nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-26 00:43:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
698,427 Commits 223 Branches 124 Tags 7.5 GiB
d7bf46fed1
Commit Graph

34 Commits

Author SHA1 Message Date
Peder Bergebakken Sundt
8c8c27bb19 treewide: remove unused inputs 2024-09-18 01:00:07 +02:00
Sandro Jäckel
7e7df1ade9
hedgedoc: 1.9.9 -> 1.10.0 
Changelog: https://github.com/hedgedoc/hedgedoc/releases/tag/1.10.0
Fixes: https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-pjf2-269h-cx7p
 2024-09-02 11:08:09 +02:00
Martin Weinelt
8e0ad10902
hedgedoc: pin python311 2024-07-05 02:07:24 +02:00
Sandro Jäckel
10cadef027
hedgedoc: fix executing scripts, delete unused setup script 2024-05-21 14:29:09 +02:00
Jussi Kuokkanen
82b45bf454 treewide: remove licenses.agpl3 2024-03-21 18:09:24 +02:00
Sandro Jäckel
e91a7b7a4e
hedgedoc: move files to share/hedeodc in the package 2024-02-06 19:26:21 +01:00
Sandro Jäckel
26316368cb
hedgedoc: fix executing any of the management clis, remove heroku bin 
as we don't need that
 2024-02-06 19:13:51 +01:00
Pol Dellaiera
bb1faddf07 hedgedoc: add meta.mainProgram 
Follow up of https://github.com/NixOS/nixpkgs/pull/246386
 2023-08-03 11:54:32 +02:00
Sandro
3ba3da4824
hedgedoc: 1.9.8 -> 1.9.9 (#246259) 
https://hedgedoc.org/releases/1.9.9/
https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-7494-7hcf-vxpg

Fixes: CVE-2023-38487
 2023-07-31 02:26:27 +02:00
Janne Heß
d6cb7c46b2
hedgedoc: 1.9.7 -> 1.9.8 and redo package 
- Yarnify
- Do a full source build
- Clean up the wrapper things
 2023-07-25 14:43:07 +02:00
Theodore Ni
ac69020750
treewide: remove unused nix-prefetch-github from shebangs 2023-07-18 18:16:17 -07:00
Sandro Jäckel
bda7e527de
hedgedoc: 1.9.6 -> 1.9.7, remove inactive maintainer 2023-02-20 00:33:11 +01:00
Pol Dellaiera
e8805267fe
hedgedoc: 1.9.5 -> 1.9.6 2022-11-07 09:23:56 +01:00
Pol Dellaiera
31b3bf55fc
hedgedoc: 1.9.4 -> 1.9.5 2022-10-31 13:39:21 +01:00
pacien
968f9d2d76 hedgedoc: fix package name in update script help text 2022-10-08 22:47:27 +02:00
Sandro Jäckel
1653d2e3e2
hedgedoc: refactor to fix editor crashing, replace inactive maintainer with myself 2022-07-24 16:18:09 +02:00
Pol Dellaiera
a174de16ed
hedgedoc: 1.9.0 -> 1.9.4 (#178129) 2022-07-21 11:54:17 +02:00
Maximilian Bosch
cdbc6e64e4
treewide: reduce maintenance workload for ma27 
Note: I DO NOT resign from nixpkgs, not at all!

However, I like a clean notification inbox and I get a lot of stuff for
packages where I'm only an end-user or don't use them anymore and thus
can't help out that much.

So please consider it a measure to reduce the mental load for me when
going through my notifications ;-)
 2022-06-19 12:07:43 +02:00
Yureka
ff202a635d hedgedoc: fix build 2021-12-29 19:29:03 +01:00
Yureka
0fef05c2bf Revert "hedgedoc: 1.9.0 -> 1.9.2" 
This reverts commit f5c724877e.
 2021-12-29 19:29:03 +01:00
Maximilian Bosch
f5c724877e
hedgedoc: 1.9.0 -> 1.9.2 
ChangeLogs:
* https://github.com/hedgedoc/hedgedoc/releases/tag/1.9.1
* https://github.com/hedgedoc/hedgedoc/releases/tag/1.9.2
 2021-12-19 16:40:28 +01:00
Sandro Jäckel
8547db919a
treewide: switch `builtins.fromJSON(builtins.readFile ./file.json)` to lib.importJSON ./file.json 2021-11-03 14:43:52 +01:00
Yureka
149fb9c529 hedgedoc: use fetchYarnDeps, add update script 2021-10-20 11:39:16 +02:00
Maximilian Bosch
aa4c5bb7cf hedgedoc: fix build by re-running yarn2nix 
Failing Hydra build: https://hydra.nixos.org/build/154209534
 2021-09-26 21:05:28 +02:00
Maximilian Bosch
e187f77ceb
hedgedoc: fix eval with allowAliases = false 2021-09-19 00:23:28 +02:00
Maximilian Bosch
0a10c17c8d
hedgedoc: 1.8.2 -> 1.9.0, fixes CVE-2021-39175 
ChangeLog: https://github.com/hedgedoc/hedgedoc/releases/tag/1.9.0

As documented in the Nix expression, I unfortunately had to patch
`yarn.lock` manually (the `yarn.nix` result isn't affected by this). By
adding a `git+https`-prefix to
`midi "https://github.com/paulrosen/MIDI.js.git#abcjs"` in the lock-file
I ensured that `yarn` actually uses the `MIDI.js` from the offline-cache
from `yarn2nix` rather than trying to download a tarball from GitHub.

Also, this release contains a fix for CVE-2021-39175 which doesn't seem
to be backported to 1.8. To quote NVD[1]:

> In versions prior to 1.9.0, an unauthenticated attacker can inject
> arbitrary JavaScript into the speaker-notes of the slide-mode feature
> by embedding an iframe hosting the malicious code into the slides or by
> embedding the HedgeDoc instance into another page.

Even though it "only" has a medium rating by NVD (6.1), this seems
rather problematic to me (also, GitHub rates this as "High"), so it's
actually a candidate for a backport.

[1] https://nvd.nist.gov/vuln/detail/CVE-2021-39175
 2021-09-19 00:18:18 +02:00
Robert Hensing
a201246bac treewide: runCommandNoCC -> runCommand in generated code 
This has been synonymous for ~5y.

Note that many of these runCommand bindings are unused, but that's
ok for generated code.
 2021-08-15 17:36:41 +02:00
Felix Buehler
a56d117bdb servers: replace name with pname&version 2021-07-26 20:15:46 +02:00
WilliButz
0432a81670
hedgedoc: 1.8.0 -> 1.8.2 
includes fixes for:
* CVE-2021-29503: Improper Neutralization of Script-Related HTML Tags in Notes
* a potential XSS-vector in the handling of usernames and profile pictures

https://github.com/hedgedoc/hedgedoc/releases/tag/1.8.2
 2021-05-11 23:59:13 +02:00
WilliButz
0a27a76b27
hedgedoc: 1.7.2 -> 1.8.0 
https://github.com/hedgedoc/hedgedoc/releases/tag/1.8.0

includes fixes for CVE-2021-21306 and CVE-2021-29474
 2021-05-04 09:58:17 +02:00
WilliButz
a646165d0c
hedgedoc: 1.7.1 -> 1.7.2, fixes CVE-2021-21259 
https://github.com/hedgedoc/hedgedoc/releases/tag/1.7.2

CVE-2021-21259:
https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-44w9-vm8p-3cxw
 2021-01-16 00:44:29 +01:00
Profpatsch
4a7f99d55d treewide: with stdenv.lib; in meta -> with lib; 
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
 2021-01-11 10:38:22 +01:00
WilliButz
484d851cb9
hedgedoc: 1.7.0 -> 1.7.1 (fixes CVE-2020-26286 and CVE-2020-26287) 
https://github.com/hedgedoc/hedgedoc/releases/tag/1.7.1
https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-wcr3-xhv7-8gxc
https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-g6w6-7xf9-m95p
 2020-12-27 23:06:21 +01:00
WilliButz
e19995e43b
codimd: 1.6.0 -> 1.7.0, rename to hedgedoc 
CodiMD was renamed to HedgeDoc and is now built with nodejs-14_x.

https://github.com/hedgedoc/hedgedoc/releases/tag/1.7.0
 2020-12-22 01:39:02 +01:00