Commit Graph

6671 Commits

Author SHA1 Message Date
Jan Thurau
2e96ed5d7f
Merge pull request #4423 from ioma8/link-click-fix
Link click fix
2023-11-20 21:37:33 +01:00
Jan Thurau
de8d4bf149
fixes typo 2023-11-20 21:13:41 +01:00
Jakub Kolčář
ef10ae53b2
Revert "autolink improvement"
This reverts commit 9a9e94b4cb.
2023-11-20 21:13:41 +01:00
Jakub Kolčář
82f16d2d91
link click handler fixed 2023-11-20 21:13:40 +01:00
Jakub Kolčář
d9cdf1e1c1
autolink improvement 2023-11-20 21:12:57 +01:00
Jan Thurau
b7234c8b93
Merge pull request #4490 from arendjantetteroo/patch-1
feat(extension/youtube): Allow youtube shorts urls to be embedded
2023-11-20 20:53:15 +01:00
Jan Thurau
b2e3b7e23f
Merge pull request #4602 from C-Hess/fix/xss-youtube-risk
fix(extension-youtube) XSS risk with src tag
2023-11-20 19:52:06 +01:00
Cameron Hessler
e6947bad2d fix(extension-youtube) fix lint 2023-11-20 18:48:22 +01:00
Cameron Hessler
1bd714a408 fix(extension-youtube) change regex to disallow non-youtube domains 2023-11-20 18:48:22 +01:00
Cameron Hessler
7debf2baf0 fix(extension-youtube) Add fix for link too 2023-11-20 18:48:22 +01:00
Cameron Hessler
04a11355a7 fix(extension-youtube) XSS risk with src tag
Fixes risks outline in #4600 by verifying that any src urls are valid
youtube URLs before rendering as HTML. My thoughts are that this attack
vector would be difficult to use because the attacker would have to have
a way to manipualte the TipTap payload in a manner that bypasses the
youtube extension's `setYoutubeVideo` command, which already checks for
valid URLs.
2023-11-20 18:48:22 +01:00
Jan Thurau
43a6a865c8
Merge pull request #4584 from ueberdosis/dependabot/github_actions/actions/setup-node-4.0.0
build(deps): bump actions/setup-node from 3.7.0 to 4.0.0
2023-11-18 08:52:30 +01:00
dependabot[bot]
49659fdc00
build(deps): bump actions/setup-node from 3.7.0 to 4.0.0
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.7.0 to 4.0.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.7.0...v4.0.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-18 07:43:39 +00:00
Jan Thurau
b45cf763ca
Merge pull request #4555 from ueberdosis/dependabot/github_actions/actions/checkout-4.1.1
build(deps): bump actions/checkout from 3.5.3 to 4.1.1
2023-11-18 08:42:58 +01:00
Jan Thurau
2cd3fbfdb9
Merge pull request #4544 from ueberdosis/dependabot/npm_and_yarn/demos/babel/traverse-7.23.2
build(deps): bump @babel/traverse from 7.18.5 to 7.23.2 in /demos
2023-11-18 08:42:44 +01:00
dependabot[bot]
586135e4c6 build(deps): bump actions/checkout from 3.5.3 to 4.1.1
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.5.3...v4.1.1)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-18 08:28:51 +01:00
dependabot[bot]
2b83763541 build(deps): bump @babel/traverse from 7.18.5 to 7.23.2 in /demos
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.18.5 to 7.23.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse)

---
updated-dependencies:
- dependency-name: "@babel/traverse"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-18 08:28:32 +01:00
Jan Thurau
55377ebd3e
Merge pull request #4638 from ueberdosis/feature/yProsemirror1.2.1
chore: upgrades y-prosemirror to ^1.2.1. It used to be locked to 1.0.…
2023-11-18 08:27:43 +01:00
Jan Thurau
0f50b21779
Merge pull request #4515 from estrattonbailey/allow-custom-suggestion-matching
allow users to pass a custom `findSuggestionMatch` to Suggestion plugin
2023-11-18 08:27:13 +01:00
Jan Thurau
bc5f9e7413
Merge pull request #4543 from ueberdosis/dependabot/npm_and_yarn/babel/traverse-7.23.2
build(deps-dev): bump @babel/traverse from 7.18.5 to 7.23.2
2023-11-18 08:25:51 +01:00
Jan Thurau
8358a2bbba
Merge pull request #4545 from SanderLeenders/develop
Added CSS.escape to font-family.ts
2023-11-18 08:25:33 +01:00
Jan Thurau
acbf47e5a7
Merge pull request #4297 from courthead/courthead-patch-1
Improve wording of menus.md
2023-11-17 12:47:53 +01:00
Jan Thurau
2eed5db3ed
Merge pull request #4374 from mmailaender/main
Add Tailwind Intellisense configuration to docs
2023-11-17 12:27:42 +01:00
Eric Bailey
76b8a29236 Update docs 2023-11-17 12:25:44 +01:00
Eric Bailey
ad47c49298 allow users to pass a custom findSuggestionMatch 2023-11-17 12:25:44 +01:00
dependabot[bot]
ddc8b6c7b9 build(deps-dev): bump @babel/traverse from 7.18.5 to 7.23.2
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.18.5 to 7.23.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse)

---
updated-dependencies:
- dependency-name: "@babel/traverse"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-17 12:22:19 +01:00
Sander
d7f1476db2 Added CSS.escape to font-family.ts per font-family name. 2023-11-17 11:55:18 +01:00
SanderLeenders
51eb628754
Merge branch 'develop' into develop 2023-11-17 11:26:56 +01:00
Jan Thurau
95490b9732
Merge pull request #4524 from estrattonbailey/update-zeed-dom
Bump minor version of zeed-dom to include html parser bugfix
2023-11-17 11:16:16 +01:00
Jan Thurau
6e12777859 fixes typing issue 2023-11-17 11:03:23 +01:00
Jan Thurau
f397bf83c8 chore: upgrades y-prosemirror to ^1.2.1. It used to be locked to 1.0.20 because of a bug, but that got fixed in 1.1.3 2023-11-17 11:03:23 +01:00
Jan Thurau
5645ebcf9e
Merge pull request #4603 from ueberdosis/dependabot/github_actions/cypress-io/github-action-6.6.0
build(deps): bump cypress-io/github-action from 6.5.0 to 6.6.0
2023-11-17 10:53:50 +01:00
Jan Thurau
acd5eb7890
Merge pull request #4640 from ueberdosis/dependabot/npm_and_yarn/axios-1.6.2
build(deps-dev): bump axios from 1.3.4 to 1.6.2
2023-11-17 10:52:31 +01:00
Eric Bailey
3383db88cb Bump minor version of zeed-dom to include html parser bugfix 2023-11-17 10:51:47 +01:00
SanderLeenders
ddc78a62ba Added CSS.escape to font-family.ts
Added CSS.escape to renderHTML. Prevents invalid css when using fonts with numbers in their names, like https://fonts.google.com/specimen/Exo+2
2023-11-17 10:51:06 +01:00
dependabot[bot]
61c4c1523c
build(deps-dev): bump axios from 1.3.4 to 1.6.2
Bumps [axios](https://github.com/axios/axios) from 1.3.4 to 1.6.2.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.3.4...v1.6.2)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-17 09:43:13 +00:00
dependabot[bot]
f71f178646
build(deps): bump cypress-io/github-action from 6.5.0 to 6.6.0
Bumps [cypress-io/github-action](https://github.com/cypress-io/github-action) from 6.5.0 to 6.6.0.
- [Release notes](https://github.com/cypress-io/github-action/releases)
- [Changelog](https://github.com/cypress-io/github-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cypress-io/github-action/compare/v6.5.0...v6.6.0)

---
updated-dependencies:
- dependency-name: cypress-io/github-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-17 09:42:36 +00:00
Jan Thurau
a38329712f
Merge pull request #4639 from ueberdosis/feature/fixMarksLinkTests
fixes tests in marks/link
2023-11-17 10:39:36 +01:00
Jan Thurau
4dfd839360
fix 2023-11-17 10:32:38 +01:00
Jan Thurau
6485a5fcb4
fixes tests in marks/link 2023-11-17 10:26:25 +01:00
Jan Thurau
58c78d72ba
Merge pull request #4530 from furkan3ayraktar/fix-on-first-render-in-extension-collaboration
Pass onFirstRender option to ySyncPlugin
2023-11-17 09:42:00 +01:00
Jan Thurau
b5a4ae1a2d
Merge pull request #4366 from y0ngdev/y0ngdev-patch-2
Update nuxt.md
2023-11-17 09:40:19 +01:00
Jan Thurau
3ecad9fa61
Merge pull request #4536 from hkuffel/develop
change wildly to widely
2023-11-17 09:40:14 +01:00
tiptapper
9707e164cc
Merge pull request #4531 from ueberdosis/bdbch/docs-transaction-addition
docs: add information about transaction mapping in chains
2023-11-17 09:38:25 +01:00
Jan Thurau
ad18fed196
Merge pull request #4366 from y0ngdev/y0ngdev-patch-2
Update nuxt.md
2023-11-17 09:38:11 +01:00
Jan Thurau
d3e56f2263
Merge pull request #4365 from y0ngdev/y0ngdev-patch-1
Update vue3.md
2023-11-17 09:37:42 +01:00
Jan Thurau
c5d1eaabbd
Merge pull request #4536 from hkuffel/develop
change wildly to widely
2023-11-17 09:28:45 +01:00
Jan Thurau
127a59540b
Merge pull request #4497 from EricHasegawa/patch-2
Fix typo
2023-11-17 09:26:58 +01:00
Jan Thurau
3742d1ba8e
Merge pull request #4624 from ueberdosis/feature/cloud-docs
Feature/cloud docs
2023-11-11 13:52:32 +01:00
Jan Thurau
44c344bf57
replace "xxx" by "YOUR_APP_ID" 2023-11-11 13:51:57 +01:00