Commit Graph

72 Commits

Author SHA1 Message Date
Anders Kaseorg d4b060a520 dependencies: Upgrade simplebar to 4.0.0-alpha.6.
Fixes #12038.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-04-28 21:32:55 -07:00
Anders Kaseorg 591e0a04fc yarn.lock: Add integrity hashes.
This commit was generated by

    echo 'unsafe-disable-integrity-migration false' > .yarnrc
    yarn
    rm .yarnrc

This migration was added in yarn 1.10, but disabled by default in yarn
1.12 for better interoperability with previous versions of yarn, which
cause unnecessary yarn.lock churn by removing the integrity hashes
unconditionally.  It will be reenabled by default in yarn 2.0.

With or without this change, yarn will be adding integrity hashes for
new or updated packages.  We don’t need to interoperate with previous
versions, so we might as well do this entire migration now.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-04-22 13:55:24 -07:00
Thomas Ip 02cb85a8a9 typescript: Use ESLint instead of TSLint. 2019-04-13 11:42:47 -07:00
Priyank Patel 9c4ef94726 dependencies: Add lazysizes npm package. 2019-04-05 15:51:02 -07:00
Thomas Ip 42a666c22b dependencies: Downgrade ts-node to v7.0.1.
The current v8.0.0^ has a slow startup time due to some module
resolution issue.
2019-03-21 10:44:34 -07:00
Anders Kaseorg 8b76a55b16 dependencies: Upgrade simplebar to 3.1.3.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-03-18 22:24:29 -07:00
Thomas Ip 60c9f22129 typescript: Update TS related dependencies. 2019-02-12 15:59:51 -08:00
Harshit Bansal 88bfb9778b build_emoji: Add infrastructure for google-blob and twitter emojisets. 2018-08-31 11:52:24 -07:00
Harshit Bansal 29daf76420 emoji: Don't generate emoji farms corresponding to now banned emojisets.
This will help us in reducing the size of the release tarball
significantly. I have refrained from changing the `EMOJISETS`
constant in the `emoji_setup_utils.py` as that controls the
emojisets that we want to support. Since we want to re-enable
the feature of changing emojisets sometime again in the future
that variable should be kept as it is as it controls several
other things like emoji scripts that we use to generate emoji
names. Changing it might cause hard to catch bugs.
2018-08-13 12:09:06 -07:00
Robert Hencke 9379f3d317 yarn: Remove duplicate clipboard dependency. 2018-07-27 00:12:05 -07:00
Aditya Bansal f2368bea22 stylelint: Add stylelint package. 2018-07-25 09:04:03 -07:00
Harshit Bansal bf70955c0c emoji: Update `emoji-datasource` packages.
This commit updates the `emoji-datasource` packages to version 4.0.4.
This update brings following changes to emoji infra:

1: Fix for the bleeding sprite sheets.

2: The category of some emojis has been changed. Categorywise breakup of
   net gain or loss is as follows:
    Travel & Places: 58 (gain)
    Symbols: 47 (loss)
    Smileys & People: 52 (gain)
    Objects: 11 (loss)
    Food & Drink: 3 (gain)
    Animals and Nature: 46 (gain)
    Activities: 9 (loss)

3: There were some changes in the image farm of the package which were
   breaking our old emoji farm. I fixed them by modifying the remapped
   emoji map.

Fixes: #8235.
2018-07-23 08:04:58 -07:00
Cynthia Lin 7d9281fa6c simplebar: Add simplebar dependency for help page scrolling. 2018-07-11 20:04:55 +05:30
Armaan Ahluwalia 54d3d8e8b3 webpack: Transition app.js to be compiled by webpack.
This commit moves all files previously under the 'app' bundle in
the Django pipeline to being compiled by webpack under the 'app'
entry point. In the process, it moves assets under the app entry
to a file called app.js that consumes all relevant css and js files.

This commit also edits the webpack config to be able to expose certain
variables for third party libraries that are currently required by
some modules. This is bad coding form and should be refactored to
requiring whatever dependencies a module may have; we're just
deferring that to the future to simplify the series of transitions we
need to do here. The variable exposure is done using expose-loader in
webpack.

The app/index.html template is edited to override the newly introduced
'commonjs' block in the base template. This is done as a temporary
measure so as not to disrupt other pages on the app during the transition.

It also fixes the value of the 'this' context that was being inferred
as window by third party libraries. This is done using imports-loader
in the webpack config.  This is also messy and probably isn't how we
want things to work long term.
2018-07-05 11:03:08 +02:00
Yashashvi Dave 2b478268f3 third: Add sortablejs library. 2018-07-01 02:05:00 -07:00
Shubham Padia c72d38df56 yarn: Remove fuzzysearch from dependencies. 2018-06-26 20:38:47 -04:00
Shubham Dhama 8c55c52526 yarn: Remove i18n packages that are no longer used.
We removed these when we converted the app's frontend translations
mechanism to instead send the translation data in `page_params`.
2018-06-05 09:22:26 -07:00
Armaan Ahluwalia 1525e92058 logging/errors/webpack: Improve error stack traces with blueslip.
This commit improves the output that blueslip produces while
showing error stack traces on the front-end. This is done by
using a library called error-stack-parser to format the stack
traces.

This commit also edits the webpack config to use a different
devtool setting since the previous one did not support sourcemaps
within stack traces. It also removes a plugin that was obviated
by this change.
2018-05-22 14:36:41 -07:00
Priyank Patel ac7e6b19bd xmlhttprequest: Upgrade xmlhttprequest to v1.8.0. 2018-05-20 11:11:03 -07:00
Priyank Patel 62a90661ad underscore: Upgrade underscore to v1.9.0. 2018-05-20 11:11:03 -07:00
Priyank Patel 4605579335 typescript: Upgrade typescript to v2.8.3. 2018-05-20 11:11:03 -07:00
Priyank Patel 38d6654265 tslint: Upgrade tslint to v5.10.0. 2018-05-20 11:11:03 -07:00
Priyank Patel a60099a6d5 ts-loader: Upgrade ts-loader to v4.3.0. 2018-05-20 11:11:03 -07:00
Priyank Patel 0c87ce5b1c svgo: Upgrade svgo to v1.0.5.
It also updated all the svg to be optmized per new version.
This new version, since the last version contains bug fixes and improvement.
Refs: https://github.com/svg/svgo/releases
2018-05-20 11:11:03 -07:00
Priyank Patel 0d697cd569 String.codePointAt: Upgrade String.codePointAt polyfill to v0.2.1. 2018-05-20 11:11:03 -07:00
Priyank Patel 4091815721 moment-timezone: Upgrade moment-timezone to v0.5.17.
Refs: https://github.com/moment/moment-timezone/blob/master/changelog.md
2018-05-20 11:11:03 -07:00
Priyank Patel 506b23237a jquery-validation: Upgrade jquery-validation to v1.17.0
Refs: https://github.com/jquery-validation/jquery-validation/releases/tag/1.17.0
2018-05-20 11:11:03 -07:00
Priyank Patel 11d819ee3d clipboard: Upgrade clipboard to v2.0.1. 2018-05-20 11:11:03 -07:00
Priyank Patel 9c4a189781 moment: Upgrade moment to v2.22.1.
This version since the last version contains bug fixes and locale improvements.
Ref: https://github.com/moment/moment/blob/develop/CHANGELOG.md#2221-see-full-changelog
2018-05-20 11:11:03 -07:00
Priyank Patel 778742a189 jsdom: Upgrade jsdom to v11.10.0.
This also updates node_tests to use new constructor which is uppercase,
and some properties that are changed to be more clear now, like
jsdom().defaultView which is meant to the window object is now called window.

Ref: https://github.com/jsdom/jsdom/blob/master/Changelog.md
2018-05-20 11:11:03 -07:00
Priyank Patel 00151f988a handlebars: Upgrade handlebars to v4.0.11.
This version only contains bugfixes. No breaking changes have been introduced.
Ref: https://github.com/wycats/handlebars.js/blob/master/release-notes.md#v4011---october-17th-2017
2018-05-20 11:11:03 -07:00
Priyank Patel 7b40f8d50d flatpickr: Upgrade flatpickr to v4.5.0.
This new version is a lot ahead that what we now have currently.
Reading through the changelog there does not seem to any breaking
changes, just that this package have been updated a lot.

Ref: https://github.com/flatpickr/flatpickr/releases
2018-05-20 11:11:03 -07:00
Priyank Patel f02c2349b8 @types/webpack: Upgrade @types/webpack to v4.4.0.
This updates the webpack typescript type defenations to latest so we
can find bugs with webpack configurations.
2018-05-20 11:11:03 -07:00
Priyank Patel bcfc34c996 webpack-cli: Upgrade webpack-cli to v2.1.3.
This version just contains bugs fixes and regressions covered.
Ref: https://github.com/webpack/webpack-cli/releases/tag/2.1.3
2018-05-20 11:11:03 -07:00
Priyank Patel 50b663906a nyc: Upgrade nyc to v11.8.0.
This fixes a one vulnerability with this package's dependency.

randomatic - Cryptographically Weak PRNG
Ref: https://nodesecurity.io/advisories/157
2018-05-20 11:11:03 -07:00
Priyank Patel 19ba08e055 webpack-dev-server: Upgrade webpack-dev-server to v3.1.4. 2018-05-20 11:11:03 -07:00
Priyank Patel 74b0a73260 phantomjs-prebuilt: Upgrade phantomjs-prebuilt to 2.1.16.
This solves 8 vulnerabilities, in its dependencies.

conacat-stream - Memory Exposure
Ref: https://nodesecurity.io/advisories/597

hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566

tunnel-agent - Memory Exposure
Ref: https://nodesecurity.io/advisories/598

debug - Regular Expression Denial of Service
Ref:  https://nodesecurity.io/advisories/534

stringstream - Out-of-bounds Read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Priyank Patel b9d49c846e webpack: Upgrade webpack to v4.8.3. 2018-05-20 11:11:03 -07:00
Priyank Patel 6f4fc628e6 node-sass: Upgrade node-sass to v4.9.0.
This resolves 12 vulnerabilities.

Following were the issue with the dependencies of node-sass.
hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566

tunnle-agent - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/598

stringstream - Out-of-bounds read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Priyank Patel b376629974 ploty.js: Upgrade ploty.js to v1.37.1.
This solves 14 security venrubilities in the ploty.js's dependencies.
This was found by using the `npm audit` tool which can analyse dependencies
of dependencies issues.

static-eval - Sandbox Breakout / Arbitrary Code Execution
Ref: https://nodesecurity.io/advisories/548

hoek - Prototype pollution
Ref: https://nodesecurity.io/advisories/566

stringstream - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Aman Ghebreweldi e5ec1e83e8 third: Use fontawesome NPM package.
This removes the need for us to have checked in a copy of fontawesome.
2018-05-17 04:58:30 -07:00
Aman Ghebreweldi b496afc8b9 third: Remove font Source Sans Pro from static/third.
We can just get it from NPM instead.
2018-05-15 16:22:44 -07:00
Aman Ghebreweldi 83ee8211a8 third: Get sorttable package from npm.
We didn't have any local changes, so there's no need to have it
vendored in the repository.
2018-05-15 09:25:48 -07:00
Armaan Ahluwalia 64dadae697 webpack: Add css-hot-loader to remove flash on unstyled content.
This commit removes the flash on unstyled content while in dev
mode that was caused by the use of style-loader. Instead it
enables mini-css-extract-plugin in dev in combination with
css-hot-loader which enables HMR for development.

This is because mini-css-extract-plugin does not currently support
HMR out of the box. It also adds a SourceMapDevtoolPlugin to enable
sourcemaps with css since mini-css breaks sourcemaps when used in
combination with the cheap-module-evel-source-map setting.

Related issues:
https://github.com/webpack-contrib/mini-css-extract-plugin/issues/34
https://github.com/webpack-contrib/mini-css-extract-plugin/issues/29
2018-05-02 16:55:58 -07:00
Armaan Ahluwalia bda9f3e3ea CSS: Install dependencies for SCSS Integration.
This commit installs the dependencies required for SCSS compilation
by webpack.
2018-04-27 08:52:37 -07:00
Armaan Ahluwalia fc7aa1a771 webpack: Upgrade webpack version 4.5.0.
Upgrade webpack to latest version at the time of authoring. This
involves upgrading webpack version and its loaders to compatible
versions. It also involved editing tools/webpack to use the
executable for webpack-cli instead because of a change in how the
webpack package wants you to handle shell execution.
It also fixes the confugration for TypeScript in the webpack config
as that was previously broken. Including TypeScript files in JS
files compiled by webpack now works.
2018-04-23 15:49:33 -07:00
Priyank Patel 29f04511c0 node_tests: Use nyc instead of deceprated istanbul package. 2018-04-23 15:27:16 -04:00
Shubham Padia 55619cbe70 browser-support: Add string.prototype.endswith polyfill.
String.prototype.endsWith is not supported in ie11.
Adds string.prototype.endswith package to dependencies and places
it at `common` entry point in webpack.assets.json.
2018-04-11 15:40:57 -07:00
Shubham Padia b906562f22 browser-support: Add string.prototype.startsWith polyfill.
Fixes #8944.
Adds string.prototype.startswith package to dependencies and places
it at `common` entry point in webpack.assets.json. As common.js is
loaded on all code paths first, there is no need to place this package
into other entry points.
2018-04-09 12:16:19 -07:00
Tim Abbott d1c57df0ca estlint: Upgrade version of eslint. 2018-04-06 11:58:58 -07:00