4666577b53
Merge pull request #6141 from backstage/software-catalog-rename
...
Docs: Update references to "service catalog"
2021-06-28 13:47:16 +02:00
5a64fe7ea5
Version Packages
2021-06-24 09:58:38 +00:00
bd9821e52e
Merge pull request #6130 from RoadieHQ/docs_dir_traversal
...
Add check against directory traversal for `docs_dir` config value
2021-06-24 11:20:20 +02:00
709589a839
Rename service catalog to software catalog, excluding blog posts
...
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
2021-06-21 11:48:43 -04:00
c17c0fcf9e
Add check against directory traversal for docs_dir config value
...
Signed-off-by: Jussi Hallila <jussi@hallila.com >
2021-06-21 11:26:37 +02:00
a88073c29a
Update copyright headers
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2021-06-18 20:26:42 +02:00
4a93128245
Version Packages
2021-06-10 12:18:06 +00:00
fa92d70fba
Version Packages
2021-06-03 13:23:54 +02:00
dae35dc48f
Merge pull request from GHSA-pwhf-39xg-4rxw
...
Fix Advisory 1
2021-06-03 10:09:06 +02:00
0905947550
Support parsing mkdocs.yml files that are using custom yaml tags ( #5860 )
...
Signed-off-by: Oliver Sand <oliver.sand@sda-se.com >
2021-06-01 10:29:49 +02:00
33f6e98685
More explicit tests, and tidier helper.
...
Signed-off-by: Eric Peterson <ericpeterson@spotify.com >
2021-05-31 17:51:33 +02:00
104d2d44ee
Account for SVG/XML files too.
...
Signed-off-by: Eric Peterson <ericpeterson@spotify.com >
2021-05-28 17:40:52 +02:00
58ba10677a
Enforce plain text header for html files
...
Signed-off-by: Eric Peterson <ericpeterson@spotify.com >
2021-05-28 14:13:30 +02:00
dc6cf3b14f
Test for sanitization bypass
...
Signed-off-by: Eric Peterson <ericpeterson@spotify.com >
2021-05-28 14:06:44 +02:00
f2b339a30c
Fix existing GCS tests to match others.
...
Signed-off-by: Eric Peterson <ericpeterson@spotify.com >
2021-05-28 14:02:15 +02:00
b5a0d1c5d7
Version Packages
2021-05-27 10:23:15 +00:00
4aab5cb0d0
Merge pull request #5748 from RoadieHQ/docs_dir_vuln
...
Add validation to prevent docs_dir from being an absolute path
2021-05-27 11:39:55 +02:00
8cefadca04
Add validation to prevent docs_dir from being an absolute path
...
* Adds a new validation function to helpers to prevent generation when mkdocs.yml is not present or is invalid
* Handles vulnerability where docs_dir can be put in as an absolute path which copies and exposes the files from that absolute path in the file system
Signed-off-by: Jussi Hallila <jussi@hallila.com >
2021-05-27 11:21:47 +02:00
18285453eb
Version Packages
2021-05-20 11:48:46 +00:00
65e6c45410
Remove circular dependencies
...
In reference to issue #5563 this does the initial work to remove
all the circular dependencies that we have encountered while
building backstage using bazel. The next step will be to implement
a method to catch these circular dependencies before they get
merged in
Signed-off-by: jrusso1020 <jrusso@brex.com >
2021-05-15 11:17:05 -06:00
df31bdca8f
Version Packages
2021-05-12 09:39:51 +00:00
0c491a1c5e
Clean up tests and imports
...
Signed-off-by: Eric Peterson <ericpeterson@spotify.com >
2021-05-10 11:25:11 +02:00
4042b6e140
Decode req.path before loading object from OpenStack Swift
...
Signed-off-by: Eric Peterson <ericpeterson@spotify.com >
2021-05-09 15:20:08 +02:00
9570335f24
Decode req.path before loading object from Azure
...
Signed-off-by: Eric Peterson <ericpeterson@spotify.com >
2021-05-09 15:20:08 +02:00
3ebfa8f189
Decode req.path before loading object from S3 bucket.
...
Signed-off-by: Eric Peterson <ericpeterson@spotify.com >
2021-05-09 15:20:08 +02:00
4916a6e23d
Decode req.path before loading object from GCS
...
Signed-off-by: Eric Peterson <ericpeterson@spotify.com >
2021-05-09 15:20:08 +02:00
d397eb470f
Version Packages
2021-05-06 08:25:18 +00:00
1d7a40101a
Update the API reports of backend-common and techdocs-common
...
Signed-off-by: Dominik Henneke <dominik.henneke@sda-se.com >
2021-05-03 16:33:05 +02:00
e0bfd3d448
Refactor the runDockerContainer function to a ContainerRunner interface.
...
Signed-off-by: Dominik Henneke <dominik.henneke@sda-se.com >
2021-05-03 14:16:28 +02:00
55d84d7ce4
Merge pull request #5523 from RoadieHQ/tech-docs-s3-like-services
...
Tech docs with s3-like services
2021-04-30 11:48:55 +02:00
44abfaada6
Version Packages
2021-04-29 13:35:03 +02:00
4b1ce5edb0
fix master lint errors
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2021-04-29 12:19:57 +02:00
e9e56b01ac
Add possibility to use path style discovery on S3 tech docs. Enables the possibility to support S3-like buckets that rely on path style API like Localstack.
...
Signed-off-by: Jussi Hallila <jussi@hallila.com >
2021-04-29 10:54:42 +02:00
9d3fb9a30a
scripts/api-extractor: sync API definitions
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2021-04-26 20:51:12 +02:00
658de01647
scripts/api-extractor: disable all inline warnings
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2021-04-26 20:42:37 +02:00
0eda63fe9d
scripts/api-extractor: disable inline compilation warnings
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2021-04-26 20:42:36 +02:00
a904d8ba5e
packages: add api-reports for all included packages
...
Co-authored-by: Gustaf Räntilä <g.rantila@gmail.com >
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2021-04-26 20:42:35 +02:00
f940c38378
Prevent uncaught exception in download of Techdocs Azure Blob Storage publisher
...
Signed-off-by: Taras <tarasm@gmail.com >
2021-04-24 11:24:08 -04:00
70be53c939
Version Packages
2021-04-15 15:40:08 +02:00
d541d9fd07
Include review comments
...
Signed-off-by: Dominik Henneke <dominik.henneke@sda-se.com >
2021-04-12 18:50:15 +02:00
bc9d62f4f7
Create a new method to check the configuration of a techdocs publisher to not crash the application on errors
...
Signed-off-by: Dominik Henneke <dominik.henneke@sda-se.com >
2021-04-12 18:50:14 +02:00
718eea4f08
Version Packages
2021-03-18 12:31:44 +00:00
e589d1ecca
Merge pull request #4939 from backstage/dependabot/npm_and_yarn/types/js-yaml-4.0.0
...
chore(deps-dev): bump @types/js-yaml from 3.12.5 to 4.0.0
2021-03-15 12:55:44 +01:00
2dd8cef6fc
docs/techdocs: Add doc string about etag in Metadata type
...
Signed-off-by: Himanshu Mishra <himanshu@orkohunter.net >
2021-03-12 11:34:39 +01:00
a6067fe42d
techdocs: Add missing await when checking for existing docs
...
Signed-off-by: Himanshu Mishra <himanshu@orkohunter.net >
2021-03-12 11:23:35 +01:00
f7504fd789
chore(deps-dev): bump @types/js-yaml from 3.12.5 to 4.0.0
...
Bumps [@types/js-yaml](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/js-yaml ) from 3.12.5 to 4.0.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/js-yaml )
Signed-off-by: dependabot[bot] <support@github.com >
2021-03-12 04:20:02 +00:00
df905636ff
techdocs: Missing type updates in tests
...
Signed-off-by: Himanshu Mishra <himanshu@orkohunter.net >
2021-03-12 01:29:04 +01:00
5190e8d80a
techdocs: Add etag as techdocs metadata type
...
Signed-off-by: Himanshu Mishra <himanshu@orkohunter.net >
2021-03-12 00:58:41 +01:00
8686eb38cf
Introduce the @backstage/errors package.
...
Encode thrown errors in the backend as a JSON payload using a facility in that package, and render helpful frontend displays of those errors.
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2021-03-11 14:31:21 +01:00
0e120c5c66
Version Packages
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2021-03-11 13:45:44 +01:00
Fredrik Adelöw