Skip to content

Commit

Permalink
Merge pull request #13 from jmaxwilson/security-patch-js-yaml
Browse files Browse the repository at this point in the history
Updated the js-yaml package to address potential security vulnerabilities
  • Loading branch information
jmaxwilson authored Jun 13, 2019
2 parents 79a6440 + baa1990 commit be3e087
Show file tree
Hide file tree
Showing 5 changed files with 119 additions and 84 deletions.
8 changes: 8 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,14 @@
# Change Log
All notable changes to this project will be documented in this file.

## [0.0.11] = 2019-06-13

## Changed

- Updated the js-yaml package to address potential security vulnerabilities. See: https://github.com/nodeca/js-yaml/pull/480
- Updated the vscode package to keep code up to date
- Reformatting package.json for more standard json format

## [0.0.10] - 2019-05-11

### Fixed
Expand Down
8 changes: 4 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,13 @@ This extension allows you to use [Visual Studio Code](https://code.visualstudio.

### What's New

#### Version 0.0.10
#### Version 0.0.11

* The extension now properly handles spaces in paths and filenames for most cases. (Some [known issues](#known-issues) with Powershell). Thanks to Galbi3000 for identifying this bug and helping to fix it.
* Library Updates to address security vulnerabilities in 3rd party package.

#### Version 0.0.9
#### Version 0.0.10

* You can use the new Custom Commandline Options setting to append additional [commandline options](https://www.povray.org/documentation/3.7.0/r3_2.html) to POV-Ray when it is called to render the scene.
* The extension now properly handles spaces in paths and filenames for most cases. (Some [known issues](#known-issues) with Powershell). Thanks to Galbi3000 for identifying this bug and helping to fix it.

[View the Change Log](./CHANGELOG.md)

Expand Down
163 changes: 95 additions & 68 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@
"displayName": "POV-Ray",
"description": "Persistence of Vision Ray Tracer (POV-Ray) Extension for Visual Studio Code",
"icon": "icons/povray-extension-logo.png",
"version": "0.0.10",
"version": "0.0.11",
"publisher": "jmaxwilson",
"license": "MIT",
"repository": {
"type": "git",
"url": "https://github.com/jmaxwilson/vscode-povray"
},
"type": "git",
"url": "https://github.com/jmaxwilson/vscode-povray"
},
"engines": {
"vscode": "^1.32.0"
},
Expand All @@ -22,19 +22,34 @@
],
"main": "./out/extension.js",
"contributes": {
"languages": [{
"id": "povray",
"aliases": ["povray", "pov-ray", "POVRay", "POV-Ray", "POVRAY", "POV-RAY"],
"extensions": [".pov",".inc", ".ini"],
"configuration": "./language-configuration.json"
}],
"grammars": [{
"language": "povray",
"scopeName": "source.povray",
"path": "./syntaxes/povray.tmLanguage.json"
}],
"taskDefinitions": [
{
"languages": [
{
"id": "povray",
"aliases": [
"povray",
"pov-ray",
"POVRay",
"POV-Ray",
"POVRAY",
"POV-RAY"
],
"extensions": [
".pov",
".inc",
".ini"
],
"configuration": "./language-configuration.json"
}
],
"grammars": [
{
"language": "povray",
"scopeName": "source.povray",
"path": "./syntaxes/povray.tmLanguage.json"
}
],
"taskDefinitions": [
{
"type": "povray",
"properties": {
"task": {
Expand All @@ -50,46 +65,53 @@
"description": "The full path to the output file"
}
}
}
],
"problemMatchers": [
{
}
],
"problemMatchers": [
{
"name": "povray",
"owner": "povray",
"fileLocation": ["relative", "${workspaceFolder}"],
"pattern": [
{
"regexp": "^.*\\s\\'(.*\\.pov|inc).*line\\s+(\\d+):.*(.*[Ee]rror.*):\\s(.*$)",
"file": 1,
"line": 2,
"severity": 3,
"message": 4
},
{
"regexp": "^([\\s]\\w.*)",
"message": 1
"owner": "povray",
"fileLocation": [
"relative",
"${workspaceFolder}"
],
"pattern": [
{
"regexp": "^.*\\s\\'(.*\\.pov|inc).*line\\s+(\\d+):.*(.*[Ee]rror.*):\\s(.*$)",
"file": 1,
"line": 2,
"severity": 3,
"message": 4
},
{
"regexp": "^([\\s]\\w.*)",
"message": 1
}
]
}
]
}
],
"commands": [
{
"command": "povray.render",
"title": "POV-Ray: Render Scene",
"icon": "icons/povray-render-icon.png"
"command": "povray.render",
"title": "POV-Ray: Render Scene",
"icon": "icons/povray-render-icon.png"
}
],
"menus": {
"commandPalette": [{
"when": "resourceLangId == povray && resourceExtname != .inc",
"command": "povray.render",
"group": "navigation"
}],
"editor/title": [{
"when": "resourceLangId == povray && resourceExtname != .inc",
"command": "povray.render",
"group": "navigation"
}]
"commandPalette": [
{
"when": "resourceLangId == povray && resourceExtname != .inc",
"command": "povray.render",
"group": "navigation"
}
],
"editor/title": [
{
"when": "resourceLangId == povray && resourceExtname != .inc",
"command": "povray.render",
"group": "navigation"
}
]
},
"configuration": {
"type": "object",
Expand All @@ -101,16 +123,21 @@
"deprecationMessage": "**DEPRECATED** Please use Povray > Render: Output Path"
},
"povray.defaultRenderWidth": {
"type": ["integer","null"],
"type": [
"integer",
"null"
],
"default": null,
"deprecationMessage": "**DEPRECATED** Please use Povray > Render: Default Width"
},
"povray.defaultRenderHeight": {
"type": ["integer","null"],
"type": [
"integer",
"null"
],
"default": null,
"deprecationMessage": "**DEPRECATED** Please use Povray > Render: Default Height"
},

"povray.render.defaultWidth": {
"type": "integer",
"default": "1024",
Expand All @@ -124,30 +151,30 @@
"povray.render.outputImageFormat": {
"type": "string",
"enum": [
"png - Portable Network Graphics",
"jpg - JPEG (lossy)",
"png - Portable Network Graphics",
"jpg - JPEG (lossy)",
"bmp - Bitmap",
"tga - Targa-24",
"tga - Targa-24 (compressed)",
"exr - OpenEXR High Dynamic-Range",
"hdr - Radiance High Dynamic-Range",
"tga - Targa-24",
"tga - Targa-24 (compressed)",
"exr - OpenEXR High Dynamic-Range",
"hdr - Radiance High Dynamic-Range",
"ppm - Portable Pixmap"
],
"default": "png - Portable Network Graphics",
"description": "The image format to use for rendered scenes"
},
"povray.render.displayImageDuringRender": {
"type":"boolean",
"type": "boolean",
"default": false,
"markdownDescription": "Display the image while it is being rendered [Note: this POV-Ray feature may not be available on all platforms]"
},
"povray.render.openImageAfterRender": {
"type":"boolean",
"type": "boolean",
"default": true,
"description": "Automatically open the rendered image when rendering finishes?"
},
"povray.render.openImageAfterRenderInNewColumn": {
"type":"boolean",
"type": "boolean",
"default": true,
"description": "When the rendered image is automatically opened, open it in a new column beside the current editor"
},
Expand All @@ -162,17 +189,17 @@
"markdownDescription": "Additional [commandline options](https://www.povray.org/documentation/3.7.0/r3_2.html) to add to POV-Ray when rendering the scene."
},
"povray.docker.enableDocker": {
"type":"boolean",
"type": "boolean",
"default": false,
"markdownDescription": "Use [Docker](https://www.docker.com/products/docker-desktop) to run POV-Ray."
},
"povray.docker.image": {
"type":"string",
"type": "string",
"default": "jmaxwilson/povray",
"markdownDescription": "Specify the docker image that will be used to run povray through docker. Compatible images available from https://hub.docker.com/r/jmaxwilson/povray "
},
"povray.libraryPath": {
"type":"string",
"type": "string",
"default": "",
"description": "The Library Path where POV-Ray can find all of the standard include files. (Note: You should only really need to use this on Mac.)"
}
Expand All @@ -193,10 +220,10 @@
"test": "yarn run compile && node ./node_modules/vscode/bin/test"
},
"devDependencies": {
"typescript": "^3.3.1",
"vscode": "^1.1.28",
"tslint": "^5.12.1",
"@types/mocha": "^2.2.42",
"@types/node": "^10.12.21",
"@types/mocha": "^2.2.42"
"tslint": "^5.12.1",
"typescript": "^3.3.1",
"vscode": "^1.1.34"
}
}
Binary file not shown.
24 changes: 12 additions & 12 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -428,9 +428,9 @@ js-tokens@^3.0.2:
integrity sha1-mGbfOVECEw449/mWvOtlRDIJwls=

js-yaml@^3.7.0:
version "3.13.0"
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.13.0.tgz#38ee7178ac0eea2c97ff6d96fff4b18c7d8cf98e"
integrity sha512-pZZoSxcCYco+DIKBTimr67J6Hy+EYGZDY/HCWC+iAEA9h1ByhMXAIVUXMcMFpOCxQ/xjXmPI2MkDL5HRm5eFrQ==
version "3.13.1"
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.13.1.tgz#aff151b30bfdfa8e49e05da22e7415e9dfa37847"
integrity sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==
dependencies:
argparse "^1.0.7"
esprima "^4.0.0"
Expand Down Expand Up @@ -771,26 +771,26 @@ [email protected]:
core-util-is "1.0.2"
extsprintf "^1.2.0"

vscode-test@^0.1.4:
version "0.1.5"
resolved "https://registry.yarnpkg.com/vscode-test/-/vscode-test-0.1.5.tgz#250534f90e78d37a84419a00f9bd15341e1a4f8f"
integrity sha512-s+lbF1Dtasc0yXVB9iQTexBe2JK6HJAUJe3fWezHKIjq+xRw5ZwCMEMBaonFIPy7s95qg2HPTRDR5W4h4kbxGw==
vscode-test@^0.4.1:
version "0.4.3"
resolved "https://registry.yarnpkg.com/vscode-test/-/vscode-test-0.4.3.tgz#461ebf25fc4bc93d77d982aed556658a2e2b90b8"
integrity sha512-EkMGqBSefZH2MgW65nY05rdRSko15uvzq4VAPM5jVmwYuFQKE7eikKXNJDRxL+OITXHB6pI+a3XqqD32Y3KC5w==
dependencies:
http-proxy-agent "^2.1.0"
https-proxy-agent "^2.2.1"

vscode@^1.1.28:
version "1.1.33"
resolved "https://registry.yarnpkg.com/vscode/-/vscode-1.1.33.tgz#e05d5ca25eb35d799fc20622af7c7a561abf6fba"
integrity sha512-sXedp2oF6y4ZvqrrFiZpeMzaCLSWV+PpYkIxjG/iYquNZ9KrLL2LujltGxPLvzn49xu2sZkyC+avVNFgcJD1Iw==
vscode@^1.1.34:
version "1.1.34"
resolved "https://registry.yarnpkg.com/vscode/-/vscode-1.1.34.tgz#3aba5d2f3a9d43f4e798f6933339fe5fcfb782c6"
integrity sha512-GuT3tCT2N5Qp26VG4C+iGmWMgg/MuqtY5G5TSOT3U/X6pgjM9LFulJEeqpyf6gdzpI4VyU3ZN/lWPo54UFPuQg==
dependencies:
glob "^7.1.2"
mocha "^4.0.1"
request "^2.88.0"
semver "^5.4.1"
source-map-support "^0.5.0"
url-parse "^1.4.4"
vscode-test "^0.1.4"
vscode-test "^0.4.1"

wrappy@1:
version "1.0.2"
Expand Down

0 comments on commit be3e087

Please sign in to comment.