Commit graph

86 commits

Author SHA1 Message Date
qwerty287
6c9ff24ba6
Fix installation type (#2902)
`isomorphic-dompurify` should be installed as dev dependency.
2023-12-03 09:49:34 +01:00
qwerty287
1caccdc977
Sanitize plugin docs content (#2900) 2023-12-02 14:48:26 +01:00
renovate[bot]
de5855b706
Update dependency marked to v11 (#2898) 2023-12-02 14:33:51 +01:00
renovate[bot]
60c021e510
Lock file maintenance (#2840)
[![Mend Renovate logo
banner](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Update | Change |
|---|---|
| lockFileMaintenance | All locks refreshed |

🔧 This Pull Request updates lock files to use the latest dependency
versions.

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC),
Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/woodpecker-ci/woodpecker).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy41OS44IiwidXBkYXRlZEluVmVyIjoiMzcuNTkuOCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
2023-11-19 14:28:58 +01:00
renovate[bot]
82877bc967
Update dependency marked to v10 (#2810) 2023-11-12 07:59:37 +01:00
Patrick Schratz
905bb95853
Update docs npm deps non-major (#2799)
To fix security scan issues of `axios`. (renovate would have only
scheduled this tomorrow or on Sunday). I force-triggered the creation.

Usually renovate would also create the PR but it was somehow stuck
between automerge and missing branch tests (which is also why #2798 is
good to have).

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: qwerty287 <ndev@web.de>
2023-11-11 21:38:54 +01:00
qwerty287
e6b3b94241
Update docusaurus plugin (#2804)
closes #2788
2023-11-11 11:20:46 +01:00
renovate[bot]
9e0e62a757
Lock file maintenance (#2755)
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Update | Change |
|---|---|
| lockFileMaintenance | All locks refreshed |

🔧 This Pull Request updates lock files to use the latest dependency
versions.

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC),
Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/woodpecker-ci/woodpecker).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMS41IiwidXBkYXRlZEluVmVyIjoiMzcuMzEuNSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-11-06 01:19:08 +01:00
qwerty287
8946d2099c
Update docusaurus to v3 (#2732)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
2023-11-05 10:43:44 +01:00
renovate[bot]
c36b1cd6ff
chore(deps): lock file maintenance (#2673) 2023-10-31 13:21:20 +01:00
renovate[bot]
4dbde3c409
fix(deps): update dependency fuse.js to v7 (#2666)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-28 21:31:34 +02:00
renovate[bot]
e0463068c9
chore(deps): update dependency @types/node to v20 (#2664)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-28 21:17:32 +02:00
renovate[bot]
4f8732bafc
chore(deps): update docs npm deps non-major (#2660) 2023-10-28 08:43:25 +02:00
renovate[bot]
833a4ea9b4
chore(deps): lock file maintenance (#2620) 2023-10-23 08:25:44 +02:00
renovate[bot]
da61c6a4ba
chore(deps): lock file maintenance (#2595) 2023-10-17 20:25:51 +02:00
renovate[bot]
24204ecdeb
chore(deps): lock file maintenance (#2497) 2023-09-25 08:41:27 +02:00
renovate[bot]
1653a8eadf
chore(deps): lock file maintenance (#2469) 2023-09-18 07:54:02 +02:00
renovate[bot]
c4f8798cf6
fix(deps): update dependency prism-react-renderer to v2 (#2436) 2023-09-11 08:52:23 +02:00
renovate[bot]
d8dd84fa4f
fix(deps): update dependency esbuild-loader to v4 (#2433) 2023-09-10 17:56:17 +02:00
renovate[bot]
0e21832dcb
fix(deps): update dependency clsx to v2 (#2432) 2023-09-10 17:47:09 +02:00
renovate[bot]
cedb56111a
fix(deps): update dependency @svgr/webpack to v8 (#2429) 2023-09-10 14:29:06 +02:00
renovate[bot]
69db7e7f37
chore(deps): update react monorepo to v18 (major) (#2424) 2023-09-10 11:11:55 +02:00
renovate[bot]
5178294a47
chore(deps): update dependency @tsconfig/docusaurus to v2 (#2410) 2023-09-10 10:40:11 +02:00
renovate[bot]
f0e767eb21
chore(deps): update dependency typescript to v5 (#2421) 2023-09-10 10:33:18 +02:00
renovate[bot]
c8d50d0635
chore(deps): update dependency concurrently to v8 (#2414) 2023-09-10 10:19:32 +02:00
renovate[bot]
30e1f07357
chore(deps): update dependency marked to v9 (#2419) 2023-09-10 09:32:58 +02:00
renovate[bot]
9e03d6fdfe
chore(deps): update dependency @types/marked to v5 (#2411) 2023-09-10 09:25:31 +02:00
renovate[bot]
69489f2d33
chore(deps): update dependency axios to v1 (#2413)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-09 14:54:53 +02:00
renovate[bot]
412c62a8f5
fix(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.36.0 (#2406) 2023-09-09 08:44:17 +02:00
Robert Kaussow
e1a273d25d
Update docs deps to address cves (#2080)
Related-to: https://github.com/woodpecker-ci/woodpecker/pull/2078

Remaining CVEs:

```
❯ trivy fs --exit-code 1 --skip-dirs node_modules/,plugins/woodpecker-plugins/node_modules/ docs/
2023-08-01T10:02:36.911+0200	INFO	Vulnerability scanning is enabled
2023-08-01T10:02:36.911+0200	INFO	Secret scanning is enabled
2023-08-01T10:02:36.911+0200	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-08-01T10:02:36.911+0200	INFO	Please see also https://aquasecurity.github.io/trivy/v0.43/docs/scanner/secret/#recommendation for faster secret detection
2023-08-01T10:02:36.963+0200	INFO	Number of language-specific files: 1
2023-08-01T10:02:36.963+0200	INFO	Detecting pnpm vulnerabilities...

pnpm-lock.yaml (pnpm)

Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 1, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬───────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Installed Version │ Fixed Version  │                            Title                             │
├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ got     │ CVE-2022-33987 │ MEDIUM   │ 9.6.0             │ 11.8.5, 12.1.0 │ missing verification of requested URLs allows redirects to   │
│         │                │          │                   │                │ UNIX sockets                                                 │
│         │                │          │                   │                │ https://avd.aquasec.com/nvd/cve-2022-33987                   │
├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ trim    │ CVE-2020-7753  │ HIGH     │ 0.0.1             │ 0.0.3          │ nodejs-trim: Regular Expression Denial of Service (ReDoS) in │
│         │                │          │                   │                │ trim function                                                │
│         │                │          │                   │                │ https://avd.aquasec.com/nvd/cve-2020-7753                    │
└─────────┴────────────────┴──────────┴───────────────────┴────────────────┴──────────────────────────────────────────────────────────────┘
```

- `trim` is pulled in by `@docusaurus/theme-classic` and can be ignored
due to
https://github.com/facebook/docusaurus/issues/7275#issuecomment-1113997259
- `got` can be ignored as well, see `trim`
2023-08-01 13:30:44 +02:00
6543
d1213afdc8
[Docs] use redocusaurus to display swagger file (#1818)
https://redocusaurus.vercel.app/

followup of  #1782

---------

Co-authored-by: Anbraten <anton@ju60.de>
2023-06-04 05:07:39 +02:00
6543
6d022712e8
Fix docs build (#1690)
Co-authored-by: Anbraten <anton@ju60.de>
2023-04-03 12:30:01 +02:00
6543
d240c1dd02
docs: update pnpm-lock.yaml 2023-04-03 00:27:30 +02:00
Anbraten
dfd4622ba2
Point docs navbar items to selected version (#1434) 2022-11-19 15:21:03 +01:00
qwerty287
38198f83c4
Update all dependencies (#1291) 2022-10-19 10:15:58 +02:00
Lukas
fd6923fe20
Replace yarn with pnpm (#1240)
Should resolve startup issues in gitpod and be a lot faster 🚀
2022-10-08 16:15:07 +02:00