mirror of
https://github.com/ankitects/anki.git
synced 2025-09-18 14:02:21 -04:00
82f3778340
The editor already strips script tags from fields, but was allowing
through Javascript in things like onclick handlers. We block this now,
as the editor context has access to internal APIs that we don't want to
expose to untrusted third-party code.
(cherry picked from commit 1c156905f8)
95 lines
3.1 KiB
JSON
95 lines
3.1 KiB
JSON
{
|
|
"name": "anki",
|
|
"version": "0.1.0",
|
|
"private": true,
|
|
"author": "Ankitects Pty Ltd and contributors",
|
|
"license": "AGPL-3.0-or-later",
|
|
"description": "Anki JS support files",
|
|
"scripts": {
|
|
"dev": "cd ts && vite dev",
|
|
"build": "cd ts && vite build",
|
|
"preview": "cd ts && vite preview",
|
|
"svelte-check:once": "cd ts && svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --fail-on-warnings --threshold warning",
|
|
"svelte-check": "cd ts && svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
|
|
"vitest:once": "cd ts && vitest run",
|
|
"vitest": "cd ts && vitest"
|
|
},
|
|
"devDependencies": {
|
|
"@bufbuild/protoc-gen-es": "^1.8.0",
|
|
"@poppanator/sveltekit-svg": "^5.0.0",
|
|
"@sqltools/formatter": "^1.2.2",
|
|
"@sveltejs/adapter-static": "^3.0.0",
|
|
"@sveltejs/kit": "^2.8.3",
|
|
"@sveltejs/vite-plugin-svelte": "4.0.0",
|
|
"@types/bootstrap": "^5.0.12",
|
|
"@types/codemirror": "^5.60.0",
|
|
"@types/d3": "^7.0.0",
|
|
"@types/diff": "^5.0.0",
|
|
"@types/fabric": "^5.3.7",
|
|
"@types/jquery": "^3.5.0",
|
|
"@types/jqueryui": "^1.12.13",
|
|
"@types/lodash-es": "^4.17.4",
|
|
"@types/marked": "^5.0.0",
|
|
"@types/node": "^20",
|
|
"@typescript-eslint/eslint-plugin": "^5.60.1",
|
|
"@typescript-eslint/parser": "^5.60.1",
|
|
"caniuse-lite": "^1.0.30001431",
|
|
"cross-env": "^7.0.2",
|
|
"diff": "^5.0.0",
|
|
"dprint": "^0.47.2",
|
|
"esbuild": "^0.19.10",
|
|
"esbuild-sass-plugin": "^2",
|
|
"esbuild-svelte": "^0.8.1",
|
|
"eslint": "^8.44.0",
|
|
"eslint-plugin-compat": "^4.1.4",
|
|
"eslint-plugin-import": "^2.25.4",
|
|
"eslint-plugin-svelte": "^2",
|
|
"license-checker-rseidelsohn": "=4.3.0",
|
|
"prettier": "^3.4.2",
|
|
"prettier-plugin-svelte": "^3.3.2",
|
|
"sass": "<1.77",
|
|
"svelte": "^5.17.3",
|
|
"svelte-check": "^3.4.4",
|
|
"svelte-preprocess": "^5.0.4",
|
|
"svelte-preprocess-esbuild": "^3.0.1",
|
|
"svgo": "^3.2.0",
|
|
"tslib": "^2.0.3",
|
|
"tsx": "^3.12.0",
|
|
"typescript": "^5.0.4",
|
|
"vite": "^5.4.10",
|
|
"vitest": "^2"
|
|
},
|
|
"dependencies": {
|
|
"@bufbuild/protobuf": "^1.2.1",
|
|
"@floating-ui/dom": "^1.4.3",
|
|
"@fluent/bundle": "^0.18.0",
|
|
"@mdi/svg": "^7.0.96",
|
|
"@popperjs/core": "^2.11.8",
|
|
"bootstrap": "^5.3.0",
|
|
"bootstrap-icons": "^1.10.5",
|
|
"codemirror": "^5.63.1",
|
|
"d3": "^7.0.0",
|
|
"dompurify": "^3.2.5",
|
|
"fabric": "^5.3.0",
|
|
"hammerjs": "^2.0.8",
|
|
"intl-pluralrules": "^2.0.0",
|
|
"jquery": "^3.5.1",
|
|
"jquery-ui-dist": "^1.12.1",
|
|
"lodash-es": "^4.17.21",
|
|
"marked": "^5.1.0",
|
|
"mathjax": "^3.1.2"
|
|
},
|
|
"resolutions": {
|
|
"canvas": "npm:empty-npm-package@1.0.0",
|
|
"cookie": "0.7.0"
|
|
},
|
|
"browserslist": [
|
|
"defaults",
|
|
"not op_mini all",
|
|
"not < 1%",
|
|
"Chrome 77",
|
|
"iOS 14.5"
|
|
],
|
|
"type": "module",
|
|
"packageManager": "yarn@4.6.0"
|
|
}
|