mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-09 13:51:57 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
4424 commits 48 branches 50 tags 224 MiB
Commit graph

4424 commits

This branch
This branch
All branches
Author SHA1 Message Date
renovate[bot]
16cec84ea7
fix(deps): update dependency formidable to v3 [security] 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-29 16:46:01 +00:00
renovate[bot]
5fdc09512a chore(deps): update actions/setup-node action to v4.4.0
Some checks failed
Build & run tests / Node 18 (push) Has been cancelled
Details
Build & run tests / Node 20 (push) Has been cancelled
Details
Build & run tests / Node 22 (push) Has been cancelled
Details
Lint / Lint files (push) Has been cancelled
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-20 20:57:16 +02:00
renovate[bot]
367626ab9c
fix(deps): update dependency formidable to v2.1.3 (master) (#6072) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-20 18:30:14 +00:00
renovate[bot]
c97c11df2c
chore(deps): update yarn to v4.9.1 (master) (#6071) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-20 18:02:42 +00:00
renovate[bot]
8dbf77b0a9
chore(deps): update dependency mkdocs-material to v9.6.12 (master) (#6070) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-20 17:58:59 +00:00
Erik Michelson
a27f58396b docs: update release notes
Some checks failed
Build & run tests / Node 20 (push) Has been cancelled
Details
Build & run tests / Node 22 (push) Has been cancelled
Details
Lint / Lint files (push) Has been cancelled
Details
Build & run tests / Node 18 (push) Has been cancelled
Details 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2025-04-10 00:21:55 +02:00
Erik Michelson
ce66f33a6d feat(config): warning if both saml signing options are disabled 
Co-authored-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2025-04-10 00:21:55 +02:00
Erik Michelson
3f520ea59a refactor(embeds): drop slideshare, use vimeo api, tighten CSP 
The slideshare integration was broken for quite a while already,
as slideshare doesn't seem to have a good replacement, we're
dropping it in the same manner as speakerdeck was dropped some
time ago. This means the special syntax now just renders a plain
link. This commit gets rid of the vimdo oembed API too which
allowed JSONP injection. Instead we're using the normal vimeo
video metadata API.

Co-authored-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2025-04-10 00:21:55 +02:00
Erik Michelson
0636b5c20b refactor: use iframes for gist embedding instead of gist-embed 
The used library gist-embed relies on GitHub Gist's JSONP
endpoint which is a risk for XSS injection. By adding untrusted
content from GitHub into the DOM it also follows very bad
practises. Using the iframe embedding has the disadvantage of
not having the proper height for the frame auto-loaded, but
the security benefits are worth it.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2025-04-10 00:21:55 +02:00
Erik Michelson
d2585fbd3b fix: set content-disposition and csp header on uploads 
This is required since SVG files are able to contain
malicious code through JavaScript and remote embeddings.
When opened in a browser tab, this code would be
executed. However, with these headers in place, there's
no possibility of getting the files to run in the
browser.

Co-authored-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2025-04-10 00:21:55 +02:00
Erik Michelson
f31e591c17 chore(release): bump version to 1.10.3 and add release notes 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2025-04-10 00:21:55 +02:00
renovate[bot]
86ef650765
chore(deps): lock file maintenance (master) (#6060) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 22:21:29 +00:00
renovate[bot]
312950aeeb fix(deps): update dependency body-parser to v2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:58:56 +02:00
renovate[bot]
e66f413507 fix(deps): update dependency prometheus-api-metrics to v4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:56:58 +02:00
renovate[bot]
d09abac9c6 chore(deps): update dependency globals to v16 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:55:39 +02:00
renovate[bot]
a0c50164b6 chore(deps): update linters 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:49:35 +02:00
Erik Michelson
cc74351846 feat(saml): add config options to set required signings 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2025-04-09 21:49:00 +02:00
renovate[bot]
639eee078d chore(deps): update dependency globals to v15.15.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:48:01 +02:00
renovate[bot]
3b9a8297c2 fix(deps): update dependency validator to v13.15.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:47:49 +02:00
renovate[bot]
e38ba23bc9 fix(deps): update dependency file-type to v20.4.1 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:46:43 +02:00
renovate[bot]
49c6d7f75f fix(deps): update dependency mysql2 to v3.14.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:46:05 +02:00
renovate[bot]
5ec6487f17 fix(deps): update dependency pg to v8.14.1 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:45:45 +02:00
renovate[bot]
4c3ff41385 fix(deps): update dependency helmet to v8.1.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:44:29 +02:00
renovate[bot]
53076a665a fix(deps): update dependency uuid to v11.1.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:43:39 +02:00
renovate[bot]
894efa88d1 fix(deps): update dependency compression to v1.8.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:42:15 +02:00
renovate[bot]
c6df2629d3 chore(deps): update yarn to v4.9.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:41:47 +02:00
renovate[bot]
9ece354c70 chore(deps): update dependency less to v4.3.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:41:16 +02:00
renovate[bot]
ae85d372a4
chore(deps): lock file maintenance (master) (#6056) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 19:41:09 +00:00
renovate[bot]
543fb4feb4 chore(deps): update dependency prismjs to v1.30.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:39:45 +02:00
renovate[bot]
e08feadde7
fix(deps): update dependency mariadb to v3.4.1 (master) (#6043) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 19:37:28 +00:00
renovate[bot]
4f63cb4ec0 chore(deps): update actions/setup-node action to v4.3.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:36:15 +02:00
renovate[bot]
7d38e100b8 chore(deps): update dependency jquery-mousewheel to v3.2.2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:35:12 +02:00
renovate[bot]
7e832cc408
chore(deps): update dependency mkdocs-material to v9.6.11 (master) (#6038) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 19:34:17 +00:00
renovate[bot]
1259ff0edc
fix(deps): update dependency @node-saml/passport-saml to v5.0.1 (master) (#6039) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 19:34:05 +00:00
renovate[bot]
80ce58e316
chore(deps): update actions/cache action to v4.2.3 (master) (#6037) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 19:33:53 +00:00
renovate[bot]
9f98e9701e chore(deps): update dependency esbuild-loader to v4.3.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-09 21:29:12 +02:00
renovate[bot]
8bd70328dc
chore(deps): update dependency mkdocs-material to v9.6.5 (master) (#6011)
Some checks failed
Lint / Lint files (push) Has been cancelled
Details
Build & run tests / Node 18 (push) Has been cancelled
Details
Build & run tests / Node 20 (push) Has been cancelled
Details
Build & run tests / Node 22 (push) Has been cancelled
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-20 02:37:23 +00:00
renovate[bot]
cd1431c647
fix(deps): update dependency pg to v8.13.3 (master) (#6010) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-19 22:22:04 +00:00
renovate[bot]
d29606bad0
fix(deps): update dependency pdfobject to v2.3.1 (master) (#6009)
Some checks are pending
Build & run tests / Node 18 (push) Waiting to run
Details
Build & run tests / Node 20 (push) Waiting to run
Details
Build & run tests / Node 22 (push) Waiting to run
Details
Lint / Lint files (push) Waiting to run
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-19 18:23:14 +00:00
renovate[bot]
24dc3451a4
chore(deps): update dependency mkdocs-material to v9.6.4 (master) (#6008) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-19 18:02:37 +00:00
renovate[bot]
21ebba3774
chore(deps): update actions/cache action to v4.2.1 (master) (#6007) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-19 17:59:06 +00:00
Philip Molares
fd4c341924 docs: add release_checklist.md
Some checks failed
Build & run tests / Node 18 (push) Has been cancelled
Details
Build & run tests / Node 20 (push) Has been cancelled
Details
Build & run tests / Node 22 (push) Has been cancelled
Details
Lint / Lint files (push) Has been cancelled
Details 
We should include the release checklist in the docs

Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2025-02-14 23:01:15 +01:00
Philip Molares
38f25ec8cc chore: bump version to 1.10.2 
Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2025-02-14 22:14:11 +01:00
Philip Molares
7b61a815c1 fix(release-notes): typo in the release year 
Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2025-02-14 21:09:03 +01:00
Philip Molares
a8d5cb754c fix(oauth2): verify user id exists 
Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2025-02-14 21:09:03 +01:00
Erik Michelson
fb6218ed82 fix(saml): change SAML attribute default, verify that a NameID is defined 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2025-02-14 21:09:03 +01:00
Erik Michelson
1a5030dbc1 fix(saml): adapt for new package @node-saml/passport-saml 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2025-02-14 21:09:03 +01:00
Erik Michelson
38578f2b4c docs(setup): list of supported docker architectures
Some checks failed
Build & run tests / Node 18 (push) Has been cancelled
Details
Build & run tests / Node 20 (push) Has been cancelled
Details
Build & run tests / Node 22 (push) Has been cancelled
Details
Lint / Lint files (push) Has been cancelled
Details 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2025-02-04 13:38:23 +01:00
renovate[bot]
26e705765b
chore(deps): update dependency mkdocs-material to v9.6.2 (master) (#5983)
Some checks failed
Build & run tests / Node 18 (push) Has been cancelled
Details
Build & run tests / Node 20 (push) Has been cancelled
Details
Build & run tests / Node 22 (push) Has been cancelled
Details
Lint / Lint files (push) Has been cancelled
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-03 17:12:11 +00:00
renovate[bot]
db7f47c13e
chore(deps): lock file maintenance (master) (#5975)
Some checks are pending
Build & run tests / Node 18 (push) Waiting to run
Details
Build & run tests / Node 20 (push) Waiting to run
Details
Build & run tests / Node 22 (push) Waiting to run
Details
Lint / Lint files (push) Waiting to run
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-03 01:32:26 +00:00