Commit Graph

12 Commits

Author SHA1 Message Date
Penar Musaraj
f0e73cb126 SECURITY: Bump Handlebars to version 4.1.2
WS-2019-0064: Versions of handlebars prior to 4.0.14 are vulnerable to Prototype Pollution. Templates may alter an Objects prototype, thus allowing an attacker to execute arbitrary code on the server.
2019-06-05 13:54:52 -04:00
Robin Ward
adb9009374 SECURITY: Update Handlebars to 4.1
This is to address: https://www.npmjs.com/advisories/755

It is a low priority fix, as Discourse does not allow end users to input
raw handlebars templates.
2019-04-10 15:38:21 -04:00
Penar Musaraj
c8c84f462b FIX: use Handlebars 4.0.12
Use 4.0.12 for both versions of Handlebars (runtime and not)
2019-01-14 12:56:14 -05:00
Joffrey JAFFEUX
f9648de897
DEV: upgrades from Ember 2.13 to Ember 3.5.1 (#6808)
Co-Authored-By: Bianca Nenciu <nbianca@users.noreply.github.com>
Co-Authored-By: David Taylor <david@taylorhq.com>
2019-01-10 11:06:01 +01:00
Penar Musaraj
dc8a16b43b
Use Yarn to manage dependencies, cleanup unused bootstrap libs (#6436) 2018-10-03 10:15:43 -04:00
Robin Ward
9ea32bf7d8
Deprecation: Change {{#each x in y}} to {{#each y as |x|}} 2016-05-04 16:18:09 -04:00
Robin Ward
4bbbdd8dc4 SECURITY: Upgrade Ember to fix CVE-2015-7565. Also upgrade Handlebars 2016-01-15 13:57:45 -05:00
Robin Ward
434deb1bd3 SECURITY: Backported XSS fixes from Handlebars 2015-11-24 16:08:08 -05:00
Robin Ward
5659b93c71 Many fixes for Ember 1.9.0 2014-12-17 09:31:40 -05:00
Robin Ward
73cc722ed5 Update Ember.js, Handlebars and jQuery to latest 2014-04-17 10:45:06 -04:00
Robin Ward
48bfcfadd9 Upgrade Ember.js, fix swallowing of template errors, report unresolved promises in development mode. 2013-12-02 13:15:58 -05:00
Robin Ward
be0ce08cc2 Ember Upgrade: 1.0 2013-10-01 11:16:27 -04:00