mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-09-19 23:48:57 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
2275 commits 36 branches 47 tags 158 MiB
Commit graph

2275 commits

This branch
This branch
All branches
Author SHA1 Message Date
Erik Michelson
116bd7230c
Added og-metadata to index page 
- image and URL properties are only included if
 the server url is set, because opengraph
 protocol does not support relative links

Signed-off-by: Erik Michelson <erik@liltv.de>
 2019-10-04 11:04:58 +02:00
Sheogorath
7182fecf5b
Merge pull request #186 from codimd/snyk-fix-67ec214d52c0e9b5cf1620e19ace6b1a 
[Snyk] Fix for 1 vulnerabilities
 2019-09-30 12:59:37 +02:00
snyk-bot
511873e58a fix: package.json to reduce vulnerabilities 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HELMETCSP-469436
 2019-09-30 05:32:48 +00:00
Sheogorath
494ff49503
Merge pull request #185 from codimd/snyk-fix-905c5c88626d5047fb1568d93ce366ca 
[Snyk] Fix for 1 vulnerabilities
 2019-09-26 13:49:50 +02:00
Sheogorath
e313b47b92
Merge pull request #170 from ErikMichelson/post-note-url 
Added endpoint for note-creation with given alias
 2019-09-26 12:20:57 +02:00
snyk-bot
0185add27f fix: package.json to reduce vulnerabilities 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
 2019-09-26 05:32:43 +00:00
Sheogorath
7f69ec5bca
Merge pull request #180 from ErikMichelson/fix/trailingSlashRedirect 
Fixed #179 (redirect loop with a trailing slash)
 2019-09-18 22:59:43 +02:00
Erik Michelson
9e1cc2159f
Updated forbiddenNoteIDs 
Signed-off-by: Erik Michelson <erik@liltv.de>
 2019-09-18 22:54:08 +02:00
Erik Michelson
4d62e6b0b5
Fixed #179 (redirect loop with a trailing slash) 
Signed-off-by: Erik Michelson <erik@liltv.de>
 2019-09-18 22:18:22 +02:00
Sheogorath
110eef691e
Merge pull request #173 from ErikMichelson/docs 
Extended config.js documentation on login methods and libravatar
 2019-09-18 21:36:19 +02:00
Sheogorath
10a6e7c816
Merge pull request #176 from SISheogorath/docs/security 
Add security note to repository
 2019-09-12 21:35:19 +02:00
Sheogorath
42d42d5b6f
Add security note to repository 
In order to simplify the communication with security researcher and
allow reporting of issues, this document should provide a rough idea
about:

1. What versions are supported
2. Who to contact
3. How to send findings properly secured
4. What to expect from an approved security issue
5. What if it's not considered a security issue

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2019-09-10 14:11:23 +02:00
Erik Michelson
6110aafc5b
Added link to libravatar.org 
Signed-off-by: Erik Michelson <erik@liltv.de>
 2019-09-09 15:20:09 +02:00
Erik Michelson
efe246f183
Extended login methods section 
Signed-off-by: Erik Michelson <erik@liltv.de>
 2019-09-09 01:48:22 +02:00
Erik Michelson
5a359ab648
Changed Gravatar to Libravatar 
Signed-off-by: Erik Michelson <erik@liltv.de>
 2019-09-09 00:47:22 +02:00
Sheogorath
c6e4f3757e
Merge pull request #171 from soulchild/master 
Move sequelize-cli from devDependencies to dependencies, because it is needed to run migrations at run-time
 2019-09-07 20:26:54 +02:00
Tobias Kremer
ea3c824978 Move sequelize-cli from devDependencies to dependencies, because it is needed to run migrations at run-time 
Signed-off-by: Tobias Kremer <tobias.kremer@gmail.com>
 2019-09-06 10:42:30 +02:00
Erik Michelson
6e5e6696ad
Refactored note-creation with given noteId 
Known bugs/features:
 - pushing towards an existing note results in an error 500

Signed-off-by: Erik Michelson <erik@liltv.de>
 2019-09-04 20:25:32 +02:00
Erik Michelson
8d29d74b02 Added endpoint for note-creation with given alias 
Signed-off-by: Erik Michelson <erik@liltv.de>
 2019-09-04 12:28:44 +02:00
Sheogorath
529075fd67
Merge pull request #168 from dargmuesli/fix/docker-secret-buffer 
Config: Return String Instead Of Buffer For Docker Secrets
 2019-09-03 18:11:47 +02:00
Jonas Thelemann
0be784351d
Docker Secrets: Use Encoding Parameter Directly 
Signed-off-by: Jonas Thelemann <e-mail@jonas-thelemann.de>
 2019-09-03 17:58:58 +02:00
Sheogorath
f08fcd30fb
Merge pull request #167 from dargmuesli/fix/docker-secret-path 
Docker Secrets: Correct Source Path
 2019-09-03 09:26:08 +03:00
Jonas Thelemann
3d9c97fc65
Config: Return String Instead Of Buffer For Docker Secrets 
Prevents "TypeError: Cannot freeze array buffer views with elements".

Signed-off-by: Jonas Thelemann <e-mail@jonas-thelemann.de>
 2019-09-03 00:28:44 +02:00
Jonas Thelemann
326b38dff9
Docker Secrets: Correct Source Path 
Signed-off-by: Jonas Thelemann <e-mail@jonas-thelemann.de>
 2019-09-02 18:45:16 +02:00
Sheogorath
6755d1b989
Merge pull request #147 from codimd/snyk-fix-0aa72a9ec7fcf1d8b1832518c29b6f4c 
[Snyk] Fix for 2 vulnerable dependencies
 2019-09-02 19:25:42 +03:00
Sheogorath
c765f34d03
Merge pull request #143 from Fonata/improve-docs 
Slightly improve documentation
 2019-09-02 19:24:04 +03:00
Sheogorath
2e627099d8
Merge pull request #32 from codimd/aws-endpoints 
make aws s3 endpoint configurable
 2019-09-02 18:50:29 +03:00
Sheogorath
2b0300e2f2
Merge pull request #165 from morpheus-87/imprint-docs 
Add documentation for the new imprint feature
 2019-09-02 18:49:59 +03:00
Matthias Lindinger
e07f70c231 Remove useless blank line 
Signed-off-by: Matthias Lindinger <m.lindinger@live.de>
 2019-09-02 13:09:23 +02:00
Matthias Lindinger
eef2b57bde Add documentation for the new imprint feature 
Signed-off-by: Matthias Lindinger <m.lindinger@live.de>
 2019-09-02 13:05:17 +02:00
Sheogorath
a9b5b754f5
Merge pull request #158 from morpheus-87/add-imprint-link 
Add link to imprint
 2019-09-02 13:36:43 +03:00
Matthias Lindinger
fe2c8634d3 Add link to imprint 
Signed-off-by: Matthias Lindinger <m.lindinger@live.de>
 2019-08-26 14:57:44 +02:00
snyk-test
47d2b99582 fix: package.json to reduce vulnerabilities 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AUTOLINKER-73494
- https://snyk.io/vuln/SNYK-JS-SEQUELIZE-459751
 2019-08-20 05:32:45 +00:00
Christian Bläul
d21ede4df8 Documentation: improved 'Users and Privileges' section 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 12:19:34 +02:00
Christian Bläul
3684c65f10 Documentation: improved English 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 12:14:51 +02:00
Christian Bläul
49663390d1 Not serverurl, but serverURL is used as a default for issuer 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 12:14:24 +02:00
Christian Bläul
ef857a565c Documentation: improved sessionLife description 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 11:56:31 +02:00
Christian Bläul
32f00e9830 Documentation: improved 'Email (local account)' sections 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 11:53:49 +02:00
Christian Bläul
29e1ff7699 Documentation: improved dbURL description 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 11:40:53 +02:00
Christian Bläul
60d6a6a15d Documentation: Improved descriptions of 'Users and Privileges' section 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 10:53:17 +02:00
Christian Bläul
374ee58790 Documentation: converted descriptions to sentences to allow more details 
No content was added; this is just a formatting commit.

Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 10:49:03 +02:00
Christian Bläul
4b392f4b12 Improved docs for YAML metadata 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 00:03:41 +02:00
Christian Bläul
305525aa0c Config documentation: Improved spelling and capitalization of services 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 00:03:37 +02:00
Christian Bläul
f49bbf4c45 Documentation of config options: Improve loglevel 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 00:03:29 +02:00
Christian Bläul
c065d45da8 Documentation of config options: Improve db 
Signed-off-by: Christian Bläul <christian@blaeul.de>
 2019-08-17 00:03:04 +02:00
Sheogorath
9c1665ae5b
Release version 1.5.0 2019-08-15 23:30:37 +02:00
Sheogorath
09e1584800
Update yarn.lock 
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2019-08-15 23:25:30 +02:00
Sheogorath
fce0e18ad0
Add arabian translation 
Thanks to our great translators that made it to translate the major
parts of CodiMD into Arabic!

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2019-08-15 23:20:52 +02:00
Sheogorath
c178947402
Disable PDF export due to security issue 
As a temporary fix, to keep you and your users save, this patch disables
the PDF export feature. Details of the attack along with a fix for
future versions of CodiMD will be released in future.

I hope you can live with this solution for this release because I'm
super short on time and the alternative would be to ship no fix at all.
This appears to be the better solution for this release.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2019-08-15 23:14:54 +02:00
Sheogorath
e574ae7588
Switch mysql library to mysql2 
The recent sequelize upgrade introduced some other dependencies, this is
one of them. This patch replaces the old `mysql` library with `mysql2`.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2019-08-15 23:14:53 +02:00