From 0f4b988c1207c3410fdb5ef1ae43e181a283c88d Mon Sep 17 00:00:00 2001 From: Yukai Huang Date: Thu, 4 Jan 2024 16:54:54 +0800 Subject: [PATCH 01/10] chore: bump @hackmd/pandoc to 0.3.4 Signed-off-by: Yukai Huang --- package-lock.json | 222 +++++++++++++++++++++++++++++++++++++--------- package.json | 2 +- 2 files changed, 179 insertions(+), 45 deletions(-) diff --git a/package-lock.json b/package-lock.json index 029730ff5..7edee4664 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14,7 +14,7 @@ "@hackmd/imgur": "~0.5.0", "@hackmd/lz-string": "~1.4.4", "@hackmd/meta-marked": "~0.5.0", - "@hackmd/pandoc.js": "^0.2.1", + "@hackmd/pandoc.js": "0.3.4", "@mattermost/client": "^9.2.0", "@passport-next/passport-openid": "~1.0.0", "archiver": "~3.1.1", @@ -1083,9 +1083,9 @@ } }, "node_modules/@hackmd/pandoc.js": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/@hackmd/pandoc.js/-/pandoc.js-0.2.1.tgz", - "integrity": "sha512-AdRFhv9eIc4lWFqDL947afD+wCPQv67VJqs4CIlsfB8tbJIuhNSeKVrJ6SCrHyu+RgNaBtz2S+DwRdrbnYL8xg==", + "version": "0.3.4", + "resolved": "https://registry.npmjs.org/@hackmd/pandoc.js/-/pandoc.js-0.3.4.tgz", + "integrity": "sha512-hOYbGyMGwjZviOA+pFJhkG0NWRo4h48gOk0PAVqmkobQX07mQocAksAwqh0NsI3OJ0FtYtS+UOD+frnljWM1uw==", "hasInstallScript": true, "dependencies": { "extract-zip": "^1.6.7", @@ -8770,11 +8770,13 @@ }, "node_modules/fsevents/node_modules/abbrev": { "version": "1.1.1", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/ansi-regex": { "version": "2.1.1", + "extraneous": true, "inBundle": true, "license": "MIT", "engines": { @@ -8783,11 +8785,13 @@ }, "node_modules/fsevents/node_modules/aproba": { "version": "1.2.0", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/are-we-there-yet": { "version": "1.1.5", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -8797,11 +8801,13 @@ }, "node_modules/fsevents/node_modules/balanced-match": { "version": "1.0.0", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/brace-expansion": { "version": "1.1.11", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -8811,11 +8817,13 @@ }, "node_modules/fsevents/node_modules/chownr": { "version": "1.1.3", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/code-point-at": { "version": "1.1.0", + "extraneous": true, "inBundle": true, "license": "MIT", "engines": { @@ -8824,21 +8832,25 @@ }, "node_modules/fsevents/node_modules/concat-map": { "version": "0.0.1", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/console-control-strings": { "version": "1.1.0", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/core-util-is": { "version": "1.0.2", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/debug": { "version": "3.2.6", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -8847,6 +8859,7 @@ }, "node_modules/fsevents/node_modules/deep-extend": { "version": "0.6.0", + "extraneous": true, "inBundle": true, "license": "MIT", "engines": { @@ -8855,11 +8868,13 @@ }, "node_modules/fsevents/node_modules/delegates": { "version": "1.0.0", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/detect-libc": { "version": "1.0.3", + "extraneous": true, "inBundle": true, "license": "Apache-2.0", "bin": { @@ -8871,6 +8886,7 @@ }, "node_modules/fsevents/node_modules/fs-minipass": { "version": "1.2.7", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -8879,11 +8895,13 @@ }, "node_modules/fsevents/node_modules/fs.realpath": { "version": "1.0.0", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/gauge": { "version": "2.7.4", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -8899,6 +8917,7 @@ }, "node_modules/fsevents/node_modules/glob": { "version": "7.1.6", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -8918,11 +8937,13 @@ }, "node_modules/fsevents/node_modules/has-unicode": { "version": "2.0.1", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/iconv-lite": { "version": "0.4.24", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -8934,6 +8955,7 @@ }, "node_modules/fsevents/node_modules/ignore-walk": { "version": "3.0.3", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -8942,6 +8964,7 @@ }, "node_modules/fsevents/node_modules/inflight": { "version": "1.0.6", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -8951,11 +8974,13 @@ }, "node_modules/fsevents/node_modules/inherits": { "version": "2.0.4", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/ini": { "version": "1.3.5", + "extraneous": true, "inBundle": true, "license": "ISC", "engines": { @@ -8964,6 +8989,7 @@ }, "node_modules/fsevents/node_modules/is-fullwidth-code-point": { "version": "1.0.0", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -8975,11 +9001,13 @@ }, "node_modules/fsevents/node_modules/isarray": { "version": "1.0.0", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/minimatch": { "version": "3.0.4", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -8991,11 +9019,13 @@ }, "node_modules/fsevents/node_modules/minimist": { "version": "0.0.8", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/minipass": { "version": "2.9.0", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -9005,6 +9035,7 @@ }, "node_modules/fsevents/node_modules/minizlib": { "version": "1.3.3", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -9013,6 +9044,7 @@ }, "node_modules/fsevents/node_modules/mkdirp": { "version": "0.5.1", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -9024,11 +9056,13 @@ }, "node_modules/fsevents/node_modules/ms": { "version": "2.1.2", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/needle": { "version": "2.4.0", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -9045,6 +9079,7 @@ }, "node_modules/fsevents/node_modules/node-pre-gyp": { "version": "0.14.0", + "extraneous": true, "inBundle": true, "license": "BSD-3-Clause", "dependencies": { @@ -9065,6 +9100,7 @@ }, "node_modules/fsevents/node_modules/nopt": { "version": "4.0.1", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -9077,6 +9113,7 @@ }, "node_modules/fsevents/node_modules/npm-bundled": { "version": "1.1.1", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -9085,11 +9122,13 @@ }, "node_modules/fsevents/node_modules/npm-normalize-package-bin": { "version": "1.0.1", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/npm-packlist": { "version": "1.4.7", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -9099,6 +9138,7 @@ }, "node_modules/fsevents/node_modules/npmlog": { "version": "4.1.2", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -9110,6 +9150,7 @@ }, "node_modules/fsevents/node_modules/number-is-nan": { "version": "1.0.1", + "extraneous": true, "inBundle": true, "license": "MIT", "engines": { @@ -9118,6 +9159,7 @@ }, "node_modules/fsevents/node_modules/object-assign": { "version": "4.1.1", + "extraneous": true, "inBundle": true, "license": "MIT", "engines": { @@ -9126,6 +9168,7 @@ }, "node_modules/fsevents/node_modules/once": { "version": "1.4.0", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -9134,6 +9177,7 @@ }, "node_modules/fsevents/node_modules/os-homedir": { "version": "1.0.2", + "extraneous": true, "inBundle": true, "license": "MIT", "engines": { @@ -9142,6 +9186,7 @@ }, "node_modules/fsevents/node_modules/os-tmpdir": { "version": "1.0.2", + "extraneous": true, "inBundle": true, "license": "MIT", "engines": { @@ -9150,6 +9195,7 @@ }, "node_modules/fsevents/node_modules/osenv": { "version": "0.1.5", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -9159,6 +9205,7 @@ }, "node_modules/fsevents/node_modules/path-is-absolute": { "version": "1.0.1", + "extraneous": true, "inBundle": true, "license": "MIT", "engines": { @@ -9167,11 +9214,13 @@ }, "node_modules/fsevents/node_modules/process-nextick-args": { "version": "2.0.1", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/rc": { "version": "1.2.8", + "extraneous": true, "inBundle": true, "license": "(BSD-2-Clause OR MIT OR Apache-2.0)", "dependencies": { @@ -9186,11 +9235,13 @@ }, "node_modules/fsevents/node_modules/rc/node_modules/minimist": { "version": "1.2.0", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/readable-stream": { "version": "2.3.6", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -9205,6 +9256,7 @@ }, "node_modules/fsevents/node_modules/rimraf": { "version": "2.7.1", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -9216,21 +9268,25 @@ }, "node_modules/fsevents/node_modules/safe-buffer": { "version": "5.1.2", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/safer-buffer": { "version": "2.1.2", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/sax": { "version": "1.2.4", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/semver": { "version": "5.7.1", + "extraneous": true, "inBundle": true, "license": "ISC", "bin": { @@ -9239,16 +9295,19 @@ }, "node_modules/fsevents/node_modules/set-blocking": { "version": "2.0.0", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/signal-exit": { "version": "3.0.2", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/string_decoder": { "version": "1.1.1", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -9257,6 +9316,7 @@ }, "node_modules/fsevents/node_modules/string-width": { "version": "1.0.2", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -9270,6 +9330,7 @@ }, "node_modules/fsevents/node_modules/strip-ansi": { "version": "3.0.1", + "extraneous": true, "inBundle": true, "license": "MIT", "dependencies": { @@ -9281,6 +9342,7 @@ }, "node_modules/fsevents/node_modules/strip-json-comments": { "version": "2.0.1", + "extraneous": true, "inBundle": true, "license": "MIT", "engines": { @@ -9289,6 +9351,7 @@ }, "node_modules/fsevents/node_modules/tar": { "version": "4.4.13", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -9306,11 +9369,13 @@ }, "node_modules/fsevents/node_modules/util-deprecate": { "version": "1.0.2", + "extraneous": true, "inBundle": true, "license": "MIT" }, "node_modules/fsevents/node_modules/wide-align": { "version": "1.1.3", + "extraneous": true, "inBundle": true, "license": "ISC", "dependencies": { @@ -9319,11 +9384,13 @@ }, "node_modules/fsevents/node_modules/wrappy": { "version": "1.0.2", + "extraneous": true, "inBundle": true, "license": "ISC" }, "node_modules/fsevents/node_modules/yallist": { "version": "3.1.1", + "extraneous": true, "inBundle": true, "license": "ISC" }, @@ -23099,9 +23166,9 @@ } }, "@hackmd/pandoc.js": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/@hackmd/pandoc.js/-/pandoc.js-0.2.1.tgz", - "integrity": "sha512-AdRFhv9eIc4lWFqDL947afD+wCPQv67VJqs4CIlsfB8tbJIuhNSeKVrJ6SCrHyu+RgNaBtz2S+DwRdrbnYL8xg==", + "version": "0.3.4", + "resolved": "https://registry.npmjs.org/@hackmd/pandoc.js/-/pandoc.js-0.3.4.tgz", + "integrity": "sha512-hOYbGyMGwjZviOA+pFJhkG0NWRo4h48gOk0PAVqmkobQX07mQocAksAwqh0NsI3OJ0FtYtS+UOD+frnljWM1uw==", "requires": { "extract-zip": "^1.6.7", "fs-extra": "^8.1.0", @@ -29692,19 +29759,23 @@ "dependencies": { "abbrev": { "version": "1.1.1", - "bundled": true + "bundled": true, + "extraneous": true }, "ansi-regex": { "version": "2.1.1", - "bundled": true + "bundled": true, + "extraneous": true }, "aproba": { "version": "1.2.0", - "bundled": true + "bundled": true, + "extraneous": true }, "are-we-there-yet": { "version": "1.1.5", "bundled": true, + "extraneous": true, "requires": { "delegates": "^1.0.0", "readable-stream": "^2.0.6" @@ -29712,11 +29783,13 @@ }, "balanced-match": { "version": "1.0.0", - "bundled": true + "bundled": true, + "extraneous": true }, "brace-expansion": { "version": "1.1.11", "bundled": true, + "extraneous": true, "requires": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -29724,57 +29797,69 @@ }, "chownr": { "version": "1.1.3", - "bundled": true + "bundled": true, + "extraneous": true }, "code-point-at": { "version": "1.1.0", - "bundled": true + "bundled": true, + "extraneous": true }, "concat-map": { "version": "0.0.1", - "bundled": true + "bundled": true, + "extraneous": true }, "console-control-strings": { "version": "1.1.0", - "bundled": true + "bundled": true, + "extraneous": true }, "core-util-is": { "version": "1.0.2", - "bundled": true + "bundled": true, + "extraneous": true }, "debug": { "version": "3.2.6", "bundled": true, + "extraneous": true, "requires": { "ms": "^2.1.1" } }, "deep-extend": { "version": "0.6.0", - "bundled": true + "bundled": true, + "extraneous": true }, "delegates": { "version": "1.0.0", - "bundled": true + "bundled": true, + "extraneous": true }, "detect-libc": { "version": "1.0.3", - "bundled": true + "bundled": true, + "extraneous": true }, "fs-minipass": { "version": "1.2.7", "bundled": true, + "extraneous": true, "requires": { "minipass": "^2.6.0" } }, "fs.realpath": { "version": "1.0.0", - "bundled": true + "bundled": true, + "extraneous": true }, "gauge": { "version": "2.7.4", "bundled": true, + "extraneous": true, "requires": { "aproba": "^1.0.3", "console-control-strings": "^1.0.0", @@ -29789,6 +29874,7 @@ "glob": { "version": "7.1.6", "bundled": true, + "extraneous": true, "requires": { "fs.realpath": "^1.0.0", "inflight": "^1.0.4", @@ -29800,11 +29886,13 @@ }, "has-unicode": { "version": "2.0.1", - "bundled": true + "bundled": true, + "extraneous": true }, "iconv-lite": { "version": "0.4.24", "bundled": true, + "extraneous": true, "requires": { "safer-buffer": ">= 2.1.2 < 3" } @@ -29812,6 +29900,7 @@ "ignore-walk": { "version": "3.0.3", "bundled": true, + "extraneous": true, "requires": { "minimatch": "^3.0.4" } @@ -29819,6 +29908,7 @@ "inflight": { "version": "1.0.6", "bundled": true, + "extraneous": true, "requires": { "once": "^1.3.0", "wrappy": "1" @@ -29826,37 +29916,44 @@ }, "inherits": { "version": "2.0.4", - "bundled": true + "bundled": true, + "extraneous": true }, "ini": { "version": "1.3.5", - "bundled": true + "bundled": true, + "extraneous": true }, "is-fullwidth-code-point": { "version": "1.0.0", "bundled": true, + "extraneous": true, "requires": { "number-is-nan": "^1.0.0" } }, "isarray": { "version": "1.0.0", - "bundled": true + "bundled": true, + "extraneous": true }, "minimatch": { "version": "3.0.4", "bundled": true, + "extraneous": true, "requires": { "brace-expansion": "^1.1.7" } }, "minimist": { "version": "0.0.8", - "bundled": true + "bundled": true, + "extraneous": true }, "minipass": { "version": "2.9.0", "bundled": true, + "extraneous": true, "requires": { "safe-buffer": "^5.1.2", "yallist": "^3.0.0" @@ -29865,6 +29962,7 @@ "minizlib": { "version": "1.3.3", "bundled": true, + "extraneous": true, "requires": { "minipass": "^2.9.0" } @@ -29872,17 +29970,20 @@ "mkdirp": { "version": "0.5.1", "bundled": true, + "extraneous": true, "requires": { "minimist": "0.0.8" } }, "ms": { "version": "2.1.2", - "bundled": true + "bundled": true, + "extraneous": true }, "needle": { "version": "2.4.0", "bundled": true, + "extraneous": true, "requires": { "debug": "^3.2.6", "iconv-lite": "^0.4.4", @@ -29892,6 +29993,7 @@ "node-pre-gyp": { "version": "0.14.0", "bundled": true, + "extraneous": true, "requires": { "detect-libc": "^1.0.2", "mkdirp": "^0.5.1", @@ -29908,6 +30010,7 @@ "nopt": { "version": "4.0.1", "bundled": true, + "extraneous": true, "requires": { "abbrev": "1", "osenv": "^0.1.4" @@ -29916,17 +30019,20 @@ "npm-bundled": { "version": "1.1.1", "bundled": true, + "extraneous": true, "requires": { "npm-normalize-package-bin": "^1.0.1" } }, "npm-normalize-package-bin": { "version": "1.0.1", - "bundled": true + "bundled": true, + "extraneous": true }, "npm-packlist": { "version": "1.4.7", "bundled": true, + "extraneous": true, "requires": { "ignore-walk": "^3.0.1", "npm-bundled": "^1.0.1" @@ -29935,6 +30041,7 @@ "npmlog": { "version": "4.1.2", "bundled": true, + "extraneous": true, "requires": { "are-we-there-yet": "~1.1.2", "console-control-strings": "~1.1.0", @@ -29944,30 +30051,36 @@ }, "number-is-nan": { "version": "1.0.1", - "bundled": true + "bundled": true, + "extraneous": true }, "object-assign": { "version": "4.1.1", - "bundled": true + "bundled": true, + "extraneous": true }, "once": { "version": "1.4.0", "bundled": true, + "extraneous": true, "requires": { "wrappy": "1" } }, "os-homedir": { "version": "1.0.2", - "bundled": true + "bundled": true, + "extraneous": true }, "os-tmpdir": { "version": "1.0.2", - "bundled": true + "bundled": true, + "extraneous": true }, "osenv": { "version": "0.1.5", "bundled": true, + "extraneous": true, "requires": { "os-homedir": "^1.0.0", "os-tmpdir": "^1.0.0" @@ -29975,15 +30088,18 @@ }, "path-is-absolute": { "version": "1.0.1", - "bundled": true + "bundled": true, + "extraneous": true }, "process-nextick-args": { "version": "2.0.1", - "bundled": true + "bundled": true, + "extraneous": true }, "rc": { "version": "1.2.8", "bundled": true, + "extraneous": true, "requires": { "deep-extend": "^0.6.0", "ini": "~1.3.0", @@ -29993,13 +30109,15 @@ "dependencies": { "minimist": { "version": "1.2.0", - "bundled": true + "bundled": true, + "extraneous": true } } }, "readable-stream": { "version": "2.3.6", "bundled": true, + "extraneous": true, "requires": { "core-util-is": "~1.0.0", "inherits": "~2.0.3", @@ -30013,37 +30131,45 @@ "rimraf": { "version": "2.7.1", "bundled": true, + "extraneous": true, "requires": { "glob": "^7.1.3" } }, "safe-buffer": { "version": "5.1.2", - "bundled": true + "bundled": true, + "extraneous": true }, "safer-buffer": { "version": "2.1.2", - "bundled": true + "bundled": true, + "extraneous": true }, "sax": { "version": "1.2.4", - "bundled": true + "bundled": true, + "extraneous": true }, "semver": { "version": "5.7.1", - "bundled": true + "bundled": true, + "extraneous": true }, "set-blocking": { "version": "2.0.0", - "bundled": true + "bundled": true, + "extraneous": true }, "signal-exit": { "version": "3.0.2", - "bundled": true + "bundled": true, + "extraneous": true }, "string_decoder": { "version": "1.1.1", "bundled": true, + "extraneous": true, "requires": { "safe-buffer": "~5.1.0" } @@ -30051,6 +30177,7 @@ "string-width": { "version": "1.0.2", "bundled": true, + "extraneous": true, "requires": { "code-point-at": "^1.0.0", "is-fullwidth-code-point": "^1.0.0", @@ -30060,17 +30187,20 @@ "strip-ansi": { "version": "3.0.1", "bundled": true, + "extraneous": true, "requires": { "ansi-regex": "^2.0.0" } }, "strip-json-comments": { "version": "2.0.1", - "bundled": true + "bundled": true, + "extraneous": true }, "tar": { "version": "4.4.13", "bundled": true, + "extraneous": true, "requires": { "chownr": "^1.1.1", "fs-minipass": "^1.2.5", @@ -30083,22 +30213,26 @@ }, "util-deprecate": { "version": "1.0.2", - "bundled": true + "bundled": true, + "extraneous": true }, "wide-align": { "version": "1.1.3", "bundled": true, + "extraneous": true, "requires": { "string-width": "^1.0.2 || 2" } }, "wrappy": { "version": "1.0.2", - "bundled": true + "bundled": true, + "extraneous": true }, "yallist": { "version": "3.1.1", - "bundled": true + "bundled": true, + "extraneous": true } } }, diff --git a/package.json b/package.json index 67f265177..efa829f5a 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "@hackmd/imgur": "~0.5.0", "@hackmd/lz-string": "~1.4.4", "@hackmd/meta-marked": "~0.5.0", - "@hackmd/pandoc.js": "^0.2.1", + "@hackmd/pandoc.js": "0.3.4", "@mattermost/client": "^9.2.0", "@passport-next/passport-openid": "~1.0.0", "archiver": "~3.1.1", From cd52cb7ec78d13b48ed28c8bcee1a3a6705ad8d7 Mon Sep 17 00:00:00 2001 From: Yukai Huang Date: Thu, 4 Jan 2024 16:59:45 +0800 Subject: [PATCH 02/10] fix: only allow string type exportType paramter fixes #1846 Signed-off-by: Yukai Huang --- lib/note/noteActions.js | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/lib/note/noteActions.js b/lib/note/noteActions.js index d9c57da21..964f4505d 100644 --- a/lib/note/noteActions.js +++ b/lib/note/noteActions.js @@ -133,14 +133,17 @@ async function actionPandoc (req, res, note) { content = content.replace(/\]\(\//g, '](' + url + '/') const { exportType } = req.query + if (typeof exportType !== 'string') { + return res.sendStatus(400) + } + const contentType = outputFormats[exportType] + if (!contentType) { + return res.sendStatus(400) + } try { // TODO: timeout rejection - if (!contentType) { - return res.sendStatus(400) - } - await pandoc.convertToFile(content, 'markdown', exportType, path, [ '--metadata', `title=${title}`, '--sandbox' ]) From dd5bdcdf6485307fafed79f806e65cd45caad38b Mon Sep 17 00:00:00 2001 From: Yukai Huang Date: Thu, 4 Jan 2024 17:26:31 +0800 Subject: [PATCH 03/10] chore: remove cjk image build Signed-off-by: Yukai Huang --- deployments/build.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/deployments/build.sh b/deployments/build.sh index bf49aef63..9ee146972 100755 --- a/deployments/build.sh +++ b/deployments/build.sh @@ -18,4 +18,3 @@ DOCKER_TAG="${GIT_TAG:-$GIT_SHORT_ID}" docker build --build-arg RUNTIME=$1 --build-arg BUILDPACK=$2 -t "hackmdio/hackmd:$DOCKER_TAG" -f "$CURRENT_DIR/Dockerfile" "$CURRENT_DIR/.." -docker build --build-arg RUNTIME=$1 --build-arg BUILDPACK=$2 -t "hackmdio/hackmd:$DOCKER_TAG-cjk" -f "$CURRENT_DIR/Dockerfile" "$CURRENT_DIR/.." From 9eaec0134064d2a1f0e24a6eece4cc2dc80f0cfb Mon Sep 17 00:00:00 2001 From: Yukai Huang Date: Thu, 4 Jan 2024 17:45:49 +0800 Subject: [PATCH 04/10] chore: push-image workflow Signed-off-by: Yukai Huang --- .github/workflows/push-image.yml | 123 +++++++++++++++++++++++++++++++ 1 file changed, 123 insertions(+) create mode 100644 .github/workflows/push-image.yml diff --git a/.github/workflows/push-image.yml b/.github/workflows/push-image.yml new file mode 100644 index 000000000..5f51f0d47 --- /dev/null +++ b/.github/workflows/push-image.yml @@ -0,0 +1,123 @@ +name: Build and push image + +on: + release: + types: [published] + workflow_dispatch: + inputs: + runtime: + description: 'Runtime image' + required: true + default: 'hackmdio/runtime:16.20.2-58224661' + buildpack: + description: 'Buildpack image' + required: true + default: 'hackmdio/buildpack:16.20.2-58224661' + +env: + REGISTRY_IMAGE: hackmdio/hackmd + +jobs: + build: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + platform: + - linux/amd64 + # - linux/arm64 + steps: + - + name: Prepare + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + - + name: Checkout + uses: actions/checkout@v4 + - + name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + tags: + type=match,pattern=\d.\d.\d + type=sha + - + name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - + name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - + name: Build and push by digest + id: build + uses: docker/build-push-action@v5 + with: + context: . + file: ./deployments/Dockerfile + platforms: ${{ matrix.platform }} + tags: ${{ steps.meta.outputs.tags }} + outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true + build-args: | + RUNTIME=${{ github.event.inputs.runtime || 'hackmdio/runtime:16.20.2-58224661' }} + BUILDPACK=${{ github.event.inputs.buildpack || 'hackmdio/buildpack:16.20.2-58224661' }} + - + name: Export digest + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + - + name: Upload digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_PAIR }} + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + merge: + runs-on: ubuntu-latest + needs: + - build + steps: + - + name: Download digests + uses: actions/download-artifact@v4 + with: + path: /tmp/digests + pattern: digests-* + merge-multiple: true + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - + name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + - + name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - + name: Create manifest list and push + working-directory: /tmp/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) + - + name: Inspect image + run: | + docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} From 82fe56c08d9f8285ef738a36c24fe7c2b37960c7 Mon Sep 17 00:00:00 2001 From: Yukai Huang Date: Thu, 4 Jan 2024 18:09:07 +0800 Subject: [PATCH 05/10] fix: tags should be multiline Signed-off-by: Yukai Huang --- .github/workflows/push-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push-image.yml b/.github/workflows/push-image.yml index 5f51f0d47..535618f59 100644 --- a/.github/workflows/push-image.yml +++ b/.github/workflows/push-image.yml @@ -41,7 +41,7 @@ jobs: uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} - tags: + tags: | type=match,pattern=\d.\d.\d type=sha - From c282a3daa871b14ce05705f012a24dcb70f11ee8 Mon Sep 17 00:00:00 2001 From: Yukai Huang Date: Thu, 4 Jan 2024 18:11:41 +0800 Subject: [PATCH 06/10] chore: remove sha tag prefix Signed-off-by: Yukai Huang --- .github/workflows/push-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push-image.yml b/.github/workflows/push-image.yml index 535618f59..59371e744 100644 --- a/.github/workflows/push-image.yml +++ b/.github/workflows/push-image.yml @@ -43,7 +43,7 @@ jobs: images: ${{ env.REGISTRY_IMAGE }} tags: | type=match,pattern=\d.\d.\d - type=sha + type=sha,prefix= - name: Set up QEMU uses: docker/setup-qemu-action@v3 From fa0d7e87b95de2316f41da95f60e1016a17d05fe Mon Sep 17 00:00:00 2001 From: Yukai Huang Date: Thu, 4 Jan 2024 18:30:45 +0800 Subject: [PATCH 07/10] fix: push by labels in matrix stage Signed-off-by: Yukai Huang --- .github/workflows/push-image.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/push-image.yml b/.github/workflows/push-image.yml index 59371e744..8d368bd21 100644 --- a/.github/workflows/push-image.yml +++ b/.github/workflows/push-image.yml @@ -41,9 +41,6 @@ jobs: uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} - tags: | - type=match,pattern=\d.\d.\d - type=sha,prefix= - name: Set up QEMU uses: docker/setup-qemu-action@v3 @@ -64,7 +61,7 @@ jobs: context: . file: ./deployments/Dockerfile platforms: ${{ matrix.platform }} - tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true build-args: | RUNTIME=${{ github.event.inputs.runtime || 'hackmdio/runtime:16.20.2-58224661' }} @@ -105,6 +102,9 @@ jobs: uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} + tags: | + type=match,pattern=\d.\d.\d + type=sha,prefix= - name: Login to Docker Hub uses: docker/login-action@v3 From a68054f42d80bff8fb8c4ec6dcd4803845dfa3a5 Mon Sep 17 00:00:00 2001 From: Yukai Huang Date: Thu, 4 Jan 2024 18:35:52 +0800 Subject: [PATCH 08/10] chore: enable arm64 build Signed-off-by: Yukai Huang --- .github/workflows/push-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push-image.yml b/.github/workflows/push-image.yml index 8d368bd21..a505b86f4 100644 --- a/.github/workflows/push-image.yml +++ b/.github/workflows/push-image.yml @@ -25,7 +25,7 @@ jobs: matrix: platform: - linux/amd64 - # - linux/arm64 + - linux/arm64 steps: - name: Prepare From 5ce5e2ac9617da00886bec8407d00be26b81c1f7 Mon Sep 17 00:00:00 2001 From: Yukai Huang Date: Fri, 5 Jan 2024 13:43:48 +0800 Subject: [PATCH 09/10] fix: update buildpack/runtime tag to 16.20.2-35fe7e39 Signed-off-by: Yukai Huang --- .github/workflows/push-image.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/push-image.yml b/.github/workflows/push-image.yml index a505b86f4..0d46e9e88 100644 --- a/.github/workflows/push-image.yml +++ b/.github/workflows/push-image.yml @@ -8,11 +8,11 @@ on: runtime: description: 'Runtime image' required: true - default: 'hackmdio/runtime:16.20.2-58224661' + default: 'hackmdio/runtime:16.20.2-35fe7e39' buildpack: description: 'Buildpack image' required: true - default: 'hackmdio/buildpack:16.20.2-58224661' + default: 'hackmdio/buildpack:16.20.2-35fe7e39' env: REGISTRY_IMAGE: hackmdio/hackmd @@ -64,8 +64,8 @@ jobs: labels: ${{ steps.meta.outputs.labels }} outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true build-args: | - RUNTIME=${{ github.event.inputs.runtime || 'hackmdio/runtime:16.20.2-58224661' }} - BUILDPACK=${{ github.event.inputs.buildpack || 'hackmdio/buildpack:16.20.2-58224661' }} + RUNTIME=${{ github.event.inputs.runtime || 'hackmdio/runtime:16.20.2-35fe7e39' }} + BUILDPACK=${{ github.event.inputs.buildpack || 'hackmdio/buildpack:16.20.2-35fe7e39' }} - name: Export digest run: | From d94ac6c3d83caeaad29b7700b1cd877e143406e7 Mon Sep 17 00:00:00 2001 From: Yukai Huang Date: Fri, 5 Jan 2024 17:52:26 +0800 Subject: [PATCH 10/10] docs: update 2.5.2 release note Signed-off-by: Yukai Huang --- public/docs/release-notes.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/public/docs/release-notes.md b/public/docs/release-notes.md index 337b01a19..9d301c0a6 100644 --- a/public/docs/release-notes.md +++ b/public/docs/release-notes.md @@ -1,6 +1,24 @@ Release Notes === + 2.5.2 2024-01-05 +--- + +[Check out the complete release note][v2_5_2]. Thank you CodiMD community and all our contributors. ❤️ + +[v2_5_2]: https://hackmd.io/@codimd/release-notes/%2F%40codimd%2Fv2_5_2 + +This is another recovery release that fixes the pandoc DoS issue. + +## Enhancements + +- Build docker image using github actions + +## Fixes + +- **\[Security Issue]** address denial of service issue in actionPandoc + + 2.5.1 2024-01-03 ---