fix security issue / update deps

This commit is contained in:
Andrei Gavrilescu 2020-04-07 12:55:54 +03:00 committed by Saúl Ibarra Corretgé
parent 08d53c135e
commit 81d7aca4b2
10 changed files with 3833 additions and 2092 deletions

View File

@ -7,15 +7,6 @@ import type { Dispatch } from 'redux';
import { connect } from 'react-redux';
import { push } from 'react-router-redux';
import {
RemoteControl,
setupScreenSharingRender,
setupAlwaysOnTopRender,
initPopupsConfigurationRender,
setupWiFiStats,
setupPowerMonitorRender
} from 'jitsi-meet-electron-utils';
import config from '../../config';
import { setEmail, setName } from '../../settings';
@ -259,6 +250,15 @@ class Conference extends Component<Props, State> {
parentNode,
roomName: this._conference.room
});
const { RemoteControl,
setupScreenSharingRender,
setupAlwaysOnTopRender,
initPopupsConfigurationRender,
setupWiFiStats,
setupPowerMonitorRender
} = window.jitsiNodeAPI.jitsiMeetElectronUtils;
initPopupsConfigurationRender(this._api);
const iframe = this._api.getIFrame();

View File

@ -2,14 +2,13 @@
import { createStore } from 'redux';
import { persistReducer } from 'redux-persist';
import createElectronStorage from 'redux-persist-electron-storage';
import middleware from './middleware';
import reducers from './reducers';
const persistConfig = {
key: 'root',
storage: createElectronStorage(),
storage: window.jitsiNodeAPI.createElectronStorage(),
whitelist: [
'onboarding',
'recentList',

View File

@ -1,7 +1,5 @@
// @flow
import os from 'os';
import { getAvatarURL } from 'js-utils';
import {
@ -22,7 +20,7 @@ type State = {
startWithVideoMuted: boolean
};
const username = os.userInfo().username;
const username = window.jitsiNodeAPI.osUserInfo().username;
const DEFAULT_STATE = {
avatarURL: getAvatarURL({ id: username }),

View File

@ -2,7 +2,6 @@
// @flow
import { shell } from 'electron';
import config from '../config';
/**
@ -53,5 +52,5 @@ export function normalizeServerURL(url: string) {
* @returns {void}
*/
export function openExternalLink(link: string) {
shell.openExternal(link);
window.jitsiNodeAPI.shellOpenExternal(link);
}

13
app/preload/preload.js Normal file
View File

@ -0,0 +1,13 @@
const createElectronStorage = require('redux-persist-electron-storage');
const { shell } = require('electron');
const os = require('os');
const jitsiMeetElectronUtils = require('jitsi-meet-electron-utils');
window.jitsiNodeAPI = {
createElectronStorage,
osUserInfo: os.userInfo,
shellOpenExternal: shell.openExternal,
jitsiMeetElectronUtils
};

View File

@ -129,6 +129,9 @@ function createJitsiMeetWindow() {
});
// Options used when creating the main Jitsi Meet window.
// Use a preload script in order to provide node specific functionality
// to a isolated BrowserWindow in accordance with electron security
// guideline.
const options = {
x: windowState.x,
y: windowState.y,
@ -140,7 +143,8 @@ function createJitsiMeetWindow() {
show: false,
webPreferences: {
nativeWindowOpen: true,
nodeIntegration: true
nodeIntegration: false,
preload: path.resolve(basePath, './build/preload.js')
}
};
@ -192,7 +196,7 @@ app.on('activate', () => {
app.on('certificate-error',
// eslint-disable-next-line max-params
(event, webContents, url, error, certificate, callback) => {
if (url.startsWith('https://localhost')) {
if (isDev) {
event.preventDefault();
callback(true);
} else {

5809
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -88,14 +88,14 @@
"@atlaskit/spinner": "9.0.13",
"@atlaskit/theme": "7.0.1",
"@atlaskit/toggle": "5.0.14",
"electron-debug": "2.0.0",
"electron-is-dev": "1.0.1",
"electron-log": "2.2.17",
"electron-debug": "3.0.1",
"electron-is-dev": "1.2.0",
"electron-log": "4.1.1",
"electron-reload": "1.5.0",
"electron-store": "3.1.0",
"electron-updater": "4.0.6",
"electron-store": "5.1.1",
"electron-updater": "4.2.5",
"electron-window-state": "5.0.3",
"history": "4.7.2",
"history": "4.10.1",
"jitsi-meet-electron-utils": "github:jitsi/jitsi-meet-electron-utils#v2.0.1",
"js-utils": "github:jitsi/js-utils#0c53500a5120be2aa3fc590f0f932a0d4771920f",
"moment": "2.23.0",
@ -108,39 +108,39 @@
"redux-logger": "3.0.6",
"redux-persist": "5.10.0",
"redux-persist-electron-storage": "2.0.0",
"source-map-support": "0.5.9",
"source-map-support": "0.5.16",
"styled-components": "3.4.0"
},
"devDependencies": {
"@babel/core": "7.2.2",
"@babel/plugin-proposal-class-properties": "7.2.1",
"@babel/plugin-proposal-export-namespace-from": "7.2.0",
"@babel/plugin-transform-flow-strip-types": "7.2.0",
"@babel/preset-env": "7.2.0",
"@babel/preset-flow": "7.0.0",
"@babel/preset-react": "7.0.0",
"@babel/core": "7.9.0",
"@babel/plugin-proposal-class-properties": "7.8.3",
"@babel/plugin-proposal-export-namespace-from": "7.8.3",
"@babel/plugin-transform-flow-strip-types": "7.9.0",
"@babel/preset-env": "7.9.0",
"@babel/preset-flow": "7.9.0",
"@babel/preset-react": "7.9.4",
"babel-eslint": "10.0.3",
"babel-loader": "8.0.4",
"babel-plugin-inline-react-svg": "1.0.1",
"concurrently": "4.1.0",
"css-loader": "2.0.1",
"babel-loader": "8.1.0",
"babel-plugin-inline-react-svg": "1.1.1",
"concurrently": "5.1.0",
"css-loader": "3.5.0",
"devtron": "1.4.0",
"electron": "7.1.7",
"electron-builder": "22.4.0",
"electron": "8.2.1",
"electron-builder": "22.4.1",
"electron-react-devtools": "0.5.3",
"eslint": "6.5.1",
"eslint-config-jitsi": "github:jitsi/eslint-config-jitsi#1.0.2",
"eslint-plugin-flowtype": "4.3.0",
"eslint-plugin-import": "2.18.0",
"eslint-plugin-jsdoc": "15.11.1",
"eslint-plugin-react": "7.16.0",
"file-loader": "2.0.0",
"eslint-plugin-flowtype": "4.7.0",
"eslint-plugin-import": "2.20.2",
"eslint-plugin-jsdoc": "22.1.0",
"eslint-plugin-react": "7.19.0",
"file-loader": "6.0.0",
"flow-bin": "0.109.0",
"html-webpack-plugin": "3.2.0",
"html-webpack-plugin": "4.0.4",
"precommit-hook": "3.0.0",
"style-loader": "0.23.1",
"svg-inline-loader": "0.8.0",
"webpack": "4.27.1",
"webpack-cli": "3.1.2"
"style-loader": "1.1.3",
"svg-inline-loader": "0.8.2",
"webpack": "4.42.1",
"webpack-cli": "3.3.11"
}
}

View File

@ -2,7 +2,8 @@ const path = require('path');
module.exports = {
target: 'electron-main',
entry: { main: './main.js' },
entry: { main: './main.js',
preload: './app/preload/preload.js' },
output: {
path: path.resolve('./build'),
filename: '[name].js'

View File

@ -4,7 +4,9 @@ const HtmlWebpackPlugin = require('html-webpack-plugin');
const ELECTRON_VERSION = require('./package.json').devDependencies.electron;
module.exports = {
target: 'electron-renderer',
// The renderer code rus in BrowserWindow without node support so we must
// target a web platform.
target: 'web',
entry: { app: './app/index.js' },
plugins: [
new HtmlWebpackPlugin({