github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-26 23:13:48 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
42,675 Commits 214 Branches 500 Tags 960 MiB
f66217c0b3
Commit Graph

8 Commits

Author SHA1 Message Date
Jarek Radosz
4f07e9d017
Update handlebars from 4.7.6 to 4.7.7 (#13027) 
Release notes: https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md#v477---february-15th-2021
 2021-05-12 13:03:17 +02:00
Joffrey JAFFEUX
09145e68cd
DEV: upgrades vendored handlebars to 4.7.6 (#9371) 2020-04-07 17:01:02 +02:00
Robin Ward
abff3716ba
Upgrade handlebars (#8675) 
* Upgrade Handlebars to 4.3.0

* Upgrade Handlebars to the latest version
 2020-01-07 15:37:37 -05:00
Penar Musaraj
f0e73cb126 SECURITY: Bump Handlebars to version 4.1.2 
WS-2019-0064: Versions of handlebars prior to 4.0.14 are vulnerable to Prototype Pollution. Templates may alter an Objects prototype, thus allowing an attacker to execute arbitrary code on the server.
 2019-06-05 13:54:52 -04:00
Robin Ward
adb9009374 SECURITY: Update Handlebars to 4.1 
This is to address: https://www.npmjs.com/advisories/755

It is a low priority fix, as Discourse does not allow end users to input
raw handlebars templates.
 2019-04-10 15:38:21 -04:00
Penar Musaraj
c8c84f462b FIX: use Handlebars 4.0.12 
Use 4.0.12 for both versions of Handlebars (runtime and not)
 2019-01-14 12:56:14 -05:00
Robin Ward
4bbbdd8dc4 SECURITY: Upgrade Ember to fix CVE-2015-7565. Also upgrade Handlebars 2016-01-15 13:57:45 -05:00
Sam
43d63367fd PERF: stop loading handlebars and ember compilers in prod 
(this removes a nice 50K from our initial payload and saves memory)

Also fixes invalid HTML automatically if added to HEAD or /BODY
 2015-11-27 11:59:01 +11:00