930 Commits

Author	SHA1	Message	Date
renovate[bot]	f1c9f11d98	chore(deps): update yarn to v4.12.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-24 23:55:33 +01:00
Erik Michelson	ffc1e5f87d	fix(deps): switch back to non-ESM packages ... Node 18 has not the ability yet to run the more modern packages. Since we want to keep Node 18 compatability around for some time, these packages can't be upgraded. Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2025-11-24 14:32:24 +01:00
Erik Michelson	9a45d1e2a9	chore(deps): upgrade dependencies, remove some unnecessary ones ... This commit upgrades dependencies that are more or less trivial to update, e.g. because they didn't have major version bumps or simply didn't break anything. There are some dependencies which have not been upgraded since this would have required larger refactorings. This includes especially the markdown-it ecosystem and the webpack ecosystem. The largest refactorings in this commit come from the bump of socket.io v2 to v4 which changed the handling of the connected socket list for instance. This commit further removes some outdated and/or unnecessary dependencies. This includes the String.js library which is unmaintained for 9 years and has some CVEs. We mainly used this library for their escapeHTML and unescapeHTML methods. This can be done using native DOM APIs nowadays, which is also considered more safe since it is the same logic that the browser itself uses. Since we target Node 18 and above, we can also rely on the built-in fetch function instead of the node-fetch package. The current version of Chance.js includes a method for generating a random color now too, so we don't need the package randomcolor anymore. Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2025-11-24 14:32:24 +01:00
Erik Michelson	637c451486	fix: use nanoid instead of shortid ... shortid is deprecated and they recommend nanoid instead. We're not sure if this has to do with possible name collisions or enumerability, but to be sure and on the safe side, we're changing this. nanoid seems quite safe since it uses node's crypto module underneath. Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2025-11-22 01:05:50 +01:00
renovate[bot]	367626ab9c	fix(deps): update dependency formidable to v2.1.3 (master) (#6072) ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-20 18:30:14 +00:00
renovate[bot]	c97c11df2c	chore(deps): update yarn to v4.9.1 (master) (#6071) ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-20 18:02:42 +00:00
Erik Michelson	0636b5c20b	refactor: use iframes for gist embedding instead of gist-embed ... The used library gist-embed relies on GitHub Gist's JSONP endpoint which is a risk for XSS injection. By adding untrusted content from GitHub into the DOM it also follows very bad practises. Using the iframe embedding has the disadvantage of not having the proper height for the frame auto-loaded, but the security benefits are worth it. Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2025-04-10 00:21:55 +02:00
Erik Michelson	f31e591c17	chore(release): bump version to 1.10.3 and add release notes ... Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2025-04-10 00:21:55 +02:00
renovate[bot]	312950aeeb	fix(deps): update dependency body-parser to v2 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:58:56 +02:00
renovate[bot]	e66f413507	fix(deps): update dependency prometheus-api-metrics to v4 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:56:58 +02:00
renovate[bot]	d09abac9c6	chore(deps): update dependency globals to v16 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:55:39 +02:00
renovate[bot]	a0c50164b6	chore(deps): update linters ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:49:35 +02:00
renovate[bot]	639eee078d	chore(deps): update dependency globals to v15.15.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:48:01 +02:00
renovate[bot]	3b9a8297c2	fix(deps): update dependency validator to v13.15.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:47:49 +02:00
renovate[bot]	e38ba23bc9	fix(deps): update dependency file-type to v20.4.1 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:46:43 +02:00
renovate[bot]	49c6d7f75f	fix(deps): update dependency mysql2 to v3.14.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:46:05 +02:00
renovate[bot]	5ec6487f17	fix(deps): update dependency pg to v8.14.1 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:45:45 +02:00
renovate[bot]	4c3ff41385	fix(deps): update dependency helmet to v8.1.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:44:29 +02:00
renovate[bot]	53076a665a	fix(deps): update dependency uuid to v11.1.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:43:39 +02:00
renovate[bot]	894efa88d1	fix(deps): update dependency compression to v1.8.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:42:15 +02:00
renovate[bot]	c6df2629d3	chore(deps): update yarn to v4.9.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:41:47 +02:00
renovate[bot]	9ece354c70	chore(deps): update dependency less to v4.3.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:41:16 +02:00
renovate[bot]	543fb4feb4	chore(deps): update dependency prismjs to v1.30.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:39:45 +02:00
renovate[bot]	e08feadde7	fix(deps): update dependency mariadb to v3.4.1 (master) (#6043) ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 19:37:28 +00:00
renovate[bot]	7d38e100b8	chore(deps): update dependency jquery-mousewheel to v3.2.2 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:35:12 +02:00
renovate[bot]	1259ff0edc	fix(deps): update dependency @node-saml/passport-saml to v5.0.1 (master) (#6039) ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 19:34:05 +00:00
renovate[bot]	9f98e9701e	chore(deps): update dependency esbuild-loader to v4.3.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-09 21:29:12 +02:00
renovate[bot]	cd1431c647	fix(deps): update dependency pg to v8.13.3 (master) (#6010) ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-19 22:22:04 +00:00
renovate[bot]	d29606bad0	fix(deps): update dependency pdfobject to v2.3.1 (master) (#6009) ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-19 18:23:14 +00:00
Philip Molares	38f25ec8cc	chore: bump version to 1.10.2 ... Signed-off-by: Philip Molares <philip.molares@udo.edu>	2025-02-14 22:14:11 +01:00
Philip Molares	e5be5d3f9d	chore: bump version to 1.10.1 ... Signed-off-by: Philip Molares <philip.molares@udo.edu>	2025-02-02 23:12:33 +01:00
renovate[bot]	58a787a88e	fix(deps): update dependency @node-saml/passport-saml to v5 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 23:41:54 +01:00
renovate[bot]	748e48df46	chore(deps): pin dependency globals to 15.14.0 (master) (#5949) ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 22:12:23 +00:00
renovate[bot]	cf5a68b35f	chore(deps): pin dependencies (master) (#5948) ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 22:00:43 +00:00
renovate[bot]	71854a882f	fix(deps): replace dependency passport-saml with @node-saml/passport-saml 4.0.4 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 22:55:52 +01:00
Philip Molares	a11c05b477	refactor: use eslint.config.mjs instead of .eslintrc ... This was done automatically by running `npx @eslint/migrate-config .eslintrc.js` Signed-off-by: Philip Molares <philip.molares@udo.edu>	2025-02-01 22:15:54 +01:00
renovate[bot]	071da4b152	chore(deps): update linters ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 22:15:54 +01:00
renovate[bot]	6226fe6225	fix(deps): update dependency helmet to v8 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2025-02-01 22:10:34 +01:00
renovate[bot]	41e411301c	fix(deps): update dependency file-type to v20 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 21:24:16 +01:00
renovate[bot]	63bc05c0a4	fix(deps): update dependency cookie to v1 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 21:22:56 +01:00
renovate[bot]	69899885fe	fix(deps): update dependency express-rate-limit to v7.5.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 21:21:28 +01:00
renovate[bot]	3017071422	chore(deps): update dependency mocha to v11 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 21:18:30 +01:00
Erik Michelson	93df1e8ab5	chore(deps): upgrade cookie to 0.7.2 for security reasons ... Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2025-02-01 21:12:08 +01:00
Erik Michelson	876ebad1f3	feat: rate-limiting ... Signed-off-by: Erik Michelson <github@erik.michelson.eu>	2025-02-01 21:12:08 +01:00
renovate[bot]	e8f4cbabec	fix(deps): update dependency uuid to v11 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 20:39:59 +01:00
renovate[bot]	9bf5b7fcd0	fix(deps): update dependency express to v4.21.2 (master) (#5932) ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 19:37:32 +00:00
renovate[bot]	7f14cff2aa	fix(deps): update dependency winston to v3.17.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 20:34:50 +01:00
renovate[bot]	071e37a0f4	fix(deps): update dependency pg to v8.13.1 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 20:33:42 +01:00
renovate[bot]	36ac48ede6	fix(deps): update dependency mariadb to v3.4.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 20:32:06 +01:00
renovate[bot]	f4eb6566da	fix(deps): update dependency mysql2 to v3.12.0 ... Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-01 20:31:49 +01:00