Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security] Remove markdown-it-html5-embed #245

Merged
merged 1 commit into from
Jan 17, 2024
Merged

[Security] Remove markdown-it-html5-embed #245

merged 1 commit into from
Jan 17, 2024

Conversation

eatyourgreens
Copy link
Contributor

@eatyourgreens eatyourgreens commented Jan 8, 2024
edited
Loading

  • Add tests for images with audio and video URLs.
  • Remove markdown-it-html5-embed, which is quite old, depends on an outdated version of markdown-it, and loads in all of mime-db to check for audio or video URLs.
  • Replace it with lib/html5-embed, a modified version of the original plugin, updated to use mime/lite to lookup MIME types for audio and video in the browser.
  • Bump jsdom, isomorphic-dompurify, and @babel packages.

@eatyourgreens eatyourgreens mentioned this pull request Jan 8, 2024
Open
@eatyourgreens eatyourgreens force-pushed the html5-media branch 4 times, most recently from 198182f to f77539b Compare January 8, 2024 17:16
@mcbouslog mcbouslog self-requested a review January 11, 2024 17:45
@mcbouslog mcbouslog self-assigned this Jan 11, 2024
@eatyourgreens
[Security] Remove markdown-it-html5-embed
2fc4288 
- Add tests for images with audio and video URLs.
- Remove `markdown-it-html5-embed`, which is quite old, depends on an outdated version of `markdown-it`, and loads in all of `mime-db` to check for audio or video URLs.
- Replace it with `lib/html5-embed`, a modified version of the original plugin, updated to use `mime/lite` to lookup MIME types for audio and video, in the browser.
- Bump `jsdom`, `isomorphic-dompurify` and outdated `@babel` packages.
mcbouslog
mcbouslog approved these changes Jan 17, 2024
View reviewed changes
Copy link
Contributor

@mcbouslog mcbouslog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for forking and improving lib/html5-embed! Looks good, works as expected locally.

@mcbouslog mcbouslog merged commit 9dbe5ac into zooniverse:main Jan 17, 2024
2 of 3 checks passed
@eatyourgreens eatyourgreens deleted the html5-media branch January 17, 2024 07:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mcbouslog mcbouslog mcbouslog approved these changes

Assignees

@mcbouslog mcbouslog

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@eatyourgreens @mcbouslog