Commit graph

493 commits

Author SHA1 Message Date
R. RyanTM
3fe3c640e8 jitsi-meet: 1.0.5307 -> 1.0.5415 2021-10-16 10:36:28 -07:00
Bill Ewanick
cc3b147ed1 nixos/lemmy: init
Co-authored-by: Raphael Megzari <raphael@megzari.com>
2021-10-06 21:02:51 +09:00
Kim Lindberger
5a58649f4f
Merge pull request #140133 from talyz/discourse-notification-email
discourse: Make sure the notification email setting applies
2021-10-04 09:59:34 +02:00
happysalada
5e7aab5982 lemmy-ui: add static assets folder to out 2021-10-03 14:51:06 +09:00
talyz
917a0cfe47
discourse: Make sure the notification email setting applies
Discourse normally overrides the default notification email setting,
which makes the `notificationEmailAddress` setting ineffective. Add a
patch to remove this override.

Fixes #140114.
2021-10-01 11:37:35 +02:00
happysalada
1320843aad pict-rs: fixes 2021-09-30 21:32:25 +09:00
happysalada
84587ecefa pict-rs: init at 0.3.0-alpha.37 2021-09-29 16:49:56 +09:00
Maximilian Bosch
0b90c450df
Merge pull request #139444 from Ma27/bump-wiki-js
wiki-js: 2.5.214 -> 2.5.219
2021-09-28 09:33:34 +02:00
Kim Lindberger
454f253acf
Merge pull request #139201 from talyz/discourse-2.7.8
discourse: 2.7.7 -> 2.7.8, update plugins
2021-09-27 15:33:48 +02:00
talyz
ed8c4e01d9
discourse: Enable jhead, which is no longer marked vulnerable 2021-09-27 09:58:45 +02:00
talyz
e4ed6b5929
discourse.plugins.discourse-yearly-review: Update 2021-09-27 09:58:39 +02:00
talyz
957eaf8237
discourse.plugins.discourse-spoiler-alert: Update 2021-09-27 09:58:34 +02:00
talyz
fd084acb95
discourse.plugins.discourse-solved: Update 2021-09-27 09:58:29 +02:00
talyz
b1aa7efd36
discourse.plugins.discourse-math: Update 2021-09-27 09:58:24 +02:00
talyz
97034cfa1c
discourse.plugins.discourse-github: Update 2021-09-27 09:58:18 +02:00
Leo Maroni
7b03c7ee60 vikunja-frontend: 0.18.0 -> 0.18.1 2021-09-27 08:27:36 +02:00
Leo Maroni
b24780c6b4 vikunja-api: 0.18.0 -> 1.18.1 2021-09-27 08:27:36 +02:00
Maximilian Bosch
aa4c5bb7cf hedgedoc: fix build by re-running yarn2nix
Failing Hydra build: https://hydra.nixos.org/build/154209534
2021-09-26 21:05:28 +02:00
Maximilian Bosch
e12d71e71b
wiki-js: 2.5.214 -> 2.5.219
ChangeLog: https://github.com/Requarks/wiki/releases/tag/2.5.219
2021-09-25 15:52:08 +02:00
Kim Lindberger
0686c40309
Merge pull request #139180 from ryantm/dev/ryantm/discourse-tmp
discourse: enable restoring backups bigger than RAM
2021-09-24 14:31:46 +02:00
WilliButz
962b349555
Merge pull request #138468 from Ma27/bump-hedgedoc
hedgedoc: 1.8.2 -> 1.9.0, fixes CVE-2021-39175
2021-09-23 21:17:35 +02:00
Ryan Mulligan
f933c68374 discourse: enable restoring backups bigger than RAM
When restoring a backup, discourse decompresses the backup archive in
the /share/discourse/tmp dir. Before this change, it is linked to /run
which is typically backed by memory, so the backup will fail to
restore if you do not have enough memory on your system to contain the
backup. This has already happened to me on two small forums.

This moves tmp to the StateDirectory /var/lib/discourse/tmp which is
typically backed by disk.
2021-09-23 09:59:31 -07:00
talyz
d583001723
discourse.plugins.discourse-checklist: Update 2021-09-23 18:50:11 +02:00
talyz
1e62b64b90
discourse.plugins.discourse-canned-replies: Update 2021-09-23 18:49:48 +02:00
talyz
d62ea8705b
discourse.plugins.discourse-calendar: Update 2021-09-23 18:47:43 +02:00
talyz
73e8eb91c1
discourse: 2.7.7 -> 2.7.8 2021-09-23 18:46:23 +02:00
Robin Gloster
61b79f4514
Merge pull request #137700 from r-ryantm/auto-update/wordpress
wordpress: 5.8 -> 5.8.1
2021-09-22 09:40:53 +02:00
Maximilian Bosch
e187f77ceb
hedgedoc: fix eval with allowAliases = false 2021-09-19 00:23:28 +02:00
Maximilian Bosch
0a10c17c8d
hedgedoc: 1.8.2 -> 1.9.0, fixes CVE-2021-39175
ChangeLog: https://github.com/hedgedoc/hedgedoc/releases/tag/1.9.0

As documented in the Nix expression, I unfortunately had to patch
`yarn.lock` manually (the `yarn.nix` result isn't affected by this). By
adding a `git+https`-prefix to
`midi "https://github.com/paulrosen/MIDI.js.git#abcjs"` in the lock-file
I ensured that `yarn` actually uses the `MIDI.js` from the offline-cache
from `yarn2nix` rather than trying to download a tarball from GitHub.

Also, this release contains a fix for CVE-2021-39175 which doesn't seem
to be backported to 1.8. To quote NVD[1]:

> In versions prior to 1.9.0, an unauthenticated attacker can inject
> arbitrary JavaScript into the speaker-notes of the slide-mode feature
> by embedding an iframe hosting the malicious code into the slides or by
> embedding the HedgeDoc instance into another page.

Even though it "only" has a medium rating by NVD (6.1), this seems
rather problematic to me (also, GitHub rates this as "High"), so it's
actually a candidate for a backport.

[1] https://nvd.nist.gov/vuln/detail/CVE-2021-39175
2021-09-19 00:18:18 +02:00
Bill Ewanick
ad79645eff lemmy-server: 0.11.3 -> 0.12.2 2021-09-16 10:26:10 -07:00
Bill Ewanick
62f24d0c57 lemmy-ui: init at 0.12.2 2021-09-16 10:26:10 -07:00
Bill Ewanick
00b7ced782 lemmy: move to server.nix 2021-09-16 10:26:10 -07:00
R. RyanTM
6a1014f1b4 wordpress: 5.8 -> 5.8.1 2021-09-13 23:00:48 +00:00
R. RyanTM
f7e646df7f jitsi-meet: 1.0.5056 -> 1.0.5307 2021-09-12 19:54:14 +00:00
Sandro
b432b2f337
Merge pull request #137510 from Ma27/bump-wiki-js
wiki-js: 2.5.201 -> 2.5.214
2021-09-12 14:47:46 +02:00
Maximilian Bosch
75eaccdcbc
wiki-js: 2.5.201 -> 2.5.214
ChangeLog: https://github.com/Requarks/wiki/releases/tag/2.5.214
2021-09-12 11:52:17 +02:00
tshaynik
fcc29f9599 jitsi-meet: add passthru.updateScript
Pull version number from stable releases, to ensure
that the latest stable release is used.
2021-09-09 15:27:51 -04:00
Martin Weinelt
f81ea682cf
Merge pull request #136801 from em0lar/vikunja-0.18.0 2021-09-06 02:53:50 +02:00
Leo Maroni
732316e9c5
vikunja-api: 0.17.1 -> 0.18.0 2021-09-05 20:51:11 +02:00
Leo Maroni
e0fbad9a66
vikunja-frontend: 0.17.0 -> 0.18.0 2021-09-05 20:49:59 +02:00
happysalada
702d183421 lemmy: 0.11.2 -> 0.11.3 2021-09-04 07:50:53 +09:00
Robin Gloster
43cc2477ae
Merge pull request #134022 from r-ryantm/auto-update/wordpress
wordpress: 5.7.2 -> 5.8
2021-09-01 21:23:08 +02:00
davidak
bb01facb08
Merge pull request #134111 from sebbel/master
matomo: 4.3.1 -> 4.4.1
2021-08-26 04:24:01 +02:00
ajs124
5fdc39a49d sogo: 5.1.1 -> 5.2.0
https://github.com/inverse-inc/sogo/releases/tag/SOGo-5.2.0
2021-08-19 18:23:39 +02:00
Kim Lindberger
14b0f20fa1
Merge pull request #132475 from ryantm/dev/ryantm/discourse-ldap-auth
discourseAllPlugins: init discourse-ldap-auth
2021-08-19 15:27:31 +02:00
Finn Behrens
c93e318747 moodle: update to 3.11.2 2021-08-18 19:12:43 +02:00
Ryan Mulligan
70d29c5cf4 discourseAllPlugins: init discourse-ldap-auth 2021-08-18 10:12:41 -07:00
talyz
12ff4b79e4
discourse: update.py: Remove native platforms in plugin lock files..
...and add ruby.
2021-08-17 18:21:27 +02:00
talyz
04e6b03fa9
discourse.mkDiscoursePlugin: Handle repos with gems directories
Some plugin repos already have a `gems` directory. This lets the
packager choose whether it should be kept and the nix packaged ruby
gems should be copied into it or if it should be removed in favor of
our ruby gems.
2021-08-17 18:21:21 +02:00
talyz
f8096460bd
discourse.plugins: Make the updater able to package plugins
Let the update.py script handle the initial, repetitive task of
packaging new plugins. With this in place, the plugin only needs to be
added to the list in `update-plugins` and most of the work will be
done automatically when the script is run. Metadata still needs to be
filled in manually and some packages may of course require additional
work/patching.
2021-08-17 18:21:15 +02:00