msb-public/wiki - wiki - 马士兵教育代码仓库

Commit Graph

Author	SHA1	Message	Date
YetheSamartaka	0ecb0047d1	Fix duplicate key value violates unique constraint "userGroups_pkey" This fixes the GraphQL error: insert into "userGroups" ("groupId", "userId") values ($1, $2) returning "groupId" - duplicate key value violates unique constraint "userGroups_pkey" when userGroups table was modified outside of web interface and there is already existing entry with ID that is the same of what is about to be added when assigning group to user.	1 year ago
Dominik	d1b4c8c407	chore(helm): add pod annotations (#7222 )	1 year ago
Nicolas Giard	2e35ebf1dc	docs: Update README.md	1 year ago
Nicolas Giard	904260fd44	fix: set no-store cache control on jwt renew response	2 years ago
Ethan	1238d614e1	Merge pull request from GHSA-xjcj-p2qv-q3rf * Update render.js # Improved handling of mustache expressions and v-pre attribute assignment ## Changes Made: - Ensured that the parent tag of such text nodes is explicitly set to a `<p>` tag with the `v-pre` attribute. - Added debug messages for better understanding of the script execution flow [THIS SHOULD REMOVED WHEN PUSHING TO PRODUCTION]. ## Why it Works: - When a mustache expression is found, the script either wraps it in a new `<p>` tag with the `v-pre` attribute or adds the `v-pre` attribute to the existing parent `<p>` tag. - This approach ensures that the template code is not removed but encapsulated within `<p>` tags with the `v-pre` attribute, as required. ## Test Cases Passed: 1. `<xyz>{{ constructor.constructor('alert(1)')() }}</xyz>` 2. `<xyz>{{ constructor.constructor('alert(1)')() }}</xyz>` 3. `<p><xyz>{{ constructor.constructor('alert(1)')() }}</p>` 4. `<p><xyz>{{ constructor.constructor('alert(1)')() }}</xyz></p>` 5. `<p><xyz>{{constructor.constructor('alert("Test Case 8")')()}}<xyz>{{constructor.constructor('alert("Test Case 9")')()}}</xyz></p>` This commit enhances the robustness and reliability of handling mustache expressions and ensures proper assignment of the `v-pre` attribute, to ensure that there is no room for the weaponization of the template code later in the rendering process. * fix: move template expressions after dom-purify + handle text nodes without parent --------- Co-authored-by: NGPixel <github@ngpixel.com>	2 years ago
Nicolas Giard	98c04fe18e	docs: Update README.md	2 years ago
Nicolas Giard	854ec230dd	ci: Update build.yml	2 years ago
Nicolas Giard	a28b525894	docs: Update SECURITY.md	2 years ago
CDN	f1161aed59	fix: make comment module "Artalk" work with newer versions (#6901 ) * feat: update comment module "Artalk" * fix: update code.yml --------- Co-authored-by: Nicolas Giard <github@ngpixel.com>	2 years ago
Sukka	3a7ce75a1e	refactor(templates): replace `polyfill.io` (#7032 )	2 years ago
Karol Rudnikowski (dxdroni)	f54551ee69	fix: page pagination in tags component (#7061 )	2 years ago
Nicolas Giard	abdd2f0d17	fix: remove upper range node.js version check	2 years ago
Nicolas Giard	66ca18c499	docs: Update README.md	2 years ago
craph	d5af4cb068	chore: fix python issue for node18 in dev Dockerfile (#7029 ) * Fix: email toLowerCase * Fix python issue for node18 in Dockerfile	2 years ago
Nicolas Giard	ece5753ebb	docs: Update README.md	2 years ago
Nicolas Giard	b1e1759f25	fix: set securityTrustProxy to false by default	2 years ago
Jasmine Tai	99e74e8eb2	feat: upgrade markdown-it-emoji to 3.0.0 (#6945 )	2 years ago
Nicolas Giard	34c037c68b	docs: Update README.md	2 years ago
aelgasser	38a46e68ea	feat: sync groups with SAML provider (#6299 ) * feat: added implementation for group mapping in SAML strategies --------- Co-authored-by: Abderraouf El Gasser <abderraouf.elgasser@iktos.com> Co-authored-by: Nicolas Giard <github@ngpixel.com>	2 years ago
Nicolas Giard	fd91caff1d	docs: Update README.md	2 years ago
Nicolas Giard	16245caeff	docs: Update README.md	2 years ago
Pablo	8932d15c0c	fix: typo in kroki name (#6745 )	2 years ago
Nicolas Giard	b19c4e4f23	docs: Update README.md	2 years ago
Nicolas Giard	4ce301d37c	docs: Update README.md	2 years ago
Jaeseo Park	c4c41be81a	chore: upgrade markdown-it-pivot-table version (#6707 )	2 years ago
Nicolas Giard	ef174143ae	docs: Update README.md	2 years ago
Nicolas Giard	2180592ade	ci: fix build.yml	2 years ago
Nicolas Giard	7312de7332	ci: fix build.yml	2 years ago
Nicolas Giard	c66bc1c7c1	ci: fix build.yml	2 years ago
Nicolas Giard	c18a832a3a	docs: Update README.md	2 years ago
Nicolas Giard	cd390ec544	docs: update README.md	2 years ago
Nicolas Giard	8259f0dee6	ci: manually patch extract-files package for windows build	2 years ago
Nicolas Giard	095f8cec7a	ci: fix missing patch-package in windows build	2 years ago
Nicolas Giard	eb91563a0b	ci: fix missing patches folder in docker images	2 years ago
Nicolas Giard	cae50a70d9	ci: add patch-package to docker build	2 years ago
Jason Minard	491d63ceee	fix(auth): keycloak authentication post logout redirect for Keycloak 18+ (#5878 )	2 years ago
NGPixel	3855d2c853	fix: add node 18 + 20 compatibility	2 years ago
Jaeseo Park	d75fc76c0c	feat: add markdown-it-pivot-table rendering module (#6574 ) * feat: markdown-it-pivot-table * chore: upgrade dependency version * style: remove semicolon in renderer.js --------- Co-authored-by: Nicolas Giard <github@ngpixel.com>	2 years ago
Andrew McFadden	db8a09fe8c	feat: add ACR Value option to OIDC Module (#6553 ) --------- Co-authored-by: Nicolas Giard <github@ngpixel.com>	2 years ago
matt1097	f02b7ba94e	fix(git): Reduce git concurrency to avoid lock file conflicts. (#6511 )	3 years ago
CDN	4e5e8309a6	feat: add v2 of analytics module umami (#6442 ) * feat: create analytics module umami2 --------- Co-authored-by: Nicolas Giard <github@ngpixel.com>	3 years ago
Kyle Gehmlich	545ba4ec95	fix: remove duplicate query parameters on HTTPS redirect (#6460 ) HTTPS redirection rebuilds the full URL using req.originalUrl, which includes query parameters (see https://expressjs.com/en/api.html#req.originalUrl). Prior to this patch, appending the stringified query params to req.originalUrl resulted in duplicate parameters, e.g. wiki.js/callback?session=123&code=abc?session=123&code=abc which caused errors when being redirected from an insecure (http://) callback URL to a secure version when using OIDC (e.g. with keycloak). This issue is probably rare, but in cases where HTTPS redirection is enabled and a user tries to hit an insecure URL with query parameters, it could cause problems.	3 years ago
Nicolas Giard	3bf1d9cf28	fix: disable template compilation in source view	3 years ago
Nicolas Giard	55bd9944f5	docs: update BACKERS	3 years ago
Nicolas Giard	56547f716a	docs: update README.md	3 years ago
Nicolas Giard	e059fbb47d	docs: update BACKERS	3 years ago
Nicolas Giard	6fac7a3749	docs: update BACEKRS	3 years ago
Nicolas Giard	e1d282ad11	feat: warn and exit on unsupported node version	3 years ago
DerekJarvis	fd00272314	feat(auth): allow custom GitLab endpoints for self-managed instances (#6399 ) * Allow custom GitLab endpoints for self-hosting --------- Co-authored-by: Nicolas Giard <github@ngpixel.com>	3 years ago
Nicolas Giard	5b80b5e850	docs: update BACKERS	3 years ago

1 2 3 4 5 ...

2139 Commits (0ecb0047d1b6208498e638410f8119143721eefc) All Branches Search

2139 Commits (0ecb0047d1b6208498e638410f8119143721eefc)

All Branches