Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
41,033 Commits 223 Branches 500 Tags 892 MiB
Commit Graph

7 Commits

Author SHA1 Message Date
Joffrey JAFFEUX 09145e68cd
DEV: upgrades vendored handlebars to 4.7.6 (#9371) 2020-04-07 17:01:02 +02:00
Robin Ward abff3716ba
Upgrade handlebars (#8675) 
* Upgrade Handlebars to 4.3.0

* Upgrade Handlebars to the latest version
 2020-01-07 15:37:37 -05:00
Penar Musaraj f0e73cb126 SECURITY: Bump Handlebars to version 4.1.2 
WS-2019-0064: Versions of handlebars prior to 4.0.14 are vulnerable to Prototype Pollution. Templates may alter an Objects prototype, thus allowing an attacker to execute arbitrary code on the server.
 2019-06-05 13:54:52 -04:00
Robin Ward adb9009374 SECURITY: Update Handlebars to 4.1 
This is to address: https://www.npmjs.com/advisories/755

It is a low priority fix, as Discourse does not allow end users to input
raw handlebars templates.
 2019-04-10 15:38:21 -04:00
Penar Musaraj c8c84f462b FIX: use Handlebars 4.0.12 
Use 4.0.12 for both versions of Handlebars (runtime and not)
 2019-01-14 12:56:14 -05:00
Robin Ward 4bbbdd8dc4 SECURITY: Upgrade Ember to fix CVE-2015-7565. Also upgrade Handlebars 2016-01-15 13:57:45 -05:00
Sam 43d63367fd PERF: stop loading handlebars and ember compilers in prod 
(this removes a nice 50K from our initial payload and saves memory)

Also fixes invalid HTML automatically if added to HEAD or /BODY
 2015-11-27 11:59:01 +11:00