From 70ee1c6311f63b8f18abca4a534123c96b2d4d90 Mon Sep 17 00:00:00 2001 From: Martii Date: Wed, 18 Aug 2021 13:47:39 -0600 Subject: [PATCH 1/4] Some dep updates * Please read their CHANGELOGs * Delete op retested --- package.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index e52d2843d..426963b29 100644 --- a/package.json +++ b/package.json @@ -6,9 +6,9 @@ "dependencies": { "ace-builds": "1.4.12", "ansi-colors": "4.1.1", - "async": "3.2.0", + "async": "3.2.1", "@octokit/auth-oauth-app": "4.3.0", - "aws-sdk": "2.944.0", + "aws-sdk": "2.971.0", "body-parser": "1.19.0", "bootstrap": "3.4.1", "bootstrap-markdown": "2.10.0", @@ -25,7 +25,7 @@ "git-rev": "0.2.1", "git-rev-sync": "3.0.1", "github": "git://github.com/octokit/rest.js.git#29dedb3", - "highlight.js": "11.1.0", + "highlight.js": "11.2.0", "image-size": "1.0.0", "ip-range-check": "0.2.0", "jquery": "3.6.0", @@ -35,11 +35,11 @@ "marked": "2.1.3", "media-type": "0.3.1", "method-override": "3.0.0", - "mime-db": "1.48.0", + "mime-db": "1.49.0", "moment": "2.29.1", "moment-duration-format": "2.3.2", "mongodb": "3.6.10", - "mongoose": "5.13.2", + "mongoose": "5.13.7", "morgan": "1.10.0", "mu2": "0.5.21", "octicons": "4.4.0", From 1f8a9a0fc8b13695dae2a4a9321a3acc9cb94764 Mon Sep 17 00:00:00 2001 From: Martii Date: Wed, 18 Aug 2021 13:51:45 -0600 Subject: [PATCH 2/4] Some dep updates * Please read the CHANGELOG --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 426963b29..c8a75f2a6 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,7 @@ "ip-range-check": "0.2.0", "jquery": "3.6.0", "js-beautify": "1.14.0", - "jsdom": "16.6.0", + "jsdom": "17.0.0", "less-middleware": "3.1.0", "marked": "2.1.3", "media-type": "0.3.1", From 16b685b805f04fce3168a51e2a46d335218de167 Mon Sep 17 00:00:00 2001 From: Martii Date: Wed, 18 Aug 2021 14:13:36 -0600 Subject: [PATCH 3/4] A dep update * Manual tracking with `npm view mongodb versions --json` since breaking version untested atm for v4.x * Delete op retested --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index c8a75f2a6..c60abebf5 100644 --- a/package.json +++ b/package.json @@ -38,7 +38,7 @@ "mime-db": "1.49.0", "moment": "2.29.1", "moment-duration-format": "2.3.2", - "mongodb": "3.6.10", + "mongodb": "3.6.11", "mongoose": "5.13.7", "morgan": "1.10.0", "mu2": "0.5.21", From 60b0ee0e6be8166e1ef8999da0f4a7a09b2ed190 Mon Sep 17 00:00:00 2001 From: Martii Date: Wed, 18 Aug 2021 14:30:37 -0600 Subject: [PATCH 4/4] Normalize UA to alphanum * Also catch comment UAs * This should catch any further deviations from *useragent* dep Post 95b2db8 #1832 #764 --- libs/modelParser.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libs/modelParser.js b/libs/modelParser.js index 0ae3bf25f..9fc92f70f 100644 --- a/libs/modelParser.js +++ b/libs/modelParser.js @@ -898,7 +898,7 @@ var parseComment = function (aComment) { comment.ua = {}; comment.ua.raw = comment.userAgent; - ua = useragent.parse(comment.userAgent).family.toLowerCase().replace(/\s+/g, '-'); + ua = useragent.parse(comment.userAgent).family.toLowerCase().replace(/[^a-zA-Z0-9]+/g, '-'); if (ua !== 'other') { comment.ua.class = 'fa-lg ua-' + ua; } else if (comment.userAgent) { @@ -1172,7 +1172,7 @@ var parseSession = function (aSession) { oujsOptions.remoteAddressMask = oujsOptions.remoteAddress; oujsOptions.userAgentFamily = useragent - .parse(oujsOptions.userAgent).family.toLowerCase().replace(/[\s\/]+/g, '-'); + .parse(oujsOptions.userAgent).family.toLowerCase().replace(/[^a-zA-Z0-9]+/g, '-'); parseDateProperty(oujsOptions, 'since'); cookie.sameSiteStrict = cookie.sameSite === 'strict';