56d78a7d6c
Merge pull request #830 from SISheogorath/feature/GDPR
...
GDPR compliant part 1
2018-06-17 23:33:57 +02:00
376fcab2ca
Add Azure Blob Storage support
...
Signed-off-by: Adam Hoka <hoka.adam@nexogen.hu>
2018-06-01 10:07:52 +02:00
6f8bd8fdc9
Fix missing dependency
...
To export the notes we need the archiver package that takes care of
creating the zip files.
Looks like I forgot this one in the initial commit.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-27 15:28:46 +02:00
a258719d34
Release 1.1.1-ce
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-23 12:01:26 +02:00
bd46230a7f
Add current requirements for node versions
...
Right now we can only run on node versions below 10.x thanks to scrypt
dependencies.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-21 23:08:13 +02:00
af0a6b1d76
Upgrade base64url package
...
There was recently a possible security problem with base64url. Shouldn't
really hit us but it doesn't hurt.
Details: https://snyk.io/vuln/npm:base64url:20180511
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-17 15:19:24 +02:00
c4dba48f79
Fix possible file limit errors
...
As we currently may need higher nofile limits than usual/default on
various systems this commit should probide a fix for that an allow to
build HackMD without highering these limits and increase security.
Inspiration was found in a copy-webpack-plugin-issue[1] and found by
@thegcat[2]. Thanks for that!
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
[1]:
https://github.com/webpack-contrib/copy-webpack-plugin/issues/59#issuecomment-228563990
[2]: https://github.com/thegcat
2018-04-16 21:08:34 +02:00
8a3cec73c1
Add config.json.example to npm test
...
This commit extends the find command to also match the example config
file.
This should validate the syntax or this file to prevent syntax errors
for future pull request.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-14 22:20:35 +02:00
bdb8631a7b
Release 1.1.0-ce
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-06 16:24:36 +02:00
f6df2deb84
Merge pull request #743 from hackmdio/fix-to-use-url-safe-base64
...
Fix to use url-safe base64 in note url
2018-03-18 15:13:06 +01:00
7904558292
Remove engine.io-client dependency and fix webpack config
...
Signed-off-by: David Mehren <dmehren1@gmail.com>
2018-03-06 14:45:14 +01:00
baa0418fb5
Remove and replace all note id compression in LZString with base64url
...
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-02-26 16:43:29 +08:00
faa839ed3a
Use jq instead of jsonlint
...
As the jsonlint package from NPM causes problems and looks unmaintained,
it'll be replaced with `jq` a well maintained project which allows to
search through JSON files in a `grep`-like style, but knowing the JSON
structure.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-02-19 19:50:01 +01:00
a01b4a843c
Update socket.io to version 2.0.4
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-30 19:44:32 +01:00
9e0359e079
Add simple user-management tool for emailsignin …
...
Currently, administrators of closed instances need to manually fiddle in
their databases for user-management.
This commit adds a small commandline utility that allows to create and
delete users.
Signed-off-by: Dario Ernst <dario@kanojo.de>
2018-01-29 19:49:04 +01:00
3c473e60a6
Upgrade reveal.js to 3.6.0 and useCDN option for CSS include
2018-01-29 13:09:52 +08:00
eec2318bda
Merge pull request #506 from erasys/minio
...
Add support for minio
2018-01-23 11:43:24 +01:00
7de6e3211f
Merge pull request #598 from xxyy/feature/csp
...
Implement basic CSP support
2018-01-22 20:43:46 +01:00
40d1d75704
Release 1.0.1-ce
2018-01-19 14:40:15 +01:00
11a5dd0eb4
Release 1.0.0-ce
2018-01-18 13:03:18 +01:00
1b7d621fd1
Merge pull request #578 from hackmdio/licenseChangeAgreement
...
License Change Agreement
2017-12-07 06:54:12 +08:00
4a4ae9d332
Initial support for SAML authentication
2017-11-28 18:52:24 +09:00
3a752fde51
Revert "Load js-url lib using legacy-loader"
...
Didn't work in Firefox for some reason.
`[Script Loader] ReferenceError: module is not defined`
This reverts commit 5b83deb043
2017-11-02 17:57:44 +01:00
5cda55086a
Add mattermost authentication
2017-10-31 10:34:51 +01:00
f896432250
Upgrade mermaid to v7.1.0, fix #600
2017-10-30 00:18:53 +08:00
94021e2d34
Merge pull request #574 from PeterDaveHello/README.md-Table-of-Contents
...
Add "Table of Contents" in README.md
2017-10-27 11:51:50 +02:00
5b83deb043
Load js-url lib using legacy-loader
...
Doesn't use eval, plus no window object access
2017-10-22 00:03:45 +02:00
080436aebb
CSP: Add nonce to slide view inline JS
2017-10-22 00:03:45 +02:00
f70d2df1be
Add jsonlint script to ensure all json files are valid
2017-10-14 00:19:32 +08:00
0864b06e0c
Integrate npm package "doctoc" to update README.md
2017-10-13 16:21:25 +08:00
bee5e2a558
Update license field in package.json
2017-10-13 01:56:13 +08:00
2c780f53df
Add support for minio
2017-08-30 18:58:34 +02:00
723c9d79b6
Use git URLs in package.json
...
Using the "github:..." form to declare a dependency in package.json
makes npm attempt to install the package using an ssh clone rather than
an https clone. Some deployment environments may not allow ssh access
to external servers which will prevent the clones from succeeding. Using
the "git+https://..." form will clone the same repo from GitHub without
requiring ssh connectivity.
2017-07-01 15:41:56 -06:00
8acceb28ed
Use non-zero exit codes when build fails
2017-06-03 18:22:37 +02:00
c37b666915
Merge branch 'master' into BackendRefactor
2017-05-14 17:42:14 +08:00
ecb0533605
refactor(config.js): Extract config file
...
* Separate different config source to each files
* Freeze config object
2017-05-08 19:29:07 +08:00
db06a51299
Load statusbar template by string-loader
2017-05-07 20:37:26 +08:00
1d51fdaa7c
chore(build): Upgrade uws to 0.14.1, other npm version have been removed
2017-03-29 12:43:03 +08:00
1c6f5d272f
style: Fix missing newline in variables
2017-03-29 12:41:23 +08:00
7e3b74d0da
Mark as 0.5.1
2017-03-23 00:22:44 +08:00
f6bd238b0f
Merge pull request #387 from hackmdio/cm-refactor
...
Extract CodeMirror instance
2017-03-14 23:11:56 +08:00
f55a4b8497
Update to fix pagination error in list.js over v1.5.0
2017-03-14 23:08:15 +08:00
24f1413654
Add inlineAttachment to global
2017-03-13 22:00:29 +08:00
b4424419c0
Add standarjs globals
2017-03-13 21:42:09 +08:00
6cf06837f8
Remove eslint
...
1. Remove eslint , bacause we use JavaScript Standard Style.
2. Add lts/boron version to travis CI, web use it in docker version
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2017-03-13 02:23:58 +08:00
4889e9732d
Use JavaScript Standard Style
...
Introduce JavaScript Standard Style as project style rule,
and fixed all fail on backend code.
2017-03-08 18:45:51 +08:00
40dfffd4f4
Using package.json to test lint instead
...
Exclude *.min.js from eslint
2017-02-16 13:05:46 +08:00
af783b2746
Update node dependency up to 6.x in package.json
2017-02-15 19:17:51 +08:00
4198d0d560
Add travis ci
2017-02-15 19:11:53 +08:00
15bf2b6da8
Update webpack config to use parallel uglify plugin to speed up production build
2017-02-03 22:05:09 +08:00
5ce5d4cd84
Update to use babel-polyfill to support ES6 features in old browsers
2017-02-03 22:04:43 +08:00
4dbafe62a3
Upgrade mermaid to support class diagram
2017-02-02 23:28:05 +08:00
3df5507589
Upgrade viz.js to fix manual workaround and get smaller file size
2017-02-02 23:27:34 +08:00
26d8942852
Revert experimental vue for now
2017-01-21 12:30:55 +08:00
3d6b319216
Merge branch 'master' into frontend-next
2017-01-13 22:53:33 +08:00
b13635aac9
Merge pull request #279 from alecdwm/ldap-auth
...
Support for LDAP server authentication
2017-01-09 00:49:40 +08:00
b044c2ae19
Use randomcolor not seedrandom for avatar backgrounds
2017-01-06 07:08:07 +01:00
01361afa7a
Profile pictures for LDAP users
2017-01-06 05:37:40 +01:00
78c51e5e88
Revert "Rename npm script"
...
This reverts commit ed83dfc862
2017-01-04 14:30:47 +08:00
65acaea8cf
Merge branch 'master' into frontend-next
2017-01-02 15:09:19 +08:00
bd4335964d
Mark as 0.5.0
2017-01-02 11:19:01 +08:00
6ac1df5965
Update dependencies
2017-01-02 11:17:23 +08:00
99dd107724
Basic setup for Vue app
2016-12-24 11:50:57 +08:00
a06fad974e
Install vue and babel dependency
2016-12-24 11:10:18 +08:00
39521f25a7
Mark as 0.4.6
2016-12-19 17:30:33 +08:00
276d500406
Upgrade dependencies
2016-12-19 16:20:27 +08:00
c6742e50ee
Remove unused vendor code and add missing dependency
2016-12-19 16:13:56 +08:00
59725e9390
Remove unused dependencies
2016-12-18 22:54:00 +08:00
02e9927714
Initial support for LDAP server authentication
...
Limitations as of this commit:
- tlsOptions can only be specified in config.json, not as env vars
- authentication failures are not yet gracefully handled by the UI
- instead the error message is shown on a blank page (/auth/ldap)
- no email address is associated with the LDAP user's account
- no picture/profile URL is associated with the LDAP user's account
- we might have to generate our own access + refresh tokens,
because we aren't using oauth. The currently generated
tokens are just a placeholder.
- 'LDAP Sign in' needs to be translated to each locale
2016-12-13 22:41:07 +01:00
9e6fd505e1
Remove bower occurences
2016-12-11 11:18:08 +08:00
ed83dfc862
Rename npm script
...
webpack scripts are meant to “build” assets, so place them under the same namespace
* dev => build:dev
* build => build:prod
2016-12-10 22:12:07 +08:00
65a1a62cc0
Drop nodemon dependency
...
Sometimes nodemon not reload source code correctly, so simply drop it.
2016-12-10 22:09:50 +08:00
5958654ea4
Remove preprocess image on upload image or it will losing support of image some formats
2016-12-03 14:37:12 +08:00
840cac7435
Add delay to throttle nodemon in dev script
2016-12-02 02:24:12 +08:00
a73d9ce39e
Update to support optional email register and signin
2016-12-02 01:58:14 +08:00
b081302f3d
Remove webpack shell plugin for webpack because it've been solved in another way
2016-11-28 03:19:15 +08:00
9f79ed929e
Update to move custom CodeMirror codebase to our own repo and update webpack build config
2016-11-28 01:36:48 +08:00
bd3d4958e4
Merge pull request #248 from hackmdio/file-upload-options
...
Support other options for image uploading
2016-11-27 10:54:00 +08:00
5287d46931
Optimize hackmd resource packing and load orders
2016-11-26 23:18:51 +08:00
3fbfdb7db8
Optimize index page resources packing and loads
2016-11-26 23:13:02 +08:00
9383df59c9
Update socket.io to 1.6.0
2016-11-26 22:40:50 +08:00
f387bb312f
Try to replace engine.io to uws in socket.io for better performance
2016-11-18 12:18:29 +08:00
2279986f97
Config sharp image preprocessing
2016-11-16 17:07:00 +08:00
518a4a120b
upload image to s3
2016-11-16 12:05:24 +08:00
a04c6ef127
Install nodemon for local development
2016-11-14 16:44:12 +08:00
689b1dc4d6
Add optimize-css webpack plugin
2016-11-03 13:59:25 +08:00
7e05976a93
Revert "html minify in production environment"
2016-10-24 00:00:05 +08:00
731375c220
html minify in production environment
2016-10-23 23:31:04 +08:00
7e8d1f22b1
Fix missing dependency in d44e830366
2016-10-18 21:41:06 +08:00
d44e830366
Update emoji parser using markdown-it-emoji instead of emojify to solve issue #217
2016-10-18 16:50:58 +08:00
9f63581c61
Config heroku deployment
2016-10-16 11:20:29 +08:00
4c1109b70b
Move gist-embed to CDN
2016-10-14 09:56:19 +08:00
142b4c6771
Move highlight.js to CDN
2016-10-14 09:21:41 +08:00
83be3465cc
Fix scrollspy
2016-10-13 13:59:34 +08:00
2cafe15e85
Enable production assets hash
2016-10-12 17:15:59 +08:00
91266f1cad
Load more scripts using webpack
2016-10-12 17:03:47 +08:00
02eef3f68a
Load customized vendor script through script-loader
2016-10-12 13:18:29 +08:00
2e929879ad
Fix engine.io-client webpack load dependency
2016-10-12 12:57:16 +08:00
6e651c8108
Merge branch 'master' into webpack-frontend
2016-10-11 18:40:23 +08:00
f9e7f482d3
Setup webpack production config
2016-10-11 15:45:00 +08:00
06437ccaa9
Manage more packages with npm and webpack
2016-10-11 14:52:45 +08:00
3368b57b89
Remove ot from package.json
2016-10-11 14:09:40 +08:00
9c8752d452
Split common vendor javascript into chunks
2016-10-11 12:30:30 +08:00
9a15cad42d
Mark as 0.4.5
2016-10-11 11:01:05 +08:00
fb5d7e4359
Update npm and bower dependencies with related patch
2016-10-10 21:14:28 +08:00
138aa876f4
Remove unused npm dependency
2016-10-10 21:05:33 +08:00
e10203b7e9
More function expose workaround for reveal-markdown.js
2016-10-10 08:24:58 +08:00
a258897884
Revert some bower assets
2016-10-09 21:43:41 +08:00
3e2905be13
Revert to customized codemirror
2016-10-09 17:54:51 +08:00
8e2b03cfd6
Config bootstrap with webpack
2016-10-08 23:04:19 +08:00
963a435ae1
Resolve dependency module requiring
...
* es5 style module exports
* remove script tag require
* webpack config ProvidePlugin
Note that this commit only fix JavaScript module loading runtime error.
2016-10-08 20:02:30 +08:00
ebee5a8d05
Use xss in script tag
2016-10-08 19:57:50 +08:00
ab21311161
Change npm task 'build' to 'dev'
2016-10-08 10:16:49 +08:00
b8467a562c
Remove Idle.Js dependency
...
use vendor minified js for now
2016-10-08 10:07:12 +08:00
325d1f1a32
Create webpack config
2016-10-08 08:13:40 +08:00
b9c59c454d
Add support of i18n with related patches and support "en" and "zh" locales for now
2016-08-19 11:49:24 +08:00
f35aa94b41
Mark as 0.4.4
2016-08-02 17:17:33 +08:00
b6ca8649af
Update npm dependencies
2016-07-30 12:23:40 +08:00
045c08447f
Update to use own package of google-diff-match-patch to solve encodeURI exception issue
2016-07-30 11:12:28 +08:00
2b5c7365ab
Change npm imgur package to self owned repo in order to fix some exception
2016-07-13 10:42:32 +08:00
458d07dde7
Update to change server-side pre-rendering engine from marked to markdown-it
2016-07-02 16:11:06 +08:00
d7d83c102b
Mark as 0.4.3
2016-06-28 09:38:31 +08:00
6fddab1bfc
Update npm dependencies
2016-06-17 16:32:05 +08:00
dbc126b156
Add support of saving note revision and improve app start and stop procedure to ensure data integrity
2016-06-17 16:09:33 +08:00
c439797efd
Mark as 0.4.2
2016-06-01 20:44:19 +08:00
16990e35a2
Update slide template using ejs instead of mustache to reduce similar package dependency
2016-05-29 17:54:24 +08:00
e52937df50
Update project infos, reclaim authors and add authors list
2016-05-28 01:49:15 +08:00
6405bb5056
Add support of google signin
2016-05-21 22:48:00 +08:00
baa946968d
Add db migrations for PR #121
2016-05-15 12:20:42 +08:00
a3876dfc92
Start extending to support GitLab authentication.
...
Add necessary dependency.
Add baseURL parameter for self-hosted GitLab
Add necessary require.
Add block for GitLab auth.
Fix typo
Update font-awesome dependency for GitLab icon.
Use a color closer to GitLab orange.
More direct TODO
2016-05-11 21:02:53 -04:00
197ac5d5fb
Mark as 0.4.0
2016-04-20 18:23:56 +08:00
f13f70696a
Update package dependencies
2016-04-20 18:15:48 +08:00
49b51e478f
Refactor server with Sequelize ORM, refactor server configs, now will show note status (created or updated) and support docs (note alias)
2016-04-20 18:03:55 +08:00
61084e5a4e
Updated dependencies
2016-03-15 11:14:00 +08:00
d69d65ea74
Updated to send hsts in https header
2016-03-15 10:41:49 +08:00
4c4a0e0f3f
Fixed prevent XSS might break lots of tags and only need after rendered
2016-02-11 03:45:13 -06:00
6700f033ab
Prevent XSS in markdown rendering
2016-02-11 02:36:52 -06:00
7305984676
Updated engine requirement because connect-mongo package
2016-02-07 21:56:54 -06:00
ff2fc76491
Supported export to gist
2016-01-31 15:42:26 -06:00
1b2a3108be
Marked as 0.3.4
2016-01-19 10:06:22 -06:00
96931e6e3a
Upgrade all dependencies and fixes afterward issues
2016-01-19 09:57:58 -06:00
2ecec3b59a
Support show last change user with profile and support YAML config inside the note with robots, lang, dir, breaks options
2016-01-12 08:01:42 -06:00
a6d1bddf47
Updated other packages to lastest versions
2015-12-15 15:01:13 -06:00
e9718d35ac
chore(package): update dependencies
...
http://greenkeeper.io/
2015-12-15 10:38:34 -06:00
a0b1321ad2
Updated imgur package version from "0.1.5" to "0.1.7"
2015-12-12 14:19:22 -06:00
a4d0c56396
Merge pull request #47 from PeterDaveHello/patch-2
...
Update package.json
2015-12-08 20:48:26 -06:00
fc687b37cb
Update package.json
...
Bump dependency marked to ^0.3.5
Reference(security issue):
https://nodesecurity.io/advisories/marked_regular-expression-denial-of-service
2015-12-09 08:41:06 +08:00
d635440f27
Update package.json
...
Change required dependency - express from "4.x" to ">=4.5"
Reference(security issue):
https://nodesecurity.io/advisories/express_no-charset-in-content-type-header
2015-12-09 08:39:37 +08:00
fa5485c185
Updated npm cookie package version to 0.2.3
2015-11-29 02:11:57 -06:00
a8123b6306
Fixed connect-mongo have peer dependencies
2015-11-29 00:23:19 -06:00
Christoph (Sheogorath) Kern
Ádám Hóka
David Mehren
Max Wu
Dario Ernst
Wu Cheng-Han
Norihito Nakae
Literallie
Christoph Witzany
Peter Dave Hello
Marc Deop
Bryan Davis
BoHong Li
Yukai Huang
bananaappletw
alecdwm
Jason Croft
greenkeeperio-bot
Peter Dave Hello