Commit Graph

243 Commits

Author SHA1 Message Date
Anders Kaseorg fffef412bc dependencies: Upgrade to-markdown 3.1.1 to turndown 5.0.3.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-11-11 16:26:31 -08:00
Anders Kaseorg cce85f6ec7 dependencies: Upgrade katex from 0.10.2 to 0.11.1.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-11-11 16:26:31 -08:00
Anders Kaseorg ffe8ec3450 dependencies: Upgrade eslint from 6.0.1 to 6.6.0.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-11-11 16:26:31 -08:00
Anders Kaseorg 51589e5273 package.json: Remove unused dependencies imports-loader, lazysizes.
imports-loader is unused as of commit
218c60ae86 (#12749).

lazysizes is unused as of commit
8a15b9ee87 (#12112).

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-11-08 14:08:50 -08:00
Anders Kaseorg de4685441c typescript: Type webpack.config.ts correctly.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-11-04 18:12:11 -08:00
Thomas Ip c93522d847 blueslip: Make stack trace more readable.
The stack trace popup is now sourcemapped and each stackframe have a
expandable code context window.

[anders@zulipchat.com: Rebased and simplified.]
2019-10-31 13:47:54 -07:00
Anders Kaseorg c31615a760 package.json: Remove @types/source-map.
`source-map` provides its own types, so with TypeScript configured
with `--moduleResolution node`, we don’t need the obsolete
`@types/source-map` package.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-30 13:13:21 -07:00
Anders Kaseorg d1a3bf424a requirements: Use webpack4 fork of django-webpack-loader.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-28 15:53:15 -07:00
Anders Kaseorg ee9a6071fd 5xx.html: Build with webpack.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-28 15:53:15 -07:00
Anders Kaseorg 173c9cee42 frontend_tests: Switch from ts-node to Babel; add rewire-ts plugin.
This will let tests rewrite TypeScript/ES6 module bindings that would
otherwise be read-only.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-10-17 16:48:23 -07:00
Anders Kaseorg 990f08da90 dependencies: Upgrade nearly all JavaScript dependencies to latest.
Keep katex at 0.10.x, mini-css-extract-plugin at 0.6.x
(https://github.com/webpack-contrib/mini-css-extract-plugin/issues/417),
and typescript-eslint at 1.x for now.  Upgrade everything else.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-19 12:08:52 -07:00
Anders Kaseorg 177eb2e02e webpack: Move CSS minification to optimization stage.
Otherwise Bootstrap doesn’t get minified, and also the minification
state is incorrectly reflected in the webpack cache.

The Terser plugin is used by default; we need to include it explicitly
to avoid removing it.

Switch from cssnano to clean-css because it’s noticeably faster.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-02 21:58:13 -07:00
Anders Kaseorg 9b0401b76d package.json: Use caret ranges for more deduplication opportunities.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-02 19:30:09 -07:00
Anders Kaseorg e57ede9421 yarn.lock: Share duplicate packages with yarn-deduplicate.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-02 19:30:09 -07:00
Anders Kaseorg d312d04510 styles: Replace Sass with PostCSS.
It’s about as fast as node-sass (faster, according to their
benchmarks) and more flexible.  Autoprefixer is neat: we can now go
delete all our -moz-, -webkit-, etc. lines and have them autogenerated
as necessary based on .browserslistrc.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-08-29 16:35:51 -07:00
Anders Kaseorg 37ece9b8e2 webpack: Replace node-sass with Dart Sass.
It doesn't require scripts to install, allowing us to migrate yarn to
the more secure --ignore-scripts option.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-08-26 14:35:26 -07:00
Anders Kaseorg f54a63e2f9 webpack: Transpile JS code with Babel.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-22 17:55:32 -07:00
Anders Kaseorg ecfb7c6a7f lint: Add TypeScript compiler as a linter.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-22 17:55:18 -07:00
Anders Kaseorg 06aa87296c dependencies: Upgrade eslint to 6.0.1.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-20 16:12:51 -07:00
Vinit Singh 86073588be dependencies: Upgrade jquery-autosize 1.17.7 to autosize 4.0.2.
The API for the autosize library changed upstream, so several changes
had to be made to relevant js files for a successful upgrade.

Resolves #12695.
2019-07-18 14:33:16 -07:00
Anders Kaseorg 953b69e5ea dependencies: Upgrade simplebar to 4.1.0.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-18 12:19:55 -07:00
Anders Kaseorg ab89f40a66 generate-custom-icon-webfont: Replace with webpack webfonts-loader.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-18 12:00:00 -07:00
Anders Kaseorg 218c60ae86 third: Upgrade spectrum-colorpicker to 1.8.0 from NPM.
We had several patches to spectrum, but the only essential one 
(0ea770fc18) had already been fixed upstream,
and another was just handling jQuery deprecation warnings for not yet removed features.

See #12749 for details.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-10 10:07:34 -07:00
Anders Kaseorg 5f3d36ae87 tex: Bundle KaTeX CLI using Webpack.
We don’t need a hacked copy anymore.  We run the installed version out
of node_modules in development, and a Webpack-bundled version of that
in production.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-02 16:50:03 -07:00
Anders Kaseorg f346d0e511 dependencies: Use core-js for String.prototype polyfills.
It seems like the de facto standard ES polyfill library these days,
and we already depend on it through simplebar.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-02 16:50:03 -07:00
Thomas Ip 8c199fd44c webpack: Use handlebars-loader to handle frontend templates.
And remove the compile-handlebars-templates system.
2019-07-02 16:23:29 -07:00
Anders Kaseorg 438c7c46ed third: Get jquery-caret-plugin from NPM.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-02 15:04:58 -07:00
Anders Kaseorg 1647582acf third: Get jquery-autosize from NPM.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-07-02 15:04:58 -07:00
Anders Kaseorg f407a12ba2 test-documentation: Validate HTML with vnu.jar.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-06-27 14:53:21 -07:00
Thomas Ip 637b2b784a dependencies: Upgrade mini-css-extract-plugin to 0.6.0 and use HMR.
Given mini-css-extract-plugin can now do hot module replacement,
this commit also removed css-hot-loader. Not upgrading to 0.7.0
as that cause webpack to crash.
2019-06-24 17:58:51 -07:00
Thomas Ip 413c3066f0 dependencies: Upgrade to ts-loader 6.0.2. 2019-06-24 17:58:27 -07:00
Thomas Ip 1c99cb320e dependencies: Upgrade swagger-parser to 6.0.5.
4.0.0 changed how options worked but we didn't use that so no
changes needed.
2019-06-24 17:58:27 -07:00
Thomas Ip 6f2a909e22 dependencies: Upgrade style-lint to 10.0.1. 2019-06-24 17:58:27 -07:00
Thomas Ip 308d7bb8f5 dependencies: Upgrade cache-loader to 4.0.0. 2019-06-24 17:58:27 -07:00
Thomas Ip 90a011a3c4 dependencies: Upgrade nyc to 14.1.1. 2019-06-24 17:58:26 -07:00
Thomas Ip 7738273e5a dependencies: Upgrade style-loader to 0.23.1. 2019-06-24 17:58:26 -07:00
Thomas Ip 380114d709 dependencies: Upgrade lazysizes to 5.1.0. 2019-06-24 17:58:26 -07:00
Thomas Ip 1bfb5e48fe dependencies: Upgrade file-loader to 4.0.0. 2019-06-24 17:58:26 -07:00
Thomas Ip e17fb33b47 dependencies: Upgrade katex to 0.10.2.
The markup output changed but the rendering is the same, so modified
expected output in tests.

There is a regression introduced in one of the new versions of KaTeX,
which produces a warning in our node tests:
```
No character metrics for ' ' in style 'Main-Bold'
```
but the rendering is correct so we can ignore it.
Tracking issue: KaTeX/KaTeX#1994

Fixes #12472.
2019-06-24 17:58:26 -07:00
Thomas Ip 8fd55cea9d dependencies: Upgrade jsdom to 15.1.1. 2019-06-24 17:58:26 -07:00
Thomas Ip f92d244930 dependencies: Remove cssstyle, htmlparser2, nwmatcher & xmlhttprequest.
All of these are no longer needed.
2019-06-24 17:58:26 -07:00
Thomas Ip aabf041d69 dependencies: Upgrade css-loader to 2.1.1. 2019-06-24 17:58:26 -07:00
Thomas Ip caa860f7a2 dependencies: Upgrade @types/node to 12.0.7. 2019-06-24 17:58:26 -07:00
Thomas Ip e3ab233a68 dependencies: Upgrade webpack to 4.33.0. 2019-06-24 17:58:26 -07:00
Thomas Ip d1d06af2c6 dependencies: Upgrade jQuery to 3.4.1.
API changes:
* Positional selectors (eg :first, :eq) are deprecated in 3.4.0 and
  will be removed in 4.0. Use positional methods instead.
2019-06-06 15:21:26 -07:00
Priyank Patel e590ce95ea dependencies: Add cache-loader for webpack build caching. 2019-06-03 20:15:51 -07:00
Thomas Ip 3b105921bb dependencies: Upgrade winchan to 0.2.1. 2019-06-03 12:24:00 -07:00
Thomas Ip 537014ee47 dependencies: Upgrade typescript to 3.5.1. 2019-06-03 12:24:00 -07:00
Thomas Ip be48eb165d dependencies: Upgrade webpack-dev-server to 3.5.1 and install types. 2019-06-03 12:24:00 -07:00
Thomas Ip 545508da7b dependencies: Upgrade webpack(-cli) to 4.32.2 (3.3.2).
webpack 4.20.0 require webpack-cli 3.1.1.
2019-06-03 12:24:00 -07:00
Thomas Ip 4097025df7 dependencies: Upgrade svgo to 1.2.2. 2019-06-03 12:24:00 -07:00
Thomas Ip 19d18bdfbb dependencies: Upgrade source-sans-pro to 2.45.0. 2019-06-03 12:24:00 -07:00
Thomas Ip 57e9b21d90 dependencies: Remove source-map-loader.
The loader is not currently used.
2019-06-03 12:24:00 -07:00
Thomas Ip 238ea25fca dependencies: Upgrade sortablejs to 1.9.0.
Also set it to concrete version.
2019-06-03 12:24:00 -07:00
Thomas Ip eccd258407 dependencies: Upgrade sass-loader to 7.1.0.
v7.1.0 allows the loader to use any sass implementation. The new
reference implementation of sass, dart-sass, is faster than libsass
in toy benchmarks but perform about the same when compiling
bootstrap. So we will stay on libsass for now.
2019-06-03 12:24:00 -07:00
Thomas Ip 37b0b0f246 dependencies: Upgrade plotly.js to 1.48.1.
v1.41.0 introduced the {resposive: true} option, we could use it.
2019-06-03 12:24:00 -07:00
Thomas Ip ecd746e8c8 dependencies: Upgrade nwmatcher to 1.44.0. 2019-06-03 12:24:00 -07:00
Thomas Ip ec47608aaf dependencies: Upgrade node-sass to 4.12.0. 2019-06-03 12:24:00 -07:00
Thomas Ip e75017b0b5 dependencies: Upgrade moment(-timezone) to 2.24.0 (0.5.25). 2019-06-03 12:24:00 -07:00
Thomas Ip 657448b053 dependencies: Upgrade jquery-validation to 1.19.0. 2019-06-03 12:24:00 -07:00
Thomas Ip 562f6c1c39 dependencies: Upgrade htmlparser2 to 3.10.1. 2019-06-03 12:24:00 -07:00
Thomas Ip de606373c2 dependencies: Upgrade handlebars to 4.1.2. 2019-06-03 12:24:00 -07:00
Thomas Ip 34aaa64a72 dependencies: Upgrade eslint to 5.16.0. 2019-06-03 12:24:00 -07:00
Thomas Ip efb37d9794 dependencies: Upgrade @typescript-eslint/parser to 1.9.0. 2019-06-03 12:24:00 -07:00
Thomas Ip 1268616ca2 dependencies: Upgrade @typescript-eslint/eslint-plugin to 1.9.0.
Updated .eslintrc with new rules.
2019-06-03 12:24:00 -07:00
Thomas Ip 7643417c82 dependencies: Upgrade packages with patch level updates. 2019-06-03 12:24:00 -07:00
Tim Abbott 43e634a9b8 Revert "dependencies: Upgrade webpack-dev-server to v3.4.1."
This seems to have broken the development server.

This reverts commit daf8dd1960.
2019-05-31 17:59:13 -07:00
Priyank Patel daf8dd1960 dependencies: Upgrade webpack-dev-server to v3.4.1. 2019-05-31 15:07:17 -07:00
Anders Kaseorg 3b7f3f1887 dependencies: Upgrade simplebar to 4.0.0.
Fixes #12347.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-05-23 17:31:07 -07:00
Anders Kaseorg 978357e55e dependencies: Update yarn.lock for simplebar@4.0.0-alpha.9 upgrade.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-05-20 19:23:37 -07:00
Anders Kaseorg 141088586b Completely replace perfect-scrollbar with SimpleBar.
perfect-scrollbar replaces both the appearance and the behavior of the
scrollbar, and its emulated behavior will never feel native on most
platforms.  SimpleBar customizes the appearance while preserving the
native behavior.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-05-17 12:06:51 -07:00
Anders Kaseorg d4b060a520 dependencies: Upgrade simplebar to 4.0.0-alpha.6.
Fixes #12038.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-04-28 21:32:55 -07:00
Anders Kaseorg 591e0a04fc yarn.lock: Add integrity hashes.
This commit was generated by

    echo 'unsafe-disable-integrity-migration false' > .yarnrc
    yarn
    rm .yarnrc

This migration was added in yarn 1.10, but disabled by default in yarn
1.12 for better interoperability with previous versions of yarn, which
cause unnecessary yarn.lock churn by removing the integrity hashes
unconditionally.  It will be reenabled by default in yarn 2.0.

With or without this change, yarn will be adding integrity hashes for
new or updated packages.  We don’t need to interoperate with previous
versions, so we might as well do this entire migration now.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-04-22 13:55:24 -07:00
Thomas Ip 02cb85a8a9 typescript: Use ESLint instead of TSLint. 2019-04-13 11:42:47 -07:00
Priyank Patel 9c4ef94726 dependencies: Add lazysizes npm package. 2019-04-05 15:51:02 -07:00
Thomas Ip 42a666c22b dependencies: Downgrade ts-node to v7.0.1.
The current v8.0.0^ has a slow startup time due to some module
resolution issue.
2019-03-21 10:44:34 -07:00
Anders Kaseorg 8b76a55b16 dependencies: Upgrade simplebar to 3.1.3.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-03-18 22:24:29 -07:00
Thomas Ip 60c9f22129 typescript: Update TS related dependencies. 2019-02-12 15:59:51 -08:00
Harshit Bansal 88bfb9778b build_emoji: Add infrastructure for google-blob and twitter emojisets. 2018-08-31 11:52:24 -07:00
Harshit Bansal 29daf76420 emoji: Don't generate emoji farms corresponding to now banned emojisets.
This will help us in reducing the size of the release tarball
significantly. I have refrained from changing the `EMOJISETS`
constant in the `emoji_setup_utils.py` as that controls the
emojisets that we want to support. Since we want to re-enable
the feature of changing emojisets sometime again in the future
that variable should be kept as it is as it controls several
other things like emoji scripts that we use to generate emoji
names. Changing it might cause hard to catch bugs.
2018-08-13 12:09:06 -07:00
Robert Hencke 9379f3d317 yarn: Remove duplicate clipboard dependency. 2018-07-27 00:12:05 -07:00
Aditya Bansal f2368bea22 stylelint: Add stylelint package. 2018-07-25 09:04:03 -07:00
Harshit Bansal bf70955c0c emoji: Update `emoji-datasource` packages.
This commit updates the `emoji-datasource` packages to version 4.0.4.
This update brings following changes to emoji infra:

1: Fix for the bleeding sprite sheets.

2: The category of some emojis has been changed. Categorywise breakup of
   net gain or loss is as follows:
    Travel & Places: 58 (gain)
    Symbols: 47 (loss)
    Smileys & People: 52 (gain)
    Objects: 11 (loss)
    Food & Drink: 3 (gain)
    Animals and Nature: 46 (gain)
    Activities: 9 (loss)

3: There were some changes in the image farm of the package which were
   breaking our old emoji farm. I fixed them by modifying the remapped
   emoji map.

Fixes: #8235.
2018-07-23 08:04:58 -07:00
Cynthia Lin 7d9281fa6c simplebar: Add simplebar dependency for help page scrolling. 2018-07-11 20:04:55 +05:30
Armaan Ahluwalia 54d3d8e8b3 webpack: Transition app.js to be compiled by webpack.
This commit moves all files previously under the 'app' bundle in
the Django pipeline to being compiled by webpack under the 'app'
entry point. In the process, it moves assets under the app entry
to a file called app.js that consumes all relevant css and js files.

This commit also edits the webpack config to be able to expose certain
variables for third party libraries that are currently required by
some modules. This is bad coding form and should be refactored to
requiring whatever dependencies a module may have; we're just
deferring that to the future to simplify the series of transitions we
need to do here. The variable exposure is done using expose-loader in
webpack.

The app/index.html template is edited to override the newly introduced
'commonjs' block in the base template. This is done as a temporary
measure so as not to disrupt other pages on the app during the transition.

It also fixes the value of the 'this' context that was being inferred
as window by third party libraries. This is done using imports-loader
in the webpack config.  This is also messy and probably isn't how we
want things to work long term.
2018-07-05 11:03:08 +02:00
Yashashvi Dave 2b478268f3 third: Add sortablejs library. 2018-07-01 02:05:00 -07:00
Shubham Padia c72d38df56 yarn: Remove fuzzysearch from dependencies. 2018-06-26 20:38:47 -04:00
Shubham Dhama 8c55c52526 yarn: Remove i18n packages that are no longer used.
We removed these when we converted the app's frontend translations
mechanism to instead send the translation data in `page_params`.
2018-06-05 09:22:26 -07:00
Armaan Ahluwalia 1525e92058 logging/errors/webpack: Improve error stack traces with blueslip.
This commit improves the output that blueslip produces while
showing error stack traces on the front-end. This is done by
using a library called error-stack-parser to format the stack
traces.

This commit also edits the webpack config to use a different
devtool setting since the previous one did not support sourcemaps
within stack traces. It also removes a plugin that was obviated
by this change.
2018-05-22 14:36:41 -07:00
Priyank Patel ac7e6b19bd xmlhttprequest: Upgrade xmlhttprequest to v1.8.0. 2018-05-20 11:11:03 -07:00
Priyank Patel 62a90661ad underscore: Upgrade underscore to v1.9.0. 2018-05-20 11:11:03 -07:00
Priyank Patel 4605579335 typescript: Upgrade typescript to v2.8.3. 2018-05-20 11:11:03 -07:00
Priyank Patel 38d6654265 tslint: Upgrade tslint to v5.10.0. 2018-05-20 11:11:03 -07:00
Priyank Patel a60099a6d5 ts-loader: Upgrade ts-loader to v4.3.0. 2018-05-20 11:11:03 -07:00
Priyank Patel 0c87ce5b1c svgo: Upgrade svgo to v1.0.5.
It also updated all the svg to be optmized per new version.
This new version, since the last version contains bug fixes and improvement.
Refs: https://github.com/svg/svgo/releases
2018-05-20 11:11:03 -07:00
Priyank Patel 0d697cd569 String.codePointAt: Upgrade String.codePointAt polyfill to v0.2.1. 2018-05-20 11:11:03 -07:00
Priyank Patel 4091815721 moment-timezone: Upgrade moment-timezone to v0.5.17.
Refs: https://github.com/moment/moment-timezone/blob/master/changelog.md
2018-05-20 11:11:03 -07:00
Priyank Patel 506b23237a jquery-validation: Upgrade jquery-validation to v1.17.0
Refs: https://github.com/jquery-validation/jquery-validation/releases/tag/1.17.0
2018-05-20 11:11:03 -07:00
Priyank Patel 11d819ee3d clipboard: Upgrade clipboard to v2.0.1. 2018-05-20 11:11:03 -07:00
Priyank Patel 9c4a189781 moment: Upgrade moment to v2.22.1.
This version since the last version contains bug fixes and locale improvements.
Ref: https://github.com/moment/moment/blob/develop/CHANGELOG.md#2221-see-full-changelog
2018-05-20 11:11:03 -07:00
Priyank Patel 778742a189 jsdom: Upgrade jsdom to v11.10.0.
This also updates node_tests to use new constructor which is uppercase,
and some properties that are changed to be more clear now, like
jsdom().defaultView which is meant to the window object is now called window.

Ref: https://github.com/jsdom/jsdom/blob/master/Changelog.md
2018-05-20 11:11:03 -07:00
Priyank Patel 00151f988a handlebars: Upgrade handlebars to v4.0.11.
This version only contains bugfixes. No breaking changes have been introduced.
Ref: https://github.com/wycats/handlebars.js/blob/master/release-notes.md#v4011---october-17th-2017
2018-05-20 11:11:03 -07:00
Priyank Patel 7b40f8d50d flatpickr: Upgrade flatpickr to v4.5.0.
This new version is a lot ahead that what we now have currently.
Reading through the changelog there does not seem to any breaking
changes, just that this package have been updated a lot.

Ref: https://github.com/flatpickr/flatpickr/releases
2018-05-20 11:11:03 -07:00
Priyank Patel f02c2349b8 @types/webpack: Upgrade @types/webpack to v4.4.0.
This updates the webpack typescript type defenations to latest so we
can find bugs with webpack configurations.
2018-05-20 11:11:03 -07:00
Priyank Patel bcfc34c996 webpack-cli: Upgrade webpack-cli to v2.1.3.
This version just contains bugs fixes and regressions covered.
Ref: https://github.com/webpack/webpack-cli/releases/tag/2.1.3
2018-05-20 11:11:03 -07:00
Priyank Patel 50b663906a nyc: Upgrade nyc to v11.8.0.
This fixes a one vulnerability with this package's dependency.

randomatic - Cryptographically Weak PRNG
Ref: https://nodesecurity.io/advisories/157
2018-05-20 11:11:03 -07:00
Priyank Patel 19ba08e055 webpack-dev-server: Upgrade webpack-dev-server to v3.1.4. 2018-05-20 11:11:03 -07:00
Priyank Patel 74b0a73260 phantomjs-prebuilt: Upgrade phantomjs-prebuilt to 2.1.16.
This solves 8 vulnerabilities, in its dependencies.

conacat-stream - Memory Exposure
Ref: https://nodesecurity.io/advisories/597

hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566

tunnel-agent - Memory Exposure
Ref: https://nodesecurity.io/advisories/598

debug - Regular Expression Denial of Service
Ref:  https://nodesecurity.io/advisories/534

stringstream - Out-of-bounds Read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Priyank Patel b9d49c846e webpack: Upgrade webpack to v4.8.3. 2018-05-20 11:11:03 -07:00
Priyank Patel 6f4fc628e6 node-sass: Upgrade node-sass to v4.9.0.
This resolves 12 vulnerabilities.

Following were the issue with the dependencies of node-sass.
hoek - Prototype Pollution
Ref: https://nodesecurity.io/advisories/566

tunnle-agent - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/598

stringstream - Out-of-bounds read
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Priyank Patel b376629974 ploty.js: Upgrade ploty.js to v1.37.1.
This solves 14 security venrubilities in the ploty.js's dependencies.
This was found by using the `npm audit` tool which can analyse dependencies
of dependencies issues.

static-eval - Sandbox Breakout / Arbitrary Code Execution
Ref: https://nodesecurity.io/advisories/548

hoek - Prototype pollution
Ref: https://nodesecurity.io/advisories/566

stringstream - Memory Exposure issue
Ref: https://nodesecurity.io/advisories/664
2018-05-20 11:11:03 -07:00
Aman Ghebreweldi e5ec1e83e8 third: Use fontawesome NPM package.
This removes the need for us to have checked in a copy of fontawesome.
2018-05-17 04:58:30 -07:00
Aman Ghebreweldi b496afc8b9 third: Remove font Source Sans Pro from static/third.
We can just get it from NPM instead.
2018-05-15 16:22:44 -07:00
Aman Ghebreweldi 83ee8211a8 third: Get sorttable package from npm.
We didn't have any local changes, so there's no need to have it
vendored in the repository.
2018-05-15 09:25:48 -07:00
Armaan Ahluwalia 64dadae697 webpack: Add css-hot-loader to remove flash on unstyled content.
This commit removes the flash on unstyled content while in dev
mode that was caused by the use of style-loader. Instead it
enables mini-css-extract-plugin in dev in combination with
css-hot-loader which enables HMR for development.

This is because mini-css-extract-plugin does not currently support
HMR out of the box. It also adds a SourceMapDevtoolPlugin to enable
sourcemaps with css since mini-css breaks sourcemaps when used in
combination with the cheap-module-evel-source-map setting.

Related issues:
https://github.com/webpack-contrib/mini-css-extract-plugin/issues/34
https://github.com/webpack-contrib/mini-css-extract-plugin/issues/29
2018-05-02 16:55:58 -07:00
Armaan Ahluwalia bda9f3e3ea CSS: Install dependencies for SCSS Integration.
This commit installs the dependencies required for SCSS compilation
by webpack.
2018-04-27 08:52:37 -07:00
Armaan Ahluwalia fc7aa1a771 webpack: Upgrade webpack version 4.5.0.
Upgrade webpack to latest version at the time of authoring. This
involves upgrading webpack version and its loaders to compatible
versions. It also involved editing tools/webpack to use the
executable for webpack-cli instead because of a change in how the
webpack package wants you to handle shell execution.
It also fixes the confugration for TypeScript in the webpack config
as that was previously broken. Including TypeScript files in JS
files compiled by webpack now works.
2018-04-23 15:49:33 -07:00
Priyank Patel 29f04511c0 node_tests: Use nyc instead of deceprated istanbul package. 2018-04-23 15:27:16 -04:00
Shubham Padia 55619cbe70 browser-support: Add string.prototype.endswith polyfill.
String.prototype.endsWith is not supported in ie11.
Adds string.prototype.endswith package to dependencies and places
it at `common` entry point in webpack.assets.json.
2018-04-11 15:40:57 -07:00
Shubham Padia b906562f22 browser-support: Add string.prototype.startsWith polyfill.
Fixes #8944.
Adds string.prototype.startswith package to dependencies and places
it at `common` entry point in webpack.assets.json. As common.js is
loaded on all code paths first, there is no need to place this package
into other entry points.
2018-04-09 12:16:19 -07:00
Tim Abbott d1c57df0ca estlint: Upgrade version of eslint. 2018-04-06 11:58:58 -07:00
Priyank f5acbcb4c8 clipboard: Update clipboard to v2.0.0 to avoid variable name conflict.
It turns out, now we have a new standard way to access clipboard by
`Clipboard` method and currently this conflict with the constructor
exported by clipboard package. The new update v2.0.0 was released to address
this issue. The new version just exports the constructor as `ClipboardJS`.

Ref: https://developer.mozilla.org/en-US/docs/Web/API/Clipboard
Ref: https://github.com/zenorocha/clipboard.js/issues/468
2018-04-05 15:09:00 -07:00
Gooca 91185b7170 Updated source-map-loader to 0.2.3. 2018-03-22 14:43:26 -07:00
Gooca 2b3eb7f541 Updated i18next-xhr-backend to 1.5.1. 2018-03-22 14:43:26 -07:00
Gooca a9ba630a37 Updated jquery to 3.3.1. 2018-03-22 14:43:26 -07:00
Gooca a4da724f22 Updated typescript to 2.7.2. 2018-03-22 14:43:26 -07:00
Gooca f0e49e6cbb Updated webpack-bundle-tracker to 0.3.0. 2018-03-22 14:43:26 -07:00
Gooca 2363c9955a ui scrollbar: Update perfect-scrollbar to 1.3.0.
Update perfect-scrollbar to fix stutter space-scrolling in #8544. Also
reworked deprecated `element.perfectScrollbar` to `new
PerfectScrollbar(element)`.  Lastly, updated provision version and
changed node module path to new path.

This also refactors perfect-scrollbar in help.js to work with updated
version of perfect-scrollbar. Because the update also changed
perfect-scrollbar's css selectors for all scrollbars in zulip, we
update those too.

Fixes #8544.
2018-03-20 21:59:11 -07:00
Priyank b8840108bb yarn: Update broken yarn lockfile.
This commit fixes currupted yarn lockfile, which generated this warning:
```
warning Lockfile has incorrect entry for "d3-queue@2". Ignoring it.
warning Lockfile has incorrect entry for "inherits@2". Ignoring it.
warning Lockfile has incorrect entry for "request@2". Ignoring it.
warning Lockfile has incorrect entry for "rimraf@2". Ignoring it.
```
2018-03-20 14:55:11 -07:00
Harshit Bansal 40958e0824 emoji: Switch to 64px 256 color indexed sprite sheets.
This commit switches our emoji infrastructure to use 256 color indexed
64px spritesheets. Earlier we were using non-indexed 32px spritesheets
which were blurry on high dpi displays. These indexed spritesheets not
only provide a crispier display but are also smaller in size.

This commit also removes the `emoji-datasource` package as a dependency
as all the data is now sourced from individual datasource packages.

Fixes: #7862.
2018-03-14 10:28:45 -07:00
Rohitt Vashishtha b22e8dc2b7 lint: Replace 'return undefined;' with 'return;'.
Also adds a custom rule to eslint. Since the recommended way of extending
eslint is to create plugins as standalone npm packages, the separate rule
is published as 'eslint-plugins-empty-returns'.

Fixes #8669.
2018-03-13 08:22:42 -04:00
Vishnu Ks 713ca1e5f2 yarn: Update yarn.lock for moment and moment-timezone upgrade. 2018-03-09 11:05:18 -08:00
Aditya Bansal 76f6f7cb47 datetimepicker: Add flatpickr lib as dependancy. 2018-01-19 11:33:11 -05:00
Andy Perez fc2298ec54 node tests: Add nice diffs to js markdown tests.
Fix #3915
2017-12-18 19:03:38 -05:00
Andy Perez e7f1825617 bugdown: Update KaTeX to version 0.8.3 from 0.7.1.
Fixes #7480.
2017-11-23 12:43:34 -08:00
Garvit 52069998eb compose: Preserve links when pasting html.
This uses the to-markdown.js library to do all the hard work of
parsing HTML and turning it into markdown and not e.g. uploaded files.

Tweaked by tabbott to better scope when it activates to just include
pastes of HTML content.

Fixes #5853.
2017-11-21 19:52:47 -08:00
rht bff736868e Generate custom-icon-webfont on each provision or update-prod-static.
Fixes #7354.
2017-11-20 16:36:49 -08:00
Tim Abbott fa0fb9e299 casper: Switch to use a newer casper off master.
Newer casper should fix some problems we've had with contenteditable.
2017-11-16 22:20:38 -08:00
Tim Abbott 7b5ae1ee38 node: Update yarn.lock. 2017-11-16 22:20:38 -08:00
Steve Howell f105c480b3 Calculate gravatar hashes on the webapp client.
This change prepares us to have the server send avatar_url
of None when somebody wants a gravatar avatar (as opposed
to a user-uploaded one).

Subsequent commits will change behavior on both the server
and client to have this happen.  So this commit has no-op
code for now, but it will soon use the fallback-to-gravatar
logic.
2017-11-07 10:36:02 -08:00
rht 49ad5c78e6 js: Update minor versions of several node dependencies. 2017-10-25 14:09:28 -07:00
Umair Khan 4caec524ae yarn: Bump i18next-xhr-backend version to 1.4.3.
This version can take loadPath as a function. i18next sends zh-Hans
as zh-Hans while Django recognizes it as zh_Hans.
2017-10-19 17:56:49 -07:00
Pweaver (Paul Weaver) 1afaa67c7c deps: Change npm to yarn for reliablity, security, and speed. 2017-08-05 12:29:06 -07:00