Go to file

Martin Probst d498314850 fix(zone.js): a path traversal attack in test (#32392 )

`simple-server.js` is vulnerable to a trivial path traversal attack, i.e. an
attacker can supply a path like `../../etc/passwd` to read arbitrary files on
the server. This change fixes the issue by properly resolving the path, and then
only serving files under the current directory (as intended).

This is not really a security issue, given the code is not part of Angular, but
rather just testing infrastructure for Angular itself, and the CI servers are
not expected to contain confidential information, but still worth fixing for
code hygiene.

PR Close #32392

2019-08-30 12:44:46 -07:00

.circleci

build: bump yarn requirement to 1.17.3 (#32344 )

2019-08-28 17:13:05 -07:00

.devcontainer

build: add recommended config files for VSCode remote development (#30450 )

2019-05-20 10:13:53 -07:00

.github

fix: update all files/directories owned by DevInfra to new DevInfra Framework team alias (#32247 )

2019-08-29 12:36:18 -07:00

.vscode

build: add recommended config files for VSCode remote development (#30450 )

2019-05-20 10:13:53 -07:00

aio

build(docs-infra): upgrade cli command docs sources to d68a96224 (#32413 )

2019-08-30 13:54:46 -04:00

docs

docs: create Issue and Pull Request markdown doc, explaining automatic locking policy (#32405 )

2019-08-30 14:44:24 -04:00

integration

perf(core): Make PlatformLocation tree-shakable (#32154 )

2019-08-29 21:51:56 -07:00

modules

test: export TableModule in benchmarks (#32404 )

2019-08-29 12:33:42 -07:00

packages

fix(zone.js): a path traversal attack in test (#32392 )

2019-08-30 12:44:46 -07:00

scripts

build: mention where to find the invalid commit message, when validation fails (#32420 )

2019-08-30 13:52:54 -04:00

third_party

build: bump yarn requirement to 1.17.3 (#32344 )

2019-08-28 17:13:05 -07:00

tools

perf(core): Make PlatformLocation tree-shakable (#32154 )

2019-08-29 21:51:56 -07:00

.bazelignore

build: update to rules_nodejs 0.32.2 (#31325 )

2019-07-01 14:16:42 -07:00

.bazelrc

build: use bazel workers for ngc and tsc in local development (#32246 )

2019-08-21 15:21:52 -07:00

.clang-format

feat(tooling): Add a .clang-format for automated JavaScript formatting.

2015-04-02 08:44:34 -07:00

.editorconfig

build: use https link to editorconfig.org in .editorconfig (#27664 )

2018-12-18 09:30:09 -08:00

.gitattributes

test: fix ts api guardian and public guard tests on windows (#30105 )

2019-04-26 16:32:22 -07:00

.gitignore

build: add .vimrc to .gitignore (#32253 )

2019-08-22 06:40:20 -07:00

.mailmap

build: add a Git .mailmap with my new name (#19550 )

2017-10-09 14:35:30 -07:00

.nvmrc

build: update .nvmrc file to correct node version (#25992 )

2018-09-18 13:11:58 -07:00

browser_repositories.bzl

build(bazel): update to latest stable chromium 74 on osx and linux for karma under bazel (#30502 )

2019-05-16 14:38:14 -07:00

browser-providers.conf.js

ci: temporarily disable chrome mobile tests on android (#32403 )

2019-08-29 12:29:53 -07:00

BUILD.bazel

build: update to rules_nodejs 0.32.2 (#31325 )

2019-07-01 14:16:42 -07:00

CHANGELOG.md

release: cut the v9.0.0-next.4 release

2019-08-28 12:06:45 -07:00

CODE_OF_CONDUCT.md

docs: fix community tab in GitHub by copying CoC

2018-02-27 19:02:30 -08:00

CONTRIBUTING.md

build: add ngcc as a valid commit message scope (#32144 )

2019-08-15 10:33:36 -07:00

gulpfile.js

build(zone.js): add changelog gulptask for zone.js (#31852 )

2019-07-26 11:30:08 -07:00

karma-js.conf.js

build: rules_nodejs 0.26.0 & use @npm instead of @ngdeps now that downstream angular build uses angular bundles (#28871 )

2019-02-28 12:06:36 -08:00

LICENSE

build: bump year (#27880 )

2019-01-11 11:15:59 -08:00

package.json

feat(bazel): update to the latest @microsoft/api-extractor (#32185 )

2019-08-30 13:55:32 -04:00

protractor-perf.conf.js

fixup! test(ivy): make the test run with benchpress (#30449 )

2019-05-16 20:04:04 -07:00

README.md

docs: fix typo of Typescript to TypeScript (#32153 )

2019-08-15 12:44:41 -07:00

renovate.json

ci: update packageFiles to be renovated (#29071 )

2019-03-05 09:43:23 -08:00

shims_for_IE.js

Revert "refactor: add license header to JS files & format files (#12035 )"

2016-10-04 14:06:41 -07:00

test-events.js

fix(platform-browser): run BLACK_LISTED_EVENTS outside of ngZone (#18993 )

2017-09-05 15:33:22 -05:00

test-main.js

feat(upgrade): provide unit test helpers for wiring up injectors (#16848 )

2019-06-20 17:04:01 -07:00

tslint.json

refactor: remove toplevel property accesses (#29329 )

2019-05-16 12:08:49 -07:00

WORKSPACE

build: bump yarn requirement to 1.17.3 (#32344 )

2019-08-28 17:13:05 -07:00

yarn.lock

feat(bazel): update to the latest @microsoft/api-extractor (#32185 )

2019-08-30 13:55:32 -04:00

yarn.lock.readme.md

build: remove travisci leftovers (#27979 )

2019-01-09 10:41:16 -08:00

README.md

Angular

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages.

Quickstart

Get started in 5 minutes.

Changelog

Learn about the latest improvements.

Want to help?

Want to file a bug, contribute some code, or improve documentation? Excellent! Read up on our guidelines for contributing and then check out one of our issues in the hotlist: community-help.

Languages

TypeScript 68.6%

HTML 12.8%

JavaScript 8.4%

Pug 7%

Starlark 1.4%

Other 1.7%