summaryrefslogtreecommitdiff
path: root/yarn.lock (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Update yarn.lockSheogorath2019-08-151-16/+49
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update meta-marked to latest versionSheogorath2019-08-151-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Meta-marked 0.4.4 which we used from our git repository contains a RegexDOS attack in the marked dependency. The dependency was already updated in our meta-marked repository, but not updated in yarn. This made us still vulnerable to this ReDOS which was able to cause a DOS attack on the server when updating a note. For Details: https://github.com/markedjs/marked/releases/tag/v0.7.0 https://github.com/markedjs/marked/pull/1515 What is a ReDOS? A ReDOS attack is a DOS attack where an attacker targets a not-well-written Regular Expression. Regular expressions try to build a tree of all possibilities it can match in order to figure out if the given statement is valid or not. A ReDOS attack abuses this concept by providing a statement that doesn't match but causes extremly huge trees that simply lead to exhausting CPU usage. For more details see: https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS Credit: Huge thanks to @bitinerant for finding this and handling it with a responsible disclosure. Also thanks to the `marked`-team for fixing things already. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-08-011-74/+2744
|
* Update sequelize to latest versionSheogorath2019-06-221-12/+15
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-06-221-923/+176
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-05-301-465/+466
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update jQuery to version 3.4.1Sheogorath2019-05-061-224/+22
|
* Update yarn.lockSheogorath2019-04-161-26/+12
|
* Update yarn.lockSheogorath2019-04-101-492/+209
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-03-231-222/+241
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Force upgrade of some outdated dependenciesSheogorath2019-03-021-179/+9
| | | | | | | | | | | I don't really like the way to go here, but I guess having those forcefully upgraded is better than staying around with vulnerable dependencies. This patch fixes some vulnerbilities in dependencies that were categories as high severity. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-03-021-377/+360
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-02-151-390/+379
|
* Update yarn.lockSheogorath2019-01-241-135/+96
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2019-01-181-504/+561
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-12-041-362/+499
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-11-211-1760/+1657
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-11-191-397/+383
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-11-121-26/+12
|
* Fix #1016: webpack include defect for scripts and header files.MartB2018-10-161-36/+45
| | | | Signed-off-by: MartB <mart.b@outlook.de>
* Update yarn.lockSheogorath2018-10-111-16/+22
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockDavid Mehren2018-10-101-0/+7
| | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
* Update yarn.lockSheogorath2018-10-091-5/+5
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-10-061-5/+93
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-10-031-4/+1598
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Upgrade to Webpack 4 - clean dependenciesDavid Mehren2018-09-061-774/+817
| | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
* Upgrade to Webpack 4 - first tryDavid Mehren2018-09-061-1252/+2833
| | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
* Update yarn.lockSheogorath2018-09-061-2/+2
|
* Update markdown-pdfSheogorath2018-07-271-3/+3
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-06-301-17/+34
|
* Update yarn.lockSheogorath2018-06-301-106/+286
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-06-171-1/+137
|
* Update yarn.lockSheogorath2018-06-051-2/+194
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-05-211-3/+3
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-04-171-1/+1
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-03-181-0/+4
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-03-071-77/+0
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-01-311-52/+96
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-01-291-0/+4
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-01-291-3/+3
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-01-241-7/+50
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarn.lockSheogorath2018-01-171-3/+69
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update yarnSheogorath2017-11-271-70/+75
|
* Update yarn.lockPeter Dave Hello2017-10-301-114/+237
|
* Update yarn.lock fileWu Cheng-Han2017-09-271-1171/+1260
|
* Update yarn.lockChristian Schuhmann2017-08-291-4/+4
|
* Merge branch 'master' into BackendRefactorMax Wu2017-05-141-0/+4
|\
| * Load statusbar template by string-loaderYukai Huang2017-05-071-0/+4
| |
* | refactor(config.js): Extract config fileBoHong Li2017-05-081-358/+370
|/ | | | | * Separate different config source to each files * Freeze config object
* build: Update yarn.lockBoHong Li2017-03-291-3/+3
|