github
/
halo-admin
mirror of https://github.com/halo-dev/halo-admin
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: upgrade marked to fix security issues (#408) 

Signed-off-by: Ryan Wang <i@ryanc.cc>
pull/409/head
Ryan Wang 2022-01-16 20:33:33 +08:00 committed by GitHub
parent d3070ac257
commit 13ee41c710
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package.json
View File

@ -33,7 +33,7 @@
"filepond-plugin-file-validate-type": "^1.2.6", "filepond-plugin-file-validate-type": "^1.2.6",
"filepond-plugin-image-preview": "^4.6.10", "filepond-plugin-image-preview": "^4.6.10",
"halo-editor": "^2.8.3", "halo-editor": "^2.8.3",
"marked": "^2.1.3", "marked": "^4.0.10",
"nprogress": "^0.2.0", "nprogress": "^0.2.0",
"tiny-pinyin": "^1.3.2", "tiny-pinyin": "^1.3.2",
"verte": "^0.0.12", "verte": "^0.0.12",

10
pnpm-lock.yaml
View File

@ -32,7 +32,7 @@ specifiers:
less: ^3.13.1 less: ^3.13.1
less-loader: ^5.0.0 less-loader: ^5.0.0
lint-staged: ^10.5.4 lint-staged: ^10.5.4
marked: ^2.1.3 marked: ^4.0.10
nprogress: ^0.2.0 nprogress: ^0.2.0
prettier: ^1.19.1 prettier: ^1.19.1
tailwindcss: ^1.9.6 tailwindcss: ^1.9.6
@ -63,7 +63,7 @@ dependencies:
filepond-plugin-file-validate-type: 1.2.6_filepond@4.30.3 filepond-plugin-file-validate-type: 1.2.6_filepond@4.30.3
filepond-plugin-image-preview: 4.6.10_filepond@4.30.3 filepond-plugin-image-preview: 4.6.10_filepond@4.30.3
halo-editor: 2.8.3 halo-editor: 2.8.3
marked: 2.1.3 marked: 4.0.10
nprogress: 0.2.0 nprogress: 0.2.0
tiny-pinyin: 1.3.2 tiny-pinyin: 1.3.2
verte: 0.0.12 verte: 0.0.12
@ -7824,9 +7824,9 @@ packages:
object-visit: 1.0.1 object-visit: 1.0.1
dev: true dev: true
/marked/2.1.3: /marked/4.0.10:
resolution: {integrity: sha512-/Q+7MGzaETqifOMWYEA7HVMaZb4XbcRfaOzcSsHZEith83KGlvaSG33u0SKu89Mj5h+T8V2hM+8O45Qc5XTgwA==} resolution: {integrity: sha512-+QvuFj0nGgO970fySghXGmuw+Fd0gD2x3+MqCWLIPf5oxdv1Ka6b2q+z9RP01P/IaKPMEramy+7cNy/Lw8c3hw==}
engines: {node: '>= 10'} engines: {node: '>= 12'}
hasBin: true hasBin: true
dev: false dev: false

6
src/components/Tools/HeaderComment.vue
View File

@ -59,7 +59,7 @@
<script> <script>
import apiClient from '@/utils/api-client' import apiClient from '@/utils/api-client'
import marked from 'marked' import { marked } from 'marked'
export default { export default {
name: 'HeaderComment', name: 'HeaderComment',
@ -76,13 +76,13 @@ export default {
computed: { computed: {
converttedPostComments() { converttedPostComments() {
return this.postComments.map(comment => { return this.postComments.map(comment => {
comment.content = marked(comment.content) comment.content = marked.parse(comment.content)
return comment return comment
}) })
}, },
converttedSheetComments() { converttedSheetComments() {
return this.sheetComments.map(comment => { return this.sheetComments.map(comment => {
comment.content = marked(comment.content) comment.content = marked.parse(comment.content)
return comment return comment
}) })
} }

4
src/views/comment/components/CommentTab.vue
View File

@ -284,7 +284,7 @@
</template> </template>
<script> <script>
import { mixin, mixinDevice } from '@/mixins/mixin.js' import { mixin, mixinDevice } from '@/mixins/mixin.js'
import marked from 'marked' import { marked } from 'marked'
import apiClient from '@/utils/api-client' import apiClient from '@/utils/api-client'
const postColumns = [ const postColumns = [
@ -437,7 +437,7 @@ export default {
formattedComments() { formattedComments() {
return this.list.data.map(comment => { return this.list.data.map(comment => {
comment.statusProperty = this.commentStatus[comment.status] comment.statusProperty = this.commentStatus[comment.status]
comment.content = marked(comment.content) comment.content = marked.parse(comment.content)
return comment return comment
}) })
}, },

4
src/views/comment/components/TargetCommentTree.vue
View File

@ -66,7 +66,7 @@
</div> </div>
</template> </template>
<script> <script>
import marked from 'marked' import { marked } from 'marked'
export default { export default {
name: 'TargetCommentTree', name: 'TargetCommentTree',
@ -79,7 +79,7 @@ export default {
}, },
computed: { computed: {
content() { content() {
return marked(this.comment.content) return marked.parse(this.comment.content)
} }
}, },
methods: { methods: {

4
src/views/dashboard/components/RecentCommentTab.vue
View File

@ -45,7 +45,7 @@
<script> <script>
import apiClient from '@/utils/api-client' import apiClient from '@/utils/api-client'
import marked from 'marked' import { marked } from 'marked'
export default { export default {
name: 'RecentCommentTab', name: 'RecentCommentTab',
@ -68,7 +68,7 @@ export default {
computed: { computed: {
formmatedCommentData() { formmatedCommentData() {
return this.comments.map(comment => { return this.comments.map(comment => {
comment.content = marked(comment.content) comment.content = marked.parse(comment.content)
return comment return comment
}) })
} }

4
src/views/system/About.vue
View File

@ -77,7 +77,7 @@
<script> <script>
import apiClient from '@/utils/api-client' import apiClient from '@/utils/api-client'
import axios from 'axios' import axios from 'axios'
import marked from 'marked' import { marked } from 'marked'
import { PageView } from '@/layouts' import { PageView } from '@/layouts'
const axiosInstance = axios.create({ const axiosInstance = axios.create({
@ -136,7 +136,7 @@ export default {
}, },
versionContent() { versionContent() {
if (this.latestData && this.latestData.body) { if (this.latestData && this.latestData.body) {
return marked(this.latestData.body) return marked.parse(this.latestData.body)
} else { } else {
return '暂无内容' return '暂无内容'
} }