mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-09-19 15:38:48 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
6478 commits 36 branches 47 tags 158 MiB
Commit graph

1355 commits

Author SHA1 Message Date
renovate[bot]
818e2bcddc fix(deps): update dependency diff to v5.2.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:48:35 +02:00
renovate[bot]
88c6ee8878 fix(deps): update dependency highlight.js to v11.10.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:47:05 +02:00
renovate[bot]
cf68190284 fix(deps): update dependency luxon to v3.5.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:46:12 +02:00
renovate[bot]
48c0f0125a fix(deps): update dependency @dicebear/core to v7.1.3 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:44:22 +02:00
renovate[bot]
838a756132 fix(deps): update dependency react-bootstrap-icons to v1.11.4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:43:08 +02:00
renovate[bot]
9dc0d11be8 fix(deps): update dependency sass to v1.77.8 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:41:36 +02:00
renovate[bot]
69a668e3ac fix(deps): update dependency tlds to v1.254.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:39:30 +02:00
renovate[bot]
db1d3aca39 fix(deps): update i18next 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:38:52 +02:00
renovate[bot]
89799ebb9a fix(deps): update dependency abcjs to v6.4.2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:36:45 +02:00
renovate[bot]
aa76da3821 fix(deps): update dependency emoji-picker-element to v1.22.4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:35:55 +02:00
renovate[bot]
298d170e08 chore(deps): update testing-library 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 14:32:16 +02:00
renovate[bot]
75ba77f8c0 chore(deps): update dependency dotenv-cli to v7.4.2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 12:40:57 +02:00
renovate[bot]
722e8ca31b chore(deps): update codemirror 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 12:15:48 +02:00
renovate[bot]
44d41a5ec5 chore(deps): update yarn to v4.1.1 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-08-29 10:08:54 +00:00
renovate[bot]
c4916704ae fix(deps): update dependency react-redux to v9.1.2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:52:17 +00:00
renovate[bot]
d441feb6bb fix(deps): update i18next 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:40:52 +00:00
renovate[bot]
83ccf48f93 fix(deps): update dependency @dicebear/identicon to v7.0.5 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:40:22 +00:00
renovate[bot]
7cf00fe548 fix(deps): update dependency emoji-picker-element to v1.21.3 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:39:54 +00:00
renovate[bot]
fa5d85fc9e fix(deps): update dependency sharp to v0.33.5 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:22:05 +00:00
renovate[bot]
6cbc291ec4 fix(deps): update dependency react-use to v17.5.1 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:20:09 +00:00
renovate[bot]
335340e1b1 fix(deps): update dependency react-bootstrap to v2.10.4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:18:27 +00:00
renovate[bot]
5f438a7e27 fix(deps): update dependency picocolors to v1.0.1 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:16:30 +00:00
renovate[bot]
062d5b34b9 fix(deps): update dependency katex to v0.16.11 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:15:30 +00:00
renovate[bot]
7d4d69c3fd fix(deps): update dependency emoji-picker-element-data to v1.6.1 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:14:20 +00:00
renovate[bot]
c98fa9ca1a fix(deps): update dependency dompurify to v3.0.11
Some checks are pending
Docker / build-and-push (backend) (push) Waiting to run
Details
Docker / build-and-push (frontend) (push) Waiting to run
Details
Deploy HD2 docs to Netlify / Deploys to netlify (push) Waiting to run
Details
E2E Tests / backend-sqlite (push) Waiting to run
Details
E2E Tests / backend-mariadb (push) Waiting to run
Details
E2E Tests / backend-postgres (push) Waiting to run
Details
E2E Tests / Build test build of frontend (push) Waiting to run
Details
E2E Tests / frontend-cypress (1) (push) Blocked by required conditions
Details
E2E Tests / frontend-cypress (2) (push) Blocked by required conditions
Details
E2E Tests / frontend-cypress (3) (push) Blocked by required conditions
Details
Lint and check format / Lint files and check formatting (push) Waiting to run
Details
REUSE Compliance Check / reuse (push) Waiting to run
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details
Static Analysis / Njsscan code scanning (push) Waiting to run
Details
Static Analysis / CodeQL analysis (javascript) (push) Waiting to run
Details
Run tests & build / Test and build with NodeJS 20 (push) Waiting to run
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:12:24 +00:00
renovate[bot]
179f671796 fix(deps): update dependency bootstrap to v5.3.3 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:11:31 +00:00
renovate[bot]
e83c083c65 fix(deps): update dependency @orama/orama to v2.0.23 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:10:51 +00:00
renovate[bot]
2fbc425bb3 fix(deps): update dependency @dicebear/core to v7.0.5 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 09:10:06 +00:00
renovate[bot]
180f1d7da3 chore(deps): update nextjs monorepo to v14.1.4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 08:52:59 +00:00
renovate[bot]
b7c4e0c4a2 chore(deps): update testing-library 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 07:17:25 +00:00
renovate[bot]
e229d93cdd chore(deps): update linters 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 05:26:16 +00:00
renovate[bot]
e3b93ad9a1 chore(deps): update dependency yjs to v13.6.18 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 05:25:31 +00:00
renovate[bot]
58defe5b3a chore(deps): update dependency cypress to v13.6.6 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-28 22:52:41 +00:00
renovate[bot]
2cc71588fe fix(deps): update dependency ws to v8.17.1 [security] 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 00:43:05 +02:00
renovate[bot]
d31b2af368 chore(deps): update codemirror 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-28 22:41:17 +00:00
renovate[bot]
14fe9470dd chore(deps): update node.js to 1a526b9 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-28 22:07:27 +00:00
Erik Michelson
f9b6f6851b feat(editor): re-add editor mode buttons (edit/both/view) 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-08-23 18:13:58 +02:00
Erik Michelson
9cbd78f622 fix(frontend): do not hardcode example.org, do not prebuild motd 
The motd.md is user-supplied and should therefore not be prebuild during
the HedgeDoc build process. As that required the presence of the base
URL which is also not available in the build context, it fell back to
our fallback value example.org, thus breaking offline builds.
By removing the example.org domains and disabling the prebuild for the
motd, this seems fixed.

Co-authored-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-08-07 21:28:17 +02:00
Erik Michelson
1f1231a730 ci: remove netlify deployment workflow
Some checks failed
E2E Tests / backend-sqlite (push) Has been cancelled
Details
Static Analysis / CodeQL analysis (javascript) (push) Has been cancelled
Details
Run tests & build / Test and build with NodeJS ${{ matrix.node }} (true, 20) (push) Has been cancelled
Details
Docker / build-and-push (backend) (push) Has been cancelled
Details
Docker / build-and-push (frontend) (push) Has been cancelled
Details
Deploy HD2 docs to Netlify / Deploys to netlify (push) Has been cancelled
Details
E2E Tests / backend-mariadb (push) Has been cancelled
Details
E2E Tests / backend-postgres (push) Has been cancelled
Details
E2E Tests / Build test build of frontend (push) Has been cancelled
Details
Lint and check format / Lint files and check formatting (push) Has been cancelled
Details
REUSE Compliance Check / reuse (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
Static Analysis / Njsscan code scanning (push) Has been cancelled
Details
E2E Tests / frontend-cypress (1) (push) Has been cancelled
Details
E2E Tests / frontend-cypress (2) (push) Has been cancelled
Details
E2E Tests / frontend-cypress (3) (push) Has been cancelled
Details 
This workflow was used in an early stage of development of HedgeDoc 2.
It allowed the core developers to quickly check fixes, improvements or
new features to the HedgeDoc UI without the requirement to check-out
the branch locally. As not every pull request required a deployment,
this workflow was only triggered when the "ci: force deployment"
label was added. Since some time already, the frontend and backend
are so tightly coupled that the netfliy deployment doesn't make any
sense anymore and therefore hasn't been used anymore. This commit
therefore removes this leftover workflow.

@RedYetiDev contacted us privately and reported that this deployment
workflow could have been abused to invoke arbitrary commands, including
extraction of environment variables which include our tokens for the
turborepo build cache or the netlify deployment token. For this it
would have been required that somebody created a "safe" pull request,
which would have been labelled with the deployment label and then
changed afterwards since the workflow checks out the pull request
source repository, not the target. We assured that the label was only
added to pull requests from trusted members of the HedgeDoc core team.
There was never any malicious use of the workflow. Furthermore, no
released versions of HedgeDoc (1.x) could have been affected by this,
even in the worst-case scenario.

We're thankful for putting this risk at our attention!
If you too encounter something unusual regarding security in HedgeDoc
itself or our toolchain around it, don't hesitate to contact us.
Details on this are wriiten in our SECURITY.md in the root of the
repository.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-07-30 08:48:38 +02:00
renovate[bot]
3513377d2d fix(deps): update dependency next to v14.1.1 [security]
Some checks failed
Docker / build-and-push (frontend) (push) Has been cancelled
Details
E2E Tests / backend-sqlite (push) Has been cancelled
Details
Docker / build-and-push (backend) (push) Has been cancelled
Details
E2E Tests / backend-mariadb (push) Has been cancelled
Details
E2E Tests / backend-postgres (push) Has been cancelled
Details
E2E Tests / Build test build of frontend (push) Has been cancelled
Details
E2E Tests / frontend-cypress (1) (push) Has been cancelled
Details
E2E Tests / frontend-cypress (2) (push) Has been cancelled
Details
E2E Tests / frontend-cypress (3) (push) Has been cancelled
Details
Lint and check format / Lint files and check formatting (push) Has been cancelled
Details
REUSE Compliance Check / reuse (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
Static Analysis / Njsscan code scanning (push) Has been cancelled
Details
Static Analysis / CodeQL analysis (javascript) (push) Has been cancelled
Details
Run tests & build / Test and build with NodeJS ${{ matrix.node }} (true, 20) (push) Has been cancelled
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-10 07:42:49 +00:00
Erik Michelson
6bb2452705 feat(sidebar): add media browser 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-04-18 22:11:49 +02:00
Erik Michelson
8693edbf6a refactor(media): add media redirection endpoint 
Previous versions of HedgeDoc suffered from the problem
that changing the media backend required manipulation of
the media links in all created notes. We discussed in
#3704 that it's favourable to have an endpoint that
redirects to the image's original URL. When changing the
media backend, the link stays the same but just the
redirect changes.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-04-18 22:11:49 +02:00
renovate[bot]
662de1e9f8 fix(deps): update dependency reveal.js to v5 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-09 11:40:15 +02:00
Erik Michelson
f7c70ebee1 test(utils): add tests for updateObject util 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-04-09 10:55:38 +02:00
Erik Michelson
d840a6f0b1 refactor(redux): migrate to RTK2 store definition 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-04-09 10:55:38 +02:00
renovate[bot]
8b501915f5 chore(deps): upgrade redux packages 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-09 10:55:38 +02:00
Erik Michelson
0db5a0856b feat(sidebar): add gitlab snippet and github gist export 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-04-04 00:36:48 +02:00
Erik Michelson
5fd8c02637 enhancement(sidebar): remove useless import from clipboard btn 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-04-04 00:36:48 +02:00
Erik Michelson
2473075a33 fix(notifications): use translation hook to eval replacements 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-04-04 00:36:48 +02:00
Erik Michelson
1f60a7dedf enhancement(notifications): add possibility to show catched error message 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-04-04 00:36:48 +02:00