Commit graph

6 commits

Author SHA1 Message Date
libraryupgrader 0d2290c08e build: Updating npm dependencies for security issues
* Updated grunt to 1.0.3, addressing:
  * https://npmjs.com/advisories/577
  * CVE-2018-3721

Change-Id: If63afb1c665d0e1876fdd18af0c42598d3092bbd
2018-10-11 11:16:08 +00:00
Ed Sanders 92291a8778 build: Update eslint
Change-Id: I690ef5856e2dbbd86522c01aea94e74a8b69a7e6
2017-10-03 16:14:25 +01:00
Brad Jorsch b301a30abf Use wikimedia/css-sanitizer, and rewrite the hooking
wikimedia/css-sanitizer provides a real CSS parser, which should be
safer than poking at things with regular expressions.

Instead of the strange hybrid model that tried to both process inline
CSS and save CSS when the template is saved, it now looks for
<templatestyles src="Title" /> during the parse to do all the
transclusion of styles.

The output method is "<style> tags in the body", pending someone
implementing T160563.

It now also registers a "sanitized-css" content model, which should pick
up the CSS syntax highlighting and will validate the submitted CSS on
submit and prevent a save if it's not valid.

This patch also takes advantage of LGPL-2.x § 3 to relicense the
extension as GPL-2.0+, although at this point none of the LGPL code
remains anyway.

Bug: T133408
Bug: T136054
Bug: T135788
Bug: T135789
Change-Id: I993e6f18d32a43aac8398743133d227b05133bbd
Depends-On: If4eb5bf71f94fa366ec4eddb6964e8f4df6b824a
2017-06-07 15:14:09 +00:00
James D. Forrester 7ba77fd48f build: Replace jshint and jscs with eslint; bump other devDeps
grunt                  0.4.5  →  1.0.1
 grunt-banana-checker   0.5.0  →  0.6.0
 grunt-jsonlint         1.0.7  →  1.1.0

Change-Id: Ic59fd7fa96d7f18fd65141c1b4fd4f6baccc6d80
2017-05-25 17:31:35 +02:00
Umherirrender 95deb18b3f Use tabs to indent in json
Change-Id: Ifba40f1902bee0ce50fdb1296b5603a5117aa8cf
2017-03-23 19:31:51 +01:00
Coren 31743445bd TemplateStyles extension prototype
This extension adds a <templatestyles> tag that, when placed
on a template, allows specifying CSS for pages where that
template is transcluded.

Unlike inline styles, the per-template CSS supports rules
with proper selectors, and @media blocks.

THIS VERSION DOES NOT CURRENTLY FILTER DECLARATIONS and is
therefore unsuitable for wikis where unprivileged users should
not be allowed to influcence the pagewide CSS in unrestricted
ways!

Bug: T483
Change-Id: Ibc1cae3079d164f7ac7bcc7c4ded3f02bb048614
2016-04-08 11:08:59 -04:00