Madison is a platform for lawmakers to share legislation with their citizens, allowing the community to add comments and suggest improvements.

Related tags

Laravel madison
Overview

Madison

CircleCI

Madison is an open-source document engagement and feedback platform. While Madison can be used to collaborate on many different kinds of documents, the official version is being built legislative and policy documents in mind.

If you have questions about Madison, please open an issue and we will try to respond as soon as possible.

Check out the Madison Documentation or jump right into the Issue Log for more information on the project.

Architecture

As of 4.0, Madison is a generally plain Laravel (PHP) application.

User Guide

Visit our Engagement Guide for information on using Madison to run engagement rounds.

How to Help

Open an issue, claim an issue, comment on an issue, or submit a pull request to resolve one.

Comments
  • Capistrano deploy FAILED git-ssh.sh: Permission denied

    Capistrano deploy FAILED git-ssh.sh: Permission denied

    @sethetter what could be a problem?

    $ cap production deploy
    00:00 git:wrapper
          01 mkdir -p /tmp/madison/
    deploy@correct_IP's password: 
        ✔ 01 deploy@correct_IP 26.815s
    (Backtrace restricted to imported tasks)
    cap aborted!
    scp: /tmp/madison/git-ssh.sh: Permission denied
    
    Tasks: TOP => git:check => git:wrapper
    (See full trace by running task with --trace)
    The deploy has failed with an error: scp: /tmp/madison/git-ssh.sh: Permission denied
    
    ** DEPLOY FAILED
    ** Refer to log/capistrano.log for details. Here are the last 2 lines:
    
    INFO [27592b2a] Finished in 26.815 seconds with exit status 0 (successful).
    DEBUG Uploading /tmp/madison/git-ssh.sh 0.0%
    

    capistrano.log shows this:

    GIT_ASKPASS="/bin/echo" GIT_SSH="/tmp/madison/git-ssh.sh" ; /usr/bin/env git ls-remote --heads ssh://[email protected]/diffusion/1/madison.git )
     DEBUG [97e484f0] 	Error writing to authentication socket.
     DEBUG [97e484f0] 	Permission denied (publickey,keyboard-interactive).
     DEBUG [97e484f0] 	fatal: Could not read from remote repository.
    
    GIT_ASKPASS="/bin/echo" GIT_SSH="/tmp/madison/git-ssh.sh" ; /usr/bin/env git ls-remote --heads ssh://[email protected]/diffusion/1/madison.git )
     DEBUG [b7007ac4] 	Warning: Permanently added 'phabricator.opengovfoundation.org,23.239.10.60' (ED25519) to the list of known hosts.
     DEBUG [b7007ac4] 	Error reading response length from authentication socket.
     DEBUG [b7007ac4] 	Permission denied (publickey,keyboard-interactive).
    fatal: Could not read from remote repository.
    
    Please make sure you have the correct access rights
    and the repository exists.
    
    DEBUG Uploading /tmp/madison/git-ssh.sh 0.0%
      INFO Uploading /tmp/madison/git-ssh.sh 100.0%
      INFO [26ed2797] Running /usr/bin/env chmod +rx /tmp/madison/git-ssh.sh as root@corect_IP
     DEBUG [26ed2797] Command: ( export PATH="/usr/local/rvm/gems/ruby-2.3.0/bin:/usr/local/rvm/gems/ruby-2.3.0@global/bin:/usr/local/rvm/rubies/ruby-2.3.0/bin:$PATH" ; /usr/bin/env chmod +rx /tmp/madison/git-ssh.sh )
    

    git-ssh.sh looks like this:

    #!/bin/sh -e
    exec /usr/bin/ssh -o PasswordAuthentication=no -o StrictHostKeyChecking=no "$@"
    
    opened by IuliiSe 31
  • Add 'read' notifications

    Add 'read' notifications

    If the sponsor of a document hovers on a user comment or clicks it in the sidebar, the user should be notified that their comment was read by the sponsor via email.

    opened by cmbirk 25
  • Automate testing suite

    Automate testing suite

    @cmbirk here is what I've figured out so far:

    Testing with chrome requires Chrome installed and the Selenium JAR to be running and configured with chromedriver path.

    Testing with PhantomJS is easier. Run npm install phantomjs and then phantomjs --webdriver=4444 (this can be automated using grunt). Change acceptance.suite.yml to use browser: phantomjs. Running a test like this, however, gives a very small window that cannot be resized without going into the Codeception/PHPUnit code that deals with controlling the WebDriver.

    Type: Feature Request Type: Testing / QA Difficulty (4): You want me to do what?! Type: Browser Support Needs: Bash/Grunt/etc 
    opened by rtsio 24
  • How can we break up large documents

    How can we break up large documents

    Right now I see these as options:

    • User-added table of contents
      • Something like the CFPB does, but the links will have to be anchors created by a drafter
    • Pattern matching table of comments
      • This will have to be a regex added to the document that details which items will be pulled in as a table of contents ( there will certainly be help needed from our side on this )
        • we can certainly add something to the editor to facilitate this ( not really sure what this entails yet. )
    • Pagination
      • how do we add the page breaks?
      • difficult when trying to include all annotations.
        • This may be pseudo-pagination ( first page loaded with annotations and other pages load in the background )
    • Document mini-window showing where you are relative to the entire document
      • similar to Sublime Text

    @bryanconnor @krues8dr @seamuskraft @leilis let's use this issue to discuss how best to do this.

    opened by cmbirk 23
  • Popup when not authorized

    Popup when not authorized

    Is it possible to restrict some pages with the roles, but when not logged in, show a login popup, before showing the page? This would be easier for link sharing etc (eg private documents), as the user can be redirected to the intended page.

    opened by barryvdh 20
  • Improve custom theming.

    Improve custom theming.

    Two things to be done here:

    • [x] Make most of our variable settings in globals.scss and elsewhere have the !default flag.
    • [x] Create a custom folder and use glob-import to bring it in first. (@import ./custom/*), overriding any defaults.
    Help Wanted 
    opened by krusynth 17
  • Create status for documents, instead of just public/private

    Create status for documents, instead of just public/private

    Documents shouldn't be published by default as they are now, they should have to choose to publish them - either publicly or privately - before they show up on the site when you're not part of the authoring group.

    opened by krusynth 16
  • Issue 943 - Reorganization to separate client and server code

    Issue 943 - Reorganization to separate client and server code

    This is a big one:

    • Client and server code separated into different folders
    • Makefile to operate common tasks between the two
    • Travis tests operating as needed
    • No longer committing built assets

    @krues8dr @doshitan -- have fun :)

    opened by sethetter 15
  • Issue 679 - Custom content pages

    Issue 679 - Custom content pages

    New models: Page, and PageContent.

    Pages loaded from the database on app load, using future states from ui-router-extras to dynamically create angular routes for each page.

    Admin interface for creating / editing pages as well.

    @krues8dr @doshitan

    opened by sethetter 14
  • Upgrade to Laravel 5

    Upgrade to Laravel 5

    Would like to get this done before we start getting heavy usage from Chicago.

    There's an upgrade guide here on the steps required. There will obviously have to be significant testing afterward as well.

    Needs: Laravel 
    opened by cmbirk 14
  • Remaining Redesign Tasks

    Remaining Redesign Tasks

    • [x] Login page
    • [x] Social login buttons
    • [x] MyDocuments page
    • [x] Links ( black on white background can't tell they're links )
    • [x] Admin documents list page
    • [x] Document editing page
    • [x] Anchor footer to the bottom of the page ( short pages such as login the footer creeps up into the page )
    • [x] Sub-dropdown needs some love ( See below )
    opened by cmbirk 14
  • Bump qs from 6.3.0 to 6.3.3

    Bump qs from 6.3.0 to 6.3.3

    Bumps qs from 6.3.0 to 6.3.3.

    Changelog

    Sourced from qs's changelog.

    6.3.3

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
    • [Fix] utils.merge: avoid a crash with a null target and an array source
    • [Fix] utils.merge`: avoid a crash with a null target and a truthy non-array source
    • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
    • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
    • [Fix] when parseArrays is false, properly handle keys ending in []
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [Refactor] use cached Array.isArray
    • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
    • [Docs] Clarify the need for "arrayLimit" option
    • [meta] fix README.md (#399)
    • [meta] Clean up license text so it’s properly detected as BSD-3-Clause
    • [meta] add FUNDING.yml
    • [actions] backport actions from main
    • [Tests] use safer-buffer instead of Buffer constructor
    • [Tests] remove nonexistent tape option
    • [Dev Deps] backport from main

    6.3.2

    • [Fix] follow allowPrototypes option during merge (#201, #200)
    • [Dev Deps] update eslint
    • [Fix] chmod a-x
    • [Fix] support keys starting with brackets (#202, #200)
    • [Tests] up to node v7.7, v6.10, v4.8; disable osx builds since they block linux builds

    6.3.1

    • [Fix] ensure that allowPrototypes: false does not ever shadow Object.prototype properties (thanks, @​snyk!)
    • [Dev Deps] update eslint, @ljharb/eslint-config, browserify, iconv-lite, qs-iconv, tape
    • [Tests] on all node minors; improve test matrix
    • [Docs] document stringify option allowDots (#195)
    • [Docs] add empty object and array values example (#195)
    • [Docs] Fix minor inconsistency/typo (#192)
    • [Docs] document stringify option sort (#191)
    • [Refactor] stringify: throw faster with an invalid encoder
    • [Refactor] remove unnecessary escapes (#184)
    • Remove contributing.md, since qs is no longer part of hapi (#183)
    Commits
    • ff235b4 v6.3.3
    • 4310742 [Fix] parse: ignore __proto__ keys (#428)
    • da1eee0 [Dev Deps] backport from main
    • 2c103b6 [actions] backport actions from main
    • aa4580e [Robustness] stringify: avoid relying on a global undefined (#427)
    • f8510a1 [meta] fix README.md (#399)
    • 4c036ce [Fix] fix for an impossible situation: when the formatter is called with a no...
    • 180bfa5 [meta] Clean up license text so it’s properly detected as BSD-3-Clause
    • e0b2c4b [Tests] use safer-buffer instead of Buffer constructor
    • f7139bf [Fix] utils.merge: avoid a crash with a null target and an array source
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump select2 from 4.0.3 to 4.0.6

    Bump select2 from 4.0.3 to 4.0.6

    Bumps select2 from 4.0.3 to 4.0.6.

    Release notes

    Sourced from select2's releases.

    Select2 4.0.6

    New features/improvements

    • Add style property to package.json (#5019)
    • Implement clear and clearing events (#5058)
    • Add scrollAfterSelect option (#5150)
    • Add missing diacritics (#4118, #4337, #5464)

    Bug fixes

    • Fix up arrow error when there are no options in dropdown (#5127)
    • Add ; before beginning of factory wrapper (#5089)
    • Fix IE11 issue with select losing focus after selecting an item (#4860)
    • Clear tooltip from select2-selection__rendered when selection is cleared (#4640, #4746)
    • Fix keyboard not closing when closing dropdown on iOS 10 (#4680)
    • User-defined types not normalized properly when passed in as data (#4632)
    • Perform deep merge for Defaults.set() (#4364)
    • Fix "the results could not be loaded" displaying during AJAX request (#4356)
    • Cache objects in Utils.__cache instead of using $.data (#4346, #5486)
    • Removing the double event binding registration of selection:update (#4306)

    Accessibility

    • Improve .select2-hidden-accessible (#4908)
    • Add role and aria-readonly attributes to single selection dropdown value (#4881)

    Translations

    • Add Turkmen translations (tk) (#5125)
    • Fix error in French translations (#5122)
    • Add Albanian translation (sq) (#5199)
    • Add Georgian translation (ka) (#5179)
    • Add Nepali translation (ne) (#5295)
    • Add Bangla translation (bn) (#5248)
    • Add removeAllItems translation for clear "x" title (#5291)
    • Fix wording in Vietnamese translations (#5387)
    • Fix error in Russian translation (#5401)

    Miscellaneous

    • Remove duplicate CSS selector in classic theme (#5115)

    Select2 4.0.6-rc.1

    Bug fixes

    • Fix up arrow error when there are no options in dropdown (#5127)
    • Fix IE11 issue with select losing focus after selecting an item (#4860)
    • Reinstate backwards-compatible support for data('select2') (#4014)

    Translations

    • Add Turkmen translations (tk) (#5125)
    • Fix error in French translations (#5122)

    Miscellaneous

    • Remove duplicate CSS selector in classic theme (#5115)

    ... (truncated)

    Changelog

    Sourced from select2's changelog.

    4.0.6

    New features/improvements

    • Add style property to package.json (#5019)
    • Implement clear and clearing events (#5058)
    • Add scrollAfterSelect option (#5150)
    • Add missing diacritics (#4118, #4337, #5464)

    Bug fixes

    • Fix up arrow error when there are no options in dropdown (#5127)
    • Add ; before beginning of factory wrapper (#5089)
    • Fix IE11 issue with select losing focus after selecting an item (#4860)
    • Clear tooltip from select2-selection__rendered when selection is cleared (#4640, #4746)
    • Fix keyboard not closing when closing dropdown on iOS 10 (#4680)
    • User-defined types not normalized properly when passed in as data (#4632)
    • Perform deep merge for Defaults.set() (#4364)
    • Fix "the results could not be loaded" displaying during AJAX request (#4356)
    • Cache objects in Utils.__cache instead of using $.data (#4346, #5486)
    • Removing the double event binding registration of selection:update (#4306)

    Accessibility

    • Improve .select2-hidden-accessible (#4908)
    • Add role and aria-readonly attributes to single selection dropdown value (#4881)

    Translations

    • Add Turkmen translations (tk) (#5125)
    • Fix error in French translations (#5122)
    • Add Albanian translation (sq) (#5199)
    • Add Georgian translation (ka) (#5179)
    • Add Nepali translation (ne) (#5295)
    • Add Bangla translation (bn) (#5248)
    • Add removeAllItems translation for clear "x" title (#5291)
    • Fix wording in Vietnamese translations (#5387)
    • Fix error in Russian translation (#5401)

    Miscellaneous

    • Remove duplicate CSS selector in classic theme (#5115)

    4.0.5

    Bug fixes

    • Replace autocapitalize=off with autocapitalize=none (#4994)

    Translations

    • Vietnamese: remove an unnecessary quote mark (#5059)
    • Czech: Add missing commas and periods (#5052)
    • Spanish: Update the 'errorLoading' message (#5032)
    • Fix typo in Romanian (#5005)
    • Improve French translation (#4988)
    • Add Pashto translation (ps) (#4960)

    ... (truncated)

    Commits
    • 5dcc102 Merge pull request #5488 from select2/develop
    • 3e9809d Update changelog for 4.0.6 release
    • a2bfa6c Recompile dist for 4.0.6 release
    • a8ea4cc Bump versions for 4.0.6 release
    • b4aa352 Removed unused files
    • 650035c Restore compatibility with data-* attributes in jQuery 2.x (#5486)
    • 9f8b6ff [WIP] Get Grunt consistently working again (#5466)
    • 5977856 minor fix (greek omega used has no diacritic) (#5464)
    • a9c1b61 Update composer to remove deprecated dependency (#5165)
    • 9032705 More suitable spelling ещё instead of еще (#5401)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump deap from 1.0.0 to 1.0.1

    Bump deap from 1.0.0 to 1.0.1

    Bumps deap from 1.0.0 to 1.0.1.

    Commits
    Maintainer changes

    This version was pushed to npm by prestaul, a new releaser for deap since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump guzzlehttp/psr7 from 1.3.1 to 1.8.5

    Bump guzzlehttp/psr7 from 1.3.1 to 1.8.5

    Bumps guzzlehttp/psr7 from 1.3.1 to 1.8.5.

    Release notes

    Sourced from guzzlehttp/psr7's releases.

    1.8.5

    See change log for changes.

    1.8.4

    See change log for changes.

    1.8.3

    See change log for changes.

    1.8.2

    See change log for changes.

    1.8.1

    See change log for changes.

    1.8.0

    See change log for changes.

    1.7.0

    See change log for changes.

    Revert PSR-7 type assertions

    1.6.0 introduced a few type assertions to enforce types defined by PSR-7. Unfortunately that break the library for users not strictly following the PSR-7 standard. Since the users impacted by this change seems to be rather large, this hotfix reverts that change with the note that we will reapply it in 2.0.0, so fixing this is recommended regardless of which version you use.

    Details are in #282 and #283

    1.6.0

    Version 1.6.0 is released which will likely be the last minor release in 1.x. We're focussing 2.0 now with support for psr/http-factory, PHP 7.2 requirement and type declarations.

    Added

    • Allowed version ^3.0 of ralouphie/getallheaders dependency (#244)
    • Added MIME type for WEBP image format (#246)
    • Added more validation of values according to PSR-7 and RFC standards, e.g. status code range (#250, #272)

    Changed

    • Tests don't pass with HHVM 4.0, so HHVM support got dropped. Other libraries like composer have done the same. (#262)
    • Accept port number 0 to be valid (#270)

    Fixed

    • Fixed subsequent reads from php://input in ServerRequest (#247)
    • Fixed readable/writable detection for certain stream modes (#248)
    • Fixed encoding of special characters in the userInfo component of an URI (#253)

    1.5.0

    After a really long waiting period, 1.5.0 is finally here with the following changes:

    Added

    ... (truncated)

    Changelog

    Sourced from guzzlehttp/psr7's changelog.

    1.8.5 - 2022-03-20

    Fixed

    • Correct header value validation

    1.8.4 - 2022-03-20

    Fixed

    • Validate header values properly

    1.8.3 - 2021-10-05

    Fixed

    • Return null in caching stream size if remote size is null

    1.8.2 - 2021-04-26

    Fixed

    • Handle possibly unset url in stream_get_meta_data

    1.8.1 - 2021-03-21

    Fixed

    • Issue parsing IPv6 URLs
    • Issue modifying ServerRequest lost all its attributes

    1.8.0 - 2021-03-21

    Added

    • Locale independent URL parsing
    • Most classes got a @final annotation to prepare for 2.0

    Fixed

    • Issue when creating stream from php://input and curl-ext is not installed
    • Broken Utils::tryFopen() on PHP 8

    1.7.0 - 2020-09-30

    Added

    • Replaced functions by static methods

    Fixed

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 0
  • Bump erusev/parsedown from 1.6.1 to 1.7.4

    Bump erusev/parsedown from 1.6.1 to 1.7.4

    Bumps erusev/parsedown from 1.6.1 to 1.7.4.

    Release notes

    Sourced from erusev/parsedown's releases.

    1.7.4

    Introduce rawHtml concept from beta 1.8 that extensions may optionally utilise. In 1.8 beta versions this feature is utilised internally and might have compatibility issues with extensions, this release does not use this feature internally so no such issues will be present.

    1.7.3

    No release notes provided.

    1.7.2

    This is a security release and resolves an issue which would allow a user to add arbitrary classes to fenced code blocks. This might have security consequences, see #699 for more detail.

    1.7.1

    This is a bugfix release. The following have been resolved:

    #475: "Loose" lists will now contain paragraphs in all items, not just some. #433: Links will no longer be double nested #525: The info-string when beginning a code block may now contain non-word characters (e.g. c++) #561: The mbstring extension (which we already depend on) has been added explicitly to composer.json #563: The Parsedown::version constant now matches the release version #560: Builds will now fail if we forget to update the version constant again 😉

    Thanks to @​PhrozenByte, @​harikt, @​erusev, @​luizbills, and @​aidantwoods for their contributions to this release.

    Safe Mode

    No release notes provided.

    Commits
    • cb17b64 Increment version for release
    • 21f99b1 Merge pull request #745 from aidantwoods/dev-1.7.x/opt-in-rawHtml
    • 791faca Test on 7.4
    • add8d18 Add rawHtml without using it (extensions may opt-in)
    • 7073ac3 Dev for 1.7.4
    • 3d2b25b Add test to prevent regression
    • 6d89393 New release due to mislabeled previous tag
    • d60bcdc Bump version
    • c390a9e Merge pull request #700 from aidantwoods/fix/spaces-in-class-names-1.7.x
    • 0f1e9da Fix test platforms
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies php 
    opened by dependabot[bot] 0
  • Bump marked from 0.3.6 to 0.3.19

    Bump marked from 0.3.6 to 0.3.19

    Bumps marked from 0.3.6 to 0.3.19.

    Release notes

    Sourced from marked's releases.

    0.3.18 minified required new release

    0.3.18 did not have changes to min.

    Minor fixes and updated docs

    • Supported Markdown flavors: CommonMark 0.28 and GitHub Flavored Markdown 0.28
    • Updates to our CI pipeline; we're all green! #1098 with the caveat that there is a test that needs to get sorted (help us out #1092)
    • Start ordered lists using the initial numbers from markdown lists (#1144)
    • Added GitHub Pages site for documentation https://marked.js.org/ (#1138)

    Processes and tools

    • The elephant in the room: A security vulnerability was discovered and fixed. Please note, if something breaks due to these changes, it was not our intent, and please let us know by submitting a PR or issue to course correct (the nature of the zero-major release and having security as a number one priority) #1083
    • The other elephant in the room: We missed publishing a 0.3.16 release to GitHub; so, trying to make up for that a bit.
    • Updates to the project documentation and operations, you should check it out, just start with the README and you should be good.
    • New release PR template available #1076
    • Updates to default PR and Issue templates #1076
    • Lint checks + tests + continuous integration using Travis #1020
    • Updated testing output #1085 & #1087

    Fix capturing parens

    Fixes unintended breaking change from v0.3.14

    New year, new home

    • Marked has a new home under the MarkedJS org! Other advances soon to come.
    • Updated minifier.
    • Various parser fixes

    New Year, new Marked!

    • Addresses issue where some users might not have been able to update due to missing use strict #991
    • Parser fix #977
    • New way to perform tests with options and running individual tests #1002
    • Improved test cases
    • Improved links

    Merry XSSmas

    We think with this version we have addressed most, if not all, known security vulnerabilities. If you find more, please let us know.

    XSS

    Should fix XSS issue discovered.

    Commits
    Maintainer changes

    This version was pushed to npm by amidknight, a new releaser for marked since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
Releases(1.8.5)
Owner
OpenGov Foundation
We create software to power effective civic engagement at scale in 21st Century legislatures
OpenGov Foundation
Laravel comments - This package enables to easily associate comments to any Eloquent model in your Laravel application

Laravel comments - This package enables to easily associate comments to any Eloquent model in your Laravel application

Rubik 4 May 12, 2022
A simple Content Moderation System for Laravel 5.* that allows you to Approve or Reject resources like posts, comments, users, etc.

Laravel Moderation A simple Moderation System for Laravel 5.* that allows you to Approve or Reject resources like posts, comments, users, etc. Keep yo

Alex Kyriakidis 509 Dec 30, 2022
Native comments for your Laravel application.

Comments Comments is a Laravel package. With it you can easily implement native comments for your application. Overview This package can be used to co

Laravelista 626 Dec 30, 2022
Simplifies writing DocBlock comments in Javascript, PHP, CoffeeScript, Actionscript, C & C++

DocBlockr DocBlockr is a package for Sublime Text 2 & 3 which makes writing documentation a breeze. DocBlockr supports JavaScript (including ES6), PHP

Nick Fisher 3.1k Nov 25, 2022
An index of Laravel's cascading comments

Cascading Comments An index of Laravel's cascading comments. Visit the site at cascading-comments.sjorso.com. About This is a cascading comment: casca

Sjors Ottjes 4 Apr 28, 2022
A dead-simple comments package for Laravel.

A dead-simple comments package for Laravel. This package provides an incredibly simple comment system for your Laravel applications. If you're looking

Ryan Chandler 120 Dec 4, 2022
A super simple package allowing for use MySQL 'USE INDEX' and 'FORCE INDEX' statements.

Laravel MySQL Use Index Scope A super simple package allowing for use MySQL USE INDEX and FORCE INDEX statements. Requirements PHP ^7.4 | ^8.0 Laravel

Vasyl 29 Dec 27, 2022
PlayZ is an esport event organization and management website allowing the creation of tournaments on the most popular video games of the esport scene.

PlayZ the playz to play Table of Contents Description "What is Playz?" In one sentence PlayZ is "an esport event organization and management website a

Antoine Saunier 2 Dec 7, 2021
A simple package allowing for consistent API responses throughout your Laravel application

Laravel API Response Helpers A simple package allowing for consistent API responses throughout your Laravel application. Requirements PHP ^7.4 | ^8.0

F9 Web Ltd. 441 Jan 5, 2023
This is a plugin written in the PHP programming language and running on the PocketMine platform that works stably on the API 3.25.0 platform. It helps to liven up your server with Tags!

General This is a plugin written in the PHP programming language and running on the PocketMine platform that works stably on the API 3.25.0 platform.

Thành Nhân 4 Oct 21, 2021
GitScrum is a Project Management Tool, developed to help entrepreneurs, freelancers, managers, and teams Skyrocket their Productivity with the Agile methodology and Gamification.

What is GitScrum? GitScrum is a Project Management Tool, developed to help entrepreneurs, freelancers, managers, and teams Skyrocket their Productivit

GitScrum 2.8k Dec 29, 2022
Log executed Laravel SQL queries and their line number and more

A lightweight laravel package for logging executed SQL queries, line number and more

Md.Harun-Ur-Rashid 31 Dec 21, 2022
An Eloquent Way To Filter Laravel Models And Their Relationships

Eloquent Filter An Eloquent way to filter Eloquent Models and their relationships Introduction Lets say we want to return a list of users filtered by

Eric Tucker 1.5k Jan 7, 2023
An Eloquent Way To Filter Laravel Models And Their Relationships

Eloquent Filter An Eloquent way to filter Eloquent Models and their relationships Introduction Lets say we want to return a list of users filtered by

Eric Tucker 1.5k Dec 30, 2022
The Laravel.io Community Portal.

Laravel.io This is the repository for the Laravel.io community portal. The code is entirely open source and licensed under the MIT license. We welcome

Laravel.io 2.2k Dec 30, 2022
Determine the geographical location of website visitors based on their IP addresses.

GeoIP for Laravel Determine the geographical location and currency of website visitors based on their IP addresses. GeoIP for Laravel on Packagist Geo

Daniel Stainback 1.9k Jan 6, 2023
This package gives Eloquent models the ability to manage their friendships.

Laravel 5 Friendships This package gives Eloquent models the ability to manage their friendships. You can easily design a Facebook like Friend System.

Alex Kyriakidis 690 Nov 27, 2022
Simple address and contact management for Laravel with automatically geocoding to add longitude and latitude

Laravel Addresses Simple address and contact management for Laravel with automatically geocoding to add longitude and latitude. Installation Require t

Chantouch Sek 2 Apr 4, 2022
Easily add all the 58 Algerian Wilayas and its Dairas to your cool Laravel project (Migrations, Seeders and Models).

Laravel-Algereography Laravel-Algereography allows you to add Migrations, Seeders and Models of Algerian Wilayas and Dairas to your existing or new co

Hocine Saad 48 Nov 25, 2022