libre-service.eu/pad.libre-service.eu-etherpad
libre-service.eu/pad.libre-service.eu-etherpad
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-01-20 22:49:53 +01:00
Code Issues Projects Releases Wiki Activity
6815 commits 207 branches 105 tags 123 MiB
Commit graph

105 commits

Author SHA1 Message Date
John McLear
9f317f0798
bump version 2021-02-18 14:37:02 +00:00
snyk-bot
19bf97bd2d fix: upgrade formidable from 1.2.1 to 1.2.2 
Snyk has created this PR to upgrade formidable from 1.2.1 to 1.2.2.

See this package in npm:
https://www.npmjs.com/package/formidable

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
 2021-02-18 14:02:56 +00:00
snyk-bot
a380fc2abf fix: upgrade tinycon from 0.0.1 to 0.6.8 
Snyk has created this PR to upgrade tinycon from 0.0.1 to 0.6.8.

See this package in npm:
https://www.npmjs.com/package/tinycon

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
 2021-02-18 13:45:18 +00:00
snyk-bot
da65057bb1 fix: upgrade etherpad-yajsml from 0.0.2 to 0.0.4 
Snyk has created this PR to upgrade etherpad-yajsml from 0.0.2 to 0.0.4.

See this package in npm:
https://www.npmjs.com/package/etherpad-yajsml

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
 2021-02-18 04:33:40 -05:00
Richard Hansen
d7ed71eba0 plugins: Fix "Error: spawn npm ENOENT" error on Windows 
On Windows, npm should be invoked as `npm.cmd`, not `npm`. Use a
drop-in replacement for `child_process.spawn()` that does the right
thing on Windows.
 2021-02-16 22:00:20 +00:00
snyk-bot
095edb5043 fix: upgrade express-rate-limit from 5.1.1 to 5.2.3 
Snyk has created this PR to upgrade express-rate-limit from 5.1.1 to 5.2.3.

See this package in npm:
https://www.npmjs.com/package/express-rate-limit

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
 2021-02-16 11:05:49 +00:00
snyk-bot
269c6d09c5 fix: upgrade npm from 6.14.8 to 6.14.11 
Snyk has created this PR to upgrade npm from 6.14.8 to 6.14.11.

See this package in npm:
https://www.npmjs.com/package/npm

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
 2021-02-15 18:35:59 -05:00
snyk-bot
ed02606c4b
fix: upgrade semver from 5.6.0 to 5.7.1 
Snyk has created this PR to upgrade semver from 5.6.0 to 5.7.1.

See this package in npm:
https://www.npmjs.com/package/semver

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
 2021-02-15 21:54:50 +00:00
John McLear
c0f73e6672 bump version 2021-02-15 12:47:20 -05:00
Egil
9c7dcb1d0a eejs: Upgrade ejs to the latest version 
The type of ejs's `__output` variable is now string instead of array
of strings, so the handling of `__output` had to change.
 2021-02-14 23:36:53 -05:00
snyk-bot
f6df9ffad0 fix: upgrade measured-core from 1.11.2 to 1.51.1 
Snyk has created this PR to upgrade measured-core from 1.11.2 to 1.51.1.

See this package in npm:
https://www.npmjs.com/package/measured-core

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
 2021-02-11 18:39:08 +00:00
snyk-bot
60a55ec428 fix: upgrade resolve from 1.1.7 to 1.19.0 
Snyk has created this PR to upgrade resolve from 1.1.7 to 1.19.0.

See this package in npm:
https://www.npmjs.com/package/resolve

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
 2021-02-11 18:24:32 +00:00
snyk-bot
b50fcb065a fix: upgrade underscore from 1.8.3 to 1.12.0 
Snyk has created this PR to upgrade underscore from 1.8.3 to 1.12.0.

See this package in npm:
https://www.npmjs.com/package/underscore

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
 2021-02-11 18:18:11 +00:00
Richard Hansen
fdaacc44c8 pluginfw: Replace slide.asyncMap() with Promise.all() 2021-02-04 08:41:00 +00:00
Richard Hansen
877f0c5883 server: Use wtfnode to log reasons why node isn't exiting 2021-01-30 08:05:08 +00:00
Richard Hansen
89bcfa2b4a tests: Stop using nyc 
There are some problems with nyc:
  * The coverage numbers aren't useful in our case because most of the
    code is executed outside the test process (the test code is mostly
    API client logic).
  * nyc messes with line numbers, which makes it much harder to debug
    problems.
  * We're seeing frequent SIGABRT crashes while nyc is printing the
    results table. I'm not sure if nyc is the cause of the crashes, or
    if it's making a race condition worse, or if the crashes have
    nothing to do with nyc, but we don't lose much by removing it so
    we might as well see if the crash frequency improves.
 2021-01-29 09:17:17 +00:00
Richard Hansen
b02ab430fe Bump eslint-config-etherpad to 1.0.24 2021-01-29 01:10:58 -05:00
John McLear
ee158b0fe5
bugfix: bump ueberdb to 1.2.5 to resolve #4645 which caused a users color not to be persistent 2021-01-23 13:54:50 +00:00
Richard Hansen
0ba833c632 db: Update ueberdb2 dependency 2021-01-15 22:37:18 +00:00
Richard Hansen
edbe6d5387 Bump ueberDB to get speed improvements 2021-01-11 09:23:08 +00:00
John McLear
04962bfe39
update ueberdb to 1.1.7 (#4633) 2021-01-07 04:16:13 -05:00
Richard Hansen
9a15af78b6 Regenerate src/package-lock.json with npm v6.14.9 
This reverts the file back to lockfileVersion 1, which is used by the
LTS version of npm.
 2020-12-23 16:58:30 -05:00
John McLear
d9262fccbd bump version 2020-12-23 16:18:28 -05:00
Richard Hansen
794dfb1863 lint: Bump eslint-config-etherpad and install its new deps 2020-12-17 22:18:29 +00:00
Richard Hansen
fc234d0088 lint: Bump eslint and eslint-config-etherpad versions 2020-12-16 22:09:48 +00:00
Richard Hansen
edf647044c Update package-lock.json and src/package-lock.json 2020-12-14 20:31:35 +00:00
webzwo0i
0c7df88f8a
add rehype-minify-whitespace to package.json (#4544) 2020-12-05 12:16:25 +00:00
John McLear
159b6a4ba1 database: bump ueberdb to 056 to ensure correct engine is used 2020-12-05 07:51:17 +00:00
Richard Hansen
2fdac836d0 lint: Bump eslint-config-etherpad to 1.0.13 
Also bump eslint to 7.14.0.
 2020-11-27 06:25:43 +00:00
Richard Hansen
a78d6605b7 lint: Configure ESLint 2020-11-24 20:06:12 +00:00
Viljami Kuosmanen
c502ca3259 Use isHttpError utility provided by http-errors 
This new utility method was introduced in http-errors v1.8.0. Let's use
that instead of instanceof. This also upgrades the http-errors dependency
 2020-10-25 10:45:58 +00:00
Richard Hansen
36aceb3aba hooks: Rewrite callAll and aCallAll for consistency 
Rewrite the `callAll` and `aCallAll` functions to support all
reasonable hook behaviors and to report errors for unreasonable
behaviors (e.g., calling the callback twice).

Now a hook function like the following works as expected when invoked
by `aCallAll`:

```
exports.myHookFn = (hookName, context, cb) => {
  cb('some value');
  return;
};
```
 2020-10-24 16:08:50 +01:00
Richard Hansen
3ab0f30ac8 cookies: Use js-cookie to read and write cookies 
Rather than reinvent the wheel, use a well-tested library to parse and
write cookies. This should also help prevent XSS vulnerabilities
because the library handles special characters such as semicolon.
 2020-10-04 08:57:44 +01:00
webzwo0i
ceb09ce99a
security: Support proxy with rate limiting and include CI test coverage for nginx rev proxy (#4373) 
Previously Etherpad would not pass the correct client IP address through and this caused the rate limiter to limit users behind reverse proxies.  This change allows Etherpad to use a client IP passed from a reverse proxy.

Note to devs: This header can be spoofed and spoofing the header could be used in an attack.  To mitigate additional *steps should be taken by Etherpad site admins IE doing rate limiting at proxy.*  This only really applies to large scale deployments but it's worth noting.
 2020-10-01 10:39:01 +01:00
John McLear
5964055dec
package updates: update deps and resolve some potential security issues (#4369) 2020-09-29 13:21:35 +01:00
Richard Hansen
889a3f7261 Bump Etherpad version in src/package-lock.json 2020-09-26 19:37:05 +01:00
Richard Hansen
23131a501c tests: Rewrite import/export tests to use async and supertest 2020-09-26 10:46:16 +01:00
Richard Hansen
0f6baac7b5
Revert "tests: Use wtfnode to determine why mocha isn't exiting" (#4315) 
This reverts commit ae1142a799.

According to
https://github.com/ether/etherpad-lite/pull/4304#issuecomment-694833456
wtfnode always seems to exit with 0 even if the tests fail.
 2020-09-22 22:47:26 +01:00
Richard Hansen
ae1142a799 tests: Use wtfnode to determine why mocha isn't exiting 
If mocha hangs after running the tests, hit Ctrl-C and wtfnode will
print open files, open sockets, running timers, and running intervals.
Adding an `after` function that closes/stops all of those things will
ensure that mocha exits when it finishes running the tests.
 2020-09-15 21:22:52 +01:00
Richard Hansen
9e6d3f3f63 tests: Add authentication, authorization bypass tests 2020-09-15 20:03:30 +01:00
John McLear
9f3cc7aae0 deps: update UeberDB to fix issue with Postgres which was causing 1.8.5 to fail on PG sites. 2020-09-15 13:15:28 +01:00
John McLear
5dfae625b9 Package Lock update 2020-09-09 18:15:47 +01:00
Stefan Mueller
e64a269a65 Update version to 1.8.5 2020-09-08 22:09:56 +02:00
John McLear
7258d75cc5 bumping ueber 2020-09-08 16:03:15 +01:00
John McLear
40014d8230
Rate limit Socket IO communication - WIP (#4036) 
Includes settings
    Includes i18n
    Includes a nice notification
    Disconnects on rate limit
    Includes feeding into metrics/stats
    Include console warn to server console.
 2020-07-19 22:44:24 +01:00
John McLear
410d20417d
Bumping async (#4171) 
Resolves #3940
 2020-07-16 17:37:42 +01:00
John McLear
313bba09d6
Update ueberdb big update (#4149) 2020-07-05 11:05:32 +01:00
John McLear
f1e3aff72f stale code: use terser instead of uglify 2020-06-07 20:09:10 +00:00
John McLear
166e1371da socket.io bump to 2.3.0 2020-06-07 19:12:11 +00:00
John McLear
512a51149d Revert "Merge branch 'develop' of github.com:ether/etherpad-lite into develop" 
This reverts commit 6fad0210f8, reversing
changes made to 128f3e15eb.
 2020-06-07 18:46:41 +00:00