diff options
| author | Maximilian Bosch <maximilian@mbosch.me> | 2020-12-28 00:14:20 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-28 00:14:20 +0100 |
| commit | c4f4f74f89177bf110a1adabb6ef93c84e755600 (patch) | |
| tree | 1563a5354cffdd79b6aa7b2def32ccd6ab2bdfff /pkgs/servers | |
| parent | cdfbfec2daafe978ff0d8404e617c29f3ef23a31 (diff) | |
| parent | 484d851cb90d613adc8acecffc8e2459371b8e9c (diff) | |
| download | nixlib-c4f4f74f89177bf110a1adabb6ef93c84e755600.tar nixlib-c4f4f74f89177bf110a1adabb6ef93c84e755600.tar.gz nixlib-c4f4f74f89177bf110a1adabb6ef93c84e755600.tar.bz2 nixlib-c4f4f74f89177bf110a1adabb6ef93c84e755600.tar.lz nixlib-c4f4f74f89177bf110a1adabb6ef93c84e755600.tar.xz nixlib-c4f4f74f89177bf110a1adabb6ef93c84e755600.tar.zst nixlib-c4f4f74f89177bf110a1adabb6ef93c84e755600.zip | |
Merge pull request #107762 from WilliButz/update/hedgedoc/1.7.1
hedgedoc: 1.7.0 -> 1.7.1 (fixes CVE-2020-26286 and CVE-2020-26287)
Diffstat (limited to 'pkgs/servers')
| -rw-r--r-- | pkgs/servers/web-apps/hedgedoc/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/servers/web-apps/hedgedoc/package.json | 4 | ||||
| -rw-r--r-- | pkgs/servers/web-apps/hedgedoc/yarn.lock | 67 | ||||
| -rw-r--r-- | pkgs/servers/web-apps/hedgedoc/yarn.nix | 72 |
4 files changed, 135 insertions, 12 deletions
diff --git a/pkgs/servers/web-apps/hedgedoc/default.nix b/pkgs/servers/web-apps/hedgedoc/default.nix index 0e39895d39d5..9fdaafbd24ab 100644 --- a/pkgs/servers/web-apps/hedgedoc/default.nix +++ b/pkgs/servers/web-apps/hedgedoc/default.nix @@ -3,13 +3,13 @@ mkYarnPackage rec { name = "hedgedoc"; - version = "1.7.0"; + version = "1.7.1"; src = fetchFromGitHub { owner = "hedgedoc"; repo = "hedgedoc"; rev = version; - sha256 = "1zz5ni9cp1dhcvcrzks13pww5qm2wna2hh0k59pfz7c897rs1l7v"; + sha256 = "0axad5581v25pynfj6pgy0h1xp92dyllnc7mk42z6hxbs4sgkrw1"; }; nativeBuildInputs = [ which makeWrapper ]; diff --git a/pkgs/servers/web-apps/hedgedoc/package.json b/pkgs/servers/web-apps/hedgedoc/package.json index e90ec03c4e11..3e8046bbecdf 100644 --- a/pkgs/servers/web-apps/hedgedoc/package.json +++ b/pkgs/servers/web-apps/hedgedoc/package.json @@ -1,6 +1,6 @@ { "name": "HedgeDoc", - "version": "1.7.0", + "version": "1.7.1", "description": "The best platform to write and share markdown.", "main": "app.js", "license": "AGPL-3.0", @@ -43,6 +43,7 @@ "express": ">=4.14", "express-session": "^1.14.2", "file-saver": "^1.3.3", + "file-type": "^16.1.0", "flowchart.js": "^1.6.4", "fork-awesome": "^1.1.3", "formidable": "^1.0.17", @@ -111,6 +112,7 @@ "readline-sync": "^1.4.7", "request": "^2.88.0", "reveal.js": "^3.9.2", + "rimraf": "^3.0.2", "scrypt-async": "^2.0.1", "scrypt-kdf": "^2.0.1", "select2": "^3.5.2-browserify", diff --git a/pkgs/servers/web-apps/hedgedoc/yarn.lock b/pkgs/servers/web-apps/hedgedoc/yarn.lock index 9ff34ceeada5..f228af65b5b6 100644 --- a/pkgs/servers/web-apps/hedgedoc/yarn.lock +++ b/pkgs/servers/web-apps/hedgedoc/yarn.lock @@ -106,6 +106,11 @@ resolved "https://registry.yarnpkg.com/@passport-next/passport-strategy/-/passport-strategy-1.1.0.tgz#4c0df069e2ec9262791b9ef1e23320c1d73bdb74" integrity sha512-2KhFjtPueJG6xVj2HnqXt9BlANOfYCVLyu+pXYjPGBDT8yk+vQwc/6tsceIj+mayKcoxMau2JimggXRPHgoc8w== +"@tokenizer/token@^0.1.0", "@tokenizer/token@^0.1.1": + version "0.1.1" + resolved "https://registry.yarnpkg.com/@tokenizer/token/-/token-0.1.1.tgz#f0d92c12f87079ddfd1b29f614758b9696bc29e3" + integrity sha512-XO6INPbZCxdprl+9qa/AAbFFOMzzwqYxpjPgLICrMD6C2FCw6qfJOPcBk6JqqPLSaZ/Qx87qn4rpPmPMwaAK6w== + "@types/anymatch@*": version "1.3.1" resolved "https://registry.yarnpkg.com/@types/anymatch/-/anymatch-1.3.1.tgz#336badc1beecb9dacc38bea2cf32adf627a8421a" @@ -126,6 +131,11 @@ dependencies: "@types/node" "*" +"@types/debug@^4.1.5": + version "4.1.5" + resolved "https://registry.yarnpkg.com/@types/debug/-/debug-4.1.5.tgz#b14efa8852b7768d898906613c23f688713e02cd" + integrity sha512-Q1y515GcOdTHgagaVFhHnIFQ38ygs/kmxdNpvpou+raI9UO3YZcHDngBSYKQklcKlvA7iuQlmIKbzvmxcOE9CQ== + "@types/express-serve-static-core@*": version "4.17.13" resolved "https://registry.yarnpkg.com/@types/express-serve-static-core/-/express-serve-static-core-4.17.13.tgz#d9af025e925fc8b089be37423b8d1eac781be084" @@ -219,7 +229,7 @@ resolved "https://registry.yarnpkg.com/@types/range-parser/-/range-parser-1.2.3.tgz#7ee330ba7caafb98090bece86a5ee44115904c2c" integrity sha512-ewFXqrQHlFsgc09MK5jP5iR7vumV/BYayNC6PgJO2LPe8vrnNFyjQjSppfEngITi0qvfKtzFvgKymGheFM9UOA== -"@types/readable-stream@^2.3.5": +"@types/readable-stream@^2.3.5", "@types/readable-stream@^2.3.9": version "2.3.9" resolved "https://registry.yarnpkg.com/@types/readable-stream/-/readable-stream-2.3.9.tgz#40a8349e6ace3afd2dd1b6d8e9b02945de4566a9" integrity sha512-sqsgQqFT7HmQz/V5jH1O0fvQQnXAJO46Gg9LRO/JPfjmVmGUlcx831TZZO3Y3HtWhIkzf3kTsNT0Z0kzIhIvZw== @@ -837,9 +847,9 @@ atob@^2.1.2: integrity sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg== aws-sdk@^2.521.0: - version "2.815.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.815.0.tgz#515ead6d0d242f603171faf30c49142fd53a53d9" - integrity sha512-BXL3Og97rOY9jE7OeYQdKftMAZ3SneFg/rBslyog+W0dTDKq3NBuM3fBWhc3POf26kHcFjsnLIWScM8bWhD4AA== + version "2.817.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.817.0.tgz#3a97b690b0ec494cf8ee927affb3973cf26abcc8" + integrity sha512-DZIdWpkcqbqsCz0MEskHsyFaqc6Tk9XIFqXAg1AKHbOgC8nU45bz+Y2osX77pU01JkS/G7OhGtGmlKDrOPvFwg== dependencies: buffer "4.9.2" events "1.1.1" @@ -4266,6 +4276,16 @@ file-saver@^1.3.3: resolved "https://registry.yarnpkg.com/file-saver/-/file-saver-1.3.8.tgz#e68a30c7cb044e2fb362b428469feb291c2e09d8" integrity sha512-spKHSBQIxxS81N/O21WmuXA2F6wppUCsutpzenOeZzOCCJ5gEfcbqJP983IrpLXzYmXnMUa6J03SubcNPdKrlg== +file-type@^16.1.0: + version "16.1.0" + resolved "https://registry.yarnpkg.com/file-type/-/file-type-16.1.0.tgz#1c8a4458b2103e07d2b49ae7f76384abafe86529" + integrity sha512-G4Klqf6tuprtG0pC4r9kni4Wv8XhAAsfHphVqsQGA+YiOlPAO40BZduDqKfv0RFsu9q9ZbFObWfwszY/NqhEZw== + dependencies: + readable-web-to-node-stream "^3.0.0" + strtok3 "^6.0.3" + token-types "^2.0.0" + typedarray-to-buffer "^3.1.5" + file-uri-to-path@1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz#553a7b8446ff6f684359c445f1e37a05dacc33dd" @@ -5677,7 +5697,7 @@ is-symbol@^1.0.2: dependencies: has-symbols "^1.0.1" -is-typedarray@~1.0.0: +is-typedarray@^1.0.0, is-typedarray@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" integrity sha1-5HnICFjfDBsR3dppQPlgEfzaSpo= @@ -7962,6 +7982,11 @@ pdfobject@^2.0.201604172: resolved "https://registry.yarnpkg.com/pdfobject/-/pdfobject-2.2.4.tgz#ccb3c191129298a471e9ccb59c88a3ee0b7c7530" integrity sha512-r6Rw9CQWsrY6uqmKvlgFNoupmuRbSt9EsG0sZhSAy3cIk4WgOXyAVmebFSlLhqj6gA5NIEXL3lSEbwOOYfdUvw== +peek-readable@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/peek-readable/-/peek-readable-3.1.0.tgz#250b08b7de09db8573d7fd8ea475215bbff14348" + integrity sha512-KGuODSTV6hcgdZvDrIDBUkN0utcAVj1LL7FfGbM0viKTtCHmtZcuEJ+lGqsp0fTFkGqesdtemV2yUSMeyy3ddA== + performance-now@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-2.1.0.tgz#6309f4e0e5fa913ec1c69307ae364b4b377c9e7b" @@ -8777,6 +8802,14 @@ readable-stream@~2.0.0: string_decoder "~0.10.x" util-deprecate "~1.0.1" +readable-web-to-node-stream@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/readable-web-to-node-stream/-/readable-web-to-node-stream-3.0.0.tgz#4ca5408e70471069119d691934141a52de413955" + integrity sha512-HNmLb3n0SteGAs8HQlErYPGeO+y7cvL/mVUKtXeUkl0iCZ/2GIgKGrCFHyS7UXFnO8uc9U+0y3pYIzAPsjFfvA== + dependencies: + "@types/readable-stream" "^2.3.9" + readable-stream "^3.6.0" + readdir-glob@^1.0.0: version "1.1.1" resolved "https://registry.yarnpkg.com/readdir-glob/-/readdir-glob-1.1.1.tgz#f0e10bb7bf7bfa7e0add8baffdc54c3f7dbee6c4" @@ -10464,6 +10497,15 @@ strip-json-comments@^2.0.1, strip-json-comments@~2.0.1: resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" integrity sha1-PFMZQukIwml8DsNEhYwobHygpgo= +strtok3@^6.0.3: + version "6.0.4" + resolved "https://registry.yarnpkg.com/strtok3/-/strtok3-6.0.4.tgz#ede0d20fde5aa9fda56417c3558eaafccc724694" + integrity sha512-rqWMKwsbN9APU47bQTMEYTPcwdpKDtmf1jVhHzNW2cL1WqAxaM9iBb9t5P2fj+RV2YsErUWgQzHD5JwV0uCTEQ== + dependencies: + "@tokenizer/token" "^0.1.1" + "@types/debug" "^4.1.5" + peek-readable "^3.1.0" + stylehacks@^4.0.0: version "4.0.3" resolved "https://registry.yarnpkg.com/stylehacks/-/stylehacks-4.0.3.tgz#6718fcaf4d1e07d8a1318690881e8d96726a71d5" @@ -10767,6 +10809,14 @@ toidentifier@1.0.0: resolved "https://registry.yarnpkg.com/toidentifier/-/toidentifier-1.0.0.tgz#7e1be3470f1e77948bc43d94a3c8f4d7752ba553" integrity sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw== +token-types@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/token-types/-/token-types-2.0.0.tgz#b23618af744818299c6fbf125e0fdad98bab7e85" + integrity sha512-WWvu8sGK8/ZmGusekZJJ5NM6rRVTTDO7/bahz4NGiSDb/XsmdYBn6a1N/bymUHuWYTWeuLUg98wUzvE4jPdCZw== + dependencies: + "@tokenizer/token" "^0.1.0" + ieee754 "^1.1.13" + toobusy-js@^0.5.1: version "0.5.1" resolved "https://registry.yarnpkg.com/toobusy-js/-/toobusy-js-0.5.1.tgz#5511f78f6a87a6a512d44fdb0efa13672217f659" @@ -10896,6 +10946,13 @@ type@^2.0.0: resolved "https://registry.yarnpkg.com/type/-/type-2.1.0.tgz#9bdc22c648cf8cf86dd23d32336a41cfb6475e3f" integrity sha512-G9absDWvhAWCV2gmF1zKud3OyC61nZDwWvBL2DApaVFogI07CprggiQAOOjvp2NRjYWFzPyu7vwtDrQFq8jeSA== +typedarray-to-buffer@^3.1.5: + version "3.1.5" + resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz#a97ee7a9ff42691b9f783ff1bc5112fe3fca9080" + integrity sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q== + dependencies: + is-typedarray "^1.0.0" + typedarray@^0.0.6: version "0.0.6" resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" diff --git a/pkgs/servers/web-apps/hedgedoc/yarn.nix b/pkgs/servers/web-apps/hedgedoc/yarn.nix index 01ca86f3b1db..340341d0f1e3 100644 --- a/pkgs/servers/web-apps/hedgedoc/yarn.nix +++ b/pkgs/servers/web-apps/hedgedoc/yarn.nix @@ -114,6 +114,14 @@ }; } { + name = "_tokenizer_token___token_0.1.1.tgz"; + path = fetchurl { + name = "_tokenizer_token___token_0.1.1.tgz"; + url = "https://registry.yarnpkg.com/@tokenizer/token/-/token-0.1.1.tgz"; + sha1 = "f0d92c12f87079ddfd1b29f614758b9696bc29e3"; + }; + } + { name = "_types_anymatch___anymatch_1.3.1.tgz"; path = fetchurl { name = "_types_anymatch___anymatch_1.3.1.tgz"; @@ -138,6 +146,14 @@ }; } { + name = "_types_debug___debug_4.1.5.tgz"; + path = fetchurl { + name = "_types_debug___debug_4.1.5.tgz"; + url = "https://registry.yarnpkg.com/@types/debug/-/debug-4.1.5.tgz"; + sha1 = "b14efa8852b7768d898906613c23f688713e02cd"; + }; + } + { name = "_types_express_serve_static_core___express_serve_static_core_4.17.13.tgz"; path = fetchurl { name = "_types_express_serve_static_core___express_serve_static_core_4.17.13.tgz"; @@ -1010,11 +1026,11 @@ }; } { - name = "aws_sdk___aws_sdk_2.815.0.tgz"; + name = "aws_sdk___aws_sdk_2.817.0.tgz"; path = fetchurl { - name = "aws_sdk___aws_sdk_2.815.0.tgz"; - url = "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.815.0.tgz"; - sha1 = "515ead6d0d242f603171faf30c49142fd53a53d9"; + name = "aws_sdk___aws_sdk_2.817.0.tgz"; + url = "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.817.0.tgz"; + sha1 = "3a97b690b0ec494cf8ee927affb3973cf26abcc8"; }; } { @@ -4522,6 +4538,14 @@ }; } { + name = "file_type___file_type_16.1.0.tgz"; + path = fetchurl { + name = "file_type___file_type_16.1.0.tgz"; + url = "https://registry.yarnpkg.com/file-type/-/file-type-16.1.0.tgz"; + sha1 = "1c8a4458b2103e07d2b49ae7f76384abafe86529"; + }; + } + { name = "file_uri_to_path___file_uri_to_path_1.0.0.tgz"; path = fetchurl { name = "file_uri_to_path___file_uri_to_path_1.0.0.tgz"; @@ -8802,6 +8826,14 @@ }; } { + name = "peek_readable___peek_readable_3.1.0.tgz"; + path = fetchurl { + name = "peek_readable___peek_readable_3.1.0.tgz"; + url = "https://registry.yarnpkg.com/peek-readable/-/peek-readable-3.1.0.tgz"; + sha1 = "250b08b7de09db8573d7fd8ea475215bbff14348"; + }; + } + { name = "performance_now___performance_now_2.1.0.tgz"; path = fetchurl { name = "performance_now___performance_now_2.1.0.tgz"; @@ -9698,6 +9730,14 @@ }; } { + name = "readable_web_to_node_stream___readable_web_to_node_stream_3.0.0.tgz"; + path = fetchurl { + name = "readable_web_to_node_stream___readable_web_to_node_stream_3.0.0.tgz"; + url = "https://registry.yarnpkg.com/readable-web-to-node-stream/-/readable-web-to-node-stream-3.0.0.tgz"; + sha1 = "4ca5408e70471069119d691934141a52de413955"; + }; + } + { name = "readdir_glob___readdir_glob_1.1.1.tgz"; path = fetchurl { name = "readdir_glob___readdir_glob_1.1.1.tgz"; @@ -11402,6 +11442,14 @@ }; } { + name = "strtok3___strtok3_6.0.4.tgz"; + path = fetchurl { + name = "strtok3___strtok3_6.0.4.tgz"; + url = "https://registry.yarnpkg.com/strtok3/-/strtok3-6.0.4.tgz"; + sha1 = "ede0d20fde5aa9fda56417c3558eaafccc724694"; + }; + } + { name = "stylehacks___stylehacks_4.0.3.tgz"; path = fetchurl { name = "stylehacks___stylehacks_4.0.3.tgz"; @@ -11698,6 +11746,14 @@ }; } { + name = "token_types___token_types_2.0.0.tgz"; + path = fetchurl { + name = "token_types___token_types_2.0.0.tgz"; + url = "https://registry.yarnpkg.com/token-types/-/token-types-2.0.0.tgz"; + sha1 = "b23618af744818299c6fbf125e0fdad98bab7e85"; + }; + } + { name = "toobusy_js___toobusy_js_0.5.1.tgz"; path = fetchurl { name = "toobusy_js___toobusy_js_0.5.1.tgz"; @@ -11874,6 +11930,14 @@ }; } { + name = "typedarray_to_buffer___typedarray_to_buffer_3.1.5.tgz"; + path = fetchurl { + name = "typedarray_to_buffer___typedarray_to_buffer_3.1.5.tgz"; + url = "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz"; + sha1 = "a97ee7a9ff42691b9f783ff1bc5112fe3fca9080"; + }; + } + { name = "typedarray___typedarray_0.0.6.tgz"; path = fetchurl { name = "typedarray___typedarray_0.0.6.tgz"; |