Commit graph

11 commits

Author SHA1 Message Date
Joel Pittet af8509c4d0
Allow NPM packages to build for production (#9171)
* add back changes before compiling assets

* new css location and mix manifest

* update papaparse, most vunerabilities attached to it

* update axios and papaparse for security releases

* removing security fixes that still allow npm run production to work

* Update lodash
2021-04-05 22:01:11 -07:00
Brady Wetherington 9a224a07ba
Modified how we do Select2 dynamic drop-down menus to be more secure (#9079)
* Modified how we do Select2 dynamic drop-down menus to be more secure

As noted by the author of select2, the more-secure way of creating
rich Select-dropdowns is to use jquery to create HTML snippets and
carefully modify text attributes within there. This prevents any
XSS from being brought to the page. As a side-effect, the extra
escaping that we had to do in all of the internal selectlist calls
is now no longer necessary, and has been removed. Rebased and
squashed from the original.

* Rebuilt all assets, but this still feels like it's too much stuff in here.

* Whoops, need to run that in dev, not prod
2021-02-02 15:55:21 -08:00
snipe f9dcf0783a Added phantomjs to package.json 2020-11-28 16:58:02 -08:00
snipe d317052ede Updated CSS assets with green skin edits 2020-10-23 18:55:00 -07:00
snipe 1090b291c3 Updated node packages, reregnerated assets 2020-10-19 16:56:59 -07:00
Brady Wetherington 318da67230 Fix Select2 'infinite scroll' drop-downs for Snipe-IT v5 2020-07-13 17:43:15 -07:00
snipe e9135eceb3
Better json formatting
Signed-off-by: snipe <snipe@snipe.net>
2020-04-22 11:16:31 -07:00
snipe eb8c20880a
Updated package.json
Signed-off-by: snipe <snipe@snipe.net>
2020-04-22 07:12:12 -07:00
snipe 63259418b2
Package updates 2020-04-21 10:43:25 -07:00
Brady Wetherington 44bb79c90e Fix to lockfile, update to package.json to non-vuln versions (#5460) 2018-05-01 21:01:45 -07:00
snipe a6cc31944a Added package-lock 2018-03-02 19:17:01 -08:00