summaryrefslogtreecommitdiff
path: root/yarn.lock (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Update dependency webpack to v4.46.0Renovate Bot2021-02-051-6/+6
| | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* chore(deps): update dependency html-webpack-plugin to v4.5.1Renovate Bot2021-02-051-5/+5
| | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Regenerate yarn.lockDavid Mehren2021-01-141-342/+319
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Upgrade to socket.io 2.4.1David Mehren2021-01-141-106/+21
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Update yarn.lockDavid Mehren2021-01-141-54/+83
| | | | | | archiver@5.2.0, aws-sdk@2.828.0, file-type@16.2.0, prismjs@1.23.0, socket.io-client@2.4.0, bufferutil@4.0.3, utf-8-validate@5.0.4 Signed-off-by: David Mehren <git@herrmehren.de>
* Update yarn.lockDavid Mehren2020-12-271-217/+40
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Improve MIME-type checks of uploaded filesDavid Mehren2020-12-271-45/+279
| | | | | | This commit adds a check if the MIME-type of the uploaded file (detected using the magic bytes) matches the file extension. Signed-off-by: David Mehren <git@herrmehren.de>
* Update yarn.lockDavid Mehren2020-12-211-125/+57
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Merge pull request #629 from hedgedoc/renovate/less-3.xDavid Mehren2020-12-211-4/+17
|\ | | | | Update dependency less to v3.13.1
| * Update dependency less to v3.13.1Renovate Bot2020-12-181-4/+17
| | | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* | Update dependency copy-webpack-plugin to v6.4.1Renovate Bot2020-12-161-4/+4
|/ | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Update dependency less to v3.13.0Renovate Bot2020-12-121-4/+4
| | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Update dependency copy-webpack-plugin to v6.4.0Renovate Bot2020-12-071-4/+4
| | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Update yarn.lockDavid Mehren2020-12-021-3/+3
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Update yarn.lockDavid Mehren2020-11-291-240/+61
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* chore: bump AWS SDK from 2.345.0 to 2.521.0Renan Rodrigues2020-11-271-4/+4
| | | | Signed-off-by: Renan Rodrigues <renanqts@gmail.com>
* Update dependency copy-webpack-plugin to v6.3.2Renovate Bot2020-11-191-4/+4
| | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Merge pull request #583 from hedgedoc/renovate/tough-cookie-2.xDavid Mehren2020-11-171-9/+9
|\ | | | | Update dependency tough-cookie to ~2.5.0
| * Update dependency tough-cookie to ~2.5.0Renovate Bot2020-11-171-9/+9
| | | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* | Merge pull request #582 from hedgedoc/renovate/shortid-2.xDavid Mehren2020-11-171-4/+11
|\ \ | | | | | | Update dependency shortid to v2.2.16
| * | Update dependency shortid to v2.2.16Renovate Bot2020-11-171-4/+11
| |/ | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* / Update dependency randomcolor to ^0.6.0Renovate Bot2020-11-171-4/+4
|/ | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Merge pull request #578 from hedgedoc/renovate/i18n-0.xDavid Mehren2020-11-171-16/+16
|\ | | | | Update dependency i18n to ^0.13.0
| * Update dependency i18n to ^0.13.0Renovate Bot2020-11-171-16/+16
| | | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* | Merge pull request #579 from hedgedoc/renovate/mini-css-extract-plugin-0.xDavid Mehren2020-11-171-4/+4
|\ \ | | | | | | Update dependency mini-css-extract-plugin to v0.12.0
| * | Update dependency mini-css-extract-plugin to v0.12.0Renovate Bot2020-11-171-4/+4
| |/ | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* | Merge pull request #577 from hedgedoc/renovate/cookie-0.xDavid Mehren2020-11-171-1/+6
|\ \ | |/ |/| Update dependency cookie to ^0.4.0
| * Update dependency cookie to ^0.4.0Renovate Bot2020-11-171-1/+6
| | | | | | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* | Pin dependenciesRenovate Bot2020-11-171-34/+34
|/ | | | Signed-off-by: Renovate Bot <bot@renovateapp.com>
* Replace sloganTilman Vatteroth2020-11-141-2/+2
| | | | Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
* Regenerate yarn.lockTilman Vatteroth2020-11-141-511/+351
| | | | Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
* Use our fork of CodeMirrorDavid Mehren2020-11-111-1/+1
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Update yarn.lockDavid Mehren2020-11-101-350/+85
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Upgrade `archiver` to v5David Mehren2020-11-101-98/+106
| | | | | | | Breaking changes only include dropping node <8 and glob patterns. Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Upgrade meta-markedDavid Mehren2020-11-101-10/+10
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Upgrade js-sequence-diagramsDavid Mehren2020-11-101-31/+29
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Upgrade imgurDavid Mehren2020-11-101-2/+2
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Upgrade diff-match-patchDavid Mehren2020-11-101-1/+1
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Use npm-release of raphaelDavid Mehren2020-11-101-7/+1
| | | | | | | Other dependencies already depend on npm-releases of this, so it does not seem to make sense to get this via Git. Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Always use `~` to allow minor upgrades of dependenciesDavid Mehren2020-11-101-129/+228
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Remove unneeded `style-loader` dependencyDavid Mehren2020-11-101-8/+0
| | | | | Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* Update dependenciesDavid Mehren2020-11-101-771/+1035
| | | | | | | | | chance@1.1.7, express-session@1.17.1, formidable@1.2.2, graceful-fs@4.2.4, handlebars@4.7.6, lutim@1.0.3, mathjax@2.7.9, mermaid@8.5.2, minimist@1.2.5, xss@1.0.8, eslint-plugin-standard@4.0.2, optimize-css-assets-webpack-plugin@5.0.4, remark-cli@8.0.1, webpack@4.44.2 aws-sdk@2.781.0, flowchart.js@1.15.0, helmet@3.23.3, i18n@0.8.6, js-yaml@3.14.0, mariadb@2.5.1, markdown-it-deflist@2.1.0, moment@2.29.1, morgan@1.10.0, mysql2@2.2.5, passport-saml@1.4.2, pdfobject@2.2.4, pg@8.4.2, prismjs@1.22.0, sequelize@5.22.3, sqlite3@4.2.0, winston@3.3.3, copy-webpack-plugin@6.2.1, eslint-plugin-import@2.22.1, html-webpack-plugin@4.5.0, less@3.12.2, style-loader@1.3.0 Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
* regenerate yarn.lockTilman Vatteroth2020-11-081-270/+14
| | | | Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
* Update copy-webpack-plugin, css-loader, html-webpack-plugin, style-loader, ↵David Mehren2020-08-191-532/+961
| | | | | | webpack and webpack-cli Signed-off-by: David Mehren <git@herrmehren.de>
* fix: package.json & yarn.lock to reduce vulnerabilitiessnyk-bot2020-08-171-4/+4
| | | | | The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-590103
* fix: package.json & yarn.lock to reduce vulnerabilitiessnyk-bot2020-08-101-4/+4
| | | | | The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PRISMJS-597628
* Merge pull request #410 from oupala/feature/markdown-lintingDavid Mehren2020-07-101-11/+1195
|\
| * chore: update yarn.lockoupala2020-07-101-11/+1195
| | | | | | | | Signed-off-by: oupala <oupala@users.noreply.github.com>
* | fix: package.json & yarn.lock to reduce vulnerabilitiessnyk-bot2020-07-101-0/+5
|/ | | | | The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-567746
* Upgrade LDAP-auth to fix RCE in ldapauth dependencySheogorath2020-06-271-40/+69
| | | | | | | | | | | | | | | Synk reported an Remote Code Execution vulnerability for the passport-ldapauth dependency `bunyan`. This RCE is due to wrong command sanitizing but doesn't only affects the executable the libary provides. It has no impact on CodiMD. This patch just updates passport-ldapauth since it's long overdue anyway and to silence annoying security scanners that pretend this is rather critical for us. Reference: https://github.com/trentm/node-bunyan/commit/ea21d75f548373f29bb772b15faeb83e87089746 https://app.snyk.io/vuln/SNYK-JS-BUNYAN-573166