Commit Graph

184 Commits

Author SHA1 Message Date
Thomas Ip 657448b053 dependencies: Upgrade jquery-validation to 1.19.0. 2019-06-03 12:24:00 -07:00
Thomas Ip 562f6c1c39 dependencies: Upgrade htmlparser2 to 3.10.1. 2019-06-03 12:24:00 -07:00
Thomas Ip de606373c2 dependencies: Upgrade handlebars to 4.1.2. 2019-06-03 12:24:00 -07:00
Thomas Ip 34aaa64a72 dependencies: Upgrade eslint to 5.16.0. 2019-06-03 12:24:00 -07:00
Thomas Ip efb37d9794 dependencies: Upgrade @typescript-eslint/parser to 1.9.0. 2019-06-03 12:24:00 -07:00
Thomas Ip 1268616ca2 dependencies: Upgrade @typescript-eslint/eslint-plugin to 1.9.0.
Updated .eslintrc with new rules.
2019-06-03 12:24:00 -07:00
Thomas Ip 7643417c82 dependencies: Upgrade packages with patch level updates. 2019-06-03 12:24:00 -07:00
Tim Abbott 43e634a9b8 Revert "dependencies: Upgrade webpack-dev-server to v3.4.1."
This seems to have broken the development server.

This reverts commit daf8dd1960.
2019-05-31 17:59:13 -07:00
Priyank Patel daf8dd1960 dependencies: Upgrade webpack-dev-server to v3.4.1. 2019-05-31 15:07:17 -07:00
Anders Kaseorg 3b7f3f1887 dependencies: Upgrade simplebar to 4.0.0.
Fixes #12347.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-05-23 17:31:07 -07:00
Anders Kaseorg 978357e55e dependencies: Update yarn.lock for simplebar@4.0.0-alpha.9 upgrade.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-05-20 19:23:37 -07:00
Anders Kaseorg 141088586b Completely replace perfect-scrollbar with SimpleBar.
perfect-scrollbar replaces both the appearance and the behavior of the
scrollbar, and its emulated behavior will never feel native on most
platforms.  SimpleBar customizes the appearance while preserving the
native behavior.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-05-17 12:06:51 -07:00
Anders Kaseorg d4b060a520 dependencies: Upgrade simplebar to 4.0.0-alpha.6.
Fixes #12038.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-04-28 21:32:55 -07:00
Anders Kaseorg 591e0a04fc yarn.lock: Add integrity hashes.
This commit was generated by

    echo 'unsafe-disable-integrity-migration false' > .yarnrc
    yarn
    rm .yarnrc

This migration was added in yarn 1.10, but disabled by default in yarn
1.12 for better interoperability with previous versions of yarn, which
cause unnecessary yarn.lock churn by removing the integrity hashes
unconditionally.  It will be reenabled by default in yarn 2.0.

With or without this change, yarn will be adding integrity hashes for
new or updated packages.  We don’t need to interoperate with previous
versions, so we might as well do this entire migration now.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-04-22 13:55:24 -07:00
Thomas Ip 02cb85a8a9 typescript: Use ESLint instead of TSLint. 2019-04-13 11:42:47 -07:00
Priyank Patel 9c4ef94726 dependencies: Add lazysizes npm package. 2019-04-05 15:51:02 -07:00
Thomas Ip 42a666c22b dependencies: Downgrade ts-node to v7.0.1.
The current v8.0.0^ has a slow startup time due to some module
resolution issue.
2019-03-21 10:44:34 -07:00
Anders Kaseorg 8b76a55b16 dependencies: Upgrade simplebar to 3.1.3.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-03-18 22:24:29 -07:00
Thomas Ip 60c9f22129 typescript: Update TS related dependencies. 2019-02-12 15:59:51 -08:00
Harshit Bansal 88bfb9778b build_emoji: Add infrastructure for google-blob and twitter emojisets. 2018-08-31 11:52:24 -07:00
Harshit Bansal 29daf76420 emoji: Don't generate emoji farms corresponding to now banned emojisets.
This will help us in reducing the size of the release tarball
significantly. I have refrained from changing the `EMOJISETS`
constant in the `emoji_setup_utils.py` as that controls the
emojisets that we want to support. Since we want to re-enable
the feature of changing emojisets sometime again in the future
that variable should be kept as it is as it controls several
other things like emoji scripts that we use to generate emoji
names. Changing it might cause hard to catch bugs.
2018-08-13 12:09:06 -07:00
Robert Hencke 9379f3d317 yarn: Remove duplicate clipboard dependency. 2018-07-27 00:12:05 -07:00
Aditya Bansal f2368bea22 stylelint: Add stylelint package. 2018-07-25 09:04:03 -07:00
Harshit Bansal bf70955c0c emoji: Update `emoji-datasource` packages.
This commit updates the `emoji-datasource` packages to version 4.0.4.
This update brings following changes to emoji infra:

1: Fix for the bleeding sprite sheets.

2: The category of some emojis has been changed. Categorywise breakup of
   net gain or loss is as follows:
    Travel & Places: 58 (gain)
    Symbols: 47 (loss)
    Smileys & People: 52 (gain)
    Objects: 11 (loss)
    Food & Drink: 3 (gain)
    Animals and Nature: 46 (gain)
    Activities: 9 (loss)

3: There were some changes in the image farm of the package which were
   breaking our old emoji farm. I fixed them by modifying the remapped
   emoji map.

Fixes: #8235.
2018-07-23 08:04:58 -07:00
Cynthia Lin 7d9281fa6c simplebar: Add simplebar dependency for help page scrolling. 2018-07-11 20:04:55 +05:30
Armaan Ahluwalia 54d3d8e8b3 webpack: Transition app.js to be compiled by webpack.
This commit moves all files previously under the 'app' bundle in
the Django pipeline to being compiled by webpack under the 'app'
entry point. In the process, it moves assets under the app entry
to a file called app.js that consumes all relevant css and js files.

This commit also edits the webpack config to be able to expose certain
variables for third party libraries that are currently required by
some modules. This is bad coding form and should be refactored to
requiring whatever dependencies a module may have; we're just
deferring that to the future to simplify the series of transitions we
need to do here. The variable exposure is done using expose-loader in
webpack.

The app/index.html template is edited to override the newly introduced
'commonjs' block in the base template. This is done as a temporary
measure so as not to disrupt other pages on the app during the transition.

It also fixes the value of the 'this' context that was being inferred
as window by third party libraries. This is done using imports-loader
in the webpack config.  This is also messy and probably isn't how we
want things to work long term.
2018-07-05 11:03:08 +02:00
Yashashvi Dave 2b478268f3 third: Add sortablejs library. 2018-07-01 02:05:00 -07:00
Shubham Padia c72d38df56 yarn: Remove fuzzysearch from dependencies. 2018-06-26 20:38:47 -04:00
Shubham Dhama 8c55c52526 yarn: Remove i18n packages that are no longer used.
We removed these when we converted the app's frontend translations
mechanism to instead send the translation data in `page_params`.
2018-06-05 09:22:26 -07:00
Armaan Ahluwalia 1525e92058 logging/errors/webpack: Improve error stack traces with blueslip.
This commit improves the output that blueslip produces while
showing error stack traces on the front-end. This is done by
using a library called error-stack-parser to format the stack
traces.

This commit also edits the webpack config to use a different
devtool setting since the previous one did not support sourcemaps
within stack traces. It also removes a plugin that was obviated
by this change.
2018-05-22 14:36:41 -07:00
Priyank Patel ac7e6b19bd xmlhttprequest: Upgrade xmlhttprequest to v1.8.0. 2018-05-20 11:11:03 -07:00
Priyank Patel 62a90661ad underscore: Upgrade underscore to v1.9.0. 2018-05-20 11:11:03 -07:00
Priyank Patel 4605579335 typescript: Upgrade typescript to v2.8.3. 2018-05-20 11:11:03 -07:00
Priyank Patel 38d6654265 tslint: Upgrade tslint to v5.10.0. 2018-05-20 11:11:03 -07:00
Priyank Patel a60099a6d5 ts-loader: Upgrade ts-loader to v4.3.0. 2018-05-20 11:11:03 -07:00
Priyank Patel 0c87ce5b1c svgo: Upgrade svgo to v1.0.5.
It also updated all the svg to be optmized per new version.
This new version, since the last version contains bug fixes and improvement.
Refs: https://github.com/svg/svgo/releases
2018-05-20 11:11:03 -07:00
Priyank Patel 0d697cd569 String.codePointAt: Upgrade String.codePointAt polyfill to v0.2.1. 2018-05-20 11:11:03 -07:00
Priyank Patel 4091815721 moment-timezone: Upgrade moment-timezone to v0.5.17.
Refs: https://github.com/moment/moment-timezone/blob/master/changelog.md
2018-05-20 11:11:03 -07:00
Priyank Patel 506b23237a jquery-validation: Upgrade jquery-validation to v1.17.0
Refs: https://github.com/jquery-validation/jquery-validation/releases/tag/1.17.0
2018-05-20 11:11:03 -07:00
Priyank Patel 11d819ee3d clipboard: Upgrade clipboard to v2.0.1. 2018-05-20 11:11:03 -07:00
Priyank Patel 9c4a189781 moment: Upgrade moment to v2.22.1.
This version since the last version contains bug fixes and locale improvements.
Ref: https://github.com/moment/moment/blob/develop/CHANGELOG.md#2221-see-full-changelog
2018-05-20 11:11:03 -07:00
Priyank Patel 778742a189 jsdom: Upgrade jsdom to v11.10.0.
This also updates node_tests to use new constructor which is uppercase,
and some properties that are changed to be more clear now, like
jsdom().defaultView which is meant to the window object is now called window.

Ref: https://github.com/jsdom/jsdom/blob/master/Changelog.md
2018-05-20 11:11:03 -07:00
Priyank Patel 00151f988a handlebars: Upgrade handlebars to v4.0.11.
This version only contains bugfixes. No breaking changes have been introduced.
Ref: https://github.com/wycats/handlebars.js/blob/master/release-notes.md#v4011---october-17th-2017
2018-05-20 11:11:03 -07:00
Priyank Patel 7b40f8d50d flatpickr: Upgrade flatpickr to v4.5.0.
This new version is a lot ahead that what we now have currently.
Reading through the changelog there does not seem to any breaking
changes, just that this package have been updated a lot.

Ref: https://github.com/flatpickr/flatpickr/releases
2018-05-20 11:11:03 -07:00
Priyank Patel f02c2349b8 @types/webpack: Upgrade @types/webpack to v4.4.0.
This updates the webpack typescript type defenations to latest so we
can find bugs with webpack configurations.
2018-05-20 11:11:03 -07:00
Priyank Patel bcfc34c996 webpack-cli: Upgrade webpack-cli to v2.1.3.
This version just contains bugs fixes and regressions covered.
Ref: https://github.com/webpack/webpack-cli/releases/tag/2.1.3
2018-05-20 11:11:03 -07:00
Priyank Patel 50b663906a nyc: Upgrade nyc to v11.8.0.
This fixes a one vulnerability with this package's dependency.

randomatic - Cryptographically Weak PRNG
Ref: https://nodesecurity.io/advisories/157
2018-05-20 11:11:03 -07:00
Priyank Patel 19ba08e055 webpack-dev-server: Upgrade webpack-dev-server to v3.1.4. 2018-05-20 11:11:03 -07:00
Priyank Patel 74b0a73260 phantomjs-prebuilt: Upgrade phantomjs-prebuilt to 2.1.16.
This solves 8 vulnerabilities, in its dependencies.

conacat-stream - Memory Exposure
Ref: https://nodesecurity.io/advisories/597

hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566

tunnel-agent - Memory Exposure
Ref: https://nodesecurity.io/advisories/598

debug - Regular Expression Denial of Service
Ref:  https://nodesecurity.io/advisories/534

stringstream - Out-of-bounds Read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Priyank Patel b9d49c846e webpack: Upgrade webpack to v4.8.3. 2018-05-20 11:11:03 -07:00
Priyank Patel 6f4fc628e6 node-sass: Upgrade node-sass to v4.9.0.
This resolves 12 vulnerabilities.

Following were the issue with the dependencies of node-sass.
hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566

tunnle-agent - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/598

stringstream - Out-of-bounds read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Priyank Patel b376629974 ploty.js: Upgrade ploty.js to v1.37.1.
This solves 14 security venrubilities in the ploty.js's dependencies.
This was found by using the `npm audit` tool which can analyse dependencies
of dependencies issues.

static-eval - Sandbox Breakout / Arbitrary Code Execution
Ref: https://nodesecurity.io/advisories/548

hoek - Prototype pollution
Ref: https://nodesecurity.io/advisories/566

stringstream - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Aman Ghebreweldi e5ec1e83e8 third: Use fontawesome NPM package.
This removes the need for us to have checked in a copy of fontawesome.
2018-05-17 04:58:30 -07:00
Aman Ghebreweldi b496afc8b9 third: Remove font Source Sans Pro from static/third.
We can just get it from NPM instead.
2018-05-15 16:22:44 -07:00
Aman Ghebreweldi 83ee8211a8 third: Get sorttable package from npm.
We didn't have any local changes, so there's no need to have it
vendored in the repository.
2018-05-15 09:25:48 -07:00
Armaan Ahluwalia 64dadae697 webpack: Add css-hot-loader to remove flash on unstyled content.
This commit removes the flash on unstyled content while in dev
mode that was caused by the use of style-loader. Instead it
enables mini-css-extract-plugin in dev in combination with
css-hot-loader which enables HMR for development.

This is because mini-css-extract-plugin does not currently support
HMR out of the box. It also adds a SourceMapDevtoolPlugin to enable
sourcemaps with css since mini-css breaks sourcemaps when used in
combination with the cheap-module-evel-source-map setting.

Related issues:
https://github.com/webpack-contrib/mini-css-extract-plugin/issues/34
https://github.com/webpack-contrib/mini-css-extract-plugin/issues/29
2018-05-02 16:55:58 -07:00
Armaan Ahluwalia bda9f3e3ea CSS: Install dependencies for SCSS Integration.
This commit installs the dependencies required for SCSS compilation
by webpack.
2018-04-27 08:52:37 -07:00
Armaan Ahluwalia fc7aa1a771 webpack: Upgrade webpack version 4.5.0.
Upgrade webpack to latest version at the time of authoring. This
involves upgrading webpack version and its loaders to compatible
versions. It also involved editing tools/webpack to use the
executable for webpack-cli instead because of a change in how the
webpack package wants you to handle shell execution.
It also fixes the confugration for TypeScript in the webpack config
as that was previously broken. Including TypeScript files in JS
files compiled by webpack now works.
2018-04-23 15:49:33 -07:00
Priyank Patel 29f04511c0 node_tests: Use nyc instead of deceprated istanbul package. 2018-04-23 15:27:16 -04:00
Shubham Padia 55619cbe70 browser-support: Add string.prototype.endswith polyfill.
String.prototype.endsWith is not supported in ie11.
Adds string.prototype.endswith package to dependencies and places
it at `common` entry point in webpack.assets.json.
2018-04-11 15:40:57 -07:00
Shubham Padia b906562f22 browser-support: Add string.prototype.startsWith polyfill.
Fixes #8944.
Adds string.prototype.startswith package to dependencies and places
it at `common` entry point in webpack.assets.json. As common.js is
loaded on all code paths first, there is no need to place this package
into other entry points.
2018-04-09 12:16:19 -07:00
Tim Abbott d1c57df0ca estlint: Upgrade version of eslint. 2018-04-06 11:58:58 -07:00
Priyank f5acbcb4c8 clipboard: Update clipboard to v2.0.0 to avoid variable name conflict.
It turns out, now we have a new standard way to access clipboard by
`Clipboard` method and currently this conflict with the constructor
exported by clipboard package. The new update v2.0.0 was released to address
this issue. The new version just exports the constructor as `ClipboardJS`.

Ref: https://developer.mozilla.org/en-US/docs/Web/API/Clipboard
Ref: https://github.com/zenorocha/clipboard.js/issues/468
2018-04-05 15:09:00 -07:00
Gooca 91185b7170 Updated source-map-loader to 0.2.3. 2018-03-22 14:43:26 -07:00
Gooca 2b3eb7f541 Updated i18next-xhr-backend to 1.5.1. 2018-03-22 14:43:26 -07:00
Gooca a9ba630a37 Updated jquery to 3.3.1. 2018-03-22 14:43:26 -07:00
Gooca a4da724f22 Updated typescript to 2.7.2. 2018-03-22 14:43:26 -07:00
Gooca f0e49e6cbb Updated webpack-bundle-tracker to 0.3.0. 2018-03-22 14:43:26 -07:00
Gooca 2363c9955a ui scrollbar: Update perfect-scrollbar to 1.3.0.
Update perfect-scrollbar to fix stutter space-scrolling in #8544. Also
reworked deprecated `element.perfectScrollbar` to `new
PerfectScrollbar(element)`.  Lastly, updated provision version and
changed node module path to new path.

This also refactors perfect-scrollbar in help.js to work with updated
version of perfect-scrollbar. Because the update also changed
perfect-scrollbar's css selectors for all scrollbars in zulip, we
update those too.

Fixes #8544.
2018-03-20 21:59:11 -07:00
Priyank b8840108bb yarn: Update broken yarn lockfile.
This commit fixes currupted yarn lockfile, which generated this warning:
```
warning Lockfile has incorrect entry for "d3-queue@2". Ignoring it.
warning Lockfile has incorrect entry for "inherits@2". Ignoring it.
warning Lockfile has incorrect entry for "request@2". Ignoring it.
warning Lockfile has incorrect entry for "rimraf@2". Ignoring it.
```
2018-03-20 14:55:11 -07:00
Harshit Bansal 40958e0824 emoji: Switch to 64px 256 color indexed sprite sheets.
This commit switches our emoji infrastructure to use 256 color indexed
64px spritesheets. Earlier we were using non-indexed 32px spritesheets
which were blurry on high dpi displays. These indexed spritesheets not
only provide a crispier display but are also smaller in size.

This commit also removes the `emoji-datasource` package as a dependency
as all the data is now sourced from individual datasource packages.

Fixes: #7862.
2018-03-14 10:28:45 -07:00
Rohitt Vashishtha b22e8dc2b7 lint: Replace 'return undefined;' with 'return;'.
Also adds a custom rule to eslint. Since the recommended way of extending
eslint is to create plugins as standalone npm packages, the separate rule
is published as 'eslint-plugins-empty-returns'.

Fixes #8669.
2018-03-13 08:22:42 -04:00
Vishnu Ks 713ca1e5f2 yarn: Update yarn.lock for moment and moment-timezone upgrade. 2018-03-09 11:05:18 -08:00
Aditya Bansal 76f6f7cb47 datetimepicker: Add flatpickr lib as dependancy. 2018-01-19 11:33:11 -05:00
Andy Perez fc2298ec54 node tests: Add nice diffs to js markdown tests.
Fix #3915
2017-12-18 19:03:38 -05:00
Andy Perez e7f1825617 bugdown: Update KaTeX to version 0.8.3 from 0.7.1.
Fixes #7480.
2017-11-23 12:43:34 -08:00
Garvit 52069998eb compose: Preserve links when pasting html.
This uses the to-markdown.js library to do all the hard work of
parsing HTML and turning it into markdown and not e.g. uploaded files.

Tweaked by tabbott to better scope when it activates to just include
pastes of HTML content.

Fixes #5853.
2017-11-21 19:52:47 -08:00
rht bff736868e Generate custom-icon-webfont on each provision or update-prod-static.
Fixes #7354.
2017-11-20 16:36:49 -08:00
Tim Abbott fa0fb9e299 casper: Switch to use a newer casper off master.
Newer casper should fix some problems we've had with contenteditable.
2017-11-16 22:20:38 -08:00
Tim Abbott 7b5ae1ee38 node: Update yarn.lock. 2017-11-16 22:20:38 -08:00
Steve Howell f105c480b3 Calculate gravatar hashes on the webapp client.
This change prepares us to have the server send avatar_url
of None when somebody wants a gravatar avatar (as opposed
to a user-uploaded one).

Subsequent commits will change behavior on both the server
and client to have this happen.  So this commit has no-op
code for now, but it will soon use the fallback-to-gravatar
logic.
2017-11-07 10:36:02 -08:00
rht 49ad5c78e6 js: Update minor versions of several node dependencies. 2017-10-25 14:09:28 -07:00
Umair Khan 4caec524ae yarn: Bump i18next-xhr-backend version to 1.4.3.
This version can take loadPath as a function. i18next sends zh-Hans
as zh-Hans while Django recognizes it as zh_Hans.
2017-10-19 17:56:49 -07:00
Pweaver (Paul Weaver) 1afaa67c7c deps: Change npm to yarn for reliablity, security, and speed. 2017-08-05 12:29:06 -07:00