Dmitriy Shekhovtsov
f9fc524a74
chore(contributing): added commit message samples ( #7375 )
...
Each time I am pointing someone to this contribution doc
to read and apply commit message style guide
each time type part of message formatting is missed
2016-05-19 15:19:01 -07:00
William Welling
9019c6f937
Condition using component as well.
...
Closes #7755
2016-05-19 15:15:25 -07:00
William Welling
166b73f4f3
Condition using urlPath, component is null on UnresolvedException of child AsyncRoute.
2016-05-19 15:15:25 -07:00
Sekib Omazic
cb94111f18
style(Forms): remove unused imports
...
remove unused imports from the forms package
2016-05-19 14:50:33 -07:00
Kai Ruhnau
a88b887a05
docs(cheatsheet): Document SVG idiosyncrasies ( #6055 )
2016-05-19 10:20:08 -07:00
Victor Berchet
6e62217b78
fix(WebWorker): remove the platform-browser dependency on compiler
2016-05-18 16:23:09 -07:00
Joost de Vries
a01a54c180
adds 'repository' metadata to npm modules ( #8649 )
2016-05-17 23:17:15 -07:00
Hannah Howard
db8290632f
fix(upgrade): fallback to root ng2 injector when element is compiled outside the document ( #8684 )
...
Currently downgraded ng2 elements fail inside a ui-router view because they are unable
to require an ng2 Injector via the require attribute of the DDO, because ui-router compiles
its templates before they are inserted in a ui-view. This adds a "fallback" behavior if
a parent injector cannot be found to go to the root ng2 Injector.
2016-05-17 15:55:53 -07:00
Martin Probst
7bb5167239
chore(security): fix CHANGELOG formatting. ( #8687 )
...
Turns out the fenced code block needs to be in its own paragraph.
2016-05-17 15:00:28 -07:00
Hannah Howard
6cdc53c497
fix(UpgradeNg1ComponentAdapter): make bindings available on $scope in controller & link function ( #8645 )
...
Delays NG1 Directive controller instatiation where possible and pre-link function always
to the ngOnInit() lifecycle hook. This way bindings are always available on $scope in both
the controller and the link function.
2016-05-17 14:53:59 -07:00
Martin Probst
15ae710d22
feat(security): allow url(...) style values.
...
Allows sanitized URLs for CSS properties. These can be abused for information
leakage, but only if the CSS rules are already set up to allow for it. That is,
an attacker cannot cause information leakage without controlling the style rules
present, or a very particular setup.
Fixes #8514 .
2016-05-17 11:23:31 +02:00
Martin Probst
dd50124254
feat(security): allow data: URLs for images and videos.
...
Allows known-to-be-safe media types in data URIs.
Part of #8511 .
2016-05-17 10:57:14 +02:00
Tobias Bosch
ff36b0384a
fix(compiler_cli): normalize used directives
...
- e.g. needed for content projection.
Closes #8677
2016-05-16 13:07:13 -07:00
Martin Probst
50c9bed630
feat(security): expose the safe value types.
...
This allows users to properly type their `SafeHtml`, `SafeStyle`, etc values.
Fixes #8568 .
2016-05-15 11:47:06 +02:00
Martin Probst
8b1b427195
feat(security): support transform CSS functions for sanitization.
...
Fixes part of #8514 .
2016-05-14 13:25:45 +02:00
Vikram Subramanian
9a05ca95f6
fix(build): Release compiler_cli packages along with rest of @angular packages and use ANGULAR_VERSION for package version and peer dependencies.
2016-05-13 13:35:10 -07:00
Pawel Kozlowski
05266241af
build(npm): short-circuit npm install if node_modules are healthy
...
Closes #8627
2016-05-13 22:07:41 +02:00
Fabian Raetz
4ddf5536b4
docs(DEVELOPER.md): state that git-clang-format must be in PATH
...
To use ```git clang-format``` your have to make sure that
```git-clang-format``` is in your path.
Closes #7778
2016-05-13 12:25:09 -07:00
Mathias Raacke
f389b5a961
docs(changelog): add missing breaking changes for testing providers
...
Closes #8440
2016-05-13 12:21:33 -07:00
Vikram Subramanian
bac1a6eab3
fix(build): Fix an error in package publishing step where the script errors when a UMD bundle is not found for compiler-cli package.
2016-05-12 16:49:03 -07:00
Vikram Subramanian
ff400726ca
fix(build): Declare the secure GITHUB_TOKEN_ANGULAR for package publishing from Travis
2016-05-12 15:08:28 -07:00
Vikram Subramanian
267d864976
fix(build): Fix broken e2e test Travis task by running the right variation of sed on Travis
2016-05-12 13:58:42 -07:00
Vikram Subramanian
97a1084c99
fix(build): Hook up publish-build-artifacts to Travis
2016-05-12 12:01:53 -07:00
Marc Laval
61b339678d
test(compiler): test schema generation only in Chrome
...
Closes #8581
2016-05-11 17:01:26 -07:00
Marc Laval
d537a26297
chore(build): reenable optional jobs in SL and BS
...
Closes #8558
2016-05-11 17:00:43 -07:00
Vikram Subramanian
d414734aac
fix(build): Change publish-build-artifacts.sh to work with new packaging system
2016-05-11 16:58:18 -07:00
Alex Eagle
817ddfa847
fix(compiler): allow --noImplicitAny
2016-05-11 16:56:12 -07:00
Alex Eagle
c1154b30c7
fix(compiler): allow decorators defined in the same file
2016-05-11 16:56:12 -07:00
Alex Eagle
0d71345b93
fix(codegen): codegen all files in the program, not just roots
...
fixes #8475
2016-05-11 16:56:12 -07:00
Igor Minar
f235454dd6
ci: temporarily disable Edge because of SauceLabs issues
...
https://github.com/angular/angular/issues/8604
On Sauce we've been getting the following error:
11 05 2016 00:58:35.765:ERROR [launcher.sauce]: Heartbeat to microsoftedge 20.10240 (Windows 10) failed
[title()] Error response status: 13, , UnknownError - An unknown server-side error occurred while processing the command. Selenium error: Unknown error (WARNING: The server did not provide any stacktrace information)
Command duration or timeout: 285 milliseconds
Build info: version: '2.52.0', revision: '4c2593c', time: '2016-02-11 19:06:42'
System info: host: 'WIN-SB3ER6JQ6ME', ip: '172.20.60.246', os.name: 'Windows 10', os.arch: 'x86', os.version: '10.0', java.version: '1.8.0_73'
Driver info: org.openqa.selenium.edge.EdgeDriver
Capabilities [{acceptSslCerts=true, browserVersion=25.10586.0.0, platformVersion=10, browserName=MicrosoftEdge, takesScreenshot=true, pageLoadStrategy=normal, takesElementScreenshot=true, platformName=windows, platform=ANY}]
Session ID: XXXXXXXX-XXXX-XXXX-XXXX-XXXX478C1C1A
11 05 2016 00:58:35.766:ERROR [launcher]: microsoftedge 20.10240 (Windows 10) on SauceLabs failed 2 times (failure). Giving up.
2016-05-11 11:06:37 -07:00
Igor Minar
6a80578d05
build: create the dist directory before building
2016-05-11 10:11:59 -07:00
Igor Minar
d33cd43db1
docs(PULL_REQUEST_TEMPLATE.md): reorganize and improve the pull request template
...
Closes #7921
2016-05-10 10:55:35 -07:00
Alex Eagle
9e3df8eefe
chore(tsickle): remove redundant jsdoc types
...
tsickle doesn't like them, and anyway they are bound to get out-of-sync with the inline TS types
2016-05-10 17:38:10 +02:00
Martin Probst
cf73ad7c8f
chore(security): document sanitization breaking change.
...
Sanitizing style and URL values breaks specific patterns, see #8491 for
an example. This documents and acknowledges the breaking change while we
work on improving CSS sanitization to allow more values through.
2016-05-10 17:36:36 +02:00
Martin Probst
3e68b7eb1f
feat(security): warn users when sanitizing in dev mode.
...
This should help developers to figure out what's going on when the sanitizer
strips some input.
Fixes #8522 .
2016-05-09 16:46:31 +02:00
Matias Niemelä
9fbafba993
chore(parsing): change internal usage of `@` to `:` for namespaced values
...
Closes #8346
2016-05-09 16:20:32 +02:00
Martin Probst
7a524e3deb
feat(security): add tests for URL sanitization.
2016-05-09 16:00:24 +02:00
Martin Probst
7b6c4d5acc
feat(security): add tests for style sanitisation.
2016-05-09 16:00:24 +02:00
Martin Probst
99c0d503d7
chore(build): run security tests in NodeJS, too.
2016-05-09 16:00:24 +02:00
Martin Probst
f86edae9f3
feat(security): add an HTML sanitizer.
...
This is based on Angular 1's implementation, parsing an HTML document
into an inert DOM Document implementation, and then serializing only
specifically whitelisted elements.
It currently does not support SVG sanitization, all SVG elements are
rejected.
If available, the sanitizer uses the `<template>` HTML element as an
inert container.
Sanitization works client and server-side.
Reviewers: rjamet, tbosch , molnarg , koto
Differential Revision: https://reviews.angular.io/D108
2016-05-09 16:00:24 +02:00
Martin Probst
df1b1f6957
feat(security): strip XSSI prefix from XHR responses.
2016-05-05 14:25:44 -07:00
Martin Probst
9099160038
chore: fix comment indent.
2016-05-05 12:46:07 -07:00
Tobias Bosch
119abe7bb9
chore: fail build if a command from tsc-watch fails.
...
This bug was introduced with eba6e7946d
to integrate the compiler_cli into the build properly.
Closes #8480
2016-05-04 20:30:10 -07:00
Martin Probst
67ed2e2c0a
feat(security): fill in missing security contexts.
...
Reviewers: koto, rjamet, molnarg
Differential Revision: https://reviews.angular.io/D109
2016-05-04 19:28:50 -07:00
Tobias Bosch
6d36a7a45f
chore: fix unit tests on node.js
...
Closes #8476
2016-05-04 18:00:29 -07:00
Tobias Bosch
e2b1e1577d
fix(core): don’t detach nested view containers when destroying a view
...
When a view is destroyed, we destroy all
views in view containers and should not detach them. However, previously, we also detached them which lead to problems during the iteration loop.
Closes #8458
Closes #8471
Introduced by 0c600cf6e3
2016-05-04 16:27:20 -07:00
vsavkin
b30ddfbfc5
chore(router): clang-format
2016-05-04 15:01:27 -07:00
vsavkin
abfb522f83
refactor(router): reuse existing segmentes when constructing new route trees
2016-05-04 14:51:04 -07:00
vsavkin
b8136cc26e
fix(router): provide a top-level route segment for injection
2016-05-04 14:51:04 -07:00
vsavkin
d00b26d941
refactor(router): update link to reuse url segments when possible
2016-05-04 14:51:04 -07:00