mirrors/etherpad-lite
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-04-22 08:26:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 26
etherpad-lite/src
History
muxator 140d5c4b41 dependencies: upgrade npm 6.13.1 -> 6.13.4 
This fixes some security vulnerabilites, among them an arbitrary file overwrite.


The output of `npm audit` goes from this:
  found 17 vulnerabilities (15 low, 2 high) in 13344 scanned packages
    run `npm audit fix` to fix 6 of them.
    1 vulnerability requires semver-major dependency updates.
    10 vulnerabilities require manual review. See the full report for details.

To this:
  found 5 vulnerabilities (3 low, 2 high) in 13370 scanned packages
    1 vulnerability requires semver-major dependency updates.
    4 vulnerabilities require manual review. See the full report for details.


Changelog:
- https://github.com/npm/cli/releases


6.13.4 (2019-12-11)
    BUGFIXES
    320ac9aee npm/bin-links#12 npm/gentle-fs#7 Do not remove global bin/man links inappropriately (@isaacs)

    DEPENDENCIES
    52fd21061 gentle-fs@2.3.0 (@isaacs)
    d06f5c0b0 bin-links@1.1.6 (@isaacs)

6.13.3 (2019-12-09)
    DEPENDENCIES
    19ce061a2 bin-links@1.1.5 Properly normalize, sanitize, and verify bin entries in package.json.
    59c836aae npm-packlist@1.4.7
    fb4ecd7d2 pacote@9.5.11
        5f33040 #476 npm/pacote#22 npm/pacote#14 fix: Do not drop perms in git when not root (isaacs, @darcyclarke)
        6f229f7 sanitize and normalize package bin field (isaacs)
    1743cb339 read-package-json@2.1.1

6.13.2 (2019-12-03)
    BUG FIXES
    4429645b3 #546 fix docs target typo (@richardlau)
    867642942 #142 fix(packageRelativePath): fix 'where' for file deps (@larsgw)
    d480f2c17 #527 Revert "windows: Add preliminary WSL support for npm and npx" (@craigloewen-msft)
    e4b97962e #504 remove unnecessary package.json read when reading shrinkwrap (@Lighting-Jack)
    1c65d26ac #501 fix(fund): open url for string shorthand (@ruyadorno)
    ae7afe565 #263 Don't log error message if git tagging is disabled (@woppa684)
    4c1b16f6a #182 Warn the user that it is uninstalling npm-install (@Hoidberg)
2019-12-18 01:17:35 +01:00
..
locales Localisation updates from https://translatewiki.net. 2019-12-16 15:54:40 +01:00
node security: when served over https, set the "secure" flag for "express_sid" and "language" cookie 2019-12-07 04:36:01 +01:00
static referer: change referrer policy. Stop sending referers as much as possible 2019-11-25 00:05:40 +01:00
templates pad.html: fix regression introduced with 5879037ddc. 2019-11-30 20:32:39 +01:00
ep.json Initial work on swagger 2013-03-06 10:10:21 +00:00
etherpad_icon.svg Add new favicon (32x32) with associated svg file 2015-01-11 22:40:56 +01:00
package-lock.json dependencies: upgrade npm 6.13.1 -> 6.13.4 2019-12-18 01:17:35 +01:00
package.json dependencies: upgrade npm 6.13.1 -> 6.13.4 2019-12-18 01:17:35 +01:00
README.md remove one less warning during install by having a readme placeholder 2013-02-10 03:04:08 +00:00
web.config Add IIS config file 2012-10-25 10:22:28 -07:00

README.md

Ignore this file and see the file in the base installation folder