There are no guarantees about the order of execution of hook
functions, which means that a plugin's `expressConfigure` hook
function could theoretically register a handler/middleware before the
access check middleware is registered. If that happens, the plugin's
handler would run before the access check, which would be bad. Avoid
the problem by explicitly installing the `webaccess.checkAccess`
middleware before running the `expressConfigure` hook.
Snyk has created this PR to upgrade openapi-backend from 5.0.0 to 5.0.1.
See this package in npm:
https://www.npmjs.com/package/openapi-backend
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
Send a 500 HTTP status code to the client if the session entry could
not be fetched from the database. This is useful in case the database
is busy and can't respond to the query in time. In this case we want
to abort the client connection as soon as possible.
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
Snyk has created this PR to upgrade jsdom from 18.1.0 to 18.1.1.
See this package in npm:
https://www.npmjs.com/package/jsdom
See this project in Snyk:
d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
* Factor out plugin query.
* Make idempotent.
* Improve logging.
* Install by symlinking to a parallel directory rather than cloning
into `etherpad-lite/node_modules`.
These options are used as strings, so it doesn't make sense to default
them to a boolean value.
Note that this change has no effect due to a bug in how pad options
are processed; that bug will be fixed in a future commit.
It doesn't make sense to override the browser's language with `en-gb`
by default.
Note that this change has no effect due to a bug in how pad options
are processed; that bug will be fixed in a future commit.
