pad.libre-service.eu-etherpad/src/package.json

90 lines
1.9 KiB
JSON
Raw Normal View History

{
"name": "ep_etherpad-lite",
"description": "A free and open source realtime collaborative editor",
"homepage": "https://etherpad.org",
"keywords": [
"etherpad",
"realtime",
"collaborative",
"editor"
],
"author": "Etherpad Foundation",
"contributors": [
{
"name": "John McLear"
},
{
"name": "Antonio Muci"
},
{
"name": "Hans Pinckaers"
},
{
"name": "Robin Buse"
},
{
"name": "Marcel Klehr"
},
{
"name": "Peter Martischka"
}
],
"dependencies": {
"async": "0.9.0",
"async-stacktrace": "0.0.2",
"channels": "0.0.4",
"cheerio": "0.20.0",
"clean-css": "3.4.19",
"cookie-parser": "1.4.4",
"ejs": "2.6.1",
"etherpad-require-kernel": "1.0.9",
"etherpad-yajsml": "0.0.2",
"express": "4.17.1",
"express-session": "1.17.0",
"find-root": "1.1.0",
"formidable": "1.2.1",
"graceful-fs": "4.1.15",
"jsonminify": "0.4.1",
"languages4translatewiki": "0.1.3",
"log4js": "0.6.35",
"measured-core": "1.11.2",
"nodeify": "^1.0.1",
dependencies: upgrade npm 6.10.3 -> 6.12.0 This upgrade should be backward compatible, but still suffers form major vulnerabilities in its https-proxy-agent transitive dependency (see https://www.npmjs.com/advisories/1184). Changelog: - https://github.com/npm/cli/releases 6.12.0 (2019-10-08): Now npm ci runs prepare scripts for git dependencies, and respects the --no-optional argument. Warnings for engine mismatches are printed again. Various other fixes and cleanups. BUG FIXES 890b245dc #252 ci: add dirPacker to options (@claudiahdz) f3299acd0 #257 npm.community#4792 warn message on engine mismatch (@ruyadorno) bbc92fb8f #259 npm.community#10288 Fix figgyPudding error in npm token (@benblank) 70f54dcb5 #241 doctor: Make OK more consistent (@gemal) FEATURES ed993a29c #249 Add CI environment variables to user-agent (@isaacs) f6b0459a4 #248 Add option to save package-lock without formatting Adds a new config --format-package-lock, which defaults to true. (@bl00mber) DEPENDENCIES 0ca063c5d npm-lifecycle@3.1.4: fix: filter functions and undefined out of makeEnv (@isaacs) 5df6b0ea2 libcipm@4.0.4: fix: pack git directories properly (@claudiahdz) respect no-optional argument (@cruzdanilo) 7e04f728c tar@4.4.12 5c380e5a3 stringify-package@1.0.1 (@isaacs) 62f2ca692 node-gyp@5.0.5 (@isaacs) 0ff0ea47a npm-install-checks@3.0.2 (@isaacs) f46edae94 hosted-git-info@2.8.5 (@isaacs) TESTING 44a2b036b #262 fix root-ownership race conditions in meta-test (@isaacs) 6.11.3 (2019-09-03): Fix npm ci regressions and npm outdated depth. BUG FIXES 235ed1d28 #239 Don't override user specified depth in outdated. Restores ability to update packages using --depth as suggested by npm audit. (@G-Rath) 1fafb5151 #242 npm.community#9586 Revert "install: do not descend into directory deps' child modules" (@isaacs) cebf542e6 #243 npm.community#9720 ci: pass appropriate configs for file/dir modes (@isaacs) DEPENDENCIES e5fbb7ed1 read-cmd-shim@1.0.4 (@claudiahdz) 23ce65616 npm-pick-manifest@3.0.2 (@claudiahdz) 6.11.2 (2019-08-22): Fix a recent Windows regression, and two long-standing Windows bugs. Also, get CI running on Windows, so these things are less likely in the future. DEPENDENCIES 9778a1b87 cmd-shim@3.0.3: Fix regression where shims fail to preserve exit code (@isaacs) bf93e91d8 npm-package-arg@6.1.1: Properly handle git+file: urls on Windows when a drive letter is included. (@isaacs) BUGFIXES 6cc4cc66f escape args properly on Windows Bash Despite being bash, Node.js running on windows git mingw bash still executes child processes using cmd.exe. As a result, arguments in this environment need to be escaped in the style of cmd.exe, not bash. (@isaacs) TESTS 291aba7b8 make tests pass on Windows (@isaacs) fea3a023a travis: run tests on Windows as well (@isaacs) 6.11.1 (2019-08-20): Fix a regression for windows command shim syntax. 37db29647 cmd-shim@3.0.2 (@isaacs) v6.11.0 (2019-08-20): A few meaty bugfixes, and introducing peerDependenciesMeta. FEATURES a12341088 #224 Implements peerDependenciesMeta (@arcanis) 2f3b79bba #234 add new forbidden 403 error code (@claudiahdz) BUGFIXES 24acc9fc8 and 45772af0d #217 npm.community#8863 npm.community#9327 do not descend into directory deps' child modules, fix shrinkwrap files that inappropriately list child nodes of symlink packages (@isaacs and @salomvary) 50cfe113d #229 fixed typo in semver doc (@gall0ws) e8fb2a1bd #231 Fix spelling mistakes in CHANGELOG-3.md (@XhmikosR) 769d2e057 npm/uid-number#7 Better error on invalid --user/--group configs. This addresses the issue when people fail to install binary packages on Docker and other environments where there is no 'nobody' user. (@isaacs) 8b43c9624 nodejs/node#28987 npm.community#6032 npm.community#6658 npm.community#6069 npm.community#9323 Fix the regression where random config values in a .npmrc file are not passed to lifecycle scripts, breaking build processes which rely on them. (@isaacs) 8b85eaa47 save files with inferred ownership rather than relying on SUDO_UID and SUDO_GID. (@isaacs) b7f6e5f02 Infer ownership of shrinkwrap files (@isaacs) 54b095d77 #235 Add spec to dist-tag remove function (@theberbie) DEPENDENCIES dc8f9e52f pacote@9.5.7: Infer the ownership of all unpacked files in node_modules, so that we never have user-owned files in root-owned folders, or root-owned files in user-owned folders. (@isaacs) bb33940c3 cmd-shim@3.0.0: 9c93ac3 #2 npm#3380 Handle environment variables properly (@basbossink) 2d277f8 #25 #36 #35 Fix 'no shebang' case by always providing $basedir in shell script (@igorklopov) adaf20b #26 Fix $* causing an error when arguments contain parentheses (@satazor) 49f0c13 #30 Fix paths for MSYS/MINGW bash (@dscho) 51a8af3 #34 Add proper support for PowerShell (@ExE-Boss) 4c37e04 #10 Work around quoted batch file names (@isaacs) a4e279544 npm-lifecycle@3.1.3 (@isaacs): fail properly if uid-number raises an error 7086a1809 libcipm@4.0.3 (@isaacs) 8845141f9 read-package-json@2.1.0 (@isaacs) 51c028215 bin-links@1.1.3 (@isaacs) 534a5548c read-cmd-shim@1.0.3 (@isaacs) 3038f2fd5 gentle-fs@2.2.1 (@isaacs) a609a1648 graceful-fs@4.2.2 (@isaacs) f0346f754 cacache@12.0.3 (@isaacs) ca9c615c8 npm-pick-manifest@3.0.0 (@isaacs) b417affbf pacote@9.5.8 (@isaacs) TESTS b6df0913c #228 Proper handing of /usr/bin/node lifecycle-path test (@olivr70) aaf98e88c npm-registry-mock@1.3.0 (@isaacs)
2019-10-20 01:47:01 +02:00
"npm": "6.12.0",
"object.values": "^1.0.4",
"request": "2.88.0",
"resolve": "1.1.7",
"security": "1.0.0",
"semver": "5.6.0",
"slide": "1.1.6",
"socket.io": "2.1.1",
"swagger-node-express": "2.1.3",
"tinycon": "0.0.1",
2018-07-20 18:54:48 +02:00
"ueberdb2": "0.4.0",
"uglify-js": "2.6.2",
"underscore": "1.8.3",
"unorm": "1.4.1"
},
"bin": {
"etherpad-lite": "./node/server.js"
},
2012-01-22 14:56:08 +01:00
"devDependencies": {
"mocha": "5.2.0",
dependencies: update nyc, 12.0.1 -> 14.1.0 This is just a dev dependency, so no real risks, but it's better not to scare users. Reported vulnerability before this change: $ npm audit === npm audit security report === # Run npm install --save-dev nyc@14.1.0 to resolve 1 vulnerability SEMVER WARNING: Recommended action is a potentially breaking change ┌───────────────┬──────────────────────────────────────────────────────────────┐ │ High │ Prototype Pollution │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Package │ handlebars │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ nyc [dev] │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ nyc > istanbul-reports > handlebars │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ More info │ https://nodesecurity.io/advisories/755 │ └───────────────┴──────────────────────────────────────────────────────────────┘
2019-05-03 23:27:35 +02:00
"nyc": "14.1.0",
"supertest": "3.0.0",
"wd": "1.11.4"
},
"engines": {
"node": ">=8.9.0",
"npm": ">=5.5.1"
},
"repository": {
"type": "git",
"url": "https://github.com/ether/etherpad-lite.git"
},
"scripts": {
"test": "nyc mocha --timeout 5000 ../tests/backend/specs/api"
},
"version": "1.7.5",
"license": "Apache-2.0"
}