1. Introduce contentcollector.js backend tests
1. Fix issue with OL LI items not being properly numbered after import
1. Fix issue with nested OL LI items being improperly numbered on export
1. Fix issue with new lines not being introduced after lists in on import #3961
1. Sanitize HTML on the way in (import)
1. Fix ExportHTML CSS because it needs to support OL > LI > OL not OL > OL [The latter being the correct format]
1. Fix backend tests.
For the first time in a VERY long time, we now have exactly 0 vulnerabilities
reported by npm audit.
=====
BEFORE:
$ npm audit
=== npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
[...]
found 4 low severity vulnerabilities in 13796 scanned packages
4 vulnerabilities require manual review. See the full report for details.
=====
AFTER:
$ npm audit
=== npm audit security report ===
found 0 vulnerabilities
in 13796 scanned packages
This is a departure from previous versions, which did not limit import/export
requests. Now such requests are ALWAYS rate limited. The default is 10 requests
per IP each 90 seconds, and also applies to old instances upgraded to 1.8.3.
Administrators can tune the parameters via settings.importExportRateLimiting.
- Tests pass ✅
- Added openapi-backend hook
- Generating OpenAPI v3 definitions for each API version
- Definitions served /api/openapi.json /api/{version}/openapi.json
No variation in # of security vulnerabilities.
The output of `npm audit` goes from this:
found 7 vulnerabilities (5 low, 2 high) in 13881 scanned packages
7 vulnerabilities require manual review. See the full report for details.
To this:
found 7 vulnerabilities (5 low, 2 high) in 13795 scanned packages
7 vulnerabilities require manual review. See the full report for details.
This is a dev dependency. No impact in production.
After this upgrade the backend tests ("cd src; npm test") still pass.
This fixes 2 reported security vulnerabilities.
The output of `npm audit` goes from this:
found 9 vulnerabilities (7 low, 2 high) in 13707 scanned packages
run `npm audit fix` to fix 1 of them.
1 vulnerability requires semver-major dependency updates.
7 vulnerabilities require manual review. See the full report for details.
To this:
found 7 vulnerabilities (5 low, 2 high) in 13881 scanned packages
7 vulnerabilities require manual review. See the full report for details.
This is a dev dependency. No impact in production.
After this upgrade the backend tests ("cd src; npm test") still pass.
This fixes 1 reported security vulnerability.
The output of `npm audit` goes from this:
found 10 vulnerabilities (8 low, 2 high) in 13390 scanned packages
run `npm audit fix` to fix 2 of them.
1 vulnerability requires semver-major dependency updates.
7 vulnerabilities require manual review. See the full report for details.
To this:
found 9 vulnerabilities (7 low, 2 high) in 13707 scanned packages
run `npm audit fix` to fix 1 of them.
1 vulnerability requires semver-major dependency updates.
7 vulnerabilities require manual review. See the full report for details.
