statement that doesn't match but causes extremly huge trees that simply lead to exhausting CPU usage. For more details see: https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS Credit: Huge thanks to @bitinerant for finding this and handling it with a responsible disclosure. Also thanks to the `marked`-team for fixing things already. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-08-011-74/+2744
|
* Update sequelize to latest versionSheogorath2019-06-221-12/+15
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-06-221-923/+176
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-05-301-465/+466
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update jQuery to version 3.4.1Sheogorath2019-05-061-224/+22
|
* Update yarn.lockSheogorath2019-04-161-26/+12
|
* Update yarn.lockSheogorath2019-04-101-492/+209
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-03-231-222/+241
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Force upgrade of some outdated dependenciesSheogorath2019-03-021-179/+9
| | | | | | | | | | | I don't really like the way to go here, but I guess having those forcefully upgraded is better than staying around with vulnerable dependencies. This patch fixes some vulnerbilities in dependencies that were categories as high severity. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-03-021-377/+360
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-02-151-390/+379
|
* Update yarn.lockSheogorath2019-01-241-135/+96
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-01-181-504/+561
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-12-041-362/+499
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-11-211-1760/+1657
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-11-191-397/+383
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-11-121-26/+12
|
* Fix #1016: webpack include defect for scripts and header files.MartB2018-10-161-36/+45
| | | | Signed-off-by: MartB <mart.b@outlook.de>
* Update yarn.lockSheogorath2018-10-111-16/+22
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockDavid Mehren2018-10-101-0/+7
| | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
* Update yarn.lockSheogorath2018-10-091-5/+5
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-10-061-5/+93
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-10-031-4/+1598
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Upgrade to Webpack 4 - clean dependenciesDavid Mehren2018-09-061-774/+817
| | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
* Upgrade to Webpack 4 - first tryDavid Mehren2018-09-061-1252/+2833
| | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
* Update yarn.lockSheogorath2018-09-061-2/+2
|
* Update markdown-pdfSheogorath2018-07-271-3/+3
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-06-301-17/+34
|
* Update yarn.lockSheogorath2018-06-301-106/+286
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-06-171-1/+137
|
* Update yarn.lockSheogorath2018-06-051-2/+194
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-05-211-3/+3
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-04-171-1/+1
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-03-181-0/+4
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-03-071-77/+0
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-01-311-52/+96
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-01-291-0/+4
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-01-291-3/+3
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-01-241-7/+50
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-01-171-3/+69
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarnSheogorath2017-11-271-70/+75
|
* Update yarn.lockPeter Dave Hello2017-10-301-114/+237
|