Commit graph

499 commits

Author SHA1 Message Date
Mrinal Purohit
e4fafc019a cryptpad: 4.9.0 -> 4.11.0 2021-10-24 17:39:21 +05:30
talyz
1fb77e822b discourse: Fix the public directory path reported by Discourse
Change the path to the public directory reported by Discourse
to its real path instead of the symlink in the store, since
the store path won't be matched by any nginx rules.

Fixes #142528.
2021-10-22 23:38:53 +02:00
Yureka
149fb9c529 hedgedoc: use fetchYarnDeps, add update script 2021-10-20 11:39:16 +02:00
Maciej Krüger
4da1ca8777
Merge pull request #139936 from mkg20001/disoid 2021-10-19 16:21:00 +02:00
R. RyanTM
3fe3c640e8 jitsi-meet: 1.0.5307 -> 1.0.5415 2021-10-16 10:36:28 -07:00
Bill Ewanick
cc3b147ed1 nixos/lemmy: init
Co-authored-by: Raphael Megzari <raphael@megzari.com>
2021-10-06 21:02:51 +09:00
Kim Lindberger
5a58649f4f
Merge pull request #140133 from talyz/discourse-notification-email
discourse: Make sure the notification email setting applies
2021-10-04 09:59:34 +02:00
happysalada
5e7aab5982 lemmy-ui: add static assets folder to out 2021-10-03 14:51:06 +09:00
talyz
917a0cfe47
discourse: Make sure the notification email setting applies
Discourse normally overrides the default notification email setting,
which makes the `notificationEmailAddress` setting ineffective. Add a
patch to remove this override.

Fixes #140114.
2021-10-01 11:37:35 +02:00
happysalada
1320843aad pict-rs: fixes 2021-09-30 21:32:25 +09:00
Maciej Krüger
de65b31b17
discourse.plugins.discourse-openid-connect: init at unstable 2021-09-29 18:10:36 +02:00
Maciej Krüger
463090378b
discourse: add up-plugin.sh 2021-09-29 18:08:49 +02:00
happysalada
84587ecefa pict-rs: init at 0.3.0-alpha.37 2021-09-29 16:49:56 +09:00
Maximilian Bosch
0b90c450df
Merge pull request #139444 from Ma27/bump-wiki-js
wiki-js: 2.5.214 -> 2.5.219
2021-09-28 09:33:34 +02:00
Kim Lindberger
454f253acf
Merge pull request #139201 from talyz/discourse-2.7.8
discourse: 2.7.7 -> 2.7.8, update plugins
2021-09-27 15:33:48 +02:00
talyz
ed8c4e01d9
discourse: Enable jhead, which is no longer marked vulnerable 2021-09-27 09:58:45 +02:00
talyz
e4ed6b5929
discourse.plugins.discourse-yearly-review: Update 2021-09-27 09:58:39 +02:00
talyz
957eaf8237
discourse.plugins.discourse-spoiler-alert: Update 2021-09-27 09:58:34 +02:00
talyz
fd084acb95
discourse.plugins.discourse-solved: Update 2021-09-27 09:58:29 +02:00
talyz
b1aa7efd36
discourse.plugins.discourse-math: Update 2021-09-27 09:58:24 +02:00
talyz
97034cfa1c
discourse.plugins.discourse-github: Update 2021-09-27 09:58:18 +02:00
Leo Maroni
7b03c7ee60 vikunja-frontend: 0.18.0 -> 0.18.1 2021-09-27 08:27:36 +02:00
Leo Maroni
b24780c6b4 vikunja-api: 0.18.0 -> 1.18.1 2021-09-27 08:27:36 +02:00
Maximilian Bosch
aa4c5bb7cf hedgedoc: fix build by re-running yarn2nix
Failing Hydra build: https://hydra.nixos.org/build/154209534
2021-09-26 21:05:28 +02:00
Maximilian Bosch
e12d71e71b
wiki-js: 2.5.214 -> 2.5.219
ChangeLog: https://github.com/Requarks/wiki/releases/tag/2.5.219
2021-09-25 15:52:08 +02:00
Kim Lindberger
0686c40309
Merge pull request #139180 from ryantm/dev/ryantm/discourse-tmp
discourse: enable restoring backups bigger than RAM
2021-09-24 14:31:46 +02:00
WilliButz
962b349555
Merge pull request #138468 from Ma27/bump-hedgedoc
hedgedoc: 1.8.2 -> 1.9.0, fixes CVE-2021-39175
2021-09-23 21:17:35 +02:00
Ryan Mulligan
f933c68374 discourse: enable restoring backups bigger than RAM
When restoring a backup, discourse decompresses the backup archive in
the /share/discourse/tmp dir. Before this change, it is linked to /run
which is typically backed by memory, so the backup will fail to
restore if you do not have enough memory on your system to contain the
backup. This has already happened to me on two small forums.

This moves tmp to the StateDirectory /var/lib/discourse/tmp which is
typically backed by disk.
2021-09-23 09:59:31 -07:00
talyz
d583001723
discourse.plugins.discourse-checklist: Update 2021-09-23 18:50:11 +02:00
talyz
1e62b64b90
discourse.plugins.discourse-canned-replies: Update 2021-09-23 18:49:48 +02:00
talyz
d62ea8705b
discourse.plugins.discourse-calendar: Update 2021-09-23 18:47:43 +02:00
talyz
73e8eb91c1
discourse: 2.7.7 -> 2.7.8 2021-09-23 18:46:23 +02:00
Robin Gloster
61b79f4514
Merge pull request #137700 from r-ryantm/auto-update/wordpress
wordpress: 5.8 -> 5.8.1
2021-09-22 09:40:53 +02:00
Maximilian Bosch
e187f77ceb
hedgedoc: fix eval with allowAliases = false 2021-09-19 00:23:28 +02:00
Maximilian Bosch
0a10c17c8d
hedgedoc: 1.8.2 -> 1.9.0, fixes CVE-2021-39175
ChangeLog: https://github.com/hedgedoc/hedgedoc/releases/tag/1.9.0

As documented in the Nix expression, I unfortunately had to patch
`yarn.lock` manually (the `yarn.nix` result isn't affected by this). By
adding a `git+https`-prefix to
`midi "https://github.com/paulrosen/MIDI.js.git#abcjs"` in the lock-file
I ensured that `yarn` actually uses the `MIDI.js` from the offline-cache
from `yarn2nix` rather than trying to download a tarball from GitHub.

Also, this release contains a fix for CVE-2021-39175 which doesn't seem
to be backported to 1.8. To quote NVD[1]:

> In versions prior to 1.9.0, an unauthenticated attacker can inject
> arbitrary JavaScript into the speaker-notes of the slide-mode feature
> by embedding an iframe hosting the malicious code into the slides or by
> embedding the HedgeDoc instance into another page.

Even though it "only" has a medium rating by NVD (6.1), this seems
rather problematic to me (also, GitHub rates this as "High"), so it's
actually a candidate for a backport.

[1] https://nvd.nist.gov/vuln/detail/CVE-2021-39175
2021-09-19 00:18:18 +02:00
Bill Ewanick
ad79645eff lemmy-server: 0.11.3 -> 0.12.2 2021-09-16 10:26:10 -07:00
Bill Ewanick
62f24d0c57 lemmy-ui: init at 0.12.2 2021-09-16 10:26:10 -07:00
Bill Ewanick
00b7ced782 lemmy: move to server.nix 2021-09-16 10:26:10 -07:00
R. RyanTM
6a1014f1b4 wordpress: 5.8 -> 5.8.1 2021-09-13 23:00:48 +00:00
R. RyanTM
f7e646df7f jitsi-meet: 1.0.5056 -> 1.0.5307 2021-09-12 19:54:14 +00:00
Sandro
b432b2f337
Merge pull request #137510 from Ma27/bump-wiki-js
wiki-js: 2.5.201 -> 2.5.214
2021-09-12 14:47:46 +02:00
Maximilian Bosch
75eaccdcbc
wiki-js: 2.5.201 -> 2.5.214
ChangeLog: https://github.com/Requarks/wiki/releases/tag/2.5.214
2021-09-12 11:52:17 +02:00
tshaynik
fcc29f9599 jitsi-meet: add passthru.updateScript
Pull version number from stable releases, to ensure
that the latest stable release is used.
2021-09-09 15:27:51 -04:00
Martin Weinelt
f81ea682cf
Merge pull request #136801 from em0lar/vikunja-0.18.0 2021-09-06 02:53:50 +02:00
Leo Maroni
732316e9c5
vikunja-api: 0.17.1 -> 0.18.0 2021-09-05 20:51:11 +02:00
Leo Maroni
e0fbad9a66
vikunja-frontend: 0.17.0 -> 0.18.0 2021-09-05 20:49:59 +02:00
happysalada
702d183421 lemmy: 0.11.2 -> 0.11.3 2021-09-04 07:50:53 +09:00
Robin Gloster
43cc2477ae
Merge pull request #134022 from r-ryantm/auto-update/wordpress
wordpress: 5.7.2 -> 5.8
2021-09-01 21:23:08 +02:00
davidak
bb01facb08
Merge pull request #134111 from sebbel/master
matomo: 4.3.1 -> 4.4.1
2021-08-26 04:24:01 +02:00
ajs124
5fdc39a49d sogo: 5.1.1 -> 5.2.0
https://github.com/inverse-inc/sogo/releases/tag/SOGo-5.2.0
2021-08-19 18:23:39 +02:00