0636b5c20b
The used library gist-embed relies on GitHub Gist's JSONP endpoint which is a risk for XSS injection. By adding untrusted content from GitHub into the DOM it also follows very bad practises. Using the iframe embedding has the disadvantage of not having the proper height for the frame auto-loaded, but the security benefits are worth it. Signed-off-by: Erik Michelson <github@erik.michelson.eu>
217 lines
6.7 KiB
JSON
217 lines
6.7 KiB
JSON
{
|
|
"name": "HedgeDoc",
|
|
"version": "1.10.3",
|
|
"description": "The best platform to write and share markdown.",
|
|
"main": "app.js",
|
|
"license": "AGPL-3.0",
|
|
"scripts": {
|
|
"test": "npm run-script eslint && npm run-script jsonlint && npm run-script mocha-suite",
|
|
"eslint": "node_modules/.bin/eslint --max-warnings 0 lib public test app.js",
|
|
"jsonlint": "find . \\( -not -path './node_modules/*' -type f -name '*.json' -o -type f -name '*.json.example' \\) -print0 | xargs -0 -I 'file' jq . file",
|
|
"markdownlint": "remark .",
|
|
"mocha-suite": "NODE_ENV=test CMD_DB_URL=\"sqlite::memory:\" mocha --exit",
|
|
"standard": "echo 'standard is no longer being used, use `npm run eslint` instead!' && exit 1",
|
|
"dev": "webpack --config webpack.dev.js --progress --watch",
|
|
"heroku-prebuild": "bin/heroku",
|
|
"build": "webpack --config webpack.prod.js --progress",
|
|
"start": "node app.js"
|
|
},
|
|
"dependencies": {
|
|
"@hedgedoc/meta-marked": "14.1.0",
|
|
"@node-saml/passport-saml": "5.0.1",
|
|
"@passport-next/passport-openid": "1.0.0",
|
|
"Idle.Js": "git+https://github.com/shawnmclean/Idle.js#commit=2b57cc6e49d177b7ddce0cca00ef5cbe07453541",
|
|
"archiver": "6.0.2",
|
|
"async": "3.2.6",
|
|
"aws-sdk": "2.1692.0",
|
|
"azure-storage": "2.10.7",
|
|
"base64url": "3.0.1",
|
|
"body-parser": "2.2.0",
|
|
"chance": "1.1.12",
|
|
"cheerio": "0.22.0",
|
|
"clean-webpack-plugin": "4.0.0",
|
|
"compression": "1.8.0",
|
|
"connect-flash": "0.1.1",
|
|
"connect-session-sequelize": "7.1.7",
|
|
"cookie": "1.0.2",
|
|
"cookie-parser": "1.4.7",
|
|
"deep-freeze": "0.0.1",
|
|
"diff-match-patch": "git+https://github.com/hackmdio/diff-match-patch.git#commit=59a9395ad9fe143e601e7ae5765ed943bdd2b11e",
|
|
"ejs": "3.1.10",
|
|
"express": "4.21.2",
|
|
"express-rate-limit": "7.5.0",
|
|
"express-session": "1.18.1",
|
|
"file-type": "20.4.1",
|
|
"formidable": "2.1.2",
|
|
"graceful-fs": "4.2.11",
|
|
"helmet": "8.1.0",
|
|
"i18n": "0.15.1",
|
|
"is-svg": "4.4.0",
|
|
"jsdom-nogyp": "0.8.3",
|
|
"lodash": "4.17.21",
|
|
"lutim": "1.0.3",
|
|
"lz-string": "git+https://github.com/hackmdio/lz-string.git#commit=6edfccb79cd8c210f03fd3bf18e41ca144fbeefb",
|
|
"mariadb": "3.4.1",
|
|
"markdown-it": "13.0.2",
|
|
"markdown-it-abbr": "1.0.4",
|
|
"markdown-it-container": "3.0.0",
|
|
"markdown-it-deflist": "2.1.0",
|
|
"markdown-it-emoji": "2.0.2",
|
|
"markdown-it-footnote": "3.0.3",
|
|
"markdown-it-imsize": "2.0.1",
|
|
"markdown-it-ins": "3.0.1",
|
|
"markdown-it-mark": "3.0.1",
|
|
"markdown-it-mathjax": "2.0.0",
|
|
"markdown-it-regexp": "0.4.0",
|
|
"markdown-it-sub": "1.0.0",
|
|
"markdown-it-sup": "1.0.0",
|
|
"mattermost": "3.4.0",
|
|
"method-override": "3.0.0",
|
|
"minimist": "1.2.8",
|
|
"minio": "7.1.3",
|
|
"moment": "2.30.1",
|
|
"morgan": "1.10.0",
|
|
"mysql2": "3.14.0",
|
|
"node-fetch": "2.7.0",
|
|
"passport": "patch:passport@npm%3A0.7.0#~/.yarn/patches/passport-npm-0.7.0-df02531736.patch",
|
|
"passport-dropbox-oauth2": "1.1.0",
|
|
"passport-facebook": "3.0.0",
|
|
"passport-github": "1.1.0",
|
|
"passport-gitlab2": "5.0.0",
|
|
"passport-google-oauth20": "2.0.0",
|
|
"passport-ldapauth": "3.0.1",
|
|
"passport-local": "1.0.0",
|
|
"passport-oauth2": "1.8.0",
|
|
"passport-twitter": "1.0.4",
|
|
"passport.socketio": "3.7.0",
|
|
"pdfobject": "2.3.1",
|
|
"pg": "8.14.1",
|
|
"pg-hstore": "2.3.4",
|
|
"prom-client": "15.1.3",
|
|
"prometheus-api-metrics": "4.0.0",
|
|
"randomcolor": "0.6.2",
|
|
"readline-sync": "1.4.10",
|
|
"rimraf": "5.0.10",
|
|
"sanitize-filename": "1.6.3",
|
|
"scrypt-kdf": "2.0.1",
|
|
"sequelize": "5.22.5",
|
|
"shortid": "2.2.17",
|
|
"socket.io": "2.5.1",
|
|
"sqlite3": "5.1.7",
|
|
"store": "2.0.12",
|
|
"string": "3.3.3",
|
|
"toobusy-js": "0.5.1",
|
|
"umzug": "2.3.0",
|
|
"uuid": "11.1.0",
|
|
"validator": "13.15.0",
|
|
"winston": "3.17.0",
|
|
"xss": "1.0.15"
|
|
},
|
|
"engines": {
|
|
"node": ">=18"
|
|
},
|
|
"bugs": "https://github.com/hedgedoc/hedgedoc/issues",
|
|
"keywords": [
|
|
"Collaborative",
|
|
"Markdown",
|
|
"Notes"
|
|
],
|
|
"homepage": "https://hedgedoc.org",
|
|
"maintainers": [
|
|
{
|
|
"name": "Claudius Coenen",
|
|
"url": "https://www.claudiuscoenen.de/"
|
|
},
|
|
{
|
|
"name": "Christoph (Sheogorath) Kern",
|
|
"email": "codimd@sheogorath.shivering-isles.com",
|
|
"url": "https://shivering-isles.com"
|
|
},
|
|
{
|
|
"name": "David Mehren",
|
|
"email": "hedgedoc@herrmehren.de"
|
|
}
|
|
],
|
|
"repository": {
|
|
"type": "git",
|
|
"url": "https://github.com/hedgedoc/hedgedoc.git"
|
|
},
|
|
"devDependencies": {
|
|
"@eslint/eslintrc": "3.3.1",
|
|
"@eslint/js": "9.24.0",
|
|
"@hedgedoc/codemirror-5": "5.65.12",
|
|
"abcjs": "6.4.4",
|
|
"babel-cli": "6.26.0",
|
|
"babel-core": "6.26.3",
|
|
"babel-loader": "7.1.5",
|
|
"babel-plugin-transform-runtime": "6.23.0",
|
|
"babel-polyfill": "6.26.0",
|
|
"babel-preset-env": "1.7.0",
|
|
"babel-runtime": "6.26.0",
|
|
"bootstrap": "3.4.1",
|
|
"bootstrap-validator": "0.11.9",
|
|
"copy-webpack-plugin": "6.4.1",
|
|
"css-loader": "5.2.7",
|
|
"emojify.js": "1.1.0",
|
|
"esbuild-loader": "4.3.0",
|
|
"escape-html": "1.0.3",
|
|
"eslint": "9.24.0",
|
|
"eslint-config-standard": "17.1.0",
|
|
"eslint-plugin-import": "2.31.0",
|
|
"eslint-plugin-n": "17.17.0",
|
|
"eslint-plugin-promise": "7.2.1",
|
|
"eslint-plugin-standard": "5.0.0",
|
|
"exports-loader": "1.1.1",
|
|
"expose-loader": "1.0.3",
|
|
"file-loader": "6.2.0",
|
|
"file-saver": "2.0.5",
|
|
"flowchart.js": "1.18.0",
|
|
"fork-awesome": "1.2.0",
|
|
"globals": "16.0.0",
|
|
"highlight.js": "10.7.3",
|
|
"html-webpack-plugin": "4.5.2",
|
|
"imports-loader": "1.2.0",
|
|
"ionicons": "2.0.1",
|
|
"jquery": "3.7.1",
|
|
"jquery-mousewheel": "3.2.2",
|
|
"jquery-ui": "1.14.1",
|
|
"js-cookie": "3.0.5",
|
|
"js-sequence-diagrams": "git+https://github.com/hedgedoc/js-sequence-diagrams.git",
|
|
"js-yaml": "3.14.1",
|
|
"jsonlint": "1.6.3",
|
|
"keymaster": "1.6.2",
|
|
"less": "4.3.0",
|
|
"less-loader": "7.3.0",
|
|
"list.js": "2.3.1",
|
|
"mathjax": "2.7.9",
|
|
"mermaid": "9.1.7",
|
|
"mini-css-extract-plugin": "1.6.2",
|
|
"mocha": "11.1.0",
|
|
"mock-require": "3.0.3",
|
|
"optimize-css-assets-webpack-plugin": "6.0.1",
|
|
"prismjs": "1.30.0",
|
|
"raphael": "2.3.0",
|
|
"remark-cli": "12.0.1",
|
|
"remark-preset-lint-markdown-style-guide": "5.1.3",
|
|
"reveal.js": "3.9.2",
|
|
"select2": "3.5.2-browserify",
|
|
"socket.io-client": "2.5.0",
|
|
"spin.js": "4.1.2",
|
|
"string-loader": "0.0.1",
|
|
"turndown": "7.2.0",
|
|
"url-loader": "4.1.1",
|
|
"velocity-animate": "1.5.2",
|
|
"visibilityjs": "2.0.2",
|
|
"viz.js": "1.8.2",
|
|
"webpack": "4.47.0",
|
|
"webpack-cli": "4.10.0",
|
|
"webpack-merge": "5.10.0",
|
|
"wurl": "2.5.4"
|
|
},
|
|
"optionalDependencies": {
|
|
"bufferutil": "4.0.9",
|
|
"utf-8-validate": "6.0.5"
|
|
},
|
|
"packageManager": "yarn@4.9.0"
|
|
}
|